Here contains only the fixes for the new FireWire bebob driver.
All fairly trivial and local fixes, so safe to apply.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABAgAGBQJT0RKNAAoJEGwxgFQ9KSmkc3AP/22rWmdBQ1KaAIve6edzZJN9
76EAFpXkTBb8RPAXuB12OcQ9mz0YjVLy5GD0yQ7ydJtZHySr0eXfAQBk7tvTfLk4
msCeShCszVbecEcqYTKcfqsjd56TB/nKge3X03XFk/iN5TenLGhCAmRoihyAIlot
3h9Kzgm75XFIb9KS3chU41ics0/PafPW1b1vsh/rPMNMuNwr3fG9XnYkmmd5gsL9
WnL6lKk9oj2wLT3w9zwja2NGRc8G87wZ8WMcXTlSPyFMXUgyCxOD+CFnu38Zk0rv
URUrbRqagwi6yyV6JEU1o/bc5UteK2LO5dR4VI9IogwxiGBRYMpX0NTClN3cgQgi
G4aqJi6I6nsyeFb4m3NfHfxyKzV3n3QXpc3940G7PYMcuxGlTnMDjy9aKjWnGSCi
VnPfGuqwb210wumhvBNoRNUTq91Qw0JrW6pUJsJqkefaHw4PbhRD1xdT7cs12xn7
zFAq9ZpERQ6SuyaqnviTBUiuAjNzmqkIr3DGgiClFzuBGu5s5OyZGHyUx6sPAg1J
ZEsoNplBoPN9qmZgAsskuSVWlfPq6icXqZVVDY63IgMFU68E6BN0LapxM1aFOtyG
FfX5eD3JsfPGQeporxpTd6ehybUnrJH/5M1dnybydODwmAAuIzryrA/3FXuxP3z4
m2h9E7IW6zLmuWkBdcmn
=2EEt
-----END PGP SIGNATURE-----
Merge tag 'sound-3.16-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound
Pull sound fixes from Takashi Iwai:
"Here contains only the fixes for the new FireWire bebob driver. All
fairly trivial and local fixes, so safe to apply"
* tag 'sound-3.16-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
ALSA: bebob: Correction for return value of special_clk_ctl_put() in error
ALSA: bebob: Correction for return value of .put callback
ALSA: bebob: Use different labels for digital input/output
ALSA: bebob: Fix a missing to unlock mutex in error handling case
Do not split the PARPORT-related symbols with the new kconfig
symbol ARCH_MIGHT_HAVE_PC_PARPORT. The split was causing incorrect
display of these symbols -- they were not being displayed together
as they should be.
Fixes: d90c3eb315 "Kconfig cleanup (PARPORT_PC dependencies)"
Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Cc: Mark Salter <msalter@redhat.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: stable@vger.kernel.org # for 3.13, 3.14, 3.15
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABAgAGBQJT0vhRAAoJEJommM3PjknHU0kQAJCVpETov4VEojTWjW54BE59
Yflb/EcZjfrZY7/LixV1AhhlInlXj9TuthAPG0TLkhaLElBsbEwuVGHHOytM77s2
8wI8Ecw8hXPTZkqDC4yYF1ysHqKkIXQ7e5IImWOozybKy6ymMIYIBGm8rP0m6oS5
nC25pR+4vWPr0B/L6+XpdBbxJmRyNw4y4NmKLSp6Uv+j3u/emolp7lKE7tRsWcjc
k6ey32k57XIbtYMjILIele27g2JGsx2u2s+tm5Qffuy2IG/0ErO6nrG5DDzjMTI1
v/uSC6WDeJICd4Gj0QzPCu1gGztv7xaBzD94ssPsnIcruuD4TSuqB9b+3YEjrEV2
Iwo/y615qYU6AxtwqA8vhhrwk+0I5oj7xJb3ASgEsCco8o3sKhE1QQtRsLw6cOnI
sb4jiA6nh5FkiTfinnUi00Xp8W2bd6weg+GJHEMGgCn/dWYKyo6TxheUexorzH4f
tb5oxPkZ2WtR3FxWNcd2xDklPoV+d3BDUlR4x+4hmd31vJZ25Fcy8eg8HDp9Lk4a
wwI1iFotw3coDj/Tkyrf/4z/XBQh0KIjgia9sAmdYSEo28Z8DHHoZFMPPB9S98vO
V8aA2DN62FQ5oNpPYBla4+RPrCJKJfWbSI3Mq0kaRRkBUtt7hTz+OsX9a/khLxn2
o5Awtn+sSYUFl2vt896c
=tFJe
-----END PGP SIGNATURE-----
Merge tag 'blackfin-3.16-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/realmz6/blackfin-linux
Pull blackfin fixes from Steven Miao:
"smc nor flash PM fix, pinctrl group fix, update defconfig, and build
fixes"
* tag 'blackfin-3.16-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/realmz6/blackfin-linux:
blackfin: vmlinux.lds.S: reserve 32 bytes space at the end of data section for XIP kernel
defconfig: BF609: update spi config name
irq: blackfin sec: drop duplicated sec priority set
blackfin: bind different groups of one pinmux function to different state name
blackfin: fix some bf5xx boards build for missing <linux/gpio.h>
pm: bf609: cleanup smc nor flash
drop smc pin state change code, pin state will be saved in pinctrl-adi2 driver
cleanup nor flash init/exit for pm suspend/resume
Signed-off-by: Steven Miao <realmz6@gmail.com>
Pull parisc fixes from Helge Deller:
"We have two trivial patches in here. One removes the SA_RESTORER
#define since on parisc we don't have the sa_restorer field in struct
sigaction, the other patch removes an unnecessary memset().
