fde41616bce465b52bb01b0c42815be03daabc99
4129 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Greg Kroah-Hartman
|
fde41616bc |
Merge 4.14.113 into android-4.14
Changes in 4.14.113
ARC: u-boot args: check that magic number is correct
arc: hsdk_defconfig: Enable CONFIG_BLK_DEV_RAM
perf/core: Restore mmap record type correctly
ext4: add missing brelse() in add_new_gdb_meta_bg()
ext4: report real fs size after failed resize
ALSA: echoaudio: add a check for ioremap_nocache
ALSA: sb8: add a check for request_region
auxdisplay: hd44780: Fix memory leak on ->remove()
IB/mlx4: Fix race condition between catas error reset and aliasguid flows
mmc: davinci: remove extraneous __init annotation
ALSA: opl3: fix mismatch between snd_opl3_drum_switch definition and declaration
thermal/intel_powerclamp: fix __percpu declaration of worker_data
thermal: bcm2835: Fix crash in bcm2835_thermal_debugfs
thermal/int340x_thermal: Add additional UUIDs
thermal/int340x_thermal: fix mode setting
thermal/intel_powerclamp: fix truncated kthread name
scsi: iscsi: flush running unbind operations when removing a session
x86/mm: Don't leak kernel addresses
tools/power turbostat: return the exit status of a command
perf list: Don't forget to drop the reference to the allocated thread_map
perf config: Fix an error in the config template documentation
perf config: Fix a memory leak in collect_config()
perf build-id: Fix memory leak in print_sdt_events()
perf top: Fix error handling in cmd_top()
perf hist: Add missing map__put() in error case
perf evsel: Free evsel->counts in perf_evsel__exit()
perf tests: Fix a memory leak of cpu_map object in the openat_syscall_event_on_all_cpus test
perf tests: Fix memory leak by expr__find_other() in test__expr()
perf tests: Fix a memory leak in test__perf_evsel__tp_sched_test()
irqchip/mbigen: Don't clear eventid when freeing an MSI
x86/hpet: Prevent potential NULL pointer dereference
x86/cpu/cyrix: Use correct macros for Cyrix calls on Geode processors
drm/nouveau/debugfs: Fix check of pm_runtime_get_sync failure
iommu/vt-d: Check capability before disabling protected memory
x86/hw_breakpoints: Make default case in hw_breakpoint_arch_parse() return an error
fix incorrect error code mapping for OBJECTID_NOT_FOUND
ext4: prohibit fstrim in norecovery mode
gpio: pxa: handle corner case of unprobed device
rsi: improve kernel thread handling to fix kernel panic
9p: do not trust pdu content for stat item size
9p locks: add mount option for lock retry interval
f2fs: fix to do sanity check with current segment number
netfilter: xt_cgroup: shrink size of v2 path
serial: uartps: console_setup() can't be placed to init section
powerpc/pseries: Remove prrn_work workqueue
media: au0828: cannot kfree dev before usb disconnect
HID: i2c-hid: override HID descriptors for certain devices
ARM: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms
usbip: fix vhci_hcd controller counting
ACPI / SBS: Fix GPE storm on recent MacBookPro's
KVM: nVMX: restore host state in nested_vmx_vmexit for VMFail
compiler.h: update definition of unreachable()
cifs: fallback to older infolevels on findfirst queryinfo retry
kernel: hung_task.c: disable on suspend
crypto: sha256/arm - fix crash bug in Thumb2 build
crypto: sha512/arm - fix crash bug in Thumb2 build
iommu/dmar: Fix buffer overflow during PCI bus notification
soc/tegra: pmc: Drop locking from tegra_powergate_is_powered()
lkdtm: Print real addresses
lkdtm: Add tests for NULL pointer dereference
drm/panel: panel-innolux: set display off in innolux_panel_unprepare
crypto: axis - fix for recursive locking from bottom half
Revert "ACPI / EC: Remove old CLEAR_ON_RESUME quirk"
coresight: cpu-debug: Support for CA73 CPUs
drm/nouveau/volt/gf117: fix speedo readout register
ARM: 8839/1: kprobe: make patch_lock a raw_spinlock_t
drm/amdkfd: use init_mqd function to allocate object for hid_mqd (CI)
appletalk: Fix use-after-free in atalk_proc_exit
lib/div64.c: off by one in shift
include/linux/swap.h: use offsetof() instead of custom __swapoffset macro
bpf: fix use after free in bpf_evict_inode
dm: disable CRYPTO_TFM_REQ_MAY_SLEEP to fix a GFP_KERNEL recursion deadlock
bpf: reduce verifier memory consumption
bpf: fix verifier memory leaks
bpf: fix verifier NULL pointer dereference
bpf: fix stack state printing in verifier log
bpf: move {prev_,}insn_idx into verifier env
bpf: move tmp variable into ax register in interpreter
bpf: enable access to ax register also from verifier rewrite
bpf: restrict map value pointer arithmetic for unprivileged
bpf: restrict stack pointer arithmetic for unprivileged
bpf: restrict unknown scalars of mixed signed bounds for unprivileged
bpf: fix check_map_access smin_value test when pointer contains offset
bpf: prevent out of bounds speculation on pointer arithmetic
bpf: fix sanitation of alu op with pointer / scalar type from different paths
bpf: fix inner map masking to prevent oob under speculation
bpf: do not restore dst_reg when cur_state is freed
bpf: fix sanitation rewrite in case of non-pointers
bpf: Fix selftests are changes for CVE 2019-7308
net: stmmac: Set dma ring length before enabling the DMA
mm: hide incomplete nr_indirectly_reclaimable in sysfs
appletalk: Fix compile regression
Linux 4.14.113
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Pablo Neira Ayuso
|
edbcdafac3 |
netfilter: xt_cgroup: shrink size of v2 path
[ Upstream commit 0d704967f4a49cc2212350b3e4a8231f8b4283ed ] cgroup v2 path field is PATH_MAX which is too large, this is placing too much pressure on memory allocation for people with many rules doing cgroup v1 classid matching, side effects of this are bug reports like: https://bugzilla.kernel.org/show_bug.cgi?id=200639 This patch registers a new revision that shrinks the cgroup path to 512 bytes, which is the same approach we follow in similar extensions that have a path field. Cc: Tejun Heo <tj@kernel.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Acked-by: Tejun Heo <tj@kernel.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Mark Salyzyn
|
7401173366 |
Revert "ANDROID: input: keychord: Add keychord driver"
This reverts commit
|
||
|
Johannes Weiner
|
c6c21fac50 |
UPSTREAM: delayacct: track delays from thrashing cache pages
Delay accounting already measures the time a task spends in direct reclaim
and waiting for swapin, but in low memory situations tasks spend can spend
a significant amount of their time waiting on thrashing page cache. This
isn't tracked right now.
To know the full impact of memory contention on an individual task,
measure the delay when waiting for a recently evicted active cache page to
read back into memory.
Also update tools/accounting/getdelays.c:
[hannes@computer accounting]$ sudo ./getdelays -d -p 1
print delayacct stats ON
PID 1
CPU count real total virtual total delay total delay average
50318 745000000 847346785 400533713 0.008ms
IO count delay total delay average
435 122601218 0ms
SWAP count delay total delay average
0 0 0ms
RECLAIM count delay total delay average
0 0 0ms
THRASHING count delay total delay average
19 12621439 0ms
Link: http://lkml.kernel.org/r/20180828172258.3185-4-hannes@cmpxchg.org
Signed-off-by: Johannes Weiner <hannes@cmpxchg.org>
Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Tested-by: Daniel Drake <drake@endlessm.com>
Tested-by: Suren Baghdasaryan <surenb@google.com>
Cc: Christopher Lameter <cl@linux.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Johannes Weiner <jweiner@fb.com>
Cc: Mike Galbraith <efault@gmx.de>
Cc: Peter Enderborg <peter.enderborg@sony.com>
Cc: Randy Dunlap <rdunlap@infradead.org>
Cc: Shakeel Butt <shakeelb@google.com>
Cc: Tejun Heo <tj@kernel.org>
Cc: Vinayak Menon <vinmenon@codeaurora.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit b1d29ba82cf2bc784f4c963ddd6a2cf29e229b33)
Bug: 127712811
Test: lmkd in PSI mode
Change-Id: I259f693987cf04e6a52ee7e8accf55a17e0de005
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
|
||
|
Todd Kjos
|
5312a99c7a |
FROMGIT: binder: create node flag to request sender's security context
To allow servers to verify client identity, allow a node flag to be set that causes the sender's security context to be delivered with the transaction. The BR_TRANSACTION command is extended in BR_TRANSACTION_SEC_CTX to contain a pointer to the security context string. Signed-off-by: Todd Kjos <tkjos@google.com> Reviewed-by: Joel Fernandes (Google) <joel@joelfernandes.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> (cherry picked from commit ec74136ded792deed80780a2f8baf3521eeb72f9 https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master) Change-Id: I44496546e2d0dc0022f818a45cd52feb1c1a92cb Signed-off-by: Todd Kjos <tkjos@google.com> |
||
|
Greg Kroah-Hartman
|
0cc8f104f4 |
Merge 4.14.104 into android-4.14
Changes in 4.14.104
ARM: 8834/1: Fix: kprobes: optimized kprobes illegal instruction
tracing: Fix number of entries in trace header
MIPS: eBPF: Always return sign extended 32b values
mac80211: Restore vif beacon interval if start ap fails
mac80211: Free mpath object when rhashtable insertion fails
libceph: handle an empty authorize reply
ceph: avoid repeatedly adding inode to mdsc->snap_flush_list
numa: change get_mempolicy() to use nr_node_ids instead of MAX_NUMNODES
proc, oom: do not report alien mms when setting oom_score_adj
KEYS: allow reaching the keys quotas exactly
mfd: ti_am335x_tscadc: Use PLATFORM_DEVID_AUTO while registering mfd cells
pvcalls-back: set -ENOTCONN in pvcalls_conn_back_read
mfd: twl-core: Fix section annotations on {,un}protect_pm_master
mfd: db8500-prcmu: Fix some section annotations
mfd: mt6397: Do not call irq_domain_remove if PMIC unsupported
mfd: ab8500-core: Return zero in get_register_interruptible()
mfd: bd9571mwv: Add volatile register to make DVFS work
mfd: qcom_rpm: write fw_version to CTRL_REG
mfd: wm5110: Add missing ASRC rate register
mfd: tps65218: Use devm_regmap_add_irq_chip and clean up error path in probe()
mfd: mc13xxx: Fix a missing check of a register-read failure
xen/pvcalls: remove set but not used variable 'intf'
qed: Fix qed_chain_set_prod() for PBL chains with non power of 2 page count
qed: Fix qed_ll2_post_rx_buffer_notify_fw() by adding a write memory barrier
net: hns: Fix use after free identified by SLUB debug
MIPS: ath79: Enable OF serial ports in the default config
netfilter: nf_tables: fix leaking object reference count
scsi: qla4xxx: check return code of qla4xxx_copy_from_fwddb_param
scsi: isci: initialize shost fully before calling scsi_add_host()
MIPS: jazz: fix 64bit build
bpf: correctly set initial window on active Fast Open sender
net: stmmac: Fix PCI module removal leak
isdn: i4l: isdn_tty: Fix some concurrency double-free bugs
scsi: ufs: Fix system suspend status
scsi: qedi: Add ep_state for login completion on un-reachable targets
always clear the X2APIC_ENABLE bit for PV guest
drm/meson: add missing of_node_put
atm: he: fix sign-extension overflow on large shift
hwmon: (tmp421) Correct the misspelling of the tmp442 compatible attribute in OF device ID table
leds: lp5523: fix a missing check of return value of lp55xx_read
bpf: bpf_setsockopt: reset sock dst on SO_MARK changes
mlxsw: spectrum_switchdev: Do not treat static FDB entries as sticky
net/mlx5e: Fix wrong (zero) TX drop counter indication for representor
isdn: avm: Fix string plus integer warning from Clang
batman-adv: fix uninit-value in batadv_interface_tx()
ipv6: propagate genlmsg_reply return code
net/mlx5e: Don't overwrite pedit action when multiple pedit used
net/packet: fix 4gb buffer limit due to overflow check
net: sfp: do not probe SFP module before we're attached
sctp: call gso_reset_checksum when computing checksum in sctp_gso_segment
team: avoid complex list operations in team_nl_cmd_options_set()
sit: check if IPv6 enabled before calling ip6_err_gen_icmpv6_unreach()
net/mlx4_en: Force CHECKSUM_NONE for short ethernet frames
inet_diag: fix reporting cgroup classid and fallback to priority
RDMA/srp: Rework SCSI device reset handling
KEYS: user: Align the payload buffer
KEYS: always initialize keyring_index_key::desc_len
parisc: Fix ptrace syscall number modification
ARCv2: Enable unaligned access in early ASM code
ARC: U-boot: check arguments paranoidly
ARC: define ARCH_SLAB_MINALIGN = 8
drm/i915/fbdev: Actually configure untiled displays
net: validate untrusted gso packets without csum offload
net: avoid false positives in untrusted gso validation
Revert "bridge: do not add port to router list when receives query with source 0.0.0.0"
netfilter: nf_tables: fix flush after rule deletion in the same batch
netfilter: nft_compat: use-after-free when deleting targets
netfilter: ipv6: Don't preserve original oif for loopback address
pinctrl: max77620: Use define directive for max77620_pinconf_param values
phy: tegra: remove redundant self assignment of 'map'
sched/sysctl: Fix attributes of some extern declarations
net: phylink: avoid resolving link state too early
Linux 4.14.104
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Konstantin Khlebnikov
|
3daca16bdd |
inet_diag: fix reporting cgroup classid and fallback to priority
[ Upstream commit 1ec17dbd90f8b638f41ee650558609c1af63dfa0 ]
Field idiag_ext in struct inet_diag_req_v2 used as bitmap of requested
extensions has only 8 bits. Thus extensions starting from DCTCPINFO
cannot be requested directly. Some of them included into response
unconditionally or hook into some of lower 8 bits.
Extension INET_DIAG_CLASS_ID has not way to request from the beginning.
This patch bundle it with INET_DIAG_TCLASS (ipv6 tos), fixes space
reservation, and documents behavior for other extensions.
Also this patch adds fallback to reporting socket priority. This filed
is more widely used for traffic classification because ipv4 sockets
automatically maps TOS to priority and default qdisc pfifo_fast knows
about that. But priority could be changed via setsockopt SO_PRIORITY so
INET_DIAG_TOS isn't enough for predicting class.
Also cgroup2 obsoletes net_cls classid (it always zero), but we cannot
reuse this field for reporting cgroup2 id because it is 64-bit (ino+gen).
So, after this patch INET_DIAG_CLASS_ID will report socket priority
for most common setup when net_cls isn't set and/or cgroup2 in use.
Fixes:
|
||
|
Greg Kroah-Hartman
|
01709c953f |
Merge 4.14.102 into android-4.14
Changes in 4.14.102 dt-bindings: eeprom: at24: add "atmel,24c2048" compatible string eeprom: at24: add support for 24c2048 blk-mq: fix a hung issue when fsync uapi/if_ether.h: prevent redefinition of struct ethhdr ARM: 8789/1: signal: copy registers using __copy_to_user() ARM: 8790/1: signal: always use __copy_to_user to save iwmmxt context ARM: 8791/1: vfp: use __copy_to_user() when saving VFP state ARM: 8792/1: oabi-compat: copy oabi events using __copy_to_user() ARM: 8793/1: signal: replace __put_user_error with __put_user ARM: 8794/1: uaccess: Prevent speculative use of the current addr_limit ARM: 8795/1: spectre-v1.1: use put_user() for __put_user() ARM: 8796/1: spectre-v1,v1.1: provide helpers for address sanitization ARM: 8797/1: spectre-v1.1: harden __copy_to_user ARM: 8810/1: vfp: Fix wrong assignement to ufp_exc ARM: make lookup_processor_type() non-__init ARM: split out processor lookup ARM: clean up per-processor check_bugs method call ARM: add PROC_VTABLE and PROC_TABLE macros ARM: spectre-v2: per-CPU vtables to work around big.Little systems ARM: ensure that processor vtables is not lost after boot ARM: fix the cockup in the previous patch net: create skb_gso_validate_mac_len() bnx2x: disable GSO where gso_size is too big for hardware ACPI: NUMA: Use correct type for printing addresses on i386-PAE perf test shell: Use a fallback to get the pathname in vfs_getname cpufreq: check if policy is inactive early in __cpufreq_get() drm/bridge: tc358767: add defines for DP1_SRCCTRL & PHY_2LANE drm/bridge: tc358767: fix single lane configuration drm/bridge: tc358767: fix initial DP0/1_SRCCTRL value drm/bridge: tc358767: reject modes which require too much BW drm/bridge: tc358767: fix output H/V syncs nvme-pci: use the same attributes when freeing host_mem_desc_bufs. ARM: dts: da850-evm: Correct the sound card name ARM: dts: da850-lcdk: Correct the sound card name ARM: dts: kirkwood: Fix polarity of GPIO fan lines gpio: pl061: handle failed allocations drm/nouveau: Don't disable polling in fallback mode drm/nouveau/falcon: avoid touching registers if engine is off cifs: Limit memory used by lock request calls to a page Revert "Input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G" Input: elan_i2c - add ACPI ID for touchpad in Lenovo V330-15ISK perf/core: Fix impossible ring-buffer sizes warning perf/x86: Add check_period PMU callback ALSA: hda - Add quirk for HP EliteBook 840 G5 ALSA: usb-audio: Fix implicit fb endpoint setup by quirk kvm: vmx: Fix entry number check for add_atomic_switch_msr() Input: bma150 - register input device after setting private data Input: elantech - enable 3rd button support on Fujitsu CELSIUS H780 mm: proc: smaps_rollup: fix pss_locked calculation alpha: fix page fault handling for r16-r18 targets alpha: Fix Eiger NR_IRQS to 128 tracing/uprobes: Fix output for multiple string arguments x86/platform/UV: Use efi_runtime_lock to serialise BIOS calls signal: Restore the stop PTRACE_EVENT_EXIT md/raid1: don't clear bitmap bits on interrupted recovery. x86/a.out: Clear the dump structure initially dm crypt: don't overallocate the integrity tag space dm thin: fix bug where bio that overwrites thin block ignores FUA drm/i915: Prevent a race during I915_GEM_MMAP ioctl with WC set sched, trace: Fix prev_state output in sched_switch tracepoint futex: Cure exit race pinctrl: msm: fix gpio-hog related boot issues uapi/if_ether.h: move __UAPI_DEF_ETHHDR libc define Linux 4.14.102 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Hauke Mehrtens
|
ae4199db18 |
uapi/if_ether.h: move __UAPI_DEF_ETHHDR libc define
commit da360299b6734135a5f66d7db458dcc7801c826a upstream.
