The macro PAGE_SIZE isn't valid outside of the kernel, so it should not
appear in UAPI headers.
Furthermore, the actual machine page size could theoretically change from
an application's point of view if it's running in a container that gets
migrated to another machine (say 4K/ppc64 to 64K/ppc64).
Fixes: f2ba5a5bae ("libnvdimm, namespace: make min namespace size 4K")
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
(cherry picked from commit f366d322ae)
Bug: 146400078
Bug: 148297388
Change-Id: I9eda3e848190b5bd26e5fc7f4d3cfdcb648fd815
Signed-off-by: Alistair Delva <adelva@google.com>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl4u6tsACgkQONu9yGCS
aT693A//TExeDRnNnf+2v4TJorylyRr17BMxk/Ie2L5E6d2n/RWodsrOThAPU9tx
5alNUkXCT8Jd31BUVnUoPoAQ4zSymSVi++XEf05wDeO0tQ982IESGaLmu9EC1uMF
nnM5y4IdRYmFI1Zji4h5vRJckoYUlB6Mdg4BgMr4Q1KX7RkZYfe6bjs7DwM/uyMx
jVXdFaQBD1H6F5W6A+GmgUZ36g9uNqzcBxxWwv5URj+q816NdI4bsxIJMF0v0WC+
S54fmpS07QWIYKKsQBUepeSgEF4ECESOE2VoF1ICcnfakdPnDBmNgyPJPSrLmVf+
itRUxoH1MewaOvoJrv+xsGBPmM29LcKH2oBmj5DR2Xstp7ACPs+OtXJEU9dUTDN4
NhaSts5fIp0f4Y5mMn508pDUwYDAWDt99ZJWdx6aK/TRyUsHBgpxBQDt37BE3U5W
PCBnObNe2b2KDAsVXLjX5iDYoA0+usFreveMo8uEP+ohfh0ANvJlRkzedYw7NquI
ZCcT+I1P9q8aa0528tR332VLrQeYg+kG6LVi2kAabmRA/VtEsT0w90MY/eo2vuTU
WlPmbs2yerv2HTm050e6MOgBZfPh7wP/FpbjsSXufj7EDywlfxF+1hXdwfrpPJeN
fN3g0kepeUp7+kLzO40FLam/z5ndjAUhyN2SBaPzGsXjMkZdETk=
=zvlh
-----END PGP SIGNATURE-----
Merge 4.19.99 into android-4.19
Changes in 4.19.99
Revert "efi: Fix debugobjects warning on 'efi_rts_work'"
xfs: Sanity check flags of Q_XQUOTARM call
i2c: stm32f7: rework slave_id allocation
i2c: i2c-stm32f7: fix 10-bits check in slave free id search loop
mfd: intel-lpss: Add default I2C device properties for Gemini Lake
SUNRPC: Fix svcauth_gss_proxy_init()
powerpc/pseries: Enable support for ibm,drc-info property
powerpc/archrandom: fix arch_get_random_seed_int()
tipc: update mon's self addr when node addr generated
tipc: fix wrong timeout input for tipc_wait_for_cond()
mt7601u: fix bbp version check in mt7601u_wait_bbp_ready
crypto: sun4i-ss - fix big endian issues
perf map: No need to adjust the long name of modules
soc: aspeed: Fix snoop_file_poll()'s return type
watchdog: sprd: Fix the incorrect pointer getting from driver data
ipmi: Fix memory leak in __ipmi_bmc_register
drm/sti: do not remove the drm_bridge that was never added
ARM: dts: at91: nattis: set the PRLUD and HIPOW signals low
ARM: dts: at91: nattis: make the SD-card slot work
ixgbe: don't clear IPsec sa counters on HW clearing
drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset()
iio: fix position relative kernel version
apparmor: Fix network performance issue in aa_label_sk_perm
ALSA: hda: fix unused variable warning
apparmor: don't try to replace stale label in ptrace access check
ARM: qcom_defconfig: Enable MAILBOX
firmware: coreboot: Let OF core populate platform device
PCI: iproc: Remove PAXC slot check to allow VF support
bridge: br_arp_nd_proxy: set icmp6_router if neigh has NTF_ROUTER
drm/hisilicon: hibmc: Don't overwrite fb helper surface depth
signal/ia64: Use the generic force_sigsegv in setup_frame
signal/ia64: Use the force_sig(SIGSEGV,...) in ia64_rt_sigreturn
ASoC: wm9712: fix unused variable warning
mailbox: mediatek: Add check for possible failure of kzalloc
IB/rxe: replace kvfree with vfree
IB/hfi1: Add mtu check for operational data VLs
genirq/debugfs: Reinstate full OF path for domain name
usb: dwc3: add EXTCON dependency for qcom
usb: gadget: fsl_udc_core: check allocation return value and cleanup on failure
cfg80211: regulatory: make initialization more robust
mei: replace POLL* with EPOLL* for write queues.
drm/msm: fix unsigned comparison with less than zero
of: Fix property name in of_node_get_device_type
ALSA: usb-audio: update quirk for B&W PX to remove microphone
iwlwifi: nvm: get num of hw addresses from firmware
staging: comedi: ni_mio_common: protect register write overflow
netfilter: nft_osf: usage from output path is not valid
pwm: lpss: Release runtime-pm reference from the driver's remove callback
powerpc/pseries/memory-hotplug: Fix return value type of find_aa_index
rtlwifi: rtl8821ae: replace _rtl8821ae_mrate_idx_to_arfr_id with generic version
RDMA/bnxt_re: Add missing spin lock initialization
netfilter: nf_flow_table: do not remove offload when other netns's interface is down
powerpc/kgdb: add kgdb_arch_set/remove_breakpoint()
tipc: eliminate message disordering during binding table update
net: socionext: Add dummy PHY register read in phy_write()
drm/sun4i: hdmi: Fix double flag assignation
net: hns3: add error handler for hns3_nic_init_vector_data()
mlxsw: reg: QEEC: Add minimum shaper fields
mlxsw: spectrum: Set minimum shaper on MC TCs
NTB: ntb_hw_idt: replace IS_ERR_OR_NULL with regular NULL checks
ASoC: wm97xx: fix uninitialized regmap pointer problem
ARM: dts: bcm283x: Correct mailbox register sizes
pcrypt: use format specifier in kobject_add
ASoC: sun8i-codec: add missing route for ADC
pinctrl: meson-gxl: remove invalid GPIOX tsin_a pins
bus: ti-sysc: Add mcasp optional clocks flag
exportfs: fix 'passing zero to ERR_PTR()' warning
drm: rcar-du: Fix the return value in case of error in 'rcar_du_crtc_set_crc_source()'
drm: rcar-du: Fix vblank initialization
net: always initialize pagedlen
drm/dp_mst: Skip validating ports during destruction, just ref
arm64: dts: meson-gx: Add hdmi_5v regulator as hdmi tx supply
arm64: dts: renesas: r8a7795-es1: Add missing power domains to IPMMU nodes
net: phy: Fix not to call phy_resume() if PHY is not attached
IB/hfi1: Correctly process FECN and BECN in packets
OPP: Fix missing debugfs supply directory for OPPs
IB/rxe: Fix incorrect cache cleanup in error flow
mailbox: ti-msgmgr: Off by one in ti_msgmgr_of_xlate()
staging: bcm2835-camera: Abort probe if there is no camera
staging: bcm2835-camera: fix module autoloading
switchtec: Remove immediate status check after submitting MRPC command
ipv6: add missing tx timestamping on IPPROTO_RAW
pinctrl: sh-pfc: r8a7740: Add missing REF125CK pin to gether_gmii group
pinctrl: sh-pfc: r8a7740: Add missing LCD0 marks to lcd0_data24_1 group
pinctrl: sh-pfc: r8a7791: Remove bogus ctrl marks from qspi_data4_b group
pinctrl: sh-pfc: r8a7791: Remove bogus marks from vin1_b_data18 group
pinctrl: sh-pfc: sh73a0: Add missing TO pin to tpu4_to3 group
pinctrl: sh-pfc: r8a7794: Remove bogus IPSR9 field
pinctrl: sh-pfc: r8a77970: Add missing MOD_SEL0 field
pinctrl: sh-pfc: r8a77980: Add missing MOD_SEL0 field
pinctrl: sh-pfc: sh7734: Add missing IPSR11 field
pinctrl: sh-pfc: r8a77995: Remove bogus SEL_PWM[0-3]_3 configurations
pinctrl: sh-pfc: sh7269: Add missing PCIOR0 field
pinctrl: sh-pfc: sh7734: Remove bogus IPSR10 value
net: hns3: fix error handling int the hns3_get_vector_ring_chain
vxlan: changelink: Fix handling of default remotes
Input: nomadik-ske-keypad - fix a loop timeout test
fork,memcg: fix crash in free_thread_stack on memcg charge fail
clk: highbank: fix refcount leak in hb_clk_init()
clk: qoriq: fix refcount leak in clockgen_init()
clk: ti: fix refcount leak in ti_dt_clocks_register()
clk: socfpga: fix refcount leak
clk: samsung: exynos4: fix refcount leak in exynos4_get_xom()
clk: imx6q: fix refcount leak in imx6q_clocks_init()
clk: imx6sx: fix refcount leak in imx6sx_clocks_init()
clk: imx7d: fix refcount leak in imx7d_clocks_init()
clk: vf610: fix refcount leak in vf610_clocks_init()
clk: armada-370: fix refcount leak in a370_clk_init()
clk: kirkwood: fix refcount leak in kirkwood_clk_init()
clk: armada-xp: fix refcount leak in axp_clk_init()
clk: mv98dx3236: fix refcount leak in mv98dx3236_clk_init()
clk: dove: fix refcount leak in dove_clk_init()
MIPS: BCM63XX: drop unused and broken DSP platform device
arm64: defconfig: Re-enable bcm2835-thermal driver
remoteproc: qcom: q6v5-mss: Add missing clocks for MSM8996
remoteproc: qcom: q6v5-mss: Add missing regulator for MSM8996
drm: Fix error handling in drm_legacy_addctx
ARM: dts: r8a7743: Remove generic compatible string from iic3
drm/etnaviv: fix some off by one bugs
drm/fb-helper: generic: Fix setup error path
fork, memcg: fix cached_stacks case
IB/usnic: Fix out of bounds index check in query pkey
RDMA/ocrdma: Fix out of bounds index check in query pkey
RDMA/qedr: Fix out of bounds index check in query pkey
drm/shmob: Fix return value check in shmob_drm_probe
arm64: dts: apq8016-sbc: Increase load on l11 for SDCARD
spi: cadence: Correct initialisation of runtime PM
RDMA/iw_cxgb4: Fix the unchecked ep dereference
net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ9031
memory: tegra: Don't invoke Tegra30+ specific memory timing setup on Tegra20
drm/etnaviv: NULL vs IS_ERR() buf in etnaviv_core_dump()
media: s5p-jpeg: Correct step and max values for V4L2_CID_JPEG_RESTART_INTERVAL
kbuild: mark prepare0 as PHONY to fix external module build
crypto: brcm - Fix some set-but-not-used warning
crypto: tgr192 - fix unaligned memory access
ASoC: imx-sgtl5000: put of nodes if finding codec fails
IB/iser: Pass the correct number of entries for dma mapped SGL
net: hns3: fix wrong combined count returned by ethtool -l
media: tw9910: Unregister subdevice with v4l2-async
IB/mlx5: Don't override existing ip_protocol
rtc: cmos: ignore bogus century byte
spi/topcliff_pch: Fix potential NULL dereference on allocation error
net: hns3: fix bug of ethtool_ops.get_channels for VF
ARM: dts: sun8i-a23-a33: Move NAND controller device node to sort by address
clk: sunxi-ng: sun8i-a23: Enable PLL-MIPI LDOs when ungating it
iwlwifi: mvm: avoid possible access out of array.
net/mlx5: Take lock with IRQs disabled to avoid deadlock
ip_tunnel: Fix route fl4 init in ip_md_tunnel_xmit
arm64: dts: allwinner: h6: Move GIC device node fix base address ordering
iwlwifi: mvm: fix A-MPDU reference assignment
bus: ti-sysc: Fix timer handling with drop pm_runtime_irq_safe()
tty: ipwireless: Fix potential NULL pointer dereference
driver: uio: fix possible memory leak in __uio_register_device
driver: uio: fix possible use-after-free in __uio_register_device
crypto: crypto4xx - Fix wrong ppc4xx_trng_probe()/ppc4xx_trng_remove() arguments
driver core: Fix DL_FLAG_AUTOREMOVE_SUPPLIER device link flag handling
driver core: Avoid careless re-use of existing device links
driver core: Do not resume suppliers under device_links_write_lock()
driver core: Fix handling of runtime PM flags in device_link_add()
driver core: Do not call rpm_put_suppliers() in pm_runtime_drop_link()
ARM: dts: lpc32xx: add required clocks property to keypad device node
ARM: dts: lpc32xx: reparent keypad controller to SIC1
ARM: dts: lpc32xx: fix ARM PrimeCell LCD controller variant
ARM: dts: lpc32xx: fix ARM PrimeCell LCD controller clocks property
ARM: dts: lpc32xx: phy3250: fix SD card regulator voltage
drm/xen-front: Fix mmap attributes for display buffers
iwlwifi: mvm: fix RSS config command
staging: most: cdev: add missing check for cdev_add failure
clk: ingenic: jz4740: Fix gating of UDC clock
rtc: ds1672: fix unintended sign extension
thermal: mediatek: fix register index error
arm64: dts: msm8916: remove bogus argument to the cpu clock
ath10k: fix dma unmap direction for management frames
net: phy: fixed_phy: Fix fixed_phy not checking GPIO
rtc: ds1307: rx8130: Fix alarm handling
net/smc: original socket family in inet_sock_diag
rtc: 88pm860x: fix unintended sign extension
rtc: 88pm80x: fix unintended sign extension
rtc: pm8xxx: fix unintended sign extension
fbdev: chipsfb: remove set but not used variable 'size'
iw_cxgb4: use tos when importing the endpoint
iw_cxgb4: use tos when finding ipv6 routes
ipmi: kcs_bmc: handle devm_kasprintf() failure case
xsk: add missing smp_rmb() in xsk_mmap
drm/etnaviv: potential NULL dereference
ntb_hw_switchtec: debug print 64bit aligned crosslink BAR Numbers
ntb_hw_switchtec: NT req id mapping table register entry number should be 512
pinctrl: sh-pfc: emev2: Add missing pinmux functions
pinctrl: sh-pfc: r8a7791: Fix scifb2_data_c pin group
pinctrl: sh-pfc: r8a7792: Fix vin1_data18_b pin group
pinctrl: sh-pfc: sh73a0: Fix fsic_spdif pin groups
RDMA/mlx5: Fix memory leak in case we fail to add an IB device
driver core: Fix possible supplier PM-usage counter imbalance
PCI: endpoint: functions: Use memcpy_fromio()/memcpy_toio()
usb: phy: twl6030-usb: fix possible use-after-free on remove
block: don't use bio->bi_vcnt to figure out segment number
keys: Timestamp new keys
net: dsa: b53: Fix default VLAN ID
net: dsa: b53: Properly account for VLAN filtering
net: dsa: b53: Do not program CPU port's PVID
mt76: usb: fix possible memory leak in mt76u_buf_free
media: sh: migor: Include missing dma-mapping header
vfio_pci: Enable memory accesses before calling pci_map_rom
hwmon: (pmbus/tps53679) Fix driver info initialization in probe routine
mdio_bus: Fix PTR_ERR() usage after initialization to constant
KVM: PPC: Release all hardware TCE tables attached to a group
staging: r8822be: check kzalloc return or bail
dmaengine: mv_xor: Use correct device for DMA API
cdc-wdm: pass return value of recover_from_urb_loss
brcmfmac: create debugfs files for bus-specific layer
regulator: pv88060: Fix array out-of-bounds access
regulator: pv88080: Fix array out-of-bounds access
regulator: pv88090: Fix array out-of-bounds access
net: dsa: qca8k: Enable delay for RGMII_ID mode
net/mlx5: Delete unused FPGA QPN variable
drm/nouveau/bios/ramcfg: fix missing parentheses when calculating RON
drm/nouveau/pmu: don't print reply values if exec is false
drm/nouveau: fix missing break in switch statement
driver core: Fix PM-runtime for links added during consumer probe
ASoC: qcom: Fix of-node refcount unbalance in apq8016_sbc_parse_of()
net: dsa: fix unintended change of bridge interface STP state
fs/nfs: Fix nfs_parse_devname to not modify it's argument
staging: rtlwifi: Use proper enum for return in halmac_parse_psd_data_88xx
powerpc/64s: Fix logic when handling unknown CPU features
NFS: Fix a soft lockup in the delegation recovery code
perf: Copy parent's address filter offsets on clone
perf, pt, coresight: Fix address filters for vmas with non-zero offset
clocksource/drivers/sun5i: Fail gracefully when clock rate is unavailable
clocksource/drivers/exynos_mct: Fix error path in timer resources initialization
platform/x86: wmi: fix potential null pointer dereference
NFS/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount
mmc: sdhci-brcmstb: handle mmc_of_parse() errors during probe
iommu: Fix IOMMU debugfs fallout
ARM: 8847/1: pm: fix HYP/SVC mode mismatch when MCPM is used
ARM: 8848/1: virt: Align GIC version check with arm64 counterpart
ARM: 8849/1: NOMMU: Fix encodings for PMSAv8's PRBAR4/PRLAR4
regulator: wm831x-dcdc: Fix list of wm831x_dcdc_ilim from mA to uA
ath10k: Fix length of wmi tlv command for protected mgmt frames
netfilter: nft_set_hash: fix lookups with fixed size hash on big endian
netfilter: nft_set_hash: bogus element self comparison from deactivation path
net: sched: act_csum: Fix csum calc for tagged packets
hwrng: bcm2835 - fix probe as platform device
iommu/vt-d: Fix NULL pointer reference in intel_svm_bind_mm()
NFS: Add missing encode / decode sequence_maxsz to v4.2 operations
NFSv4/flexfiles: Fix invalid deref in FF_LAYOUT_DEVID_NODE()
net: aquantia: fixed instack structure overflow
powerpc/mm: Check secondary hash page table
media: dvb/earth-pt1: fix wrong initialization for demod blocks
rbd: clear ->xferred on error from rbd_obj_issue_copyup()
PCI: Fix "try" semantics of bus and slot reset
nios2: ksyms: Add missing symbol exports
x86/mm: Remove unused variable 'cpu'
scsi: megaraid_sas: reduce module load time
nfp: fix simple vNIC mailbox length
drivers/rapidio/rio_cm.c: fix potential oops in riocm_ch_listen()
xen, cpu_hotplug: Prevent an out of bounds access
net/mlx5: Fix multiple updates of steering rules in parallel
net/mlx5e: IPoIB, Fix RX checksum statistics update
net: sh_eth: fix a missing check of of_get_phy_mode
regulator: lp87565: Fix missing register for LP87565_BUCK_0
soc: amlogic: gx-socinfo: Add mask for each SoC packages
media: ivtv: update *pos correctly in ivtv_read_pos()
media: cx18: update *pos correctly in cx18_read_pos()
media: wl128x: Fix an error code in fm_download_firmware()
media: cx23885: check allocation return
regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB
crypto: ccree - reduce kernel stack usage with clang
jfs: fix bogus variable self-initialization
tipc: tipc clang warning
m68k: mac: Fix VIA timer counter accesses
ARM: dts: sun8i: a33: Reintroduce default pinctrl muxing
arm64: dts: allwinner: a64: Add missing PIO clocks
ARM: dts: sun9i: optimus: Fix fixed-regulators
net: phy: don't clear BMCR in genphy_soft_reset
ARM: OMAP2+: Fix potentially uninitialized return value for _setup_reset()
net: dsa: Avoid null pointer when failing to connect to PHY
soc: qcom: cmd-db: Fix an error code in cmd_db_dev_probe()
media: davinci-isif: avoid uninitialized variable use
media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame
spi: tegra114: clear packed bit for unpacked mode
spi: tegra114: fix for unpacked mode transfers
spi: tegra114: terminate dma and reset on transfer timeout
spi: tegra114: flush fifos
spi: tegra114: configure dma burst size to fifo trig level
bus: ti-sysc: Fix sysc_unprepare() when no clocks have been allocated
soc/fsl/qe: Fix an error code in qe_pin_request()
spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios
drm/fb-helper: generic: Call drm_client_add() after setup is done
arm64/vdso: don't leak kernel addresses
rtc: Fix timestamp value for RTC_TIMESTAMP_BEGIN_1900
rtc: mt6397: Don't call irq_dispose_mapping.