The SA_RESTORER removal patch is scheduled for stable trees, since
without it some userspace apps don't build"
* 'parisc-3.16-6' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux:
parisc: Eliminate memset after alloc_bootmem_pages
parisc: Remove SA_RESTORER define
Pull fuse fixes from Miklos Szeredi:
"These two pathes fix issues with the kernel-userspace protocol changes
in v3.15"
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse:
fuse: add FUSE_NO_OPEN_SUPPORT flag to INIT
fuse: s_time_gran fix
The "security: introduce kernel_fw_from_file hook" patch defined a
new security hook to evaluate any loaded firmware that wasn't built
into the kernel.
This patch defines ima_fw_from_file(), which is called from the new
security hook, to measure and/or appraise the loaded firmware's
integrity.
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
This attaches LSM hooks to the existing firmware loading interfaces:
filesystem-found firmware and demand-loaded blobs. On errors, loads
are aborted and the failure code is returned to userspace.
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Takashi Iwai <tiwai@suse.de>
Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
In order to validate the contents of firmware being loaded, there must be
a hook to evaluate any loaded firmware that wasn't built into the kernel
itself. Without this, there is a risk that a root user could load malicious
firmware designed to mount an attack against kernel memory (e.g. via DMA).
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Takashi Iwai <tiwai@suse.de>
crypto/asymmetric_keys/pkcs7_key_type.c needs to #include linux/err.h rather
than relying on getting it through other headers.
Without this, the powerpc allyesconfig build fails.
Reported-by: Stephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: David Howells <dhowells@redhat.com>
The raminit register is shared register for both can0 and can1. Since commit:
32766ff net: can: Convert to use devm_ioremap_resource
devm_ioremap_resource() is used to map raminit register. When using both
interfaces the mapping for the can1 interface fails, leading to a non
functional can interface.
Signed-off-by: George Cherian <george.cherian@ti.com>
Signed-off-by: Mugunthan V N <mugunthanvnm@ti.com>
Cc: linux-stable <stable@vger.kernel.org> # >= v3.11
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
When the usb speed of the RTL8152 is not high speed, the USB_DEV_STAT[2:1]
should be equal to [0 1]. That is, the STAT_SPEED_FULL should be equal
to 2.
There is a easy way to check the usb speed by the speed field of the
struct usb_device. Use it to replace the original metheod.
Signed-off-by: Hayes Wang <hayeswang@realtek.com>
Spotted-by: Andrey Utkin <andrey.krieger.utkin@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
John W. Linville says:
====================
pull request: wireless 2014-07-24
Please pull this batch of fixes intended for the 3.16 stream...
For the mac80211 fixes, Johannes says:
"I have two fixes: one for tracing that fixes a long-standing NULL
pointer dereference, and one for a mac80211 issue that causes iwlmvm to
send invalid frames during authentication/association."
and,
"One more fix - for a bug in the newly introduced code that obtains rate
control information for stations."
For the iwlwifi fixes, Emmanuel says:
"It includes a merge damage fix. This region has been changed in -next
and -fixes quite a few times and apparently, I failed to handle it
properly, so here the fix. Along with that I have a fix from Eliad
to properly handle overlapping BSS in AP mode."
On top of that, Felix provides and ath9k fix for Tx stalls that happen
after an aggregation session failure.
Please let me know if there are problems! There are some changes
here that will cause merge conflicts in -next. Once you merge this
I can pull it into wireless-next and resolve those issues.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Ezequiel Garcia says:
====================
net: phy: Prevent an MDIO bus from being unloaded while in use
Changes from v1:
* Dropped the unneeded module_put() on phy_attach_direct().
