- 16 Jul, 2019 13 commits
-
-
git://github.com/micah-morton/linuxLinus Torvalds authored
Pull safesetid updates from Micah Morton: "These changes from Jann Horn fix a couple issues in the recently added SafeSetID LSM: - There was a simple logic bug in one of the hooks for the LSM where the code was incorrectly returning early in some cases before all security checks had been passed. - There was a more high level issue with how this LSM gets configured that could allow for a program to bypass the security restrictions by switching to an allowed UID and then again to any other UID on the system if the target UID of the first transition is unconstrained on the system. Luckily this is an easy fix that we now enforce at the time the LSM gets configured. There are also some changes from Jann that make policy updates for this LSM atomic. Kees Cook, Jann and myself have reviewed these changes and they look good from our point of view" * tag 'safesetid-5.3' of git://github.com/micah-morton/linux: LSM: SafeSetID: fix use of literal -1 in capable hook LSM: SafeSetID: verify transitive constrainedness LSM: SafeSetID: add read handler LSM: SafeSetID: rewrite userspace API to atomic updates LSM: SafeSetID: fix userns handling in securityfs LSM: SafeSetID: refactor policy parsing LSM: SafeSetID: refactor safesetid_security_capable() LSM: SafeSetID: refactor policy hash table LSM: SafeSetID: fix check for setresuid(new1, new2, new3) LSM: SafeSetID: fix pr_warn() to include newline
-
git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linuxLinus Torvalds authored
Pull pidfd and clone3 fixes from Christian Brauner: "This contains a bugfix for CLONE_PIDFD when used with the legacy clone syscall, two fixes to ensure that syscall numbering and clone3 entrypoint implementations will stay consistent, and an update for the maintainers file: - The addition of clone3 broke CLONE_PIDFD for legacy clone on all architectures that use do_fork() directly instead of calling the clone syscall itself. (Fwiw, cleaning do_fork() up is on my todo.) The reason this happened was that during conversion of _do_fork() to use struct kernel_clone_args we missed that do_fork() is called directly by various architectures. This is fixed by making sure that the pidfd argument in struct kernel_clone_args is correctly initialized with the parent_tidptr argument passed down from do_fork(). Additionally, do_fork() missed a check to make CLONE_PIDFD and CLONE_PARENT_SETTID mutually exclusive just a clone() does. This is now fixed too. - When clone3() was introduced we skipped architectures that require special handling for fork-like syscalls. Their syscall tables did not contain any mention of clone3(). To make sure that Arnd's work to make syscall numbers on all architectures identical (minus alpha) was not for naught we are placing a comment in all syscall tables that do not yet implement clone3(). The comment makes it clear that 435 is reserved for clone3 and should not be used. - Also, this contains a patch to make the clone3() syscall definition in asm-generic/unist.h conditional on __ARCH_WANT_SYS_CLONE3. This lets us catch new architectures that implicitly make use of clone3 without setting __ARCH_WANT_SYS_CLONE3 which is a good indicator that they did not check whether it needs special treatment or not. - Finally, this contains a patch to add me as maintainer for pidfd stuff so people can start blaming me (more)" * tag 'for-linus-20190715' of git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux: MAINTAINERS: add new entry for pidfd api unistd: protect clone3 via __ARCH_WANT_SYS_CLONE3 arch: mark syscall number 435 reserved for clone3 clone: fix CLONE_PIDFD support
-
Linus Torvalds authored
This fixes two problems reported with the cmdline simplification and cleanup last year: - the setproctitle() special cases didn't quite match the original semantics, and it can be noticeable: https://lore.kernel.org/lkml/alpine.LNX.2.21.1904052326230.3249@kich.toxcorp.com/ - it could leak an uninitialized byte from the temporary buffer under the right (wrong) circustances: https://lore.kernel.org/lkml/20190712160913.17727-1-izbyshev@ispras.ru/ It rewrites the logic entirely, splitting it into two separate commits (and two separate functions) for the two different cases ("unedited cmdline" vs "setproctitle() has been used to change the command line"). * proc-cmdline: /proc/<pid>/cmdline: add back the setproctitle() special case /proc/<pid>/cmdline: remove all the special cases
-
Linus Torvalds authored
