1. 14 Oct, 2021 1 commit
    • Kees Cook's avatar
      LSM: Avoid warnings about potentially unused hook variables · 86dd9fd5
      Kees Cook authored
      Building with W=1 shows many unused const variable warnings. These can
      be silenced, as we're well aware of their being potentially unused:
      
      ./include/linux/lsm_hook_defs.h:36:18: error: 'ptrace_access_check_default' defined but not used [-Werror=unused-const-variable=]
         36 | LSM_HOOK(int, 0, ptrace_access_check, struct task_struct *child,
            |                  ^~~~~~~~~~~~~~~~~~~
      security/security.c:706:32: note: in definition of macro 'LSM_RET_DEFAULT'
        706 | #define LSM_RET_DEFAULT(NAME) (NAME##_default)
            |                                ^~~~
      security/security.c:711:9: note: in expansion of macro 'DECLARE_LSM_RET_DEFAULT_int'
        711 |         DECLARE_LSM_RET_DEFAULT_##RET(DEFAULT, NAME)
            |         ^~~~~~~~~~~~~~~~~~~~~~~~
      ./include/linux/lsm_hook_defs.h:36:1: note: in expansion of macro 'LSM_HOOK'
         36 | LSM_HOOK(int, 0, ptrace_access_check, struct task_struct *child,
            | ^~~~~~~~
      
      Cc: James Morris <jmorris@namei.org>
      Cc: "Serge E. Hallyn" <serge@hallyn.com>
      Cc: Paul Moore <paul@paul-moore.com>
      Cc: Casey Schaufler <casey@schaufler-ca.com>
      Cc: KP Singh <kpsingh@chromium.org>
      Cc: linux-security-module@vger.kernel.org
      Reported-by: default avatarkernel test robot <lkp@intel.com>
      Link: https://lore.kernel.org/linux-mm/202110131608.zms53FPR-lkp@intel.com/
      Fixes: 98e828a0 ("security: Refactor declaration of LSM hooks")
      Signed-off-by: default avatarKees Cook <keescook@chromium.org>
      Acked-by: default avatarJames Morris <jamorris@linux.microsoft.com>
      Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
      86dd9fd5
  2. 13 Oct, 2021 2 commits
  3. 11 Oct, 2021 2 commits
    • Ondrej Mosnacek's avatar
      selinux: fix race condition when computing ocontext SIDs · cbfcd13b
      Ondrej Mosnacek authored
      Current code contains a lot of racy patterns when converting an
      ocontext's context structure to an SID. This is being done in a "lazy"
      fashion, such that the SID is looked up in the SID table only when it's
      first needed and then cached in the "sid" field of the ocontext
      structure. However, this is done without any locking or memory barriers
      and is thus unsafe.
      
      Between commits 24ed7fda ("selinux: use separate table for initial
      SID lookup") and 66f8e2f0 ("selinux: sidtab reverse lookup hash
      table"), this race condition lead to an actual observable bug, because a
      pointer to the shared sid field was passed directly to
      sidtab_context_to_sid(), which was using this location to also store an
      intermediate value, which could have been read by other threads and
      interpreted as an SID. In practice this caused e.g. new mounts to get a
      wrong (seemingly random) filesystem context, leading to strange denials.
      This bug has been spotted in the wild at least twice, see [1] and [2].
      
      Fix the race condition by making all the racy functions use a common
      helper that ensures the ocontext::sid accesses are made safely using the
      appropriate SMP constructs.
      
      Note that security_netif_sid() was populating the sid field of both
      contexts stored in the ocontext, but only the first one was actually
      used. The SELinux wiki's documentation on the "netifcon" policy
      statement [3] suggests that using only the first context is intentional.
      I kept only the handling of the first context here, as there is really
      no point in doing the SID lookup for the unused one.
      
      I wasn't able to reproduce the bug mentioned above on any kernel that
      includes commit 66f8e2f0, even though it has been reported that the
      issue occurs with that commit, too, just less frequently. Thus, I wasn't
      able to verify that this patch fixes the issue, but it makes sense to
      avoid the race condition regardless.
      
      [1] https://github.com/containers/container-selinux/issues/89
      [2] https://lists.fedoraproject.org/archives/list/selinux@lists.fedoraproject.org/thread/6DMTAMHIOAOEMUAVTULJD45JZU7IBAFM/
      [3] https://selinuxproject.org/page/NetworkStatements#netifcon
      
      Cc: stable@vger.kernel.org
      Cc: Xinjie Zheng <xinjie@google.com>
      Reported-by: default avatarSujithra Periasamy <sujithra@google.com>
      Fixes: 1da177e4 ("Linux-2.6.12-rc2")
      Signed-off-by: default avatarOndrej Mosnacek <omosnace@redhat.com>
      Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
      cbfcd13b
    • Florian Westphal's avatar
      selinux: remove unneeded ipv6 hook wrappers · 4342f705
      Florian Westphal authored
      Netfilter places the protocol number the hook function is getting called
      from in state->pf, so we can use that instead of an extra wrapper.
      
      While at it, remove one-line wrappers too and make
      selinux_ip_{out,forward,postroute} useable as hook function.
      Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
      Message-Id: <20211011202229.28289-1-fw@strlen.de>
      Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
      4342f705
  4. 30 Sep, 2021 1 commit
    • Paul Moore's avatar
      selinux: remove the SELinux lockdown implementation · f5d0e5e9
      Paul Moore authored
      NOTE: This patch intentionally omits any "Fixes:" metadata or stable
      tagging since it removes a SELinux access control check; while
      removing the control point is the right thing to do moving forward,
      removing it in stable kernels could be seen as a regression.
      
