Commit Graph

685258 Commits

Author SHA1 Message Date
Daniel Jurgens
79d0636ac7 IB/core: Fix uninitialized variable use in check_qp_port_pkey_settings
Check the return value from get_pkey_and_subnet_prefix to prevent using
uninitialized variables.

Fixes: d291f1a652 ("IB/core: Enforce PKey security on QPs")
Signed-off-by: Daniel Jurgens <danielj@mellanox.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2017-07-07 09:49:26 +10:00
Enric Balletbo i Serra
b5d0ebc99b tpm: do not suspend/resume if power stays on
The suspend/resume behavior of the TPM can be controlled by setting
"powered-while-suspended" in the DTS. This is useful for the cases
when hardware does not power-off the TPM.

Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Signed-off-by: Enric Balletbo i Serra <enric.balletbo@collabora.com>
Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2017-07-07 09:49:26 +10:00
Roberto Sassu
28707bf221 tpm: use tpm2_pcr_read() in tpm2_do_selftest()
tpm2_do_selftest() performs a PCR read during the TPM initialization phase.
This patch replaces the PCR read code with a call to tpm2_pcr_read().

Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkine@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2017-07-07 09:49:26 +10:00
Roberto Sassu
91f7f3d773 tpm: use tpm_buf functions in tpm2_pcr_read()
tpm2_pcr_read() now builds the PCR read command buffer with tpm_buf
functions. This solution is preferred to using a tpm2_cmd structure,
as tpm_buf functions provide protection against buffer overflow.

Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2017-07-07 09:49:25 +10:00
Colin Ian King
bc397085ca tpm_tis: make ilb_base_addr static
The pointer ilb_base_addr does not need to be in global scope, so make
it static.

Cleans up sparse warning:
"symbol 'ilb_base_addr' was not declared. Should it be static?"

Signed-off-by: Colin Ian King <colin.king@canonical.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2017-07-07 09:49:25 +10:00
Jarkko Sakkinen
19cbe4f680 tpm: consolidate the TPM startup code
Consolidated all the "manual" TPM startup code to a single function
in order to make code flows a bit cleaner and migrate to tpm_buf.

Tested-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2017-07-07 09:49:25 +10:00
Azhar Shaikh
5e572cab92 tpm: Enable CLKRUN protocol for Braswell systems
To overcome a hardware limitation on Intel Braswell systems,
disable CLKRUN protocol during TPM transactions and re-enable
once the transaction is completed.

Signed-off-by: Azhar Shaikh <azhar.shaikh@intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2017-07-07 09:49:25 +10:00
Manuel Lauss
f128480f39 tpm/tpm_crb: fix priv->cmd_size initialisation
priv->cmd_size is never initialised if the cmd and rsp buffers reside
at different addresses.  Initialise it in the exit path of the function
when rsp buffer has also been successfully allocated.

Fixes: aa77ea0e43 ("tpm/tpm_crb: cache cmd_size register value.").
Signed-off-by: Manuel Lauss <manuel.lauss@gmail.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2017-07-07 09:49:25 +10:00
Jarkko Sakkinen
13b47cfcfc tpm: fix a kernel memory leak in tpm-sysfs.c
While cleaning up sysfs callback that prints EK we discovered a kernel
memory leak. This commit fixes the issue by zeroing the buffer used for
TPM command/response.

The leak happen when we use either tpm_vtpm_proxy, tpm_ibmvtpm or
xen-tpmfront.

Cc: stable@vger.kernel.org
Fixes: 0883743825 ("TPM: sysfs functions consolidation")
Reported-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Tested-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2017-07-07 09:49:24 +10:00
Josh Zimmerman
d1bd4a792d tpm: Issue a TPM2_Shutdown for TPM2 devices.
If a TPM2 loses power without a TPM2_Shutdown command being issued (a
"disorderly reboot"), it may lose some state that has yet to be
persisted to NVRam, and will increment the DA counter. After the DA
counter gets sufficiently large, the TPM will lock the user out.

NOTE: This only changes behavior on TPM2 devices. Since TPM1 uses sysfs,
and sysfs relies on implicit locking on chip->ops, it is not safe to
allow this code to run in TPM1, or to add sysfs support to TPM2, until
that locking is made explicit.

Signed-off-by: Josh Zimmerman <joshz@google.com>
Cc: stable@vger.kernel.org
Fixes: 74d6b3ceaa ("tpm: fix suspend/resume paths for TPM 2.0")
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2017-07-07 09:49:24 +10:00
Josh Zimmerman
f77af15165 Add "shutdown" to "struct class".
The TPM class has some common shutdown code that must be executed for
all drivers. This adds some needed functionality for that.

Signed-off-by: Josh Zimmerman <joshz@google.com>
Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: stable@vger.kernel.org
Fixes: 74d6b3ceaa ("tpm: fix suspend/resume paths for TPM 2.0")
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2017-07-07 09:49:24 +10:00
Linus Torvalds
b4b8cbf679 Cavium CNN55XX: fix broken default Kconfig entry
Every developer always thinks that _their_ code is so special and
magical that it should be enabled by default.

And most of them are completely and utterly wrong.  That's definitely
the case when you write a specialty driver for a very unsual "security
processor". It does *not* get to mark itself as "default m".

If you solve world hunger, and make a driver that cures people of
cancer, by all means enable it by default.  But afaik, the Cavium
CNN55XX does neither.

Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-07-05 13:03:05 -07:00
Linus Torvalds
5518b69b76 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
Pull networking updates from David Miller:
 "Reasonably busy this cycle, but perhaps not as busy as in the 4.12
  merge window:

   1) Several optimizations for UDP processing under high load from
      Paolo Abeni.

   2) Support pacing internally in TCP when using the sch_fq packet
      scheduler for this is not practical. From Eric Dumazet.

   3) Support mutliple filter chains per qdisc, from Jiri Pirko.

   4) Move to 1ms TCP timestamp clock, from Eric Dumazet.

   5) Add batch dequeueing to vhost_net, from Jason Wang.

   6) Flesh out more completely SCTP checksum offload support, from
      Davide Caratti.

   7) More plumbing of extended netlink ACKs, from David Ahern, Pablo
      Neira Ayuso, and Matthias Schiffer.

   8) Add devlink support to nfp driver, from Simon Horman.

   9) Add RTM_F_FIB_MATCH flag to RTM_GETROUTE queries, from Roopa
      Prabhu.

  10) Add stack depth tracking to BPF verifier and use this information
      in the various eBPF JITs. From Alexei Starovoitov.

  11) Support XDP on qed device VFs, from Yuval Mintz.

  12) Introduce BPF PROG ID for better introspection of installed BPF
      programs. From Martin KaFai Lau.

  13) Add bpf_set_hash helper for TC bpf programs, from Daniel Borkmann.

  14) For loads, allow narrower accesses in bpf verifier checking, from
      Yonghong Song.

  15) Support MIPS in the BPF selftests and samples infrastructure, the
      MIPS eBPF JIT will be merged in via the MIPS GIT tree. From David
      Daney.

  16) Support kernel based TLS, from Dave Watson and others.

  17) Remove completely DST garbage collection, from Wei Wang.

  18) Allow installing TCP MD5 rules using prefixes, from Ivan
      Delalande.

  19) Add XDP support to Intel i40e driver, from Björn Töpel

  20) Add support for TC flower offload in nfp driver, from Simon
      Horman, Pieter Jansen van Vuuren, Benjamin LaHaise, Jakub
      Kicinski, and Bert van Leeuwen.

  21) IPSEC offloading support in mlx5, from Ilan Tayari.

  22) Add HW PTP support to macb driver, from Rafal Ozieblo.

  23) Networking refcount_t conversions, From Elena Reshetova.