This fixes a compile problem of some user space applications by not
including linux/libc-compat.h in uapi/if_ether.h.
linux/libc-compat.h checks which "features" the header files, included
from the libc, provide to make the Linux kernel uapi header files only
provide no conflicting structures and enums. If a user application mixes
kernel headers and libc headers it could happen that linux/libc-compat.h
gets included too early where not all other libc headers are included
yet. Then the linux/libc-compat.h would not prevent all the
redefinitions and we run into compile problems.
This patch removes the include of linux/libc-compat.h from
uapi/if_ether.h to fix the recently introduced case, but not all as this
is more or less impossible.
It is no problem to do the check directly in the if_ether.h file and not
in libc-compat.h as this does not need any fancy glibc header detection
as glibc never provided struct ethhdr and should define
__UAPI_DEF_ETHHDR by them self when they will provide this.
The following test program did not compile correctly any more:
#include <linux/if_ether.h>
#include <netinet/in.h>
#include <linux/in.h>
int main(void)
{
return 0;
}
Fixes: 6926e041a892 ("uapi/if_ether.h: prevent redefinition of struct ethhdr")
Reported-by: Guillaume Nault <g.nault@alphalink.fr>
Cc: <stable@vger.kernel.org> # 4.15
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
Cc: Sudip Mukherjee <sudipm.mukherjee@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Hauke Mehrtens
|
03089bb1f4 |
uapi/if_ether.h: prevent redefinition of struct ethhdr
commit 6926e041a8920c8ec27e4e155efa760aa01551fd upstream. Musl provides its own ethhdr struct definition. Add a guard to prevent its definition of the appropriate musl header has already been included. glibc does not implement this header, but when glibc will implement this they can just define __UAPI_DEF_ETHHDR 0 to make it work with the kernel. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Linus Walleij <linus.walleij@linaro.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
da2880fa47 |
Merge 4.14.93 into android-4.14
Changes in 4.14.93
pinctrl: meson: fix pull enable register calculation
powerpc: Fix COFF zImage booting on old powermacs
powerpc/mm: Fix linux page tables build with some configs
HID: ite: Add USB id match for another ITE based keyboard rfkill key quirk
ARM: imx: update the cpu power up timing setting on i.mx6sx
ARM: dts: imx7d-nitrogen7: Fix the description of the Wifi clock
Input: restore EV_ABS ABS_RESERVED
checkstack.pl: fix for aarch64
xfrm: Fix error return code in xfrm_output_one()
xfrm: Fix bucket count reported to userspace
xfrm: Fix NULL pointer dereference in xfrm_input when skb_dst_force clears the dst_entry.
netfilter: seqadj: re-load tcp header pointer after possible head reallocation
scsi: bnx2fc: Fix NULL dereference in error handling
Input: omap-keypad - fix idle configuration to not block SoC idle states
Input: synaptics - enable RMI on ThinkPad T560
ibmvnic: Fix non-atomic memory allocation in IRQ context
ieee802154: ca8210: fix possible u8 overflow in ca8210_rx_done
x86/mm: Fix guard hole handling
x86/dump_pagetables: Fix LDT remap address marker
i40e: fix mac filter delete when setting mac address
netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel
netfilter: nat: can't use dst_hold on noref dst
bnx2x: Clear fip MAC when fcoe offload support is disabled
bnx2x: Remove configured vlans as part of unload sequence.
bnx2x: Send update-svid ramrod with retry/poll flags enabled
scsi: target: iscsi: cxgbit: fix csk leak
scsi: target: iscsi: cxgbit: add missing spin_lock_init()
x86, hyperv: remove PCI dependency
drivers: net: xgene: Remove unnecessary forward declarations
w90p910_ether: remove incorrect __init annotation
net: hns: Incorrect offset address used for some registers.
net: hns: All ports can not work when insmod hns ko after rmmod.
net: hns: Some registers use wrong address according to the datasheet.
net: hns: Fixed bug that netdev was opened twice
net: hns: Clean rx fbd when ae stopped.
net: hns: Free irq when exit from abnormal branch
net: hns: Avoid net reset caused by pause frames storm
net: hns: Fix ntuple-filters status error.
net: hns: Add mac pcs config when enable|disable mac
net: hns: Fix ping failed when use net bridge and send multicast
SUNRPC: Fix a race with XPRT_CONNECTING
qed: Fix an error code qed_ll2_start_xmit()
net: macb: fix random memory corruption on RX with 64-bit DMA
net: macb: fix dropped RX frames due to a race
lan78xx: Resolve issue with changing MAC address
vxge: ensure data0 is initialized in when fetching firmware version information
mac80211: free skb fraglist before freeing the skb
kbuild: fix false positive warning/error about missing libelf
virtio: fix test build after uio.h change
gpio: mvebu: only fail on missing clk if pwm is actually to be used
Input: synaptics - enable SMBus for HP EliteBook 840 G4
net: netxen: fix a missing check and an uninitialized use
qmi_wwan: Fix qmap header retrieval in qmimux_rx_fixup
serial/sunsu: fix refcount leak
scsi: zfcp: fix posting too many status read buffers leading to adapter shutdown
scsi: lpfc: do not set queue->page_count to 0 if pc_sli4_params.wqpcnt is invalid
genirq/affinity: Don't return with empty affinity masks on error
tools: fix cross-compile var clobbering
fork: record start_time late
zram: fix double free backing device
hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined
mm, devm_memremap_pages: mark devm_memremap_pages() EXPORT_SYMBOL_GPL
mm, devm_memremap_pages: kill mapping "System RAM" support
mm, hmm: use devm semantics for hmm_devmem_{add, remove}
mm, hmm: mark hmm_devmem_{add, add_resource} EXPORT_SYMBOL_GPL
mm, swap: fix swapoff with KSM pages
sunrpc: fix cache_head leak due to queued request
sunrpc: use SVC_NET() in svcauth_gss_* functions
powerpc: avoid -mno-sched-epilog on GCC 4.9 and newer
powerpc: Disable -Wbuiltin-requires-header when setjmp is used
ftrace: Build with CPPFLAGS to get -Qunused-arguments
md: raid10: remove VLAIS
kbuild: add -no-integrated-as Clang option unconditionally
kbuild: consolidate Clang compiler flags
Makefile: Export clang toolchain variables
powerpc/boot: Set target when cross-compiling for clang
raid6/ppc: Fix build for clang
vhost/vsock: fix uninitialized vhost_vsock->guest_cid
dm verity: fix crash on bufio buffer that was allocated with vmalloc
dm zoned: Fix target BIO completion handling
ALSA: cs46xx: Potential NULL dereference in probe
ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit()
ALSA: usb-audio: Fix an out-of-bound read in create_composite_quirks
dlm: fixed memory leaks after failed ls_remove_names allocation
dlm: possible memory leak on error path in create_lkb()
dlm: lost put_lkb on error path in receive_convert() and receive_unlock()
dlm: memory leaks on error path in dlm_user_request()
gfs2: Get rid of potential double-freeing in gfs2_create_inode
gfs2: Fix loop in gfs2_rbm_find
b43: Fix error in cordic routine
selinux: policydb - fix byte order and alignment issues
lockd: Show pid of lockd for remote locks
scripts/kallsyms: filter arm64's __efistub_ symbols
arm64: drop linker script hack to hide __efistub_ symbols
arm64: relocatable: fix inconsistencies in linker script and options
powerpc/tm: Set MSR[TS] just prior to recheckpoint
9p/net: put a lower bound on msize
rxe: fix error completion wr_id and qp_num
iommu/vt-d: Handle domain agaw being less than iommu agaw
sched/fair: Fix infinite loop in update_blocked_averages() by reverting
|
||
|
Peter Hutterer
|
9940eeaa99 |
Input: restore EV_ABS ABS_RESERVED
[ Upstream commit c201e3808e0e4be9b98d192802085a9f491bd80c ] ABS_RESERVED was added in d9ca1c990a7 and accidentally removed as part of ffe0e7cf290f5c9 when the high-resolution scrolling code was removed. Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net> Reviewed-by: Martin Kepplinger <martin.kepplinger@ginzinger.com> Acked-by: Benjamin Tissoires <benjamin.tissoires@redhat.com> Acked-by: Dmitry Torokhov <dmitry.torokhov@gmail.com> Signed-off-by: Benjamin Tissoires <benjamin.tissoires@redhat.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Joel Fernandes
|
2eaa69bd84 |
BACKPORT: mm: Add an F_SEAL_FUTURE_WRITE seal to memfd
Android uses ashmem for sharing memory regions. We are looking forward to migrating all usecases of ashmem to memfd so that we can possibly remove the ashmem driver in the future from staging while also benefiting from using memfd and contributing to it. Note staging drivers are also not ABI and generally can be removed at anytime. One of the main usecases Android has is the ability to create a region and mmap it as writeable, then add protection against making any "future" writes while keeping the existing already mmap'ed writeable-region active. This allows us to implement a usecase where receivers of the shared memory buffer can get a read-only view, while the sender continues to write to the buffer. See CursorWindow documentation in Android for more details: https://developer.android.com/reference/android/database/CursorWindow This usecase cannot be implemented with the existing F_SEAL_WRITE seal. To support the usecase, this patch adds a new F_SEAL_FUTURE_WRITE seal which prevents any future mmap and write syscalls from succeeding while keeping the existing mmap active. Verified with test program at: https://lore.kernel.org/patchwork/patch/1008117/ Backport link: https://lore.kernel.org/patchwork/patch/1014892/ Bug: 113362644 Change-Id: If7424db3b64372932d455f0219cd9df613fec1d4 Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org> Signed-off-by: Joel Fernandes <joelaf@google.com> |
||
|
Eric Biggers
|
34ed7fcd93 |
BACKPORT, FROMGIT: fscrypt: add Adiantum support
Add support for the Adiantum encryption mode to fscrypt. Adiantum is a tweakable, length-preserving encryption mode with security provably reducible to that of XChaCha12 and AES-256, subject to a security bound. It's also a true wide-block mode, unlike XTS. See the paper "Adiantum: length-preserving encryption for entry-level processors" (https://eprint.iacr.org/2018/720.pdf) for more details. Also see commit 059c2a4d8e16 ("crypto: adiantum - add Adiantum support"). On sufficiently long messages, Adiantum's bottlenecks are XChaCha12 and the NH hash function. These algorithms are fast even on processors without dedicated crypto instructions. Adiantum makes it feasible to enable storage encryption on low-end mobile devices that lack AES instructions; currently such devices are unencrypted. On ARM Cortex-A7, on 4096-byte messages Adiantum encryption is about 4 times faster than AES-256-XTS encryption; decryption is about 5 times faster. In fscrypt, Adiantum is suitable for encrypting both file contents and names. With filenames, it fixes a known weakness: when two filenames in a directory share a common prefix of >= 16 bytes, with CTS-CBC their encrypted filenames share a common prefix too, leaking information. Adiantum does not have this problem. Since Adiantum also accepts long tweaks (IVs), it's also safe to use the master key directly for Adiantum encryption rather than deriving per-file keys, provided that the per-file nonce is included in the IVs and the master key isn't used for any other encryption mode. This configuration saves memory and improves performance. A new fscrypt policy flag is added to allow users to opt-in to this configuration. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu> (cherry picked from commit 889645b87e96cecbdf7d76ab86447d1f1c6b41d3 https://git.kernel.org/pub/scm/linux/kernel/git/tytso/fscrypt.git master) Conflicts: Documentation/filesystems/fscrypt.rst include/uapi/linux/fs.h Bug: 112008522 Test: For regression testing, built the kernel for x86_64 KVM and ran the encryption xfstests using kvm-xfstests: kvm-xfstests -c ext4,f2fs -g encrypt Tests for the Adiantum mode and "direct key" specifically aren't yet included in xfstests, but I also tried it manually with the following (run in the kvm-xfstests test appliance): cd / umount /vdc &> /dev/null mkfs.f2fs -O encrypt -f /dev/vdc mount /vdc cd /vdc rm -rf edir mkdir edir . ~/xfstests/common/encrypt KEYCTL_PROG=keyctl FSTYP=fscrypt _new_session_keyring k=$(_generate_encryption_key) xfs_io -c "set_encpolicy -c 9 -n 9 -f 0x4 $k" edir/ cp -a /usr edir/ diff -r /usr edir/usr/ dmesg should show that Adiantum is being used: fscrypt: Adiantum using implementation "adiantum(xchacha12-generic,aes-aesni,nhpoly1305-generic)" Change-Id: I29ffaa7ef9cbd23d2f6ed428814c607227241ce9 Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
|
Greg Kroah-Hartman
|
d142f569a1 |
Merge 4.14.86 into android-4.14
Changes in 4.14.86
mm/huge_memory: rename freeze_page() to unmap_page()
mm/huge_memory.c: reorder operations in __split_huge_page_tail()
mm/huge_memory: splitting set mapping+index before unfreeze
mm/huge_memory: fix lockdep complaint on 32-bit i_size_read()
mm/khugepaged: collapse_shmem() stop if punched or truncated
mm/khugepaged: fix crashes due to misaccounted holes
mm/khugepaged: collapse_shmem() remember to clear holes
mm/khugepaged: minor reorderings in collapse_shmem()
mm/khugepaged: collapse_shmem() without freezing new_page
mm/khugepaged: collapse_shmem() do not crash on Compound
media: em28xx: Fix use-after-free when disconnecting
ubi: Initialize Fastmap checkmapping correctly
libceph: store ceph_auth_handshake pointer in ceph_connection
libceph: factor out __prepare_write_connect()
libceph: factor out __ceph_x_decrypt()
libceph: factor out encrypt_authorizer()
libceph: add authorizer challenge
libceph: implement CEPHX_V2 calculation mode
bpf: Prevent memory disambiguation attack
tls: Add function to update the TLS socket configuration
tls: Fix TLS ulp context leak, when TLS_TX setsockopt is not used.
tls: Avoid copying crypto_info again after cipher_type check.
tls: don't override sk_write_space if tls_set_sw_offload fails.
tls: Use correct sk->sk_prot for IPV6
net/tls: Fixed return value when tls_complete_pending_work() fails
wil6210: missing length check in wmi_set_ie
btrfs: validate type when reading a chunk
btrfs: Verify that every chunk has corresponding block group at mount time
btrfs: Refactor check_leaf function for later expansion
btrfs: Check if item pointer overlaps with the item itself
btrfs: Add sanity check for EXTENT_DATA when reading out leaf
btrfs: Add checker for EXTENT_CSUM
btrfs: Move leaf and node validation checker to tree-checker.c
btrfs: tree-checker: Enhance btrfs_check_node output
btrfs: tree-checker: Fix false panic for sanity test
btrfs: tree-checker: Add checker for dir item
btrfs: tree-checker: use %zu format string for size_t
btrfs: tree-check: reduce stack consumption in check_dir_item
btrfs: tree-checker: Verify block_group_item
btrfs: tree-checker: Detect invalid and empty essential trees
btrfs: Check that each block group has corresponding chunk at mount time
btrfs: tree-checker: Check level for leaves and nodes
btrfs: tree-checker: Fix misleading group system information
f2fs: check blkaddr more accuratly before issue a bio
f2fs: sanity check on sit entry
f2fs: enhance sanity_check_raw_super() to avoid potential overflow
f2fs: clean up with is_valid_blkaddr()
f2fs: introduce and spread verify_blkaddr
f2fs: fix to do sanity check with secs_per_zone
f2fs: Add sanity_check_inode() function
f2fs: fix to do sanity check with extra_attr feature
f2fs: fix to do sanity check with user_block_count
f2fs: fix to do sanity check with node footer and iblocks
f2fs: fix to do sanity check with block address in main area
f2fs: fix to do sanity check with i_extra_isize
f2fs: fix to do sanity check with cp_pack_start_sum
xfs: don't fail when converting shortform attr to long form during ATTR_REPLACE
Revert "wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout()"
net: skb_scrub_packet(): Scrub offload_fwd_mark
net: thunderx: set xdp_prog to NULL if bpf_prog_add fails
virtio-net: disable guest csum during XDP set
virtio-net: fail XDP set if guest csum is negotiated
net: thunderx: set tso_hdrs pointer to NULL in nicvf_free_snd_queue
packet: copy user buffers before orphan or clone
rapidio/rionet: do not free skb before reading its length
s390/qeth: fix length check in SNMP processing
usbnet: ipheth: fix potential recvmsg bug and recvmsg bug 2
sched/core: Fix cpu.max vs. cpuhotplug deadlock
x86/bugs: Add AMD's variant of SSB_NO
x86/bugs: Add AMD's SPEC_CTRL MSR usage
x86/bugs: Switch the selection of mitigation from CPU vendor to CPU features
x86/bugs: Update when to check for the LS_CFG SSBD mitigation
x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL MSR
x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation
x86/speculation: Apply IBPB more strictly to avoid cross-process data leak
x86/speculation: Propagate information about RSB filling mitigation to sysfs
x86/speculation: Add RETPOLINE_AMD support to the inline asm CALL_NOSPEC variant
x86/retpoline: Make CONFIG_RETPOLINE depend on compiler support
x86/retpoline: Remove minimal retpoline support
x86/speculation: Update the TIF_SSBD comment
x86/speculation: Clean up spectre_v2_parse_cmdline()
x86/speculation: Remove unnecessary ret variable in cpu_show_common()
x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common()
x86/speculation: Disable STIBP when enhanced IBRS is in use
x86/speculation: Rename SSBD update functions
x86/speculation: Reorganize speculation control MSRs update
sched/smt: Make sched_smt_present track topology
x86/Kconfig: Select SCHED_SMT if SMP enabled
sched/smt: Expose sched_smt_present static key
x86/speculation: Rework SMT state change
x86/l1tf: Show actual SMT state
x86/speculation: Reorder the spec_v2 code
x86/speculation: Mark string arrays const correctly
x86/speculataion: Mark command line parser data __initdata
x86/speculation: Unify conditional spectre v2 print functions
x86/speculation: Add command line control for indirect branch speculation
x86/speculation: Prepare for per task indirect branch speculation control
x86/process: Consolidate and simplify switch_to_xtra() code
x86/speculation: Avoid __switch_to_xtra() calls
x86/speculation: Prepare for conditional IBPB in switch_mm()
ptrace: Remove unused ptrace_may_access_sched() and MODE_IBRS
x86/speculation: Split out TIF update
x86/speculation: Prevent stale SPEC_CTRL msr content
x86/speculation: Prepare arch_smt_update() for PRCTL mode
x86/speculation: Add prctl() control for indirect branch speculation
x86/speculation: Enable prctl mode for spectre_v2_user
x86/speculation: Add seccomp Spectre v2 user space protection mode
x86/speculation: Provide IBPB always command line options
kvm: mmu: Fix race in emulated page table writes
kvm: svm: Ensure an IBPB on all affected CPUs when freeing a vmcb
KVM: x86: Fix kernel info-leak in KVM_HC_CLOCK_PAIRING hypercall
KVM: X86: Fix scan ioapic use-before-initialization
xtensa: enable coprocessors that are being flushed
xtensa: fix coprocessor context offset definitions
xtensa: fix coprocessor part of ptrace_{get,set}xregs
Btrfs: ensure path name is null terminated at btrfs_control_ioctl
btrfs: relocation: set trans to be NULL after ending transaction
PCI: layerscape: Fix wrong invocation of outbound window disable accessor
arm64: dts: rockchip: Fix PCIe reset polarity for rk3399-puma-haikou.
