Pull key subsystem fixes from James Morris:
"Here are a bunch of fixes for Linux keyrings, including:
- Fix up the refcount handling now that key structs use the
refcount_t type and the refcount_t ops don't allow a 0->1
transition.
- Fix a potential NULL deref after error in x509_cert_parse().
- Don't put data for the crypto algorithms to use on the stack.
- Fix the handling of a null payload being passed to add_key().
- Fix incorrect cleanup an uninitialised key_preparsed_payload in
key_update().
- Explicit sanitisation of potentially secure data before freeing.
- Fixes for the Diffie-Helman code"
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (23 commits)
KEYS: fix refcount_inc() on zero
KEYS: Convert KEYCTL_DH_COMPUTE to use the crypto KPP API
crypto : asymmetric_keys : verify_pefile:zero memory content before freeing
KEYS: DH: add __user annotations to keyctl_kdf_params
KEYS: DH: ensure the KDF counter is properly aligned
KEYS: DH: don't feed uninitialized "otherinfo" into KDF
KEYS: DH: forbid using digest_null as the KDF hash
KEYS: sanitize key structs before freeing
KEYS: trusted: sanitize all key material
KEYS: encrypted: sanitize all key material
KEYS: user_defined: sanitize key payloads
KEYS: sanitize add_key() and keyctl() key payloads
KEYS: fix freeing uninitialized memory in key_update()
KEYS: fix dereferencing NULL payload with nonzero length
KEYS: encrypted: use constant-time HMAC comparison
KEYS: encrypted: fix race causing incorrect HMAC calculations
KEYS: encrypted: fix buffer overread in valid_master_desc()
KEYS: encrypted: avoid encrypting/decrypting stack buffers
KEYS: put keyring if install_session_keyring_to_cred() fails
KEYS: Delete an error message for a failed memory allocation in get_derived_key()
...
Make use of recently implemented stack_depth tracking for arm64 JIT,
so that stack usage can be reduced heavily for programs not using
tail calls at least.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Pull hexagon fix from Guenter Roeck:
"This fixes a build error seen when building hexagon images.
Richard sent me an Ack, but didn't reply when asked if he wants me to
send the patch to you directly, so I figured I'd just do it"
* tag 'hexagon-for-linus-v4.12-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging:
hexagon: Use raw_copy_to_user
INFO: task gnome-terminal-:1734 blocked for more than 120 seconds.
Not tainted 4.12.0-rc4+ #8
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
gnome-terminal- D 0 1734 1015 0x00000000
Call Trace:
__schedule+0x3cd/0xb30
schedule+0x40/0x90
kvm_async_pf_task_wait+0x1cc/0x270
? __vfs_read+0x37/0x150
? prepare_to_swait+0x22/0x70
do_async_page_fault+0x77/0xb0
? do_async_page_fault+0x77/0xb0
async_page_fault+0x28/0x30
This is triggered by running both win7 and win2016 on L1 KVM simultaneously,
and then gives stress to memory on L1, I can observed this hang on L1 when
at least ~70% swap area is occupied on L0.
This is due to async pf was injected to L2 which should be injected to L1,
L2 guest starts receiving pagefault w/ bogus %cr2(apf token from the host
actually), and L1 guest starts accumulating tasks stuck in D state in
kvm_async_pf_task_wait() since missing PAGE_READY async_pfs.
This patch fixes the hang by doing async pf when executing L1 guest.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Cc: stable@vger.kernel.org
Signed-off-by: Wanpeng Li <wanpeng.li@hotmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit ac4691fac8 ("hexagon: switch to RAW_COPY_USER") replaced
__copy_to_user_hexagon() with raw_copy_to_user(), but did not catch
all callers, resulting in the following build error.
arch/hexagon/mm/uaccess.c: In function '__clear_user_hexagon':
arch/hexagon/mm/uaccess.c:40:3: error:
implicit declaration of function '__copy_to_user_hexagon'
Fixes: ac4691fac8 ("hexagon: switch to RAW_COPY_USER")
Cc: Al Viro <viro@zeniv.linux.org.uk>
Acked-by: Al Viro <viro@zeniv.linux.org.uk>
Acked-by: Richard Kuo <rkuo@codeaurora.org>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Orabug: 20902628
When an ldc control-only packet is received during data exchange in
read_nonraw(), a new rx head is calculated but the rx queue head is not
actually advanced (rx_set_head() is not called) and a branch is taken to
'no_data' at which point two things can happen depending on the value
of the newly calculated rx head and the current rx tail:
- If the rx queue is determined to be not empty, then the wrong packet
is picked up.