ehea: Fix a copy-paste err in ehea_init_port_res
bpf: Add missed newline in verifier verbose log
drm/vmwgfx: Remove set but not used variable 'restart'
scsi: qla2xxx: Unregister chrdev if module initialization fails
of: use correct function prototype for of_overlay_fdt_apply()
net/sched: cbs: fix port_rate miscalculation
clk: qcom: Skip halt checks on gcc_pcie_0_pipe_clk for 8998
ACPI: button: reinitialize button state upon resume
firmware: arm_scmi: fix of_node leak in scmi_mailbox_check
rxrpc: Fix detection of out of order acks
scsi: target/core: Fix a race condition in the LUN lookup code
brcmfmac: fix leak of mypkt on error return path
ARM: pxa: ssp: Fix "WARNING: invalid free of devm_ allocated data"
PCI: rockchip: Fix rockchip_pcie_ep_assert_intx() bitwise operations
net: hns3: fix for vport->bw_limit overflow problem
hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses
perf/core: Fix the address filtering fix
staging: android: vsoc: fix copy_from_user overrun
PCI: dwc: Fix dw_pcie_ep_find_capability() to return correct capability offset
soc: amlogic: meson-gx-pwrc-vpu: Fix power on/off register bitmask
platform/x86: alienware-wmi: fix kfree on potentially uninitialized pointer
tipc: set sysctl_tipc_rmem and named_timeout right range
usb: typec: tcpm: Notify the tcpc to start connection-detection for SRPs
selftests/ipc: Fix msgque compiler warnings
net: hns3: fix loop condition of hns3_get_tx_timeo_queue_info()
powerpc: vdso: Make vdso32 installation conditional in vdso_install
ARM: dts: ls1021: Fix SGMII PCS link remaining down after PHY disconnect
media: ov2659: fix unbalanced mutex_lock/unlock
6lowpan: Off by one handling ->nexthdr
dmaengine: axi-dmac: Don't check the number of frames for alignment
ALSA: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk()
afs: Fix AFS file locking to allow fine grained locks
afs: Further fix file locking
NFS: Don't interrupt file writeout due to fatal errors
coresight: catu: fix clang build warning
s390/kexec_file: Fix potential segment overlap in ELF loader
irqchip/gic-v3-its: fix some definitions of inner cacheability attributes
scsi: qla2xxx: Fix a format specifier
scsi: qla2xxx: Fix error handling in qlt_alloc_qfull_cmd()
scsi: qla2xxx: Avoid that qlt_send_resp_ctio() corrupts memory
KVM: PPC: Book3S HV: Fix lockdep warning when entering the guest
netfilter: nft_flow_offload: add entry to flowtable after confirmation
PCI: iproc: Enable iProc config read for PAXBv2
ARM: dts: logicpd-som-lv: Fix MMC1 card detect
packet: in recvmsg msg_name return at least sizeof sockaddr_ll
ASoC: fix valid stream condition
usb: gadget: fsl: fix link error against usb-gadget module
dwc2: gadget: Fix completed transfer size calculation in DDMA
IB/mlx5: Add missing XRC options to QP optional params mask
RDMA/rxe: Consider skb reserve space based on netdev of GID
iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU
net: ena: fix swapped parameters when calling ena_com_indirect_table_fill_entry
net: ena: fix: Free napi resources when ena_up() fails
net: ena: fix incorrect test of supported hash function
net: ena: fix ena_com_fill_hash_function() implementation
dmaengine: tegra210-adma: restore channel status
watchdog: rtd119x_wdt: Fix remove function
mmc: core: fix possible use after free of host
lightnvm: pblk: fix lock order in pblk_rb_tear_down_check
ath10k: Fix encoding for protected management frames
afs: Fix the afs.cell and afs.volume xattr handlers
vfio/mdev: Avoid release parent reference during error path
vfio/mdev: Follow correct remove sequence
vfio/mdev: Fix aborting mdev child device removal if one fails
l2tp: Fix possible NULL pointer dereference
ALSA: aica: Fix a long-time build breakage
media: omap_vout: potential buffer overflow in vidioc_dqbuf()
media: davinci/vpbe: array underflow in vpbe_enum_outputs()
platform/x86: alienware-wmi: printing the wrong error code
crypto: caam - fix caam_dump_sg that iterates through scatterlist
netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule
pwm: meson: Consider 128 a valid pre-divider
pwm: meson: Don't disable PWM when setting duty repeatedly
ARM: riscpc: fix lack of keyboard interrupts after irq conversion
nfp: bpf: fix static check error through tightening shift amount adjustment
kdb: do a sanity check on the cpu in kdb_per_cpu()
netfilter: nf_tables: correct NFT_LOGLEVEL_MAX value
backlight: lm3630a: Return 0 on success in update_status functions
thermal: rcar_gen3_thermal: fix interrupt type
thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power
EDAC/mc: Fix edac_mc_find() in case no device is found
afs: Fix key leak in afs_release() and afs_evict_inode()
afs: Don't invalidate callback if AFS_VNODE_DIR_VALID not set
afs: Fix lock-wait/callback-break double locking
afs: Fix double inc of vnode->cb_break
ARM: dts: sun8i-h3: Fix wifi in Beelink X2 DT
clk: meson: gxbb: no spread spectrum on mpll0
clk: meson: axg: spread spectrum is on mpll2
dmaengine: tegra210-adma: Fix crash during probe
arm64: dts: meson: libretech-cc: set eMMC as removable
RDMA/qedr: Fix incorrect device rate.
spi: spi-fsl-spi: call spi_finalize_current_message() at the end
crypto: ccp - fix AES CFB error exposed by new test vectors
crypto: ccp - Fix 3DES complaint from ccp-crypto module
serial: stm32: fix word length configuration
serial: stm32: fix rx error handling
serial: stm32: fix rx data length when parity enabled
serial: stm32: fix transmit_chars when tx is stopped
serial: stm32: Add support of TC bit status check
serial: stm32: fix wakeup source initialization
misc: sgi-xp: Properly initialize buf in xpc_get_rsvd_page_pa
iommu: Add missing new line for dma type
iommu: Use right function to get group for device
signal/bpfilter: Fix bpfilter_kernl to use send_sig not force_sig
signal/cifs: Fix cifs_put_tcp_session to call send_sig instead of force_sig
inet: frags: call inet_frags_fini() after unregister_pernet_subsys()
net: hns3: fix a memory leak issue for hclge_map_unmap_ring_to_vf_vector
crypto: talitos - fix AEAD processing.
netvsc: unshare skb in VF rx handler
net: core: support XDP generic on stacked devices.
RDMA/uverbs: check for allocation failure in uapi_add_elm()
net: don't clear sock->sk early to avoid trouble in strparser
phy: qcom-qusb2: fix missing assignment of ret when calling clk_prepare_enable
cpufreq: brcmstb-avs-cpufreq: Fix initial command check
cpufreq: brcmstb-avs-cpufreq: Fix types for voltage/frequency
clk: sunxi-ng: sun50i-h6-r: Fix incorrect W1 clock gate register
media: vivid: fix incorrect assignment operation when setting video mode
crypto: inside-secure - fix zeroing of the request in ahash_exit_inv
crypto: inside-secure - fix queued len computation
arm64: dts: renesas: ebisu: Remove renesas, no-ether-link property
mpls: fix warning with multi-label encap
serial: stm32: fix a recursive locking in stm32_config_rs485
arm64: dts: meson-gxm-khadas-vim2: fix gpio-keys-polled node
arm64: dts: meson-gxm-khadas-vim2: fix Bluetooth support
iommu/vt-d: Duplicate iommu_resv_region objects per device list
phy: usb: phy-brcm-usb: Remove sysfs attributes upon driver removal
firmware: arm_scmi: fix bitfield definitions for SENSOR_DESC attributes
firmware: arm_scmi: update rate_discrete in clock_describe_rates_get
ntb_hw_switchtec: potential shift wrapping bug in switchtec_ntb_init_sndev()
ASoC: meson: axg-tdmin: right_j is not supported
ASoC: meson: axg-tdmout: right_j is not supported
qed: iWARP - Use READ_ONCE and smp_store_release to access ep->state
qed: iWARP - fix uninitialized callback
powerpc/cacheinfo: add cacheinfo_teardown, cacheinfo_rebuild
powerpc/pseries/mobility: rebuild cacheinfo hierarchy post-migration
bpf: fix the check that forwarding is enabled in bpf_ipv6_fib_lookup
IB/hfi1: Handle port down properly in pio
drm/msm/mdp5: Fix mdp5_cfg_init error return
net: netem: fix backlog accounting for corrupted GSO frames
net/udp_gso: Allow TX timestamp with UDP GSO
net/af_iucv: build proper skbs for HiperTransport
net/af_iucv: always register net_device notifier
ASoC: ti: davinci-mcasp: Fix slot mask settings when using multiple AXRs
rtc: pcf8563: Fix interrupt trigger method
rtc: pcf8563: Clear event flags and disable interrupts before requesting irq
ARM: dts: iwg20d-q7-common: Fix SDHI1 VccQ regularor
net/sched: cbs: Fix error path of cbs_module_init
arm64: dts: allwinner: h6: Pine H64: Add interrupt line for RTC
drm/msm/a3xx: remove TPL1 regs from snapshot
ip6_fib: Don't discard nodes with valid routing information in fib6_locate_1()
perf/ioctl: Add check for the sample_period value
dmaengine: hsu: Revert "set HSU_CH_MTSR to memory width"
clk: qcom: Fix -Wunused-const-variable
nvmem: imx-ocotp: Ensure WAIT bits are preserved when setting timing
nvmem: imx-ocotp: Change TIMING calculation to u-boot algorithm
tools: bpftool: use correct argument in cgroup errors
backlight: pwm_bl: Fix heuristic to determine number of brightness levels
fork,memcg: alloc_thread_stack_node needs to set tsk->stack
bnxt_en: Fix ethtool selftest crash under error conditions.
bnxt_en: Suppress error messages when querying DSCP DCB capabilities.
iommu/amd: Make iommu_disable safer
mfd: intel-lpss: Release IDA resources
rxrpc: Fix uninitialized error code in rxrpc_send_data_packet()
xprtrdma: Fix use-after-free in rpcrdma_post_recvs
um: Fix IRQ controller regression on console read
PM: ACPI/PCI: Resume all devices during hibernation
ACPI: PM: Simplify and fix PM domain hibernation callbacks
ACPI: PM: Introduce "poweroff" callbacks for ACPI PM domain and LPSS
fsi/core: Fix error paths on CFAM init
devres: allow const resource arguments
fsi: sbefifo: Don't fail operations when in SBE IPL state
RDMA/hns: Fixs hw access invalid dma memory error
PCI: mobiveil: Remove the flag MSI_FLAG_MULTI_PCI_MSI
PCI: mobiveil: Fix devfn check in mobiveil_pcie_valid_device()
PCI: mobiveil: Fix the valid check for inbound and outbound windows
ceph: fix "ceph.dir.rctime" vxattr value
net: pasemi: fix an use-after-free in pasemi_mac_phy_init()
net/tls: fix socket wmem accounting on fallback with netem
x86/pgtable/32: Fix LOWMEM_PAGES constant
xdp: fix possible cq entry leak
ARM: stm32: use "depends on" instead of "if" after prompt
scsi: libfc: fix null pointer dereference on a null lport
xfrm interface: ifname may be wrong in logs
drm/panel: make drm_panel.h self-contained
clk: sunxi-ng: v3s: add the missing PLL_DDR1
PM: sleep: Fix possible overflow in pm_system_cancel_wakeup()
libertas_tf: Use correct channel range in lbtf_geo_init
qed: reduce maximum stack frame size
usb: host: xhci-hub: fix extra endianness conversion
media: rcar-vin: Clean up correct notifier in error path
mic: avoid statically declaring a 'struct device'.
x86/kgbd: Use NMI_VECTOR not APIC_DM_NMI
crypto: ccp - Reduce maximum stack usage
ALSA: aoa: onyx: always initialize register read value
arm64: dts: renesas: r8a77995: Fix register range of display node
tipc: reduce risk of wakeup queue starvation
ARM: dts: stm32: add missing vdda-supply to adc on stm32h743i-eval
net/mlx5: Fix mlx5_ifc_query_lag_out_bits
cifs: fix rmmod regression in cifs.ko caused by force_sig changes
iio: tsl2772: Use devm_add_action_or_reset for tsl2772_chip_off
net: fix bpf_xdp_adjust_head regression for generic-XDP
spi: bcm-qspi: Fix BSPI QUAD and DUAL mode support when using flex mode
cxgb4: smt: Add lock for atomic_dec_and_test
crypto: caam - free resources in case caam_rng registration failed
ext4: set error return correctly when ext4_htree_store_dirent fails
RDMA/hns: Bugfix for slab-out-of-bounds when unloading hip08 driver
RDMA/hns: bugfix for slab-out-of-bounds when loading hip08 driver
ASoC: es8328: Fix copy-paste error in es8328_right_line_controls
ASoC: cs4349: Use PM ops 'cs4349_runtime_pm'
ASoC: wm8737: Fix copy-paste error in wm8737_snd_controls
net/rds: Add a few missing rds_stat_names entries
tools: bpftool: fix arguments for p_err() in do_event_pipe()
tools: bpftool: fix format strings and arguments for jsonw_printf()
drm: rcar-du: lvds: Fix bridge_to_rcar_lvds
bnxt_en: Fix handling FRAG_ERR when NVM_INSTALL_UPDATE cmd fails
signal: Allow cifs and drbd to receive their terminating signals
powerpc/64s/radix: Fix memory hot-unplug page table split
ASoC: sun4i-i2s: RX and TX counter registers are swapped
dmaengine: dw: platform: Switch to acpi_dma_controller_register()
rtc: rv3029: revert error handling patch to rv3029_eeprom_write()
mac80211: minstrel_ht: fix per-group max throughput rate initialization
i40e: reduce stack usage in i40e_set_fc
media: atmel: atmel-isi: fix timeout value for stop streaming
ARM: 8896/1: VDSO: Don't leak kernel addresses
rtc: pcf2127: bugfix: read rtc disables watchdog
mips: avoid explicit UB in assignment of mips_io_port_base
media: em28xx: Fix exception handling in em28xx_alloc_urbs()
iommu/mediatek: Fix iova_to_phys PA start for 4GB mode
ahci: Do not export local variable ahci_em_messages
rxrpc: Fix lack of conn cleanup when local endpoint is cleaned up [ver #2]
Partially revert "kfifo: fix kfifo_alloc() and kfifo_init()"
hwmon: (lm75) Fix write operations for negative temperatures
net/sched: cbs: Set default link speed to 10 Mbps in cbs_set_port_rate
power: supply: Init device wakeup after device_add()
x86, perf: Fix the dependency of the x86 insn decoder selftest
staging: greybus: light: fix a couple double frees
irqdomain: Add the missing assignment of domain->fwnode for named fwnode
bcma: fix incorrect update of BCMA_CORE_PCI_MDIO_DATA
usb: typec: tps6598x: Fix build error without CONFIG_REGMAP_I2C
bcache: Fix an error code in bch_dump_read()
iio: dac: ad5380: fix incorrect assignment to val
netfilter: ctnetlink: honor IPS_OFFLOAD flag
ath9k: dynack: fix possible deadlock in ath_dynack_node_{de}init
wcn36xx: use dynamic allocation for large variables
tty: serial: fsl_lpuart: Use appropriate lpuart32_* I/O funcs
ARM: dts: aspeed-g5: Fixe gpio-ranges upper limit
xsk: avoid store-tearing when assigning queues
xsk: avoid store-tearing when assigning umem
led: triggers: Fix dereferencing of null pointer
net: sonic: return NETDEV_TX_OK if failed to map buffer
net: hns3: fix error VF index when setting VLAN offload
rtlwifi: Fix file release memory leak
ARM: dts: logicpd-som-lv: Fix i2c2 and i2c3 Pin mux
f2fs: fix wrong error injection path in inc_valid_block_count()
f2fs: fix error path of f2fs_convert_inline_page()
scsi: fnic: fix msix interrupt allocation
Btrfs: fix hang when loading existing inode cache off disk
Btrfs: fix inode cache waiters hanging on failure to start caching thread
Btrfs: fix inode cache waiters hanging on path allocation failure
btrfs: use correct count in btrfs_file_write_iter()
ixgbe: sync the first fragment unconditionally
hwmon: (shtc1) fix shtc1 and shtw1 id mask
net: sonic: replace dev_kfree_skb in sonic_send_packet
pinctrl: iproc-gpio: Fix incorrect pinconf configurations
gpio/aspeed: Fix incorrect number of banks
ath10k: adjust skb length in ath10k_sdio_mbox_rx_packet
RDMA/cma: Fix false error message
net/rds: Fix 'ib_evt_handler_call' element in 'rds_ib_stat_names'
um: Fix off by one error in IRQ enumeration
bnxt_en: Increase timeout for HWRM_DBG_COREDUMP_XX commands
f2fs: fix to avoid accessing uninitialized field of inode page in is_alive()
mailbox: qcom-apcs: fix max_register value
clk: actions: Fix factor clk struct member access
powerpc/mm/mce: Keep irqs disabled during lockless page table walk
bpf: fix BTF limits
crypto: hisilicon - Matching the dma address for dma_pool_free()
iommu/amd: Wait for completion of IOTLB flush in attach_device
net: aquantia: Fix aq_vec_isr_legacy() return value
cxgb4: Signedness bug in init_one()
net: hisilicon: Fix signedness bug in hix5hd2_dev_probe()
net: broadcom/bcmsysport: Fix signedness in bcm_sysport_probe()
net: netsec: Fix signedness bug in netsec_probe()
net: socionext: Fix a signedness bug in ave_probe()
net: stmmac: dwmac-meson8b: Fix signedness bug in probe
net: axienet: fix a signedness bug in probe
of: mdio: Fix a signedness bug in of_phy_get_and_connect()
net: nixge: Fix a signedness bug in nixge_probe()
net: ethernet: stmmac: Fix signedness bug in ipq806x_gmac_of_parse()
net: sched: cbs: Avoid division by zero when calculating the port rate
nvme: retain split access workaround for capability reads
net: stmmac: gmac4+: Not all Unicast addresses may be available
rxrpc: Fix trace-after-put looking at the put connection record
mac80211: accept deauth frames in IBSS mode
llc: fix another potential sk_buff leak in llc_ui_sendmsg()
llc: fix sk_buff refcounting in llc_conn_state_process()
ip6erspan: remove the incorrect mtu limit for ip6erspan
net: stmmac: fix length of PTP clock's name string
net: stmmac: fix disabling flexible PPS output
sctp: add chunks to sk_backlog when the newsk sk_socket is not set
s390/qeth: Fix error handling during VNICC initialization
s390/qeth: Fix initialization of vnicc cmd masks during set online
act_mirred: Fix mirred_init_module error handling
net: avoid possible false sharing in sk_leave_memory_pressure()
net: add {READ|WRITE}_ONCE() annotations on ->rskq_accept_head
tcp: annotate lockless access to tcp_memory_pressure
net/smc: receive returns without data
net/smc: receive pending data after RCV_SHUTDOWN
drm/msm/dsi: Implement reset correctly
vhost/test: stop device before reset
dmaengine: imx-sdma: fix size check for sdma script_number
firmware: dmi: Fix unlikely out-of-bounds read in save_mem_devices
arm64: hibernate: check pgd table allocation
net: netem: fix error path for corrupted GSO frames
net: netem: correct the parent's backlog when corrupted packet was dropped
xsk: Fix registration of Rx-only sockets
bpf, offload: Unlock on error in bpf_offload_dev_create()
afs: Fix missing timeout reset
net: qca_spi: Move reset_count to struct qcaspi
hv_netvsc: Fix offset usage in netvsc_send_table()
hv_netvsc: Fix send_table offset in case of a host bug
afs: Fix large file support
drm: panel-lvds: Potential Oops in probe error handling
hwrng: omap3-rom - Fix missing clock by probing with device tree
dpaa_eth: perform DMA unmapping before read
dpaa_eth: avoid timestamp read on error paths
MIPS: Loongson: Fix return value of loongson_hwmon_init
hv_netvsc: flag software created hash value
net: neigh: use long type to store jiffies delta
packet: fix data-race in fanout_flow_is_huge()
i2c: stm32f7: report dma error during probe
mmc: sdio: fix wl1251 vendor id
mmc: core: fix wl1251 sdio quirks
affs: fix a memory leak in affs_remount
afs: Remove set but not used variables 'before', 'after'
dmaengine: ti: edma: fix missed failure handling
drm/radeon: fix bad DMA from INTERRUPT_CNTL2
arm64: dts: juno: Fix UART frequency
samples/bpf: Fix broken xdp_rxq_info due to map order assumptions
usb: dwc3: Allow building USB_DWC3_QCOM without EXTCON
IB/iser: Fix dma_nents type definition
serial: stm32: fix clearing interrupt error flags
arm64: dts: meson-gxm-khadas-vim2: fix uart_A bluetooth node
m68k: Call timer_interrupt() with interrupts disabled
Linux 4.19.99
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ieabeab79ea5c8cb4b6b1552702fa5d6100cea5db
[ Upstream commit a0791f0df7 ]
vmlinux BTF has more than 64k types.
Its string section is also at the offset larger than 64k.
Adjust both limits to make in-kernel BTF verifier successfully parse in-kernel BTF.
Fixes: 69b693f0ae ("bpf: btf: Introduce BPF Type Format (BTF)")
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: Martin KaFai Lau <kafai@fb.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 92285a079e ]
should be same as NFT_LOGLEVEL_AUDIT, so use -, not +.
Fixes: 7eced5ab5a ("netfilter: nf_tables: add NFT_LOGLEVEL_* enumeration and use it")
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
This patch adds virtio-pmem driver for KVM guest.
Guest reads the persistent memory range information from
Qemu over VIRTIO and registers it on nvdimm_bus. It also
creates a nd_region object with the persistent memory
range information so that existing 'nvdimm/pmem' driver
can reserve this into system memory map. This way
'virtio-pmem' driver uses existing functionality of pmem
driver to register persistent memory compatible for DAX
capable filesystems.
This also provides function to perform guest flush over
VIRTIO from 'pmem' driver when userspace performs flush
on DAX memory range.