x86/MCE/AMD: Fix the thresholding machinery initialization order
x86/fpu: Disable bottom halves while loading FPU registers
perf/x86/intel: Move branch tracing setup to the Intel-specific source file
perf/x86/intel: Add generic branch tracing check to intel_pmu_has_bts()
fs: fix lost error code in dio_complete
ALSA: wss: Fix invalid snd_free_pages() at error path
ALSA: ac97: Fix incorrect bit shift at AC97-SPSA control write
ALSA: control: Fix race between adding and removing a user element
ALSA: sparc: Fix invalid snd_free_pages() at error path
ALSA: hda/realtek - Support ALC300
ALSA: hda/realtek - fix headset mic detection for MSI MS-B171
ext2: fix potential use after free
ARM: dts: rockchip: Remove @0 from the veyron memory node
dmaengine: at_hdmac: fix memory leak in at_dma_xlate()
dmaengine: at_hdmac: fix module unloading
btrfs: release metadata before running delayed refs
staging: vchiq_arm: fix compat VCHIQ_IOC_AWAIT_COMPLETION
staging: rtl8723bs: Add missing return for cfg80211_rtw_get_station
USB: usb-storage: Add new IDs to ums-realtek
usb: core: quirks: add RESET_RESUME quirk for Cherry G230 Stream series
Revert "usb: dwc3: gadget: skip Set/Clear Halt when invalid"
iio:st_magn: Fix enable device after trigger
lib/test_kmod.c: fix rmmod double free
mm: use swp_offset as key in shmem_replace_page()
Drivers: hv: vmbus: check the creation_status in vmbus_establish_gpadl()
misc: mic/scif: fix copy-paste error in scif_create_remote_lookup
binder: fix race that allows malicious free of live buffer
libceph: weaken sizeof check in ceph_x_verify_authorizer_reply()
libceph: check authorizer reply/challenge length before reading
f2fs: fix missing up_read
Linux 4.14.86
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Thomas Gleixner
|
6a847a6057 |
x86/speculation: Add prctl() control for indirect branch speculation
commit 9137bb27e60e554dab694eafa4cca241fa3a694f upstream Add the PR_SPEC_INDIRECT_BRANCH option for the PR_GET_SPECULATION_CTRL and PR_SET_SPECULATION_CTRL prctls to allow fine grained per task control of indirect branch speculation via STIBP and IBPB. Invocations: Check indirect branch speculation status with - prctl(PR_GET_SPECULATION_CTRL, PR_SPEC_INDIRECT_BRANCH, 0, 0, 0); Enable indirect branch speculation with - prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_INDIRECT_BRANCH, PR_SPEC_ENABLE, 0, 0); Disable indirect branch speculation with - prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_INDIRECT_BRANCH, PR_SPEC_DISABLE, 0, 0); Force disable indirect branch speculation with - prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_INDIRECT_BRANCH, PR_SPEC_FORCE_DISABLE, 0, 0); See Documentation/userspace-api/spec_ctrl.rst. Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Ingo Molnar <mingo@kernel.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Andy Lutomirski <luto@kernel.org> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Jiri Kosina <jkosina@suse.cz> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Josh Poimboeuf <jpoimboe@redhat.com> Cc: Andrea Arcangeli <aarcange@redhat.com> Cc: David Woodhouse <dwmw@amazon.co.uk> Cc: Andi Kleen <ak@linux.intel.com> Cc: Dave Hansen <dave.hansen@intel.com> Cc: Casey Schaufler <casey.schaufler@intel.com> Cc: Asit Mallick <asit.k.mallick@intel.com> Cc: Arjan van de Ven <arjan@linux.intel.com> Cc: Jon Masters <jcm@redhat.com> Cc: Waiman Long <longman9394@gmail.com> Cc: Greg KH <gregkh@linuxfoundation.org> Cc: Dave Stewart <david.c.stewart@intel.com> Cc: Kees Cook <keescook@chromium.org> Cc: stable@vger.kernel.org Link: https://lkml.kernel.org/r/20181125185005.866780996@linutronix.de Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Qu Wenruo
|
fa5d29e6d7 |
btrfs: Add sanity check for EXTENT_DATA when reading out leaf
commit 40c3c40947324d9f40bf47830c92c59a9bbadf4a upstream. Add extra checks for item with EXTENT_DATA type. This checks the following thing: 0) Key offset All key offsets must be aligned to sectorsize. Inline extent must have 0 for key offset. 1) Item size Uncompressed inline file extent size must match item size. (Compressed inline file extent has no information about its on-disk size.) Regular/preallocated file extent size must be a fixed value. 2) Every member of regular file extent item Including alignment for bytenr and offset, possible value for compression/encryption/type. 3) Type/compression/encode must be one of the valid values. This should be the most comprehensive and strict check in the context of btrfs_item for EXTENT_DATA. Signed-off-by: Qu Wenruo <quwenruo.btrfs@gmx.com> Reviewed-by: Nikolay Borisov <nborisov@suse.com> Reviewed-by: David Sterba <dsterba@suse.com> [ switch to BTRFS_FILE_EXTENT_TYPES, similar to what BTRFS_COMPRESS_TYPES does ] Signed-off-by: David Sterba <dsterba@suse.com> Signed-off-by: Ben Hutchings <ben.hutchings@codethink.co.uk> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
ea91d158d7 |
Merge 4.14.83 into android-4.14
Changes in 4.14.83 flow_dissector: do not dissect l4 ports for fragments ibmvnic: fix accelerated VLAN handling ip_tunnel: don't force DF when MTU is locked ipv6: Fix PMTU updates for UDP/raw sockets in presence of VRF net-gro: reset skb->pkt_type in napi_reuse_skb() sctp: not allow to set asoc prsctp_enable by sockopt tg3: Add PHY reset for 5717/5719/5720 in change ring and flow control paths tuntap: fix multiqueue rx net: systemport: Protect stop from timeout net: qualcomm: rmnet: Fix incorrect assignment of real_dev net: dsa: microchip: initialize mutex before use sctp: fix strchange_flags name for Stream Change Event net: phy: mdio-gpio: Fix working over slow can_sleep GPIOs sctp: not increase stream's incnt before sending addstrm_in request mlxsw: spectrum: Fix IP2ME CPU policer configuration net: smsc95xx: Fix MTU range usbnet: smsc95xx: disable carrier check while suspending inet: frags: better deal with smp races Revert "x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation" ARM: dts: r8a7791: Correct critical CPU temperature ARM: dts: r8a7793: Correct critical CPU temperature Linux 4.14.83 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Xin Long
|
56782f5353 |
sctp: fix strchange_flags name for Stream Change Event
[ Upstream commit fd82d61ba142f0b83463e47064bf5460aac57b6e ]
As defined in rfc6525#section-6.1.3, SCTP_STREAM_CHANGE_DENIED
and SCTP_STREAM_CHANGE_FAILED should be used instead of
SCTP_ASSOC_CHANGE_DENIED and SCTP_ASSOC_CHANGE_FAILED.
To keep the compatibility, fix it by adding two macros.
Fixes:
|
||
|
Greg Kroah-Hartman
|
4e76528bd4 |
Merge 4.14.81 into android-4.14
Changes in 4.14.81
mtd: spi-nor: fsl-quadspi: fix read error for flash size larger than 16MB
spi: bcm-qspi: switch back to reading flash using smaller chunks
bcache: trace missed reading by cache_missed
bcache: fix miss key refill->end in writeback
hwmon: (pmbus) Fix page count auto-detection.
jffs2: free jffs2_sb_info through jffs2_kill_sb()
cpufreq: conservative: Take limits changes into account properly
pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges
ipmi: Fix timer race with module unload
parisc: Fix address in HPMC IVA
parisc: Fix map_pages() to not overwrite existing pte entries
parisc: Fix exported address of os_hpmc handler
ALSA: hda - Add quirk for ASUS G751 laptop
ALSA: hda - Fix headphone pin config for ASUS G751
ALSA: hda/realtek - Fix the problem of the front MIC on the Lenovo M715
ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905)
ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops
x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation
x86/xen: Fix boot loader version reported for PVH guests
x86/corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided
x86/mm/pat: Disable preemption around __flush_tlb_all()
x86/speculation: Support Enhanced IBRS on future CPUs
ARM: dts: exynos: Disable pull control for MAX8997 interrupts on Origen
bpf: do not blindly change rlimit in reuseport net selftest
Revert "perf tools: Fix PMU term format max value calculation"
xfrm: policy: use hlist rcu variants on insert
perf vendor events intel: Fix wrong filter_band* values for uncore events
sparc: Fix single-pcr perf event counter management.
sparc: Throttle perf events properly.
sparc64: Make proc_id signed.
sched/fair: Fix the min_vruntime update logic in dequeue_entity()
perf tools: Fix use of alternatives to find JDIR
perf cpu_map: Align cpu map synthesized events properly.
x86/fpu: Remove second definition of fpu in __fpu__restore_sig()
net: qla3xxx: Remove overflowing shift statement
selftests: ftrace: Add synthetic event syntax testcase
i2c: rcar: cleanup DMA for all kinds of failure
locking/lockdep: Fix debug_locks off performance problem
ataflop: fix error handling during setup
swim: fix cleanup on setup error
nfp: devlink port split support for 1x100G CXP NIC
tun: Consistently configure generic netdev params via rtnetlink
s390/sthyi: Fix machine name validity indication
hwmon: (pwm-fan) Set fan speed to 0 on suspend
lightnvm: pblk: fix two sleep-in-atomic-context bugs
spi: spi-ep93xx: Use dma_data_direction for ep93xx_spi_dma_{finish,prepare}
perf tools: Free temporary 'sys' string in read_event_files()
perf tools: Cleanup trace-event-info 'tdata' leak
perf strbuf: Match va_{add,copy} with va_end
cpupower: Fix coredump on VMWare
mmc: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01
iwlwifi: pcie: avoid empty free RB queue
iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface
x86/olpc: Indicate that legacy PC XO-1 platform should not register RTC
ACPI / processor: Fix the return value of acpi_processor_ids_walk()
cpufreq: dt: Try freeing static OPPs only if we have added them
mtd: rawnand: atmel: Fix potential NULL pointer dereference
signal: Introduce COMPAT_SIGMINSTKSZ for use in compat_sys_sigaltstack
Bluetooth: btbcm: Add entry for BCM4335C0 UART bluetooth
x86: boot: Fix EFI stub alignment
pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux
brcmfmac: fix for proper support of 160MHz bandwidth
net: phy: phylink: ensure the carrier is off when starting phylink
block, bfq: correctly charge and reset entity service in all cases
kprobes: Return error if we fail to reuse kprobe instead of BUG_ON()
ACPI / LPSS: Add alternative ACPI HIDs for Cherry Trail DMA controllers
pinctrl: qcom: spmi-mpp: Fix drive strength setting
pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant
pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant
net: dsa: mv88e6xxx: Fix writing to a PHY page.
iwlwifi: mvm: fix BAR seq ctrl reporting
ixgbevf: VF2VF TCP RSS
ath10k: schedule hardware restart if WMI command times out
thermal: da9062/61: Prevent hardware access during system suspend
cgroup, netclassid: add a preemption point to write_classid
scsi: esp_scsi: Track residual for PIO transfers
UAPI: ndctl: Fix g++-unsupported initialisation in headers
KVM: nVMX: Clear reserved bits of #DB exit qualification
scsi: megaraid_sas: fix a missing-check bug
RDMA/core: Do not expose unsupported counters
IB/ipoib: Clear IPCB before icmp_send
RDMA/bnxt_re: Fix recursive lock warning in debug kernel
usb: host: ohci-at91: fix request of irq for optional gpio
PCI: mediatek: Fix mtk_pcie_find_port() endpoint/port matching logic
tpm: suppress transmit cmd error logs when TPM 1.2 is disabled/deactivated
Drivers: hv: vmbus: Use cpumask_var_t for on-stack cpu mask
VMCI: Resource wildcard match fixed
PCI / ACPI: Enable wake automatically for power managed bridges
usb: gadget: udc: atmel: handle at91sam9rl PMC
ext4: fix argument checking in EXT4_IOC_MOVE_EXT
MD: fix invalid stored role for a disk
f2fs: fix to recover inode's i_flags during POR
PCI/MSI: Warn and return error if driver enables MSI/MSI-X twice
coresight: etb10: Fix handling of perf mode
PCI: dwc: pci-dra7xx: Enable errata i870 for both EP and RC mode
crypto: caam - fix implicit casts in endianness helpers
usb: chipidea: Prevent unbalanced IRQ disable
driver/dma/ioat: Call del_timer_sync() without holding prep_lock
uio: ensure class is registered before devices
scsi: lpfc: Correct soft lockup when running mds diagnostics
scsi: lpfc: Correct race with abort on completion path
f2fs: report error if quota off error during umount
signal: Always deliver the kernel's SIGKILL and SIGSTOP to a pid namespace init
mfd: menelaus: Fix possible race condition and leak
dmaengine: dma-jz4780: Return error if not probed from DT
IB/rxe: fix for duplicate request processing and ack psns
ALSA: hda: Check the non-cached stream buffers more explicitly
cpupower: Fix AMD Family 0x17 msr_pstate size
Revert "f2fs: fix to clear PG_checked flag in set_page_dirty()"
f2fs: fix to account IO correctly
ARM: dts: exynos: Remove "cooling-{min|max}-level" for CPU nodes
arm: dts: exynos: Add missing cooling device properties for CPUs
ARM: dts: exynos: Convert exynos5250.dtsi to opp-v2 bindings
ARM: dts: exynos: Mark 1 GHz CPU OPP as suspend OPP on Exynos5250
xen-swiotlb: use actually allocated size on check physical continuous
tpm: Restore functionality to xen vtpm driver.