This makes the setproctitle() special case very explicit indeed, and handles it with a separate helper function entirely. In the process, it re-instates the original semantics of simply stopping at the first NUL character when the original last NUL character is no longer there. [ The original semantics can still be seen in mm/util.c: get_cmdline() that is limited to a fixed-size buffer ] This makes the logic about when we use the string lengths etc much more obvious, and makes it easier to see what we do and what the two very different cases are. Note that even when we allow walking past the end of the argument array (because the setproctitle() might have overwritten and overflowed the original argv[] strings), we only allow it when it overflows into the environment region if it is immediately adjacent. [ Fixed for missing 'count' checks noted by Alexey Izbyshev ] Link: https://lore.kernel.org/lkml/alpine.LNX.2.21.1904052326230.3249@kich.toxcorp.com/ Fixes: 5ab82718 ("fs/proc: simplify and clarify get_mm_cmdline() function") Cc: Jakub Jankowski <shasta@toxcorp.com> Cc: Alexey Dobriyan <adobriyan@gmail.com> Cc: Alexey Izbyshev <izbyshev@ispras.ru> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Linus Torvalds authored
Start off with a clean slate that only reads exactly from arg_start to arg_end, without any oddities. This simplifies the code and in the process removes the case that caused us to potentially leak an uninitialized byte from the temporary kernel buffer. Note that in order to start from scratch with an understandable base, this simplifies things _too_ much, and removes all the legacy logic to handle setproctitle() having changed the argument strings. We'll add back those special cases very differently in the next commit. Link: https://lore.kernel.org/lkml/20190712160913.17727-1-izbyshev@ispras.ru/ Fixes: f5b65348 ("proc: fix missing final NUL in get_mm_cmdline() rewrite") Cc: Alexey Izbyshev <izbyshev@ispras.ru> Cc: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/lee/backlightLinus Torvalds authored
Pull backlight updates from Lee Jones: "New Functionality: - Provide support for ACPI enumeration; gpio_backlight Fix-ups: - SPDX fixups; pwm_bl - Fix linear brightness levels to include number available; pwm_bl" * tag 'backlight-next-5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/lee/backlight: backlight: pwm_bl: Fix heuristic to determine number of brightness levels backlight: gpio_backlight: Enable ACPI enumeration backlight: pwm_bl: Convert to use SPDX identifier
-
git://git.kernel.dk/linux-blockLinus Torvalds authored
Pull more block updates from Jens Axboe: "A later pull request with some followup items. I had some vacation coming up to the merge window, so certain things items were delayed a bit. This pull request also contains fixes that came in within the last few days of the merge window, which I didn't want to push right before sending you a pull request. This contains: - NVMe pull request, mostly fixes, but also a few minor items on the feature side that were timing constrained (Christoph et al) - Report zones fixes (Damien) - Removal of dead code (Damien) - Turn on cgroup psi memstall (Josef) - block cgroup MAINTAINERS entry (Konstantin) - Flush init fix (Josef) - blk-throttle low iops timing fix (Konstantin) - nbd resize fixes (Mike) - nbd 0 blocksize crash fix (Xiubo) - block integrity error leak fix (Wenwen) - blk-cgroup writeback and priority inheritance fixes (Tejun)" * tag 'for-linus-20190715' of git://git.kernel.dk/linux-block: (42 commits) MAINTAINERS: add entry for block io cgroup null_blk: fixup ->report_zones() for !CONFIG_BLK_DEV_ZONED block: Limit zone array allocation size sd_zbc: Fix report zones buffer allocation block: Kill gfp_t argument of blkdev_report_zones() block: Allow mapping of vmalloc-ed buffers block/bio-integrity: fix a memory leak bug nvme: fix NULL deref for fabrics options nbd: add netlink reconfigure resize support nbd: fix crash when the blksize is zero block: Disable write plugging for zoned block devices block: Fix elevator name declaration block: Remove unused definitions nvme: fix regression upon hot device removal and insertion blk-throttle: fix zero wait time for iops throttled group block: Fix potential overflow in blk_report_zones() blkcg: implement REQ_CGROUP_PUNT blkcg, writeback: Implement wbc_blkcg_css() blkcg, writeback: Add wbc->no_cgroup_owner blkcg, writeback: Rename wbc_account_io() to wbc_account_cgroup_owner() ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linuxLinus Torvalds authored
Pull i2c updates from Wolfram Sang: "New stuff from the I2C world: - in the core, getting irqs from ACPI is now similar to OF - new driver for MediaTek MT7621/7628/7688 SoCs - bcm2835, i801, and tegra drivers got some more attention - GPIO API cleanups - cleanups in the core headers - lots of usual driver updates" * 'i2c/for-5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux: (74 commits) i2c: mt7621: Fix platform_no_drv_owner.cocci warnings i2c: cpm: remove casting dma_alloc dt-bindings: i2c: sun6i-p2wi: Fix the binding example dt-bindings: i2c: mv64xxx: Fix the example compatible i2c: i801: Documentation update i2c: i801: Add support for Intel Tiger Lake i2c: i801: Fix PCI ID sorting dt-bindings: i2c-stm32: document optional dmas i2c: i2c-stm32f7: Add I2C_SMBUS_I2C_BLOCK_DATA support i2c: core: Tidy up handling of init_irq i2c: core: Move ACPI gpio IRQ handling into i2c_acpi_get_irq i2c: core: Move ACPI IRQ handling to probe time i2c: acpi: Factor out getting the IRQ from ACPI i2c: acpi: Use available IRQ helper functions i2c: core: Allow whole core to use i2c_dev_irq_from_resources eeprom: at24: modify a comment referring to platform data dt-bindings: i2c: omap: Add new compatible for J721E SoCs dt-bindings: i2c: mv64xxx: Add YAML schemas dt-bindings: i2c: sun6i-p2wi: Add YAML schemas i2c: mt7621: Add MediaTek MT7621/7628/7688 I2C driver ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/sre/linux-power-supplyLinus Torvalds authored