The motivation of this small series is to fix the current lack of relationship
between an ethernet driver and the MDIO bus behind the PHY device. In such
cases, we would find no visible link between the drivers:
$ lsmod
Module Size Used by Not tainted
mvmdio 2941 0
mvneta 22069 0
Which means nothing prevents the MDIO driver from being removed:
$ modprobe -r mvmdio
# Unable to handle kernel NULL pointer dereference at virtual address 00000060
pgd = c0004000
[00000060] *pgd=00000000
Internal error: Oops: 17 [#1] SMP ARM
Modules linked in: mvneta [last unloaded: mvmdio]
CPU: 0 PID: 22 Comm: kworker/0:1 Not tainted 3.16.0-rc5-01127-g62c0816-dirty #608
Workqueue: events_power_efficient phy_state_machine
task: df5ec840 ti: df67a000 task.ti: df67a000
PC is at phy_state_machine+0x1c/0x468
LR is at phy_state_machine+0x18/0x468
[snip]
This patchset fixes this problem by adding a pair of module_{get,put},
so the module reference count is increased when the PHY device is attached
and is decreased when the PHY is detached.
Tested with mvneta and mv643xx_eth drivers, which depend on the mvmdio
driver to handle MDIO. This series applies on both net and net-next branches.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit adds proper module_{get,put} to prevent the MDIO bus module
from being unloaded while the phydev is connected. By doing so, we fix
a kernel panic produced when a MDIO driver is removed, but the phydev
that relies on it is attached and running.
Signed-off-by: Ezequiel Garcia <ezequiel.garcia@free-electrons.com>
Reviewed-by: Florian Fainelli <f.fainelli@gmail.com>
Tested-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
mdiobus_register() registers a device which is already bound to a driver.
Hence, the driver pointer should be set properly in order to track down
the driver associated to the MDIO bus.
This will be used to allow ethernet driver to pin down a MDIO bus driver,
preventing it from being unloaded while the PHY device is running.
Reviewed-by: Florian Fainelli <f.fainelli@gmail.com>
Tested-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Ezequiel Garcia <ezequiel.garcia@free-electrons.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Allow set_settings() to complete succesfully even if link is
not estabilished and port type isn't known yet.
Signed-off-by: Yaniv Rosner <Yaniv.Rosner@qlogic.com>
Signed-off-by: Dmitry Kravkov <Dmitry.Kravkov@qlogic.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Pablo Neira Ayuso says:
====================
Via Simon Horman, I received the following one-liner for your net tree:
1) Fix crash when exiting from netns that uses IPVS and conntrack,
from Julian Anastasov via Simon Horman.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
This fix was necessary after
9c15a24b03 ("x86/mce: Improve mcheck_init_device() error handling")
went in. What this patch did was, among others, check the return value
of misc_register and exit early if it encountered an error. Original
code sloppily didn't do that.
However,
cef12ee52b ("xen/mce: Add mcelog support for Xen platform")
made it so that xen's init routine xen_late_init_mcelog runs first. This
was needed for the xen mcelog device which is supposed to be independent
from the baremetal one.
Initially it was reported that misc_register() fails often on xen and
that's why it needed fixing. However, it is *supposed* to fail by
design, when running in dom0 so that the xen mcelog device file gets
registered first.
And *then* you need the notifier *not* unregistered on the error path so
that the timer does get deleted properly in the CPU hotplug notifier.
Btw, this fix is needed also on baremetal in the unlikely event that
misc_register(&mce_chrdev_device) fails there too.
I was unsure whether to rush it in now and decided to delay it to 3.17.
However, xen people wanted it promoted as it breaks xen when doing cpu
hotplug there. So, after a bit of simmering in tip/master for initial
smoke testing, let's move it to 3.16. It fixes a semi-regression which
got introduced in 3.16 so no need for stable tagging.
tip/x86/ras contains that exact same commit but we can't remove it
there as it is not the last one. It won't cause any merge issues, as I
confirmed locally but I should state here the special situation of this
one fix explicitly anyway.