  24) Add sock_ops support to BPF, from Lawrence Brako. This is useful
      for tuning the TCP sockopt settings of a group of applications,
      currently via CGROUPs"

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next: (1899 commits)
  net: phy: dp83867: add workaround for incorrect RX_CTRL pin strap
  dt-bindings: phy: dp83867: provide a workaround for incorrect RX_CTRL pin strap
  cxgb4: Support for get_ts_info ethtool method
  cxgb4: Add PTP Hardware Clock (PHC) support
  cxgb4: time stamping interface for PTP
  nfp: default to chained metadata prepend format
  nfp: remove legacy MAC address lookup
  nfp: improve order of interfaces in breakout mode
  net: macb: remove extraneous return when MACB_EXT_DESC is defined
  bpf: add missing break in for the TCP_BPF_SNDCWND_CLAMP case
  bpf: fix return in load_bpf_file
  mpls: fix rtm policy in mpls_getroute
  net, ax25: convert ax25_cb.refcount from atomic_t to refcount_t
  net, ax25: convert ax25_route.refcount from atomic_t to refcount_t
  net, ax25: convert ax25_uid_assoc.refcount from atomic_t to refcount_t
  net, sctp: convert sctp_ep_common.refcnt from atomic_t to refcount_t
  net, sctp: convert sctp_transport.refcnt from atomic_t to refcount_t
  net, sctp: convert sctp_chunk.refcnt from atomic_t to refcount_t
  net, sctp: convert sctp_datamsg.refcnt from atomic_t to refcount_t
  net, sctp: convert sctp_auth_bytes.refcnt from atomic_t to refcount_t
  ...
2017-07-05 12:31:59 -07:00
Linus Torvalds
8ad06e56dc Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto updates from Herbert Xu:
 "Algorithms:
   - add private key generation to ecdh

  Drivers:
   - add generic gcm(aes) to aesni-intel
   - add SafeXcel EIP197 crypto engine driver
   - add ecb(aes), cfb(aes) and ecb(des3_ede) to cavium
   - add support for CNN55XX adapters in cavium
   - add ctr mode to chcr
   - add support for gcm(aes) to omap"

* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (140 commits)
  crypto: testmgr - Reenable sha1/aes in FIPS mode
  crypto: ccp - Release locks before returning
  crypto: cavium/nitrox - dma_mapping_error() returns bool
  crypto: doc - fix typo in docs
  Documentation/bindings: Document the SafeXel cryptographic engine driver
  crypto: caam - fix gfp allocation flags (part II)
  crypto: caam - fix gfp allocation flags (part I)
  crypto: drbg - Fixes panic in wait_for_completion call
  crypto: caam - make of_device_ids const.
  crypto: vmx - remove unnecessary check
  crypto: n2 - make of_device_ids const
  crypto: inside-secure - use the base_end pointer in ring rollback
  crypto: inside-secure - increase the batch size
  crypto: inside-secure - only dequeue when needed
  crypto: inside-secure - get the backlog before dequeueing the request
  crypto: inside-secure - stop requeueing failed requests
  crypto: inside-secure - use one queue per hw ring
  crypto: inside-secure - update the context and request later
  crypto: inside-secure - align the cipher and hash send functions
  crypto: inside-secure - optimize DSE bufferability control
  ...
2017-07-05 12:22:23 -07:00
Linus Torvalds
59005b0c59 GCC plugin updates:
- typo fix in Kconfig (Jean Delvare)
 - randstruct infrastructure
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 Comment: Kees Cook <kees@outflux.net>
 
 iQIcBAABCgAGBQJZXG6JAAoJEIly9N/cbcAmoO4P/jgF32XpC/HYGxcLARpcXUFr
 Dct/KJa6LdSIkeiMlmJD2DaLVQqeIyqQd8Aq/6jv4OMC3KtlquAygx4DoGh2zYYP
 HbSBiHz/czL1FCQpbXma2UUff1EDwuNM+wBJp80MgXy6J5KiKjB7yQAp9g0QS4o9
 3WSSitr9VcPEoxF7J9zySobd41IClFYnf1yi/gms2T/uvOHWEqDTUl06Dl3AEXPo
 0C/nMC4sNFggfTcsseAP7HGKiFyGErz2iER5wM0KXmU5eo4wgBK+mNN+n+oz1Doq
 BvkXraAyeor3YsKdu1oOkyeNK8iRscfeiqWUv86kBtfP3vNKUmWmpo77O3qGz5ra
 BwqcPF7nCtejs+QRVgeCrq3M/TUP1USN6shYS1uRVV5EPSy5NAsMO11Nzft7jaax
 LHQxJrCUeO2fHs2vTlzmwoxFq/9882LFRmOzuKqXAnhMQyuySdtbK4rs7ap4gjIt
 Zg6m0xDZWxPdIIrtoZGRuTcMSwV5QT4oTFQ125dgPO6zX9pwUWwN4Sg2zwn6aMx5
 BuHiJmfZsz48TRv1ui7wWjMNrMs8XnUPEOQUJpNHlDbuZbK+WRoIIUjVvtffSclu
 InpFCEq7OSov45ASYZ0SLNJO3N5L1zWjjjrJ3BQjCTxBNLUniBp6w2byWq0XObPD
 BnkZ3MA9xvkvrDsucAkm
 =rtdH
 -----END PGP SIGNATURE-----

Merge tag 'gcc-plugins-v4.13-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

Pull GCC plugin updates from Kees Cook:
 "The big part is the randstruct plugin infrastructure.

  This is the first of two expected pull requests for randstruct since
  there are dependencies in other trees that would be easier to merge
  once those have landed. Notably, the IPC allocation refactoring in
  -mm, and many trivial merge conflicts across several trees when
  applying the __randomize_layout annotation.

  As a result, it seemed like I should send this now since it is
  relatively self-contained, and once the rest of the trees have landed,
  send the annotation patches. I'm expecting the final phase of
  randstruct (automatic struct selection) will land for v4.14, but if
  its other tree dependencies actually make it for v4.13, I can send
  that merge request too.

  Summary:

  - typo fix in Kconfig (Jean Delvare)

  - randstruct infrastructure"

* tag 'gcc-plugins-v4.13-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
  ARM: Prepare for randomized task_struct
  randstruct: Whitelist NIU struct page overloading
  randstruct: Whitelist big_key path struct overloading
  randstruct: Whitelist UNIXCB cast
  randstruct: Whitelist struct security_hook_heads cast
  gcc-plugins: Add the randstruct plugin
  Fix English in description of GCC_PLUGIN_STRUCTLEAK
  compiler: Add __designated_init annotation
  gcc-plugins: Detail c-common.h location for GCC 4.6
2017-07-05 11:46:59 -07:00
Linus Torvalds
2cc7b4ca7d Various fixes and tweaks for the pstore subsystem. Highlights:
- use memdup_user() instead of open-coded copies (Geliang Tang)
 - fix record memory leak during initialization (Douglas Anderson)
 - avoid confused compressed record warning (Ankit Kumar)
 - prepopulate record timestamp and remove redundant logic from backends
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 Comment: Kees Cook <kees@outflux.net>
 
 iQIcBAABCgAGBQJZXGq0AAoJEIly9N/cbcAmecQP/iw5ngoGaB5pQD8Jq8srzWJK
 nGysSHuEQmDMSmTpXKllmi+AVotMXtvLzeEy0ThmtaTYJPUF2NYi4BIv0SonAu/v
 6Jds4AP9OYBZAxe95Xdk/VlDpo3LW2DxDk3URC3kmDCWqr91zH2a8RQCfr1ArGb0
 7vI0fEKuc4rDTnOIw4hlJ60UyYX+PsD7m/s/9p///mFN7nIhCvm1w9ToIIwNovX7
 4Hvgs135ZanBjLkvPEKPMQRoizCGEeznZPNhn0WFe+AKFIW0KLME+XArgcrCg5w+
 UZr3p706fqMe54ZuZhzlaoHZKuEEfsSda8XamgSA1tMuHm983DZJ0k9nskyXRqtT
 tGBSaFbrArAim3JvI5diJ6LB7QGGThGWjUc8tkbTMyJyxwZeDvoPIyirzTnignRz
 RbnL3DJDAnKqNuf0RyX6a6iz6JobXRz52SZqOWZ/CWrDnBtsXnvPz/enMANgKLZn
 5Hq3ngapIa+DdK6jipppgPMY2woHrb3Jr6E0xhU6PDXQFMNI8cnD0+6H8h3//XG0
 4q6bGsDMy6G6o6RvxIFN+Nr7Xrff8CSlujClIQBPSgn0fPcxvOnZTnYjN0UQ0RMW
 OCh68vb4eJgi3diYLqQ/1m25fIRsxC8O0uu089bH4uGJgtZUfEX+D6L5UtBGt+fe
 BXbX1HbaVFeatVB/o0el
 =VRl5
 -----END PGP SIGNATURE-----

Merge tag 'pstore-v4.13-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

Pull pstore updates from Kees Cook:
 "Various fixes and tweaks for the pstore subsystem.