Pull power supply and reset updates from Sebastian Reichel: "Core: - add HWMON compat layer - new properties: - input power limit - input voltage limit Drivers: - qcom-pon: add gen2 support - new driver for storing reboot move in NVMEM - new driver for Wilco EC charger configuration - simplify getting the adapter of a client" * tag 'for-v5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/sre/linux-power-supply: power: reset: nvmem-reboot-mode: add CONFIG_OF dependency power_supply: wilco_ec: Add charging config driver power: supply: cros: allow to set input voltage and current limit power: supply: add input power and voltage limit properties power: supply: fix semicolon.cocci warnings power: reset: nvmem-reboot-mode: use NVMEM as reboot mode write interface dt-bindings: power: reset: add document for NVMEM based reboot-mode reset: qcom-pon: Add support for gen2 pon dt-bindings: power: reset: qcom: Add qcom,pm8998-pon compatibility line power: supply: Add HWMON compatibility layer power: supply: sbs-manager: simplify getting the adapter of a client power: supply: rt9455_charger: simplify getting the adapter of a client power: supply: rt5033_battery: simplify getting the adapter of a client power: supply: max17042_battery: simplify getting the adapter of a client power: supply: max17040_battery: simplify getting the adapter of a client power: supply: max14656_charger_detector: simplify getting the adapter of a client power: supply: bq25890_charger: simplify getting the adapter of a client power: supply: bq24257_charger: simplify getting the adapter of a client power: supply: bq24190_charger: simplify getting the adapter of a client
-
git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pciLinus Torvalds authored
Pull PCI updates from Bjorn Helgaas: "Enumeration changes: - Evaluate PCI Boot Configuration _DSM to learn if firmware wants us to preserve its resource assignments (Benjamin Herrenschmidt) - Simplify resource distribution (Nicholas Johnson) - Decode 32 GT/s link speed (Gustavo Pimentel) Virtualization: - Fix incorrect caching of VF config space size (Alex Williamson) - Fix VF driver probing sysfs knobs (Alex Williamson) Peer-to-peer DMA: - Fix dma_virt_ops check (Logan Gunthorpe) Altera host bridge driver: - Allow building as module (Ley Foon Tan) Armada 8K host bridge driver: - add PHYs support (Miquel Raynal) DesignWare host bridge driver: - Export APIs to support removable loadable module (Vidya Sagar) - Enable Relaxed Ordering erratum workaround only on Tegra20 & Tegra30 (Vidya Sagar) Hyper-V host bridge driver: - Fix use-after-free in eject (Dexuan Cui) Mobiveil host bridge driver: - Clean up and fix many issues, including non-identify mapped windows, 64-bit windows, multi-MSI, class code, INTx clearing (Hou Zhiqiang) Qualcomm host bridge driver: - Use clk bulk API for 2.4.0 controllers (Bjorn Andersson) - Add QCS404 support (Bjorn Andersson) - Assert PERST for at least 100ms (Niklas Cassel) R-Car host bridge driver: - Add r8a774a1 DT support (Biju Das) Tegra host bridge driver: - Add support for Gen2, opportunistic UpdateFC and ACK (PCIe protocol details) AER, GPIO-based PERST# (Manikanta Maddireddy) - Fix many issues, including power-on failure cases, interrupt masking in suspend, UPHY settings, AFI dynamic clock gating, pending DLL transactions (Manikanta Maddireddy) Xilinx host bridge driver: - Fix NWL Multi-MSI programming (Bharat Kumar Gogada) Endpoint support: - Fix 64bit BAR support (Alan Mikhak) - Fix pcitest build issues (Alan Mikhak, Andy Shevchenko) Bug fixes: - Fix NVIDIA GPU multi-function power dependencies (Abhishek Sahu) - Fix NVIDIA GPU HDA enablement issue (Lukas Wunner) - Ignore lockdep for sysfs "remove" (Marek Vasut) Misc: - Convert docs to reST (Changbin Du, Mauro Carvalho Chehab)" * tag 'pci-v5.3-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci: (107 commits) PCI: Enable NVIDIA HDA controllers tools: PCI: Fix installation when `make tools/pci_install` PCI: dwc: pci-dra7xx: Fix compilation when !CONFIG_GPIOLIB PCI: Fix typos and whitespace errors PCI: mobiveil: Fix INTx interrupt clearing in mobiveil_pcie_isr() PCI: mobiveil: Fix infinite-loop in the INTx handling function PCI: mobiveil: Move PCIe PIO enablement out of inbound window routine PCI: mobiveil: Add upper 32-bit PCI base address setup in inbound window PCI: mobiveil: Add upper 32-bit CPU base address setup in outbound window PCI: mobiveil: Mask out hardcoded bits in inbound/outbound windows setup PCI: mobiveil: Clear the control fields before updating it PCI: mobiveil: Add configured inbound windows counter PCI: mobiveil: Fix the valid check for inbound and outbound windows PCI: mobiveil: Clean-up program_{ib/ob}_windows() PCI: mobiveil: Remove an unnecessary return value check PCI: mobiveil: Fix error return values PCI: mobiveil: Refactor the MEM/IO outbound window initialization PCI: mobiveil: Make some register updates more readable PCI: mobiveil: Reformat the code for readability dt-bindings: PCI: mobiveil: Change gpio_slave and apb_csr to optional ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdmaLinus Torvalds authored