Thanks.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJTzUMOAAoJEBLB8Bhh3lVKDC0P/3azgACl7qXkpUoFIUW4RSGJ
3psmzjYd8RU2Trh7+8NFTUccLYIe6+4wyE8R4fgx1iV3kuUPOuAIRn0sRk4/TgCC
IwA+j9v28jilFQvXuv+v105mIdiTmKJotcL3+k4I3HUR8RehnHK+BrlxR8e/zQzU
W/Vk9cgz8wzPxMmmpvUE8OHmWYEk6h/rkCz6TF0bAJbgSq9iN37mmpKfXwwvaIRi
CFP/UXIduipEuYUd+8fJqUg14roDFvA5hXPz7abM0gSr1NjR/k724f2G4iDnez0V
pm8I+PmyEaZYI6udUrbyZ0X9wTcgHLe6GtwyEIBaOOqkMZbjC4anEe7VUJFIKr5/
dNN538DGXxNfrf0u5lkHF/SCiE/T3eoP8imaMeZXwE04HHjWOfvqJs7miUPfGjKE
VYvbY2fVbjbYCFjgqc2XkJgPpwGpOF2WCaXva2hyIRKrXsgt725wvoBCnNMX+AD7
l71AeexVCN3TGmP7Twi7W8d23QPR0+M7x5SNkFaUTepJ2f+s3Fpeopq9mfbAtM6i
p6fRDVncOBalNW3G5hED3YYcjfjQgpiKMQ7zm84K71NkSCBOsjiatFrPD+Y0lBwM
LNtOViTXFvXW5xMBDDjQq3+InIbzt7MlQMVP4nP6rkEjOLfR60+ivr9sPUuqTb//
hqI5bCPgWhxEBrzA7iIj
=z/P/
-----END PGP SIGNATURE-----
x86: Merge tag 'ras_urgent' into x86/urgent
Promote one fix for 3.16
This fix was necessary after
9c15a24b03 ("x86/mce: Improve mcheck_init_device() error handling")
went in. What this patch did was, among others, check the return value
of misc_register and exit early if it encountered an error. Original
code sloppily didn't do that.
However,
cef12ee52b ("xen/mce: Add mcelog support for Xen platform")
made it so that xen's init routine xen_late_init_mcelog runs first. This
was needed for the xen mcelog device which is supposed to be independent
from the baremetal one.
Initially it was reported that misc_register() fails often on xen and
that's why it needed fixing. However, it is *supposed* to fail by
design, when running in dom0 so that the xen mcelog device file gets
registered first.
And *then* you need the notifier *not* unregistered on the error path so
that the timer does get deleted properly in the CPU hotplug notifier.
Btw, this fix is needed also on baremetal in the unlikely event that
misc_register(&mce_chrdev_device) fails there too.
I was unsure whether to rush it in now and decided to delay it to 3.17.
However, xen people wanted it promoted as it breaks xen when doing cpu
hotplug there. So, after a bit of simmering in tip/master for initial
smoke testing, let's move it to 3.16. It fixes a semi-regression which
got introduced in 3.16 so no need for stable tagging.
tip/x86/ras contains that exact same commit but we can't remove it
there as it is not the last one. It won't cause any merge issues, as I
confirmed locally but I should state here the special situation of this
one fix explicitly anyway.
Thanks.
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
This is a halfway fix for hawaii acceleration. More fixes to come
but hopefully isolated to userspace.
Signed-off-by: Jérôme Glisse <jglisse@redhat.com>
Cc: stable@vger.kernel.org
Signed-off-by: Dave Airlie <airlied@redhat.com>
two more radeon fixes.
* 'drm-fixes-3.16' of git://people.freedesktop.org/~agd5f/linux:
drm/radeon: fix irq ring buffer overflow handling
drm/radeon: fix error handling in radeon_vm_bo_set_addr
This time in time! Just 32bit-pae fix from Hugh, semaphores fun from Chris
and a fix for runtime pm cherry-picked from next.
Paulo is still working on a fix for runtime pm when X does cursor fun when
the display is off, but that one isn't ready yet.
* tag 'drm-intel-fixes-2014-07-24' of git://anongit.freedesktop.org/drm-intel:
drm/i915: Simplify i915_gem_release_all_mmaps()
drm/i915: fix freeze with blank screen booting highmem
drm/i915: Reorder the semaphore deadlock check, again
byReAssocCount is incremented every second resulting in
disassociated message being send every 10 seconds whether
connection or not.
byReAssocCount should only advance while eCommandState
is in WLAN_ASSOCIATE_WAIT
Change existing scope to if condition.
Signed-off-by: Malcolm Priestley <tvboxspy@gmail.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
alloc_bootmem and related function always return zeroed region of
memory. Thus a memset after calls to these functions is unnecessary.
The following Coccinelle semantic patch was used for making the change:
@@
expression E,E1;
@@
E = \(alloc_bootmem\|alloc_bootmem_low\|alloc_bootmem_pages\|alloc_bootmem_low_pages\)(...)
... when != E
- memset(E,0,E1);
Signed-off-by: Himangi Saraogi <himangi774@gmail.com>
Acked-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Helge Deller <deller@gmx.de>
The sa_restorer field in struct sigaction is obsolete and no longer in
the parisc implementation. However, the core code assumes the field is
present if SA_RESTORER is defined. So, the define needs to be removed.
Signed-off-by: John David Anglin <dave.anglin@bell.net>
Cc: <stable@vger.kernel.org>
Signed-off-by: Helge Deller <deller@gmx.de>
This fixes the following warning:
warning: (ARCH_MULTIPLATFORM && ARCH_INTEGRATOR && ARCH_SHMOBILE_LEGACY) selects ARM_PATCH_PHYS_VIRT which has unmet direct dependencies (!XIP_KERNEL && MMU && (!ARCH_REALVIEW || !SPARSEMEM))
Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Temperature limit clamps are applied after converting the temperature
from milli-degrees C to degrees C, so either the clamp limit needs
to be specified in degrees C, not milli-degrees C, or clamping must
happen before converting to degrees C. Use the latter method to avoid
overflows.
vrm is an u8, so the written value needs to be limited to [0, 255].