xen/blkfront: avoid NULL blkfront_info dereference on device removal
xen/balloon: Support xend-based toolstack
xen: fix race in xen_qlock_wait()
xen: make xen_qlock_wait() nestable
xen/pvh: increase early stack size
xen/pvh: don't try to unplug emulated devices
libertas: don't set URB_ZERO_PACKET on IN USB transfer
usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten
usb: gadget: udc: renesas_usb3: Fix b-device mode for "workaround"
iwlwifi: mvm: check return value of rs_rate_from_ucode_rate()
net/ipv4: defensive cipso option parsing
dmaengine: ppc4xx: fix off-by-one build failure
dmaengine: stm32-dma: fix incomplete configuration in cyclic mode
libnvdimm: Hold reference on parent while scheduling async init
libnvdimm, region: Fail badblocks listing for inactive regions
ASoC: intel: skylake: Add missing break in skl_tplg_get_token()
IB/mlx5: Fix MR cache initialization
jbd2: fix use after free in jbd2_log_do_checkpoint()
gfs2_meta: ->mount() can get NULL dev_name
ext4: initialize retries variable in ext4_da_write_inline_data_begin()
ext4: fix setattr project check in fssetxattr ioctl
ext4: propagate error from dquot_initialize() in EXT4_IOC_FSSETXATTR
ext4: fix use-after-free race in ext4_remount()'s error path
HID: hiddev: fix potential Spectre v1
EDAC, amd64: Add Family 17h, models 10h-2fh support
EDAC, {i7core,sb,skx}_edac: Fix uncorrected error counting
EDAC, skx_edac: Fix logical channel intermediate decoding
ARM: dts: dra7: Fix up unaligned access setting for PCIe EP
PCI/ASPM: Fix link_state teardown on device removal
PCI: Add Device IDs for Intel GPU "spurious interrupt" quirk
PCI: vmd: White list for fast interrupt handlers
signal/GenWQE: Fix sending of SIGKILL
signal: Guard against negative signal numbers in copy_siginfo_from_user32
crypto: lrw - Fix out-of bounds access on counter overflow
crypto: tcrypt - fix ghash-generic speed test
mm: /proc/pid/smaps_rollup: fix NULL pointer deref in smaps_pte_range()
ima: fix showing large 'violations' or 'runtime_measurements_count'
hugetlbfs: dirty pages as they are added to pagecache
mm/rmap: map_pte() was not handling private ZONE_DEVICE page properly
KVM: arm64: Fix caching of host MDCR_EL2 value
kbuild: fix kernel/bounds.c 'W=1' warning
iio: ad5064: Fix regulator handling
iio: adc: imx25-gcq: Fix leak of device_node in mx25_gcq_setup_cfgs()
iio: adc: at91: fix acking DRDY irq on simple conversions
iio: adc: at91: fix wrong channel number in triggered buffer mode
w1: omap-hdq: fix missing bus unregister at removal
smb3: allow stats which track session and share reconnects to be reset
smb3: do not attempt cifs operation in smb3 query info error path
smb3: on kerberos mount if server doesn't specify auth type use krb5
printk: Fix panic caused by passing log_buf_len to command line
genirq: Fix race on spurious interrupt detection
NFSv4.1: Fix the r/wsize checking
nfs: Fix a missed page unlock after pg_doio()
nfsd: Fix an Oops in free_session()
lockd: fix access beyond unterminated strings in prints
dm ioctl: harden copy_params()'s copy_from_user() from malicious users
dm zoned: fix metadata block ref counting
dm zoned: fix various dmz_get_mblock() issues
powerpc/msi: Fix compile error on mpc83xx
MIPS: OCTEON: fix out of bounds array access on CN68XX
iommu/arm-smmu: Ensure that page-table updates are visible before TLBI
TC: Set DMA masks for devices
media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD
kgdboc: Passing ekgdboc to command line causes panic
xen: fix xen_qlock_wait()
xen-blkfront: fix kernel panic with negotiate_mq error path
media: em28xx: use a default format if TRY_FMT fails
media: tvp5150: avoid going past array on v4l2_querymenu()
media: em28xx: fix input name for Terratec AV 350
media: em28xx: make v4l2-compliance happier by starting sequence on zero
media: media colorspaces*.rst: rename AdobeRGB to opRGB
arm64: lse: remove -fcall-used-x0 flag
rpmsg: smd: fix memory leak on channel create
Cramfs: fix abad comparison when wrap-arounds occur
ARM: dts: socfpga: Fix SDRAM node address for Arria10
arm64: dts: stratix10: Correct System Manager register size
soc/tegra: pmc: Fix child-node lookup
selftests/powerpc: Fix ptrace tm failure
btrfs: qgroup: Avoid calling qgroup functions if qgroup is not enabled
btrfs: Handle owner mismatch gracefully when walking up tree
btrfs: locking: Add extra check in btrfs_init_new_buffer() to avoid deadlock
btrfs: fix error handling in free_log_tree
btrfs: Enhance btrfs_trim_fs function to handle error better
btrfs: Ensure btrfs_trim_fs can trim the whole filesystem
btrfs: iterate all devices during trim, instead of fs_devices::alloc_list
btrfs: don't attempt to trim devices that don't support it
btrfs: wait on caching when putting the bg cache
btrfs: protect space cache inode alloc with GFP_NOFS
btrfs: reset max_extent_size on clear in a bitmap
btrfs: make sure we create all new block groups
Btrfs: fix warning when replaying log after fsync of a tmpfile
Btrfs: fix wrong dentries after fsync of file that got its parent replaced
btrfs: qgroup: Dirty all qgroups before rescan
Btrfs: fix null pointer dereference on compressed write path error
Btrfs: fix assertion on fsync of regular file when using no-holes feature
btrfs: set max_extent_size properly
btrfs: don't use ctl->free_space for max_extent_size
btrfs: only free reserved extent if we didn't insert it
btrfs: don't run delayed_iputs in commit
btrfs: move the dio_sem higher up the callchain
Btrfs: fix use-after-free during inode eviction
Btrfs: fix use-after-free when dumping free space
Btrfs: fix fsync after hole punching when using no-holes feature
net: sched: Remove TCA_OPTIONS from policy
bpf: wait for running BPF programs when updating map-in-map
MD: fix invalid stored role for a disk - try2
Linux 4.14.81
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
David Howells
|
be5658a1dc |
UAPI: ndctl: Fix g++-unsupported initialisation in headers
[ Upstream commit 9607871f37dc3e717639694b8d0dc738f2a68efc ]
The following code in the linux/ndctl header file:
static inline const char *nvdimm_bus_cmd_name(unsigned cmd)
{
static const char * const names[] = {
[ND_CMD_ARS_CAP] = "ars_cap",
[ND_CMD_ARS_START] = "ars_start",
[ND_CMD_ARS_STATUS] = "ars_status",
[ND_CMD_CLEAR_ERROR] = "clear_error",
[ND_CMD_CALL] = "cmd_call",
};
if (cmd < ARRAY_SIZE(names) && names[cmd])
return names[cmd];
return "unknown";
}
is broken in a number of ways:
(1) ARRAY_SIZE() is not generally defined.
(2) g++ does not support "non-trivial" array initialisers fully yet.
(3) Every file that calls this function will acquire a copy of names[].
The same goes for nvdimm_cmd_name().
Fix all three by converting to a switch statement where each case returns a
string. That way if cmd is a constant, the compiler can trivially reduce it
and, if not, the compiler can use a shared lookup table if it thinks that is
more efficient.
A better way would be to remove these functions and their arrays from the
header entirely.
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Greg Kroah-Hartman
|
84ae3e35e1 |
Merge 4.14.73 into android-4.14
Changes in 4.14.73 gso_segment: Reset skb->mac_len after modifying network header ipv6: fix possible use-after-free in ip6_xmit() net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT net: hp100: fix always-true check for link up state pppoe: fix reception of frames with no mac header qmi_wwan: set DTR for modems in forced USB2 mode udp4: fix IP_CMSG_CHECKSUM for connected sockets neighbour: confirm neigh entries when ARP packet is received udp6: add missing checks on edumux packet processing net/sched: act_sample: fix NULL dereference in the data path tls: don't copy the key out of tls12_crypto_info_aes_gcm_128 tls: zero the crypto information from tls_context before freeing tls: clear key material from kernel memory when do_tls_setsockopt_conf fails NFC: Fix possible memory corruption when handling SHDLC I-Frame commands NFC: Fix the number of pipes ASoC: cs4265: fix MMTLR Data switch control ASoC: rsnd: fixup not to call clk_get/set under non-atomic ALSA: bebob: fix memory leak for M-Audio FW1814 and ProjectMix I/O at error path ALSA: bebob: use address returned by kmalloc() instead of kernel stack for streaming DMA mapping ALSA: emu10k1: fix possible info leak to userspace on SNDRV_EMU10K1_IOCTL_INFO ALSA: fireface: fix memory leak in ff400_switch_fetching_mode() ALSA: firewire-digi00x: fix memory leak of private data ALSA: firewire-tascam: fix memory leak of private data ALSA: fireworks: fix memory leak of response buffer at error path ALSA: oxfw: fix memory leak for model-dependent data at error path ALSA: oxfw: fix memory leak of discovered stream formats at error path ALSA: oxfw: fix memory leak of private data platform/x86: alienware-wmi: Correct a memory leak xen/netfront: don't bug in case of too many frags xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code spi: fix IDR collision on systems with both fixed and dynamic SPI bus numbers Revert "PCI: Add ACS quirk for Intel 300 series" ring-buffer: Allow for rescheduling when removing pages mm: shmem.c: Correctly annotate new inodes for lockdep Revert "rpmsg: core: add support to power domains for devices" Revert "uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name" scsi: target: iscsi: Use hex2bin instead of a re-implementation scsi: target: iscsi: Use bin2hex instead of a re-implementation Revert "ubifs: xattr: Don't operate on deleted inodes" ocfs2: fix ocfs2 read block panic drm/nouveau: Fix deadlocks in nouveau_connector_detect() drm/nouveau/drm/nouveau: Don't forget to cancel hpd_work on suspend/unload drm/nouveau/drm/nouveau: Fix bogus drm_kms_helper_poll_enable() placement drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect() drm/nouveau/drm/nouveau: Prevent handling ACPI HPD events too early drm/vc4: Fix the "no scaling" case on multi-planar YUV formats drm: udl: Destroy framebuffer only if it was initialized drm/amdgpu: add new polaris pci id tty: vt_ioctl: fix potential Spectre v1 ext4: check to make sure the rename(2)'s destination is not freed ext4: avoid divide by zero fault when deleting corrupted inline directories ext4: avoid arithemetic overflow that can trigger a BUG ext4: recalucate superblock checksum after updating free blocks/inodes ext4: fix online resize's handling of a too-small final block group ext4: fix online resizing for bigalloc file systems with a 1k block size ext4: don't mark mmp buffer head dirty ext4: show test_dummy_encryption mount option in /proc/mounts sched/fair: Fix vruntime_normalized() for remote non-migration wakeup PCI: aardvark: Size bridges before resources allocation vmw_balloon: include asm/io.h iw_cxgb4: only allow 1 flush on user qps tick/nohz: Prevent bogus softirq pending warning spi: Fix double IDR allocation with DT aliases Linux 4.14.73 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Lubomir Rintel
|
50ec69edf3 |
Revert "uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name"
commit 8c0f9f5b309d627182d5da72a69246f58bde1026 upstream.
This changes UAPI, breaking iwd and libell:
ell/key.c: In function 'kernel_dh_compute':
ell/key.c:205:38: error: 'struct keyctl_dh_params' has no member named 'private'; did you mean 'dh_private'?
struct keyctl_dh_params params = { .private = private,
^~~~~~~
dh_private
This reverts commit 8a2336e549d385bb0b46880435b411df8d8200e8.
Fixes: 8a2336e549d3 ("uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name")
Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Randy Dunlap <rdunlap@infradead.org>
cc: Mat Martineau <mathew.j.martineau@linux.intel.com>
cc: Stephan Mueller <smueller@chronox.de>
cc: James Morris <jmorris@namei.org>
cc: "Serge E. Hallyn" <serge@hallyn.com>
cc: Mat Martineau <mathew.j.martineau@linux.intel.com>
cc: Andrew Morton <akpm@linux-foundation.org>
cc: Linus Torvalds <torvalds@linux-foundation.org>
cc: <stable@vger.kernel.org>
Signed-off-by: James Morris <james.morris@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Martijn Coenen
|
666c420fa3 |
FROMLIST: ANDROID: binder: Add BINDER_GET_NODE_INFO_FOR_REF ioctl.
This allows the context manager to retrieve information about nodes that it holds a reference to, such as the current number of references to those nodes. Such information can for example be used to determine whether the servicemanager is the only process holding a reference to a node. This information can then be passed on to the process holding the node, which can in turn decide whether it wants to shut down to reduce resource usage. Signed-off-by: Martijn Coenen <maco@android.com> |
||
|
Greg Kroah-Hartman
|
6b8243a1c1 |
Merge 4.14.71 into android-4.14
Changes in 4.14.71
i2c: xiic: Make the start and the byte count write atomic
i2c: i801: fix DNV's SMBCTRL register offset
scsi: lpfc: Correct MDS diag and nvmet configuration
nbd: don't allow invalid blocksize settings
block: bfq: swap puts in bfqg_and_blkg_put
android: binder: fix the race mmap and alloc_new_buf_locked
MIPS: VDSO: Match data page cache colouring when D$ aliases
SMB3: Backup intent flag missing for directory opens with backupuid mounts
smb3: check for and properly advertise directory lease support
Btrfs: fix data corruption when deduplicating between different files
KVM: s390: vsie: copy wrapping keys to right place
KVM: VMX: Do not allow reexecute_instruction() when skipping MMIO instr
ALSA: hda - Fix cancel_work_sync() stall from jackpoll work
cpu/hotplug: Adjust misplaced smb() in cpuhp_thread_fun()
cpu/hotplug: Prevent state corruption on error rollback
x86/microcode: Make sure boot_cpu_data.microcode is up-to-date
x86/microcode: Update the new microcode revision unconditionally
switchtec: Fix Spectre v1 vulnerability
crypto: aes-generic - fix aes-generic regression on powerpc
tpm: separate cmd_ready/go_idle from runtime_pm
ARC: [plat-axs*]: Enable SWAP
misc: mic: SCIF Fix scif_get_new_port() error handling
ethtool: Remove trailing semicolon for static inline
i2c: aspeed: Add an explicit type casting for *get_clk_reg_val
Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV
gpio: tegra: Move driver registration to subsys_init level
powerpc/powernv: Fix concurrency issue with npu->mmio_atsd_usage
selftests/bpf: fix a typo in map in map test
media: davinci: vpif_display: Mix memory leak on probe error path
media: dw2102: Fix memleak on sequence of probes
net: phy: Fix the register offsets in Broadcom iProc mdio mux driver
blk-mq: fix updating tags depth
scsi: target: fix __transport_register_session locking
md/raid5: fix data corruption of replacements after originals dropped
timers: Clear timer_base::must_forward_clk with timer_base::lock held
media: camss: csid: Configure data type and decode format properly
gpu: ipu-v3: default to id 0 on missing OF alias
misc: ti-st: Fix memory leak in the error path of probe()
uio: potential double frees if __uio_register_device() fails
firmware: vpd: Fix section enabled flag on vpd_section_destroy
Drivers: hv: vmbus: Cleanup synic memory free path
tty: rocket: Fix possible buffer overwrite on register_PCI
f2fs: fix to active page in lru list for read path
f2fs: do not set free of current section
f2fs: fix defined but not used build warnings
perf tools: Allow overriding MAX_NR_CPUS at compile time
NFSv4.0 fix client reference leak in callback
perf c2c report: Fix crash for empty browser
perf evlist: Fix error out while applying initial delay and LBR
macintosh/via-pmu: Add missing mmio accessors
ath9k: report tx status on EOSP
ath9k_hw: fix channel maximum power level test
ath10k: prevent active scans on potential unusable channels
wlcore: Set rx_status boottime_ns field on rx
rpmsg: core: add support to power domains for devices
MIPS: Fix ISA virt/bus conversion for non-zero PHYS_OFFSET
ata: libahci: Allow reconfigure of DEVSLP register
ata: libahci: Correct setting of DEVSLP register
scsi: 3ware: fix return 0 on the error path of probe
tools/testing/nvdimm: kaddr and pfn can be NULL to ->direct_access()
ath10k: disable bundle mgmt tx completion event support
Bluetooth: hidp: Fix handling of strncpy for hid->name information
x86/mm: Remove in_nmi() warning from vmalloc_fault()
pinctrl: imx: off by one in imx_pinconf_group_dbg_show()
gpio: ml-ioh: Fix buffer underwrite on probe error path
pinctrl/amd: only handle irq if it is pending and unmasked
net: mvneta: fix mtu change on port without link
f2fs: try grabbing node page lock aggressively in sync scenario
pktcdvd: Fix possible Spectre-v1 for pkt_devs
f2fs: fix to skip GC if type in SSA and SIT is inconsistent
tpm_tis_spi: Pass the SPI IRQ down to the driver
tpm/tpm_i2c_infineon: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT)
f2fs: fix to do sanity check with reserved blkaddr of inline inode
MIPS: Octeon: add missing of_node_put()
MIPS: generic: fix missing of_node_put()
net: dcb: For wild-card lookups, use priority -1, not 0
dm cache: only allow a single io_mode cache feature to be requested
Input: atmel_mxt_ts - only use first T9 instance
media: s5p-mfc: Fix buffer look up in s5p_mfc_handle_frame_{new, copy_time} functions
partitions/aix: append null character to print data from disk
partitions/aix: fix usage of uninitialized lv_info and lvname structures
media: helene: fix xtal frequency setting at power on
f2fs: fix to wait on page writeback before updating page
f2fs: Fix uninitialized return in f2fs_ioc_shutdown()
iommu/ipmmu-vmsa: Fix allocation in atomic context
mfd: ti_am335x_tscadc: Fix struct clk memory leak
f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize
NFSv4.1: Fix a potential layoutget/layoutrecall deadlock
MIPS: WARN_ON invalid DMA cache maintenance, not BUG_ON
RDMA/cma: Do not ignore net namespace for unbound cm_id
drm/i915: set DP Main Stream Attribute for color range on DDI platforms
inet: frags: change inet_frags_init_net() return value
inet: frags: add a pointer to struct netns_frags
inet: frags: refactor ipfrag_init()
inet: frags: Convert timers to use timer_setup()
inet: frags: refactor ipv6_frag_init()
inet: frags: refactor lowpan_net_frag_init()
ipv6: export ip6 fragments sysctl to unprivileged users
rhashtable: add schedule points
inet: frags: use rhashtables for reassembly units
inet: frags: remove some helpers
inet: frags: get rif of inet_frag_evicting()
inet: frags: remove inet_frag_maybe_warn_overflow()
inet: frags: break the 2GB limit for frags storage
inet: frags: do not clone skb in ip_expire()
ipv6: frags: rewrite ip6_expire_frag_queue()
rhashtable: reorganize struct rhashtable layout
inet: frags: reorganize struct netns_frags
inet: frags: get rid of ipfrag_skb_cb/FRAG_CB
inet: frags: fix ip6frag_low_thresh boundary
ip: discard IPv4 datagrams with overlapping segments.
net: speed up skb_rbtree_purge()
net: modify skb_rbtree_purge to return the truesize of all purged skbs.
ipv6: defrag: drop non-last frags smaller than min mtu
net: pskb_trim_rcsum() and CHECKSUM_COMPLETE are friends
net: add rb_to_skb() and other rb tree helpers
net: sk_buff rbnode reorg
ipv4: frags: precedence bug in ip_expire()
ip: add helpers to process in-order fragments faster.
ip: process in-order fragments efficiently
ip: frags: fix crash in ip_do_fragment()
mtd: ubi: wl: Fix error return code in ubi_wl_init()
tun: fix use after free for ptr_ring
tuntap: fix use after free during release
autofs: fix autofs_sbi() does not check super block type
mm: get rid of vmacache_flush_all() entirely
Linux 4.14.71
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Peter Oskolkov
|
1c44969111 |
ip: discard IPv4 datagrams with overlapping segments.
This behavior is required in IPv6, and there is little need to tolerate overlapping fragments in IPv4. This change simplifies the code and eliminates potential DDoS attack vectors. Tested: ran ip_defrag selftest (not yet available uptream). Suggested-by: David S. Miller <davem@davemloft.net> Signed-off-by: Peter Oskolkov <posk@google.com> Signed-off-by: Eric Dumazet <edumazet@google.com> Cc: Florian Westphal <fw@strlen.de> Acked-by: Stephen Hemminger <stephen@networkplumber.org> Signed-off-by: David S. Miller <davem@davemloft.net> (cherry picked from commit 7969e5c40dfd04799d4341f1b7cd266b6e47f227) Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Florian Fainelli
|
5ffdd121d0 |
ethtool: Remove trailing semicolon for static inline
[ Upstream commit d89d41556141a527030a15233135ba622ba3350d ]
Android's header sanitization tool chokes on static inline functions having a
trailing semicolon, leading to an incorrectly parsed header file. While the
tool should obviously be fixed, also fix the header files for the two affected
functions: ethtool_get_flow_spec_ring() and ethtool_get_flow_spec_ring_vf().