Signed-off-by: Pankaj Gupta <pagupta@redhat.com>
Reviewed-by: Yuval Shaia <yuval.shaia@oracle.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Jakub Staron <jstaron@google.com>
Tested-by: Jakub Staron <jstaron@google.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
(cherry picked from commit 6e84200c0a)
Bug: 146400078
Bug: 148297388
Change-Id: Ie3457fe184f29984d181bc0afa9267e2567a2caf
Signed-off-by: Alistair Delva <adelva@google.com>
To prevent keys from being compromised if an attacker acquires read
access to kernel memory, some inline encryption hardware supports
protecting the keys in hardware without software having access to or the
ability to set the plaintext keys. Instead, software only sees "wrapped
keys", which may differ on every boot. The keys can be initially
generated either by software (in which case they need to be imported to
hardware to be wrapped), or directly by the hardware.
Add support for this type of hardware by allowing keys to be flagged as
hardware-wrapped and encryption policies to be flagged as needing a
hardware-wrapped key. When used, fscrypt will pass the wrapped key
directly to the inline encryption hardware to encrypt file contents.
The hardware is responsible for internally unwrapping the key and
deriving the actual file contents encryption key.
fscrypt also asks the inline encryption hardware to derive a
cryptographically isolated software "secret", which fscrypt then uses as
the master key for all other purposes besides file contents encryption,
e.g. to derive filenames encryption keys and the key identifier.
Bug: 147209885
Change-Id: I7f4cc5c32f130709db3eb9ebdb1ebfff5751ca95
Co-developed-by: Gaurav Kashyap <gaurkash@codeaurora.org>
Signed-off-by: Gaurav Kashyap <gaurkash@codeaurora.org>
Signed-off-by: Barani Muthukumaran <bmuthuku@codeaurora.org>
Signed-off-by: Eric Biggers <ebiggers@google.com>
(Upstream commit a69b83e1ae.)
Make the layout of kcov_remote_arg the same for 32-bit and 64-bit code.
This makes it more convenient to write userspace apps that can be
compiled into 32-bit or 64-bit binaries and still work with the same
64-bit kernel.
Also use proper __u32 types in uapi headers instead of unsigned ints.
Link: http://lkml.kernel.org/r/9e91020876029cfefc9211ff747685eba9536426.1575638983.git.andreyknvl@google.com
Fixes: eec028c938 ("kcov: remote coverage support")
Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
Acked-by: Marco Elver <elver@google.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Alan Stern <stern@rowland.harvard.edu>
Cc: Felipe Balbi <balbi@kernel.org>
Cc: Chunfeng Yun <chunfeng.yun@mediatek.com>
Cc: "Jacky . Cao @ sony . com" <Jacky.Cao@sony.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Alexander Potapenko <glider@google.com>
Cc: Marco Elver <elver@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
Bug: 147413187
Change-Id: I25a7107841048b3735db94c89199f9de73615333
(Upstream commit eec028c938.)
Patch series " kcov: collect coverage from usb and vhost", v3.
This patchset extends kcov to allow collecting coverage from backgound
kernel threads. This extension requires custom annotations for each of
the places where coverage collection is desired. This patchset
implements this for hub events in the USB subsystem and for vhost
workers. See the first patch description for details about the kcov
extension. The other two patches apply this kcov extension to USB and
vhost.
Examples of other subsystems that might potentially benefit from this
when custom annotations are added (the list is based on
process_one_work() callers for bugs recently reported by syzbot):
1. fs: writeback wb_workfn() worker,
2. net: addrconf_dad_work()/addrconf_verify_work() workers,
3. net: neigh_periodic_work() worker,
4. net/p9: p9_write_work()/p9_read_work() workers,
5. block: blk_mq_run_work_fn() worker.
These patches have been used to enable coverage-guided USB fuzzing with
syzkaller for the last few years, see the details here:
https://github.com/google/syzkaller/blob/master/docs/linux/external_fuzzing_usb.md
This patchset has been pushed to the public Linux kernel Gerrit
instance:
https://linux-review.googlesource.com/c/linux/kernel/git/torvalds/linux/+/1524
This patch (of 3):
Add background thread coverage collection ability to kcov.
With KCOV_ENABLE coverage is collected only for syscalls that are issued
from the current process. With KCOV_REMOTE_ENABLE it's possible to
collect coverage for arbitrary parts of the kernel code, provided that
those parts are annotated with kcov_remote_start()/kcov_remote_stop().
This allows to collect coverage from two types of kernel background
threads: the global ones, that are spawned during kernel boot in a
limited number of instances (e.g. one USB hub_event() worker thread is
spawned per USB HCD); and the local ones, that are spawned when a user
interacts with some kernel interface (e.g. vhost workers).
To enable collecting coverage from a global background thread, a unique
global handle must be assigned and passed to the corresponding
kcov_remote_start() call. Then a userspace process can pass a list of
such handles to the KCOV_REMOTE_ENABLE ioctl in the handles array field
of the kcov_remote_arg struct. This will attach the used kcov device to
the code sections, that are referenced by those handles.
Since there might be many local background threads spawned from
different userspace processes, we can't use a single global handle per
annotation. Instead, the userspace process passes a non-zero handle
through the common_handle field of the kcov_remote_arg struct. This
common handle gets saved to the kcov_handle field in the current
task_struct and needs to be passed to the newly spawned threads via
custom annotations. Those threads should in turn be annotated with
kcov_remote_start()/kcov_remote_stop().
Internally kcov stores handles as u64 integers. The top byte of a
handle is used to denote the id of a subsystem that this handle belongs
to, and the lower 4 bytes are used to denote the id of a thread instance
within that subsystem. A reserved value 0 is used as a subsystem id for
common handles as they don't belong to a particular subsystem. The
bytes 4-7 are currently reserved and must be zero. In the future the
number of bytes used for the subsystem or handle ids might be increased.
When a particular userspace process collects coverage by via a common
handle, kcov will collect coverage for each code section that is
annotated to use the common handle obtained as kcov_handle from the
current task_struct. However non common handles allow to collect
coverage selectively from different subsystems.
Link: http://lkml.kernel.org/r/e90e315426a384207edbec1d6aa89e43008e4caf.1572366574.git.andreyknvl@google.com
Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Alan Stern <stern@rowland.harvard.edu>
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Cc: Jason Wang <jasowang@redhat.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Steven Rostedt <rostedt@goodmis.org>
Cc: David Windsor <dwindsor@gmail.com>
Cc: Elena Reshetova <elena.reshetova@intel.com>
Cc: Anders Roxell <anders.roxell@linaro.org>
Cc: Alexander Potapenko <glider@google.com>
Cc: Marco Elver <elver@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
Bug: 147413187
Change-Id: I868c4846a412bfbae16086017e113813571df377
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl4eEV4ACgkQONu9yGCS
aT6D6Q//W205i6vBtK440pV659K29fw2+XYhJnG+3kkcXJ1GBEHlS7ddZCzV1lua
uOLYxG2J0A3D0WC8S78XwE1ZXe1YTor647qW0H6pDeZIj/ID2x4TEN6rZq0YlCb7
JLx6d+yb7MkK9fHGXVyTZbKESLr7WimDnZckWbO4xWTqtlh195ygMYxdwTxa97ZP
rMJXR/qS/n5rlgQE8BEFsPZBNcsSVKecIi8ibSWu8zDJerBb2h0TuUMKvn1fteG9
O69y8MeoJSWGTsorii+f7toGKhECFRWSrDj9GhK4SFTj3eV5evrkozAWJpXuzIOA
9ou9OHUQnJxpXaVyBxiUDkP58tDYYddsrSCHFSNPtPcsTJSxDUEwZBDXr7V8TyVq
axjoXgHwXOg9qi5IvEOvOBIahTX9OdKvR578eLQIFinZTRmZGKl2XW08olybcUw3
ZpTBW6A97Xmhs4szFOQfgxRrc3n0F4+Mk9tFp2HFzSu23y6A/wwctIt4xoOWJ8Nq
ouZbGwI3Em6rtTWDufNJbagm5QYLEcsS5F4Ala6uGIxBXs8mD7dAisILEXxFfSAn
aPzPvsKh1vMhYBFmTStsowxy1pjeuUMHukrBQLDtmhzR4aBs5GXCJi/Iq2ojC123
LLAnG/ytLyYyVUxpYyNMsconLITZ1iS3iUAIcUHeYcEFZ3JAV3E=
=D3a0
-----END PGP SIGNATURE-----
Merge 4.19.96 into android-4.19
Changes in 4.19.96
chardev: Avoid potential use-after-free in 'chrdev_open()'
i2c: fix bus recovery stop mode timing
usb: chipidea: host: Disable port power only if previously enabled
ALSA: usb-audio: Apply the sample rate quirk for Bose Companion 5
ALSA: hda/realtek - Add new codec supported for ALCS1200A
ALSA: hda/realtek - Set EAPD control to default for ALC222
ALSA: hda/realtek - Add quirk for the bass speaker on Lenovo Yoga X1 7th gen
kernel/trace: Fix do not unregister tracepoints when register sched_migrate_task fail
tracing: Have stack tracer compile when MCOUNT_INSN_SIZE is not defined
tracing: Change offset type to s32 in preempt/irq tracepoints
HID: Fix slab-out-of-bounds read in hid_field_extract
HID: uhid: Fix returning EPOLLOUT from uhid_char_poll
HID: hid-input: clear unmapped usages
Input: add safety guards to input_set_keycode()
Input: input_event - fix struct padding on sparc64
drm/sun4i: tcon: Set RGB DCLK min. divider based on hardware model
drm/fb-helper: Round up bits_per_pixel if possible
drm/dp_mst: correct the shifting in DP_REMOTE_I2C_READ
can: kvaser_usb: fix interface sanity check
can: gs_usb: gs_usb_probe(): use descriptors of current altsetting
can: mscan: mscan_rx_poll(): fix rx path lockup when returning from polling to irq mode
can: can_dropped_invalid_skb(): ensure an initialized headroom in outgoing CAN sk_buffs
gpiolib: acpi: Turn dmi_system_id table into a generic quirk table
gpiolib: acpi: Add honor_wakeup module-option + quirk mechanism
staging: vt6656: set usb_set_intfdata on driver fail.
USB: serial: option: add ZLP support for 0x1bc7/0x9010
usb: musb: fix idling for suspend after disconnect interrupt
usb: musb: Disable pullup at init
usb: musb: dma: Correct parameter passed to IRQ handler
staging: comedi: adv_pci1710: fix AI channels 16-31 for PCI-1713
staging: rtl8188eu: Add device code for TP-Link TL-WN727N v5.21
serdev: Don't claim unsupported ACPI serial devices
tty: link tty and port before configuring it as console
tty: always relink the port
mwifiex: fix possible heap overflow in mwifiex_process_country_ie()
mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf
scsi: bfa: release allocated memory in case of error
rtl8xxxu: prevent leaking urb
ath10k: fix memory leak
HID: hiddev: fix mess in hiddev_open()
USB: Fix: Don't skip endpoint descriptors with maxpacket=0
phy: cpcap-usb: Fix error path when no host driver is loaded
phy: cpcap-usb: Fix flakey host idling and enumerating of devices
netfilter: arp_tables: init netns pointer in xt_tgchk_param struct
netfilter: conntrack: dccp, sctp: handle null timeout argument
netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present
drm/i915/gen9: Clear residual context state on context switch
Linux 4.19.96
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I261d6a9e90a5461701f74e3ca1482e3c00939f3e
Merged in v5.5-rc1.
* aosp/upstream-f2fs-stable-linux-4.19.y:
docs: fs-verity: mention statx() support
f2fs: support STATX_ATTR_VERITY
ext4: support STATX_ATTR_VERITY
statx: define STATX_ATTR_VERITY
docs: fs-verity: document first supported kernel version
f2fs: add support for IV_INO_LBLK_64 encryption policies
ext4: add support for IV_INO_LBLK_64 encryption policies
fscrypt: add support for IV_INO_LBLK_64 policies
fscrypt: avoid data race on fscrypt_mode::logged_impl_name
fscrypt: zeroize fscrypt_info before freeing
fscrypt: remove struct fscrypt_ctx
fscrypt: invoke crypto API for ESSIV handling
Change-Id: I9325127228fb82b67f064ce8b3bc8d40ac76e65b
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
commit f729a1b0f8 upstream.
Going through all uses of timeval, I noticed that we screwed up
input_event in the previous attempts to fix it:
The time fields now match between kernel and user space, but all following
fields are in the wrong place.
Add the required padding that is implied by the glibc timeval definition
to fix the layout, and use a struct initializer to avoid leaking kernel
stack data.
Fixes: 141e5dcaa7 ("Input: input_event - fix the CONFIG_SPARC64 mixup")
Fixes: 2e746942eb ("Input: input_event - provide override for sparc64")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Link: https://lore.kernel.org/r/20191213204936.3643476-2-arnd@arndb.de
Cc: stable@vger.kernel.org
Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl4bAEoACgkQONu9yGCS
aT70DQ//YgSd3JJ9/d7TLy+Mm8GrlZIZWgRrz8YZdKcJBG+l/c+m6FR0uLDw95nf
zIFq1GY8DwS3djuNkxPoz8yvIgqoHuSjEUo+YF8v71ZdnGCXIt6SCoKbugAH+azp
zTEJ4lU3/Wrc1Gh4w5zeSgdQVPIJBQ+d7pKccZHOJ0DFwbU3hQ69vqXcaxrFuhop
vqKvNNEeCT2l1AxgAhKwNhceFL3Rb/2HxAjUED68ueY/EZ0/OsoinboBu2riSKNu
NWZTPq7B2Kht19aV48FThwksEvkelz72gkSzKvrsT03tDtNewQ7C/mreUqpU6VZE
lrcIWOHjXMQyk3g3XZfG3j8ppzHvZPaG/WEqmnJV8txjtaRU8hvj3Q95kHPheTv6
O/Ds4OpHBaS5g6+dmsUmtfSrbrhm3KKXMn0IJvyYkC/VY0RVdLKTZu0TM5ZS5id/
zW4AZWWzephUID9LAwRrTWvfGKMBK6gEiv2AtnY4XRiEMYEFw45uP97yWcUCg89L
a3BCbhhiO4tMqL/lf7KD4vPbXZsRgDM3q1wLitvM2KCVVSA32XGRMT9x8A6uwTJl
OLL39NSi8h8rqn5S22AowKcR/3VakRNw9pf5Y6AH5xOnP3R/OBHzYJNho2DUc8OI
6p+zeUZkDEIsFI1wdJSaaSWsNdpJj3Sw6SdB2QJI3c782F4pFUA=
=RCVS
-----END PGP SIGNATURE-----
Merge 4.19.95 into android-4.19
Changes in 4.19.95
USB: dummy-hcd: use usb_urb_dir_in instead of usb_pipein
USB: dummy-hcd: increase max number of devices to 32
bpf: Fix passing modified ctx to ld/abs/ind instruction
regulator: fix use after free issue
ASoC: max98090: fix possible race conditions
locking/spinlock/debug: Fix various data races
netfilter: ctnetlink: netns exit must wait for callbacks
mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()
libtraceevent: Fix lib installation with O=
x86/efi: Update e820 with reserved EFI boot services data to fix kexec breakage
ASoC: Intel: bytcr_rt5640: Update quirk for Teclast X89
efi/gop: Return EFI_NOT_FOUND if there are no usable GOPs
efi/gop: Return EFI_SUCCESS if a usable GOP was found
efi/gop: Fix memory leak in __gop_query32/64()
ARM: dts: imx6ul: imx6ul-14x14-evk.dtsi: Fix SPI NOR probing
ARM: vexpress: Set-up shared OPP table instead of individual for each CPU
netfilter: uapi: Avoid undefined left-shift in xt_sctp.h
netfilter: nft_set_rbtree: bogus lookup/get on consecutive elements in named sets
netfilter: nf_tables: validate NFT_SET_ELEM_INTERVAL_END
netfilter: nf_tables: validate NFT_DATA_VALUE after nft_data_init()
ARM: dts: BCM5301X: Fix MDIO node address/size cells
selftests/ftrace: Fix multiple kprobe testcase
ARM: dts: Cygnus: Fix MDIO node address/size cells
spi: spi-cavium-thunderx: Add missing pci_release_regions()
ASoC: topology: Check return value for soc_tplg_pcm_create()
ARM: dts: bcm283x: Fix critical trip point
bnxt_en: Return error if FW returns more data than dump length
bpf, mips: Limit to 33 tail calls
spi: spi-ti-qspi: Fix a bug when accessing non default CS
ARM: dts: am437x-gp/epos-evm: fix panel compatible
samples: bpf: Replace symbol compare of trace_event
samples: bpf: fix syscall_tp due to unused syscall
powerpc: Ensure that swiotlb buffer is allocated from low memory
btrfs: Fix error messages in qgroup_rescan_init
bpf: Clear skb->tstamp in bpf_redirect when necessary
bnx2x: Do not handle requests from VFs after parity
bnx2x: Fix logic to get total no. of PFs per engine
cxgb4: Fix kernel panic while accessing sge_info
net: usb: lan78xx: Fix error message format specifier
parisc: add missing __init annotation
rfkill: Fix incorrect check to avoid NULL pointer dereference
ASoC: wm8962: fix lambda value
regulator: rn5t618: fix module aliases
iommu/iova: Init the struct iova to fix the possible memleak
kconfig: don't crash on NULL expressions in expr_eq()
perf/x86/intel: Fix PT PMI handling
fs: avoid softlockups in s_inodes iterators
net: stmmac: Do not accept invalid MTU values
net: stmmac: xgmac: Clear previous RX buffer size
net: stmmac: RX buffer size must be 16 byte aligned
net: stmmac: Always arm TX Timer at end of transmission start
s390/purgatory: do not build purgatory with kcov, kasan and friends
drm/exynos: gsc: add missed component_del
s390/dasd/cio: Interpret ccw_device_get_mdc return value correctly
s390/dasd: fix memleak in path handling error case
block: fix memleak when __blk_rq_map_user_iov() is failed
parisc: Fix compiler warnings in debug_core.c
llc2: Fix return statement of llc_stat_ev_rx_null_dsap_xid_c (and _test_c)
hv_netvsc: Fix unwanted rx_table reset
powerpc/vcpu: Assume dedicated processors as non-preempt
powerpc/spinlocks: Include correct header for static key
cpufreq: imx6q: read OCOTP through nvmem for imx6ul/imx6ull
ARM: dts: imx6ul: use nvmem-cells for cpu speed grading
PCI/switchtec: Read all 64 bits of part_event_bitmap
gtp: fix bad unlock balance in gtp_encap_enable_socket
macvlan: do not assume mac_header is set in macvlan_broadcast()
net: dsa: mv88e6xxx: Preserve priority when setting CPU port.
net: stmmac: dwmac-sun8i: Allow all RGMII modes
net: stmmac: dwmac-sunxi: Allow all RGMII modes
net: usb: lan78xx: fix possible skb leak
pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM
sch_cake: avoid possible divide by zero in cake_enqueue()
sctp: free cmd->obj.chunk for the unprocessed SCTP_CMD_REPLY
tcp: fix "old stuff" D-SACK causing SACK to be treated as D-SACK
vxlan: fix tos value before xmit
vlan: fix memory leak in vlan_dev_set_egress_priority
vlan: vlan_changelink() should propagate errors
mlxsw: spectrum_qdisc: Ignore grafting of invisible FIFO
net: sch_prio: When ungrafting, replace with FIFO
usb: dwc3: gadget: Fix request complete check
USB: core: fix check for duplicate endpoints
USB: serial: option: add Telit ME910G1 0x110a composition
usb: missing parentheses in USE_NEW_SCHEME
Linux 4.19.95
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I611f034c58f975a5d2b70eed0a0884f1ff5b09cc
[ Upstream commit 164166558a ]
With 'bytes(__u32)' being 32, a left-shift of 31 may happen which is
undefined for the signed 32-bit value 1. Avoid this by declaring 1 as
unsigned.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Add a statx attribute bit STATX_ATTR_VERITY which will be set if the
file has fs-verity enabled. This is the statx() equivalent of
FS_VERITY_FL which is returned by FS_IOC_GETFLAGS.
This is useful because it allows applications to check whether a file is
a verity file without opening it. Opening a verity file can be
expensive because the fsverity_info is set up on open, which involves
parsing metadata and optionally verifying a cryptographic signature.
This is analogous to how various other bits are exposed through both
FS_IOC_GETFLAGS and statx(), e.g. the encrypt bit.
Reviewed-by: Andreas Dilger <adilger@dilger.ca>
Acked-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Inline encryption hardware compliant with the UFS v2.1 standard or with
the upcoming version of the eMMC standard has the following properties:
(1) Per I/O request, the encryption key is specified by a previously
loaded keyslot. There might be only a small number of keyslots.
(2) Per I/O request, the starting IV is specified by a 64-bit "data unit
number" (DUN). IV bits 64-127 are assumed to be 0. The hardware
automatically increments the DUN for each "data unit" of
configurable size in the request, e.g. for each filesystem block.
Property (1) makes it inefficient to use the traditional fscrypt
per-file keys. Property (2) precludes the use of the existing
DIRECT_KEY fscrypt policy flag, which needs at least 192 IV bits.
Therefore, add a new fscrypt policy flag IV_INO_LBLK_64 which causes the
encryption to modified as follows:
- The encryption keys are derived from the master key, encryption mode
number, and filesystem UUID.
- The IVs are chosen as (inode_number << 32) | file_logical_block_num.
For filenames encryption, file_logical_block_num is 0.