  Highlights:

   - use memdup_user() instead of open-coded copies (Geliang Tang)

   - fix record memory leak during initialization (Douglas Anderson)

   - avoid confused compressed record warning (Ankit Kumar)

   - prepopulate record timestamp and remove redundant logic from
     backends"

* tag 'pstore-v4.13-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
  powerpc/nvram: use memdup_user
  pstore: use memdup_user
  pstore: Fix format string to use %u for record id
  pstore: Populate pstore record->time field
  pstore: Create common record initializer
  efi-pstore: Refactor erase routine
  pstore: Avoid potential infinite loop
  pstore: Fix leaked pstore_record in pstore_get_backend_records()
  pstore: Don't warn if data is uncompressed and type is not PSTORE_TYPE_DMESG
2017-07-05 11:43:47 -07:00
Linus Torvalds
e24dd9ee53 Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security layer updates from James Morris:

 - a major update for AppArmor. From JJ:

     * several bug fixes and cleanups

     * the patch to add symlink support to securityfs that was floated
       on the list earlier and the apparmorfs changes that make use of
       securityfs symlinks

     * it introduces the domain labeling base code that Ubuntu has been
       carrying for several years, with several cleanups applied. And it
       converts the current mediation over to using the domain labeling
       base, which brings domain stacking support with it. This finally
       will bring the base upstream code in line with Ubuntu and provide
       a base to upstream the new feature work that Ubuntu carries.

     * This does _not_ contain any of the newer apparmor mediation
       features/controls (mount, signals, network, keys, ...) that
       Ubuntu is currently carrying, all of which will be RFC'd on top
       of this.

 - Notable also is the Infiniband work in SELinux, and the new file:map
   permission. From Paul:

      "While we're down to 21 patches for v4.13 (it was 31 for v4.12),
       the diffstat jumps up tremendously with over 2k of line changes.

       Almost all of these changes are the SELinux/IB work done by
       Daniel Jurgens; some other noteworthy changes include a NFS v4.2
       labeling fix, a new file:map permission, and reporting of policy
       capabilities on policy load"

   There's also now genfscon labeling support for tracefs, which was
   lost in v4.1 with the separation from debugfs.

 - Smack incorporates a safer socket check in file_receive, and adds a
   cap_capable call in privilege check.

 - TPM as usual has a bunch of fixes and enhancements.

 - Multiple calls to security_add_hooks() can now be made for the same
   LSM, to allow LSMs to have hook declarations across multiple files.

 - IMA now supports different "ima_appraise=" modes (eg. log, fix) from
   the boot command line.

* 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (126 commits)
  apparmor: put back designators in struct initialisers
  seccomp: Switch from atomic_t to recount_t
  seccomp: Adjust selftests to avoid double-join
  seccomp: Clean up core dump logic
  IMA: update IMA policy documentation to include pcr= option
  ima: Log the same audit cause whenever a file has no signature
  ima: Simplify policy_func_show.
  integrity: Small code improvements
  ima: fix get_binary_runtime_size()
  ima: use ima_parse_buf() to parse template data
  ima: use ima_parse_buf() to parse measurements headers
  ima: introduce ima_parse_buf()
  ima: Add cgroups2 to the defaults list
  ima: use memdup_user_nul
  ima: fix up #endif comments
  IMA: Correct Kconfig dependencies for hash selection
  ima: define is_ima_appraise_enabled()
  ima: define Kconfig IMA_APPRAISE_BOOTPARAM option
  ima: define a set of appraisal rules requiring file signatures
  ima: extend the "ima_policy" boot command line to support multiple policies
  ...
2017-07-05 11:26:35 -07:00
Linus Torvalds
7391786a64 Merge branch 'stable-4.13' of git://git.infradead.org/users/pcmoore/audit
Pull audit updates from Paul Moore:
 "Things are relatively quiet on the audit front for v4.13, just five
  patches for a total diffstat of 102 lines.

  There are two patches from Richard to consistently record the POSIX
  capabilities and add the ambient capability information as well.

  I also chipped in two patches to fix a race condition with the auditd
  tracking code and ensure we don't skip sending any records to the
  audit multicast group.

  Finally a single style fix that I accepted because I must have been in
  a good mood that day.

  Everything passes our test suite, and should be relatively harmless,
  please merge for v4.13"

* 'stable-4.13' of git://git.infradead.org/users/pcmoore/audit:
  audit: make sure we never skip the multicast broadcast
  audit: fix a race condition with the auditd tracking code
  audit: style fix
  audit: add ambient capabilities to CAPSET and BPRM_FCAPS records
  audit: unswing cap_* fields in PATH records
2017-07-05 11:24:05 -07:00
Linus Torvalds
eed1fc8779 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/pmladek/printk
Pull printk updates from Petr Mladek:

 - Store printk() messages into the main log buffer directly even in NMI
   when the lock is available. It is the best effort to print even large
   chunk of text. It is handy, for example, when all ftrace messages are
   printed during the system panic in NMI.

 - Add missing annotations to calm down compiler warnings

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/pmladek/printk:
  printk: add __printf attributes to internal functions
  printk: Use the main logbuf in NMI when logbuf_lock is available
2017-07-05 11:11:26 -07:00
David S. Miller
0e72582270 Merge branch 'phy-dp83867-workaround-incorrect-RX_CTRL-pin-strap'
Sekhar Nori says:

====================
net: phy: dp83867: workaround incorrect RX_CTRL pin strap

This patch series adds workaround for incorrect RX_CTRL pin strap
setting that can be found on some TI boards.

This is required to be complaint to PHY datamanual specification.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-05 09:23:53 +01:00
Murali Karicheri
371444764b net: phy: dp83867: add workaround for incorrect RX_CTRL pin strap
The data manual for DP83867IR/CR, SNLS484E[1], revised march 2017,
advises that strapping RX_DV/RX_CTRL pin in mode 1 and 2 is not
supported (see note below Table 5 (4-Level Strap Pins)).

There are some boards which have the pin strapped this way and need
software workaround suggested by the data manual. Bit[7] of
Configuration Register 4 (address 0x0031) must be cleared to 0. This
ensures proper operation of the PHY.

Implement driver support for device-tree property meant to advertise
the wrong strapping.

[1] http://www.ti.com/lit/ds/snls484e/snls484e.pdf

Signed-off-by: Murali Karicheri <m-karicheri2@ti.com>
[nsekhar@ti.com: rebase to mainline, code simplification]
Signed-off-by: Sekhar Nori <nsekhar@ti.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-05 09:23:53 +01:00
Murali Karicheri
908a773325 dt-bindings: phy: dp83867: provide a workaround for incorrect RX_CTRL pin strap
The data manual for DP83867IR/CR, SNLS484E[1], revised march 2017,
advises that strapping RX_DV/RX_CTRL pin in mode 1 and 2 is not
supported (see note below Table 5 (4-Level Strap Pins)).

It further advises that if a board has this pin strapped in mode 1 and
mode 2, then to ensure proper operation of the PHY, a software workaround
must be implemented.