Pull rdma updates from Jason Gunthorpe: "A smaller cycle this time. Notably we see another new driver, 'Soft iWarp', and the deletion of an ancient unused driver for nes. - Revise and simplify the signature offload RDMA MR APIs - More progress on hoisting object allocation boiler plate code out of the drivers - Driver bug fixes and revisions for hns, hfi1, efa, cxgb4, qib, i40iw - Tree wide cleanups: struct_size, put_user_page, xarray, rst doc conversion - Removal of obsolete ib_ucm chardev and nes driver - netlink based discovery of chardevs and autoloading of the modules providing them - Move more of the rdamvt/hfi1 uapi to include/uapi/rdma - New driver 'siw' for software based iWarp running on top of netdev, much like rxe's software RoCE. - mlx5 feature to report events in their raw devx format to userspace - Expose per-object counters through rdma tool - Adaptive interrupt moderation for RDMA (DIM), sharing the DIM core from netdev" * tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma: (194 commits) RMDA/siw: Require a 64 bit arch RDMA/siw: Mark expected switch fall-throughs RDMA/core: Fix -Wunused-const-variable warnings rdma/siw: Remove set but not used variable 's' rdma/siw: Add missing dependencies on LIBCRC32C and DMA_VIRT_OPS RDMA/siw: Add missing rtnl_lock around access to ifa rdma/siw: Use proper enumerated type in map_cqe_status RDMA/siw: Remove unnecessary kthread create/destroy printouts IB/rdmavt: Fix variable shadowing issue in rvt_create_cq RDMA/core: Fix race when resolving IP address RDMA/core: Make rdma_counter.h compile stand alone IB/core: Work on the caller socket net namespace in nldev_newlink() RDMA/rxe: Fill in wc byte_len with IB_WC_RECV_RDMA_WITH_IMM RDMA/mlx5: Set RDMA DIM to be enabled by default RDMA/nldev: Added configuration of RDMA dynamic interrupt moderation to netlink RDMA/core: Provide RDMA DIM support for ULPs linux/dim: Implement RDMA adaptive moderation (DIM) IB/mlx5: Report correctly tag matching rendezvous capability docs: infiniband: add it to the driver-api bookset IB/mlx5: Implement VHCA tunnel mechanism in DEVX ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/lee/mfdLinus Torvalds authored
Pull MFD updates from Lee Jones: "Core Frameworks: - Set 'struct device' fwnode when registering a new device New Drivers: - Add support for ROHM BD70528 PMIC New Device Support: - Add support for LP87561 4-Phase Regulator to TI LP87565 PMIC - Add support for RK809 and RK817 to Rockchip RK808 - Add support for Lid Angle to ChromeOS core - Add support for CS47L15 CODEC to Madera core - Add support for CS47L92 CODEC to Madera core - Add support for ChromeOS (legacy) Accelerometers in ChromeOS core - Add support for Add Intel Elkhart Lake PCH to Intel LPSS New Functionality: - Provide regulator supply information when registering; madera-core - Additional Device Tree support; lp87565, madera, cros-ec, rohm,bd71837-pmic - Allow over-riding power button press via Device Tree; rohm-bd718x7 - Differentiate between running processors; cros_ec_dev Fix-ups: - Big header file update; cros_ec_commands.h - Split header per-subsystem; rohm-bd718x7 - Remove superfluous code; menelaus, cs5535-mfd, cs47lXX-tables - Trivial; sorting, coding style; intel-lpss-pci - Only remove Power Off functionality if set locally; rk808 - Make use for Power Off Prepare(); rk808 - Fix spelling mistake in header guards; stmfx - Properly free IDA resources - SPDX fixups; cs47lXX-tables, madera - Error path fixups; hi655x-pmic Bug Fixes: - Add missing break in case() statement - Repair undefined behaviour when not initialising variables; arizona-core, madera-core - Fix reference to Device Tree documentation; madera" * tag 'mfd-next-5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/lee/mfd: (45 commits) mfd: hi655x-pmic: Fix missing return value check for devm_regmap_init_mmio_clk mfd: madera: Fixup SPDX headers mfd: madera: Remove some unused registers and fix some defaults mfd: intel-lpss: Release IDA resources mfd: intel-lpss: Add Intel Elkhart Lake PCH PCI IDs mfd: cs5535-mfd: Remove ifdef OLPC noise mfd: stmfx: Fix macro definition spelling dt-bindings: mfd: Add link to ROHM BD71847 Datasheet MAINAINERS: Swap words in INTEL PMIC MULTIFUNCTION DEVICE DRIVERS mfd: cros_ec_dev: Register cros_ec_accel_legacy driver as a subdevice mfd: rk808: Prepare rk805 for poweroff mfd: rk808: Check pm_power_off pointer mfd: cros_ec: differentiate SCP from EC by feature bit dt-bindings: Add binding for cros-ec-rpmsg mfd: madera: Add Madera core support for CS47L92 mfd: madera: Add Madera core support for CS47L15 mfd: madera: Update DT bindings to add additional CODECs mfd: madera: Add supply mapping for MICVDD mfd: madera: Fix potential uninitialised use of variable mfd: madera: Fix bad reference to pinctrl.txt file ...