Since the file nonces aren't used in the key derivation, many files may
share the same encryption key. This is much more efficient on the
target hardware. Including the inode number in the IVs and mixing the
filesystem UUID into the keys ensures that data in different files is
nevertheless still encrypted differently.
Additionally, limiting the inode and block numbers to 32 bits and
placing the block number in the low bits maintains compatibility with
the 64-bit DUN convention (property (2) above).
Since this scheme assumes that inode numbers are stable (which may
preclude filesystem shrinking) and that inode and file logical block
numbers are at most 32-bit, IV_INO_LBLK_64 will only be allowed on
filesystems that meet these constraints. These are acceptable
limitations for the cases where this format would actually be used.
Note that IV_INO_LBLK_64 is an on-disk format, not an implementation.
This patch just adds support for it using the existing filesystem layer
encryption. A later patch will add support for inline encryption.
Reviewed-by: Paul Crowley <paulcrowley@google.com>
Co-developed-by: Satya Tangirala <satyat@google.com>
Signed-off-by: Satya Tangirala <satyat@google.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl4La9gACgkQONu9yGCS
aT6hlA//TDpj9rdEwkaKyg/Ge4TCOJSOiwlp2/5lg2Sroiuizz527hVybGOOYAHl
gMA2Syt73PWStyfgl5B3AimcBvPADX8h/b1KiSoIdHFkq5rPFyneB6aEj+5jSK1V
63UnnTV0T49wt0Jvs6nN0FxI4ZCXbfjzaSVz4BGIflz6h9UUkPAu91CJTKtPmrAp
pliH20cMOykxyS/KfKa6zDcpIfU0k+DxL5U0Y5F1YRDKc1iPg8e6I3cNLgwKSja6
21BgdoTyZdvbC85HxSY7V6Dswp4YQPBY3y8crp8npZ9apbYV7eNU3L1+WVQvxpFg
kahhyjalqwqkKq+cTEsIFj7cjPksSlH/qytTS+lnN3BScXbFPp8GdzIazhQNSCv3
S/7T51CcvNoVcs9Qeu+nwyvx+H1LH4MYO4C7RYWZhPnMcA+/MxvT5WXNKfjf2ekM
N5h8xNATllzDuDkX+zVwW8i80SCyhVqQIKbXLn8ugGYW3G5TNdy8Ysh0kdrq26Y+
LAELsbQhK/Kt8WF+XNBpb9LLbeUGn1GTwhnbEuD7IKI+bVxnmsGk8QUu3h+a9xFh
lI7bsj8Ku9T+59/9xqAnoStEto+0tdTPB9Cx1jNdWlLiVdkewiDKiUbloFpDFS1n
L3SvqB68DC/IznQcK970g3aIx9zbkb2KZRdj2Fu7apaY5D9q85I=
=W+5k
-----END PGP SIGNATURE-----
Merge 4.19.92 into android-4.19
Changes in 4.19.92
af_packet: set defaule value for tmo
fjes: fix missed check in fjes_acpi_add
mod_devicetable: fix PHY module format
net: dst: Force 4-byte alignment of dst_metrics
net: gemini: Fix memory leak in gmac_setup_txqs
net: hisilicon: Fix a BUG trigered by wrong bytes_compl
net: nfc: nci: fix a possible sleep-in-atomic-context bug in nci_uart_tty_receive()
net: qlogic: Fix error paths in ql_alloc_large_buffers()
net: usb: lan78xx: Fix suspend/resume PHY register access error
qede: Disable hardware gro when xdp prog is installed
qede: Fix multicast mac configuration
sctp: fully initialize v4 addr in some functions
selftests: forwarding: Delete IPv6 address at the end
btrfs: don't double lock the subvol_sem for rename exchange
btrfs: do not call synchronize_srcu() in inode_tree_del
Btrfs: fix missing data checksums after replaying a log tree
btrfs: send: remove WARN_ON for readonly mount
btrfs: abort transaction after failed inode updates in create_subvol
btrfs: skip log replay on orphaned roots
btrfs: do not leak reloc root if we fail to read the fs root
btrfs: handle ENOENT in btrfs_uuid_tree_iterate
Btrfs: fix removal logic of the tree mod log that leads to use-after-free issues
ALSA: pcm: Avoid possible info leaks from PCM stream buffers
ALSA: hda/ca0132 - Keep power on during processing DSP response
ALSA: hda/ca0132 - Avoid endless loop
ALSA: hda/ca0132 - Fix work handling in delayed HP detection
drm: mst: Fix query_payload ack reply struct
drm/panel: Add missing drm_panel_init() in panel drivers
drm/bridge: analogix-anx78xx: silence -EPROBE_DEFER warnings
iio: light: bh1750: Resolve compiler warning and make code more readable
drm/amdgpu: grab the id mgr lock while accessing passid_mapping
spi: Add call to spi_slave_abort() function when spidev driver is released
staging: rtl8192u: fix multiple memory leaks on error path
staging: rtl8188eu: fix possible null dereference
rtlwifi: prevent memory leak in rtl_usb_probe
libertas: fix a potential NULL pointer dereference
ath10k: fix backtrace on coredump
IB/iser: bound protection_sg size by data_sg size
media: am437x-vpfe: Setting STD to current value is not an error
media: i2c: ov2659: fix s_stream return value
media: ov6650: Fix crop rectangle alignment not passed back
media: i2c: ov2659: Fix missing 720p register config
media: ov6650: Fix stored frame format not in sync with hardware
media: ov6650: Fix stored crop rectangle not in sync with hardware
tools/power/cpupower: Fix initializer override in hsw_ext_cstates
media: venus: core: Fix msm8996 frequency table
ath10k: fix offchannel tx failure when no ath10k_mac_tx_frm_has_freq
pinctrl: devicetree: Avoid taking direct reference to device name string
drm/amdkfd: fix a potential NULL pointer dereference (v2)
selftests/bpf: Correct path to include msg + path
media: venus: Fix occasionally failures to suspend
usb: renesas_usbhs: add suspend event support in gadget mode
hwrng: omap3-rom - Call clk_disable_unprepare() on exit only if not idled
regulator: max8907: Fix the usage of uninitialized variable in max8907_regulator_probe()
media: flexcop-usb: fix NULL-ptr deref in flexcop_usb_transfer_init()
media: cec-funcs.h: add status_req checks
drm/bridge: dw-hdmi: Refuse DDC/CI transfers on the internal I2C controller
samples: pktgen: fix proc_cmd command result check logic
block: Fix writeback throttling W=1 compiler warnings
mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring
drm/drm_vblank: Change EINVAL by the correct errno
media: cx88: Fix some error handling path in 'cx8800_initdev()'
media: ti-vpe: vpe: Fix Motion Vector vpdma stride
media: ti-vpe: vpe: fix a v4l2-compliance warning about invalid pixel format
media: ti-vpe: vpe: fix a v4l2-compliance failure about frame sequence number
media: ti-vpe: vpe: Make sure YUYV is set as default format
media: ti-vpe: vpe: fix a v4l2-compliance failure causing a kernel panic
media: ti-vpe: vpe: ensure buffers are cleaned up properly in abort cases
media: ti-vpe: vpe: fix a v4l2-compliance failure about invalid sizeimage
syscalls/x86: Use the correct function type in SYSCALL_DEFINE0
drm/amd/display: Fix dongle_caps containing stale information.
extcon: sm5502: Reset registers during initialization
x86/mm: Use the correct function type for native_set_fixmap()
ath10k: Correct error handling of dma_map_single()
drm/bridge: dw-hdmi: Restore audio when setting a mode
perf test: Report failure for mmap events
perf report: Add warning when libunwind not compiled in
usb: usbfs: Suppress problematic bind and unbind uevents.
iio: adc: max1027: Reset the device at probe time
Bluetooth: missed cpu_to_le16 conversion in hci_init4_req
Bluetooth: Workaround directed advertising bug in Broadcom controllers
Bluetooth: hci_core: fix init for HCI_USER_CHANNEL
bpf/stackmap: Fix deadlock with rq_lock in bpf_get_stack()
x86/mce: Lower throttling MCE messages' priority to warning
perf tests: Disable bp_signal testing for arm64
drm/gma500: fix memory disclosures due to uninitialized bytes
rtl8xxxu: fix RTL8723BU connection failure issue after warm reboot
ipmi: Don't allow device module unload when in use
x86/ioapic: Prevent inconsistent state when moving an interrupt
media: smiapp: Register sensor after enabling runtime PM on the device
md/bitmap: avoid race window between md_bitmap_resize and bitmap_file_clear_bit
arm64: psci: Reduce the waiting time for cpu_psci_cpu_kill()
i40e: initialize ITRN registers with correct values
net: phy: dp83867: enable robust auto-mdix
drm/tegra: sor: Use correct SOR index on Tegra210
spi: sprd: adi: Add missing lock protection when rebooting
ACPI: button: Add DMI quirk for Medion Akoya E2215T
RDMA/qedr: Fix memory leak in user qp and mr
gpu: host1x: Allocate gather copy for host1x
net: dsa: LAN9303: select REGMAP when LAN9303 enable
phy: qcom-usb-hs: Fix extcon double register after power cycle
s390/time: ensure get_clock_monotonic() returns monotonic values
s390/mm: add mm_pxd_folded() checks to pxd_free()
net: hns3: add struct netdev_queue debug info for TX timeout
libata: Ensure ata_port probe has completed before detach
loop: fix no-unmap write-zeroes request behavior
pinctrl: sh-pfc: sh7734: Fix duplicate TCLK1_B
iio: dln2-adc: fix iio_triggered_buffer_postenable() position
libbpf: Fix error handling in bpf_map__reuse_fd()
Bluetooth: Fix advertising duplicated flags
pinctrl: amd: fix __iomem annotation in amd_gpio_irq_handler()
ixgbe: protect TX timestamping from API misuse
media: rcar_drif: fix a memory disclosure
media: v4l2-core: fix touch support in v4l_g_fmt
nvmem: imx-ocotp: reset error status on probe
rfkill: allocate static minor
bnx2x: Fix PF-VF communication over multi-cos queues.
spi: img-spfi: fix potential double release
ALSA: timer: Limit max amount of slave instances
rtlwifi: fix memory leak in rtl92c_set_fw_rsvdpagepkt()
perf probe: Fix to find range-only function instance
perf probe: Fix to list probe event with correct line number
perf jevents: Fix resource leak in process_mapfile() and main()
perf probe: Walk function lines in lexical blocks
perf probe: Fix to probe an inline function which has no entry pc
perf probe: Fix to show ranges of variables in functions without entry_pc
perf probe: Fix to show inlined function callsite without entry_pc
libsubcmd: Use -O0 with DEBUG=1
perf probe: Fix to probe a function which has no entry pc
perf tools: Splice events onto evlist even on error
drm/amdgpu: disallow direct upload save restore list from gfx driver
drm/amdgpu: fix potential double drop fence reference
xen/gntdev: Use select for DMA_SHARED_BUFFER
perf parse: If pmu configuration fails free terms
perf probe: Skip overlapped location on searching variables
perf probe: Return a better scope DIE if there is no best scope
perf probe: Fix to show calling lines of inlined functions
perf probe: Skip end-of-sequence and non statement lines
perf probe: Filter out instances except for inlined subroutine and subprogram
ath10k: fix get invalid tx rate for Mesh metric
fsi: core: Fix small accesses and unaligned offsets via sysfs
media: pvrusb2: Fix oops on tear-down when radio support is not present
soundwire: intel: fix PDI/stream mapping for Bulk
crypto: atmel - Fix authenc support when it is set to m
ice: delay less
media: si470x-i2c: add missed operations in remove
EDAC/ghes: Fix grain calculation
spi: pxa2xx: Add missed security checks
ASoC: rt5677: Mark reg RT5677_PWR_ANLG2 as volatile
iio: dac: ad5446: Add support for new AD5600 DAC
ASoC: Intel: kbl_rt5663_rt5514_max98927: Add dmic format constraint
s390/disassembler: don't hide instruction addresses
nvme: Discard workaround for non-conformant devices
parport: load lowlevel driver if ports not found
bcache: fix static checker warning in bcache_device_free()
cpufreq: Register drivers only after CPU devices have been registered
x86/crash: Add a forward declaration of struct kimage
tracing: use kvcalloc for tgid_map array allocation
tracing/kprobe: Check whether the non-suffixed symbol is notrace
bcache: fix deadlock in bcache_allocator
iwlwifi: mvm: fix unaligned read of rx_pkt_status
ASoC: wm8904: fix regcache handling
spi: tegra20-slink: add missed clk_unprepare
tun: fix data-race in gro_normal_list()
crypto: virtio - deal with unsupported input sizes
mmc: tmio: Add MMC_CAP_ERASE to allow erase/discard/trim requests
btrfs: don't prematurely free work in end_workqueue_fn()
btrfs: don't prematurely free work in run_ordered_work()
ASoC: wm2200: add missed operations in remove and probe failure
spi: st-ssc4: add missed pm_runtime_disable
ASoC: wm5100: add missed pm_runtime_disable
ASoC: Intel: bytcr_rt5640: Update quirk for Acer Switch 10 SW5-012 2-in-1
x86/insn: Add some Intel instructions to the opcode map
brcmfmac: remove monitor interface when detaching
iwlwifi: check kasprintf() return value
fbtft: Make sure string is NULL terminated
net: ethernet: ti: ale: clean ale tbl on init and intf restart
crypto: sun4i-ss - Fix 64-bit size_t warnings
crypto: sun4i-ss - Fix 64-bit size_t warnings on sun4i-ss-hash.c
mac80211: consider QoS Null frames for STA_NULLFUNC_ACKED
crypto: vmx - Avoid weird build failures
libtraceevent: Fix memory leakage in copy_filter_type
mips: fix build when "48 bits virtual memory" is enabled
drm/amdgpu: fix bad DMA from INTERRUPT_CNTL2
net: phy: initialise phydev speed and duplex sanely
btrfs: don't prematurely free work in reada_start_machine_worker()
btrfs: don't prematurely free work in scrub_missing_raid56_worker()
Revert "mmc: sdhci: Fix incorrect switch to HS mode"
mmc: mediatek: fix CMD_TA to 2 for MT8173 HS200/HS400 mode
can: kvaser_usb: kvaser_usb_leaf: Fix some info-leaks to USB devices
usb: xhci: Fix build warning seen with CONFIG_PM=n
drm/amdgpu: fix uninitialized variable pasid_mapping_needed
s390/ftrace: fix endless recursion in function_graph tracer
btrfs: return error pointer from alloc_test_extent_buffer
usbip: Fix receive error in vhci-hcd when using scatter-gather
usbip: Fix error path of vhci_recv_ret_submit()
cpufreq: Avoid leaving stale IRQ work items during CPU offline
USB: EHCI: Do not return -EPIPE when hub is disconnected
intel_th: pci: Add Comet Lake PCH-V support
intel_th: pci: Add Elkhart Lake SOC support
platform/x86: hp-wmi: Make buffer for HPWMI_FEATURE2_QUERY 128 bytes
staging: comedi: gsc_hpdi: check dma_alloc_coherent() return value
ext4: fix ext4_empty_dir() for directories with holes
ext4: check for directory entries too close to block end
ext4: unlock on error in ext4_expand_extra_isize()
KVM: arm64: Ensure 'params' is initialised when looking up sys register
x86/MCE/AMD: Do not use rdmsr_safe_on_cpu() in smca_configure()
x86/MCE/AMD: Allow Reserved types to be overwritten in smca_banks[]
powerpc/vcpu: Assume dedicated processors as non-preempt
powerpc/irq: fix stack overflow verification
mmc: sdhci-msm: Correct the offset and value for DDR_CONFIG register
mmc: sdhci-of-esdhc: Revert "mmc: sdhci-of-esdhc: add erratum A-009204 support"
mmc: sdhci: Update the tuning failed messages to pr_debug level
mmc: sdhci-of-esdhc: fix P2020 errata handling
mmc: sdhci: Workaround broken command queuing on Intel GLK
mmc: sdhci: Add a quirk for broken command queuing
nbd: fix shutdown and recv work deadlock v2
perf probe: Fix to show function entry line as probe-able
Linux 4.19.92
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ic4c7f9c713549ebb3319cd0275e88678bfa0e53d
[ Upstream commit 9b211f9c5a ]
The CEC_MSG_GIVE_DECK_STATUS and CEC_MSG_GIVE_TUNER_DEVICE_STATUS commands
both have a status_req argument: ON, OFF, ONCE. If ON or ONCE, then the
follower will reply with a STATUS message. Either once or whenever the
status changes (status_req == ON).
If status_req == OFF, then it will stop sending continuous status updates,
but the follower will *not* send a STATUS message in that case.
This means that if status_req == OFF, then msg->reply should be 0 as well
since no reply is expected in that case.
Signed-off-by: Hans Verkuil <hverkuil-cisco@xs4all.nl>
Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl35M30ACgkQONu9yGCS
aT7MxQ/+P2k2knFpbzGfqn7Ug4fyrWJ8T0cvmcQYLxcddJdM+tQWuFfXR6rhg2U6
cCEkIAKVxihEA51PT6LYiynIMQ1UDAEYENfwYK4inVX2HbMsqDC4D0qnAkABzH27
sLXwhKOOGB/z1F7oKjjsX/cCwP3V2E0PL1P7owHZis6tB24pZrMEss24x/4+dDm9
zBDDxpR++mJypRvG3fA8oP5dhZZJNacIvLW+48wrxZWkIcVNnRV+QnyHZe68af1R
SH4+I12AAeEDyEsQI8yX8PmGAnj1RZrzRQhibxooyBH4642RbX2qCYJkutPjI5rG
pUl4970MdSHYMyEUwxh77b0jSO/9w7k02yatyp0DVA0PQ7p0lLBFZ96GEG9ytXJm
Csuc6HEXSSTvuX8pf/KAf18L6kgnUhlxywkDcrcAVLQofMDhODul3fJALmGSVJXW
jbp6AFoqT84I8Gm+je+vyuQciLnuH5C9wwxrOrWZzr+hLzZk60iG+OpRohn/g+Bx
PjDjvnump0JGjF89hfNc+v9F+ihz7GBwOxspGrgb27ViRIhcxf0GuYFxyJtEuDiW
6+gYNzWUaVC4RR1l1jXGWtGUPBsNV50sxFHK/Hx09UMIu/uJPMtF+TW9QDhJT1jr
kL1kKeCsRV54nWjiWKwTTI2I37xJCPuidW5hvLqf2+ZHYTfQzsE=
=Op5F
-----END PGP SIGNATURE-----
Merge 4.19.90 into android-4.19
Changes in 4.19.90
usb: gadget: configfs: Fix missing spin_lock_init()
usb: gadget: pch_udc: fix use after free
scsi: qla2xxx: Fix driver unload hang
media: venus: remove invalid compat_ioctl32 handler
USB: uas: honor flag to avoid CAPACITY16
USB: uas: heed CAPACITY_HEURISTICS
USB: documentation: flags on usb-storage versus UAS
usb: Allow USB device to be warm reset in suspended state
staging: rtl8188eu: fix interface sanity check
staging: rtl8712: fix interface sanity check
staging: gigaset: fix general protection fault on probe
staging: gigaset: fix illegal free on probe errors
staging: gigaset: add endpoint-type sanity check
usb: xhci: only set D3hot for pci device
xhci: Fix memory leak in xhci_add_in_port()
xhci: Increase STS_HALT timeout in xhci_suspend()
xhci: handle some XHCI_TRUST_TX_LENGTH quirks cases as default behaviour.
ARM: dts: pandora-common: define wl1251 as child node of mmc3
iio: adis16480: Add debugfs_reg_access entry
iio: humidity: hdc100x: fix IIO_HUMIDITYRELATIVE channel reporting
iio: imu: inv_mpu6050: fix temperature reporting using bad unit
USB: atm: ueagle-atm: add missing endpoint check
USB: idmouse: fix interface sanity checks
USB: serial: io_edgeport: fix epic endpoint lookup
usb: roles: fix a potential use after free
USB: adutux: fix interface sanity check
usb: core: urb: fix URB structure initialization function
usb: mon: Fix a deadlock in usbmon between mmap and read
tpm: add check after commands attribs tab allocation
mtd: spear_smi: Fix Write Burst mode
virtio-balloon: fix managed page counts when migrating pages between zones
usb: dwc3: pci: add ID for the Intel Comet Lake -H variant
usb: dwc3: gadget: Fix logical condition
usb: dwc3: ep0: Clear started flag on completion
phy: renesas: rcar-gen3-usb2: Fix sysfs interface of "role"
btrfs: check page->mapping when loading free space cache
btrfs: use refcount_inc_not_zero in kill_all_nodes
Btrfs: fix metadata space leak on fixup worker failure to set range as delalloc
Btrfs: fix negative subv_writers counter and data space leak after buffered write
btrfs: Avoid getting stuck during cyclic writebacks
btrfs: Remove btrfs_bio::flags member
Btrfs: send, skip backreference walking for extents with many references
btrfs: record all roots for rename exchange on a subvol
rtlwifi: rtl8192de: Fix missing code to retrieve RX buffer address
rtlwifi: rtl8192de: Fix missing callback that tests for hw release of buffer
rtlwifi: rtl8192de: Fix missing enable interrupt flag
lib: raid6: fix awk build warnings
ovl: fix corner case of non-unique st_dev;st_ino
ovl: relax WARN_ON() on rename to self
hwrng: omap - Fix RNG wait loop timeout
dm writecache: handle REQ_FUA
dm zoned: reduce overhead of backing device checks
workqueue: Fix spurious sanity check failures in destroy_workqueue()
workqueue: Fix pwq ref leak in rescuer_thread()
ASoC: rt5645: Fixed buddy jack support.