      The original SELinux lockdown implementation in 59438b46
      ("security,lockdown,selinux: implement SELinux lockdown") used the
      current task's credentials as both the subject and object in the
      SELinux lockdown hook, selinux_lockdown().  Unfortunately that
      proved to be incorrect in a number of cases as the core kernel was
      calling the LSM lockdown hook in places where the credentials from
      the "current" task_struct were not the correct credentials to use
      in the SELinux access check.
      
      Attempts were made to resolve this by adding a credential pointer
      to the LSM lockdown hook as well as suggesting that the single hook
      be split into two: one for user tasks, one for kernel tasks; however
      neither approach was deemed acceptable by Linus.  Faced with the
      prospect of either changing the subj/obj in the access check to a
      constant context (likely the kernel's label) or removing the SELinux
      lockdown check entirely, the SELinux community decided that removing
      the lockdown check was preferable.
      
      The supporting changes to the general LSM layer are left intact, this
      patch only removes the SELinux implementation.
      Acked-by: default avatarOndrej Mosnacek <omosnace@redhat.com>
      Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
      f5d0e5e9
  5. 28 Sep, 2021 1 commit
    • Christian Göttsche's avatar
      selinux: enable genfscon labeling for securityfs · 8a764ef1
      Christian Göttsche authored
      Add support for genfscon per-file labeling of securityfs files.
      This allows for separate labels and thereby access control for
      different files. For example a genfscon statement
      
          genfscon securityfs /integrity/ima/policy \
      	system_u:object_r:ima_policy_t:s0
      
      will set a private label to the IMA policy file and thus allow to
      control the ability to set the IMA policy. Setting labels directly
      with setxattr(2), e.g. by chcon(1) or setfiles(8), is still not
      supported.
      Signed-off-by: default avatarChristian Göttsche <cgzones@googlemail.com>
      [PM: line width fixes in the commit description]
      Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
      8a764ef1
  6. 20 Sep, 2021 8 commits
    • Casey Schaufler's avatar
      Smack: Brutalist io_uring support · d9d8c939
      Casey Schaufler authored
      Add Smack privilege checks for io_uring. Use CAP_MAC_OVERRIDE
      for the override_creds case and CAP_MAC_ADMIN for creating a
      polling thread. These choices are based on conjecture regarding
      the intent of the surrounding code.
      Signed-off-by: default avatarCasey Schaufler <casey@schaufler-ca.com>
      [PM: make the smack_uring_* funcs static, remove debug code]
      Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
      d9d8c939
    • Paul Moore's avatar
      selinux: add support for the io_uring access controls · 740b0341
      Paul Moore authored
      This patch implements two new io_uring access controls, specifically
      support for controlling the io_uring "personalities" and
      IORING_SETUP_SQPOLL.  Controlling the sharing of io_urings themselves
      is handled via the normal file/inode labeling and sharing mechanisms.
      
      The io_uring { override_creds } permission restricts which domains
      the subject domain can use to override it's own credentials.
      Granting a domain the io_uring { override_creds } permission allows
      it to impersonate another domain in io_uring operations.
      
      The io_uring { sqpoll } permission restricts which domains can create
      asynchronous io_uring polling threads.  This is important from a
      security perspective as operations queued by this asynchronous thread
      inherit the credentials of the thread creator by default; if an
      io_uring is shared across process/domain boundaries this could result
      in one domain impersonating another.  Controlling the creation of
      sqpoll threads, and the sharing of io_urings across processes, allow
      policy authors to restrict the ability of one domain to impersonate
      another via io_uring.
      
      As a quick summary, this patch adds a new object class with two
      permissions:
      
       io_uring { override_creds sqpoll }
      
      These permissions can be seen in the two simple policy statements
      below:
      
        allow domA_t domB_t : io_uring { override_creds };
        allow domA_t self : io_uring { sqpoll };
      Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
      740b0341
    • Paul Moore's avatar
      lsm,io_uring: add LSM hooks to io_uring · cdc1404a
      Paul Moore authored
      A full expalantion of io_uring is beyond the scope of this commit
      description, but in summary it is an asynchronous I/O mechanism
      which allows for I/O requests and the resulting data to be queued
      in memory mapped "rings" which are shared between the kernel and
      userspace.  Optionally, io_uring offers the ability for applications
      to spawn kernel threads to dequeue I/O requests from the ring and
      submit the requests in the kernel, helping to minimize the syscall
      overhead.  Rings are accessed in userspace by memory mapping a file
      descriptor provided by the io_uring_setup(2), and can be shared
      between applications as one might do with any open file descriptor.
      Finally, process credentials can be registered with a given ring
      and any process with access to that ring can submit I/O requests
      using any of the registered credentials.
      
      While the io_uring functionality is widely recognized as offering a
      vastly improved, and high performing asynchronous I/O mechanism, its
      ability to allow processes to submit I/O requests with credentials
      other than its own presents a challenge to LSMs.  When a process
      creates a new io_uring ring the ring's credentials are inhertied
      from the calling process; if this ring is shared with another
      process operating with different credentials there is the potential
      to bypass the LSMs security policy.  Similarly, registering
      credentials with a given ring allows any process with access to that
      ring to submit I/O requests with those credentials.
      
      In an effort to allow LSMs to apply security policy to io_uring I/O
      operations, this patch adds two new LSM hooks.  These hooks, in
      conjunction with the LSM anonymous inode support previously
      submitted, allow an LSM to apply access control policy to the
      sharing of io_uring rings as well as any io_uring credential changes
      requested by a process.
      