-
git://anongit.freedesktop.org/drm/drmLinus Torvalds authored
Pull drm updates from Dave Airlie: "The biggest thing in this is the AMD Navi GPU support, this again contains a bunch of header files that are large. These are the new AMD RX5700 GPUs that just recently became available. New drivers: - ST-Ericsson MCDE driver - Ingenic JZ47xx SoC UAPI change: - HDR source metadata property Core: - HDR inforframes and EDID parsing - drm hdmi infoframe unpacking - remove prime sg_table caching into dma-buf - New gem vram helpers to reduce driver code - Lots of drmP.h removal - reservation fencing fix - documentation updates - drm_fb_helper_connector removed - mode name command handler rewrite fbcon: - Remove the fbcon notifiers ttm: - forward progress fixes dma-buf: - make mmap call optional - debugfs refcount fixes - dma-fence free with pending signals fix - each dma-buf gets an inode Panels: - Lots of additional panel bindings amdgpu: - initial navi10 support - avoid hw reset - HDR metadata support - new thermal sensors for vega asics - RAS fixes - use HMM rather than MMU notifier - xgmi topology via kfd - SR-IOV fixes - driver reload fixes - DC use a core bpc attribute - Aux fixes for DC - Bandwidth calc updates for DC - Clock handling refactor - kfd VEGAM support vmwgfx: - Coherent memory support changes i915: - HDR Support - HDMI i2c link - Icelake multi-segmented gamma support - GuC firmware update - Mule Creek Canyon PCH support for EHL - EHL platform updtes - move i915.alpha_support to i915.force_probe - runtime PM refactoring - VBT parsing refactoring - DSI fixes - struct mutex dependency reduction - GEM code reorg mali-dp: - Komeda driver features msm: - dsi vs EPROBE_DEFER fixes - msm8998 snapdragon 835 support - a540 gpu support - mdp5 and dpu interconnect support exynos: - drmP.h removal tegra: - misc fixes tda998x: - audio support improvements - pixel repeated mode support - quantisation range handling corrections - HDMI vendor info fix armada: - interlace support fix - overlay/video plane register handling refactor - add gamma support rockchip: - RX3328 support panfrost: - expose perf counters via hidden ioctls vkms: - enumerate CRC sources list ast: - rework BO handling mgag200: - rework BO handling dw-hdmi: - suspend/resume support rcar-du: - R8A774A1 Soc Support - LVDS dual-link mode support - Additional formats - Misc fixes omapdrm: - DSI command mode display support stm - fb modifier support - runtime PM support sun4i: - use vmap ops vc4: - binner bo binding rework v3d: - compute shader support - resync/sync fixes - job management refactoring lima: - NULL pointer in irq handler fix - scheduler default timeout virtio: - fence seqno support - trace events bochs: - misc fixes tc458767: - IRQ/HDP handling sii902x: - HDMI audio support atmel-hlcdc: - misc fixes meson: - zpos support" * tag 'drm-next-2019-07-16' of git://anongit.freedesktop.org/drm/drm: (1815 commits) Revert "Merge branch 'vmwgfx-next' of git://people.freedesktop.org/~thomash/linux into drm-next" Revert "mm: adjust apply_to_pfn_range interface for dropped token." mm: adjust apply_to_pfn_range interface for dropped token. drm/amdgpu/navi10: add uclk activity sensor drm/amdgpu: properly guard the generic discovery code drm/amdgpu: add missing documentation on new module parameters drm/amdgpu: don't invalidate caches in RELEASE_MEM, only do the writeback drm/amd/display: avoid 64-bit division drm/amdgpu/psp11: simplify the ucode register logic drm/amdgpu: properly guard DC support in navi code drm/amd/powerplay: vega20: fix uninitialized variable use drm/amd/display: dcn20: include linux/delay.h amdgpu: make pmu support optional drm/amd/powerplay: Zero initialize current_rpm in vega20_get_fan_speed_percent drm/amd/powerplay: Zero initialize freq in smu_v11_0_get_current_clk_freq drm/amd/powerplay: Use memset to initialize metrics structs drm/amdgpu/mes10.1: Fix header guard drm/amd/powerplay: add temperature sensor support for navi10 drm/amdgpu: fix scheduler timeout calc drm/amdgpu: Prepare for hmm_range_register API change (v2) ...
-
- 15 Jul, 2019 19 commits
-
-
git://people.freedesktop.org/~thomash/linuxDave Airlie authored
This reverts commit 031e610a, reversing changes made to 52d2d44e. The mm changes in there we premature and not fully ack or reviewed by core mm folks, I dropped the ball by merging them via this tree, so lets take em all back out. Signed-off-by: Dave Airlie <airlied@redhat.com>
-
Dave Airlie authored
This reverts commit 6dfc43d3. Going to revert the whole vmwwgfx pull. Signed-off-by: Dave Airlie <airlied@redhat.com>
-
Jann Horn authored
The capable() hook returns an error number. -EPERM is actually the same as -1, so this doesn't make a difference in behavior. Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: Micah Morton <mortonm@chromium.org>
-
Jann Horn authored
Someone might write a ruleset like the following, expecting that it securely constrains UID 1 to UIDs 1, 2 and 3: 1:2 1:3 However, because no constraints are applied to UIDs 2 and 3, an attacker with UID 1 can simply first switch to UID 2, then switch to any UID from there. The secure way to write this ruleset would be: 1:2 1:3 2:2 3:3 , which uses "transition to self" as a way to inhibit the default-allow policy without allowing anything specific. This is somewhat unintuitive. To make sure that policy authors don't accidentally write insecure policies because of this, let the kernel verify that a new ruleset does not contain any entries that are constrained, but transitively unconstrained. Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: Micah Morton <mortonm@chromium.org>
-
Jann Horn authored
For debugging a running system, it is very helpful to be able to see what policy the system is using. Add a read handler that can dump out a copy of the loaded policy. Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: Micah Morton <mortonm@chromium.org>
-
Jann Horn authored