Since it is not possible to detect in software if RX_DV/RX_CTRL pin is
incorrectly strapped, add a device-tree property for the board to
advertise this and allow corrective action in software.

[1] http://www.ti.com/lit/ds/snls484e/snls484e.pdf

Signed-off-by: Murali Karicheri <m-karicheri2@ti.com>
[nsekhar@ti.com: rebase to mainline, split documentation into separate patch]
Signed-off-by: Sekhar Nori <nsekhar@ti.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-05 09:23:53 +01:00
David S. Miller
a778427efc Merge branch 'cxgb4-ptp'
Atul Gupta says:

====================
cxgb4: Add PTP Hardware Clock (PHC) support

V4:
	Splitting the patch again
V3:
        Releasing lock in the exit paths
V2:
        Splitting the patch
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-05 09:21:54 +01:00
Atul Gupta
c3ff08eba9 cxgb4: Support for get_ts_info ethtool method
Cc: Richard Cochran <richardcochran@gmail.com>
Signed-off-by: Atul Gupta <atul.gupta@chelsio.com>
Signed-off-by: Ganesh Goudar <ganeshgr@chelsio.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-05 09:21:54 +01:00
Atul Gupta
9c33e4208b cxgb4: Add PTP Hardware Clock (PHC) support
Add PTP IEEE-1588 support and make it accessible via PHC subsystem.
The functionality is enabled for T5/T6 adapters. Driver interfaces with
Firmware to program and adjust the clock offset.

Cc: Richard Cochran <richardcochran@gmail.com>
Signed-off-by: Atul Gupta <atul.gupta@chelsio.com>
Signed-off-by: Ganesh Goudar <ganeshgr@chelsio.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-05 09:21:54 +01:00
Atul Gupta
a456950445 cxgb4: time stamping interface for PTP
Supports hardware and software time stamping via the
Linux SO_TIMESTAMPING socket option.

Cc: Richard Cochran <richardcochran@gmail.com>
Signed-off-by: Atul Gupta <atul.gupta@chelsio.com>
Signed-off-by: Ganesh Goudar <ganeshgr@chelsio.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-05 09:21:54 +01:00
David S. Miller
97d731d810 Merge branch 'nfp-port-enumeration-change-and-FW-ABI-adjustment'
Jakub Kicinski says:

====================
nfp: port enumeration change and FW ABI adjustment

This set changes the way ports are numbered internally to avoid MAC address
changes and invalid link information when breakout is configured.  Second
patch gets rid of old way of looking up MAC addresses in device information
which caused all this confusion.

Patch 3 is a small adjustment to the new FW ABI version we introduced in
this release cycle.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-05 09:13:08 +01:00
Jakub Kicinski
64a919a944 nfp: default to chained metadata prepend format
ABI 4.x introduced the chained metadata format and made it the
only one possible.  There are cases, however, where the old
format is preferred - mostly to make interoperation with VFs
using ABI 3.x easier for the datapath.  In ABI 5.x we allowed
for more flexibility by selecting the metadata format based
on capabilities.  The default was left to non-chained.

In case of fallback traffic, there is no capability telling the
driver there may be chained metadata.  With a very stripped-
-down FW the default old metadata format would be selected
making the driver drop all fallback traffic.

This patch changes the default selection in the driver. It
should not hurt with old firmwares, because if they don't
advertise RSS they will not produce metadata anyway.  New
firmwares advertising ABI 5.x, however, can depend on the
driver defaulting to chained format.

Fixes: f9380629fa ("nfp: advertise support for NFD ABI 0.5")
Suggested-by: Michael Rapson <michael.rapson@netronome.com>
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-05 09:13:07 +01:00
Jakub Kicinski
cb2cda4848 nfp: remove legacy MAC address lookup
The legacy MAC address lookup doesn't work well with breakout
cables.  We are probably better off picking random addresses
than the wrong ones in the theoretical scenario where management
FW didn't tell us what the port config is.

Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-05 09:13:07 +01:00
Jakub Kicinski
2eb333c4b4 nfp: improve order of interfaces in breakout mode
For historical reasons we enumerate the vNICs in order.  This means
that if user configures breakout on a multiport card, the first
interface of the second port will have its MAC address changed.

What's worse, when moved from static information (HWInfo) to using
management FW (NSP), more features started depending on the port ids.
Right now in case of breakout first subport of the second port and
second subport of the first port will have their link info swapped.

Revise the ordering scheme so that first subport maintains its address.
Side effect of this change is that we will use base lane ids in
devlink (i.e. 40G ports will be 4 ids apart), e.g.:

pci/0000:04:00.0/0: type eth netdev p6p1
pci/0000:04:00.0/4: type eth netdev p6p2

Note that behaviour of phys_port_id is not changed since there is
a separate id number for the subport there.

Fixes: ec8b1fbe68 ("nfp: support port splitting via devlink")
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-05 09:13:07 +01:00
Colin Ian King
42af627b40 net: macb: remove extraneous return when MACB_EXT_DESC is defined
When macro MACB_EXT_DESC is defined we end up with two identical
return statements and just one is sufficient. Remove the extra
return.

Detected by CoverityScan, CID#1449361 ("Structurally dead code")

Signed-off-by: Colin Ian King <colin.king@canonical.com>
Acked-by: Nicolas Ferre <nicolas.ferre@microchip.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-05 09:09:36 +01:00
Colin Ian King
6d3f06a004 bpf: add missing break in for the TCP_BPF_SNDCWND_CLAMP case
There appears to be a missing break in the TCP_BPF_SNDCWND_CLAMP case.
Currently the non-error path where val is greater than zero falls through
to the default case that sets the error return to -EINVAL. Add in
the missing break.

Detected by CoverityScan, CID#1449376 ("Missing break in switch")

Fixes: 13bf96411a ("bpf: Adds support for setting sndcwnd clamp")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Lawrence Brakmo <brakmo@fb.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-05 09:08:54 +01:00
Lawrence Brakmo
f856e46978 bpf: fix return in load_bpf_file
The function load_bpf_file ignores the return value of
load_and_attach(), so even if load_and_attach() returns an error,
load_bpf_file() will return 0.

Now, load_bpf_file() can call load_and_attach() multiple times and some
can succeed and some could fail. I think the correct behavor is to
return error on the first failed load_and_attach().

v2: Added missing SOB

Signed-off-by: Lawrence Brakmo <brakmo@fb.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-05 09:05:28 +01:00
Roopa Prabhu
ca4a1cd930 mpls: fix rtm policy in mpls_getroute
fix rtm policy name typo in mpls_getroute and also remove
export of rtm_ipv4_policy

Fixes: 397fc9e5ce ("mpls: route get support")
Reported-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-05 09:04:32 +01:00
Herbert Xu
035f901eac Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Merge the crypto tree to pull in fixes for the next merge window.
2017-07-05 15:17:26 +08:00
Kees Cook
d1185a8c5d Merge branch 'merge/randstruct' into for-next/gcc-plugins 2017-07-04 21:41:31 -07:00
Kees Cook
03232e0dde Merge branch 'for-next/gcc-plugin-infrastructure' into merge/randstruct 2017-07-04 21:40:47 -07:00
Linus Torvalds
19964541c2 ARM: SoC 64-bit changes
Changes to platform code for 64-bit ARM platforms.
 
 Andreas Färber adds two new platforms with initial code: Realtek RTD1295
 and Action Semi S900. Both are fairly similar chips, used mainly in
 set-top-boxes, but with other possible applications, and additional
 members in the respective product families that could be added in the
 future. The code here is fairly minimal, as all the interesting parts
 are in device drivers and dts files.
 
 The Broadcom Vulcan platform gets dropped, as no products ever became
 available, and Cavium integrated the platform under a new name.
 