      The new LSM hooks are described below:
      
       * int security_uring_override_creds(cred)
         Controls if the current task, executing an io_uring operation,
         is allowed to override it's credentials with @cred.  In cases
         where the current task is a user application, the current
         credentials will be those of the user application.  In cases
         where the current task is a kernel thread servicing io_uring
         requests the current credentials will be those of the io_uring
         ring (inherited from the process that created the ring).
      
       * int security_uring_sqpoll(void)
         Controls if the current task is allowed to create an io_uring
         polling thread (IORING_SETUP_SQPOLL).  Without a SQPOLL thread
         in the kernel processes must submit I/O requests via
         io_uring_enter(2) which allows us to compare any requested
         credential changes against the application making the request.
         With a SQPOLL thread, we can no longer compare requested
         credential changes against the application making the request,
         the comparison is made against the ring's credentials.
      Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
      cdc1404a
    • Paul Moore's avatar
      io_uring: convert io_uring to the secure anon inode interface · 91a9ab7c
      Paul Moore authored
      Converting io_uring's anonymous inode to the secure anon inode API
      enables LSMs to enforce policy on the io_uring anonymous inodes if
      they chose to do so.  This is an important first step towards
      providing the necessary mechanisms so that LSMs can apply security
      policy to io_uring operations.
      Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
      91a9ab7c
    • Paul Moore's avatar
      fs: add anon_inode_getfile_secure() similar to anon_inode_getfd_secure() · 3a862cac
      Paul Moore authored
      Extending the secure anonymous inode support to other subsystems
      requires that we have a secure anon_inode_getfile() variant in
      addition to the existing secure anon_inode_getfd() variant.
      
      Thankfully we can reuse the existing __anon_inode_getfile() function
      and just wrap it with the proper arguments.
      Acked-by: default avatarMickaël Salaün <mic@linux.microsoft.com>
      Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
      3a862cac
    • Paul Moore's avatar
      audit: add filtering for io_uring records · 67daf270
      Paul Moore authored
      This patch adds basic audit io_uring filtering, using as much of the
      existing audit filtering infrastructure as possible.  In order to do
      this we reuse the audit filter rule's syscall mask for the io_uring
      operation and we create a new filter for io_uring operations as
      AUDIT_FILTER_URING_EXIT/audit_filter_list[7].
      
      Thanks to Richard Guy Briggs for his review, feedback, and work on
      the corresponding audit userspace changes.
      Acked-by: default avatarRichard Guy Briggs <rgb@redhat.com>
      Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
      67daf270
    • Paul Moore's avatar
      audit,io_uring,io-wq: add some basic audit support to io_uring · 5bd2182d
      Paul Moore authored
      This patch adds basic auditing to io_uring operations, regardless of
      their context.  This is accomplished by allocating audit_context
      structures for the io-wq worker and io_uring SQPOLL kernel threads
      as well as explicitly auditing the io_uring operations in
      io_issue_sqe().  Individual io_uring operations can bypass auditing
      through the "audit_skip" field in the struct io_op_def definition for
      the operation; although great care must be taken so that security
      relevant io_uring operations do not bypass auditing; please contact
      the audit mailing list (see the MAINTAINERS file) with any questions.
      
      The io_uring operations are audited using a new AUDIT_URINGOP record,
      an example is shown below:
      
        type=UNKNOWN[1336] msg=audit(1631800225.981:37289):
          uring_op=19 success=yes exit=0 items=0 ppid=15454 pid=15681
          uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
          subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
          key=(null)
      
      Thanks to Richard Guy Briggs for review and feedback.
      Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
      5bd2182d
    • Paul Moore's avatar
      audit: prepare audit_context for use in calling contexts beyond syscalls · 12c5e81d
      Paul Moore authored
      This patch cleans up some of our audit_context handling by
      abstracting out the reset and return code fixup handling to dedicated
      functions.  Not only does this help make things easier to read and
      inspect, it allows for easier reuse by future patches.  We also
      convert the simple audit_context->in_syscall flag into an enum which
      can be used to by future patches to indicate a calling context other
      than the syscall context.
      
      Thanks to Richard Guy Briggs for review and feedback.
      Acked-by: default avatarRichard Guy Briggs <rgb@redhat.com>
      Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
      12c5e81d
  7. 12 Sep, 2021 12 commits
    • Linus Torvalds's avatar
      Linux 5.15-rc1 · 6880fa6c
      Linus Torvalds authored
      6880fa6c
    • Linus Torvalds's avatar
      Merge tag 'perf-tools-for-v5.15-2021-09-11' of... · b5b65f13
      Linus Torvalds authored
      Merge tag 'perf-tools-for-v5.15-2021-09-11' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux
      
      Pull more perf tools updates from Arnaldo Carvalho de Melo:
      
       - Add missing fields and remove some duplicate fields when printing a
         perf_event_attr.
      
       - Fix hybrid config terms list corruption.
      
       - Update kernel header copies, some resulted in new kernel features
         being automagically added to 'perf trace' syscall/tracepoint argument
         id->string translators.
      
       - Add a file generated during the documentation build to .gitignore.
      
       - Add an option to build without libbfd, as some distros, like Debian
         consider its ABI unstable.
      
       - Add support to print a textual representation of IBS raw sample data
         in 'perf report'.
      
       - Fix bpf 'perf test' sample mismatch reporting
      
       - Fix passing arguments to stackcollapse report in a 'perf script'
         python script.
      
       - Allow build-id with trailing zeros.
      
       - Look for ImageBase in PE file to compute .text offset.
      