Fixes:
|
||
|
Greg Kroah-Hartman
|
f8223ece3a |
Merge 4.14.70 into android-4.14
Changes in 4.14.70 act_ife: fix a potential use-after-free ipv4: tcp: send zero IPID for RST and ACK sent in SYN-RECV and TIME-WAIT state net: bcmgenet: use MAC link status for fixed phy net: macb: do not disable MDIO bus at open/close time net: sched: Fix memory exposure from short TCA_U32_SEL qlge: Fix netdev features configuration. r8169: add support for NCube 8168 network card tcp: do not restart timewait timer on rst reception vti6: remove !skb->ignore_df check from vti6_xmit() net/sched: act_pedit: fix dump of extended layered op tipc: fix a missing rhashtable_walk_exit() nfp: wait for posted reconfigs when disabling the device sctp: hold transport before accessing its asoc in sctp_transport_get_next mlxsw: spectrum_switchdev: Do not leak RIFs when removing bridge vhost: correctly check the iova range when waking virtqueue hv_netvsc: ignore devices that are not PCI hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe() act_ife: move tcfa_lock down to where necessary act_ife: fix a potential deadlock net: sched: action_ife: take reference to meta module cifs: check if SMB2 PDU size has been padded and suppress the warning hfsplus: don't return 0 when fill_super() failed hfs: prevent crash on exit from failed search sunrpc: Don't use stack buffer with scatterlist fork: don't copy inconsistent signal handler state to child reiserfs: change j_timestamp type to time64_t hfsplus: fix NULL dereference in hfsplus_lookup() fs/proc/kcore.c: use __pa_symbol() for KCORE_TEXT list entries fat: validate ->i_start before using scripts: modpost: check memory allocation results virtio: pci-legacy: Validate queue pfn x86/mce: Add notifier_block forward declaration IB/hfi1: Invalid NUMA node information can cause a divide by zero pwm: meson: Fix mux clock names mm/fadvise.c: fix signed overflow UBSAN complaint fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() platform/x86: intel_punit_ipc: fix build errors netfilter: ip6t_rpfilter: set F_IFACE for linklocal addresses s390/kdump: Fix memleak in nt_vmcoreinfo ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() mfd: sm501: Set coherent_dma_mask when creating subdevices platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 netfilter: fix memory leaks on netlink_dump_start error tcp, ulp: add alias for all ulp modules RDMA/hns: Fix usage of bitmap allocation functions return values net: hns3: Fix for command format parsing error in hclge_is_all_function_id_zero net: hns3: Fix for phy link issue when using marvell phy driver perf tools: Check for null when copying nsinfo. irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP net/9p/trans_fd.c: fix race by holding the lock net/9p: fix error path of p9_virtio_probe f2fs: fix to clear PG_checked flag in set_page_dirty() powerpc/uaccess: Enable get_user(u64, *p) on 32-bit powerpc: Fix size calculation using resource_size() perf probe powerpc: Fix trace event post-processing block: bvec_nr_vecs() returns value for wrong slab s390/dasd: fix hanging offline processing due to canceled worker s390/dasd: fix panic for failed online processing ACPI / scan: Initialize status to ACPI_STA_DEFAULT scsi: aic94xx: fix an error code in aic94xx_init() NFSv4: Fix error handling in nfs4_sp4_select_mode() Input: do not use WARN() in input_alloc_absinfo() xen/balloon: fix balloon initialization for PVH Dom0 PCI: mvebu: Fix I/O space end address calculation dm kcopyd: avoid softlockup in run_complete_job staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice ASoC: rt5677: Fix initialization of rt5677_of_match.data iommu/omap: Fix cache flushes on L2 table entries selftests/powerpc: Kill child processes on SIGINT RDS: IB: fix 'passing zero to ERR_PTR()' warning cfq: Suppress compiler warnings about comparisons smb3: fix reset of bytes read and written stats SMB3: Number of requests sent should be displayed for SMB3 not just CIFS powerpc/platforms/85xx: fix t1042rdb_diu.c build errors & warning powerpc/64s: Make rfi_flush_fallback a little more robust powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX. clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399 KVM: vmx: track host_state.loaded using a loaded_vmcs pointer kvm: nVMX: Fix fault vector for VMX operation at CPL > 0 btrfs: Exit gracefully when chunk map cannot be inserted to the tree btrfs: replace: Reset on-disk dev stats value after replace btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized btrfs: Don't remove block group that still has pinned down bytes arm64: rockchip: Force CONFIG_PM on Rockchip systems ARM: rockchip: Force CONFIG_PM on Rockchip systems drm/i915/lpe: Mark LPE audio runtime pm as "no callbacks" drm/amdgpu: Fix RLC safe mode test in gfx_v9_0_enter_rlc_safe_mode drm/amd/pp/Polaris12: Fix a chunk of registers missed to program drm/edid: Add 6 bpc quirk for SDC panel in Lenovo B50-80 drm/amdgpu: update tmr mc address drm/amdgpu:add tmr mc address into amdgpu_firmware_info drm/amdgpu:add new firmware id for VCN drm/amdgpu:add VCN support in PSP driver drm/amdgpu:add VCN booting with firmware loaded by PSP uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name debugobjects: Make stack check warning more informative sched/deadline: Fix switching to -deadline lightnvm: pblk: free padded entries in write buffer mm: Fix devm_memremap_pages() collision handling HID: add quirk for another PIXART OEM mouse used by HP usb: dwc3: core: Fix ULPI PHYs and prevent phy_get/ulpi_init during suspend/resume x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear x86/xen: don't write ptes directly in 32-bit PV guests drm/i915: Increase LSPCON timeout kbuild: make missing $DEPMOD a Warning instead of an Error s390/lib: use expoline for all bcr instructions irda: Fix memory leak caused by repeated binds of irda socket irda: Only insert new objects into the global database via setsockopt Revert "ARM: imx_v6_v7_defconfig: Select ULPI support" kvm: x86: Set highest physical address bits in non-present/reserved SPTEs x86: kvm: avoid unused variable warning arm64: cpu_errata: include required headers ASoC: wm8994: Fix missing break in switch arm64: Fix mismatched cache line size detection arm64: Handle mismatched cache type Linux 4.14.70 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Randy Dunlap
|
448b5498f6 |
uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name
commit 8a2336e549d385bb0b46880435b411df8d8200e8 upstream.
Since this header is in "include/uapi/linux/", apparently people want to
use it in userspace programs -- even in C++ ones. However, the header
uses a C++ reserved keyword ("private"), so change that to "dh_private"
instead to allow the header file to be used in C++ userspace.
Fixes https://bugzilla.kernel.org/show_bug.cgi?id=191051
Link: http://lkml.kernel.org/r/0db6c314-1ef4-9bfa-1baa-7214dd2ee061@infradead.org
Fixes:
|
||
|
Steffen Klassert
|
73d9837ccf |
UPSTREAM: xfrm: Add virtual xfrm interfaces
This patch adds support for virtual xfrm interfaces. Packets that are routed through such an interface are guaranteed to be IPsec transformed or dropped. It is a generic virtual interface that ensures IPsec transformation, no need to know what happens behind the interface. This means that we can tunnel IPv4 and IPv6 through the same interface and support all xfrm modes (tunnel, transport and beet) on it. Co-developed-by: Lorenzo Colitti <lorenzo@google.com> Co-developed-by: Benedict Wong <benedictwong@google.com> Signed-off-by: Lorenzo Colitti <lorenzo@google.com> Signed-off-by: Benedict Wong <benedictwong@google.com> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> Acked-by: Shannon Nelson <shannon.nelson@oracle.com> Tested-by: Benedict Wong <benedictwong@google.com> Tested-by: Antony Antony <antony@phenome.org> Reviewed-by: Eyal Birger <eyal.birger@gmail.com> (cherry picked from commit f203b76d78092faf248db3f851840fbecf80b40e) Bug: 113046120 Change-Id: I05e8fe1e8a8a4b01886504ce694ddda29e4fbec6 |
||
|
Steffen Klassert
|
a5041fd623 |
UPSTREAM: xfrm: Add a new lookup key to match xfrm interfaces.
This patch adds the xfrm interface id as a lookup key for xfrm states and policies. With this we can assign states and policies to virtual xfrm interfaces. Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> Acked-by: Shannon Nelson <shannon.nelson@oracle.com> Acked-by: Benedict Wong <benedictwong@google.com> Tested-by: Benedict Wong <benedictwong@google.com> Tested-by: Antony Antony <antony@phenome.org> Reviewed-by: Eyal Birger <eyal.birger@gmail.com> (cherry picked from commit 7e6526404adedf079279aa7aa11722deaca8fe2e) Signed-off-by: Benedict Wong <benedictwong@google.com> Bug: 113046120 Change-Id: I27d7757a374b0bd5f97c3e723773d6c7470a0717 |
||
|
Steffen Klassert
|
8508afd498 |
UPSTREAM: xfrm: Extend the output_mark to support input direction and masking.
We already support setting an output mark at the xfrm_state, unfortunately this does not support the input direction and masking the marks that will be applied to the skb. This change adds support applying a masked value in both directions. The existing XFRMA_OUTPUT_MARK number is reused for this purpose and as it is now bi-directional, it is renamed to XFRMA_SET_MARK. An additional XFRMA_SET_MARK_MASK attribute is added for setting the mask. If the attribute mask not provided, it is set to 0xffffffff, keeping the XFRMA_OUTPUT_MARK existing 'full mask' semantics. Co-developed-by: Tobias Brunner <tobias@strongswan.org> Co-developed-by: Eyal Birger <eyal.birger@gmail.com> Co-developed-by: Lorenzo Colitti <lorenzo@google.com> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: Tobias Brunner <tobias@strongswan.org> Signed-off-by: Eyal Birger <eyal.birger@gmail.com> Signed-off-by: Lorenzo Colitti <lorenzo@google.com> (cherry picked from commit 9b42c1f179a614e11893ae4619f0304a38f481ae) Signed-off-by: Benedict Wong <benedictwong@google.com> Bug: 113046120 Change-Id: I582f0b460dc58f01e0c30afb6167725aa337d054 |
||
|
Greg Kroah-Hartman
|
2637566c77 |
Merge 4.14.67 into android-4.14
Changes in 4.14.67 ext4: fix spectre gadget in ext4_mb_regular_allocator() drm/i915/kvmgt: Fix potential Spectre v1 EDAC: Add missing MEM_LRDDR4 entry in edac_mem_types[] pty: fix O_CLOEXEC for TIOCGPTPEER arm: dts: armada: Fix "#cooling-cells" property's name vfio: ccw: fix error return in vfio_ccw_sch_event perf tools: Fix error index for pmu event parser Input: synaptics-rmi4 - fix axis-swap behavior IB/mlx4: Fix an error handling path in 'mlx4_ib_rereg_user_mr()' drm/bridge/sii8620: fix loops in EDID fetch logic drm/bridge/sii8620: fix potential buffer overflow ARC: Explicitly add -mmedium-calls to CFLAGS hwmon: (nct6775) Fix loop limit soc: imx: gpcv2: correct PGC offset usb: dwc3: pci: add support for Intel IceLake usb: gadget: ffs: Fix BUG when userland exits with submitted AIO transfers usb: dwc2: gadget: Fix issue in dwc2_gadget_start_isoc() usb: dwc3: of-simple: fix use-after-free on remove ACPI / EC: Use ec_no_wakeup on Thinkpad X1 Carbon 6th netfilter: ipv6: nf_defrag: reduce struct net memory waste netfilter: nf_ct_helper: Fix possible panic after nf_conntrack_helper_unregister selftests: pstore: return Kselftest Skip code for skipped tests selftests: static_keys: return Kselftest Skip code for skipped tests selftests: sysctl: return Kselftest Skip code for skipped tests selftests: user: return Kselftest Skip code for skipped tests selftests: zram: return Kselftest Skip code for skipped tests selftests: vm: return Kselftest Skip code for skipped tests selftests: sync: add config fragment for testing sync framework ARM: dts: NSP: Fix i2c controller interrupt type ARM: dts: NSP: Fix PCIe controllers interrupt types ARM: dts: BCM5301x: Fix i2c controller interrupt type ARM: dts: Cygnus: Fix I2C controller interrupt type ARM: dts: Cygnus: Fix PCIe controller interrupt type arm64: dts: specify 1.8V EMMC capabilities for bcm958742k arm64: dts: specify 1.8V EMMC capabilities for bcm958742t arm64: dts: ns2: Fix I2C controller interrupt type arm64: dts: ns2: Fix PCIe controller interrupt type arm64: dts: Stingray: Fix I2C controller interrupt type drivers/perf: xgene_pmu: Fix IOB SLOW PMU parser error drm: mali-dp: Enable Global SE interrupts mask for DP500 drm/arm/malidp: Preserve LAYER_FORMAT contents when setting format IB/rxe: Fix missing completion for mem_reg work requests libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store() usb: dwc2: alloc dma aligned buffer for isoc split in usb: dwc2: fix isoc split in transfer with no data usb: gadget: composite: fix delayed_status race condition when set_interface usb: gadget: dwc2: fix memory leak in gadget_init() dwc2: gadget: Fix ISOC IN DDMA PID bitfield value calculation xen: add error handling for xenbus_printf pNFS: Always free the session slot on error in nfs4_layoutget_handle_exception scsi: xen-scsifront: add error handling for xenbus_printf xen/scsiback: add error handling for xenbus_printf arm64: dma-mapping: clear buffers allocated with FORCE_CONTIGUOUS flag arm64: make secondary_start_kernel() notrace qed: Fix possible memory leak in Rx error path handling. qed: Add sanity check for SIMD fastpath handler. qed: Do not advertise DCBX_LLD_MANAGED capability. enic: initialize enic->rfs_h.lock in enic_probe net: hamradio: use eth_broadcast_addr net: propagate dev_get_valid_name return code net: stmmac: socfpga: add additional ocp reset line for Stratix10 nvmet: reset keep alive timer in controller enable block: sed-opal: Fix a couple off by one bugs ARC: Enable machine_desc->init_per_cpu for !CONFIG_SMP nbd: Add the nbd NBD_DISCONNECT_ON_CLOSE config flag. net: davinci_emac: match the mdio device against its compatible if possible sctp: fix erroneous inc of snmp SctpFragUsrMsgs KVM: arm/arm64: Drop resource size check for GICV window drm/bridge/sii8620: fix display of packed pixel modes in MHL2 locking/lockdep: Do not record IRQ state within lockdep code selftests: bpf: notification about privilege required to run test_kmod.sh testing script mtd: dataflash: Use ULL suffix for 64-bit constants x86/microcode/intel: Fix memleak in save_microcode_patch() ipv6: mcast: fix unsolicited report interval after receiving querys Smack: Mark inode instant in smack_task_to_inode arm64: dts: msm8916: fix Coresight ETF graph connections batman-adv: Fix bat_ogm_iv best gw refcnt after netlink dump batman-adv: Fix bat_v best gw refcnt after netlink dump batman-adv: Avoid storing non-TT-sync flags on singular entries too batman-adv: Fix multicast TT issues with bogus ROAM flags cxgb4: when disabling dcb set txq dcb priority to 0 iio: pressure: bmp280: fix relative humidity unit brcmfmac: stop watchdog before detach and free everything ARM: dts: am437x: make edt-ft5x06 a wakeup source ALSA: seq: Fix UBSAN warning at SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT ioctl usb: xhci: remove the code build warning usb: xhci: increase CRS timeout value NFC: pn533: Fix wrong GFP flag usage typec: tcpm: Fix a msecs vs jiffies bug kconfig: fix line numbers for if-entries in menu tree perf record: Support s390 random socket_id assignment perf test session topology: Fix test on s390 perf report powerpc: Fix crash if callchain is empty perf tools: Fix a clang 7.0 compilation error perf bench: Fix numa report output code ARM: davinci: board-da850-evm: fix WP pin polarity for MMC/SD netfilter: nf_log: fix uninit read in nf_log_proc_dostring ceph: fix dentry leak in splice_dentry() net/mlx5: E-Switch, Disallow vlan/spoofcheck setup if not being esw manager nfp: cast sizeof() to int when comparing with error code selftests/x86/sigreturn/64: Fix spurious failures on AMD CPUs selftests/x86/sigreturn: Do minor cleanups ARM: dts: da850: Fix interrups property for gpio ARM64: dts: meson-gxl: fix Mali GPU compatible string dmaengine: pl330: report BURST residue granularity dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate() ath10k: update the phymode along with bandwidth change request md/raid10: fix that replacement cannot complete recovery after reassemble dev-dax: check_vma: ratelimit dev_info-s nl80211: relax ht operation checks for mesh nl80211: check nla_parse_nested() return values drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes drm/exynos: decon5433: Fix WINCONx reset value drbd: Fix drbd_request_prepare() discard handling bpf, s390: fix potential memleak when later bpf_jit_prog fails PCI: xilinx: Add missing of_node_put() PCI: xilinx-nwl: Add missing of_node_put() PCI: faraday: Add missing of_node_put() bnx2x: Fix receiving tx-timeout in error or recovery state. fsl/fman: fix parser reporting bad checksum on short frames dpaa_eth: DPAA SGT needs to be 256B acpi/nfit: fix cmd_rc for acpi_nfit_ctl to always return a value openrisc: entry: Fix delay slot exception detection m68k: fix "bad page state" oops on ColdFire boot objtool: Support GCC 8 '-fnoreorder-functions' ipvlan: call dev_change_flags when ipvlan mode is reset drm/amdgpu: fix swapped emit_ib_size in vce3 x86/mm/32: Initialize the CR4 shadow before __flush_tlb_all() HID: wacom: Correct touch maximum XY of 2nd-gen Intuos ARM: imx_v6_v7_defconfig: Select ULPI support ARM: imx_v4_v5_defconfig: Select ULPI support bpf: hash map: decrement counter on error tracing: Use __printf markup to silence compiler kasan: fix shadow_size calculation error in kasan_module_alloc smsc75xx: Add workaround for gigabit link up hardware errata. drm/bridge/sii8620: Fix display of packed pixel modes samples/bpf: add missing <linux/if_vlan.h> samples/bpf: Check the result of system() samples/bpf: Check the error of write() and read() ieee802154: 6lowpan: set IFLA_LINK netfilter: x_tables: set module owner for icmp(6) matches ipv6: make ipv6_renew_options() interrupt/kernel safe net: qrtr: Broadcast messages only from control port sh_eth: fix invalid context bug while calling auto-negotiation by ethtool sh_eth: fix invalid context bug while changing link options by ethtool ravb: fix invalid context bug while calling auto-negotiation by ethtool ravb: fix invalid context bug while changing link options by ethtool ARM: pxa: irq: fix handling of ICMR registers in suspend/resume net/sched: act_tunnel_key: fix NULL dereference when 'goto chain' is used nvmem: Don't let a NULL cell_id for nvmem_cell_get() crash us ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem ieee802154: at86rf230: use __func__ macro for debug messages ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem gpu: host1x: Check whether size of unpin isn't 0 drm/tegra: Fix comparison operator for buffer size drm/armada: fix colorkey mode property drm/armada: fix irq handling netfilter: nft_compat: explicitly reject ERROR and standard target netfilter: nf_conntrack: Fix possible possible crash on module loading. ARC: Improve cmpxchg syscall implementation bnxt_en: Fix inconsistent BNXT_FLAG_AGG_RINGS logic. bnxt_en: Always set output parameters in bnxt_get_max_rings(). bnxt_en: Fix for system hang if request_irq fails scsi: qedf: Send the driver state to MFW scsi: qedi: Send driver state to MFW perf llvm-utils: Remove bashism from kernel include fetch script perf tools: Fix compilation errors on gcc8 perf script python: Fix dict reference counting nfit: fix unchecked dereference in acpi_nfit_ctl RDMA/mlx5: Fix memory leak in mlx5_ib_create_srq() error path ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot ARM: DRA7/OMAP5: Enable ACTLR[0] (Enable invalidates of BTB) for secondary cores ARM: dts: am3517.dtsi: Disable reference to OMAP3 OTG controller ixgbe: Be more careful when modifying MAC filters tools: build: Use HOSTLDFLAGS with fixdep kbuild: suppress warnings from 'getconf LFS_*' packet: reset network header if packet shorter than ll reserved space qlogic: check kstrtoul() for errors tcp: remove DELAYED ACK events in DCTCP pinctrl: ingenic: Fix inverted direction for < JZ4770 pinctrl: nsp: off by ones in nsp_pinmux_enable() pinctrl: nsp: Fix potential NULL dereference drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply() hv/netvsc: fix handling of fallback to single queue mode net/ethernet/freescale/fman: fix cross-build error ibmvnic: Fix error recovery on login failure btrfs: scrub: Don't use inode page cache in scrub_handle_errored_block() octeon_mgmt: Fix MIX registers configuration on MTU setup net: usb: rtl8150: demote allmulti message to dev_dbg() kvmclock: fix TSC calibration for nested guests PCI: OF: Fix I/O space page leak PCI: versatile: Fix I/O space page leak net: qca_spi: Avoid packet drop during initial sync net: qca_spi: Make sure the QCA7000 reset is triggered net: qca_spi: Fix log level if probe fails tcp: identify cryptic messages as TCP seq # bugs soc: imx: gpc: restrict register range for regmap access ACPI / EC: Use ec_no_wakeup on more Thinkpad X1 Carbon 6th systems ARM: dts: imx6: RDU2: fix irq type for mv88e6xxx switch nvme: fix handling of metadata_len for NVME_IOCTL_IO_CMD KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer f2fs: return error during fill_super f2fs: sanity check for total valid node blocks parisc: Remove ordered stores from syscall.S xfrm_user: prevent leaking 2 bytes of kernel memory netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state packet: refine ring v3 block size test to hold one frame net/smc: no shutdown in state SMC_LISTEN parisc: Remove unnecessary barriers from spinlock.h PCI: hotplug: Don't leak pci_slot on registration failure PCI: Skip MPS logic for Virtual Functions (VFs) PCI: pciehp: Fix use-after-free on unplug PCI: pciehp: Fix unprotected list iteration in IRQ handler i2c: core: ACPI: Properly set status byte to 0 for multi-byte writes i2c: imx: Fix race condition in dma read reiserfs: fix broken xattr handling (heap corruption, bad retval) Linux 4.14.67 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Doron Roberts-Kedes
|
9b0b625841 |
nbd: Add the nbd NBD_DISCONNECT_ON_CLOSE config flag.