- If the rx queue is determined to be empty, then a read error (EAGAIN)
is eventually returned since it is falsely assumed that more data was
expected.
The fix is to update the rx head and return in case of a control only
packet during data exchange.
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Reviewed-by: Aaron Young <aaron.young@oracle.com>
Reviewed-by: Alexandre Chartre <alexandre.chartre@oracle.com>
Reviewed-by: Bijan Mottahedeh <bijan.mottahedeh@oracle.com>
Reviewed-by: Liam Merwick <liam.merwick@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Add the following LDC APIs which are planned to be used by
LDC clients in the future:
- ldc_set_state: Sets given LDC channel to given state
- ldc_mode: Returns the mode of given LDC channel
- ldc_print: Prints info about given LDC channel
- ldc_rx_reset: Reset the RX queue of given LDC channel
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Reviewed-by: Aaron Young <aaron.young@oracle.com>
Reviewed-by: Alexandre Chartre <alexandre.chartre@oracle.com>
Reviewed-by: Bijan Mottahedeh <bijan.mottahedeh@oracle.com>
Reviewed-by: Liam Merwick <liam.merwick@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Pull x86 fixes from Ingo Molnar:
"Misc fixes: a Geode fix plus a microcode loader fix"
* 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
x86/microcode/intel: Clear patch pointer before jettisoning the initrd
x86/cpu/cyrix: Add alternative Device ID of Geode GX1 SoC
Generate new defconfig to get rid of obsolete Kconfig entries:
- BUGVERBOSE was changed into DEBUG_BUGVERBOSE and will be enabled by
default (it is useful);
- DETECT_SOFTLOCKUP was changed into LOCKUP_DETECTOR;
- rest of entries is being removed by default values;
Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Acked-by: Arnd Bergmann <arnd@arndb.de>
Generate new defconfig to get rid of obsolete Kconfig entries:
- S3C_LOWLEVEL_UART_PORT and S3C_DEV_FB are invalid for S5P;
- S5PV210_SETUP_FB_24BPP is gone;
- rest of entries is being removed by default values;
Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Acked-by: Arnd Bergmann <arnd@arndb.de>
Generate new defconfig to get rid of obsolete Kconfig entries:
- S3C_BOOT_ERROR_RESET, SND_S3C24XX_SOC and SND_SOC_SMDK_WM9713 are
gone;
- rest of entries is being removed by default values;
Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Acked-by: Arnd Bergmann <arnd@arndb.de>
Generate new defconfig to get rid of obsolete Kconfig entries:
- NET_ETHERNET, SND_S3C24XX_SOC are gone;
- CRYPTO_FIPS is changed to no (cannot be part of module);
- BINFMT_AOUT cannot be selected anymore;
- rest of entries is being removed by default values;
Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Acked-by: Arnd Bergmann <arnd@arndb.de>
Generate new defconfig to get rid of obsolete Kconfig entries:
- S3C_BOOT_ERROR_RESET, SMDK2440_CPU2442 are gone;
- ARM_THUMB is changed to yes (selected by default);
- BINFMT_AOUT cannot be selected anymore;
- rest of entries is being removed by default values;
Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Acked-by: Arnd Bergmann <arnd@arndb.de>
Generate new defconfig to get rid of obsolete Kconfig entries:
- RFKILL_REGULATOR is gone;
- COMMON_CLK_MAX77802 was merged into COMMON_CLK_MAX77686;
Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Acked-by: Arnd Bergmann <arnd@arndb.de>
The config was not updated for some time so it needs updates to get the
same options as wanted initially:
- SYSFS_DEPRECATED is now needed for SYSFS_DEPRECATED_V2;