Cc: Axel Lin <axel.lin@ingics.com>
Cc: stable@vger.kernel.org
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Reviewed-by: Jean Delvare <jdelvare@suse.de>
- L2 cache regression fix for a warning about trying to access
a read-only register
- GPMC ECC software fallback regression fix for omap3
- Fix for dra7 pinctrl pull-up direction that causes signal issues
for anybody trying to use the internal pull up or down
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJT0PDDAAoJEBvUPslcq6Vz2kkP/2XcaWEl5xWEP6vTFDwy1RDL
apjp2qURWpJ579bT5y5KlGP8vyBeSLfdXl+ccCuHhBrRtYCZfsUdRaii/AHDcsd/
N0p1ZaAQLwfMXUo1sVgW2grSOJEo8QZs8DEZ7eJfE8SnH2g/i4j+VFknYOO1t6vA
+QoHRWcY0CRLNVHSyGGFk235pfdq1ZAKskayzQ4wCjOXuH2tKILjFsiCxItPStih
CmKqZCoO+BQMz7dLTGZsdchDTqf0PceMh7w6PWO65QeJxr16nWmGbqnZRlUGeBqo
vTZO1Rsfb4DlRYRGBxJ1ybVJw2cgmsx8fWKv4eYVrulGNKUE2m3UYj+oYCst0g5i
VOPMwLiLapciCZi/4er2VWtb9sFWY6XaTAJHVRtrtX6RZgZC5c3cWGzkykXOkF7N
Ut7He/TT41uc5OIjuG6WGQNCIfKOmfBcSDeNRqyr9YzZpn6lbJ+U4kk0kco1pyda
IHrRUD+yHuXK0FjZvZMDlWmKqP3QLK+xjL7LRzsiJ4yfymikckjS2RH0iP9PGuCV
T68PPl+rzyHjmVUnbBCgLnatTAQ9uHPCb4Eb5rRZaiO+4nUyqeqikMWU/DsiS4jc
1igudgOx53/0zCCQC/VHVL9HGb4fSrbevMzq8YR3uyyS2b/R8FFbGs6Y6TCIDWdi
TUSv/ckpA4uUbe22SFTn
=/FMt
-----END PGP SIGNATURE-----
Merge tag 'omap-for-v3.16/fixes-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap into fixes
Merge "Two regression fixes for omaps and one fix for device
signaling" from Tony Lindgren:
- L2 cache regression fix for a warning about trying to access
a read-only register
- GPMC ECC software fallback regression fix for omap3
- Fix for dra7 pinctrl pull-up direction that causes signal issues
for anybody trying to use the internal pull up or down
* tag 'omap-for-v3.16/fixes-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap:
ARM: OMAP2+: gpmc: fix gpmc_hwecc_bch_capable()
pinctrl: dra: dt-bindings: Fix pull enable/disable
ARM: OMAP2+: l2c: squelch warning dump on power control setting
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
This is effectively a revert of 7b9a7ec565
plus fixing it a different way...
We found, when trying to run an application from an application which
had dropped privs that the kernel does security checks on undefined
capability bits. This was ESPECIALLY difficult to debug as those
undefined bits are hidden from /proc/$PID/status.
Consider a root application which drops all capabilities from ALL 4
capability sets. We assume, since the application is going to set
eff/perm/inh from an array that it will clear not only the defined caps
less than CAP_LAST_CAP, but also the higher 28ish bits which are
undefined future capabilities.
The BSET gets cleared differently. Instead it is cleared one bit at a
time. The problem here is that in security/commoncap.c::cap_task_prctl()
we actually check the validity of a capability being read. So any task
which attempts to 'read all things set in bset' followed by 'unset all
things set in bset' will not even attempt to unset the undefined bits
higher than CAP_LAST_CAP.
So the 'parent' will look something like:
CapInh: 0000000000000000
CapPrm: 0000000000000000
CapEff: 0000000000000000
CapBnd: ffffffc000000000
All of this 'should' be fine. Given that these are undefined bits that
aren't supposed to have anything to do with permissions. But they do...
So lets now consider a task which cleared the eff/perm/inh completely
and cleared all of the valid caps in the bset (but not the invalid caps
it couldn't read out of the kernel). We know that this is exactly what
the libcap-ng library does and what the go capabilities library does.