      * tag 'perf-tools-for-v5.15-2021-09-11' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux: (25 commits)
        tools headers UAPI: Update tools's copy of drm.h headers
        tools headers UAPI: Sync drm/i915_drm.h with the kernel sources
        tools headers UAPI: Sync linux/fs.h with the kernel sources
        tools headers UAPI: Sync linux/in.h copy with the kernel sources
        perf tools: Add an option to build without libbfd
        perf tools: Allow build-id with trailing zeros
        perf tools: Fix hybrid config terms list corruption
        perf tools: Factor out copy_config_terms() and free_config_terms()
        perf tools: Fix perf_event_attr__fprintf() missing/dupl. fields
        perf tools: Ignore Documentation dependency file
        perf bpf: Provide a weak btf__load_from_kernel_by_id() for older libbpf versions
        tools include UAPI: Update linux/mount.h copy
        perf beauty: Cover more flags in the  move_mount syscall argument beautifier
        tools headers UAPI: Sync linux/prctl.h with the kernel sources
        tools include UAPI: Sync sound/asound.h copy with the kernel sources
        tools headers UAPI: Sync linux/kvm.h with the kernel sources
        tools headers UAPI: Sync x86's asm/kvm.h with the kernel sources
        perf report: Add support to print a textual representation of IBS raw sample data
        perf report: Add tools/arch/x86/include/asm/amd-ibs.h
        perf env: Add perf_env__cpuid, perf_env__{nr_}pmu_mappings
        ...
      b5b65f13
    • Linus Torvalds's avatar
      Merge tag 'compiler-attributes-for-linus-v5.15-rc1-v2' of git://github.com/ojeda/linux · c3e46874
      Linus Torvalds authored
      Pull compiler attributes updates from Miguel Ojeda:
      
       - Fix __has_attribute(__no_sanitize_coverage__) for GCC 4 (Marco Elver)
      
       - Add Nick as Reviewer for compiler_attributes.h (Nick Desaulniers)
      
       - Move __compiletime_{error|warning} (Nick Desaulniers)
      
      * tag 'compiler-attributes-for-linus-v5.15-rc1-v2' of git://github.com/ojeda/linux:
        compiler_attributes.h: move __compiletime_{error|warning}
        MAINTAINERS: add Nick as Reviewer for compiler_attributes.h
        Compiler Attributes: fix __has_attribute(__no_sanitize_coverage__) for GCC 4
      c3e46874
    • Linus Torvalds's avatar
      Merge tag 'auxdisplay-for-linus-v5.15-rc1' of git://github.com/ojeda/linux · d41adc4e
      Linus Torvalds authored
      Pull auxdisplay updates from Miguel Ojeda:
       "An assortment of improvements for auxdisplay:
      
         - Replace symbolic permissions with octal permissions (Jinchao Wang)
      
         - ks0108: Switch to use module_parport_driver() (Andy Shevchenko)
      
         - charlcd: Drop unneeded initializers and switch to C99 style (Andy
           Shevchenko)
      
         - hd44780: Fix oops on module unloading (Lars Poeschel)
      
         - Add I2C gpio expander example (Ralf Schlatterbeck)"
      
      * tag 'auxdisplay-for-linus-v5.15-rc1' of git://github.com/ojeda/linux:
        auxdisplay: Replace symbolic permissions with octal permissions
        auxdisplay: ks0108: Switch to use module_parport_driver()
        auxdisplay: charlcd: Drop unneeded initializers and switch to C99 style
        auxdisplay: hd44780: Fix oops on module unloading
        auxdisplay: Add I2C gpio expander example
      d41adc4e
    • Linus Torvalds's avatar
      Merge tag 'smp-urgent-2021-09-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · f306b90c
      Linus Torvalds authored
      Pull CPU hotplug updates from Thomas Gleixner:
       "Updates for the SMP and CPU hotplug:
      
         - Remove DEFINE_SMP_CALL_CACHE_FUNCTION() which is a left over of the
           original hotplug code and now causing trouble with the ARM64 cache
           topology setup due to the pointless SMP function call.
      
           It's not longer required as the hotplug callbacks are guaranteed to
           be invoked on the upcoming CPU.
      
         - Remove the deprecated and now unused CPU hotplug functions
      
         - Rewrite the CPU hotplug API documentation"
      
      * tag 'smp-urgent-2021-09-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        Documentation: core-api/cpuhotplug: Rewrite the API section
        cpu/hotplug: Remove deprecated CPU-hotplug functions.
        thermal: Replace deprecated CPU-hotplug functions.
        drivers: base: cacheinfo: Get rid of DEFINE_SMP_CALL_CACHE_FUNCTION()
      f306b90c
    • Linus Torvalds's avatar
      Merge tag 'char-misc-5.15-rc1-lkdtm' of... · d8e988b6
      Linus Torvalds authored
      Merge tag 'char-misc-5.15-rc1-lkdtm' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc
      
      Pull misc driver fix from Greg KH:
       "Here is a single patch for 5.15-rc1, for the lkdtm misc driver.
      
        It resolves a build issue that many people were hitting with your
        current tree, and Kees and others felt would be good to get merged
        before -rc1 comes out, to prevent them from having to constantly hit
        it as many development trees restart on -rc1, not older -rc releases.
      
        It has NOT been in linux-next, but has passed 0-day testing and looks
        'obviously correct' when reviewing it locally :)"
      
      * tag 'char-misc-5.15-rc1-lkdtm' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc:
        lkdtm: Use init_uts_ns.name instead of macros
      d8e988b6
    • Linus Torvalds's avatar
      Merge tag 'for-linus-5.15-1' of git://github.com/cminyard/linux-ipmi · 1791596b
      Linus Torvalds authored
      Pull IPMI updates from Corey Minyard:
       "A couple of very minor fixes for style and rate limiting.
      