- DEBUG_SPINLOCK_SLEEP was replaced by DEBUG_ATOMIC_SLEEP;
- Use proper DEBUG_S3C_UART1 for UART1;
Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Acked-by: Arnd Bergmann <arnd@arndb.de>
The config was not updated for some time so it needs updates to get the
same options as wanted initially:
- SYSFS_DEPRECATED is now needed for SYSFS_DEPRECATED_V2;
- PWM is now needed for BACKLIGHT_PWM;
- DEBUG_SPINLOCK_SLEEP was replaced by DEBUG_ATOMIC_SLEEP;
Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Acked-by: Arnd Bergmann <arnd@arndb.de>
The config was not updated for some time so it needs updates to get the
same options as wanted initially:
- IP_NF_TARGET_LOG was replaced by NETFILTER_XT_TARGET_LOG;
- NF_NAT was replaced by IP_NF_NAT;
- SERIAL_DEV_BUS is now needed for BT_HCIUART_LL;
- TPS65010 is now needed for MACH_OSIRIS_DVS;
- DMADEVICES and S3C24XX_DMAC are now needed for MMC_S3C;
Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Acked-by: Arnd Bergmann <arnd@arndb.de>
The config was not updated for some time so it needs updates to get the
same options as wanted initially:
- SYSFS_DEPRECATED is now needed for SYSFS_DEPRECATED_V2;
- USB_GADGET_S3C2410 was replaced by USB_S3C2410;
Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Acked-by: Arnd Bergmann <arnd@arndb.de>
The config was not updated for some time so it needs updates to get the
same options as wanted initially:
- SERIAL_DEV_BUS is now needed for BT_HCIUART_LL;
- USB_GADGET_S3C2410 was replaced by USB_S3C2410;
- S3C24XX_DMAC is now needed for MMC_S3C;
Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Acked-by: Arnd Bergmann <arnd@arndb.de>
Re-order entries just like savedefconfig would do so it will be easier
to review the changes before actual savedefconfig.
Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Acked-by: Arnd Bergmann <arnd@arndb.de>
The Orange Pi Plus 2E, unlike the Orange Pi PC and PC Plus which its
schematics are based on, uses an external Realtek RTL8211E PHY in
RGMII mode, with a GPIO enabling the regulator for I/O signalling
power supplies. The PHY's main power supply is enabled by the main
5V power supply.
Add the regulator and PHY nodes, and override the PHY phandle under
the EMAC node, so that the EMAC works properly on this board.
Signed-off-by: Chen-Yu Tsai <wens@csie.org>
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
Pull IOMMU fixes from Joerg Roedel:
- another compile-fix for my header cleanup
- a couple of fixes for the recently merged IOMMU probe deferal code
- fixes for ACPI/IORT code necessary with IOMMU probe deferal
* tag 'iommu-fixes-v4.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu:
arm: dma-mapping: Reset the device's dma_ops
ACPI/IORT: Move the check to get iommu_ops from translated fwspec
ARM: dma-mapping: Don't tear down third-party mappings
ACPI/IORT: Ignore all errors except EPROBE_DEFER
iommu/of: Ignore all errors except EPROBE_DEFER
iommu/of: Fix check for returning EPROBE_DEFER
iommu/dma: Fix function declaration
This removes the dummy clk81 gate and replaces it with the actual clock
controller's CLKID_CLK81. This will also allow us to pass the real clock
IDs to all devices where the clock is controlled by clkc in the future.
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Acked-by: Jerome Brunet <jbrunet@baylibre.com>
Signed-off-by: Kevin Hilman <khilman@baylibre.com>
Select COMMON_CLK_MESON8B also for MACH_MESON8 since the Meson8b clock
controller driver can also be used on Meson8 SoCs now that we have a
separate compatible for it.
