mirror of
https://github.com/torvalds/linux.git
synced 2026-06-08 06:25:52 +02:00
fa7ff12724
6615 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Eric Biggers
|
b60858fe82 |
Merge remote-tracking branch 'aosp/upstream-f2fs-stable-linux-4.19.y' into android-4.19
* aosp/upstream-f2fs-stable-linux-4.19.y:
fs-verity: use u64_to_user_ptr()
fs-verity: use mempool for hash requests
fs-verity: implement readahead of Merkle tree pages
fs-verity: implement readahead for FS_IOC_ENABLE_VERITY
fscrypt: improve format of no-key names
ubifs: allow both hash and disk name to be provided in no-key names
ubifs: don't trigger assertion on invalid no-key filename
fscrypt: clarify what is meant by a per-file key
fscrypt: derive dirhash key for casefolded directories
fscrypt: don't allow v1 policies with casefolding
fscrypt: add "fscrypt_" prefix to fname_encrypt()
fscrypt: don't print name of busy file when removing key
fscrypt: document gfp_flags for bounce page allocation
fscrypt: optimize fscrypt_zeroout_range()
fscrypt: remove redundant bi_status check
fscrypt: Allow modular crypto algorithms
fscrypt: include <linux/ioctl.h> in UAPI header
fscrypt: don't check for ENOKEY from fscrypt_get_encryption_info()
fscrypt: remove fscrypt_is_direct_key_policy()
fscrypt: move fscrypt_valid_enc_modes() to policy.c
fscrypt: check for appropriate use of DIRECT_KEY flag earlier
fscrypt: split up fscrypt_supported_policy() by policy version
fscrypt: introduce fscrypt_needs_contents_encryption()
fscrypt: move fscrypt_d_revalidate() to fname.c
fscrypt: constify inode parameter to filename encryption functions
fscrypt: constify struct fscrypt_hkdf parameter to fscrypt_hkdf_expand()
fscrypt: verify that the crypto_skcipher has the correct ivsize
fscrypt: use crypto_skcipher_driver_name()
fscrypt: support passing a keyring key to FS_IOC_ADD_ENCRYPTION_KEY
keys: Export lookup_user_key to external users
Conflicts:
fs/crypto/Kconfig
fs/crypto/bio.c
fs/crypto/fname.c
fs/crypto/fscrypt_private.h
fs/crypto/keyring.c
fs/crypto/keysetup.c
fs/ubifs/dir.c
include/uapi/linux/fscrypt.h
Resolved the conflicts as per the corresponding android-mainline change,
Ib1e6b9eda8fb5dcfc6bdc8fa89d93f72b088c5f6.
Bug: 148667616
Change-Id: I5f8b846f0cd4d5403d8c61b9e12acb4581fac6f7
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
||
|
Andy Lutomirski
|
50297eab41 |
UPSTREAM: random: ignore GRND_RANDOM in getentropy(2)
The separate blocking pool is going away. Start by ignoring
GRND_RANDOM in getentropy(2).
This should not materially break any API. Any code that worked
without this change should work at least as well with this change.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Link: https://lore.kernel.org/r/705c5a091b63cc5da70c99304bb97e0109be0a26.1577088521.git.luto@kernel.org
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
(cherry picked from commit
|
||
|
Andy Lutomirski
|
42e5d00a9f |
UPSTREAM: random: add GRND_INSECURE to return best-effort non-cryptographic bytes
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Link: https://lore.kernel.org/r/d5473b56cf1fa900ca4bd2b3fc1e5b8874399919.1577088521.git.luto@kernel.org
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
(cherry picked from commit
|
||
|
Eric Biggers
|
6f39a6b4de |
fscrypt: include <linux/ioctl.h> in UAPI header
<linux/fscrypt.h> defines ioctl numbers using the macros like _IOWR() which are defined in <linux/ioctl.h>, so <linux/ioctl.h> should be included as a prerequisite, like it is in many other kernel headers. In practice this doesn't really matter since anyone referencing these ioctl numbers will almost certainly include <sys/ioctl.h> too in order to actually call ioctl(). But we might as well fix this. Link: https://lore.kernel.org/r/20191219185624.21251-1-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
|
Eric Biggers
|
36500bffb9 |
fscrypt: support passing a keyring key to FS_IOC_ADD_ENCRYPTION_KEY
Extend the FS_IOC_ADD_ENCRYPTION_KEY ioctl to allow the raw key to be specified by a Linux keyring key, rather than specified directly. This is useful because fscrypt keys belong to a particular filesystem instance, so they are destroyed when that filesystem is unmounted. Usually this is desired. But in some cases, userspace may need to unmount and re-mount the filesystem while keeping the keys, e.g. during a system update. This requires keeping the keys somewhere else too. The keys could be kept in memory in a userspace daemon. But depending on the security architecture and assumptions, it can be preferable to keep them only in kernel memory, where they are unreadable by userspace. We also can't solve this by going back to the original fscrypt API (where for each file, the master key was looked up in the process's keyring hierarchy) because that caused lots of problems of its own. Therefore, add the ability for FS_IOC_ADD_ENCRYPTION_KEY to accept a Linux keyring key. This solves the problem by allowing userspace to (if needed) save the keys securely in a Linux keyring for re-provisioning, while still using the new fscrypt key management ioctls. This is analogous to how dm-crypt accepts a Linux keyring key, but the key is then stored internally in the dm-crypt data structures rather than being looked up again each time the dm-crypt device is accessed. Use a custom key type "fscrypt-provisioning" rather than one of the existing key types such as "logon". This is strongly desired because it enforces that these keys are only usable for a particular purpose: for fscrypt as input to a particular KDF. Otherwise, the keys could also be passed to any kernel API that accepts a "logon" key with any service prefix, e.g. dm-crypt, UBIFS, or (recently proposed) AF_ALG. This would risk leaking information about the raw key despite it ostensibly being unreadable. Of course, this mistake has already been made for multiple kernel APIs; but since this is a new API, let's do it right. This patch has been tested using an xfstest which I wrote to test it. Link: https://lore.kernel.org/r/20191119222447.226853-1-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
|
Paul Lawrence
|
480dc0f02a |
ANDROID: Incremental fs: Remove C++-style comments
Change-Id: I89e1dc6020e596fb36694f8646f78b98f7ad4a7f Bug: 133435829 Signed-off-by: Paul Lawrence <paullawrence@google.com> |
||
|
Patrick Bellasi
|
e6056b2a5b |
UPSTREAM: sched/uclamp: Extend sched_setattr() to support utilization clamping
The SCHED_DEADLINE scheduling class provides an advanced and formal
model to define tasks requirements that can translate into proper
decisions for both task placements and frequencies selections. Other
classes have a more simplified model based on the POSIX concept of
priorities.