        Nothing big, but probably needs to go in"
      
      * tag 'for-linus-5.15-1' of git://github.com/cminyard/linux-ipmi:
        char: ipmi: use DEVICE_ATTR helper macro
        ipmi: rate limit ipmi smi_event failure message
      1791596b
    • Linus Torvalds's avatar
      Merge tag 'sched_urgent_for_v5.15_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 56c24438
      Linus Torvalds authored
      Pull scheduler fixes from Borislav Petkov:
      
       - Make sure the idle timer expires in hardirq context, on PREEMPT_RT
      
       - Make sure the run-queue balance callback is invoked only on the
         outgoing CPU
      
      * tag 'sched_urgent_for_v5.15_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        sched: Prevent balance_push() on remote runqueues
        sched/idle: Make the idle timer expire in hard interrupt context
      56c24438
    • Linus Torvalds's avatar
      Merge tag 'locking_urgent_for_v5.15_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 165d05d8
      Linus Torvalds authored
      Pull locking fixes from Borislav Petkov:
      
       - Fix the futex PI requeue machinery to not return to userspace in
         inconsistent state
      
       - Avoid a potential null pointer dereference in the ww_mutex deadlock
         check
      
       - Other smaller cleanups and optimizations
      
      * tag 'locking_urgent_for_v5.15_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        locking/rtmutex: Fix ww_mutex deadlock check
        futex: Remove unused variable 'vpid' in futex_proxy_trylock_atomic()
        futex: Avoid redundant task lookup
        futex: Clarify comment for requeue_pi_wake_futex()
        futex: Prevent inconsistent state and exit race
        futex: Return error code instead of assigning it without effect
        locking/rwsem: Add missing __init_rwsem() for PREEMPT_RT
      165d05d8
    • Linus Torvalds's avatar
      Merge tag 'timers_urgent_for_v5.15_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 7bf31426
      Linus Torvalds authored
      Pull timer fix from Borislav Petkov:
      
       - Handle negative second values properly when converting a timespec64
         to nanoseconds.
      
      * tag 'timers_urgent_for_v5.15_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        time: Handle negative seconds correctly in timespec64_to_ns()
      7bf31426
    • Linus Torvalds's avatar
      Merge branch 'misc.namei' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs · fdfc3463
      Linus Torvalds authored
      Pull namei updates from Al Viro:
       "Clearing fallout from mkdirat in io_uring series. The fix in the
        kern_path_locked() patch plus associated cleanups"
      
      * 'misc.namei' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
        putname(): IS_ERR_OR_NULL() is wrong here
        namei: Standardize callers of filename_create()
        namei: Standardize callers of filename_lookup()
        rename __filename_parentat() to filename_parentat()
        namei: Fix use after free in kern_path_locked
      fdfc3463
    • Linus Torvalds's avatar
      Merge tag '5.15-rc-cifs-part2' of git://git.samba.org/sfrench/cifs-2.6 · 8d4a0b5d
      Linus Torvalds authored
      Pull smbfs updates from Steve French:
       "cifs/smb3 updates:
      
         - DFS reconnect fix
      
         - begin creating common headers for server and client
      
         - rename the cifs_common directory to smbfs_common to be more
           consistent ie change use of the name cifs to smb (smb3 or smbfs is
           more accurate, as the very old cifs dialect has long been
           superseded by smb3 dialects).
      
        In the future we can rename the fs/cifs directory to fs/smbfs.
      
        This does not include the set of multichannel fixes nor the two
        deferred close fixes (they are still being reviewed and tested)"
      
      * tag '5.15-rc-cifs-part2' of git://git.samba.org/sfrench/cifs-2.6:
        cifs: properly invalidate cached root handle when closing it
        cifs: move SMB FSCTL definitions to common code
        cifs: rename cifs_common to smbfs_common
        cifs: update FSCTL definitions
      8d4a0b5d
  8. 11 Sep, 2021 13 commits
    • Linus Torvalds's avatar
      Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost · 78e70952
      Linus Torvalds authored
      Pull virtio updates from Michael Tsirkin:
      
       - vduse driver ("vDPA Device in Userspace") supporting emulated virtio
         block devices
      
       - virtio-vsock support for end of record with SEQPACKET
      
       - vdpa: mac and mq support for ifcvf and mlx5
      
       - vdpa: management netlink for ifcvf
      
       - virtio-i2c, gpio dt bindings
      
       - misc fixes and cleanups
      
      * tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost: (39 commits)
        Documentation: Add documentation for VDUSE
        vduse: Introduce VDUSE - vDPA Device in Userspace
        vduse: Implement an MMU-based software IOTLB
        vdpa: Support transferring virtual addressing during DMA mapping
        vdpa: factor out vhost_vdpa_pa_map() and vhost_vdpa_pa_unmap()
        vdpa: Add an opaque pointer for vdpa_config_ops.dma_map()
        vhost-iotlb: Add an opaque pointer for vhost IOTLB
        vhost-vdpa: Handle the failure of vdpa_reset()
        vdpa: Add reset callback in vdpa_config_ops
        vdpa: Fix some coding style issues
        file: Export receive_fd() to modules
        eventfd: Export eventfd_wake_count to modules
        iova: Export alloc_iova_fast() and free_iova_fast()
        virtio-blk: remove unneeded "likely" statements
        virtio-balloon: Use virtio_find_vqs() helper
        vdpa: Make use of PFN_PHYS/PFN_UP/PFN_DOWN helper macro
        vsock_test: update message bounds test for MSG_EOR
        af_vsock: rename variables in receive loop
        virtio/vsock: support MSG_EOR bit processing
        vhost/vsock: support MSG_EOR bit processing
        ...
      78e70952
    • Linus Torvalds's avatar
      Merge tag 'riscv-for-linus-5.15-mw1' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux · b79bd0d5
      Linus Torvalds authored
      Pull more RISC-V updates from Palmer Dabbelt:
      
       - A pair of defconfig additions, for NVMe and the EFI filesystem
         localization options.
      