They both leave you in that above situation if you try to clear all of
you capapabilities from all 4 sets. If that root task calls execve()
the child task will pick up all caps not blocked by the bset. The bset
however does not block bits higher than CAP_LAST_CAP. So now the child
task has bits in eff which are not in the parent. These are
'meaningless' undefined bits, but still bits which the parent doesn't
have.
The problem is now in cred_cap_issubset() (or any operation which does a
subset test) as the child, while a subset for valid cap bits, is not a
subset for invalid cap bits! So now we set durring commit creds that
the child is not dumpable. Given it is 'more priv' than its parent. It
also means the parent cannot ptrace the child and other stupidity.
The solution here:
1) stop hiding capability bits in status
This makes debugging easier!
2) stop giving any task undefined capability bits. it's simple, it you
don't put those invalid bits in CAP_FULL_SET you won't get them in init
and you won't get them in any other task either.
This fixes the cap_issubset() tests and resulting fallout (which
made the init task in a docker container untraceable among other
things)
3) mask out undefined bits when sys_capset() is called as it might use
~0, ~0 to denote 'all capabilities' for backward/forward compatibility.
This lets 'capsh --caps="all=eip" -- -c /bin/bash' run.
4) mask out undefined bit when we read a file capability off of disk as
again likely all bits are set in the xattr for forward/backward
compatibility.
This lets 'setcap all+pe /bin/bash; /bin/bash' run
Signed-off-by: Eric Paris <eparis@redhat.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Cc: Andrew Vagin <avagin@openvz.org>
Cc: Andrew G. Morgan <morgan@kernel.org>
Cc: Serge E. Hallyn <serge.hallyn@canonical.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Steve Grubb <sgrubb@redhat.com>
Cc: Dan Walsh <dwalsh@redhat.com>
Cc: stable@vger.kernel.org
Signed-off-by: James Morris <james.l.morris@oracle.com>
* Fix SD2CKCR register address of r8a7791 (R-Car M2) SoC
This corrects a bug introduced in v3.14 by
59e79895b9 ("ARM: shmobile: r8a7791: Add clocks").
However, it does not manifest in mainline code until
SDHI devices were enabled on the Koelsch board in v3.15 by
2c60a7df72 ("ARM: shmobile: Add SDHI devices for Koelsch DTS").
It also manifests on the Henninger board when
SDHI devices were enabled in v3.16-rc1 by
1299df03d7 ("ARM: shmobile: henninger: add SDHI0/2 DT support")
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJT0FapAAoJENfPZGlqN0++socQAI25b++UQ89EiUQE/98yB/vq
ma63gl346dXdv6lb8iN+rx9Vk3wtzNuroozds2iulmAnutMTdQ83huektaYdPkQ4
T+RxOl4liJUbQRBg2+8UBtiaTB+oGQWbRkqt/MOvniTbOqYKs71Oym901ULlQMKL
9RSyWORUx5x2c+zZMJ0eU8T6Bl9hf0P0ikHwUv9ZYIQzrYxjJubdmyVoNI6slxF9
S4O4sUZfOSVqfSis5rEfWgG29jBYjlGdTyFXp1+kE19J02wikGRTjgM9bWkxarrF
wfa+ZQXjMywsdY8rCSxeNEYFuS3NW7s4ylRIC4UfpvSg1cvNVVE5m4BK0E2IOIyJ
kW/zSimYfh/RJSX+HMZ2hfipvFDE6dDOL5PHpwJ8fhWfM5Yinn1Wgfa2mUDxsPFe
CAfhtiTB56Rhzo+ln9UcNwaakZs/uSsG0jq3lI2zNTUd+1VMS+7xB/3pdKQjDGo/
75+UKvdcqJ4yprfcvKwIp0LsJCKWIm1hQTqSFWuYfpVaNbM+9CFQculw0YZxOWxc
xFr3LznFidUJCHKiM4ngnPBsLfDCdjVU5MyqDXcW9iVEKeSQJJ01CCORA4MjTUT5
niZEMcAoIMaeXeuVnL5FlRK5Owd6SgryWpy4XUlf+ioGLLE5EzuLqA9TJe4eo41P
caa5gpyUDbTjH1J4GktY
=SQyi
-----END PGP SIGNATURE-----
Merge tag 'renesas-fixes2-for-v3.16' of git://git.kernel.org/pub/scm/linux/kernel/git/horms/renesas into fixes
Merge "Second Round of Renesas ARM Based SoC Fixes for v3.16" from Simon Horman
* Fix SD2CKCR register address of r8a7791 (R-Car M2) SoC
This corrects a bug introduced in v3.14 by
59e79895b9 ("ARM: shmobile: r8a7791: Add clocks").
However, it does not manifest in mainline code until
SDHI devices were enabled on the Koelsch board in v3.15 by
2c60a7df72 ("ARM: shmobile: Add SDHI devices for Koelsch DTS").