Such a simple priority based model however does not allow to exploit
most advanced features of the Linux scheduler like, for example, driving
frequencies selection via the schedutil cpufreq governor. However, also
for non SCHED_DEADLINE tasks, it's still interesting to define tasks
properties to support scheduler decisions.
Utilization clamping exposes to user-space a new set of per-task
attributes the scheduler can use as hints about the expected/required
utilization for a task. This allows to implement a "proactive" per-task
frequency control policy, a more advanced policy than the current one
based just on "passive" measured task utilization. For example, it's
possible to boost interactive tasks (e.g. to get better performance) or
cap background tasks (e.g. to be more energy/thermal efficient).
Introduce a new API to set utilization clamping values for a specified
task by extending sched_setattr(), a syscall which already allows to
define task specific properties for different scheduling classes. A new
pair of attributes allows to specify a minimum and maximum utilization
the scheduler can consider for a task.
Do that by validating the required clamp values before and then applying
the required changes using _the_ same pattern already in use for
__setscheduler(). This ensures that the task is re-enqueued with the new
clamp values.
Bug: 120440300
Signed-off-by: Patrick Bellasi <patrick.bellasi@arm.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Alessio Balsini <balsini@android.com>
Cc: Dietmar Eggemann <dietmar.eggemann@arm.com>
Cc: Joel Fernandes <joelaf@google.com>
Cc: Juri Lelli <juri.lelli@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Morten Rasmussen <morten.rasmussen@arm.com>
Cc: Paul Turner <pjt@google.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Quentin Perret <quentin.perret@arm.com>
Cc: Rafael J . Wysocki <rafael.j.wysocki@intel.com>
Cc: Steve Muckle <smuckle@google.com>
Cc: Suren Baghdasaryan <surenb@google.com>
Cc: Tejun Heo <tj@kernel.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Todd Kjos <tkjos@google.com>
Cc: Vincent Guittot <vincent.guittot@linaro.org>
Cc: Viresh Kumar <viresh.kumar@linaro.org>
Link: https://lkml.kernel.org/r/20190621084217.8167-7-patrick.bellasi@arm.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
(cherry picked from commit
|
||
|
Patrick Bellasi
|
258e6b82dd |
UPSTREAM: sched/core: Allow sched_setattr() to use the current policy
The sched_setattr() syscall mandates that a policy is always specified.
This requires to always know which policy a task will have when
attributes are configured and this makes it impossible to add more
generic task attributes valid across different scheduling policies.
Reading the policy before setting generic tasks attributes is racy since
we cannot be sure it is not changed concurrently.
Introduce the required support to change generic task attributes without
affecting the current task policy. This is done by adding an attribute flag
(SCHED_FLAG_KEEP_POLICY) to enforce the usage of the current policy.
Add support for the SETPARAM_POLICY policy, which is already used by the
sched_setparam() POSIX syscall, to the sched_setattr() non-POSIX
syscall.
Bug: 120440300
Signed-off-by: Patrick Bellasi <patrick.bellasi@arm.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Alessio Balsini <balsini@android.com>
Cc: Dietmar Eggemann <dietmar.eggemann@arm.com>
Cc: Joel Fernandes <joelaf@google.com>
Cc: Juri Lelli <juri.lelli@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Morten Rasmussen <morten.rasmussen@arm.com>
Cc: Paul Turner <pjt@google.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Quentin Perret <quentin.perret@arm.com>
Cc: Rafael J . Wysocki <rafael.j.wysocki@intel.com>
Cc: Steve Muckle <smuckle@google.com>
Cc: Suren Baghdasaryan <surenb@google.com>
Cc: Tejun Heo <tj@kernel.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Todd Kjos <tkjos@google.com>
Cc: Vincent Guittot <vincent.guittot@linaro.org>
Cc: Viresh Kumar <viresh.kumar@linaro.org>
Link: https://lkml.kernel.org/r/20190621084217.8167-6-patrick.bellasi@arm.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
(cherry picked from commit
|
||
|
Eugene Zemtsov
|
040942fc50 |
ANDROID: Initial commit of Incremental FS
Fully working incremental fs filesystem Signed-off-by: Eugene Zemtsov <ezemtsov@google.com> Signed-off-by: Paul Lawrence <paullawrence@google.com> Bug: 133435829 Change-Id: I14741a61ce7891a0f9054e70f026917712cbef78 |
||
|
David Howells
|
eee57fc3f6 |
UPSTREAM: UAPI: ndctl: Remove use of PAGE_SIZE
The macro PAGE_SIZE isn't valid outside of the kernel, so it should not appear in UAPI headers. Furthermore, the actual machine page size could theoretically change from an application's point of view if it's running in a container that gets migrated to another machine (say 4K/ppc64 to 64K/ppc64). Fixes: |
||
|
Greg Kroah-Hartman
|
1fca2c99f4 |