       - A larger address space for stack randomization.
      
       - A cleanup to our install rules.
      
       - A DTS update for the Microchip Icicle board, to fix the serial
         console.
      
       - Support for build-time table sorting, which allows us to have
         __ex_table read-only.
      
      * tag 'riscv-for-linus-5.15-mw1' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux:
        riscv: Move EXCEPTION_TABLE to RO_DATA segment
        riscv: Enable BUILDTIME_TABLE_SORT
        riscv: dts: microchip: mpfs-icicle: Fix serial console
        riscv: move the (z)install rules to arch/riscv/Makefile
        riscv: Improve stack randomisation on RV64
        riscv: defconfig: enable NLS_CODEPAGE_437, NLS_ISO8859_1
        riscv: defconfig: enable BLK_DEV_NVME
      b79bd0d5
    • Linus Torvalds's avatar
      Merge branch 'for-5.15' of git://git.kernel.org/pub/scm/linux/kernel/git/jlawall/linux · 4e1c7544
      Linus Torvalds authored
      Pull coccinelle updates from Julia Lawall:
       "These changes update some existing semantic patches with
        respect to some recent changes in the kernel.
      
        Specifically, the change to kvmalloc.cocci searches for
        kfree_sensitive rather than kzfree, and the change to
        use_after_iter.cocci adds list_entry_is_head as a valid
        use of a list iterator index variable after the end of
        the loop"
      
      * 'for-5.15' of git://git.kernel.org/pub/scm/linux/kernel/git/jlawall/linux:
        scripts: coccinelle: allow list_entry_is_head() to use pos
        coccinelle: api: rename kzfree to kfree_sensitive
      4e1c7544
    • Arnaldo Carvalho de Melo's avatar
      tools headers UAPI: Update tools's copy of drm.h headers · 17a99e52
      Arnaldo Carvalho de Melo authored
      Picking the changes from:
      
        17ce9c61 ("drm: document DRM_IOCTL_MODE_RMFB")
      
      Doesn't result in any tooling changes:
      
        $ tools/perf/trace/beauty/drm_ioctl.sh  > before
        $ cp include/uapi/drm/drm.h tools/include/uapi/drm/drm.h
        $ tools/perf/trace/beauty/drm_ioctl.sh  > after
        $ diff -u before after
      
      Silencing these perf build warnings:
      
        Warning: Kernel ABI header at 'tools/include/uapi/drm/drm.h' differs from latest version at 'include/uapi/drm/drm.h'
        diff -u tools/include/uapi/drm/drm.h include/uapi/drm/drm.h
      
      Cc: Simon Ser <contact@emersion.fr>
      Signed-off-by: default avatarArnaldo Carvalho de Melo <acme@redhat.com>
      17a99e52
    • Arnaldo Carvalho de Melo's avatar
      tools headers UAPI: Sync drm/i915_drm.h with the kernel sources · 4dc24d7c
      Arnaldo Carvalho de Melo authored
      To pick the changes in:
      
        b65a9489 ("drm/i915/userptr: Probe existence of backing struct pages upon creation")
        ee242ca7 ("drm/i915/guc: Implement GuC priority management")
        81340cf3 ("drm/i915/uapi: reject set_domain for discrete")
        7961c5b6 ("drm/i915: Add TTM offset argument to mmap.")
        aef7b67a ("drm/i915/uapi: convert drm_i915_gem_userptr to kernel doc")
        e7737b67 ("drm/i915/uapi: reject caching ioctls for discrete")
        3aa8c57f ("drm/i915/uapi: convert drm_i915_gem_set_domain to kernel doc")
        289f5a72 ("drm/i915/uapi: convert drm_i915_gem_caching to kernel doc")
        4a766ae4 ("drm/i915: Drop the CONTEXT_CLONE API (v2)")
        6ff6d61d ("drm/i915: Drop I915_CONTEXT_PARAM_NO_ZEROMAP")
        fe4751c3 ("drm/i915: Drop I915_CONTEXT_PARAM_RINGSIZE")
        57772953 ("drm/i915: Document the Virtual Engine uAPI")
        c649432e ("drm/i915: Fix busy ioctl commentary")
      
      That doesn't result in any changes to tooling as no new ioctl were
      added (at least not perceived by tools/perf/trace/beauty/drm_ioctl.sh).
      
      Addressing this perf build warning:
      
        Warning: Kernel ABI header at 'tools/include/uapi/drm/i915_drm.h' differs from latest version at 'include/uapi/drm/i915_drm.h'
        diff -u tools/include/uapi/drm/i915_drm.h include/uapi/drm/i915_drm.h
      
      Cc: Chris Wilson <chris@chris-wilson.co.uk>
      Cc: Daniel Vetter <daniel.vetter@ffwll.ch>
      Cc: Jason Ekstrand <jason@jlekstrand.net>
      Cc: John Harrison <John.C.Harrison@Intel.com>
      Cc: Maarten Lankhorst <maarten.lankhorst@linux.intel.com>
      Cc: Matthew Auld <matthew.auld@intel.com>
      Cc: Matthew Brost <matthew.brost@intel.com>
      Cc: Tvrtko Ursulin <tvrtko.ursulin@intel.com>
      Signed-off-by: default avatarArnaldo Carvalho de Melo <acme@redhat.com>
      4dc24d7c
    • Arnaldo Carvalho de Melo's avatar
      tools headers UAPI: Sync linux/fs.h with the kernel sources · 2bae3e64
      Arnaldo Carvalho de Melo authored
      To pick the change in:
      
        7957d93b ("block: add ioctl to read the disk sequence number")
      
      It adds a new ioctl, but we are still not using that to generate tables
      for 'perf trace', so no changes in tooling.
      