The current API of the SafeSetID LSM uses one write() per rule, and applies each written rule instantly. This has several downsides: - While a policy is being loaded, once a single parent-child pair has been loaded, the parent is restricted to that specific child, even if subsequent rules would allow transitions to other child UIDs. This means that during policy loading, set*uid() can randomly fail. - To replace the policy without rebooting, it is necessary to first flush all old rules. This creates a time window in which no constraints are placed on the use of CAP_SETUID. - If we want to perform sanity checks on the final policy, this requires that the policy isn't constructed in a piecemeal fashion without telling the kernel when it's done. Other kernel APIs - including things like the userns code and netfilter - avoid this problem by performing updates atomically. Luckily, SafeSetID hasn't landed in a stable (upstream) release yet, so maybe it's not too late to completely change the API. The new API for SafeSetID is: If you want to change the policy, open "safesetid/whitelist_policy" and write the entire policy, newline-delimited, in there. Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: Micah Morton <mortonm@chromium.org>
-
Jann Horn authored
Looking at current_cred() in write handlers is bad form, stop doing that. Also, let's just require that the write is coming from the initial user namespace. Especially SAFESETID_WHITELIST_FLUSH requires privilege over all namespaces, and SAFESETID_WHITELIST_ADD should probably require it as well. Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: Micah Morton <mortonm@chromium.org>
-
Jann Horn authored
In preparation for changing the policy parsing logic, refactor the line parsing logic to be less verbose and move it into a separate function. Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: Micah Morton <mortonm@chromium.org>
-
Jann Horn authored
At the moment, safesetid_security_capable() has two nested conditional blocks, and one big comment for all the logic. Chop it up and reduce the amount of indentation. Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: Micah Morton <mortonm@chromium.org>
-
Jann Horn authored
parent_kuid and child_kuid are kuids, there is no reason to make them uint64_t. (And anyway, in the kernel, the normal name for that would be u64, not uint64_t.) check_setuid_policy_hashtable_key() and check_setuid_policy_hashtable_key_value() are basically the same thing, merge them. Also fix the comment that claimed that (1<<8)==128. Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: Micah Morton <mortonm@chromium.org>
-
Jann Horn authored
With the old code, when a process with the (real,effective,saved) UID set (1,1,1) calls setresuid(2,3,4), safesetid_task_fix_setuid() only checks whether the transition 1->2 is permitted; the transitions 1->3 and 1->4 are not checked. Fix this. This is also a good opportunity to refactor safesetid_task_fix_setuid() to be less verbose - having one branch per set*uid() syscall is unnecessary. Note that this slightly changes semantics: The UID transition check for UIDs that were not in the old cred struct is now always performed against the policy of the RUID. I think that's more consistent anyway, since the RUID is also the one that decides whether any policy is enforced at all. Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: Micah Morton <mortonm@chromium.org>
-
Jann Horn authored
Fix the pr_warn() calls in the SafeSetID LSM to have newlines at the end. Without this, denial messages will be buffered as incomplete lines in log_output(), and will then only show up once something else prints into dmesg. Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: Micah Morton <mortonm@chromium.org>
-
Christian Brauner authored
Add me as a maintainer for pidfd stuff so people know who to yell at and to easily keep track of incoming changes. Signed-off-by: Christian Brauner <christian@brauner.io> Link: https://lore.kernel.org/r/20190715003021.25040-1-christian@brauner.io
-
Dave Airlie authored
mm/pgtable: drop pgtable_t variable from pte_fn_t functions drops the token came in via the hmm tree, this caused lots of conflicts, but applying this cleanup patch should reduce it to something easier to handle. Just accept the token is unused at this point. Signed-off-by: Dave Airlie <airlied@redhat.com>
-
git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdmaLinus Torvalds authored
Pull HMM updates from Jason Gunthorpe: "Improvements and bug fixes for the hmm interface in the kernel: - Improve clarity, locking and APIs related to the 'hmm mirror' feature merged last cycle. In linux-next we now see AMDGPU and nouveau to be using this API. - Remove old or transitional hmm APIs. These are hold overs from the past with no users, or APIs that existed only to manage cross tree conflicts. There are still a few more of these cleanups that didn't make the merge window cut off. - Improve some core mm APIs: - export alloc_pages_vma() for driver use - refactor into devm_request_free_mem_region() to manage DEVICE_PRIVATE resource reservations - refactor duplicative driver code into the core dev_pagemap struct - Remove hmm wrappers of improved core mm APIs, instead have drivers use the simplified API directly - Remove DEVICE_PUBLIC - Simplify the kconfig flow for the hmm users and core code" * tag 'for-linus-hmm' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma: (42 commits) mm: don't select MIGRATE_VMA_HELPER from HMM_MIRROR mm: remove the HMM config option mm: sort out the DEVICE_PRIVATE Kconfig mess mm: simplify ZONE_DEVICE page private data mm: remove hmm_devmem_add mm: remove hmm_vma_alloc_locked_page nouveau: use devm_memremap_pages directly nouveau: use alloc_page_vma directly PCI/P2PDMA: use the dev_pagemap internal refcount device-dax: use the dev_pagemap internal refcount memremap: provide an optional internal refcount in struct dev_pagemap memremap: replace the altmap_valid field with a PGMAP_ALTMAP_VALID flag memremap: remove the data field in struct dev_pagemap memremap: add a migrate_to_ram method to struct dev_pagemap_ops memremap: lift the devmap_enable manipulation into devm_memremap_pages memremap: pass a struct dev_pagemap to ->kill and ->cleanup memremap: move dev_pagemap callbacks into a separate structure memremap: validate the pagemap type passed to devm_memremap_pages mm: factor out a devm_request_free_mem_region helper mm: export alloc_pages_vma ...