[ Upstream commit 08ba91ee6e2c1c08d3f0648f978cbb5dbf3491d8 ] If NBD_DISCONNECT_ON_CLOSE is set on a device, then the driver will issue a disconnect from nbd_release if the device has no remaining bdev->bd_openers. Fix ret val so reconfigure with only setting the flag succeeds. Reviewed-by: Josef Bacik <josef@toxicpanda.com> Signed-off-by: Doron Roberts-Kedes <doronrk@fb.com> Signed-off-by: Jens Axboe <axboe@kernel.dk> Signed-off-by: Sasha Levin <alexander.levin@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
1f648790fe |
Merge 4.14.63 into android-4.14
Changes in 4.14.63 parisc: Enable CONFIG_MLONGCALLS by default parisc: Define mb() and add memory barriers to assembler unlock sequences scsi: hpsa: fix selection of reply queue scsi: core: introduce force_blk_mq scsi: virtio_scsi: fix IO hang caused by automatic irq vector affinity kasan: add no_sanitize attribute for clang builds Mark HI and TASKLET softirq synchronous stop_machine: Disable preemption after queueing stopper threads xen/netfront: don't cache skb_shinfo() scsi: sr: Avoid that opening a CD-ROM hangs with runtime power management enabled scsi: qla2xxx: Fix memory leak for allocating abort IOCB init: rename and re-order boot_cpu_state_init() root dentries need RCU-delayed freeing make sure that __dentry_kill() always invalidates d_seq, unhashed or not fix mntput/mntput race fix __legitimize_mnt()/mntput() race mtd: nand: qcom: Add a NULL check for devm_kasprintf() phy: phy-mtk-tphy: use auto instead of force to bypass utmi signals Bluetooth: hci_ldisc: Allow sleeping while proto locks are held. Bluetooth: hci_serdev: Init hci_uart proto_lock to avoid oops ARM: dts: imx6sx: fix irq for pcie bridge x86/paravirt: Fix spectre-v2 mitigations for paravirt guests x86/speculation: Protect against userspace-userspace spectreRSB kprobes/x86: Fix %p uses in error messages x86/irqflags: Provide a declaration for native_save_fl x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT x86/speculation/l1tf: Change order of offset/type in swap entry x86/speculation/l1tf: Protect swap entries against L1TF x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation x86/speculation/l1tf: Make sure the first page is always reserved x86/speculation/l1tf: Add sysfs reporting for l1tf x86/speculation/l1tf: Disallow non privileged high MMIO PROT_NONE mappings x86/speculation/l1tf: Limit swap file size to MAX_PA/2 x86/bugs: Move the l1tf function and define pr_fmt properly sched/smt: Update sched_smt_present at runtime x86/smp: Provide topology_is_primary_thread() x86/topology: Provide topology_smt_supported() cpu/hotplug: Make bringup/teardown of smp threads symmetric cpu/hotplug: Split do_cpu_down() cpu/hotplug: Provide knobs to control SMT x86/cpu: Remove the pointless CPU printout x86/cpu/AMD: Remove the pointless detect_ht() call x86/cpu/common: Provide detect_ht_early() x86/cpu/topology: Provide detect_extended_topology_early() x86/cpu/intel: Evaluate smp_num_siblings early x86/CPU/AMD: Do not check CPUID max ext level before parsing SMP info x86/cpu/AMD: Evaluate smp_num_siblings early x86/apic: Ignore secondary threads if nosmt=force x86/speculation/l1tf: Extend 64bit swap file size limit x86/cpufeatures: Add detection of L1D cache flush support. x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings x86/speculation/l1tf: Protect PAE swap entries against L1TF x86/speculation/l1tf: Fix up pte->pfn conversion for PAE Revert "x86/apic: Ignore secondary threads if nosmt=force" cpu/hotplug: Boot HT siblings at least once x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being present x86/KVM/VMX: Add module argument for L1TF mitigation x86/KVM/VMX: Add L1D flush algorithm x86/KVM/VMX: Add L1D MSR based flush x86/KVM/VMX: Add L1D flush logic x86/KVM/VMX: Split the VMX MSR LOAD structures to have an host/guest numbers x86/KVM/VMX: Add find_msr() helper function x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number accounting x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER only MSRs x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required cpu/hotplug: Online siblings when SMT control is turned on x86/litf: Introduce vmx status variable x86/kvm: Drop L1TF MSR list approach x86/l1tf: Handle EPT disabled state proper x86/kvm: Move l1tf setup function x86/kvm: Add static key for flush always x86/kvm: Serialize L1D flush parameter setter x86/kvm: Allow runtime control of L1D flush cpu/hotplug: Expose SMT control init function cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early x86/bugs, kvm: Introduce boot-time control of L1TF mitigations Documentation: Add section about CPU vulnerabilities x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content Documentation/l1tf: Fix typos cpu/hotplug: detect SMT disabled by BIOS x86/KVM/VMX: Don't set l1tf_flush_l1d to true from vmx_l1d_flush() x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond' x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() x86/irq: Demote irq_cpustat_t::__softirq_pending to u16 x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d x86: Don't include linux/irq.h from asm/hardirq.h x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d x86/KVM/VMX: Don't set l1tf_flush_l1d from vmx_handle_external_intr() Documentation/l1tf: Remove Yonah processors from not vulnerable list KVM: x86: Add a framework for supporting MSR-based features KVM: SVM: Add MSR-based feature support for serializing LFENCE KVM: X86: Introduce kvm_get_msr_feature() KVM: X86: Allow userspace to define the microcode version KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR x86/speculation: Simplify sysfs report of VMX L1TF vulnerability x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry cpu/hotplug: Fix SMT supported evaluation x86/speculation/l1tf: Invert all not present mappings x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert x86/mm/pat: Make set_memory_np() L1TF safe x86/mm/kmmio: Make the tracer robust against L1TF tools headers: Synchronise x86 cpufeatures.h for L1TF additions x86/microcode: Allow late microcode loading with SMT disabled x86/smp: fix non-SMP broken build due to redefinition of apic_id_is_primary_thread cpu/hotplug: Non-SMP machines do not make use of booted_once x86/init: fix build with CONFIG_SWAP=n x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures x86/CPU/AMD: Have smp_num_siblings and cpu_llc_id always be present Linux 4.14.63 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Tom Lendacky
|
f0660d587e |
KVM: x86: Add a framework for supporting MSR-based features
commit 801e459a6f3a63af9d447e6249088c76ae16efc4 upstream Provide a new KVM capability that allows bits within MSRs to be recognized as features. Two new ioctls are added to the /dev/kvm ioctl routine to retrieve the list of these MSRs and then retrieve their values. A kvm_x86_ops callback is used to determine support for the listed MSR-based features. Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> [Tweaked documentation. - Radim] Signed-off-by: Radim Krčmář <rkrcmar@redhat.com> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
37f5b3d9c7 |
Merge 4.14.49 into android-4.14
Changes in 4.14.49 scsi: sd_zbc: Fix potential memory leak scsi: sd_zbc: Avoid that resetting a zone fails sporadically mmap: introduce sane default mmap limits mmap: relax file size limit for regular files btrfs: define SUPER_FLAG_METADUMP_V2 kconfig: Avoid format overflow warning from GCC 8.1 be2net: Fix error detection logic for BE3 bnx2x: use the right constant dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect() enic: set DMA mask to 47 bit ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds ip6_tunnel: remove magic mtu value 0xFFF8 ipmr: properly check rhltable_init() return value ipv4: remove warning in ip_recv_error ipv6: omit traffic class when calculating flow hash isdn: eicon: fix a missing-check bug kcm: Fix use-after-free caused by clonned sockets netdev-FAQ: clarify DaveM's position for stable backports net: ipv4: add missing RTA_TABLE to rtm_ipv4_policy net: metrics: add proper netlink validation net/packet: refine check for priv area size net: phy: broadcom: Fix bcm_write_exp() net: usb: cdc_mbim: add flag FLAG_SEND_ZLP packet: fix reserve calculation qed: Fix mask for physical address in ILT entry sctp: not allow transport timeout value less than HZ/5 for hb_timer team: use netdev_features_t instead of u32 vhost: synchronize IOTLB message with dev cleanup vrf: check the original netdevice for generating redirect ipv6: sr: fix memory OOB access in seg6_do_srh_encap/inline net: phy: broadcom: Fix auxiliary control register reads net-sysfs: Fix memory leak in XPS configuration virtio-net: correctly transmit XDP buff after linearizing net/mlx4: Fix irq-unsafe spinlock usage tun: Fix NULL pointer dereference in XDP redirect virtio-net: correctly check num_buf during err path net/mlx5e: When RXFCS is set, add FCS data into checksum calculation virtio-net: fix leaking page for gso packet during mergeable XDP rtnetlink: validate attributes in do_setlink() cls_flower: Fix incorrect idr release when failing to modify rule PCI: hv: Do not wait forever on a device that has disappeared drm: set FMODE_UNSIGNED_OFFSET for drm files Linux 4.14.49 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Anand Jain
|
058dd233b5 |
btrfs: define SUPER_FLAG_METADUMP_V2
commit e2731e55884f2138a252b0a3d7b24d57e49c3c59 upstream. btrfs-progs uses super flag bit BTRFS_SUPER_FLAG_METADUMP_V2 (1ULL << 34). So just define that in kernel so that we know its been used. Signed-off-by: Anand Jain <anand.jain@oracle.com> Reviewed-by: David Sterba <dsterba@suse.com> Signed-off-by: David Sterba <dsterba@suse.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
eca84e5091 |
Merge 4.14.48 into android-4.14
Changes in 4.14.48 fix io_destroy()/aio_complete() race mm: fix the NULL mapping case in __isolate_lru_page() objtool: Support GCC 8's cold subfunctions objtool: Support GCC 8 switch tables objtool: Detect RIP-relative switch table references objtool: Detect RIP-relative switch table references, part 2 objtool: Fix "noreturn" detection for recursive sibling calls x86/mce/AMD: Carve out SMCA get_block_address() code x86/MCE/AMD: Cache SMCA MISC block addresses Revert "pinctrl: msm: Use dynamic GPIO numbering" PCI: hv: Fix 2 hang issues in hv_compose_msi_msg() xfs: convert XFS_AGFL_SIZE to a helper function xfs: detect agfl count corruption and reset agfl Input: synaptics - Lenovo Carbon X1 Gen5 (2017) devices should use RMI Input: synaptics - Lenovo Thinkpad X1 Carbon G5 (2017) with Elantech trackpoints should use RMI Input: synaptics - add Intertouch support on X1 Carbon 6th and X280 Input: synaptics - add Lenovo 80 series ids to SMBus Input: elan_i2c_smbus - fix corrupted stack tracing: Fix crash when freeing instances with event triggers tracing: Make the snapshot trigger work with instances selinux: KASAN: slab-out-of-bounds in xattr_getsecurity cfg80211: further limit wiphy names to 64 bytes kbuild: clang: remove crufty HOSTCFLAGS drm/i915: Always sanity check engine state upon idling dma-buf: remove redundant initialization of sg_table drm/amd/powerplay: Fix enum mismatch rtlwifi: rtl8192cu: Remove variable self-assignment in rf.c ASoC: Intel: sst: remove redundant variable dma_dev_name platform/chrome: cros_ec_lpc: remove redundant pointer request kbuild: clang: disable unused variable warnings only when constant tcp: avoid integer overflows in tcp_rcv_space_adjust() iio: ad7793: implement IIO_CHAN_INFO_SAMP_FREQ iio:buffer: make length types match kfifo types iio:kfifo_buf: check for uint overflow iio: adc: select buffer for at91-sama5d2_adc MIPS: lantiq: gphy: Drop reboot/remove reset asserts MIPS: ptrace: Fix PTRACE_PEEKUSR requests for 64-bit FGRs MIPS: prctl: Disallow FRE without FR with PR_SET_FP_MODE requests scsi: scsi_transport_srp: Fix shost to rport translation stm class: Use vmalloc for the master map hwtracing: stm: fix build error on some arches IB/core: Fix error code for invalid GID entry mm/huge_memory.c: __split_huge_page() use atomic ClearPageDirty() Revert "rt2800: use TXOP_BACKOFF for probe frames" intel_th: Use correct device when freeing buffers drm/psr: Fix missed entry in PSR setup time table. drm/i915/lvds: Move acpi lid notification registration to registration phase drm/i915: Disable LVDS on Radiant P845 powerpc/mm/slice: Remove intermediate bitmap copy powerpc/mm/slice: create header files dedicated to slices powerpc/mm/slice: Enhance for supporting PPC32 powerpc/mm/slice: Fix hugepage allocation at hint address on 8xx Linux 4.14.48 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Eric Biggers
|
bc342bc029 |
cfg80211: further limit wiphy names to 64 bytes
commit 814596495dd2b9d4aab92d8f89cf19060d25d2ea upstream.
wiphy names were recently limited to 128 bytes by commit a7cfebcb7594
("cfg80211: limit wiphy names to 128 bytes"). As it turns out though,
this isn't sufficient because dev_vprintk_emit() needs the syslog header
string "SUBSYSTEM=ieee80211\0DEVICE=+ieee80211:$devname" to fit into 128
bytes. This triggered the "device/subsystem name too long" WARN when
the device name was >= 90 bytes. As before, this was reproduced by
syzbot by sending an HWSIM_CMD_NEW_RADIO command to the MAC80211_HWSIM
generic netlink family.
Fix it by further limiting wiphy names to 64 bytes.