 Among some other defconfig changes, Timur Tabi enables a number of
 options that are typically required for server platforms.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIVAwUAWVo2eWCrR//JCVInAQLA6w/8CF+OI6BAw6dcW9BIqyZc80/tlYpbm39+
 nKpCWEndQCxBubjAD/+lFuUB5sh/twsq6MYsnvRM3s4KTy6yzcZSO387AZLXAoSy
 +OAyCd6JWQo4VrElPjTvzVWqCeuBjA/kh7x3cae+iYVREjKvwgyXNTIMKCtGWCcC
 ClBa3FHdSWOaobRIfrGwwbHVahdOMKwEDPma1PaJ/eaIcGA2H/P1Lwyqf4z3ayka
 mIPM6aWlwydFfJZYKiqzlSbN7ZMboB8SJf6xs56R9JUwybGU774OqTik2/pBbqJ3
 RCtcEE5xq8xjC7s2frebLR/0amgoGqkCWSuj4ZU2AO+gg0sUnP3+cc1l6onkOleT
 JdnPFZ/pU4PfYDbfnm8M36omybQmRMw2Y1pdI+GlVPX4qTK1bcz+jbWwI1+uu5w0
 f0Q5oj/O4MKTCTro/ez6GlrnM9x5/ObQb3B3Zk6UcTLNYPp2BcyOKE57udLw3x8v
 C2Rsn29sghKbmjD2cbSB6RvJdJezr5e2ZkRcKSuo5iLpJht1so4lwbbSJawrIwPm
 MmvGLwfia33KIbwpfh4BYTUQ9+dFARBbbxPrm3fryPFx88cLlXSwjN09QH+8R70w
 F3fed2EOr5/WvsqTazQarBSuqxCJ4uBvj3kjsc3f+bp1OjeofGqM9TwGVOxU7Rzy
 O5YjLVKdfe4=
 =771F
 -----END PGP SIGNATURE-----

Merge tag 'armsoc-arm64' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc

Pull ARM SoC 64-bit updates from Arnd Bergmann:
 "Changes to platform code for 64-bit ARM platforms.

  Andreas Färber adds two new platforms with initial code: Realtek
  RTD1295 and Action Semi S900. Both are fairly similar chips, used
  mainly in set-top-boxes, but with other possible applications, and
  additional members in the respective product families that could be
  added in the future. The code here is fairly minimal, as all the
  interesting parts are in device drivers and dts files.

  The Broadcom Vulcan platform gets dropped, as no products ever became
  available, and Cavium integrated the platform under a new name.

  Among some other defconfig changes, Timur Tabi enables a number of
  options that are typically required for server platforms"

* tag 'armsoc-arm64' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc:
  arm64: defconfig: remove duplicate entry
  arm64: defconfig: enable Qualcomm Technologies EMAC and some PHY drivers
  arm64: defconfig: enable QCOM_L2_PMU and QCOM_L3_PMU
  arm64: defconfig: enable EDAC options
  arm64: defconfig: enable APEI and GHES features
  arm64: defconfig: enable support for PCIe hotplug
  arm64: defconfig: enable EFI_CAPSULE_LOADER
  arm64: defconfig: enable BLK_DEV_NVME
  arm64: defconfig: enable ACPI_CPPC_CPUFREQ
  arm64: marvell: enable ICU and GICP drivers
  arm64: marvell: enable the Armada 7K/8K pinctrl driver
  arm64: Prepare Actions Semi S900
  ARM64: defconfig: enable meson SPICC as module
  ARM64: defconfig: enable IR core, decoders and Meson IR device
  arm64: defconfig: enable Simple Sound Card support
  arm64: defconfig: Enable ARCH_BRCMSTB
  arm64: defconfig: drop ARCH_VULCAN
  arm64: disable Broadcom Vulcan platform
  MAINTAINERS: Add Realtek section
  ARM64: Prepare Realtek RTD1295
2017-07-04 14:53:26 -07:00
Linus Torvalds
a9ceea2674 ARM: 64-bit DT updates
Device-tree updates for arm64 platforms. For the first time I can
 remember, this is actually larger than the corresponding branch for
 32-bit platforms overall, though that has more individual changes.
 
 A significant portion this time is due to added machine support:
 
 - Initial support for the Realtek RTD1295 SoC, along with the Zidoo
   X9S set-top-box
 
 - Initial support for Actions Semi S900 and the Bubblegum-96
   single-board-cёmputer.
 
 - Rockchips support for the rk3399-Firefly single-board-computer
   gets added, this one stands out for being relatively fast,
   affordable and well₋supported, compared to many boards that
   only fall into one or two of the above categories.
 
 - Mediatek gains support for the mt6797 mobile-phone SoC platform
   and corresponding evaluation board.
 
 - Amlogic board support gets added for the NanoPi K2 and S905x
   LibreTech CC single-board computers and the R-Box Pro set-top-box
 
 - Allwinner board support gets added for the OrangePi Win,
   Orangepi Zero Plus 2, NanoPi NEO2 and Orange Pi Prime single
   board computers and the SoPine system-on-module.
 
 - Renesas board support for Salvator-XS and H3ULCB
   automotive development systems.
 
 - Socionext Uniphier board support for LD11-global and LD20-global,
   whatever those may be.
 
 - Broadcom adds support for the new Stingray communication processor
   in its iProc family, along with two reference boards.
 
 Other updates include:
 
 - For the hisicon platform, support for Hi3660-Hikey960 gets
   extended significantly.
 
 - Lots of smaller updates for Renesas, Amlogic, Rockchip, UniPhier,
   Broadcom, Allwinner, Hisilicon, Qualcomm, Marvell, and NXP.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIVAwUAWVpZnmCrR//JCVInAQJYsBAAhuoRK5WZawkeAMEbkGeyOXYbnp6qUlKm
 w1lwXXdStLjkOUmQXo5KNDmWiHbPnuhwHprX9HMPDI0G1+DSaOlxIezNFIlKOUyW
 fQxZjt4+L3eRXQCetj3P+QAp37ifmFxSg0RmM+fGBwAhNcyf6nH98cn4ZaauZrfu
 F3cJz9t9MTdIlxXXF1uTAk9g9tR8sCoD4ekmM15MwtLZZTqmZNP1OelRDwwzNoOn
 6pp4BUDOFhesynsI7uYoKdj0lt0fGg348FAlt9w1g9xQ819wrdaz/eAmV49eUZQ+
 Ps8FY1OvJsVaoe3yGeEG0Ps87VTRCzSOFqstNDftYsz+q5Mm8ImEwG8JhuoqyDQD
 /VW+DamdXyN4tuUFQfg+Cz8+6WZRwfTeOVmuvC4aRuKNDWV5CC5qP1B7oZ/a2nYR
 6M8+1W+RJOgjJ9wa/125Z6edEpzCRzfxDSLKyHbQ2q//0NK0kRrS9+Rdi6FlReV3
 mVGtK5gFLVzcCyBSaMY48KnRe0/cjOZ5YXw5o/DIeYJkyPnOlN1pXOEMalQCf+uI
 6D8pjO307lt6TLCiq3i2C8bN5k0FBqD4rirsp9PlRw3vTx1LI+KnhJQ8NOrrTheW
 gtDevoDMssnJdmVj3Wbv8DPWJOGSF6vA/xvsQBe0MglHFtuR/0jp9YC8ncvIP1RC
 CkFTqmpZXYg=
 =E8pa
 -----END PGP SIGNATURE-----

Merge tag 'armsoc-dt64' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc

Pull ARM 64-bit DT updates from Arnd Bergmann:
 "Device-tree updates for arm64 platforms. For the first time I can
  remember, this is actually larger than the corresponding branch for
  32-bit platforms overall, though that has more individual changes.

  A significant portion this time is due to added machine support:

   - Initial support for the Realtek RTD1295 SoC, along with the Zidoo
     X9S set-top-box

   - Initial support for Actions Semi S900 and the Bubblegum-96
     single-board-cёmputer.

   - Rockchips support for the rk3399-Firefly single-board-computer gets
     added, this one stands out for being relatively fast, affordable
     and well₋supported, compared to many boards that only fall into one
     or two of the above categories.