This is the 4.19.99 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl4u6tsACgkQONu9yGCS aT693A//TExeDRnNnf+2v4TJorylyRr17BMxk/Ie2L5E6d2n/RWodsrOThAPU9tx 5alNUkXCT8Jd31BUVnUoPoAQ4zSymSVi++XEf05wDeO0tQ982IESGaLmu9EC1uMF nnM5y4IdRYmFI1Zji4h5vRJckoYUlB6Mdg4BgMr4Q1KX7RkZYfe6bjs7DwM/uyMx jVXdFaQBD1H6F5W6A+GmgUZ36g9uNqzcBxxWwv5URj+q816NdI4bsxIJMF0v0WC+ S54fmpS07QWIYKKsQBUepeSgEF4ECESOE2VoF1ICcnfakdPnDBmNgyPJPSrLmVf+ itRUxoH1MewaOvoJrv+xsGBPmM29LcKH2oBmj5DR2Xstp7ACPs+OtXJEU9dUTDN4 NhaSts5fIp0f4Y5mMn508pDUwYDAWDt99ZJWdx6aK/TRyUsHBgpxBQDt37BE3U5W PCBnObNe2b2KDAsVXLjX5iDYoA0+usFreveMo8uEP+ohfh0ANvJlRkzedYw7NquI ZCcT+I1P9q8aa0528tR332VLrQeYg+kG6LVi2kAabmRA/VtEsT0w90MY/eo2vuTU WlPmbs2yerv2HTm050e6MOgBZfPh7wP/FpbjsSXufj7EDywlfxF+1hXdwfrpPJeN fN3g0kepeUp7+kLzO40FLam/z5ndjAUhyN2SBaPzGsXjMkZdETk= =zvlh -----END PGP SIGNATURE----- Merge 4.19.99 into android-4.19 Changes in 4.19.99 Revert "efi: Fix debugobjects warning on 'efi_rts_work'" xfs: Sanity check flags of Q_XQUOTARM call i2c: stm32f7: rework slave_id allocation i2c: i2c-stm32f7: fix 10-bits check in slave free id search loop mfd: intel-lpss: Add default I2C device properties for Gemini Lake SUNRPC: Fix svcauth_gss_proxy_init() powerpc/pseries: Enable support for ibm,drc-info property powerpc/archrandom: fix arch_get_random_seed_int() tipc: update mon's self addr when node addr generated tipc: fix wrong timeout input for tipc_wait_for_cond() mt7601u: fix bbp version check in mt7601u_wait_bbp_ready crypto: sun4i-ss - fix big endian issues perf map: No need to adjust the long name of modules soc: aspeed: Fix snoop_file_poll()'s return type watchdog: sprd: Fix the incorrect pointer getting from driver data ipmi: Fix memory leak in __ipmi_bmc_register drm/sti: do not remove the drm_bridge that was never added ARM: dts: at91: nattis: set the PRLUD and HIPOW signals low ARM: dts: at91: nattis: make the SD-card slot work ixgbe: don't clear IPsec sa counters on HW clearing drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() iio: fix position relative kernel version apparmor: Fix network performance issue in aa_label_sk_perm ALSA: hda: fix unused variable warning apparmor: don't try to replace stale label in ptrace access check ARM: qcom_defconfig: Enable MAILBOX firmware: coreboot: Let OF core populate platform device PCI: iproc: Remove PAXC slot check to allow VF support bridge: br_arp_nd_proxy: set icmp6_router if neigh has NTF_ROUTER drm/hisilicon: hibmc: Don't overwrite fb helper surface depth signal/ia64: Use the generic force_sigsegv in setup_frame signal/ia64: Use the force_sig(SIGSEGV,...) in ia64_rt_sigreturn ASoC: wm9712: fix unused variable warning mailbox: mediatek: Add check for possible failure of kzalloc IB/rxe: replace kvfree with vfree IB/hfi1: Add mtu check for operational data VLs genirq/debugfs: Reinstate full OF path for domain name usb: dwc3: add EXTCON dependency for qcom usb: gadget: fsl_udc_core: check allocation return value and cleanup on failure cfg80211: regulatory: make initialization more robust mei: replace POLL* with EPOLL* for write queues. drm/msm: fix unsigned comparison with less than zero of: Fix property name in of_node_get_device_type ALSA: usb-audio: update quirk for B&W PX to remove microphone iwlwifi: nvm: get num of hw addresses from firmware staging: comedi: ni_mio_common: protect register write overflow netfilter: nft_osf: usage from output path is not valid pwm: lpss: Release runtime-pm reference from the driver's remove callback powerpc/pseries/memory-hotplug: Fix return value type of find_aa_index rtlwifi: rtl8821ae: replace _rtl8821ae_mrate_idx_to_arfr_id with generic version RDMA/bnxt_re: Add missing spin lock initialization netfilter: nf_flow_table: do not remove offload when other netns's interface is down powerpc/kgdb: add kgdb_arch_set/remove_breakpoint() tipc: eliminate message disordering during binding table update net: socionext: Add dummy PHY register read in phy_write() drm/sun4i: hdmi: Fix double flag assignation net: hns3: add error handler for hns3_nic_init_vector_data() mlxsw: reg: QEEC: Add minimum shaper fields mlxsw: spectrum: Set minimum shaper on MC TCs NTB: ntb_hw_idt: replace IS_ERR_OR_NULL with regular NULL checks ASoC: wm97xx: fix uninitialized regmap pointer problem ARM: dts: bcm283x: Correct mailbox register sizes pcrypt: use format specifier in kobject_add ASoC: sun8i-codec: add missing route for ADC pinctrl: meson-gxl: remove invalid GPIOX tsin_a pins bus: ti-sysc: Add mcasp optional clocks flag exportfs: fix 'passing zero to ERR_PTR()' warning drm: rcar-du: Fix the return value in case of error in 'rcar_du_crtc_set_crc_source()' drm: rcar-du: Fix vblank initialization net: always initialize pagedlen drm/dp_mst: Skip validating ports during destruction, just ref arm64: dts: meson-gx: Add hdmi_5v regulator as hdmi tx supply arm64: dts: renesas: r8a7795-es1: Add missing power domains to IPMMU nodes net: phy: Fix not to call phy_resume() if PHY is not attached IB/hfi1: Correctly process FECN and BECN in packets OPP: Fix missing debugfs supply directory for OPPs IB/rxe: Fix incorrect cache cleanup in error flow mailbox: ti-msgmgr: Off by one in ti_msgmgr_of_xlate() staging: bcm2835-camera: Abort probe if there is no camera staging: bcm2835-camera: fix module autoloading switchtec: Remove immediate status check after submitting MRPC command ipv6: add missing tx timestamping on IPPROTO_RAW pinctrl: sh-pfc: r8a7740: Add missing REF125CK pin to gether_gmii group pinctrl: sh-pfc: r8a7740: Add missing LCD0 marks to lcd0_data24_1 group pinctrl: sh-pfc: r8a7791: Remove bogus ctrl marks from qspi_data4_b group pinctrl: sh-pfc: r8a7791: Remove bogus marks from vin1_b_data18 group pinctrl: sh-pfc: sh73a0: Add missing TO pin to tpu4_to3 group pinctrl: sh-pfc: r8a7794: Remove bogus IPSR9 field pinctrl: sh-pfc: r8a77970: Add missing MOD_SEL0 field pinctrl: sh-pfc: r8a77980: Add missing MOD_SEL0 field pinctrl: sh-pfc: sh7734: Add missing IPSR11 field pinctrl: sh-pfc: r8a77995: Remove bogus SEL_PWM[0-3]_3 configurations pinctrl: sh-pfc: sh7269: Add missing PCIOR0 field pinctrl: sh-pfc: sh7734: Remove bogus IPSR10 value net: hns3: fix error handling int the hns3_get_vector_ring_chain vxlan: changelink: Fix handling of default remotes Input: nomadik-ske-keypad - fix a loop timeout test fork,memcg: fix crash in free_thread_stack on memcg charge fail clk: highbank: fix refcount leak in hb_clk_init() clk: qoriq: fix refcount leak in clockgen_init() clk: ti: fix refcount leak in ti_dt_clocks_register() clk: socfpga: fix refcount leak clk: samsung: exynos4: fix refcount leak in exynos4_get_xom() clk: imx6q: fix refcount leak in imx6q_clocks_init() clk: imx6sx: fix refcount leak in imx6sx_clocks_init() clk: imx7d: fix refcount leak in imx7d_clocks_init() clk: vf610: fix refcount leak in vf610_clocks_init() clk: armada-370: fix refcount leak in a370_clk_init() clk: kirkwood: fix refcount leak in kirkwood_clk_init() clk: armada-xp: fix refcount leak in axp_clk_init() clk: mv98dx3236: fix refcount leak in mv98dx3236_clk_init() clk: dove: fix refcount leak in dove_clk_init() MIPS: BCM63XX: drop unused and broken DSP platform device arm64: defconfig: Re-enable bcm2835-thermal driver remoteproc: qcom: q6v5-mss: Add missing clocks for MSM8996 remoteproc: qcom: q6v5-mss: Add missing regulator for MSM8996 drm: Fix error handling in drm_legacy_addctx ARM: dts: r8a7743: Remove generic compatible string from iic3 drm/etnaviv: fix some off by one bugs drm/fb-helper: generic: Fix setup error path fork, memcg: fix cached_stacks case IB/usnic: Fix out of bounds index check in query pkey RDMA/ocrdma: Fix out of bounds index check in query pkey RDMA/qedr: Fix out of bounds index check in query pkey drm/shmob: Fix return value check in shmob_drm_probe arm64: dts: apq8016-sbc: Increase load on l11 for SDCARD spi: cadence: Correct initialisation of runtime PM RDMA/iw_cxgb4: Fix the unchecked ep dereference net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ9031 memory: tegra: Don't invoke Tegra30+ specific memory timing setup on Tegra20 drm/etnaviv: NULL vs IS_ERR() buf in etnaviv_core_dump() media: s5p-jpeg: Correct step and max values for V4L2_CID_JPEG_RESTART_INTERVAL kbuild: mark prepare0 as PHONY to fix external module build crypto: brcm - Fix some set-but-not-used warning crypto: tgr192 - fix unaligned memory access ASoC: imx-sgtl5000: put of nodes if finding codec fails IB/iser: Pass the correct number of entries for dma mapped SGL net: hns3: fix wrong combined count returned by ethtool -l media: tw9910: Unregister subdevice with v4l2-async IB/mlx5: Don't override existing ip_protocol rtc: cmos: ignore bogus century byte spi/topcliff_pch: Fix potential NULL dereference on allocation error net: hns3: fix bug of ethtool_ops.get_channels for VF ARM: dts: sun8i-a23-a33: Move NAND controller device node to sort by address clk: sunxi-ng: sun8i-a23: Enable PLL-MIPI LDOs when ungating it iwlwifi: mvm: avoid possible access out of array. net/mlx5: Take lock with IRQs disabled to avoid deadlock ip_tunnel: Fix route fl4 init in ip_md_tunnel_xmit arm64: dts: allwinner: h6: Move GIC device node fix base address ordering iwlwifi: mvm: fix A-MPDU reference assignment bus: ti-sysc: Fix timer handling with drop pm_runtime_irq_safe() tty: ipwireless: Fix potential NULL pointer dereference driver: uio: fix possible memory leak in __uio_register_device driver: uio: fix possible use-after-free in __uio_register_device crypto: crypto4xx - Fix wrong ppc4xx_trng_probe()/ppc4xx_trng_remove() arguments driver core: Fix DL_FLAG_AUTOREMOVE_SUPPLIER device link flag handling driver core: Avoid careless re-use of existing device links driver core: Do not resume suppliers under device_links_write_lock() driver core: Fix handling of runtime PM flags in device_link_add() driver core: Do not call rpm_put_suppliers() in pm_runtime_drop_link() ARM: dts: lpc32xx: add required clocks property to keypad device node ARM: dts: lpc32xx: reparent keypad controller to SIC1 ARM: dts: lpc32xx: fix ARM PrimeCell LCD controller variant ARM: dts: lpc32xx: fix ARM PrimeCell LCD controller clocks property ARM: dts: lpc32xx: phy3250: fix SD card regulator voltage drm/xen-front: Fix mmap attributes for display buffers iwlwifi: mvm: fix RSS config command staging: most: cdev: add missing check for cdev_add failure clk: ingenic: jz4740: Fix gating of UDC clock rtc: ds1672: fix unintended sign extension thermal: mediatek: fix register index error arm64: dts: msm8916: remove bogus argument to the cpu clock ath10k: fix dma unmap direction for management frames net: phy: fixed_phy: Fix fixed_phy not checking GPIO rtc: ds1307: rx8130: Fix alarm handling net/smc: original socket family in inet_sock_diag rtc: 88pm860x: fix unintended sign extension rtc: 88pm80x: fix unintended sign extension rtc: pm8xxx: fix unintended sign extension fbdev: chipsfb: remove set but not used variable 'size' iw_cxgb4: use tos when importing the endpoint iw_cxgb4: use tos when finding ipv6 routes ipmi: kcs_bmc: handle devm_kasprintf() failure case xsk: add missing smp_rmb() in xsk_mmap drm/etnaviv: potential NULL dereference ntb_hw_switchtec: debug print 64bit aligned crosslink BAR Numbers ntb_hw_switchtec: NT req id mapping table register entry number should be 512 pinctrl: sh-pfc: emev2: Add missing pinmux functions pinctrl: sh-pfc: r8a7791: Fix scifb2_data_c pin group pinctrl: sh-pfc: r8a7792: Fix vin1_data18_b pin group pinctrl: sh-pfc: sh73a0: Fix fsic_spdif pin groups RDMA/mlx5: Fix memory leak in case we fail to add an IB device driver core: Fix possible supplier PM-usage counter imbalance PCI: endpoint: functions: Use memcpy_fromio()/memcpy_toio() usb: phy: twl6030-usb: fix possible use-after-free on remove block: don't use bio->bi_vcnt to figure out segment number keys: Timestamp new keys net: dsa: b53: Fix default VLAN ID net: dsa: b53: Properly account for VLAN filtering net: dsa: b53: Do not program CPU port's PVID mt76: usb: fix possible memory leak in mt76u_buf_free media: sh: migor: Include missing dma-mapping header vfio_pci: Enable memory