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Acked-by: Jerome Brunet <jbrunet@baylibre.com>
Signed-off-by: Kevin Hilman <khilman@baylibre.com>
Pull powerpc fixes from Michael Ellerman:
"Mostly fairly minor, of note are:
- Fix percpu allocations to be NUMA aware
- Limit 4k page size config to 64TB virtual address space
- Avoid needlessly restoring FP and vector registers
Thanks to Aneesh Kumar K.V, Breno Leitao, Christophe Leroy, Frederic
Barrat, Madhavan Srinivasan, Michael Bringmann, Nicholas Piggin,
Vaibhav Jain"
* tag 'powerpc-4.12-5' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
powerpc/book3s64: Move PPC_DT_CPU_FTRs and enable it by default
powerpc/mm/4k: Limit 4k page size config to 64TB virtual address space
cxl: Fix error path on bad ioctl
powerpc/perf: Fix Power9 test_adder fields
powerpc/numa: Fix percpu allocations to be NUMA aware
cxl: Avoid double free_irq() for psl,slice interrupts
powerpc/kernel: Initialize load_tm on task creation
powerpc/kernel: Fix FP and vector register restoration
powerpc/64: Reclaim CPU_FTR_SUBCORE
powerpc/hotplug-mem: Fix missing endian conversion of aa_index
powerpc/sysdev/simple_gpio: Fix oops in gpio save_regs function
powerpc/spufs: Fix coredump of SPU contexts
powerpc/64s: Add dt_cpu_ftrs boot time setup option
Pull ARM SoC fixes from Olof Johansson:
"Been sitting on these for a couple of weeks waiting on some larger
batches to come in but it's been pretty quiet.
Just your garden variety fixes here:
- A few maintainers updates (ep93xx, Exynos, TI, Marvell)
- Some PM fixes for Atmel/at91 and Marvell
- A few DT fixes for Marvell, Versatile, TI Keystone, bcm283x
- A reset driver patch to set module license for symbol access"
* tag 'armsoc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc:
MAINTAINERS: EP93XX: Update maintainership
MAINTAINERS: remove kernel@stlinux.com obsolete mailing list
ARM: dts: versatile: use #include "..." to include local DT
MAINTAINERS: add device-tree files to TI DaVinci entry
ARM: at91: select CONFIG_ARM_CPU_SUSPEND
ARM: dts: keystone-k2l: fix broken Ethernet due to disabled OSR
arm64: defconfig: enable some core options for 64bit Rockchip socs
arm64: marvell: dts: fix interrupts in 7k/8k crypto nodes
reset: hi6220: Set module license so that it can be loaded
MAINTAINERS: add irqchip related drivers to Marvell EBU maintainers
MAINTAINERS: sort F entries for Marvell EBU maintainers
ARM: davinci: PM: Do not free useful resources in normal path in 'davinci_pm_init'
ARM: davinci: PM: Free resources in error handling path in 'davinci_pm_init'
ARM: dts: bcm283x: Reserve first page for firmware
memory: atmel-ebi: mark PM ops as __maybe_unused
MAINTAINERS: Remove Javier Martinez Canillas as reviewer for Exynos
The at24 driver allows to register I2C EEPROM chips using different vendor
and devices, but the I2C subsystem does not take the vendor into account
when matching using the I2C table since it only has device entries.
But when matching using an OF table, both the vendor and device has to be
taken into account so the driver defines only a set of compatible strings
using the "atmel" vendor as a generic fallback for compatible I2C devices.
So add this generic fallback to the device node compatible string to make
the device to match the driver using the OF device ID table.
Signed-off-by: Javier Martinez Canillas <javier@dowhile0.org>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
The pmem driver has a need to transfer data with a persistent memory
destination and be able to rely on the fact that the destination writes are not
cached. It is sufficient for the writes to be flushed to a cpu-store-buffer
(non-temporal / "movnt" in x86 terms), as we expect userspace to call fsync()
to ensure data-writes have reached a power-fail-safe zone in the platform. The
fsync() triggers a REQ_FUA or REQ_FLUSH to the pmem driver which will turn
around and fence previous writes with an "sfence".
Implement a __copy_from_user_inatomic_flushcache, memcpy_page_flushcache, and
memcpy_flushcache, that guarantee that the destination buffer is not dirty in
the cpu cache on completion. The new copy_from_iter_flushcache and sub-routines
will be used to replace the "pmem api" (include/linux/pmem.h +
arch/x86/include/asm/pmem.h). The availability of copy_from_iter_flushcache()
and memcpy_flushcache() are gated by the CONFIG_ARCH_HAS_UACCESS_FLUSHCACHE
config symbol, and fallback to copy_from_iter_nocache() and plain memcpy()
otherwise.