It also manifests on the Henninger board when
SDHI devices were enabled in v3.16-rc1 by
1299df03d7 ("ARM: shmobile: henninger: add SDHI0/2 DT support")
* tag 'renesas-fixes2-for-v3.16' of git://git.kernel.org/pub/scm/linux/kernel/git/horms/renesas:
ARM: shmobile: r8a7791: Fix SD2CKCR register address
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
In function cap_task_prctl(), we would allocate a credential
unconditionally and then check if we support the requested function.
If not we would release this credential with abort_creds() by using
RCU method. But on some archs such as powerpc, the sys_prctl is heavily
used to get/set the floating point exception mode. So the unnecessary
allocating/releasing of credential not only introduce runtime overhead
but also do cause OOM due to the RCU implementation.
This patch removes abort_creds() from cap_task_prctl() by calling
prepare_creds() only when we need to modify it.
Reported-by: Kevin Hao <haokexin@gmail.com>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Reviewed-by: Paul Moore <paul@paul-moore.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: James Morris <james.l.morris@oracle.com>
Currently umount on symlink blocks following umount:
/vz is separate mount
# ls /vz/ -al | grep test
drwxr-xr-x. 2 root root 4096 Jul 19 01:14 testdir
lrwxrwxrwx. 1 root root 11 Jul 19 01:16 testlink -> /vz/testdir
# umount -l /vz/testlink
umount: /vz/testlink: not mounted (expected)
# lsof /vz
# umount /vz
umount: /vz: device is busy. (unexpected)
In this case mountpoint_last() gets an extra refcount on path->mnt
Signed-off-by: Vasily Averin <vvs@openvz.org>
Acked-by: Ian Kent <raven@themaw.net>
Acked-by: Jeff Layton <jlayton@primarydata.com>
Cc: stable@vger.kernel.org
Signed-off-by: Christoph Hellwig <hch@lst.de>
The following warnings:
fs/direct-io.c: In function ‘__blockdev_direct_IO’:
fs/direct-io.c:1011:12: warning: ‘to’ may be used uninitialized in this function [-Wmaybe-uninitialized]
fs/direct-io.c:913:16: note: ‘to’ was declared here
fs/direct-io.c:1011:12: warning: ‘from’ may be used uninitialized in this function [-Wmaybe-uninitialized]
fs/direct-io.c:913:10: note: ‘from’ was declared here
are false positive because dio_get_page() either fails, or sets both
'from' and 'to'.
Paul Bolle said ...
Maybe it's better to move initializing "to" and "from" out of
dio_get_page(). That _might_ make it easier for both the the reader and
the compiler to understand what's going on. Something like this:
Christoph Hellwig said ...
The fix of moving the code definitively looks nicer, while I think
uninitialized_var is horrible wart that won't get anywhere near my code.
Boaz Harrosh: I agree with Christoph and Paul
Signed-off-by: Boaz Harrosh <boaz@plexistor.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
During suspend we call sched_clock_poll() to update the epoch and
accumulated time and reprogram the sched_clock_timer to fire
before the next wrap-around time. Unfortunately,
sched_clock_poll() doesn't restart the timer, instead it relies
on the hrtimer layer to do that and during suspend we aren't
calling that function from the hrtimer layer. Instead, we're
reprogramming the expires time while the hrtimer is enqueued,
which can cause the hrtimer tree to be corrupted. Furthermore, we
restart the timer during suspend but we update the epoch during
resume which seems counter-intuitive.
Let's fix this by saving the accumulated state and canceling the
timer during suspend. On resume we can update the epoch and
restart the timer similar to what we would do if we were starting
the clock for the first time.
Fixes: a08ca5d108 "sched_clock: Use an hrtimer instead of timer"
Signed-off-by: Stephen Boyd <sboyd@codeaurora.org>
Signed-off-by: John Stultz <john.stultz@linaro.org>
Link: http://lkml.kernel.org/r/1406174630-23458-1-git-send-email-john.stultz@linaro.org
Cc: Ingo Molnar <mingo@kernel.org>
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Steffen Klassert says:
====================
pull request (net): ipsec 2014-07-23
Just two fixes this time, both are stable candidates.
1) Fix the dst_entry refcount on socket policy usage.