accesses before calling pci_map_rom hwmon: (pmbus/tps53679) Fix driver info initialization in probe routine mdio_bus: Fix PTR_ERR() usage after initialization to constant KVM: PPC: Release all hardware TCE tables attached to a group staging: r8822be: check kzalloc return or bail dmaengine: mv_xor: Use correct device for DMA API cdc-wdm: pass return value of recover_from_urb_loss brcmfmac: create debugfs files for bus-specific layer regulator: pv88060: Fix array out-of-bounds access regulator: pv88080: Fix array out-of-bounds access regulator: pv88090: Fix array out-of-bounds access net: dsa: qca8k: Enable delay for RGMII_ID mode net/mlx5: Delete unused FPGA QPN variable drm/nouveau/bios/ramcfg: fix missing parentheses when calculating RON drm/nouveau/pmu: don't print reply values if exec is false drm/nouveau: fix missing break in switch statement driver core: Fix PM-runtime for links added during consumer probe ASoC: qcom: Fix of-node refcount unbalance in apq8016_sbc_parse_of() net: dsa: fix unintended change of bridge interface STP state fs/nfs: Fix nfs_parse_devname to not modify it's argument staging: rtlwifi: Use proper enum for return in halmac_parse_psd_data_88xx powerpc/64s: Fix logic when handling unknown CPU features NFS: Fix a soft lockup in the delegation recovery code perf: Copy parent's address filter offsets on clone perf, pt, coresight: Fix address filters for vmas with non-zero offset clocksource/drivers/sun5i: Fail gracefully when clock rate is unavailable clocksource/drivers/exynos_mct: Fix error path in timer resources initialization platform/x86: wmi: fix potential null pointer dereference NFS/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount mmc: sdhci-brcmstb: handle mmc_of_parse() errors during probe iommu: Fix IOMMU debugfs fallout ARM: 8847/1: pm: fix HYP/SVC mode mismatch when MCPM is used ARM: 8848/1: virt: Align GIC version check with arm64 counterpart ARM: 8849/1: NOMMU: Fix encodings for PMSAv8's PRBAR4/PRLAR4 regulator: wm831x-dcdc: Fix list of wm831x_dcdc_ilim from mA to uA ath10k: Fix length of wmi tlv command for protected mgmt frames netfilter: nft_set_hash: fix lookups with fixed size hash on big endian netfilter: nft_set_hash: bogus element self comparison from deactivation path net: sched: act_csum: Fix csum calc for tagged packets hwrng: bcm2835 - fix probe as platform device iommu/vt-d: Fix NULL pointer reference in intel_svm_bind_mm() NFS: Add missing encode / decode sequence_maxsz to v4.2 operations NFSv4/flexfiles: Fix invalid deref in FF_LAYOUT_DEVID_NODE() net: aquantia: fixed instack structure overflow powerpc/mm: Check secondary hash page table media: dvb/earth-pt1: fix wrong initialization for demod blocks rbd: clear ->xferred on error from rbd_obj_issue_copyup() PCI: Fix "try" semantics of bus and slot reset nios2: ksyms: Add missing symbol exports x86/mm: Remove unused variable 'cpu' scsi: megaraid_sas: reduce module load time nfp: fix simple vNIC mailbox length drivers/rapidio/rio_cm.c: fix potential oops in riocm_ch_listen() xen, cpu_hotplug: Prevent an out of bounds access net/mlx5: Fix multiple updates of steering rules in parallel net/mlx5e: IPoIB, Fix RX checksum statistics update net: sh_eth: fix a missing check of of_get_phy_mode regulator: lp87565: Fix missing register for LP87565_BUCK_0 soc: amlogic: gx-socinfo: Add mask for each SoC packages media: ivtv: update *pos correctly in ivtv_read_pos() media: cx18: update *pos correctly in cx18_read_pos() media: wl128x: Fix an error code in fm_download_firmware() media: cx23885: check allocation return regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB crypto: ccree - reduce kernel stack usage with clang jfs: fix bogus variable self-initialization tipc: tipc clang warning m68k: mac: Fix VIA timer counter accesses ARM: dts: sun8i: a33: Reintroduce default pinctrl muxing arm64: dts: allwinner: a64: Add missing PIO clocks ARM: dts: sun9i: optimus: Fix fixed-regulators net: phy: don't clear BMCR in genphy_soft_reset ARM: OMAP2+: Fix potentially uninitialized return value for _setup_reset() net: dsa: Avoid null pointer when failing to connect to PHY soc: qcom: cmd-db: Fix an error code in cmd_db_dev_probe() media: davinci-isif: avoid uninitialized variable use media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame spi: tegra114: clear packed bit for unpacked mode spi: tegra114: fix for unpacked mode transfers spi: tegra114: terminate dma and reset on transfer timeout spi: tegra114: flush fifos spi: tegra114: configure dma burst size to fifo trig level bus: ti-sysc: Fix sysc_unprepare() when no clocks have been allocated soc/fsl/qe: Fix an error code in qe_pin_request() spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios drm/fb-helper: generic: Call drm_client_add() after setup is done arm64/vdso: don't leak kernel addresses rtc: Fix timestamp value for RTC_TIMESTAMP_BEGIN_1900 rtc: mt6397: Don't call irq_dispose_mapping. ehea: Fix a copy-paste err in ehea_init_port_res bpf: Add missed newline in verifier verbose log drm/vmwgfx: Remove set but not used variable 'restart' scsi: qla2xxx: Unregister chrdev if module initialization fails of: use correct function prototype for of_overlay_fdt_apply() net/sched: cbs: fix port_rate miscalculation clk: qcom: Skip halt checks on gcc_pcie_0_pipe_clk for 8998 ACPI: button: reinitialize button state upon resume firmware: arm_scmi: fix of_node leak in scmi_mailbox_check rxrpc: Fix detection of out of order acks scsi: target/core: Fix a race condition in the LUN lookup code brcmfmac: fix leak of mypkt on error return path ARM: pxa: ssp: Fix "WARNING: invalid free of devm_ allocated data" PCI: rockchip: Fix rockchip_pcie_ep_assert_intx() bitwise operations net: hns3: fix for vport->bw_limit overflow problem hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses perf/core: Fix the address filtering fix staging: android: vsoc: fix copy_from_user overrun PCI: dwc: Fix dw_pcie_ep_find_capability() to return correct capability offset soc: amlogic: meson-gx-pwrc-vpu: Fix power on/off register bitmask platform/x86: alienware-wmi: fix kfree on potentially uninitialized pointer tipc: set sysctl_tipc_rmem and named_timeout right range usb: typec: tcpm: Notify the tcpc to start connection-detection for SRPs selftests/ipc: Fix msgque compiler warnings net: hns3: fix loop condition of hns3_get_tx_timeo_queue_info() powerpc: vdso: Make vdso32 installation conditional in vdso_install ARM: dts: ls1021: Fix SGMII PCS link remaining down after PHY disconnect media: ov2659: fix unbalanced mutex_lock/unlock 6lowpan: Off by one handling ->nexthdr dmaengine: axi-dmac: Don't check the number of frames for alignment ALSA: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk() afs: Fix AFS file locking to allow fine grained locks afs: Further fix file locking NFS: Don't interrupt file writeout due to fatal errors coresight: catu: fix clang build warning s390/kexec_file: Fix potential segment overlap in ELF loader irqchip/gic-v3-its: fix some definitions of inner cacheability attributes scsi: qla2xxx: Fix a format specifier scsi: qla2xxx: Fix error handling in qlt_alloc_qfull_cmd() scsi: qla2xxx: Avoid that qlt_send_resp_ctio() corrupts memory KVM: PPC: Book3S HV: Fix lockdep warning when entering the guest netfilter: nft_flow_offload: add entry to flowtable after confirmation PCI: iproc: Enable iProc config read for PAXBv2 ARM: dts: logicpd-som-lv: Fix MMC1 card detect packet: in recvmsg msg_name return at least sizeof sockaddr_ll ASoC: fix valid stream condition usb: gadget: fsl: fix link error against usb-gadget module dwc2: gadget: Fix completed transfer size calculation in DDMA IB/mlx5: Add missing XRC options to QP optional params mask RDMA/rxe: Consider skb reserve space based on netdev of GID iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU net: ena: fix swapped parameters when calling ena_com_indirect_table_fill_entry net: ena: fix: Free napi resources when ena_up() fails net: ena: fix incorrect test of supported hash function net: ena: fix ena_com_fill_hash_function() implementation dmaengine: tegra210-adma: restore channel status watchdog: rtd119x_wdt: Fix remove function mmc: core: fix possible use after free of host lightnvm: pblk: fix lock order in pblk_rb_tear_down_check ath10k: Fix encoding for protected management frames afs: Fix the afs.cell and afs.volume xattr handlers vfio/mdev: Avoid release parent reference during error path vfio/mdev: Follow correct remove sequence vfio/mdev: Fix aborting mdev child device removal if one fails l2tp: Fix possible NULL pointer dereference ALSA: aica: Fix a long-time build breakage media: omap_vout: potential buffer overflow in vidioc_dqbuf() media: davinci/vpbe: array underflow in vpbe_enum_outputs() platform/x86: alienware-wmi: printing the wrong error code crypto: caam - fix caam_dump_sg that iterates through scatterlist netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule pwm: meson: Consider 128 a valid pre-divider pwm: meson: Don't disable PWM when setting duty repeatedly ARM: riscpc: fix lack of keyboard interrupts after irq conversion nfp: bpf: fix static check error through tightening shift amount adjustment kdb: do a sanity check on the cpu in kdb_per_cpu() netfilter: nf_tables: correct NFT_LOGLEVEL_MAX value backlight: lm3630a: Return 0 on success in update_status functions thermal: rcar_gen3_thermal: fix interrupt type thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power EDAC/mc: Fix edac_mc_find() in case no device is found afs: Fix key leak in afs_release() and afs_evict_inode() afs: Don't invalidate callback if AFS_VNODE_DIR_VALID not set afs: Fix lock-wait/callback-break double locking afs: Fix double inc of vnode->cb_break ARM: dts: sun8i-h3: Fix wifi in Beelink X2 DT clk: meson: gxbb: no spread spectrum on mpll0 clk: meson: axg: spread spectrum is on mpll2 dmaengine: tegra210-adma: Fix crash during probe arm64: dts: meson: libretech-cc: set eMMC as removable RDMA/qedr: Fix incorrect device rate. spi: spi-fsl-spi: call spi_finalize_current_message() at the end crypto: ccp - fix AES CFB error exposed by new test vectors crypto: ccp - Fix 3DES complaint from ccp-crypto module serial: stm32: fix word length configuration serial: stm32: fix rx error handling serial: stm32: fix rx data length when parity enabled serial: stm32: fix transmit_chars when tx is stopped serial: stm32: Add support of TC bit status check serial: stm32: fix wakeup source initialization misc: sgi-xp: Properly initialize buf in xpc_get_rsvd_page_pa iommu: Add missing new line for dma type iommu: Use right function to get group for device signal/bpfilter: Fix bpfilter_kernl to use send_sig not force_sig signal/cifs: Fix cifs_put_tcp_session to call send_sig instead of force_sig inet: frags: call inet_frags_fini() after unregister_pernet_subsys() net: hns3: fix a memory leak issue for hclge_map_unmap_ring_to_vf_vector crypto: talitos - fix AEAD processing. netvsc: unshare skb in VF rx handler net: core: support XDP generic on stacked devices. RDMA/uverbs: check for allocation failure in uapi_add_elm() net: don't clear sock->sk early to avoid trouble in strparser phy: qcom-qusb2: fix missing assignment of ret when calling clk_prepare_enable cpufreq: brcmstb-avs-cpufreq: Fix initial command check cpufreq: brcmstb-avs-cpufreq: Fix types for voltage/frequency clk: sunxi-ng: sun50i-h6-r: Fix incorrect W1 clock gate register media: vivid: fix incorrect assignment operation when setting video mode crypto: inside-secure - fix zeroing of the request in ahash_exit_inv crypto: inside-secure - fix queued len computation arm64: dts: renesas: ebisu: Remove renesas, no-ether-link property mpls: fix warning with multi-label encap serial: stm32: fix a recursive locking in stm32_config_rs485 arm64: dts: meson-gxm-khadas-vim2: fix gpio-keys-polled node arm64: dts: meson-gxm-khadas-vim2: fix Bluetooth support iommu/vt-d: Duplicate iommu_resv_region objects per device list phy: usb: phy-brcm-usb: Remove sysfs attributes upon driver removal firmware: arm_scmi: fix bitfield definitions for SENSOR_DESC attributes firmware: arm_scmi: update rate_discrete in clock_describe_rates_get ntb_hw_switchtec: potential shift wrapping bug in switchtec_ntb_init_sndev() ASoC: meson: axg-tdmin: right_j is not supported ASoC: meson: axg-tdmout: right_j is not supported qed: iWARP - Use READ_ONCE and smp_store_release to access ep->state qed: iWARP - fix uninitialized callback powerpc/cacheinfo: add cacheinfo_teardown, cacheinfo_rebuild powerpc/pseries/mobility: rebuild cacheinfo hierarchy post-migration bpf: fix the check that forwarding is enabled in bpf_ipv6_fib_lookup IB/hfi1: Handle port down properly in pio drm/msm/mdp5: Fix mdp5_cfg_init error return net: netem: fix backlog accounting for corrupted GSO frames net/udp_gso: Allow TX timestamp with UDP GSO net/af_iucv: build proper skbs for HiperTransport net/af_iucv: always register net_device notifier ASoC: ti: davinci-mcasp: Fix slot mask settings when using multiple AXRs rtc: pcf8563: Fix interrupt trigger method rtc: pcf8563: Clear event flags and disable interrupts before requesting irq ARM: dts: iwg20d-q7-common: Fix SDHI1 VccQ regularor net/sched: cbs: Fix error path of cbs_module_init arm64: dts: allwinner: h6: Pine H64: Add interrupt line for RTC drm/msm/a3xx: remove TPL1 regs from snapshot ip6_fib: Don't discard nodes with valid routing information in fib6_locate_1() perf/ioctl: Add check for the sample_period value dmaengine: hsu: Revert "set HSU_CH_MTSR to memory width" clk: qcom: Fix -Wunused-const-variable nvmem: imx-ocotp: Ensure WAIT bits are preserved when setting timing nvmem: imx-ocotp: Change TIMING calculation to u-boot algorithm tools: bpftool: use correct argument in cgroup errors backlight: pwm_bl: Fix heuristic to determine number of brightness levels fork,memcg: alloc_thread_stack_node needs to set tsk->stack bnxt_en: Fix ethtool selftest crash under error conditions. bnxt_en: Suppress error messages when querying DSCP DCB capabilities. iommu/amd: Make iommu_disable safer mfd: intel-lpss: Release IDA resources rxrpc: Fix uninitialized error code in rxrpc_send_data_packet() xprtrdma: Fix use-after-free in rpcrdma_post_recvs um: Fix IRQ controller regression on console read PM: ACPI/PCI: Resume all devices during hibernation ACPI: PM: Simplify and fix PM domain hibernation callbacks ACPI: PM: Introduce "poweroff" callbacks for ACPI PM domain and LPSS fsi/core: Fix error paths on CFAM init devres: allow const resource arguments fsi: sbefifo: Don't fail operations when in SBE IPL state RDMA/hns: Fixs hw access invalid dma memory error PCI: mobiveil: Remove the flag MSI_FLAG_MULTI_PCI_MSI PCI: mobiveil: Fix devfn check in mobiveil_pcie_valid_device() PCI: mobiveil: Fix the valid check for inbound and outbound windows ceph: fix "ceph.dir.rctime" vxattr value net: pasemi: fix an use-after-free in pasemi_mac_phy_init() net/tls: fix socket wmem accounting on fallback with netem x86/pgtable/32: Fix LOWMEM_PAGES constant xdp: fix possible cq entry leak ARM: stm32: use "depends on" instead of "if" after prompt scsi: libfc: fix null pointer dereference on a null lport xfrm interface: ifname may be wrong in logs drm/panel: make drm_panel.h self-contained clk: sunxi-ng: v3s: add the missing PLL_DDR1 PM: sleep: Fix possible overflow in pm_system_cancel_wakeup() libertas_tf: Use correct channel range in lbtf_geo_init qed: reduce maximum stack frame size usb: host: xhci-hub: fix extra endianness conversion media: rcar-vin: Clean up correct notifier in error path mic: avoid statically declaring a 'struct device'. x86/kgbd: Use NMI_VECTOR not APIC_DM_NMI crypto: ccp - Reduce maximum stack usage ALSA: aoa: onyx: always initialize register read value arm64: dts: renesas: r8a77995: Fix register range of display node tipc: reduce risk of wakeup queue starvation ARM: dts: stm32: add missing vdda-supply to adc on stm32h743i-eval net/mlx5: Fix mlx5_ifc_query_lag_out_bits cifs: fix rmmod regression in cifs.ko caused by force_sig changes iio: tsl2772: Use devm_add_action_or_reset for tsl2772_chip_off net: fix bpf_xdp_adjust_head regression for generic-XDP spi: bcm-qspi: Fix BSPI QUAD and DUAL mode support when using flex mode cxgb4: smt: Add lock for atomic_dec_and_test crypto: caam - free resources in case caam_rng registration failed ext4: set error return correctly when ext4_htree_store_dirent fails RDMA/hns: Bugfix for slab-out-of-bounds when unloading hip08 driver RDMA/hns: bugfix for slab-out-of-bounds when loading hip08 driver ASoC: es8328: Fix copy-paste error in es8328_right_line_controls ASoC: cs4349: Use PM ops 'cs4349_runtime_pm' ASoC: wm8737: Fix copy-paste error in wm8737_snd_controls net/rds: Add a few missing rds_stat_names entries tools: bpftool: fix arguments for p_err() in do_event_pipe() tools: bpftool: fix format strings and arguments for jsonw_printf() drm: rcar-du: lvds: Fix bridge_to_rcar_lvds bnxt_en: Fix handling FRAG_ERR