ASoC: rt5645: Fixed typo for buddy jack support.
ASoC: Jack: Fix NULL pointer dereference in snd_soc_jack_report
md: improve handling of bio with REQ_PREFLUSH in md_flush_request()
blk-mq: avoid sysfs buffer overflow with too many CPU cores
cgroup: pids: use atomic64_t for pids->limit
ar5523: check NULL before memcpy() in ar5523_cmd()
s390/mm: properly clear _PAGE_NOEXEC bit when it is not supported
media: bdisp: fix memleak on release
media: radio: wl1273: fix interrupt masking on release
media: cec.h: CEC_OP_REC_FLAG_ values were swapped
cpuidle: Do not unset the driver if it is there already
erofs: zero out when listxattr is called with no xattr
intel_th: Fix a double put_device() in error path
intel_th: pci: Add Ice Lake CPU support
intel_th: pci: Add Tiger Lake CPU support
PM / devfreq: Lock devfreq in trans_stat_show
cpufreq: powernv: fix stack bloat and hard limit on number of CPUs
ACPI / hotplug / PCI: Allocate resources directly under the non-hotplug bridge
ACPI: OSL: only free map once in osl.c
ACPI: bus: Fix NULL pointer check in acpi_bus_get_private_data()
ACPI: PM: Avoid attaching ACPI PM domain to certain devices
pinctrl: armada-37xx: Fix irq mask access in armada_37xx_irq_set_type()
pinctrl: samsung: Add of_node_put() before return in error path
pinctrl: samsung: Fix device node refcount leaks in Exynos wakeup controller init
pinctrl: samsung: Fix device node refcount leaks in S3C24xx wakeup controller init
pinctrl: samsung: Fix device node refcount leaks in init code
pinctrl: samsung: Fix device node refcount leaks in S3C64xx wakeup controller init
mmc: host: omap_hsmmc: add code for special init of wl1251 to get rid of pandora_wl1251_init_card
ARM: dts: omap3-tao3530: Fix incorrect MMC card detection GPIO polarity
ppdev: fix PPGETTIME/PPSETTIME ioctls
powerpc: Allow 64bit VDSO __kernel_sync_dicache to work across ranges >4GB
powerpc/xive: Prevent page fault issues in the machine crash handler
powerpc: Allow flush_icache_range to work across ranges >4GB
powerpc/xive: Skip ioremap() of ESB pages for LSI interrupts
video/hdmi: Fix AVI bar unpack
quota: Check that quota is not dirty before release
ext2: check err when partial != NULL
quota: fix livelock in dquot_writeback_dquots
ext4: Fix credit estimate for final inode freeing
reiserfs: fix extended attributes on the root directory
block: fix single range discard merge
scsi: zfcp: trace channel log even for FCP command responses
scsi: qla2xxx: Fix DMA unmap leak
scsi: qla2xxx: Fix hang in fcport delete path
scsi: qla2xxx: Fix session lookup in qlt_abort_work()
scsi: qla2xxx: Fix qla24xx_process_bidir_cmd()
scsi: qla2xxx: Always check the qla2x00_wait_for_hba_online() return value
scsi: qla2xxx: Fix message indicating vectors used by driver
scsi: qla2xxx: Fix SRB leak on switch command timeout
xhci: make sure interrupts are restored to correct state
usb: typec: fix use after free in typec_register_port()
omap: pdata-quirks: remove openpandora quirks for mmc3 and wl1251
scsi: lpfc: Cap NPIV vports to 256
scsi: lpfc: Correct code setting non existent bits in sli4 ABORT WQE
scsi: lpfc: Correct topology type reporting on G7 adapters
drbd: Change drbd_request_detach_interruptible's return type to int
e100: Fix passing zero to 'PTR_ERR' warning in e100_load_ucode_wait
pvcalls-front: don't return error when the ring is full
sch_cake: Correctly update parent qlen when splitting GSO packets
net/smc: do not wait under send_lock
net: hns3: clear pci private data when unload hns3 driver
net: hns3: change hnae3_register_ae_dev() to int
net: hns3: Check variable is valid before assigning it to another
scsi: hisi_sas: send primitive NOTIFY to SSP situation only
scsi: hisi_sas: Reject setting programmed minimum linkrate > 1.5G
x86/MCE/AMD: Turn off MC4_MISC thresholding on all family 0x15 models
x86/MCE/AMD: Carve out the MC4_MISC thresholding quirk
power: supply: cpcap-battery: Fix signed counter sample register
mlxsw: spectrum_router: Refresh nexthop neighbour when it becomes dead
media: vimc: fix component match compare
ath10k: fix fw crash by moving chip reset after napi disabled
regulator: 88pm800: fix warning same module names
powerpc: Avoid clang warnings around setjmp and longjmp
powerpc: Fix vDSO clock_getres()
ext4: work around deleting a file with i_nlink == 0 safely
firmware: qcom: scm: Ensure 'a0' status code is treated as signed
mm/shmem.c: cast the type of unmap_start to u64
rtc: disable uie before setting time and enable after
splice: only read in as much information as there is pipe buffer space
ext4: fix a bug in ext4_wait_for_tail_page_commit
mfd: rk808: Fix RK818 ID template
mm, thp, proc: report THP eligibility for each vma
s390/smp,vdso: fix ASCE handling
blk-mq: make sure that line break can be printed
workqueue: Fix missing kfree(rescuer) in destroy_workqueue()
perf callchain: Fix segfault in thread__resolve_callchain_sample()
gre: refetch erspan header from skb->data after pskb_may_pull()
firmware: arm_scmi: Avoid double free in error flow
sunrpc: fix crash when cache_head become valid before update
net/mlx5e: Fix SFF 8472 eeprom length
leds: trigger: netdev: fix handling on interface rename
PCI: rcar: Fix missing MACCTLR register setting in initialization sequence
gfs2: fix glock reference problem in gfs2_trans_remove_revoke
of: overlay: add_changeset_property() memory leak
kernel/module.c: wakeup processes in module_wq on module unload
cifs: Fix potential softlockups while refreshing DFS cache
gpiolib: acpi: Add Terra Pad 1061 to the run_edge_events_on_boot_blacklist
raid5: need to set STRIPE_HANDLE for batch head
scsi: qla2xxx: Change discovery state before PLOGI
iio: imu: mpu6050: add missing available scan masks
idr: Fix idr_get_next_ul race with idr_remove
scsi: zorro_esp: Limit DMA transfers to 65536 bytes (except on Fastlane)
of: unittest: fix memory leak in attach_node_and_children
Linux 4.19.90
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I790291e9f3d3c8dd3f53e4387de25ff272ad4f39
commit 806e0cdfee upstream.
CEC_OP_REC_FLAG_NOT_USED is 0 and CEC_OP_REC_FLAG_USED is 1, not the
other way around.
Signed-off-by: Hans Verkuil <hverkuil-cisco@xs4all.nl>
Reported-by: Jiunn Chang <c0d1n61at3@gmail.com>
Cc: <stable@vger.kernel.org> # for v4.10 and up
Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
It doesn't make sense to call the header binder_ctl.h when its sole
existence is tied to binderfs. So give it a sensible name. Users will far
more easily remember binderfs.h than binder_ctl.h.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 136497735
(cherry picked from commit c13295ad21)
Change-Id: Ide6275bbbaec2e25df19e11754afb7f1827888b2
Signed-off-by: Hridya Valsaraju <hridya@google.com>
As discussed at Linux Plumbers Conference 2018 in Vancouver [1] this is the
implementation of binderfs.
/* Abstract */
binderfs is a backwards-compatible filesystem for Android's binder ipc
mechanism. Each ipc namespace will mount a new binderfs instance. Mounting
binderfs multiple times at different locations in the same ipc namespace
will not cause a new super block to be allocated and hence it will be the
same filesystem instance.
Each new binderfs mount will have its own set of binder devices only
visible in the ipc namespace it has been mounted in. All devices in a new
binderfs mount will follow the scheme binder%d and numbering will always
start at 0.
/* Backwards compatibility */
Devices requested in the Kconfig via CONFIG_ANDROID_BINDER_DEVICES for the
initial ipc namespace will work as before. They will be registered via
misc_register() and appear in the devtmpfs mount. Specifically, the
standard devices binder, hwbinder, and vndbinder will all appear in their
standard locations in /dev. Mounting or unmounting the binderfs mount in
the initial ipc namespace will have no effect on these devices, i.e. they
will neither show up in the binderfs mount nor will they disappear when the
binderfs mount is gone.
/* binder-control */
Each new binderfs instance comes with a binder-control device. No other
devices will be present at first. The binder-control device can be used to
dynamically allocate binder devices. All requests operate on the binderfs
mount the binder-control device resides in.
Assuming a new instance of binderfs has been mounted at /dev/binderfs
via mount -t binderfs binderfs /dev/binderfs. Then a request to create a
new binder device can be made as illustrated in [2].
Binderfs devices can simply be removed via unlink().
/* Implementation details */
- dynamic major number allocation:
When binderfs is registered as a new filesystem it will dynamically
allocate a new major number. The allocated major number will be returned
in struct binderfs_device when a new binder device is allocated.
- global minor number tracking:
Minor are tracked in a global idr struct that is capped at
BINDERFS_MAX_MINOR. The minor number tracker is protected by a global
mutex. This is the only point of contention between binderfs mounts.
- struct binderfs_info:
Each binderfs super block has its own struct binderfs_info that tracks
specific details about a binderfs instance:
- ipc namespace
- dentry of the binder-control device
- root uid and root gid of the user namespace the binderfs instance
was mounted in
- mountable by user namespace root:
binderfs can be mounted by user namespace root in a non-initial user
namespace. The devices will be owned by user namespace root.
- binderfs binder devices without misc infrastructure:
New binder devices associated with a binderfs mount do not use the
full misc_register() infrastructure.
The misc_register() infrastructure can only create new devices in the
host's devtmpfs mount. binderfs does however only make devices appear
under its own mountpoint and thus allocates new character device nodes
from the inode of the root dentry of the super block. This will have
the side-effect that binderfs specific device nodes do not appear in
sysfs. This behavior is similar to devpts allocated pts devices and
has no effect on the functionality of the ipc mechanism itself.
[1]: https://goo.gl/JL2tfX
[2]: program to allocate a new binderfs binder device:
#define _GNU_SOURCE
#include <errno.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/ioctl.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>
#include <linux/android/binder_ctl.h>
int main(int argc, char *argv[])
{
int fd, ret, saved_errno;
size_t len;
struct binderfs_device device = { 0 };
if (argc < 2)
exit(EXIT_FAILURE);
len = strlen(argv[1]);
if (len > BINDERFS_MAX_NAME)
exit(EXIT_FAILURE);
memcpy(device.name, argv[1], len);
fd = open("/dev/binderfs/binder-control", O_RDONLY | O_CLOEXEC);
if (fd < 0) {
printf("%s - Failed to open binder-control device\n",
strerror(errno));
exit(EXIT_FAILURE);
}
ret = ioctl(fd, BINDER_CTL_ADD, &device);
saved_errno = errno;
close(fd);
errno = saved_errno;
if (ret < 0) {
printf("%s - Failed to allocate new binder device\n",
strerror(errno));
exit(EXIT_FAILURE);
}
printf("Allocated new binder device with major %d, minor %d, and "
"name %s\n", device.major, device.minor,
device.name);
exit(EXIT_SUCCESS);
}
Cc: Martijn Coenen <maco@android.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Acked-by: Todd Kjos <tkjos@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 136497735
(cherry picked from commit 3ad20fe393)
Change-Id: I145af9b0bc25b3a59a4f663c9e926889c2b41d18
Signed-off-by: Hridya Valsaraju <hridya@google.com>
Inline encryption hardware compliant with the UFS v2.1 standard or with
the upcoming version of the eMMC standard has the following properties:
(1) Per I/O request, the encryption key is specified by a previously
loaded keyslot. There might be only a small number of keyslots.
(2) Per I/O request, the starting IV is specified by a 64-bit "data unit
number" (DUN). IV bits 64-127 are assumed to be 0. The hardware
automatically increments the DUN for each "data unit" of
configurable size in the request, e.g. for each filesystem block.
Property (1) makes it inefficient to use the traditional fscrypt
per-file keys. Property (2) precludes the use of the existing
DIRECT_KEY fscrypt policy flag, which needs at least 192 IV bits.
Therefore, add a new fscrypt policy flag IV_INO_LBLK_64 which causes the
encryption to modified as follows:
- The encryption keys are derived from the master key, encryption mode
number, and filesystem UUID.
- The IVs are chosen as (inode_number << 32) | file_logical_block_num.
For filenames encryption, file_logical_block_num is 0.
Since the file nonces aren't used in the key derivation, many files may
share the same encryption key. This is much more efficient on the
target hardware. Including the inode number in the IVs and mixing the
filesystem UUID into the keys ensures that data in different files is
nevertheless still encrypted differently.
Additionally, limiting the inode and block numbers to 32 bits and
placing the block number in the low bits maintains compatibility with
the 64-bit DUN convention (property (2) above).
Since this scheme assumes that inode numbers are stable (which may
preclude filesystem shrinking) and that inode and file logical block
numbers are at most 32-bit, IV_INO_LBLK_64 will only be allowed on
filesystems that meet these constraints. These are acceptable
limitations for the cases where this format would actually be used.
Note that IV_INO_LBLK_64 is an on-disk format, not an implementation.
This patch just adds support for it using the existing filesystem layer
encryption. A later patch will add support for inline encryption.
Co-developed-by: Satya Tangirala <satyat@google.com>
Signed-off-by: Satya Tangirala <satyat@google.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Change-Id: Iedecd7fa1ce8eefffdec57257e27e679938b0ad7
Signed-off-by: Satya Tangirala <satyat@google.com>
Link: https://patchwork.kernel.org/patch/11210909/
* aosp/upstream-f2fs-stable-linux-4.19.y:
f2fs: add a condition to detect overflow in f2fs_ioc_gc_range()
f2fs: fix to add missing F2FS_IO_ALIGNED() condition
f2fs: fix to fallback to buffered IO in IO aligned mode
f2fs: fix to handle error path correctly in f2fs_map_blocks
f2fs: fix extent corrupotion during directIO in LFS mode
f2fs: check all the data segments against all node ones
f2fs: Add a small clarification to CONFIG_FS_F2FS_FS_SECURITY
f2fs: fix inode rwsem regression
f2fs: fix to avoid accessing uninitialized field of inode page in is_alive()
f2fs: avoid infinite GC loop due to stale atomic files
f2fs: Fix indefinite loop in f2fs_gc()
f2fs: convert inline_data in prior to i_size_write
f2fs: fix error path of f2fs_convert_inline_page()
f2fs: add missing documents of reserve_root/resuid/resgid
f2fs: fix flushing node pages when checkpoint is disabled
f2fs: enhance f2fs_is_checkpoint_ready()'s readability
f2fs: clean up __bio_alloc()'s parameter
f2fs: fix wrong error injection path in inc_valid_block_count()
f2fs: fix to writeout dirty inode during node flush
f2fs: optimize case-insensitive lookups
f2fs: introduce f2fs_match_name() for cleanup
f2fs: Fix indefinite loop in f2fs_gc()
f2fs: allocate memory in batch in build_sit_info()
f2fs: support FS_IOC_{GET,SET}FSLABEL
f2fs: fix to avoid data corruption by forbidding SSR overwrite
f2fs: Fix build error while CONFIG_NLS=m
Revert "f2fs: avoid out-of-range memory access"
f2fs: cleanup the code in build_sit_entries.
f2fs: fix wrong available node count calculation
f2fs: remove duplicate code in f2fs_file_write_iter
f2fs: fix to migrate blocks correctly during defragment
f2fs: use wrapped f2fs_cp_error()
f2fs: fix to use more generic EOPNOTSUPP
f2fs: use wrapped IS_SWAPFILE()
f2fs: Support case-insensitive file name lookups
f2fs: include charset encoding information in the superblock
fs: Reserve flag for casefolding
f2fs: fix to avoid call kvfree under spinlock
fs: f2fs: Remove unnecessary checks of SM_I(sbi) in update_general_status()
f2fs: disallow direct IO in atomic write
f2fs: fix to handle quota_{on,off} correctly
f2fs: fix to detect cp error in f2fs_setxattr()
f2fs: fix to spread f2fs_is_checkpoint_ready()
f2fs: support fiemap() for directory inode
f2fs: fix to avoid discard command leak
f2fs: fix to avoid tagging SBI_QUOTA_NEED_REPAIR incorrectly
f2fs: fix to drop meta/node pages during umount
f2fs: disallow switching io_bits option during remount
f2fs: fix panic of IO alignment feature
f2fs: introduce {page,io}_is_mergeable() for readability
f2fs: fix livelock in swapfile writes
f2fs: add fs-verity support
ext4: update on-disk format documentation for fs-verity
ext4: add fs-verity read support
ext4: add basic fs-verity support
fs-verity: support builtin file signatures
fs-verity: add SHA-512 support
fs-verity: implement FS_IOC_MEASURE_VERITY ioctl
fs-verity: implement FS_IOC_ENABLE_VERITY ioctl
fs-verity: add data verification hooks for ->readpages()
fs-verity: add the hook for file ->setattr()
fs-verity: add the hook for file ->open()
fs-verity: add inode and superblock fields
fs-verity: add Kconfig and the helper functions for hashing
fs: uapi: define verity bit for FS_IOC_GETFLAGS
fs-verity: add UAPI header
fs-verity: add MAINTAINERS file entry
fs-verity: add a documentation file
ext4: fix kernel oops caused by spurious casefold flag
ext4: fix coverity warning on error path of filename setup
ext4: optimize case-insensitive lookups
ext4: fix dcache lookup of !casefolded directories
unicode: update to Unicode 12.1.0 final
unicode: add missing check for an error return from utf8lookup()
ext4: export /sys/fs/ext4/feature/casefold if Unicode support is present
unicode: refactor the rule for regenerating utf8data.h
ext4: Support case-insensitive file name lookups
ext4: include charset encoding information in the superblock
unicode: update unicode database unicode version 12.1.0
unicode: introduce test module for normalized utf8 implementation
unicode: implement higher level API for string handling
unicode: reduce the size of utf8data[]
unicode: introduce code for UTF-8 normalization
unicode: introduce UTF-8 character database
ext4 crypto: fix to check feature status before get policy
fscrypt: document the new ioctls and policy version
ubifs: wire up new fscrypt ioctls
f2fs: wire up new fscrypt ioctls
ext4: wire up new fscrypt ioctls
fscrypt: require that key be added when setting a v2 encryption policy
fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS ioctl
fscrypt: allow unprivileged users to add/remove keys for v2 policies
fscrypt: v2 encryption policy support
fscrypt: add an HKDF-SHA512 implementation
fscrypt: add FS_IOC_GET_ENCRYPTION_KEY_STATUS ioctl
fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl
fscrypt: add FS_IOC_ADD_ENCRYPTION_KEY ioctl
fscrypt: rename keyinfo.c to keysetup.c
fscrypt: move v1 policy key setup to keysetup_v1.c
fscrypt: refactor key setup code in preparation for v2 policies
fscrypt: rename fscrypt_master_key to fscrypt_direct_key
fscrypt: add ->ci_inode to fscrypt_info
fscrypt: use FSCRYPT_* definitions, not FS_*
fscrypt: use FSCRYPT_ prefix for uapi constants
fs, fscrypt: move uapi definitions to new header <linux/fscrypt.h>
fscrypt: use ENOPKG when crypto API support missing
fscrypt: improve warnings for missing crypto API support
fscrypt: improve warning messages for unsupported encryption contexts
fscrypt: make fscrypt_msg() take inode instead of super_block
fscrypt: clean up base64 encoding/decoding
fscrypt: remove loadable module related code
Conflicts:
fs/ext4/ioctl.c
fs/ext4/readpage.c
Bug: 141329812
Change-Id: I2e10c22a7c52982d073ac6897cc8aa4d5a811a38
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
(Upstream commit 63f0c60379).
It is not desirable to relax the ABI to allow tagged user addresses into
the kernel indiscriminately. This patch introduces a prctl() interface
for enabling or disabling the tagged ABI with a global sysctl control
for preventing applications from enabling the relaxed ABI (meant for
testing user-space prctl() return error checking without reconfiguring
the kernel). The ABI properties are inherited by threads of the same
application and fork()'ed children but cleared on execve(). A Kconfig
option allows the overall disabling of the relaxed ABI.
The PR_SET_TAGGED_ADDR_CTRL will be expanded in the future to handle
MTE-specific settings like imprecise vs precise exceptions.
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
Signed-off-by: Will Deacon <will@kernel.org>
Change-Id: I2d52c5589b05415faab315c116245f1058d64750
Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
Bug: 135692346
In preparation for including the casefold feature within f2fs, elevate
the EXT4_CASEFOLD_FL flag to FS_CASEFOLD_FL.
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Reviewed-by: Chao Yu <yuchao0@huawei.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Add SHA-512 support to fs-verity. This is primarily a demonstration of
the trivial changes needed to support a new hash algorithm in fs-verity;
most users will still use SHA-256, due to the smaller space required to
store the hashes. But some users may prefer SHA-512.
Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Reviewed-by: Jaegeuk Kim <jaegeuk@kernel.org>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Add FS_VERITY_FL to the flags for FS_IOC_GETFLAGS, so that applications
can easily determine whether a file is a verity file at the same time as
they're checking other file flags. This flag will be gettable only;
FS_IOC_SETFLAGS won't allow setting it, since an ioctl must be used
instead to provide more parameters.