      This silences this perf build warning:
      
        Warning: Kernel ABI header at 'tools/include/uapi/linux/fs.h' differs from latest version at 'include/uapi/linux/fs.h'
        diff -u tools/include/uapi/linux/fs.h include/uapi/linux/fs.h
      
      Cc: Jens Axboe <axboe@kernel.dk>
      Cc: Matteo Croce <mcroce@microsoft.com>
      Signed-off-by: default avatarArnaldo Carvalho de Melo <acme@redhat.com>
      2bae3e64
    • Arnaldo Carvalho de Melo's avatar
      tools headers UAPI: Sync linux/in.h copy with the kernel sources · ee286c60
      Arnaldo Carvalho de Melo authored
      To pick the changes in:
      
        db243b79 ("net/ipv4/ipv6: Replace one-element arraya with flexible-array members")
        2d3e5caf ("net/ipv4: Replace one-element array with flexible-array member")
      
      That don't result in any change in tooling, the structs changed remains
      with the same layout.
      
      This addresses this build warning:
      
        Warning: Kernel ABI header at 'tools/include/uapi/linux/in.h' differs from latest version at 'include/uapi/linux/in.h'
        diff -u tools/include/uapi/linux/in.h include/uapi/linux/in.h
      
      Cc: David S. Miller <davem@davemloft.net>
      Cc: Gustavo A. R. Silva <gustavoars@kernel.org>
      Signed-off-by: default avatarArnaldo Carvalho de Melo <acme@redhat.com>
      ee286c60
    • Ian Rogers's avatar
      perf tools: Add an option to build without libbfd · 0d1c50ac
      Ian Rogers authored
      Some distributions, like debian, don't link perf with libbfd. Add a
      build flag to make this configuration buildable and testable.
      
      This was inspired by:
      
        https://lore.kernel.org/linux-perf-users/20210910102307.2055484-1-tonyg@leastfixedpoint.com/T/#uSigned-off-by: default avatarIan Rogers <irogers@google.com>
      Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
      Cc: Jiri Olsa <jolsa@redhat.com>
      Cc: Mark Rutland <mark.rutland@arm.com>
      Cc: Namhyung Kim <namhyung@kernel.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: tony garnock-jones <tonyg@leastfixedpoint.com>
      Link: http://lore.kernel.org/lkml/20210910225756.729087-1-irogers@google.comSigned-off-by: default avatarArnaldo Carvalho de Melo <acme@redhat.com>
      0d1c50ac
    • Namhyung Kim's avatar
      perf tools: Allow build-id with trailing zeros · 4a86d414
      Namhyung Kim authored
      Currently perf saves a build-id with size but old versions assumes the
      size of 20.  In case the build-id is less than 20 (like for MD5), it'd
      fill the rest with 0s.
      
      I saw a problem when old version of perf record saved a binary in the
      build-id cache and new version of perf reads the data.  The symbols
      should be read from the build-id cache (as the path no longer has the
      same binary) but it failed due to mismatch in the build-id.
      
        symsrc__init: build id mismatch for /home/namhyung/.debug/.build-id/53/e4c2f42a4c61a2d632d92a72afa08f00000000/elf.
      
      The build-id event in the data has 20 byte build-ids, but it saw a
      different size (16) when it reads the build-id of the elf file in the
      build-id cache.
      
        $ readelf -n ~/.debug/.build-id/53/e4c2f42a4c61a2d632d92a72afa08f00000000/elf
      
        Displaying notes found in: .note.gnu.build-id
          Owner                Data size 	Description
          GNU                  0x00000010	NT_GNU_BUILD_ID (unique build ID bitstring)
            Build ID: 53e4c2f42a4c61a2d632d92a72afa08f
      
      Let's fix this by allowing trailing zeros if the size is different.
      
      Fixes: 39be8d01 ("perf tools: Pass build_id object to dso__build_id_equal()")
      Signed-off-by: default avatarNamhyung Kim <namhyung@kernel.org>
      Acked-by: default avatarJiri Olsa <jolsa@redhat.com>
      Cc: Andi Kleen <ak@linux.intel.com>
      Cc: Ian Rogers <irogers@google.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Link: http://lore.kernel.org/lkml/20210910224630.1084877-1-namhyung@kernel.orgSigned-off-by: default avatarArnaldo Carvalho de Melo <acme@redhat.com>
      4a86d414
    • Adrian Hunter's avatar
      perf tools: Fix hybrid config terms list corruption · 99fc5941
      Adrian Hunter authored
      A config terms list was spliced twice, resulting in a never-ending loop
      when the list was traversed. Fix by using list_splice_init() and copying
      and freeing the lists as necessary.
      
      This patch also depends on patch "perf tools: Factor out
      copy_config_terms() and free_config_terms()"
      
      Example on ADL:
      
       Before:
      
        # perf record -e '{intel_pt//,cycles/aux-sample-size=4096/pp}' uname &
        # jobs
        [1]+  Running                    perf record -e "{intel_pt//,cycles/aux-sample-size=4096/pp}" uname
        # perf top -E 10
          PerfTop:    4071 irqs/sec  kernel: 6.9%  exact: 100.0% lost: 0/0 drop: 0/0 [4000Hz cycles],  (all, 24 CPUs)
        ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
      