-
Linus Torvalds authored
Merge tag 'ecryptfs-5.3-rc1-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs Pull eCryptfs updates from Tyler Hicks: - Fix error handling when ecryptfs_read_lower() encounters an error - Fix read-only file creation when the eCryptfs mount is configured to store metadata in xattrs - Minor code cleanups * tag 'ecryptfs-5.3-rc1-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs: ecryptfs: Change return type of ecryptfs_process_flags ecryptfs: Make ecryptfs_xattr_handler static ecryptfs: remove unnessesary null check in ecryptfs_keyring_auth_tok_for_sig ecryptfs: use print_hex_dump_bytes for hexdump eCryptfs: fix permission denied with ecryptfs_xattr mount option when create readonly file ecryptfs: re-order a condition for static checkers eCryptfs: fix a couple type promotion bugs
-
git://git.kernel.org/pub/scm/linux/kernel/git/rw/ubifsLinus Torvalds authored
Pull UBIFS updates from Richard Weinberger: - Support for zstd compression - Support for offline signed filesystems - Various fixes for regressions * tag 'upstream-5.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rw/ubifs: ubifs: Don't leak orphans on memory during commit ubifs: Check link count of inodes when killing orphans. ubifs: Add support for zstd compression. ubifs: support offline signed images ubifs: remove unnecessary check in ubifs_log_start_commit ubifs: Fix typo of output in get_cs_sqnum ubifs: Simplify redundant code ubifs: Correctly use tnc_next() in search_dh_cookie()
-
git://git.kernel.org/pub/scm/linux/kernel/git/rw/umlLinus Torvalds authored
Pull UML updates from Richard Weinberger: - A new timer mode, time travel, for testing with UML - Many bugixes/improvements for the serial line driver - Various bugfixes * tag 'for-linus-5.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rw/uml: um: fix build without CONFIG_UML_TIME_TRAVEL_SUPPORT um: Fix kcov crash during startup um: configs: Remove useless UEVENT_HELPER_PATH um: Support time travel mode um: Pass nsecs to os timer functions um: Remove drivers/ssl.h um: Don't garbage collect in deactivate_all_fds() um: Silence lockdep complaint about mmap_sem um: Remove locking in deactivate_all_fds() um: Timer code cleanup um: fix os_timer_one_shot() um: Fix IRQ controller regression on console read
-
https://lab.nexedi.com/kirr/linuxLinus Torvalds authored
Pull stream_open() updates from Kirill Smelkov: "This time on stream_open front it is only two small changes: - the first one converts stream_open.cocci to treat all functions that start with wait_.* as blocking. Previously it was only wait_event_.* functions that were considered as blocking, but this was falsely reporting several deadlock cases as only warning. This was picked by linux-kbuild and entered mainline as commit 0c4ab18f ("coccinelle: api/stream_open: treat all wait_.*() calls as blocking"), and already merged earlier. - the second one teaches stream_open.cocci to consider files as being stream-like even if they use noop_llseek. It results in two more drivers being converted to stream_open() (mousedev.c and hid-sensor-custom.c)" * tag 'stream_open-5.3' of https://lab.nexedi.com/kirr/linux: *: convert stream-like files -> stream_open, even if they use noop_llseek
-
- 14 Jul, 2019 8 commits
-
-
git://git.infradead.org/linux-platform-drivers-x86Linus Torvalds authored
Pull x86 platform driver updates from Andy Shevchenko: "Gathered a bunch of x86 platform driver changes. It's rather big, since includes two big refactors and completely new driver: - ASUS WMI driver got a big refactoring in order to support the TUF Gaming laptops. Besides that, the regression with backlight being permanently off on various EeePC laptops has been fixed. - Accelerometer on HP ProBook 450 G0 shows wrong measurements due to X axis being inverted. This has been fixed. - Intel PMC core driver has been extended to be ACPI enumerated if the DSDT provides device with _HID "INT33A1". This allows to convert the driver to be pure platform and support new hardware purely based on ACPI DSDT. - From now on the Intel Speed Select Technology is supported thru a corresponding driver. This driver provides an access to the features of the ISST, such as Performance Profile, Core Power, Base frequency and Turbo Frequency. - Mellanox platform drivers has been refactored and now extended to support more systems, including new coming ones. - The OLPC XO-1.75 platform is now supported. - CB4063 Beckhoff Automation board is using PMC clocks, provided via pmc_atom driver, for ethernet controllers in a way that they can't be managed by the clock driver. The quirk has been extended to cover this case. - Touchscreen on Chuwi Hi10 Plus tablet has been enabled. Meanwhile the information of Chuwi Hi10 Air has been fixed to cover more models based on the same platform. - Xiaomi notebooks have WMI interface enabled. Thus, the driver to support it has been provided. It required some extension of the generic WMI library, which allows to propagate opaque context to the ->probe() of the individual drivers. This release includes debugfs clean up from Greg KH for several drivers that drop return code check and make debugfs absence or failure non-fatal. Also miscellaneous fixes here and there, mostly for Acer WMI and various Intel drivers" * tag 'platform-drivers-x86-v5.3-1' of git://git.infradead.org/linux-platform-drivers-x86: (74 commits) platform/x86: Fix PCENGINES_APU2 Kconfig warning tools/power/x86/intel-speed-select: Add .gitignore file platform/x86: mlx-platform: Fix error handling in mlxplat_init() platform/x86: intel_pmc_core: Attach using APCI HID "INT33A1" platform/x86: intel_pmc_core: transform Pkg C-state residency from TSC ticks into microseconds platform/x86: asus-wmi: Use dev_get_drvdata() Documentation/ABI: Add new attribute for mlxreg-io sysfs interfaces platform/x86: mlx-platform: Add more reset cause attributes platform/x86: mlx-platform: Modify DMI matching order platform/x86: mlx-platform: Add regmap structure for the next generation systems platform/x86: mlx-platform: Change API for i2c-mlxcpld driver activation platform/x86: mlx-platform: Move regmap initialization before all drivers activation MAINTAINERS: Update for Intel Speed Select Technology tools/power/x86: A tool to validate Intel Speed Select commands platform/x86: ISST: Restore state on resume platform/x86: ISST: Add Intel Speed Select PUNIT MSR interface platform/x86: ISST: Add Intel Speed Select mailbox interface via MSRs platform/x86: ISST: Add Intel Speed Select mailbox interface via PCI platform/x86: ISST: Add Intel Speed Select mmio interface platform/x86: ISST: Add IOCTL to Translate Linux logical CPU to PUNIT CPU number ...