Reported-by: syzbot+e64565577af34b3768dc@syzkaller.appspotmail.com
Fixes: a7cfebcb7594 ("cfg80211: limit wiphy names to 128 bytes")
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Greg Kroah-Hartman
|
503f6fecb8 |
Merge 4.14.45 into android-4.14
Changes in 4.14.45
MIPS: c-r4k: Fix data corruption related to cache coherence
MIPS: ptrace: Expose FIR register through FP regset
MIPS: Fix ptrace(2) PTRACE_PEEKUSR and PTRACE_POKEUSR accesses to o32 FGRs
KVM: Fix spelling mistake: "cop_unsuable" -> "cop_unusable"
affs_lookup(): close a race with affs_remove_link()
fs: don't scan the inode cache before SB_BORN is set
aio: fix io_destroy(2) vs. lookup_ioctx() race
ALSA: timer: Fix pause event notification
do d_instantiate/unlock_new_inode combinations safely
mmc: sdhci-iproc: remove hard coded mmc cap 1.8v
mmc: sdhci-iproc: fix 32bit writes for TRANSFER_MODE register
mmc: sdhci-iproc: add SDHCI_QUIRK2_HOST_OFF_CARD_ON for cygnus
libata: Blacklist some Sandisk SSDs for NCQ
libata: blacklist Micron 500IT SSD with MU01 firmware
xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent
drm/vmwgfx: Fix 32-bit VMW_PORT_HB_[IN|OUT] macros
arm64: lse: Add early clobbers to some input/output asm operands
powerpc/64s: Clear PCR on boot
IB/hfi1: Use after free race condition in send context error path
IB/umem: Use the correct mm during ib_umem_release
sr: pass down correctly sized SCSI sense buffer
idr: fix invalid ptr dereference on item delete
Revert "ipc/shm: Fix shmat mmap nil-page protection"
ipc/shm: fix shmat() nil address after round-down when remapping
mm/kasan: don't vfree() nonexistent vm_area
kasan: free allocated shadow memory on MEM_CANCEL_ONLINE
kasan: fix memory hotplug during boot
kernel/sys.c: fix potential Spectre v1 issue
KVM/VMX: Expose SSBD properly to guests
KVM: s390: vsie: fix < 8k check for the itdba
KVM: x86: Update cpuid properly when CR4.OSXAVE or CR4.PKE is changed
kvm: x86: IA32_ARCH_CAPABILITIES is always supported
x86/kvm: fix LAPIC timer drift when guest uses periodic mode
powerpc/64s: Improve RFI L1-D cache flush fallback
powerpc/pseries: Support firmware disable of RFI flush
powerpc/powernv: Support firmware disable of RFI flush
powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
powerpc/rfi-flush: Always enable fallback flush on pseries
powerpc/rfi-flush: Differentiate enabled and patched flush types
powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
powerpc: Add security feature flags for Spectre/Meltdown
powerpc/pseries: Set or clear security feature flags
powerpc/powernv: Set or clear security feature flags
powerpc/64s: Move cpu_show_meltdown()
powerpc/64s: Enhance the information in cpu_show_meltdown()
powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
powerpc/64s: Wire up cpu_show_spectre_v1()
powerpc/64s: Wire up cpu_show_spectre_v2()
powerpc/pseries: Fix clearing of security feature flags
powerpc: Move default security feature flags
powerpc/pseries: Restore default security feature flags on setup
powerpc/64s: Fix section mismatch warnings from setup_rfi_flush()
powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit
MIPS: generic: Fix machine compatible matching
mac80211: mesh: fix wrong mesh TTL offset calculation
ARC: Fix malformed ARC_EMUL_UNALIGNED default
ptr_ring: prevent integer overflow when calculating size
arm64: dts: rockchip: fix rock64 gmac2io stability issues
arm64: dts: rockchip: correct ep-gpios for rk3399-sapphire
libata: Fix compile warning with ATA_DEBUG enabled
selftests: sync: missing CFLAGS while compiling
selftest/vDSO: fix O=
selftests: pstore: Adding config fragment CONFIG_PSTORE_RAM=m
selftests: memfd: add config fragment for fuse
ARM: OMAP2+: timer: fix a kmemleak caused in omap_get_timer_dt
ARM: OMAP3: Fix prm wake interrupt for resume
ARM: OMAP2+: Fix sar_base inititalization for HS omaps
ARM: OMAP1: clock: Fix debugfs_create_*() usage
ibmvnic: Wait until reset is complete to set carrier on
ibmvnic: Free RX socket buffer in case of adapter error
ibmvnic: Clean RX pool buffers during device close
tls: retrun the correct IV in getsockopt
xhci: workaround for AMD Promontory disabled ports wakeup
IB/uverbs: Fix method merging in uverbs_ioctl_merge
IB/uverbs: Fix possible oops with duplicate ioctl attributes
IB/uverbs: Fix unbalanced unlock on error path for rdma_explicit_destroy
arm64: dts: rockchip: Fix DWMMC clocks
ARM: dts: rockchip: Fix DWMMC clocks
iwlwifi: mvm: fix security bug in PN checking
iwlwifi: mvm: fix IBSS for devices that support station type API
iwlwifi: mvm: always init rs with 20mhz bandwidth rates
NFC: llcp: Limit size of SDP URI
rxrpc: Work around usercopy check
MD: Free bioset when md_run fails
md: fix md_write_start() deadlock w/o metadata devices
s390/dasd: fix handling of internal requests
xfrm: do not call rcu_read_unlock when afinfo is NULL in xfrm_get_tos
mac80211: round IEEE80211_TX_STATUS_HEADROOM up to multiple of 4
mac80211: fix a possible leak of station stats
mac80211: fix calling sleeping function in atomic context
cfg80211: clear wep keys after disconnection
mac80211: Do not disconnect on invalid operating class
mac80211: Fix sending ADDBA response for an ongoing session
gpu: ipu-v3: pre: fix device node leak in ipu_pre_lookup_by_phandle
gpu: ipu-v3: prg: fix device node leak in ipu_prg_lookup_by_phandle
md raid10: fix NULL deference in handle_write_completed()
drm/exynos: g2d: use monotonic timestamps
drm/exynos: fix comparison to bitshift when dealing with a mask
drm/meson: fix vsync buffer update
arm64: perf: correct PMUVer probing
RDMA/bnxt_re: Unpin SQ and RQ memory if QP create fails
RDMA/bnxt_re: Fix system crash during load/unload
ibmvnic: Check for NULL skb's in NAPI poll routine
net/mlx5e: Return error if prio is specified when offloading eswitch vlan push
locking/xchg/alpha: Add unconditional memory barrier to cmpxchg()
md: raid5: avoid string overflow warning
virtio_net: fix XDP code path in receive_small()
kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE
bug.h: work around GCC PR82365 in BUG()
selftests/memfd: add run_fuse_test.sh to TEST_FILES
seccomp: add a selftest for get_metadata
soc: imx: gpc: de-register power domains only if initialized
powerpc/bpf/jit: Fix 32-bit JIT for seccomp_data access
s390/cio: fix ccw_device_start_timeout API
s390/cio: fix return code after missing interrupt
s390/cio: clear timer when terminating driver I/O
selftests/bpf/test_maps: exit child process without error in ENOMEM case
PKCS#7: fix direct verification of SignerInfo signature
arm64: dts: cavium: fix PCI bus dtc warnings
nfs: system crashes after NFS4ERR_MOVED recovery
ARM: OMAP: Fix dmtimer init for omap1
smsc75xx: fix smsc75xx_set_features()
regulatory: add NUL to request alpha2
integrity/security: fix digsig.c build error with header file
x86/intel_rdt: Fix incorrect returned value when creating rdgroup sub-directory in resctrl file system
locking/xchg/alpha: Fix xchg() and cmpxchg() memory ordering bugs
x86/topology: Update the 'cpu cores' field in /proc/cpuinfo correctly across CPU hotplug operations
mac80211: drop frames with unexpected DS bits from fast-rx to slow path
arm64: fix unwind_frame() for filtered out fn for function graph tracing
macvlan: fix use-after-free in macvlan_common_newlink()
KVM: nVMX: Don't halt vcpu when L1 is injecting events to L2
kvm: fix warning for CONFIG_HAVE_KVM_EVENTFD builds
ARM: dts: imx6dl: Include correct dtsi file for Engicam i.CoreM6 DualLite/Solo RQS
fs: dcache: Avoid livelock between d_alloc_parallel and __d_add
fs: dcache: Use READ_ONCE when accessing i_dir_seq
md: fix a potential deadlock of raid5/raid10 reshape
md/raid1: fix NULL pointer dereference
batman-adv: fix packet checksum in receive path
batman-adv: invalidate checksum on fragment reassembly
netfilter: ipt_CLUSTERIP: put config struct if we can't increment ct refcount
netfilter: ipt_CLUSTERIP: put config instead of freeing it
netfilter: ebtables: convert BUG_ONs to WARN_ONs
batman-adv: Ignore invalid batadv_iv_gw during netlink send
batman-adv: Ignore invalid batadv_v_gw during netlink send
batman-adv: Fix netlink dumping of BLA claims
batman-adv: Fix netlink dumping of BLA backbones
nvme-pci: Fix nvme queue cleanup if IRQ setup fails
clocksource/drivers/fsl_ftm_timer: Fix error return checking
libceph, ceph: avoid memory leak when specifying same option several times
ceph: fix dentry leak when failing to init debugfs
xen/pvcalls: fix null pointer dereference on map->sock
ARM: orion5x: Revert commit
|
||
|
Toshiaki Makita
|
01a68a265e |
net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off
[ Upstream commit 4bbb3e0e8239f9079bf1fe20b3c0cb598714ae61 ]
When we have a bridge with vlan_filtering on and a vlan device on top of
it, packets would be corrupted in skb_vlan_untag() called from
br_dev_xmit().
The problem sits in skb_reorder_vlan_header() used in skb_vlan_untag(),
which makes use of skb->mac_len. In this function mac_len is meant for
handling rx path with vlan devices with reorder_header disabled, but in
tx path mac_len is typically 0 and cannot be used, which is the problem
in this case.
The current code even does not properly handle rx path (skb_vlan_untag()
called from __netif_receive_skb_core()) with reorder_header off actually.
In rx path single tag case, it works as follows:
- Before skb_reorder_vlan_header()
mac_header data
v v
+-------------------+-------------+------+----
| ETH | VLAN | ETH |
| ADDRS | TPID | TCI | TYPE |
+-------------------+-------------+------+----
<-------- mac_len --------->
<------------->
to be removed
- After skb_reorder_vlan_header()
mac_header data
v v
+-------------------+------+----
| ETH | ETH |
| ADDRS | TYPE |
+-------------------+------+----
<-------- mac_len --------->
This is ok, but in rx double tag case, it corrupts packets:
- Before skb_reorder_vlan_header()
mac_header data
v v
+-------------------+-------------+-------------+------+----
| ETH | VLAN | VLAN | ETH |
| ADDRS | TPID | TCI | TPID | TCI | TYPE |
+-------------------+-------------+-------------+------+----
<--------------- mac_len ---------------->
<------------->
should be removed
<--------------------------->
actually will be removed
- After skb_reorder_vlan_header()
mac_header data
v v
+-------------------+------+----
| ETH | ETH |
| ADDRS | TYPE |
+-------------------+------+----
<--------------- mac_len ---------------->
So, two of vlan tags are both removed while only inner one should be
removed and mac_header (and mac_len) is broken.
skb_vlan_untag() is meant for removing the vlan header at (skb->data - 2),
so use skb->data and skb->mac_header to calculate the right offset.
Reported-by: Brandon Carpenter <brandon.carpenter@cypherpath.com>
Fixes:
|
||
|
Eric Biggers
|
70147bbfcc |
BACKPORT, FROMLIST: fscrypt: add Speck128/256 support
fscrypt currently only supports AES encryption. However, many low-end mobile devices have older CPUs that don't have AES instructions, e.g. the ARMv8 Cryptography Extensions. Currently, user data on such devices is not encrypted at rest because AES is too slow, even when the NEON bit-sliced implementation of AES is used. Unfortunately, it is infeasible to encrypt these devices at all when AES is the only option. Therefore, this patch updates fscrypt to support the Speck block cipher, which was recently added to the crypto API. The C implementation of Speck is not especially fast, but Speck can be implemented very efficiently with general-purpose vector instructions, e.g. ARM NEON. For example, on an ARMv7 processor, we measured the NEON-accelerated Speck128/256-XTS at 69 MB/s for both encryption and decryption, while AES-256-XTS with the NEON bit-sliced implementation was only 22 MB/s encryption and 19 MB/s decryption. There are multiple variants of Speck. This patch only adds support for Speck128/256, which is the variant with a 128-bit block size and 256-bit key size -- the same as AES-256. This is believed to be the most secure variant of Speck, and it's only about 6% slower than Speck128/128. Speck64/128 would be at least 20% faster because it has 20% rounds, and it can be even faster on CPUs that can't efficiently do the 64-bit operations needed for Speck128. However, Speck64's 64-bit block size is not preferred security-wise. ARM NEON also supports the needed 64-bit operations even on 32-bit CPUs, resulting in Speck128 being fast enough for our targeted use cases so far. The chosen modes of operation are XTS for contents and CTS-CBC for filenames. These are the same modes of operation that fscrypt defaults to for AES. Note that as with the other fscrypt modes, Speck will not be used unless userspace chooses to use it. Nor are any of the existing modes (which are all AES-based) being removed, of course. We intentionally don't make CONFIG_FS_ENCRYPTION select CONFIG_CRYPTO_SPECK, so people will have to enable Speck support themselves if they need it. This is because we shouldn't bloat the FS_ENCRYPTION dependencies with every new cipher, especially ones that aren't recommended for most users. Moreover, CRYPTO_SPECK is just the generic implementation, which won't be fast enough for many users; in practice, they'll need to enable CRYPTO_SPECK_NEON to get acceptable performance. More details about our choice of Speck can be found in our patches that added Speck to the crypto API, and the follow-on discussion threads. We're planning a publication that explains the choice in more detail. But briefly, we can't use ChaCha20 as we previously proposed, since it would be insecure to use a stream cipher in this context, with potential IV reuse during writes on f2fs and/or on wear-leveling flash storage. We also evaluated many other lightweight and/or ARX-based block ciphers such as Chaskey-LTS, RC5, LEA, CHAM, Threefish, RC6, NOEKEON, SPARX, and XTEA. However, all had disadvantages vs. Speck, such as insufficient performance with NEON, much less published cryptanalysis, or an insufficient security level. Various design choices in Speck make it perform better with NEON than competing ciphers while still having a security margin similar to AES, and in the case of Speck128 also the same available security levels. Unfortunately, Speck does have some political baggage attached -- it's an NSA designed cipher, and was rejected from an ISO standard (though for context, as far as I know none of the above-mentioned alternatives are ISO standards either). Nevertheless, we believe it is a good solution to the problem from a technical perspective. Certain algorithms constructed from ChaCha or the ChaCha permutation, such as MEM (Masked Even-Mansour) or HPolyC, may also meet our performance requirements. However, these are new constructions that need more time to receive the cryptographic review and acceptance needed to be confident in their security. HPolyC hasn't been published yet, and we are concerned that MEM makes stronger assumptions about the underlying permutation than the ChaCha stream cipher does. In contrast, the XTS mode of operation is relatively well accepted, and Speck has over 70 cryptanalysis papers. Of course, these ChaCha-based algorithms can still be added later if they become ready. The best known attack on Speck128/256 is a differential cryptanalysis attack on 25 of 34 rounds with 2^253 time complexity and 2^125 chosen plaintexts, i.e. only marginally faster than brute force. There is no known attack on the full 34 rounds. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu> (cherry-picked from commit 12d28f79558f2e987c5f3817f89e1ccc0f11a7b5 https://git.kernel.org/pub/scm/linux/kernel/git/tytso/fscrypt.git master) (dropped Documentation/filesystems/fscrypt.rst change) (fixed merge conflict in fs/crypto/keyinfo.c) Change-Id: I62c632044dfd06a2c5b74c2fb058f9c3b8af0add Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
|
Greg Kroah-Hartman
|
6e962a34f1 |
Merge 4.14.44 into android-4.14
Changes in 4.14.44 net: Fix a bug in removing queues from XPS map net/mlx4_core: Fix error handling in mlx4_init_port_info. net/sched: fix refcnt leak in the error path of tcf_vlan_init() net: sched: red: avoid hashing NULL child net/smc: check for missing nlattrs in SMC_PNETID messages net: test tailroom before appending to linear skb packet: in packet_snd start writing at link layer allocation sock_diag: fix use-after-free read in __sk_free tcp: purge write queue in tcp_connect_init() vmxnet3: set the DMA mask before the first DMA map operation vmxnet3: use DMA memory barriers where required hv_netvsc: Fix the real number of queues of non-vRSS cases hv_netvsc: Rename ind_table to rx_table hv_netvsc: Rename tx_send_table to tx_table hv_netvsc: Add initialization of tx_table in netvsc_device_add() hv_netvsc: Set tx_table to equal weight after subchannels open hv_netvsc: netvsc_teardown_gpadl() split hv_netvsc: preserve hw_features on mtu/channels/ringparam changes hv_netvsc: empty current transmit aggregation if flow blocked hv_netvsc: Use the num_online_cpus() for channel limit hv_netvsc: avoid retry on send during shutdown hv_netvsc: only wake transmit queue if link is up hv_netvsc: fix error unwind handling if vmbus_open fails hv_netvsc: cancel subchannel setup before halting device hv_netvsc: fix race in napi poll when rescheduling hv_netvsc: defer queue selection to VF hv_netvsc: disable NAPI before channel close hv_netvsc: use RCU to fix concurrent rx and queue changes hv_netvsc: change GPAD teardown order on older versions hv_netvsc: common detach logic hv_netvsc: Use Windows version instead of NVSP version on GPAD teardown hv_netvsc: Split netvsc_revoke_buf() and netvsc_teardown_gpadl() hv_netvsc: Ensure correct teardown message sequence order hv_netvsc: Fix net device attach on older Windows hosts sparc: vio: use put_device() instead of kfree() ext2: fix a block leak s390: add assembler macros for CPU alternatives s390: move expoline assembler macros to a header s390/crc32-vx: use expoline for indirect branches s390/lib: use expoline for indirect branches s390/ftrace: use expoline for indirect branches s390/kernel: use expoline for indirect branches s390: move spectre sysfs attribute code s390: extend expoline to BC instructions s390: use expoline thunks in the BPF JIT scsi: libsas: defer ata device eh commands to libata scsi: sg: allocate with __GFP_ZERO in sg_build_indirect() scsi: zfcp: fix infinite iteration on ERP ready list loop: don't call into filesystem while holding lo_ctl_mutex loop: fix LOOP_GET_STATUS lock imbalance cfg80211: limit wiphy names to 128 bytes hfsplus: stop workqueue when fill_super() failed x86/kexec: Avoid double free_page() upon do_kexec_load() failure usb: gadget: f_uac2: fix bFirstInterface in composite gadget usb: dwc3: Undo PHY init if soft reset fails usb: dwc3: omap: don't miss events during suspend/resume usb: gadget: core: Fix use-after-free of usb_request usb: gadget: fsl_udc_core: fix