This flag matches the on-disk bit that was already allocated for ext4.
Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Reviewed-by: Jaegeuk Kim <jaegeuk@kernel.org>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Add a root-only variant of the FS_IOC_REMOVE_ENCRYPTION_KEY ioctl which
removes all users' claims of the key, not just the current user's claim.
I.e., it always removes the key itself, no matter how many users have
added it.
This is useful for forcing a directory to be locked, without having to
figure out which user ID(s) the key was added under. This is planned to
be used by a command like 'sudo fscrypt lock DIR --all-users' in the
fscrypt userspace tool (http://github.com/google/fscrypt).
Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Allow the FS_IOC_ADD_ENCRYPTION_KEY and FS_IOC_REMOVE_ENCRYPTION_KEY
ioctls to be used by non-root users to add and remove encryption keys
from the filesystem-level crypto keyrings, subject to limitations.
Motivation: while privileged fscrypt key management is sufficient for
some users (e.g. Android and Chromium OS, where a privileged process
manages all keys), the old API by design also allows non-root users to
set up and use encrypted directories, and we don't want to regress on
that. Especially, we don't want to force users to continue using the
old API, running into the visibility mismatch between files and keyrings
and being unable to "lock" encrypted directories.
Intuitively, the ioctls have to be privileged since they manipulate
filesystem-level state. However, it's actually safe to make them
unprivileged if we very carefully enforce some specific limitations.
First, each key must be identified by a cryptographic hash so that a
user can't add the wrong key for another user's files. For v2
encryption policies, we use the key_identifier for this. v1 policies
don't have this, so managing keys for them remains privileged.
Second, each key a user adds is charged to their quota for the keyrings
service. Thus, a user can't exhaust memory by adding a huge number of
keys. By default each non-root user is allowed up to 200 keys; this can
be changed using the existing sysctl 'kernel.keys.maxkeys'.
Third, if multiple users add the same key, we keep track of those users
of the key (of which there remains a single copy), and won't really
remove the key, i.e. "lock" the encrypted files, until all those users
have removed it. This prevents denial of service attacks that would be
possible under simpler schemes, such allowing the first user who added a
key to remove it -- since that could be a malicious user who has
compromised the key. Of course, encryption keys should be kept secret,
but the idea is that using encryption should never be *less* secure than
not using encryption, even if your key was compromised.
We tolerate that a user will be unable to really remove a key, i.e.
unable to "lock" their encrypted files, if another user has added the
same key. But in a sense, this is actually a good thing because it will
avoid providing a false notion of security where a key appears to have
been removed when actually it's still in memory, available to any
attacker who compromises the operating system kernel.
Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Add a new fscrypt policy version, "v2". It has the following changes
from the original policy version, which we call "v1" (*):
- Master keys (the user-provided encryption keys) are only ever used as
input to HKDF-SHA512. This is more flexible and less error-prone, and
it avoids the quirks and limitations of the AES-128-ECB based KDF.
Three classes of cryptographically isolated subkeys are defined:
- Per-file keys, like used in v1 policies except for the new KDF.
- Per-mode keys. These implement the semantics of the DIRECT_KEY
flag, which for v1 policies made the master key be used directly.
These are also planned to be used for inline encryption when
support for it is added.
- Key identifiers (see below).
- Each master key is identified by a 16-byte master_key_identifier,
which is derived from the key itself using HKDF-SHA512. This prevents
users from associating the wrong key with an encrypted file or
directory. This was easily possible with v1 policies, which
identified the key by an arbitrary 8-byte master_key_descriptor.
- The key must be provided in the filesystem-level keyring, not in a
process-subscribed keyring.
The following UAPI additions are made:
- The existing ioctl FS_IOC_SET_ENCRYPTION_POLICY can now be passed a
fscrypt_policy_v2 to set a v2 encryption policy. It's disambiguated
from fscrypt_policy/fscrypt_policy_v1 by the version code prefix.
- A new ioctl FS_IOC_GET_ENCRYPTION_POLICY_EX is added. It allows
getting the v1 or v2 encryption policy of an encrypted file or
directory. The existing FS_IOC_GET_ENCRYPTION_POLICY ioctl could not
be used because it did not have a way for userspace to indicate which
policy structure is expected. The new ioctl includes a size field, so
it is extensible to future fscrypt policy versions.
- The ioctls FS_IOC_ADD_ENCRYPTION_KEY, FS_IOC_REMOVE_ENCRYPTION_KEY,
and FS_IOC_GET_ENCRYPTION_KEY_STATUS now support managing keys for v2
encryption policies. Such keys are kept logically separate from keys
for v1 encryption policies, and are identified by 'identifier' rather
than by 'descriptor'. The 'identifier' need not be provided when
adding a key, since the kernel will calculate it anyway.
This patch temporarily keeps adding/removing v2 policy keys behind the
same permission check done for adding/removing v1 policy keys:
capable(CAP_SYS_ADMIN). However, the next patch will carefully take
advantage of the cryptographically secure master_key_identifier to allow
non-root users to add/remove v2 policy keys, thus providing a full
replacement for v1 policies.
(*) Actually, in the API fscrypt_policy::version is 0 while on-disk
fscrypt_context::format is 1. But I believe it makes the most sense
to advance both to '2' to have them be in sync, and to consider the
numbering to start at 1 except for the API quirk.
Reviewed-by: Paul Crowley <paulcrowley@google.com>
Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Add a new fscrypt ioctl, FS_IOC_GET_ENCRYPTION_KEY_STATUS. Given a key
specified by 'struct fscrypt_key_specifier' (the same way a key is
specified for the other fscrypt key management ioctls), it returns
status information in a 'struct fscrypt_get_key_status_arg'.
The main motivation for this is that applications need to be able to
check whether an encrypted directory is "unlocked" or not, so that they
can add the key if it is not, and avoid adding the key (which may
involve prompting the user for a passphrase) if it already is.
It's possible to use some workarounds such as checking whether opening a
regular file fails with ENOKEY, or checking whether the filenames "look
like gibberish" or not. However, no workaround is usable in all cases.
Like the other key management ioctls, the keyrings syscalls may seem at
first to be a good fit for this. Unfortunately, they are not. Even if
we exposed the keyring ID of the ->s_master_keys keyring and gave
everyone Search permission on it (note: currently the keyrings
permission system would also allow everyone to "invalidate" the keyring
too), the fscrypt keys have an additional state that doesn't map cleanly
to the keyrings API: the secret can be removed, but we can be still
tracking the files that were using the key, and the removal can be
re-attempted or the secret added again.
After later patches, some applications will also need a way to determine
whether a key was added by the current user vs. by some other user.
Reserved fields are included in fscrypt_get_key_status_arg for this and
other future extensions.
Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Add a new fscrypt ioctl, FS_IOC_REMOVE_ENCRYPTION_KEY. This ioctl
removes an encryption key that was added by FS_IOC_ADD_ENCRYPTION_KEY.
It wipes the secret key itself, then "locks" the encrypted files and
directories that had been unlocked using that key -- implemented by
evicting the relevant dentries and inodes from the VFS caches.
The problem this solves is that many fscrypt users want the ability to
remove encryption keys, causing the corresponding encrypted directories
to appear "locked" (presented in ciphertext form) again. Moreover,
users want removing an encryption key to *really* remove it, in the
sense that the removed keys cannot be recovered even if kernel memory is
compromised, e.g. by the exploit of a kernel security vulnerability or
by a physical attack. This is desirable after a user logs out of the
system, for example. In many cases users even already assume this to be
the case and are surprised to hear when it's not.
It is not sufficient to simply unlink the master key from the keyring
(or to revoke or invalidate it), since the actual encryption transform
objects are still pinned in memory by their inodes. Therefore, to
really remove a key we must also evict the relevant inodes.
Currently one workaround is to run 'sync && echo 2 >
/proc/sys/vm/drop_caches'. But, that evicts all unused inodes in the
system rather than just the inodes associated with the key being
removed, causing severe performance problems. Moreover, it requires
root privileges, so regular users can't "lock" their encrypted files.
Another workaround, used in Chromium OS kernels, is to add a new
VFS-level ioctl FS_IOC_DROP_CACHE which is a more restricted version of
drop_caches that operates on a single super_block. It does:
shrink_dcache_sb(sb);
invalidate_inodes(sb, false);
But it's still a hack. Yet, the major users of filesystem encryption
want this feature badly enough that they are actually using these hacks.
To properly solve the problem, start maintaining a list of the inodes
which have been "unlocked" using each master key. Originally this
wasn't possible because the kernel didn't keep track of in-use master
keys at all. But, with the ->s_master_keys keyring it is now possible.
Then, add an ioctl FS_IOC_REMOVE_ENCRYPTION_KEY. It finds the specified
master key in ->s_master_keys, then wipes the secret key itself, which
prevents any additional inodes from being unlocked with the key. Then,
it syncs the filesystem and evicts the inodes in the key's list. The
normal inode eviction code will free and wipe the per-file keys (in
->i_crypt_info). Note that freeing ->i_crypt_info without evicting the
inodes was also considered, but would have been racy.
Some inodes may still be in use when a master key is removed, and we
can't simply revoke random file descriptors, mmap's, etc. Thus, the
ioctl simply skips in-use inodes, and returns -EBUSY to indicate that
some inodes weren't evicted. The master key *secret* is still removed,
but the fscrypt_master_key struct remains to keep track of the remaining
inodes. Userspace can then retry the ioctl to evict the remaining
inodes. Alternatively, if userspace adds the key again, the refreshed
secret will be associated with the existing list of inodes so they
remain correctly tracked for future key removals.
The ioctl doesn't wipe pagecache pages. Thus, we tolerate that after a
kernel compromise some portions of plaintext file contents may still be
recoverable from memory. This can be solved by enabling page poisoning
system-wide, which security conscious users may choose to do. But it's
very difficult to solve otherwise, e.g. note that plaintext file
contents may have been read in other places than pagecache pages.
Like FS_IOC_ADD_ENCRYPTION_KEY, FS_IOC_REMOVE_ENCRYPTION_KEY is
initially restricted to privileged users only. This is sufficient for
some use cases, but not all. A later patch will relax this restriction,
but it will require introducing key hashes, among other changes.
Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Add a new fscrypt ioctl, FS_IOC_ADD_ENCRYPTION_KEY. This ioctl adds an
encryption key to the filesystem's fscrypt keyring ->s_master_keys,
making any files encrypted with that key appear "unlocked".
Why we need this
~~~~~~~~~~~~~~~~
The main problem is that the "locked/unlocked" (ciphertext/plaintext)
status of encrypted files is global, but the fscrypt keys are not.
fscrypt only looks for keys in the keyring(s) the process accessing the
filesystem is subscribed to: the thread keyring, process keyring, and
session keyring, where the session keyring may contain the user keyring.
Therefore, userspace has to put fscrypt keys in the keyrings for
individual users or sessions. But this means that when a process with a
different keyring tries to access encrypted files, whether they appear
"unlocked" or not is nondeterministic. This is because it depends on
whether the files are currently present in the inode cache.
Fixing this by consistently providing each process its own view of the
filesystem depending on whether it has the key or not isn't feasible due
to how the VFS caches work. Furthermore, while sometimes users expect
this behavior, it is misguided for two reasons. First, it would be an
OS-level access control mechanism largely redundant with existing access
control mechanisms such as UNIX file permissions, ACLs, LSMs, etc.
Encryption is actually for protecting the data at rest.
Second, almost all users of fscrypt actually do need the keys to be
global. The largest users of fscrypt, Android and Chromium OS, achieve
this by having PID 1 create a "session keyring" that is inherited by
every process. This works, but it isn't scalable because it prevents
session keyrings from being used for any other purpose.
On general-purpose Linux distros, the 'fscrypt' userspace tool [1] can't
similarly abuse the session keyring, so to make 'sudo' work on all
systems it has to link all the user keyrings into root's user keyring
[2]. This is ugly and raises security concerns. Moreover it can't make
the keys available to system services, such as sshd trying to access the
user's '~/.ssh' directory (see [3], [4]) or NetworkManager trying to
read certificates from the user's home directory (see [5]); or to Docker
containers (see [6], [7]).
By having an API to add a key to the *filesystem* we'll be able to fix
the above bugs, remove userspace workarounds, and clearly express the
intended semantics: the locked/unlocked status of an encrypted directory
is global, and encryption is orthogonal to OS-level access control.
Why not use the add_key() syscall
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
We use an ioctl for this API rather than the existing add_key() system
call because the ioctl gives us the flexibility needed to implement
fscrypt-specific semantics that will be introduced in later patches:
- Supporting key removal with the semantics such that the secret is
removed immediately and any unused inodes using the key are evicted;
also, the eviction of any in-use inodes can be retried.
- Calculating a key-dependent cryptographic identifier and returning it
to userspace.
- Allowing keys to be added and removed by non-root users, but only keys
for v2 encryption policies; and to prevent denial-of-service attacks,
users can only remove keys they themselves have added, and a key is
only really removed after all users who added it have removed it.
Trying to shoehorn these semantics into the keyrings syscalls would be
very difficult, whereas the ioctls make things much easier.
However, to reuse code the implementation still uses the keyrings
service internally. Thus we get lockless RCU-mode key lookups without
having to re-implement it, and the keys automatically show up in
/proc/keys for debugging purposes.
References:
[1] https://github.com/google/fscrypt
[2] https://goo.gl/55cCrI#heading=h.vf09isp98isb
[3] https://github.com/google/fscrypt/issues/111#issuecomment-444347939
[4] https://github.com/google/fscrypt/issues/116
[5] https://bugs.launchpad.net/ubuntu/+source/fscrypt/+bug/1770715
[6] https://github.com/google/fscrypt/issues/128
[7] https://askubuntu.com/questions/1130306/cannot-run-docker-on-an-encrypted-filesystem
Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Update fs/crypto/ to use the new names for the UAPI constants rather
than the old names, then make the old definitions conditional on
!__KERNEL__.
Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Prefix all filesystem encryption UAPI constants except the ioctl numbers
with "FSCRYPT_" rather than with "FS_". This namespaces the constants
more appropriately and makes it clear that they are related specifically
to the filesystem encryption feature, and to the 'fscrypt_*' structures.
With some of the old names like "FS_POLICY_FLAGS_VALID", it was not
immediately clear that the constant had anything to do with encryption.
This is also useful because we'll be adding more encryption-related
constants, e.g. for the policy version, and we'd otherwise have to
choose whether to use unclear names like FS_POLICY_V1 or inconsistent
names like FS_ENCRYPTION_POLICY_V1.
For source compatibility with existing userspace programs, keep the old
names defined as aliases to the new names.
Finally, as long as new names are being defined anyway, I skipped
defining new names for the fscrypt mode numbers that aren't actually
used: INVALID (0), AES_256_GCM (2), AES_256_CBC (3), SPECK128_256_XTS
(7), and SPECK128_256_CTS (8).
Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Eric Biggers <ebiggers@google.com>
More fscrypt definitions are being added, and we shouldn't use a
disproportionate amount of space in <linux/fs.h> for fscrypt stuff.
So move the fscrypt definitions to a new header <linux/fscrypt.h>.
For source compatibility with existing userspace programs, <linux/fs.h>
still includes the new header.
Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Eric Biggers <ebiggers@google.com>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl2FslsACgkQONu9yGCS
aT4kYBAAkOZ1wVwFD4mFkUmKvLmsGlwwkY/5/kQneBDUj4VQG9/1PFSN7Cfb9DdJ
zdIcsdsfx/J+41FKJe9rxgJL6ttB1L8ob6GYdCI/8uA23TUGCQB5RSF/cwGeZUSz
RRvqm1gstRimh4c+kibgkr3yxwBIUTzBMlBz1OMTsbP9YVzheGPahml2/mJAyb6C
z6ETlLmrw0VixyyyvAF6r210K9qftjK4nMMDeFvftgU/eJUr59jBhSkEirS3jo5G
KKP0kD3wDiOzqhZ83qU0bEG9EIiayap6k9H3r1u4Qu0xjyc095Jta+3JFpOqd66u
CLfAKO0wf/jVx3/3EzWLtnxfXIpcfWi7Vj6rcTjASOsH8PrCLageHbyoA5JmKGsW
gp4HUgwdgQPtMU7rFXCVEcoLqu0uU3PUGkOQlcx9AYLoaE2LsTijcLLJqb0tZztr
IetrhXFVmeMnz2/ejqvORZw3mLNYMTD6OfNATMEgh1LkXqaCCWXdTVj2Bsp4IcD8
d63E8ftILxxanfNjRS0T5+kc+yCkQs8oNRqZGXQQ9zjVzXiu0kyKDIh93lC7V+yF
EM4pO/+kEljtc6vP+2hdpCG7buwvhSklOs2TvWJpU7umwEfHfxeetvnQajDzk5n0
XLPDc+B/ZThND8+DrlhHvkx4dMU7xtR6IDvix9XpME65pWiB7nk=
=ebAT
-----END PGP SIGNATURE-----
Merge 4.19.75 into android-4.19
Changes in 4.19.75
netfilter: nf_flow_table: set default timeout after successful insertion
HID: wacom: generic: read HID_DG_CONTACTMAX from any feature report
RDMA/restrack: Release task struct which was hold by CM_ID object
Input: elan_i2c - remove Lenovo Legion Y7000 PnpID
powerpc/mm/radix: Use the right page size for vmemmap mapping
USB: usbcore: Fix slab-out-of-bounds bug during device reset
media: tm6000: double free if usb disconnect while streaming
phy: renesas: rcar-gen3-usb2: Disable clearing VBUS in over-current
ip6_gre: fix a dst leak in ip6erspan_tunnel_xmit
udp: correct reuseport selection with connected sockets
xen-netfront: do not assume sk_buff_head list is empty in error handling
net_sched: let qdisc_put() accept NULL pointer
KVM: coalesced_mmio: add bounds checking
firmware: google: check if size is valid when decoding VPD data
serial: sprd: correct the wrong sequence of arguments
tty/serial: atmel: reschedule TX after RX was started
mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings
nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds
ieee802154: hwsim: Fix error handle path in hwsim_init_module
ieee802154: hwsim: unregister hw while hwsim_subscribe_all_others fails
ARM: dts: am57xx: Disable voltage switching for SD card
ARM: OMAP2+: Fix missing SYSC_HAS_RESET_STATUS for dra7 epwmss
bus: ti-sysc: Fix using configured sysc mask value
s390/bpf: fix lcgr instruction encoding
ARM: OMAP2+: Fix omap4 errata warning on other SoCs
ARM: dts: dra74x: Fix iodelay configuration for mmc3
ARM: OMAP1: ams-delta-fiq: Fix missing irq_ack
bus: ti-sysc: Simplify cleanup upon failures in sysc_probe()
s390/bpf: use 32-bit index for tail calls
selftests/bpf: fix "bind{4, 6} deny specific IP & port" on s390
tools: bpftool: close prog FD before exit on showing a single program
fpga: altera-ps-spi: Fix getting of optional confd gpio
netfilter: ebtables: Fix argument order to ADD_COUNTER
netfilter: nft_flow_offload: missing netlink attribute policy
netfilter: xt_nfacct: Fix alignment mismatch in xt_nfacct_match_info
NFSv4: Fix return values for nfs4_file_open()
NFSv4: Fix return value in nfs_finish_open()
NFS: Fix initialisation of I/O result struct in nfs_pgio_rpcsetup
Kconfig: Fix the reference to the IDT77105 Phy driver in the description of ATM_NICSTAR_USE_IDT77105
xdp: unpin xdp umem pages in error path
qed: Add cleanup in qed_slowpath_start()
ARM: 8874/1: mm: only adjust sections of valid mm structures
batman-adv: Only read OGM2 tvlv_len after buffer len check
bpf: allow narrow loads of some sk_reuseport_md fields with offset > 0
r8152: Set memory to all 0xFFs on failed reg reads
x86/apic: Fix arch_dynirq_lower_bound() bug for DT enabled machines
netfilter: xt_physdev: Fix spurious error message in physdev_mt_check
netfilter: nf_conntrack_ftp: Fix debug output
NFSv2: Fix eof handling
NFSv2: Fix write regression
kallsyms: Don't let kallsyms_lookup_size_offset() fail on retrieving the first symbol
cifs: set domainName when a domain-key is used in multiuser
cifs: Use kzfree() to zero out the password
usb: host: xhci-tegra: Set DMA mask correctly
ARM: 8901/1: add a criteria for pfn_valid of arm
ibmvnic: Do not process reset during or after device removal
sky2: Disable MSI on yet another ASUS boards (P6Xxxx)
i2c: designware: Synchronize IRQs when unregistering slave client
perf/x86/intel: Restrict period on Nehalem
perf/x86/amd/ibs: Fix sample bias for dispatched micro-ops
amd-xgbe: Fix error path in xgbe_mod_init()
tools/power x86_energy_perf_policy: Fix "uninitialized variable" warnings at -O2
tools/power x86_energy_perf_policy: Fix argument parsing
tools/power turbostat: fix buffer overrun
net: aquantia: fix out of memory condition on rx side
net: seeq: Fix the function used to release some memory in an error handling path
dmaengine: ti: dma-crossbar: Fix a memory leak bug
dmaengine: ti: omap-dma: Add cleanup in omap_dma_probe()
x86/uaccess: Don't leak the AC flags into __get_user() argument evaluation
x86/hyper-v: Fix overflow bug in fill_gva_list()
keys: Fix missing null pointer check in request_key_auth_describe()
iommu/amd: Flush old domains in kdump kernel
iommu/amd: Fix race in increase_address_space()
PCI: kirin: Fix section mismatch warning
ovl: fix regression caused by overlapping layers detection
floppy: fix usercopy direction
binfmt_elf: move brk out of mmap when doing direct loader exec
arm64: kpti: Whitelist Cortex-A CPUs that don't implement the CSV3 field
media: technisat-usb2: break out of loop at end of buffer
Linux 4.19.75
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I1dd841f112ee81497cd085b102979f45ee5e6b9d
[ Upstream commit 89a26cd4b5 ]
When running a 64-bit kernel with a 32-bit iptables binary, the size of
the xt_nfacct_match_info struct diverges.
kernel: sizeof(struct xt_nfacct_match_info) : 40
iptables: sizeof(struct xt_nfacct_match_info)) : 36
Trying to append nfacct related rules results in an unhelpful message.