-
git://git.linaro.org/landing-teams/working/fujitsu/integrationLinus Torvalds authored
Pull mailbox updates from Jassi Brar: - stm32: race fix by adding a spinlock - mhu: trim included headers - omap: add support for K3 SoCs - imx: Irq disable fix - bcm: tidy up extracting driver data - tegra: make resume 'noirq' - api: fix error handling * tag 'mailbox-v5.3' of git://git.linaro.org/landing-teams/working/fujitsu/integration: mailbox: handle failed named mailbox channel request mailbox: tegra: avoid resume NULL mailboxes mailbox: tegra: hsp: add noirq resume mailbox: bcm-flexrm-mailbox: using dev_get_drvdata directly mailbox: imx: Clear GIEn bit at shutdown mailbox: omap: Add support for TI K3 SoCs dt-bindings: mailbox: omap: Update bindings for TI K3 SoCs mailbox: arm_mhu: reorder header inclusion and drop unneeded ones mailbox: stm32_ipcc: add spinlock to fix channels concurrent access
-
git://git.kernel.org/pub/scm/linux/kernel/git/dennis/percpuLinus Torvalds authored
Pull percpu updates from Dennis Zhou: "This includes changes to let percpu_ref release the backing percpu memory earlier after it has been switched to atomic in cases where the percpu ref is not revived. This will help recycle percpu memory earlier in cases where the refcounts are pinned for prolonged periods of time" * 'for-5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/dennis/percpu: percpu_ref: release percpu memory early without PERCPU_REF_ALLOW_REINIT md: initialize percpu refcounters using PERCU_REF_ALLOW_REINIT io_uring: initialize percpu refcounters using PERCU_REF_ALLOW_REINIT percpu_ref: introduce PERCPU_REF_ALLOW_REINIT flag
-
Christian Brauner authored
This lets us catch new architectures that implicitly make use of clone3 without setting __ARCH_WANT_SYS_CLONE3. Failing on missing __ARCH_WANT_SYS_CLONE3 is a good indicator that they either did not really want this syscall or haven't really thought about whether it needs special treatment and just accidently included it in their entrypoints by e.g. generating their syscall table automatically via asm-generic/unistd.h This patch has been compile-tested for the h8300 architecture which is one of the architectures that does not yet implement clone3 and generates its syscall table via asm-generic/unistd.h. Signed-off-by: Christian Brauner <christian@brauner.io> Suggested-by: Arnd Bergmann <arnd@arndb.de> Link: https://lore.kernel.org/r/20190714192205.27190-3-christian@brauner.ioReviewed-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Christian Brauner <christian@brauner.io>
-
Christian Brauner authored
A while ago Arnd made it possible to give new system calls the same syscall number on all architectures (except alpha). To not break this nice new feature let's mark 435 for clone3 as reserved on all architectures that do not yet implement it. Even if an architecture does not plan to implement it this ensures that new system calls coming after clone3 will have the same number on all architectures. Signed-off-by: Christian Brauner <christian@brauner.io> Cc: linux-arch@vger.kernel.org Cc: linux-alpha@vger.kernel.org Cc: linux-kernel@vger.kernel.org Cc: linux-ia64@vger.kernel.org Cc: linux-m68k@lists.linux-m68k.org Cc: linux-mips@vger.kernel.org Cc: linux-parisc@vger.kernel.org Cc: linuxppc-dev@lists.ozlabs.org Cc: linux-s390@vger.kernel.org Cc: linux-sh@vger.kernel.org Cc: sparclinux@vger.kernel.org Link: https://lore.kernel.org/r/20190714192205.27190-2-christian@brauner.ioReviewed-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Christian Brauner <christian@brauner.io>
-
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tipLinus Torvalds authored
Pull perf fixes from Ingo Molnar: "A number of PMU driver corner case fixes, a race fix, an event grouping fix, plus a bunch of tooling fixes/updates" * 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (30 commits) perf/x86/intel: Fix spurious NMI on fixed counter perf/core: Fix exclusive events' grouping perf/x86/amd/uncore: Set the thread mask for F17h L3 PMCs perf/x86/amd/uncore: Do not set 'ThreadMask' and 'SliceMask' for non-L3 PMCs perf/core: Fix race between close() and fork() perf intel-pt: Fix potential NULL pointer dereference found by the smatch tool perf intel-bts: Fix potential NULL pointer dereference found by the smatch tool perf script: Assume native_arch for pipe mode perf scripts python: export-to-sqlite.py: Fix DROP VIEW power_events_view perf scripts python: export-to-postgresql.py: Fix DROP VIEW power_events_view perf hists browser: Fix potential NULL pointer dereference found by the smatch tool perf cs-etm: Fix potential NULL pointer dereference found by the smatch tool perf parse-events: Remove unused variable: error perf parse-events: Remove unused variable 'i' perf metricgroup: Add missing list_del_init() when flushing egroups list perf tools: Use list_del_init() more thorougly perf tools: Use zfree() where applicable tools lib: Adopt zalloc()/zfree() from tools/perf perf tools: Move get_current_dir_name() cond prototype out of util.h perf namespaces: Move the conditional setns() prototype to namespaces.h ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tipLinus Torvalds authored
Pull locking fix from Ingo Molnar: "A single fix for a locking statistics bug" * 'locking-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: locking/lockdep: Fix lock used or unused stats error
-
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tipLinus Torvalds authored
Pull x86 fix from Ingo Molnar: "A single build system bugfix" * 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/vdso: Fix flip/flop vdso build bug
-