   - Mediatek gains support for the mt6797 mobile-phone SoC platform and
     corresponding evaluation board.

   - Amlogic board support gets added for the NanoPi K2 and S905x
     LibreTech CC single-board computers and the R-Box Pro set-top-box

   - Allwinner board support gets added for the OrangePi Win, Orangepi
     Zero Plus 2, NanoPi NEO2 and Orange Pi Prime single board computers
     and the SoPine system-on-module.

   - Renesas board support for Salvator-XS and H3ULCB automotive
     development systems.

   - Socionext Uniphier board support for LD11-global and LD20-global,
     whatever those may be.

   - Broadcom adds support for the new Stingray communication processor
     in its iProc family, along with two reference boards.

  Other updates include:

   - For the hisicon platform, support for Hi3660-Hikey960 gets extended
     significantly.

   - Lots of smaller updates for Renesas, Amlogic, Rockchip, UniPhier,
     Broadcom, Allwinner, Hisilicon, Qualcomm, Marvell, and NXP"

* tag 'armsoc-dt64' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc: (243 commits)
  ARM64: dts: marvell: armada37xx: Fix timer interrupt specifiers
  Revert "arm64: dts: marvell: add dma-mask in crypto nodes for 7k/8k"
  arm64: dts: mediatek: don't include missing file
  ARM64: dts: meson-gxl: Add Libre Technology CC support
  dt-bindings: arm: amlogic: Add Libre Technology CC board
  dt-bindings: add Libre Technology vendor prefix
  arm64: dts: marvell: enable GICP and ICU on Armada 7K/8K
  arm64: dts: zte: Use - instead of @ for DT OPP entries
  arm64: dts: marvell: add gpio support for Armada 7K/8K
  arm64: dts: marvell: add pinctrl support for Armada 7K/8K
  arm64: dts: marvell: use new binding for the system controller on cp110
  arm64: dts: marvell: remove *-clock-output-names on cp110
  arm64: dts: marvell: use new bindings for xor clocks on ap806
  arm64: dts: marvell: mcbin: enable the mdio node
  arm64: dts: Add Actions Semi S900 and Bubblegum-96
  dt-bindings: Add vendor prefix for uCRobotics
  arm64: dts: marvell: add xmdio nodes for 7k/8k
  arm64: dts: marvell: add a comment on the cp110 slave node status
  arm64: dts: marvell: remove cpm crypto nodes from dts files
  arm64: dts: marvell: cp110: enable the crypto engine at the SoC level
  ...
2017-07-04 14:50:59 -07:00
Linus Torvalds
e854711291 ARM: SoC driver updates
- New SoC specific drivers
   - NVIDIA Tegra PM Domain support for newer SoCs (Tegra186 and later)
     based on the "BPMP" firmware
   - Clocksource and system controller drivers for the newly added
     Action Semi platforms (both arm and arm64).
 
 - Reset subsystem, merged through arm-soc by tradition:
   - New drivers for Altera Stratix10, TI Keystone and Cortina Gemini SoCs
   - Various subsystem-wide cleanups
 
 - Updates for existing SoC-specific drivers
   - TI GPMC (General Purpose Memory Controller)
   - Mediatek "scpsys" system controller support for MT6797
   - Broadcom "brcmstb_gisb" bus arbitrer
   - ARM SCPI firmware
   - Renesas "SYSC" system controller
 
 One more driver update was submitted for the Freescale/NXP DPAA
 data path acceleration that has previously been used on PowerPC
 chips. I ended up postponing the merge until some API questions
 for its unusual MMIO access are resolved.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIVAwUAWVpDFmCrR//JCVInAQKoihAAosgC3+3IHppOhHid+HepkOcp2teyKknw
 42fSXVpTdfWa8Oe7q80Kzmz2CPNfFq2SzHz6oXb9WCcDFqSGr0b9aSE7NnksRjTf
 2euHVJ4MnJpkRewvorRmcpK8dPXDcHwEw/8hU3yZtJUGI0IKtlrqXis+evgkz9cn
 YDynuVdAZgZiEfiNeSeadyNLcxaQCc3x9ovvsBXxBa1/x1pfeRnTbp+6hiHilCJu
 Szts/yAzZzZE9Jkf9dLKfNlsT6m2SgtjukqqOR+zHAhi7/BdTFSVUP6L8u7QjrR+
 +ijTICg8FMJGiWLAOe6ED2qZVByN92EJ2AGwriYlSles9ouoGfRkJ2rwxyjbete7
 avy0HP+PSBFXWdwbOcq8HX8CrbuBltagl5fkMokct6biWLLMshNZ33WWdQ6/DsM2
 b9mAAZuhbs0g1qWUBD3+q6qBytSuGme6Px6fMoVEc4GQ2YVFUQOoEfZOGKRv1U1o
 aMWGt/6qeF8SG288rYAnQ/TuYWpOLtksV6yhotA00HUHhkTCy0xVCdyWGZtNyKhG
 o/x4YnhWFzHsXmqKcR1sM7LzfZY/WNmbrOLvK6i83Z0P7QptqrdaLAylL3iSPEyX
 ZDUgExf6PYXkWIewc3KwC5sJjuD05z3ZCgIR+mCezwbuD+3Z2fOdjodY/VBZ74hq
 URcM/BqtuWE=
 =5L6n
 -----END PGP SIGNATURE-----

Merge tag 'armsoc-drivers' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc

Pull ARM SoC driver updates from Arnd Bergmann:
 "New SoC specific drivers:

   - NVIDIA Tegra PM Domain support for newer SoCs (Tegra186 and later)
     based on the "BPMP" firmware

   - Clocksource and system controller drivers for the newly added
     Action Semi platforms (both arm and arm64).

  Reset subsystem, merged through arm-soc by tradition:

   - New drivers for Altera Stratix10, TI Keystone and Cortina Gemini
     SoCs

   - Various subsystem-wide cleanups

  Updates for existing SoC-specific drivers

   - TI GPMC (General Purpose Memory Controller)

   - Mediatek "scpsys" system controller support for MT6797

   - Broadcom "brcmstb_gisb" bus arbitrer

   - ARM SCPI firmware

   - Renesas "SYSC" system controller

  One more driver update was submitted for the Freescale/NXP DPAA data
  path acceleration that has previously been used on PowerPC chips. I
  ended up postponing the merge until some API questions for its unusual
  MMIO access are resolved"

* tag 'armsoc-drivers' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc: (35 commits)
  clocksource: owl: Add S900 support
  clocksource: Add Owl timer
  soc: renesas: rcar-sysc: Use GENPD_FLAG_ALWAYS_ON
  firmware: tegra: Fix locking bugs in BPMP
  soc/tegra: flowctrl: Fix error handling
  soc/tegra: bpmp: Implement generic PM domains
  soc/tegra: bpmp: Update ABI header
  PM / Domains: Allow overriding the ->xlate() callback
  soc: brcmstb: enable drivers for ARM64 and BMIPS
  soc: renesas: Rework Kconfig and Makefile logic
  reset: Add the TI SCI reset driver
  dt-bindings: reset: Add TI SCI reset binding
  reset: use kref for reference counting
  soc: qcom: smsm: Improve error handling, quiesce probe deferral
  cpufreq: scpi: use new scpi_ops functions to remove duplicate code
  firmware: arm_scpi: add support to populate OPPs and get transition latency
  dt-bindings: reset: Add reset manager offsets for Stratix10
  memory: omap-gpmc: add error message if bank-width property is absent
  memory: omap-gpmc: make dts snippet include semicolon
  reset: Add a Gemini reset controller
  ...
2017-07-04 14:47:47 -07:00
Linus Torvalds
9ce32ac8f8 ARM: SoC defconfig updates
The main changes this time are from a cleanup series that Krzysztof
 Kozłowski did, looking for config options in the defconfig files that
 got removed or renamed. He tracked them down to make sure we don't
 lose information unintentionally after an update.
 