ep valid checks usb: dwc2: Fix dwc2_hsotg_core_init_disconnected() usb: cdc_acm: prevent race at write to acm while system resumes net: usbnet: fix potential deadlock on 32bit hosts ARM: dts: imx7d-sdb: Fix regulator-usb-otg2-vbus node name usb: host: xhci-plat: revert "usb: host: xhci-plat: enable clk in resume timing" USB: OHCI: Fix NULL dereference in HCDs using HCD_LOCAL_MEM net/usb/qmi_wwan.c: Add USB id for lt4120 modem net-usb: add qmi_wwan if on lte modem wistron neweb d18q1 Bluetooth: btusb: Add USB ID 7392:a611 for Edimax EW-7611ULB ALSA: usb-audio: Add native DSD support for Luxman DA-06 usb: dwc3: Add SoftReset PHY synchonization delay usb: dwc3: Update DWC_usb31 GTXFIFOSIZ reg fields usb: dwc3: Makefile: fix link error on randconfig xhci: zero usb device slot_id member when disabling and freeing a xhci slot usb: dwc2: Fix interval type issue usb: dwc2: hcd: Fix host channel halt flow usb: dwc2: host: Fix transaction errors in host mode usb: gadget: ffs: Let setup() return USB_GADGET_DELAYED_STATUS usb: gadget: ffs: Execute copy_to_user() with USER_DS set usbip: Correct maximum value of CONFIG_USBIP_VHCI_HC_PORTS usb: gadget: udc: change comparison to bitshift when dealing with a mask usb: gadget: composite: fix incorrect handling of OS desc requests media: lgdt3306a: Fix module count mismatch on usb unplug media: em28xx: USB bulk packet size fix Bluetooth: btusb: Add device ID for RTL8822BE xhci: Show what USB release number the xHC supports from protocol capablity staging: bcm2835-audio: Release resources on module_exit() staging: lustre: fix bug in osc_enter_cache_try staging: fsl-dpaa2/eth: Fix incorrect casts staging: rtl8192u: return -ENOMEM on failed allocation of priv->oldaddr staging: ks7010: Use constants from ieee80211_eid instead of literal ints. staging: lustre: lmv: correctly iput lmo_root crypto: inside-secure - wait for the request to complete if in the backlog crypto: atmel-aes - fix the keys zeroing on errors crypto: ccp - don't disable interrupts while setting up debugfs crypto: inside-secure - do not process request if no command was issued crypto: inside-secure - fix the cache_len computation crypto: inside-secure - fix the extra cache computation crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss crypto: inside-secure - fix the invalidation step during cra_exit scsi: mpt3sas: fix an out of bound write scsi: qla2xxx: Fix memory corruption during hba reset test scsi: ufs: Enable quirk to ignore sending WRITE_SAME command scsi: bnx2fc: Fix check in SCSI completion handler for timed out request scsi: sym53c8xx_2: iterator underflow in sym_getsync() scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo() scsi: qla2xxx: Avoid triggering undefined behavior in qla2x00_mbx_completion() scsi: storvsc: Increase cmd_per_lun for higher speed devices scsi: qedi: Fix truncation of CHAP name and secret scsi: aacraid: fix shutdown crash when init fails scsi: qla4xxx: skip error recovery in case of register disconnect. scsi: qedi: Fix kernel crash during port toggle scsi: mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM scsi: sd: Keep disk read-only when re-reading partition scsi: iscsi_tcp: set BDI_CAP_STABLE_WRITES when data digest enabled scsi: aacraid: Insure command thread is not recursively stopped scsi: core: Make SCSI Status CONDITION MET equivalent to GOOD scsi: mvsas: fix wrong endianness of sgpio api scsi: lpfc: Fix issue_lip if link is disabled scsi: lpfc: Fix soft lockup in lpfc worker thread during LIP testing scsi: lpfc: Fix frequency of Release WQE CQEs ASoC: hdmi-codec: Fix module unloading caused kernel crash ASoC: rockchip: rk3288-hdmi-analog: Select needed codecs ASoC: samsung: odroid: Fix 32000 sample rate handling ASoC: topology: create TLV data for dapm widgets ASoC: samsung: i2s: Ensure the RCLK rate is properly determined clk: rockchip: Fix wrong parent for SDMMC phase clock for rk3228 clk: Don't show the incorrect clock phase clk: hisilicon: mark wdt_mux_p[] as const clk: tegra: Fix pll_u rate configuration clk: rockchip: Prevent calculating mmc phase if clock rate is zero clk: samsung: s3c2410: Fix PLL rates clk: samsung: exynos7: Fix PLL rates clk: samsung: exynos5260: Fix PLL rates clk: samsung: exynos5433: Fix PLL rates clk: samsung: exynos5250: Fix PLL rates clk: samsung: exynos3250: Fix PLL rates media: dmxdev: fix error code for invalid ioctls media: Don't let tvp5150_get_vbi() go out of vbi_ram_default array media: ov5645: add missing of_node_put() in error path media: cx23885: Override 888 ImpactVCBe crystal frequency media: cx23885: Set subdev host data to clk_freq pointer media: s3c-camif: fix out-of-bounds array access media: lgdt3306a: Fix a double kfree on i2c device remove media: em28xx: Add Hauppauge SoloHD/DualHD bulk models media: v4l: vsp1: Fix display stalls when requesting too many inputs media: i2c: adv748x: fix HDMI field heights media: vb2: Fix videobuf2 to map correct area media: vivid: fix incorrect capabilities for radio media: cx25821: prevent out-of-bounds read on array card serial: xuartps: Fix out-of-bounds access through DT alias serial: sh-sci: Fix out-of-bounds access through DT alias serial: samsung: Fix out-of-bounds access through serial port index serial: mxs-auart: Fix out-of-bounds access through serial port index serial: imx: Fix out-of-bounds access through serial port index serial: fsl_lpuart: Fix out-of-bounds access through DT alias serial: arc_uart: Fix out-of-bounds access through DT alias serial: 8250: Don't service RX FIFO if interrupts are disabled serial: altera: ensure port->regshift is honored consistently rtc: snvs: Fix usage of snvs_rtc_enable rtc: hctosys: Ensure system time doesn't overflow time_t rtc: rk808: fix possible race condition rtc: m41t80: fix race conditions rtc: tx4939: avoid unintended sign extension on a 24 bit shift rtc: rp5c01: fix possible race condition rtc: goldfish: Add missing MODULE_LICENSE Linux 4.14.44 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Johannes Berg
|
9f2c35864a |
cfg80211: limit wiphy names to 128 bytes
commit a7cfebcb7594a24609268f91299ab85ba064bf82 upstream. There's currently no limit on wiphy names, other than netlink message size and memory limitations, but that causes issues when, for example, the wiphy name is used in a uevent, e.g. in rfkill where we use the same name for the rfkill instance, and then the buffer there is "only" 2k for the environment variables. This was reported by syzkaller, which used a 4k name. Limit the name to something reasonable, I randomly picked 128. Reported-by: syzbot+230d9e642a85d3fec29c@syzkaller.appspotmail.com Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
4c9e0a9b25 |
Merge 4.14.43 into android-4.14
Changes in 4.14.43
usbip: usbip_host: refine probe and disconnect debug msgs to be useful
usbip: usbip_host: delete device from busid_table after rebind
usbip: usbip_host: run rebind from exit when module is removed
usbip: usbip_host: fix NULL-ptr deref and use-after-free errors
usbip: usbip_host: fix bad unlock balance during stub_probe()
ALSA: usb: mixer: volume quirk for CM102-A+/102S+
ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist
ALSA: control: fix a redundant-copy issue
spi: pxa2xx: Allow 64-bit DMA
spi: bcm-qspi: Avoid setting MSPI_CDRAM_PCS for spi-nor master
spi: bcm-qspi: Always read and set BSPI_MAST_N_BOOT_CTRL
KVM: arm/arm64: VGIC/ITS save/restore: protect kvm_read_guest() calls
KVM: arm/arm64: VGIC/ITS: protect kvm_read_guest() calls with SRCU lock
powerpc: Don't preempt_disable() in show_cpuinfo()
vfio: ccw: fix cleanup if cp_prefetch fails
tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all}
tee: shm: fix use-after-free via temporarily dropped reference
netfilter: nf_tables: free set name in error path
netfilter: nf_tables: can't fail after linking rule into active rule list
netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6}
i2c: designware: fix poll-after-enable regression
powerpc/powernv: Fix NVRAM sleep in invalid context when crashing
drm: Match sysfs name in link removal to link creation
lib/test_bitmap.c: fix bitmap optimisation tests to report errors correctly
radix tree: fix multi-order iteration race
mm: don't allow deferred pages with NEED_PER_CPU_KM
drm/i915/gen9: Add WaClearHIZ_WM_CHICKEN3 for bxt and glk
s390/qdio: fix access to uninitialized qdio_q fields
s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero
s390/qdio: don't release memory in qdio_setup_irq()
s390: remove indirect branch from do_softirq_own_stack
x86/pkeys: Override pkey when moving away from PROT_EXEC
x86/pkeys: Do not special case protection key 0
efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode
ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr
x86/mm: Drop TS_COMPAT on 64-bit exec() syscall
tick/broadcast: Use for_each_cpu() specially on UP kernels
ARM: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed
ARM: 8770/1: kprobes: Prohibit probing on optimized_callback
ARM: 8772/1: kprobes: Prohibit kprobes on get_user functions
Btrfs: fix xattr loss after power failure
Btrfs: send, fix invalid access to commit roots due to concurrent snapshotting
btrfs: property: Set incompat flag if lzo/zstd compression is set
btrfs: fix crash when trying to resume balance without the resume flag
btrfs: Split btrfs_del_delalloc_inode into 2 functions
btrfs: Fix delalloc inodes invalidation during transaction abort
btrfs: fix reading stale metadata blocks after degraded raid1 mounts
x86/nospec: Simplify alternative_msr_write()
x86/bugs: Concentrate bug detection into a separate function
x86/bugs: Concentrate bug reporting into a separate function
x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
x86/bugs, KVM: Support the combination of guest and host IBRS
x86/bugs: Expose /sys/../spec_store_bypass
x86/cpufeatures: Add X86_FEATURE_RDS
x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation
x86/bugs/intel: Set proper CPU features and setup RDS
x86/bugs: Whitelist allowed SPEC_CTRL MSR values
x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
x86/speculation: Create spec-ctrl.h to avoid include hell
prctl: Add speculation control prctls
x86/process: Allow runtime control of Speculative Store Bypass
x86/speculation: Add prctl for Speculative Store Bypass mitigation
nospec: Allow getting/setting on non-current task
proc: Provide details on speculation flaw mitigations
seccomp: Enable speculation flaw mitigations
x86/bugs: Make boot modes __ro_after_init
prctl: Add force disable speculation
seccomp: Use PR_SPEC_FORCE_DISABLE
seccomp: Add filter flag to opt-out of SSB mitigation
seccomp: Move speculation migitation control to arch code
x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass
x86/bugs: Rename _RDS to _SSBD
proc: Use underscores for SSBD in 'status'
Documentation/spec_ctrl: Do some minor cleanups
x86/bugs: Fix __ssb_select_mitigation() return type
x86/bugs: Make cpu_show_common() static
x86/bugs: Fix the parameters alignment and missing void
x86/cpu: Make alternative_msr_write work for 32-bit code
KVM: SVM: Move spec control call after restore of GS
x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP
x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS
x86/cpufeatures: Disentangle SSBD enumeration
x86/cpufeatures: Add FEATURE_ZEN
x86/speculation: Handle HT correctly on AMD
x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL
x86/speculation: Add virtualized speculative store bypass disable support
x86/speculation: Rework speculative_store_bypass_update()
x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host}
x86/bugs: Expose x86_spec_ctrl_base directly
x86/bugs: Remove x86_spec_ctrl_set()
x86/bugs: Rework spec_ctrl base and mask logic
x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG
KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD
x86/bugs: Rename SSBD_NO to SSB_NO
Linux 4.14.43
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Kees Cook
|
9939db75cd |
seccomp: Add filter flag to opt-out of SSB mitigation
commit 00a02d0c502a06d15e07b857f8ff921e3e402675 upstream If a seccomp user is not interested in Speculative Store Bypass mitigation by default, it can set the new SECCOMP_FILTER_FLAG_SPEC_ALLOW flag when adding filters. Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Thomas Gleixner
|
20d036a2e2 |
prctl: Add force disable speculation
commit 356e4bfff2c5489e016fdb925adbf12a1e3950ee upstream For certain use cases it is desired to enforce mitigations so they cannot be undone afterwards. That's important for loader stubs which want to prevent a child from disabling the mitigation again. Will also be used for seccomp(). The extra state preserving of the prctl state for SSB is a preparatory step for EBPF dymanic speculation control. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Thomas Gleixner
|
33f6a06810 |
prctl: Add speculation control prctls
commit b617cfc858161140d69cc0b5cc211996b557a1c7 upstream
Add two new prctls to control aspects of speculation related vulnerabilites
and their mitigations to provide finer grained control over performance
impacting mitigations.
PR_GET_SPECULATION_CTRL returns the state of the speculation misfeature
which is selected with arg2 of prctl(2). The return value uses bit 0-2 with
the following meaning:
Bit Define Description
0 PR_SPEC_PRCTL Mitigation can be controlled per task by
PR_SET_SPECULATION_CTRL
1 PR_SPEC_ENABLE The speculation feature is enabled, mitigation is
disabled
2 PR_SPEC_DISABLE The speculation feature is disabled, mitigation is
enabled
If all bits are 0 the CPU is not affected by the speculation misfeature.
If PR_SPEC_PRCTL is set, then the per task control of the mitigation is
available. If not set, prctl(PR_SET_SPECULATION_CTRL) for the speculation
misfeature will fail.
PR_SET_SPECULATION_CTRL allows to control the speculation misfeature, which
is selected by arg2 of prctl(2) per task. arg3 is used to hand in the
control value, i.e. either PR_SPEC_ENABLE or PR_SPEC_DISABLE.
The common return values are:
EINVAL prctl is not implemented by the architecture or the unused prctl()
arguments are not 0
ENODEV arg2 is selecting a not supported speculation misfeature
PR_SET_SPECULATION_CTRL has these additional return values:
ERANGE arg3 is incorrect, i.e. it's not either PR_SPEC_ENABLE or PR_SPEC_DISABLE
ENXIO prctl control of the selected speculation misfeature is disabled
The first supported controlable speculation misfeature is
PR_SPEC_STORE_BYPASS. Add the define so this can be shared between
architectures.
Based on an initial patch from Tim Chen and mostly rewritten.
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Ingo Molnar <mingo@kernel.org>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Greg Kroah-Hartman
|
3f8d1912e9 |
Merge 4.14.38 into android-4.14
Changes in 4.14.38
Revert "pinctrl: intel: Initialize GPIO properly when used through irqchip"
drm: bridge: dw-hdmi: Fix overflow workaround for Amlogic Meson GX SoCs
i40e: Fix attach VF to VM issue
tpm: cmd_ready command can be issued only after granting locality
tpm: tpm-interface: fix tpm_transmit/_cmd kdoc
tpm: add retry logic
Revert "ath10k: send (re)assoc peer command when NSS changed"
bonding: do not set slave_dev npinfo before slave_enable_netpoll in bond_enslave
ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy
ipv6: sr: fix NULL pointer dereference in seg6_do_srh_encap()- v4 pkts
KEYS: DNS: limit the length of option strings
l2tp: check sockaddr length in pppol2tp_connect()
net: validate attribute sizes in neigh_dump_table()
llc: delete timers synchronously in llc_sk_free()
tcp: don't read out-of-bounds opsize
net: af_packet: fix race in PACKET_{R|T}X_RING
tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets
net: fix deadlock while clearing neighbor proxy table
team: avoid adding twice the same option to the event list
net/smc: fix shutdown in state SMC_LISTEN
team: fix netconsole setup over team
packet: fix bitfield update race
tipc: add policy for TIPC_NLA_NET_ADDR
pppoe: check sockaddr length in pppoe_connect()
vlan: Fix reading memory beyond skb->tail in skb_vlan_tagged_multi
amd-xgbe: Add pre/post auto-negotiation phy hooks
sctp: do not check port in sctp_inet6_cmp_addr
amd-xgbe: Improve KR auto-negotiation and training
strparser: Do not call mod_delayed_work with a timeout of LONG_MAX
amd-xgbe: Only use the SFP supported transceiver signals
strparser: Fix incorrect strp->need_bytes value.
net: sched: ife: signal not finding metaid
tcp: clear tp->packets_out when purging write queue
net: sched: ife: handle malformed tlv length
net: sched: ife: check on metadata length
llc: hold llc_sap before release_sock()
llc: fix NULL pointer deref for SOCK_ZAPPED
net: ethernet: ti: cpsw: fix tx vlan priority mapping
virtio_net: split out ctrl buffer
virtio_net: fix adding vids on big-endian
s390: introduce CPU alternatives
s390: enable CPU alternatives unconditionally
KVM: s390: wire up bpb feature
s390: scrub registers on kernel entry and KVM exit
s390: add optimized array_index_mask_nospec
s390/alternative: use a copy of the facility bit mask
s390: add options to change branch prediction behaviour for the kernel
s390: run user space and KVM guests with modified branch prediction
s390: introduce execute-trampolines for branches
KVM: s390: force bp isolation for VSIE
s390: Replace IS_ENABLED(EXPOLINE_*) with IS_ENABLED(CONFIG_EXPOLINE_*)
s390: do not bypass BPENTER for interrupt system calls
s390/entry.S: fix spurious zeroing of r0
s390: move nobp parameter functions to nospec-branch.c
s390: add automatic detection of the spectre defense
s390: report spectre mitigation via syslog
s390: add sysfs attributes for spectre
s390: correct nospec auto detection init order
s390: correct module section names for expoline code revert
microblaze: Setup dependencies for ASM optimized lib functions
arm64: dts: rockchip: remove vdd_log from rk3399-puma
Revert "mm/hmm: fix header file if/else/endif maze"
commoncap: Handle memory allocation failure.
scsi: mptsas: Disable WRITE SAME
cdrom: information leak in cdrom_ioctl_media_changed()
fsnotify: Fix fsnotify_mark_connector race
m68k/mac: Don't remap SWIM MMIO region
block/swim: Check drive type
block/swim: Don't log an error message for an invalid ioctl
block/swim: Remove extra put_disk() call from error path
block/swim: Rename macros to avoid inconsistent inverted logic
block/swim: Select appropriate drive on device open
block/swim: Fix array bounds check
block/swim: Fix IO error at end of medium
tracing: Fix missing tab for hwlat_detector print format
s390/cio: update chpid descriptor after resource accessibility event
s390/dasd: fix IO error for newly defined devices
s390/uprobes: implement arch_uretprobe_is_alive()
ACPI / video: Only default only_lcd to true on Win8-ready _desktops_
Linux 4.14.38
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|