2) Fix a wrong SPI check that prevents AH SAs from getting
installed, dependent on the SPI. From Tobias Brunner.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Pull nfsd bugfix from Bruce Fields:
"Another regression from the xdr encoding rewrite"
* 'for-3.16' of git://linux-nfs.org/~bfields/linux:
NFSD: Fix crash encoding lock reply on 32-bit
- resolve FIXMEs in double exception handler for window overflow. This
fix makes native building of linux on xtensa host possible;
- fix sysmem region removal issue introduced in 3.15.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAABAgAGBQJTzhdsAAoJEI9vqH3mFV2ss5QP/1EVWvoI59eK3QQjrKdCRk/C
bLi7yCgZHh75ZTPvHpwVWFkIc0C1w7wprgJJVe9LjT4BPs609IRPrwMq4CLznNpn
nT3PcxyfJxv6q1sv/Aj4h3X/bqLMbBMclldqD4rH1WGpwLpxDjVlcfGc+7592L8a
LInSpBsby4G44gW/4ed5I5bIKNiQYPN9WkGsHEH3gGJLosQtEOmPYV+cu/2P4rVF
cWFHLKVSzSEEYQ7EvqWPYeBu6tp4HyHZHKwNTOaJbUg1POLn7cEH8O503nsRQ/DB
KKEG5vy/EBvB20U819VgmtS22/C07wT7dvMNy2B0IV/T4KCLpTDE5SmFdZc20HGc
W3/BHpBDiRQvdxsUnDEWibhgz4fgFkUi0/t20qKMJEWbHOKvrfAuM/KAgMDayWu+
RNZuIf3sA2mxg25b9cnFFOwhBRVCJl/zhYnQl3VuDbn3qdCHfFeNz6MAYyzNGPbd
PSRpsS8bG0y1eVaHlKc0wUrXx2COYDiKBrJ8OgswQxa+J4oTW2bS29j3ZdEeVLf5
+aDln0FjqxRMSjPe3sq1Ex0qKW15lImSK/znjrVWOFUdPrc+FhGtkWrjc5jC6NUH
8VN9ktuBh/ZKUT7/hLf5xWUljV5wEKZ3aeFTMT+zSQ93n/xf+lNMpDmjda+o8jru
Wrc2dWoE2o1UjCnTqbop
=khlu
-----END PGP SIGNATURE-----
Merge tag 'xtensa-next-20140721' of git://github.com/czankel/xtensa-linux
Pull Xtensa fixes from Chris Zankel:
- resolve FIXMEs in double exception handler for window overflow. This
fix makes native building of linux on xtensa host possible;
- fix sysmem region removal issue introduced in 3.15.
* tag 'xtensa-next-20140721' of git://github.com/czankel/xtensa-linux:
xtensa: fix sysmem reservation at the end of existing block
xtensa: add fixup for double exception raised in window overflow
- An IRQ handling fix for the STi driver, also for stable
- Another IRQ fix for the RCAR GPIO driver
- A MAINTAINERS entry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJTz6+qAAoJEEEQszewGV1z+o0QAJSXONx5WyVHNXGII24loIyQ
035O3ENmTLP2RNiibREcOk4tAD3IuIW/GYL+rx1yCCU5fAzKdoG7bG53DfariTWO
zSe+mUxdspKEiWGs3vXP5G2+UOD0dM+GytqduAIw6Uuwd9WcZkd46D4BLmFq0V0A
ZcY4oGaB1JetEu2LVLAuMaUkWeRMVH3SQX+YwM7dNigljgMJSHo2FduRN0+A8nJD
TpvdsZbAzsdNyH6oOnzzOAnpIRyL/TthPwnwUcEKVtcv8zj9A4gjB9fBObuR2v5L
rncVdVV/2anWIsSjSnaXOSLni18wIxB1YDRanTI1tH3xAfCNQNCBjPrDzdoQcMvP
B7MkYqRnl/ZGUq74kAixAozQJBLfzyLhV5G+1zAty81x1+gLITUD3ZkqwBqGvinY
UMg2s3eHvW20ypc2i9cTj3VZeepjyzbQ0JaF7o1GiU3By9Igy+WJPu0OlDyxGoi0
fZZRQHfyERcGqG71RwP7aBqWJLoerOG6hJ50vbcqlKw8/EBOJNN7eROvfNk06IYp
2RqjXGu2MKcFZWGh6Os7tO1WUp14fXX6W3szwB47EGZAPrcgTb/3NMXoj61t6dba
uGM/PXu5xensdc98r2Hd4iOp2Z6LN9/f/9Iqm9gR1dq8B6qn2389gNXIU6j3onFh
UUzA3NVT3W5WiNdLU1es
=pzyJ
-----END PGP SIGNATURE-----
Merge tag 'pinctrl-v3.16-3' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl
Pull pin control fixes from Linus Walleij:
"Here are three pin control fixes for the v3.16 series. Sorry that
some of these arrive late, the summer heat in Sweden makes me slow.
- an IRQ handling fix for the STi driver, also for stable
- another IRQ fix for the RCAR GPIO driver
- a MAINTAINERS entry"
* tag 'pinctrl-v3.16-3' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl:
gpio: rcar: Add support for DT IRQ flags
MAINTAINERS: Add entry for the Renesas pin controller driver
pinctrl: st: Fix irqmux handler