 Aside from that, there is the usual driver enablement, this time for
 davinci, samsung, stm⅗2, bcm2835, qualcomm, at91, imx, mvebu, and omap.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIVAwUAWVo9GGCrR//JCVInAQK7jQ//dBWqZomnTRTiHS1y5DOfKIV1AdHCAKlN
 Q+BqglAl+QQAlNLHLVRVpJo3Cs53J3CXW/J0WdMSNMfgKJeVksF3L4acGoZ3KTBI
 zEStE1WuA494Xfdz6oxLsy6NB6jReDPEAqJlcNWSDEC0WIAXDaFCSvPJd8Vk0+2u
 QXysbZH9OGueBjWuZYtE9qi5jMt7Sfjsuoi2O3FpU5md0oIRdwvIuhctxv4hzmct
 MeNnkuSburz+o9/BLljjwL/BeMDz3kabFHEwvAtaEUsOKltrP1V81JQxcgmG+mkv
 IG2x9q3B2atlb8Jf+Rhe/bwjirNiBzovomEOWiU1XqYlcAuy47tQ0wSdhMaech3P
 cwIfhoVcMgqlyQN6ymZhwoiufzYgnSdbUP5r8CVg/iFGxfa9FWvEAROFVbm5k7qK
 8i5BQqf6fZeh+YA8d3treLtwQHvTk8gfJy9ZjtWEx9pz56Gt3EsbLfyt6APX+EV8
 MNvZaKznPRl724hVV9j9T24gXG6HLzeA7igTKzpF9lk0sXjqM49tji+64PYcvAJ+
 YE77ZfrFxC3R/lnqj3sOWey5rj15l8kaZ24b10YR3T7sWgUUoJZTymjD3uEpnPBr
 Wlo+DK0+dxFQEG5MX4UD56so0krbLPBwpHvVZ60yOEmAd0UZz7HErLlDBaRp1KBS
 ZR+YPNBjwVc=
 =tmYq
 -----END PGP SIGNATURE-----

Merge tag 'armsoc-defconfig' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc

Pull ARM SoC defconfig updates from Arnd Bergmann:
 "The main changes this time are from a cleanup series that Krzysztof
  Kozłowski did, looking for config options in the defconfig files that
  got removed or renamed. He tracked them down to make sure we don't
  lose information unintentionally after an update.

  Aside from that, there is the usual driver enablement, this time for
  davinci, samsung, stm32, bcm2835, qualcomm, at91, imx, mvebu, and
  omap"

* tag 'armsoc-defconfig' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc: (37 commits)
  multi_v7_defconfig: Enable OMAP MTD and DM816 AHCI
  ARM: qcom_defconfig: enable RPMSG_QCOM_SMD
  ARM: imx_v6_v7_defconfig: Select CONFIG_IMX7D_ADC
  ARM: mvebu: Enable SENSORS_PWM_FAN in defconfig
  ARM: davinci_all_defconfig: enable USB CDC NCM gadget
  ARM: davinci_all_defconfig: enable mtdtests
  ARM: imx_v6_v7_defconfig: Set THERMAL_WRITABLE_TRIPS=y for testing
  ARM: bcm2835_defconfig: Enable serial & ethernet USB gadget support
  ARM: tct_hammer_defconfig: Save defconfig
  ARM: s5pv210_defconfig: Save defconfig
  ARM: s3c6400_defconfig: Save defconfig
  ARM: mini2440_defconfig: Save defconfig
  ARM: s3c2410_defconfig: Save defconfig
  ARM: exynos_defconfig: Save defconfig
  ARM: s5pv210_defconfig: Bring back lost (but wanted) options
  ARM: s3c6400_defconfig: Bring back lost (but wanted) options
  ARM: s3c2410_defconfig: Bring back lost (but wanted) options
  ARM: tct_hammer_defconfig: Bring back lost (but wanted) options
  ARM: mini2440_defconfig: Bring back lost (but wanted) options
  ARM: defconfig: samsung: Re-order entries to match savedefconfig
  ...
2017-07-04 14:40:29 -07:00
Linus Torvalds
1849f800fb ARM: Device-tree updates
Device-tree continues to see lots of updates. The majority of patches
 here are smaller changes for new hardware on existing platforms, and
 there are a few larger changes worth pointing out.
 
 New machines:
 
 - The new Action Semi S500 platform is added along with initial
   support for the LeMaker Guitar board.
 
 - STM32 gains support for three new boards: stm32h743-disco,
   stm32f746-disco, and stm32f769-disco, along with new device
   support for the existing stm32f429 boards.
 
 - Renesas adds two new boards, the tiny GR-Peach based on RZ/A1H
   with 10MB on-chip SRAM, and the iWave G20D-Q7 System-on-Module
   plus board.
 
 - On Marvell "mvebu", we gain support for the Linksys WRT3200ACM
   wireless router.
 
 - For NXP i.MX, we gain support for the Gateworks Ventana GW5600
   and the Technexion Pico i.MX7D single-board computers.
 
 - The BeagleBone Blue is added for OMAP, it's the latest variation
   of the popular Beaglebone Black single-board computer.
 
 - The Allwinner based Lichee Pi Zero and NanoPi M1 Plus boards
   are added, these are the latest variations of a seemingly endless
   supply of similar single-board computers.
 
 Other updates:
 
 - Linus Walleij improves support for the "Faraday" based SoC platforms
   from various SoC makers (Moxart, Aspeed, Gemini)
 
 - The ARM Mali GPU is now describe on Rockchips SoCs
 
 - Mediatek MT7623 is extended significantly, making it much
   more useful.
 
 - Lots of individual updates on Renesas, OMAP, Rockchips, Broadcom,
   Allwinner, Qualcomm, iMX
 
 - For Amlogic, the clock support is extended a lot on meson8b.
 
 - We now build the devicetree file for the Raspberry Pi 3 on 32-bit
   ARM, in addition to the existing ARM64 support, to help users
   wanting to run a 32-bit system on it.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIVAwUAWVpLH2CrR//JCVInAQK5hxAAj8u8Y1RFWsfEXqAeGBme7PdiilEfm1ZR
 U6wu6unW/zUb+QwQj52hzmYB9+FEd/bcNgw4AqEzypqMA+vJ6AP5tpujCrOXREsG
 sk2LBnhOi/QbYfzIH6MYqjnrMbjSZ3LZpJ8+PSO+DpGwMkSKhWG5Jjjf1V69IbYJ
 8eTpsnDbpo1OA4mtj+7fDxKGdH2WFx4922UuqTSzgoIqaTV1X2wcicpiJsfKynXY
 3I9Apwhf/gKbtkWkVlNW7gxaAHONZOHEJ9rgIu6XoUCKbQrtbjZWEbKDUM1nJq5J
 4ZYbd9r1HZvujuLk2/IuKTidmXj/4Q1FiIn4jqHINVqNj8dPKKYIoW5nU8rlbxG/
 Ymy9WRY97YznWai49dnURGRbPNuiGyd9oaVsw7Wi1G2F4PgkAMgHs1rpERtIgnZg
 ZzPxlXZdowYUgL6Qawk3//81QqGG/YL8VZ+VltPkjFNNYtEk0U+j3xW/n2ORAdvT
 8EuNlTKid0Cq045nKkpAd5AWcgHIJe7IE3KiX/SpBtgH5PINlnUnwnm2f2TjRZCh
 bw3g32er1JLSW9lAl6agu58lxox7NC1AV4Qy7Qk23IsR2mAv5gb5zad5GXwE41nT
 qcyJ4OnDUpv/3f0LmH3WATQeHNnG8l8RgY8B6fH2GLlTQdmO7W7UTJ8tWU8E2sZ8
 5xPePuor0JM=
 =onXv
 -----END PGP SIGNATURE-----

Merge tag 'armsoc-dt' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc

Pull ARM device-tree updates from Arnd Bergmann:
 "Device-tree continues to see lots of updates. The majority of patches
  here are smaller changes for new hardware on existing platforms, and
  there are a few larger changes worth pointing out.