Although it is suggested to look for more information in dmesg, nothing
can be found there.
# iptables -A <chain> -m nfacct --nfacct-name <acct-object>
iptables: Invalid argument. Run `dmesg' for more information.
This patch fixes the memory misalignment by enforcing 8-byte alignment
within the struct's first revision. This solution is often used in many
other uapi netfilter headers.
Signed-off-by: Juliana Rodrigueiro <juliana.rodrigueiro@intra2net.com>
Acked-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl2DKbUACgkQONu9yGCS
aT6YGg//abjWbd60zh1bErEl/ZlGfqjcKwM6GZ2k+Knhk14JzogJHGtBbuhIcaQB
c2KH44r1QiNg9nJ2Gtq+mQnH5/GnY1aGlMHrfqb2uO7sKxoOVUZsxKiNjevtrOwI
6LsiiKE6bBRAP3f8pCiFj84ubWiWzDnb+FA3p2sfh11F9wrxAcNPsvl8jsnwHisr
sAJn9KgXQRezJdwRk+JgSYdSR6WSnaf4m4rrDGe9a2qxsvH9ttCtiOmf63m184cb
iMoYs1ceBfUefyJjum077KVBb/ryRDr4VMMPhKDGqgcctXAlPVAUwcUY5HG3YWQg
HQaHK9AyoAiEDh+iyAMHCYZaNr/lUPNUFbsYU7nf4o058EX1fpLtFmn0T1Dh9hOn
N0TN1stNDQ8KAZ5iugYBMDKKmHznIo1umxiv68dMIsUSANdBSGENio+4Tkpvmfod
zagE5aOoYtsh9Qxytz9IExkGYhinfrLT5fpTLrALQwneCquZqynqBFbwYj/VOYC2
9MKGSeAKyRQqM02Bf4TrMptzO5jNsR+aWG7yyIR/L0fqis4h1fyCUTCdHd1fD1+0
hEvR+2lkKiRT+B6ArhVOWf61N0RZ4TdkCzST6WoVosonCPFImJmmSkoYQ0KmnqKP
DhnIp68n4zx8uutDoFuQ5HLJeiubmHOikjnO6F+pYPyzT0PW/wQ=
=VrIK
-----END PGP SIGNATURE-----
Merge 4.19.74 into android-4.19
Changes in 4.19.74
bridge/mdb: remove wrong use of NLM_F_MULTI
cdc_ether: fix rndis support for Mediatek based smartphones
ipv6: Fix the link time qualifier of 'ping_v6_proc_exit_net()'
isdn/capi: check message length in capi_write()
ixgbe: Fix secpath usage for IPsec TX offload.
net: Fix null de-reference of device refcount
net: gso: Fix skb_segment splat when splitting gso_size mangled skb having linear-headed frag_list
net: phylink: Fix flow control resolution
net: sched: fix reordering issues
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
sctp: Fix the link time qualifier of 'sctp_ctrlsock_exit()'
sctp: use transport pf_retrans in sctp_do_8_2_transport_strike
tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR
tipc: add NULL pointer check before calling kfree_rcu
tun: fix use-after-free when register netdev failed
gpiolib: acpi: Add gpiolib_acpi_run_edge_events_on_boot option and blacklist
gpio: fix line flag validation in linehandle_create
Btrfs: fix assertion failure during fsync and use of stale transaction
ixgbe: Prevent u8 wrapping of ITR value to something less than 10us
genirq: Prevent NULL pointer dereference in resend_irqs()
KVM: s390: kvm_s390_vm_start_migration: check dirty_bitmap before using it as target for memset()
KVM: s390: Do not leak kernel stack data in the KVM_S390_INTERRUPT ioctl
KVM: x86: work around leak of uninitialized stack contents
KVM: nVMX: handle page fault in vmread
x86/purgatory: Change compiler flags from -mcmodel=kernel to -mcmodel=large to fix kexec relocation errors
powerpc: Add barrier_nospec to raw_copy_in_user()
drm/meson: Add support for XBGR8888 & ABGR8888 formats
clk: rockchip: Don't yell about bad mmc phases when getting
mtd: rawnand: mtk: Fix wrongly assigned OOB buffer pointer issue
PCI: Always allow probing with driver_override
gpio: fix line flag validation in lineevent_create
ubifs: Correctly use tnc_next() in search_dh_cookie()
driver core: Fix use-after-free and double free on glue directory
crypto: talitos - check AES key size
crypto: talitos - fix CTR alg blocksize
crypto: talitos - check data blocksize in ablkcipher.
crypto: talitos - fix ECB algs ivsize
crypto: talitos - Do not modify req->cryptlen on decryption.
crypto: talitos - HMAC SNOOP NO AFEU mode requires SW icv checking.
firmware: ti_sci: Always request response from firmware
drm: panel-orientation-quirks: Add extra quirk table entry for GPD MicroPC
drm/mediatek: mtk_drm_drv.c: Add of_node_put() before goto
Revert "Bluetooth: btusb: driver to enable the usb-wakeup feature"
iio: adc: stm32-dfsdm: fix data type
modules: fix BUG when load module with rodata=n
modules: fix compile error if don't have strict module rwx
platform/x86: pmc_atom: Add CB4063 Beckhoff Automation board to critclk_systems DMI table
rsi: fix a double free bug in rsi_91x_deinit()
nvmem: Use the same permissions for eeprom as for nvmem
x86/build: Add -Wnoaddress-of-packed-member to REALMODE_CFLAGS, to silence GCC9 build warning
Linux 4.19.74
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I6dc03ee31e33b10ad8f7e2a68af42fe102a7743d
[ Upstream commit fe163e534e ]
syzbot reported:
BUG: KMSAN: uninit-value in capi_write+0x791/0xa90 drivers/isdn/capi/capi.c:700
CPU: 0 PID: 10025 Comm: syz-executor379 Not tainted 4.20.0-rc7+ #2
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x173/0x1d0 lib/dump_stack.c:113
kmsan_report+0x12e/0x2a0 mm/kmsan/kmsan.c:613
__msan_warning+0x82/0xf0 mm/kmsan/kmsan_instr.c:313
capi_write+0x791/0xa90 drivers/isdn/capi/capi.c:700
do_loop_readv_writev fs/read_write.c:703 [inline]
do_iter_write+0x83e/0xd80 fs/read_write.c:961
vfs_writev fs/read_write.c:1004 [inline]
do_writev+0x397/0x840 fs/read_write.c:1039
__do_sys_writev fs/read_write.c:1112 [inline]
__se_sys_writev+0x9b/0xb0 fs/read_write.c:1109
__x64_sys_writev+0x4a/0x70 fs/read_write.c:1109
do_syscall_64+0xbc/0xf0 arch/x86/entry/common.c:291
entry_SYSCALL_64_after_hwframe+0x63/0xe7
[...]
The problem is that capi_write() is reading past the end of the message.
Fix it by checking the message's length in the needed places.
Reported-and-tested-by: syzbot+0849c524d9c634f5ae66@syzkaller.appspotmail.com
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl1/KiEACgkQONu9yGCS
aT49JBAAy7b3wv1WXAtg9wsyS1JL4HbMXt3YjtokIX+UpkznoqII4B85QftPBbiD
9zDuTWPjhrqKv1GsMkFRCqBVp5wGVik1MIbjVuKdstFN5W8KQybpbYnSW4T52+wS
cs6oOPkLydAfWzKeq+ekEeU8yr5dua+Ui3huundZ49wseJWQP3fh9T+ToUx8V/cr
tsLiRRgI0djj7KQWVuM1j8YGKT/6qk/UL0HMVZyoIdLmsxpLap+LWe0+CRXn8rvs
eJJlVQTVtYf/ySoHkpnwR12VsjRYjx6pNkm/GrebMCkM7wF/4RMqxk7j9EU0PENH
VUdRrUd+j/YPp6QzjSFMK0+0eb7Gm3X0FEN0IGZshu1r/CDnoj/7hqnBmOlYIbhv
pdteYaLqWq7JjAHu7vF+S4aNQRGpAZb05LsbTJ39Eu3FbdVTLXsAuUveZ7Y4/y0X
ri2M3d/sF/cjc3C+V7Y7h422SM36jSAK6496VAoRyqqjX/3JyROhgfU9NAMzVr83
4uI904z9lH4TZGOd5YQgX2VuOtBcGwa7+g6fy97u1tp8UxSWFZRGDDLRysF/dIJO
Wi51UK0Q7EWnqBTe0TFF6TjE5tC7R3ZgzqEQ1MU4eLI5mqokg82DAK4Ub2Wk5Qch
CGs5/d16OOrLtG2RoaOGz9UdQR7IHUXLSqkKbaEdstc16MXNXns=
=cmGh
-----END PGP SIGNATURE-----
Merge 4.19.73 into android-4.19
Changes in 4.19.73
ALSA: hda - Fix potential endless loop at applying quirks
ALSA: hda/realtek - Fix overridden device-specific initialization
ALSA: hda/realtek - Add quirk for HP Pavilion 15
ALSA: hda/realtek - Enable internal speaker & headset mic of ASUS UX431FL
ALSA: hda/realtek - Fix the problem of two front mics on a ThinkCentre
sched/fair: Don't assign runtime for throttled cfs_rq
drm/vmwgfx: Fix double free in vmw_recv_msg()
vhost/test: fix build for vhost test
vhost/test: fix build for vhost test - again
powerpc/tm: Fix FP/VMX unavailable exceptions inside a transaction
batman-adv: fix uninit-value in batadv_netlink_get_ifindex()
batman-adv: Only read OGM tvlv_len after buffer len check
hv_sock: Fix hang when a connection is closed
Blk-iolatency: warn on negative inflight IO counter
blk-iolatency: fix STS_AGAIN handling
{nl,mac}80211: fix interface combinations on crypto controlled devices
timekeeping: Use proper ktime_add when adding nsecs in coarse offset
selftests: fib_rule_tests: use pre-defined DEV_ADDR
x86/ftrace: Fix warning and considate ftrace_jmp_replace() and ftrace_call_replace()
powerpc/64: mark start_here_multiplatform as __ref
media: stm32-dcmi: fix irq = 0 case
arm64: dts: rockchip: enable usb-host regulators at boot on rk3328-rock64
scripts/decode_stacktrace: match basepath using shell prefix operator, not regex
riscv: remove unused variable in ftrace
nvme-fc: use separate work queue to avoid warning
clk: s2mps11: Add used attribute to s2mps11_dt_match
remoteproc: qcom: q6v5: shore up resource probe handling
modules: always page-align module section allocations
kernel/module: Fix mem leak in module_add_modinfo_attrs
drm/i915: Re-apply "Perform link quality check, unconditionally during long pulse"
media: cec/v4l2: move V4L2 specific CEC functions to V4L2
media: cec: remove cec-edid.c
scsi: qla2xxx: Move log messages before issuing command to firmware
keys: Fix the use of the C++ keyword "private" in uapi/linux/keyctl.h
Drivers: hv: kvp: Fix two "this statement may fall through" warnings
x86, hibernate: Fix nosave_regions setup for hibernation
remoteproc: qcom: q6v5-mss: add SCM probe dependency
drm/amdgpu/gfx9: Update gfx9 golden settings.
drm/amdgpu: Update gc_9_0 golden settings.
KVM: x86: hyperv: enforce vp_index < KVM_MAX_VCPUS
KVM: x86: hyperv: consistently use 'hv_vcpu' for 'struct kvm_vcpu_hv' variables
KVM: x86: hyperv: keep track of mismatched VP indexes
KVM: hyperv: define VP assist page helpers
x86/kvm/lapic: preserve gfn_to_hva_cache len on cache reinit
drm/i915: Fix intel_dp_mst_best_encoder()
drm/i915: Rename PLANE_CTL_DECOMPRESSION_ENABLE
drm/i915/gen9+: Fix initial readout for Y tiled framebuffers
drm/atomic_helper: Disallow new modesets on unregistered connectors
Drivers: hv: kvp: Fix the indentation of some "break" statements
Drivers: hv: kvp: Fix the recent regression caused by incorrect clean-up
powerplay: Respect units on max dcfclk watermark
drm/amd/pp: Fix truncated clock value when set watermark
drm/amd/dm: Understand why attaching path/tile properties are needed
ARM: davinci: da8xx: define gpio interrupts as separate resources
ARM: davinci: dm365: define gpio interrupts as separate resources
ARM: davinci: dm646x: define gpio interrupts as separate resources
ARM: davinci: dm355: define gpio interrupts as separate resources
ARM: davinci: dm644x: define gpio interrupts as separate resources
s390/zcrypt: reinit ap queue state machine during device probe
media: vim2m: use workqueue
media: vim2m: use cancel_delayed_work_sync instead of flush_schedule_work
drm/i915: Restore sane defaults for KMS on GEM error load
drm/i915: Cleanup gt powerstate from gem
KVM: PPC: Book3S HV: Fix race between kvm_unmap_hva_range and MMU mode switch
Btrfs: clean up scrub is_dev_replace parameter
Btrfs: fix deadlock with memory reclaim during scrub
btrfs: Remove extent_io_ops::fill_delalloc
btrfs: Fix error handling in btrfs_cleanup_ordered_extents
scsi: megaraid_sas: Fix combined reply queue mode detection
scsi: megaraid_sas: Add check for reset adapter bit
scsi: megaraid_sas: Use 63-bit DMA addressing
powerpc/pkeys: Fix handling of pkey state across fork()
btrfs: volumes: Make sure no dev extent is beyond device boundary
btrfs: Use real device structure to verify dev extent
media: vim2m: only cancel work if it is for right context
ARC: show_regs: lockdep: re-enable preemption
ARC: mm: do_page_fault fixes#1: relinquish mmap_sem if signal arrives while handle_mm_fault
IB/uverbs: Fix OOPs upon device disassociation
crypto: ccree - fix resume race condition on init
crypto: ccree - add missing inline qualifier
drm/vblank: Allow dynamic per-crtc max_vblank_count
drm/i915/ilk: Fix warning when reading emon_status with no output
mfd: Kconfig: Fix I2C_DESIGNWARE_PLATFORM dependencies
tpm: Fix some name collisions with drivers/char/tpm.h
bcache: replace hard coded number with BUCKET_GC_GEN_MAX
bcache: treat stale && dirty keys as bad keys
KVM: VMX: Compare only a single byte for VMCS' "launched" in vCPU-run
iio: adc: exynos-adc: Add S5PV210 variant
dt-bindings: iio: adc: exynos-adc: Add S5PV210 variant
iio: adc: exynos-adc: Use proper number of channels for Exynos4x12
mt76: fix corrupted software generated tx CCMP PN
drm/nouveau: Don't WARN_ON VCPI allocation failures
iwlwifi: fix devices with PCI Device ID 0x34F0 and 11ac RF modules
iwlwifi: add new card for 9260 series
x86/kvmclock: set offset for kvm unstable clock
spi: spi-gpio: fix SPI_CS_HIGH capability
powerpc/kvm: Save and restore host AMR/IAMR/UAMOR
mmc: renesas_sdhi: Fix card initialization failure in high speed mode
btrfs: scrub: pass fs_info to scrub_setup_ctx
btrfs: scrub: move scrub_setup_ctx allocation out of device_list_mutex
btrfs: scrub: fix circular locking dependency warning
btrfs: init csum_list before possible free
PCI: qcom: Fix error handling in runtime PM support
PCI: qcom: Don't deassert reset GPIO during probe
drm: add __user attribute to ptr_to_compat()
CIFS: Fix error paths in writeback code
CIFS: Fix leaking locked VFS cache pages in writeback retry
drm/i915: Handle vm_mmap error during I915_GEM_MMAP ioctl with WC set
drm/i915: Sanity check mmap length against object size
usb: typec: tcpm: Try PD-2.0 if sink does not respond to 3.0 source-caps
arm64: dts: stratix10: add the sysmgr-syscon property from the gmac's
IB/mlx5: Reset access mask when looping inside page fault handler
kvm: mmu: Fix overflow on kvm mmu page limit calculation
x86/kvm: move kvm_load/put_guest_xcr0 into atomic context
KVM: x86: Always use 32-bit SMRAM save state for 32-bit kernels
cifs: Fix lease buffer length error
media: i2c: tda1997x: select V4L2_FWNODE
ext4: protect journal inode's blocks using block_validity
ARM: dts: qcom: ipq4019: fix PCI range
ARM: dts: qcom: ipq4019: Fix MSI IRQ type
ARM: dts: qcom: ipq4019: enlarge PCIe BAR range
dt-bindings: mmc: Add supports-cqe property
dt-bindings: mmc: Add disable-cqe-dcmd property.
PCI: Add macro for Switchtec quirk declarations
PCI: Reset Lenovo ThinkPad P50 nvgpu at boot if necessary
dm mpath: fix missing call of path selector type->end_io
blk-mq: free hw queue's resource in hctx's release handler
mmc: sdhci-pci: Add support for Intel CML
PCI: dwc: Use devm_pci_alloc_host_bridge() to simplify code
cifs: smbd: take an array of reqeusts when sending upper layer data
dm crypt: move detailed message into debug level
signal/arc: Use force_sig_fault where appropriate
ARC: mm: fix uninitialised signal code in do_page_fault
ARC: mm: SIGSEGV userspace trying to access kernel virtual memory
drm/amdkfd: Add missing Polaris10 ID
kvm: Check irqchip mode before assign irqfd
drm/amdgpu: fix ring test failure issue during s3 in vce 3.0 (V2)
drm/amdgpu/{uvd,vcn}: fetch ring's read_ptr after alloc
Btrfs: fix race between block group removal and block group allocation
cifs: add spinlock for the openFileList to cifsInodeInfo
clk: tegra: Fix maximum audio sync clock for Tegra124/210
clk: tegra210: Fix default rates for HDA clocks
IB/hfi1: Avoid hardlockup with flushlist_lock
apparmor: reset pos on failure to unpack for various functions
scsi: target/core: Use the SECTOR_SHIFT constant
scsi: target/iblock: Fix overrun in WRITE SAME emulation
staging: wilc1000: fix error path cleanup in wilc_wlan_initialize()
scsi: zfcp: fix request object use-after-free in send path causing wrong traces
cifs: Properly handle auto disabling of serverino option
ALSA: hda - Don't resume forcibly i915 HDMI/DP codec
ceph: use ceph_evict_inode to cleanup inode's resource
KVM: x86: optimize check for valid PAT value
KVM: VMX: Always signal #GP on WRMSR to MSR_IA32_CR_PAT with bad value
KVM: VMX: Fix handling of #MC that occurs during VM-Entry
KVM: VMX: check CPUID before allowing read/write of IA32_XSS
KVM: PPC: Use ccr field in pt_regs struct embedded in vcpu struct
KVM: PPC: Book3S HV: Fix CR0 setting in TM emulation
ARM: dts: gemini: Set DIR-685 SPI CS as active low
RDMA/srp: Document srp_parse_in() arguments
RDMA/srp: Accept again source addresses that do not have a port number
btrfs: correctly validate compression type
resource: Include resource end in walk_*() interfaces
resource: Fix find_next_iomem_res() iteration issue
resource: fix locking in find_next_iomem_res()
pstore: Fix double-free in pstore_mkfile() failure path
dm thin metadata: check if in fail_io mode when setting needs_check
drm/panel: Add support for Armadeus ST0700 Adapt
ALSA: hda - Fix intermittent CORB/RIRB stall on Intel chips
powerpc/mm: Limit rma_size to 1TB when running without HV mode
iommu/iova: Remove stale cached32_node
gpio: don't WARN() on NULL descs if gpiolib is disabled
i2c: at91: disable TXRDY interrupt after sending data
i2c: at91: fix clk_offset for sama5d2
mm/migrate.c: initialize pud_entry in migrate_vma()
iio: adc: gyroadc: fix uninitialized return code
NFSv4: Fix delegation state recovery
bcache: only clear BTREE_NODE_dirty bit when it is set
bcache: add comments for mutex_lock(&b->write_lock)
bcache: fix race in btree_flush_write()
drm/i915: Make sure cdclk is high enough for DP audio on VLV/CHV
virtio/s390: fix race on airq_areas[]
drm/atomic_helper: Allow DPMS On<->Off changes for unregistered connectors
ext4: don't perform block validity checks on the journal inode
ext4: fix block validity checks for journal inodes using indirect blocks
ext4: unsigned int compared against zero
PCI: Reset both NVIDIA GPU and HDA in ThinkPad P50 workaround
powerpc/tm: Remove msr_tm_active()
powerpc/tm: Fix restoring FP/VMX facility incorrectly on interrupts
vhost: make sure log_num < in_num
Linux 4.19.73
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I7bc57825aeb36759bb8e8726888da9af06392c09
[ Upstream commit 2ecefa0a15 ]
The keyctl_dh_params struct in uapi/linux/keyctl.h contains the symbol
"private" which means that the header file will cause compilation failure
if #included in to a C++ program. Further, the patch that added the same
struct to the keyutils package named the symbol "priv", not "private".