          97.60%  perf           [.] __evsel__get_config_term
           0.25%  [kernel]       [k] kallsyms_expand_symbol.constprop.13
           0.24%  perf           [.] kallsyms__parse
           0.15%  [kernel]       [k] _raw_spin_lock
           0.14%  [kernel]       [k] number
           0.13%  [kernel]       [k] advance_transaction
           0.08%  [kernel]       [k] format_decode
           0.08%  perf           [.] map__process_kallsym_symbol
           0.08%  perf           [.] rb_insert_color
           0.08%  [kernel]       [k] vsnprintf
        exiting.
        # kill %1
      
      After:
      
        # perf record -e '{intel_pt//,cycles/aux-sample-size=4096/pp}' uname &
        Linux
        [ perf record: Woken up 1 times to write data ]
        [ perf record: Captured and wrote 0.060 MB perf.data ]
        # perf script | head
             perf-exec   604 [001]  1827.312293:                            psb:  psb offs: 0                       ffffffffb8415e87 pt_config_start+0x37 ([kernel.kallsyms])
             perf-exec   604  1827.312293:          1                       branches:  ffffffffb856a3bd event_sched_in.isra.133+0xfd ([kernel.kallsyms]) => ffffffffb856a9a0 perf_pmu_nop_void+0x0 ([kernel.kallsyms])
             perf-exec   604  1827.312293:          1                       branches:  ffffffffb856b10e merge_sched_in+0x26e ([kernel.kallsyms]) => ffffffffb856a2c0 event_sched_in.isra.133+0x0 ([kernel.kallsyms])
             perf-exec   604  1827.312293:          1                       branches:  ffffffffb856a45d event_sched_in.isra.133+0x19d ([kernel.kallsyms]) => ffffffffb8568b80 perf_event_set_state.part.61+0x0 ([kernel.kallsyms])
             perf-exec   604  1827.312293:          1                       branches:  ffffffffb8568b86 perf_event_set_state.part.61+0x6 ([kernel.kallsyms]) => ffffffffb85662a0 perf_event_update_time+0x0 ([kernel.kallsyms])
             perf-exec   604  1827.312293:          1                       branches:  ffffffffb856a35c event_sched_in.isra.133+0x9c ([kernel.kallsyms]) => ffffffffb8567610 perf_log_itrace_start+0x0 ([kernel.kallsyms])
             perf-exec   604  1827.312293:          1                       branches:  ffffffffb856a377 event_sched_in.isra.133+0xb7 ([kernel.kallsyms]) => ffffffffb8403b40 x86_pmu_add+0x0 ([kernel.kallsyms])
             perf-exec   604  1827.312293:          1                       branches:  ffffffffb8403b86 x86_pmu_add+0x46 ([kernel.kallsyms]) => ffffffffb8403940 collect_events+0x0 ([kernel.kallsyms])
             perf-exec   604  1827.312293:          1                       branches:  ffffffffb8403a7b collect_events+0x13b ([kernel.kallsyms]) => ffffffffb8402cd0 collect_event+0x0 ([kernel.kallsyms])
      
      Fixes: 30def61f ("perf parse-events Create two hybrid cache events")
      Fixes: 94da591b ("perf parse-events Create two hybrid raw events")
      Fixes: 9cbfa2f6 ("perf parse-events Create two hybrid hardware events")
      Signed-off-by: default avatarAdrian Hunter <adrian.hunter@intel.com>
      Acked-by: default avatarJiri Olsa <jolsa@redhat.com>
      Cc: Jin Yao <yao.jin@linux.intel.com>
      Cc: Kan Liang <kan.liang@linux.intel.com>
      Link: https //lore.kernel.org/r/20210909125508.28693-3-adrian.hunter@intel.com
      Signed-off-by: default avatarArnaldo Carvalho de Melo <acme@redhat.com>
      99fc5941
    • Adrian Hunter's avatar
      perf tools: Factor out copy_config_terms() and free_config_terms() · a7d212fc
      Adrian Hunter authored
      Factor out copy_config_terms() and free_config_terms() so that they can
      be reused.
      Signed-off-by: default avatarAdrian Hunter <adrian.hunter@intel.com>
      Acked-by: default avatarJiri Olsa <jolsa@redhat.com>
      Cc: Jin Yao <yao.jin@linux.intel.com>
      Cc: Kan Liang <kan.liang@linux.intel.com>
      Link: https //lore.kernel.org/r/20210909125508.28693-2-adrian.hunter@intel.com
      Signed-off-by: default avatarArnaldo Carvalho de Melo <acme@redhat.com>
      a7d212fc
    • Adrian Hunter's avatar
      perf tools: Fix perf_event_attr__fprintf() missing/dupl. fields · eb34363a
      Adrian Hunter authored
      Some fields are missing and text_poke is duplicated. Fix that up.
      Signed-off-by: default avatarAdrian Hunter <adrian.hunter@intel.com>
      Cc: Jiri Olsa <jolsa@redhat.com>
      Link: http://lore.kernel.org/lkml/20210911120550.12203-1-adrian.hunter@intel.comSigned-off-by: default avatarArnaldo Carvalho de Melo <acme@redhat.com>
      eb34363a
    • Ian Rogers's avatar
      perf tools: Ignore Documentation dependency file · da4572d6
      Ian Rogers authored
      When building directly on the checked out repository the build process
      produces a file that should be ignored, so add it to .gitignore.
      
      Fixes: a81df63a ("perf doc: Fix doc.dep")
      Reported-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      Signed-off-by: default avatarIan Rogers <irogers@google.com>
      Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
      Cc: Jiri Olsa <jolsa@redhat.com>
      Cc: Mark Rutland <mark.rutland@arm.com>
      Cc: Namhyung Kim <namhyung@kernel.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Link: http://lore.kernel.org/lkml/20210910232249.739661-1-irogers@google.comSigned-off-by: default avatarArnaldo Carvalho de Melo <acme@redhat.com>
      da4572d6