  New machines:

   - The new Action Semi S500 platform is added along with initial
     support for the LeMaker Guitar board.

   - STM32 gains support for three new boards: stm32h743-disco,
     stm32f746-disco, and stm32f769-disco, along with new device support
     for the existing stm32f429 boards.

   - Renesas adds two new boards, the tiny GR-Peach based on RZ/A1H with
     10MB on-chip SRAM, and the iWave G20D-Q7 System-on-Module plus
     board.

   - On Marvell "mvebu", we gain support for the Linksys WRT3200ACM
     wireless router.

   - For NXP i.MX, we gain support for the Gateworks Ventana GW5600 and
     the Technexion Pico i.MX7D single-board computers.

   - The BeagleBone Blue is added for OMAP, it's the latest variation of
     the popular Beaglebone Black single-board computer.

   - The Allwinner based Lichee Pi Zero and NanoPi M1 Plus boards are
     added, these are the latest variations of a seemingly endless
     supply of similar single-board computers.

  Other updates:

   - Linus Walleij improves support for the "Faraday" based SoC
     platforms from various SoC makers (Moxart, Aspeed, Gemini)

   - The ARM Mali GPU is now describe on Rockchips SoCs

   - Mediatek MT7623 is extended significantly, making it much more
     useful.

   - Lots of individual updates on Renesas, OMAP, Rockchips, Broadcom,
     Allwinner, Qualcomm, iMX

   - For Amlogic, the clock support is extended a lot on meson8b.

   - We now build the devicetree file for the Raspberry Pi 3 on 32-bit
     ARM, in addition to the existing ARM64 support, to help users
     wanting to run a 32-bit system on it"

* tag 'armsoc-dt' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc: (345 commits)
  ARM: dts: socfpga: set the i2c frequency
  ARM: dts: socfpga: Add second ethernet alias to VINING FPGA
  ARM: dts: socfpga: Drop LED node from VINING FPGA
  ARM: dts: socfpga: Remove I2C EEPROMs from VINING FPGA
  ARM: dts: socfpga: Enable QSPI support on VINING FPGA
  ARM: dts: socfpga: Fix the ethernet clock phandle
  ARM: pxa: Use - instead of @ for DT OPP entries
  ARM: dts: owl-s500: Add SPS node
  ARM: dts: owl-s500: Set CPU enable-method
  dt-bindings: arm: cpus: Add S500 enable-method
  ARM: dts: Add Actions Semi S500 and LeMaker Guitar
  dt-bindings: arm: Document Actions Semi S900
  dt-bindings: timer: Document Owl timer
  ARM: dts: imx6q-cm-fx6: add sdio wifi/bt nodes
  dt-bindings: arm: Document Actions Semi S500
  dt-bindings: Add vendor prefix for Actions Semi
  ARM: dts: turris-omnia: Add generic compatible string for I2C EEPROM
  ARM: dts: mvebu: add support for Linksys WRT3200ACM (Rango)
  ARM: dts: armada-385-linksys: fixup button node names
  ARM: dts: armada-385-linksys: group pins in pinctrl
  ...
2017-07-04 14:37:25 -07:00
David S. Miller
dcc13ee85f Merge branch 'net-subsystem-misc-refcounter-conversions'
Elena Reshetova says:

====================
v2 net subsystem misc refcounter conversions

Changes in v2:
 * rebase on top of net-next
 * currently by default refcount_t = atomic_t (*) and uses all
   atomic standard operations unless CONFIG_REFCOUNT_FULL is enabled.
   This is a compromise for the systems that are critical on
   performance (such as net) and cannot accept even slight delay
   on the refcounter operations.

This series, for various misc network components, replaces atomic_t reference
counters with the new refcount_t type and API (see include/linux/refcount.h).
By doing this we prevent intentional or accidental
underflows or overflows that can led to use-after-free vulnerabilities.
These are the last networking-related conversions with the exception of
network drivers (to be send separately).

Please excuse the long patch set, but seems like breaking it up
won't save that much on CC list and most of the changes are
trivial.

The patches are fully independent and can be cherry-picked separately.
In order to try with refcount functionality enabled in run-time,
CONFIG_REFCOUNT_FULL must be enabled.

NOTE: automatic kernel builder for some reason doesn't like all my
network branches and regularly times out the builds on these branches.
Suggestion for "waiting a day for a good coverage" doesn't work, as
we have seen with generic network conversions. So please wait for the
full report from kernel test rebot before merging further up.
This has been compile-tested in 116 configs, but 71 timed out (including
all s390-related configs again). I am trying to see if they can fix
build coverage for me in meanwhile.

* The respective change is currently merged into -next as
  "locking/refcount: Create unchecked atomic_t implementation".
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-04 22:35:20 +01:00
Reshetova, Elena
b6d52ede22 net, ax25: convert ax25_cb.refcount from atomic_t to refcount_t
refcount_t type and corresponding API should be
used instead of atomic_t when the variable is used as
a reference counter. This allows to avoid accidental
refcounter overflows that might lead to use-after-free
situations.

Signed-off-by: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Hans Liljestrand <ishkamiel@gmail.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: David Windsor <dwindsor@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-04 22:35:19 +01:00
Reshetova, Elena
39f25d42c0 net, ax25: convert ax25_route.refcount from atomic_t to refcount_t
refcount_t type and corresponding API should be
used instead of atomic_t when the variable is used as
a reference counter. This allows to avoid accidental
refcounter overflows that might lead to use-after-free
situations.

Signed-off-by: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Hans Liljestrand <ishkamiel@gmail.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: David Windsor <dwindsor@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-04 22:35:19 +01:00
Reshetova, Elena
07f2282fc6 net, ax25: convert ax25_uid_assoc.refcount from atomic_t to refcount_t
refcount_t type and corresponding API should be
used instead of atomic_t when the variable is used as
a reference counter. This allows to avoid accidental
refcounter overflows that might lead to use-after-free
situations.

Signed-off-by: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Hans Liljestrand <ishkamiel@gmail.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: David Windsor <dwindsor@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-04 22:35:19 +01:00
Reshetova, Elena
c638457a7c net, sctp: convert sctp_ep_common.refcnt from atomic_t to refcount_t
refcount_t type and corresponding API should be
used instead of atomic_t when the variable is used as
a reference counter. This allows to avoid accidental
refcounter overflows that might lead to use-after-free
situations.

Signed-off-by: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Hans Liljestrand <ishkamiel@gmail.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: David Windsor <dwindsor@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-04 22:35:19 +01:00
Reshetova, Elena
a4b2b58efd net, sctp: convert sctp_transport.refcnt from atomic_t to refcount_t
refcount_t type and corresponding API should be
used instead of atomic_t when the variable is used as
a reference counter. This allows to avoid accidental
refcounter overflows that might lead to use-after-free
situations.

Signed-off-by: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Hans Liljestrand <ishkamiel@gmail.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: David Windsor <dwindsor@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-04 22:35:19 +01:00
Reshetova, Elena
e7f0279617 net, sctp: convert sctp_chunk.refcnt from atomic_t to refcount_t
refcount_t type and corresponding API should be
used instead of atomic_t when the variable is used as
a reference counter. This allows to avoid accidental
refcounter overflows that might lead to use-after-free
situations.

Signed-off-by: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Hans Liljestrand <ishkamiel@gmail.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: David Windsor <dwindsor@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-04 22:35:18 +01:00
Reshetova, Elena
c0acdfb409 net, sctp: convert sctp_datamsg.refcnt from atomic_t to refcount_t
refcount_t type and corresponding API should be
used instead of atomic_t when the variable is used as
a reference counter. This allows to avoid accidental
refcounter overflows that might lead to use-after-free
situations.

Signed-off-by: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Hans Liljestrand <ishkamiel@gmail.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: David Windsor <dwindsor@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-04 22:35:18 +01:00