The previous attempt to fix this (commit 8a2336e549) did so by simply
renaming the kernel's copy of the field to dh_private, but this then breaks
existing userspace and as such has been reverted (commit 8c0f9f5b30).
[And note, to those who think that wrapping the struct in extern "C" {}
will work: it won't; that only changes how symbol names are presented to
the assembler and linker.].
Instead, insert an anonymous union around the "private" member and add a
second member in there with the name "priv" to match the one in the
keyutils package. The "private" member is then wrapped in !__cplusplus
cpp-conditionals to hide it from C++.
Fixes: ddbb411487 ("KEYS: Add KEYCTL_DH_COMPUTE command")
Fixes: 8a2336e549 ("uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name")
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Randy Dunlap <rdunlap@infradead.org>
cc: Lubomir Rintel <lkundrak@v3.sk>
cc: James Morris <jmorris@namei.org>
cc: Mat Martineau <mathew.j.martineau@linux.intel.com>
cc: Stephan Mueller <smueller@chronox.de>
cc: Andrew Morton <akpm@linux-foundation.org>
cc: Linus Torvalds <torvalds@linux-foundation.org>
cc: stable@vger.kernel.org
Signed-off-by: James Morris <james.morris@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
This patch adds complimentary DMA_BUF_SET_NAME ioctls, which lets
userspace processes attach a free-form name to each buffer.
This information can be extremely helpful for tracking and accounting
shared buffers. For example, on Android, we know what each buffer will
be used for at allocation time: GL, multimedia, camera, etc. The
userspace allocator can use DMA_BUF_SET_NAME to associate that
information with the buffer, so we can later give developers a
breakdown of how much memory they're allocating for graphics, camera,
etc.
Signed-off-by: Greg Hackmann <ghackmann@google.com>
Signed-off-by: Chenbo Feng <fengc@google.com>
Signed-off-by: Sumit Semwal <sumit.semwal@linaro.org>
Link: https://patchwork.freedesktop.org/patch/msgid/20190613223408.139221-3-fengc@google.com
(cherry picked from commit bb2bb90304)
Bug: 135613055
Test: run dmabufinfo_test.cpp and check the name is showed up in
/proc/pid/fd
Change-Id: Ib7f227b5e730c7ecfade14ad596ba3889eab1b0b
By traversing /proc/*/fd and /proc/*/map_files, processes with CAP_ADMIN
can get a lot of fine-grained data about how shmem buffers are shared
among processes. stat(2) on each entry gives the caller a unique
ID (st_ino), the buffer's size (st_size), and even the number of pages
currently charged to the buffer (st_blocks / 512).
In contrast, all dma-bufs share the same anonymous inode. So while we
can count how many dma-buf fds or mappings a process has, we can't get
the size of the backing buffers or tell if two entries point to the same
dma-buf. On systems with debugfs, we can get a per-buffer breakdown of
size and reference count, but can't tell which processes are actually
holding the references to each buffer.
Replace the singleton inode with full-fledged inodes allocated by
alloc_anon_inode(). This involves creating and mounting a
mini-pseudo-filesystem for dma-buf, following the example in fs/aio.c.
Signed-off-by: Greg Hackmann <ghackmann@google.com>
Signed-off-by: Chenbo Feng <fengc@google.com>
Signed-off-by: Sumit Semwal <sumit.semwal@linaro.org>
Link: https://patchwork.freedesktop.org/patch/msgid/20190613223408.139221-2-fengc@google.com
(cherry picked from commit ed63bb1d1f)
Bug: 135613055
Test: compile, read proc/pid/map_files to check inode
Change-Id: I7c71a71bba3d4266c77492b81e8b14dcf5b24a06
The feature allows the guest request an EDID blob (describing monitor
capabilities) for a given scanout (aka virtual monitor connector).
It brings a new command message, which has just a scanout field (beside
the standard virtio-gpu header) and a response message which carries the
EDID data.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Dave Airlie <airlied@redhat.com>
Link: http://patchwork.freedesktop.org/patch/msgid/20181030063206.19528-2-kraxel@redhat.com
(cherry picked from commit 610c0c2b28)
Signed-off-by: Greg Hartman <ghartman@google.com>
BUG: 139386237
Change-Id: I1d4c11844307845b5829f1220b35938823ac7924
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl1WZYYACgkQONu9yGCS
aT5VjRAApdD6wuKcKhZ8j010Ni18w6W+3qs6IuIXv94eav0zFSRaO9Zp93lZq2p0
h+k+ssZ+P8a4EuDquzDydlagno9hojHFAYr+9loPZlZUw578Jzg9JbJK9Z1MyQCo
BCRElzZG67E+WjLP0wGHnS0oVhIoHlJaVWP3pEYkTJILY65ErLT/fYGs64YUAEKr
Ct1pKoIHPEC0606IKx12kmV645ME4z6pI7g4kLDhk2BozglbxGlwdHgVuIe/NzDP
PraR1gqMoOD2skjK673ozsZ65yuiVeqSTsbs49Xao1lAS6etUMbC/ACU/yrhL48H
mMM/EFTSKb5TjJSxQAXU1ANQrm4X6n1yPkNW/MdthnPAotDY3Nda4NNVE9X2toM7
XW0HfFdcVD7aJtpC/h6ckndGTaOGkHSPjhJtSlBEjF76BA+KhZ9hhcjNWng92bWL
d5Nws4b82wvgM6T99mkZfbMc2MOopPMf+I94W0JcMa49+rXhyhJdrC72GpxKLdSq
+XtZJupFWg0RrPlZfmc4Az8f/uY0UfR9gNSaHJokaZAkMzH2x4MzMnPxwRiXAw4W
qz1s+sgZlqUQcWvODzaNvG1l7QtjD5rbdJ+FAjN2+16F8rep52Yl/IQffYr04DDD
wikYmcUoMh8hCoj6Atj2LAAU9ulhl6ja8s0YpmHz/HQETufHAZc=
=gOG+
-----END PGP SIGNATURE-----
Merge 4.19.67 into android-4.19
Changes in 4.19.67
iio: cros_ec_accel_legacy: Fix incorrect channel setting
iio: adc: max9611: Fix misuse of GENMASK macro
staging: gasket: apex: fix copy-paste typo
staging: android: ion: Bail out upon SIGKILL when allocating memory.
crypto: ccp - Fix oops by properly managing allocated structures
crypto: ccp - Add support for valid authsize values less than 16
crypto: ccp - Ignore tag length when decrypting GCM ciphertext
usb: usbfs: fix double-free of usb memory upon submiturb error
usb: iowarrior: fix deadlock on disconnect
sound: fix a memory leak bug
mmc: cavium: Set the correct dma max segment size for mmc_host
mmc: cavium: Add the missing dma unmap when the dma has finished.
loop: set PF_MEMALLOC_NOIO for the worker thread
Input: usbtouchscreen - initialize PM mutex before using it
Input: elantech - enable SMBus on new (2018+) systems
Input: synaptics - enable RMI mode for HP Spectre X360
x86/mm: Check for pfn instead of page in vmalloc_sync_one()
x86/mm: Sync also unmappings in vmalloc_sync_all()
mm/vmalloc: Sync unmappings in __purge_vmap_area_lazy()
perf annotate: Fix s390 gap between kernel end and module start
perf db-export: Fix thread__exec_comm()
perf record: Fix module size on s390
x86/purgatory: Use CFLAGS_REMOVE rather than reset KBUILD_CFLAGS
gfs2: gfs2_walk_metadata fix
usb: host: xhci-rcar: Fix timeout in xhci_suspend()
usb: yurex: Fix use-after-free in yurex_delete
usb: typec: tcpm: free log buf memory when remove debug file
usb: typec: tcpm: remove tcpm dir if no children
usb: typec: tcpm: Add NULL check before dereferencing config
usb: typec: tcpm: Ignore unsupported/unknown alternate mode requests
can: rcar_canfd: fix possible IRQ storm on high load
can: peak_usb: fix potential double kfree_skb()
netfilter: nfnetlink: avoid deadlock due to synchronous request_module
vfio-ccw: Set pa_nr to 0 if memory allocation fails for pa_iova_pfn
netfilter: Fix rpfilter dropping vrf packets by mistake
netfilter: conntrack: always store window size un-scaled
netfilter: nft_hash: fix symhash with modulus one
scripts/sphinx-pre-install: fix script for RHEL/CentOS
drm/amd/display: Wait for backlight programming completion in set backlight level
drm/amd/display: use encoder's engine id to find matched free audio device
drm/amd/display: Fix dc_create failure handling and 666 color depths
drm/amd/display: Only enable audio if speaker allocation exists
drm/amd/display: Increase size of audios array
iscsi_ibft: make ISCSI_IBFT dependson ACPI instead of ISCSI_IBFT_FIND
nl80211: fix NL80211_HE_MAX_CAPABILITY_LEN
mac80211: don't warn about CW params when not using them
allocate_flower_entry: should check for null deref
hwmon: (nct6775) Fix register address and added missed tolerance for nct6106
drm: silence variable 'conn' set but not used
cpufreq/pasemi: fix use-after-free in pas_cpufreq_cpu_init()
s390/qdio: add sanity checks to the fast-requeue path
ALSA: compress: Fix regression on compressed capture streams
ALSA: compress: Prevent bypasses of set_params
ALSA: compress: Don't allow paritial drain operations on capture streams
ALSA: compress: Be more restrictive about when a drain is allowed
perf tools: Fix proper buffer size for feature processing
perf probe: Avoid calling freeing routine multiple times for same pointer
drbd: dynamically allocate shash descriptor
ACPI/IORT: Fix off-by-one check in iort_dev_find_its_id()
nvme: fix multipath crash when ANA is deactivated
ARM: davinci: fix sleep.S build error on ARMv4
ARM: dts: bcm: bcm47094: add missing #cells for mdio-bus-mux
scsi: megaraid_sas: fix panic on loading firmware crashdump
scsi: ibmvfc: fix WARN_ON during event pool release
scsi: scsi_dh_alua: always use a 2 second delay before retrying RTPG
test_firmware: fix a memory leak bug
tty/ldsem, locking/rwsem: Add missing ACQUIRE to read_failed sleep loop
perf/core: Fix creating kernel counters for PMUs that override event->cpu
s390/dma: provide proper ARCH_ZONE_DMA_BITS value
HID: sony: Fix race condition between rumble and device remove.
x86/purgatory: Do not use __builtin_memcpy and __builtin_memset
ALSA: usb-audio: fix a memory leak bug
can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices
can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices
hwmon: (nct7802) Fix wrong detection of in4 presence
drm/i915: Fix wrong escape clock divisor init for GLK
ALSA: firewire: fix a memory leak bug
ALSA: hiface: fix multiple memory leak bugs
ALSA: hda - Don't override global PCM hw info flag
ALSA: hda - Workaround for crackled sound on AMD controller (1022:1457)
mac80211: don't WARN on short WMM parameters from AP
dax: dax_layout_busy_page() should not unmap cow pages
SMB3: Fix deadlock in validate negotiate hits reconnect
smb3: send CAP_DFS capability during session setup
NFSv4: Fix an Oops in nfs4_do_setattr
KVM: Fix leak vCPU's VMCS value into other pCPU
mwifiex: fix 802.11n/WPA detection
iwlwifi: don't unmap as page memory that was mapped as single
iwlwifi: mvm: fix an out-of-bound access
iwlwifi: mvm: don't send GEO_TX_POWER_LIMIT on version < 41
iwlwifi: mvm: fix version check for GEO_TX_POWER_LIMIT support
Linux 4.19.67
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I5ea813ed5ba6d1eeda51eb4031395ee3e8ba54c3
[ Upstream commit 5edaac063b ]
NL80211_HE_MAX_CAPABILITY_LEN has changed between D2.0 and D4.0. It is now
MAC (6) + PHY (11) + MCS (12) + PPE (25) = 54.
Signed-off-by: John Crispin <john@phrozen.org>
Link: https://lore.kernel.org/r/20190627095832.19445-1-john@phrozen.org
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
This patchset makes it possible to retrieve pid file descriptors at
process creation time by introducing the new flag CLONE_PIDFD to the
clone() system call. Linus originally suggested to implement this as a
new flag to clone() instead of making it a separate system call. As
spotted by Linus, there is exactly one bit for clone() left.
CLONE_PIDFD creates file descriptors based on the anonymous inode
implementation in the kernel that will also be used to implement the new
mount api. They serve as a simple opaque handle on pids. Logically,
this makes it possible to interpret a pidfd differently, narrowing or
widening the scope of various operations (e.g. signal sending). Thus, a
pidfd cannot just refer to a tgid, but also a tid, or in theory - given
appropriate flag arguments in relevant syscalls - a process group or
session. A pidfd does not represent a privilege. This does not imply it
cannot ever be that way but for now this is not the case.
A pidfd comes with additional information in fdinfo if the kernel supports
procfs. The fdinfo file contains the pid of the process in the callers
pid namespace in the same format as the procfs status file, i.e. "Pid:\t%d".
As suggested by Oleg, with CLONE_PIDFD the pidfd is returned in the
parent_tidptr argument of clone. This has the advantage that we can
give back the associated pid and the pidfd at the same time.
To remove worries about missing metadata access this patchset comes with
a sample program that illustrates how a combination of CLONE_PIDFD, and
pidfd_send_signal() can be used to gain race-free access to process
metadata through /proc/<pid>. The sample program can easily be
translated into a helper that would be suitable for inclusion in libc so
that users don't have to worry about writing it themselves.
Suggested-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Christian Brauner <christian@brauner.io>
Co-developed-by: Jann Horn <jannh@google.com>
Signed-off-by: Jann Horn <jannh@google.com>
Reviewed-by: Oleg Nesterov <oleg@redhat.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: David Howells <dhowells@redhat.com>
Cc: "Michael Kerrisk (man-pages)" <mtk.manpages@gmail.com>
Cc: Andy Lutomirsky <luto@kernel.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Aleksa Sarai <cyphar@cyphar.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Al Viro <viro@zeniv.linux.org.uk>
(cherry picked from commit b3e5838252)
Bug: 135608568
Test: test program using syscall(__NR_sys_pidfd_open,..) and poll()
Change-Id: I8a8f87e8fb23de0adb6d6acf2e622926b7a9f55c
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl1Js7MACgkQONu9yGCS
aT4PQxAAo7xa4kYvDxc1RjUY/yIlp6lQ3rpYAAfZB0t8vN+dqivnJZ7m6JHeWX1Y
CMcxg85zxLVFeuiXdP821Zj68AB5zqlWMhX0bXm2lhw/Eo9+XHzXtnrLZHhz0/Xd
M5cmfIPmoyPCUQQfzSfUMvch+ZpwzEt5op5pUfSjckSpjHQZ0HFj1WJ4D8Hn9jAJ
y4+DAKDZgtqhb3GvpS6MoVnBJgcPk9+mBiDkSb12L392+FvHqfeBi3tDRhvyiZAO
iJrk747SPds7NlNmuRnj7YyUSDhBzaceRCz0Jsv9FT5EKXoPErXdsL3Bkfa9TREM
pH0OaMgNr6WSXLO9qIMcfxMeaKVIvIbotqBTkBTzhEAGPkHA75dhi0lpixXXFExg
MaqhLfmHO0dOEr9FrvYGe7f2wUA1Rdw/qRTM3KPEKmHxMqBS7eufIWMHwie1n9Oe
cYoP6UkxUIvhUyFV2BlMRFdMfaDbtR0iqy8Dqh36NISD6PAYaUGSoVeSO1fEg4Jy
5GgrKPg6rcz2XNY2cVbsm2zLpqY4dY58SFK9ORfuULdKUQvScvFGrdSSW0CgX+uc
F/5NmPutUoboHVxFraDPx7yo46pHf1RW0Me4xZ0aJ3e9ituLAN4fmJ9u46nofb5M
thPelQlMVt30O41uViJ0ADkOjCsiBr3AxOFvc76Ct9Q/BJVxhLk=
=JVBv
-----END PGP SIGNATURE-----
Merge 4.19.65 into android-4.19
Changes in 4.19.65
ARM: riscpc: fix DMA
ARM: dts: rockchip: Make rk3288-veyron-minnie run at hs200
ARM: dts: rockchip: Make rk3288-veyron-mickey's emmc work again
ARM: dts: rockchip: Mark that the rk3288 timer might stop in suspend
ftrace: Enable trampoline when rec count returns back to one
dmaengine: tegra-apb: Error out if DMA_PREP_INTERRUPT flag is unset
arm64: dts: rockchip: fix isp iommu clocks and power domain
kernel/module.c: Only return -EEXIST for modules that have finished loading
firmware/psci: psci_checker: Park kthreads before stopping them
MIPS: lantiq: Fix bitfield masking
dmaengine: rcar-dmac: Reject zero-length slave DMA requests
clk: tegra210: fix PLLU and PLLU_OUT1
fs/adfs: super: fix use-after-free bug
clk: sprd: Add check for return value of sprd_clk_regmap_init()
btrfs: fix minimum number of chunk errors for DUP
btrfs: qgroup: Don't hold qgroup_ioctl_lock in btrfs_qgroup_inherit()
cifs: Fix a race condition with cifs_echo_request
ceph: fix improper use of smp_mb__before_atomic()
ceph: return -ERANGE if virtual xattr value didn't fit in buffer
ACPI: blacklist: fix clang warning for unused DMI table
scsi: zfcp: fix GCC compiler warning emitted with -Wmaybe-uninitialized
perf version: Fix segfault due to missing OPT_END()
x86: kvm: avoid constant-conversion warning
ACPI: fix false-positive -Wuninitialized warning
be2net: Signal that the device cannot transmit during reconfiguration
x86/apic: Silence -Wtype-limits compiler warnings
x86: math-emu: Hide clang warnings for 16-bit overflow
mm/cma.c: fail if fixed declaration can't be honored
lib/test_overflow.c: avoid tainting the kernel and fix wrap size
lib/test_string.c: avoid masking memset16/32/64 failures
coda: add error handling for fget
coda: fix build using bare-metal toolchain
uapi linux/coda_psdev.h: move upc_req definition from uapi to kernel side headers
drivers/rapidio/devices/rio_mport_cdev.c: NUL terminate some strings
ipc/mqueue.c: only perform resource calculation if user valid
mlxsw: spectrum_dcb: Configure DSCP map as the last rule is removed
xen/pv: Fix a boot up hang revealed by int3 self test
x86/kvm: Don't call kvm_spurious_fault() from .fixup
x86/paravirt: Fix callee-saved function ELF sizes
x86, boot: Remove multiple copy of static function sanitize_boot_params()
drm/nouveau: fix memory leak in nouveau_conn_reset()
kconfig: Clear "written" flag to avoid data loss
kbuild: initialize CLANG_FLAGS correctly in the top Makefile
Btrfs: fix incremental send failure after deduplication
Btrfs: fix race leading to fs corruption after transaction abort
mmc: dw_mmc: Fix occasional hang after tuning on eMMC
mmc: meson-mx-sdio: Fix misuse of GENMASK macro
gpiolib: fix incorrect IRQ requesting of an active-low lineevent
IB/hfi1: Fix Spectre v1 vulnerability
mtd: rawnand: micron: handle on-die "ECC-off" devices correctly
selinux: fix memory leak in policydb_init()
ALSA: hda: Fix 1-minute detection delay when i915 module is not available
mm: vmscan: check if mem cgroup is disabled or not before calling memcg slab shrinker
s390/dasd: fix endless loop after read unit address configuration
cgroup: kselftest: relax fs_spec checks
parisc: Fix build of compressed kernel even with debug enabled
drivers/perf: arm_pmu: Fix failure path in PM notifier
arm64: compat: Allow single-byte watchpoints on all addresses
arm64: cpufeature: Fix feature comparison for CTR_EL0.{CWG,ERG}
nbd: replace kill_bdev() with __invalidate_device() again
xen/swiotlb: fix condition for calling xen_destroy_contiguous_region()
IB/mlx5: Fix unreg_umr to ignore the mkey state
IB/mlx5: Use direct mkey destroy command upon UMR unreg failure
IB/mlx5: Move MRs to a kernel PD when freeing them to the MR cache
IB/mlx5: Fix clean_mr() to work in the expected order
IB/mlx5: Fix RSS Toeplitz setup to be aligned with the HW specification
IB/hfi1: Check for error on call to alloc_rsm_map_table
drm/i915/gvt: fix incorrect cache entry for guest page mapping
eeprom: at24: make spd world-readable again
ARC: enable uboot support unconditionally
objtool: Support GCC 9 cold subfunction naming scheme
gcc-9: properly declare the {pv,hv}clock_page storage
x86/vdso: Prevent segfaults due to hoisted vclock reads
scsi: mpt3sas: Use 63-bit DMA addressing on SAS35 HBA
x86/cpufeatures: Carve out CQM features retrieval
x86/cpufeatures: Combine word 11 and 12 into a new scattered features word
x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations
x86/speculation: Enable Spectre v1 swapgs mitigations
x86/entry/64: Use JMP instead of JMPQ
x86/speculation/swapgs: Exclude ATOMs from speculation through SWAPGS
Documentation: Add swapgs description to the Spectre v1 documentation
Linux 4.19.65
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Iceeabdb164657e0a616db618e6aa8445d56b0dc1
David Howells