This is meant to satisfy the concern from Linus that if a driver wants to do
something beyond the normal nocache semantics it should be something private to
that driver [1], and Al's concern that anything uaccess related belongs with
the rest of the uaccess code [2].
The first consumer of this interface is a new 'copy_from_iter' dax operation so
that pmem can inject cache maintenance operations without imposing this
overhead on other dax-capable drivers.
[1]: https://lists.01.org/pipermail/linux-nvdimm/2017-January/008364.html
[2]: https://lists.01.org/pipermail/linux-nvdimm/2017-April/009942.html
Cc: <x86@kernel.org>
Cc: Jan Kara <jack@suse.cz>
Cc: Jeff Moyer <jmoyer@redhat.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Christoph Hellwig <hch@lst.de>
Cc: Toshi Kani <toshi.kani@hpe.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Matthew Wilcox <mawilcox@microsoft.com>
Reviewed-by: Ross Zwisler <ross.zwisler@linux.intel.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Currently we use nornal Linux errno values in the block layer, and while
we accept any error a few have overloaded magic meanings. This patch
instead introduces a new blk_status_t value that holds block layer specific
status codes and explicitly explains their meaning. Helpers to convert from
and to the previous special meanings are provided for now, but I suspect
we want to get rid of them in the long run - those drivers that have a
errno input (e.g. networking) usually get errnos that don't know about
the special block layer overloads, and similarly returning them to userspace
will usually return somethings that strictly speaking isn't correct
for file system operations, but that's left as an exercise for later.
For now the set of errors is a very limited set that closely corresponds
to the previous overloaded errno values, but there is some low hanging
fruite to improve it.
blk_status_t (ab)uses the sparse __bitwise annotations to allow for sparse
typechecking, so that we can easily catch places passing the wrong values.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Jens Axboe <axboe@fb.com>
Add basic support for stm32h743i-discovery board
This board offers :
_ 2MBytes Flash
_ 1 x micro USB OTG port
_ 1 x STLink connector (micro USB)
_ 1 x micro SD card slot
_ 1 x RJ45 connector
_ 1 x RCA connector
_ 2 x Audio jack connectors (in and out)
_ 2 x speaker connectors (left and right)
_ 1 x joystick
_ 1 x DCMI connector (Digital camera interface)
_ 1 x 4 inch DSI LCD (Display Serial Interface)
_ Arduino Uno Connectors
_ 2 x PIO connectors (PMOD and PMOD+)
_ 1 x wakeup button
_ 1 x reset button
Signed-off-by: Patrice Chotard <patrice.chotard@st.com>
Signed-off-by: Alexandre TORGUE <alexandre.torgue@st.com>
Add usart2 pins definition in order to add usart2 support
dedicated for console output on stm32h743i-disco board.
Signed-off-by: Patrice Chotard <patrice.chotard@st.com>
Signed-off-by: Alexandre TORGUE <alexandre.torgue@st.com>
When opening the slave end of a PTY, it is not possible for userspace to
safely ensure that /dev/pts/$num is actually a slave (in cases where the
mount namespace in which devpts was mounted is controlled by an
untrusted process). In addition, there are several unresolvable
race conditions if userspace were to attempt to detect attacks through
stat(2) and other similar methods [in addition it is not clear how
userspace could detect attacks involving FUSE].
Resolve this by providing an interface for userpace to safely open the
"peer" end of a PTY file descriptor by using the dentry cached by
devpts. Since it is not possible to have an open master PTY without
having its slave exposed in /dev/pts this interface is safe. This
interface currently does not provide a way to get the master pty (since
it is not clear whether such an interface is safe or even useful).
Cc: Christian Brauner <christian.brauner@ubuntu.com>
Cc: Valentin Rothberg <vrothberg@suse.com>
Signed-off-by: Aleksa Sarai <asarai@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Register gr[0] holds the PSW in interrupt context. It's absolutely
unlikely that the compiler will use register zero in a get_user() call,
but better BUG on such a case in fixup_exception() anyway.
Signed-off-by: Helge Deller <deller@gmx.de>