when NVM_INSTALL_UPDATE cmd fails signal: Allow cifs and drbd to receive their terminating signals powerpc/64s/radix: Fix memory hot-unplug page table split ASoC: sun4i-i2s: RX and TX counter registers are swapped dmaengine: dw: platform: Switch to acpi_dma_controller_register() rtc: rv3029: revert error handling patch to rv3029_eeprom_write() mac80211: minstrel_ht: fix per-group max throughput rate initialization i40e: reduce stack usage in i40e_set_fc media: atmel: atmel-isi: fix timeout value for stop streaming ARM: 8896/1: VDSO: Don't leak kernel addresses rtc: pcf2127: bugfix: read rtc disables watchdog mips: avoid explicit UB in assignment of mips_io_port_base media: em28xx: Fix exception handling in em28xx_alloc_urbs() iommu/mediatek: Fix iova_to_phys PA start for 4GB mode ahci: Do not export local variable ahci_em_messages rxrpc: Fix lack of conn cleanup when local endpoint is cleaned up [ver #2] Partially revert "kfifo: fix kfifo_alloc() and kfifo_init()" hwmon: (lm75) Fix write operations for negative temperatures net/sched: cbs: Set default link speed to 10 Mbps in cbs_set_port_rate power: supply: Init device wakeup after device_add() x86, perf: Fix the dependency of the x86 insn decoder selftest staging: greybus: light: fix a couple double frees irqdomain: Add the missing assignment of domain->fwnode for named fwnode bcma: fix incorrect update of BCMA_CORE_PCI_MDIO_DATA usb: typec: tps6598x: Fix build error without CONFIG_REGMAP_I2C bcache: Fix an error code in bch_dump_read() iio: dac: ad5380: fix incorrect assignment to val netfilter: ctnetlink: honor IPS_OFFLOAD flag ath9k: dynack: fix possible deadlock in ath_dynack_node_{de}init wcn36xx: use dynamic allocation for large variables tty: serial: fsl_lpuart: Use appropriate lpuart32_* I/O funcs ARM: dts: aspeed-g5: Fixe gpio-ranges upper limit xsk: avoid store-tearing when assigning queues xsk: avoid store-tearing when assigning umem led: triggers: Fix dereferencing of null pointer net: sonic: return NETDEV_TX_OK if failed to map buffer net: hns3: fix error VF index when setting VLAN offload rtlwifi: Fix file release memory leak ARM: dts: logicpd-som-lv: Fix i2c2 and i2c3 Pin mux f2fs: fix wrong error injection path in inc_valid_block_count() f2fs: fix error path of f2fs_convert_inline_page() scsi: fnic: fix msix interrupt allocation Btrfs: fix hang when loading existing inode cache off disk Btrfs: fix inode cache waiters hanging on failure to start caching thread Btrfs: fix inode cache waiters hanging on path allocation failure btrfs: use correct count in btrfs_file_write_iter() ixgbe: sync the first fragment unconditionally hwmon: (shtc1) fix shtc1 and shtw1 id mask net: sonic: replace dev_kfree_skb in sonic_send_packet pinctrl: iproc-gpio: Fix incorrect pinconf configurations gpio/aspeed: Fix incorrect number of banks ath10k: adjust skb length in ath10k_sdio_mbox_rx_packet RDMA/cma: Fix false error message net/rds: Fix 'ib_evt_handler_call' element in 'rds_ib_stat_names' um: Fix off by one error in IRQ enumeration bnxt_en: Increase timeout for HWRM_DBG_COREDUMP_XX commands f2fs: fix to avoid accessing uninitialized field of inode page in is_alive() mailbox: qcom-apcs: fix max_register value clk: actions: Fix factor clk struct member access powerpc/mm/mce: Keep irqs disabled during lockless page table walk bpf: fix BTF limits crypto: hisilicon - Matching the dma address for dma_pool_free() iommu/amd: Wait for completion of IOTLB flush in attach_device net: aquantia: Fix aq_vec_isr_legacy() return value cxgb4: Signedness bug in init_one() net: hisilicon: Fix signedness bug in hix5hd2_dev_probe() net: broadcom/bcmsysport: Fix signedness in bcm_sysport_probe() net: netsec: Fix signedness bug in netsec_probe() net: socionext: Fix a signedness bug in ave_probe() net: stmmac: dwmac-meson8b: Fix signedness bug in probe net: axienet: fix a signedness bug in probe of: mdio: Fix a signedness bug in of_phy_get_and_connect() net: nixge: Fix a signedness bug in nixge_probe() net: ethernet: stmmac: Fix signedness bug in ipq806x_gmac_of_parse() net: sched: cbs: Avoid division by zero when calculating the port rate nvme: retain split access workaround for capability reads net: stmmac: gmac4+: Not all Unicast addresses may be available rxrpc: Fix trace-after-put looking at the put connection record mac80211: accept deauth frames in IBSS mode llc: fix another potential sk_buff leak in llc_ui_sendmsg() llc: fix sk_buff refcounting in llc_conn_state_process() ip6erspan: remove the incorrect mtu limit for ip6erspan net: stmmac: fix length of PTP clock's name string net: stmmac: fix disabling flexible PPS output sctp: add chunks to sk_backlog when the newsk sk_socket is not set s390/qeth: Fix error handling during VNICC initialization s390/qeth: Fix initialization of vnicc cmd masks during set online act_mirred: Fix mirred_init_module error handling net: avoid possible false sharing in sk_leave_memory_pressure() net: add {READ|WRITE}_ONCE() annotations on ->rskq_accept_head tcp: annotate lockless access to tcp_memory_pressure net/smc: receive returns without data net/smc: receive pending data after RCV_SHUTDOWN drm/msm/dsi: Implement reset correctly vhost/test: stop device before reset dmaengine: imx-sdma: fix size check for sdma script_number firmware: dmi: Fix unlikely out-of-bounds read in save_mem_devices arm64: hibernate: check pgd table allocation net: netem: fix error path for corrupted GSO frames net: netem: correct the parent's backlog when corrupted packet was dropped xsk: Fix registration of Rx-only sockets bpf, offload: Unlock on error in bpf_offload_dev_create() afs: Fix missing timeout reset net: qca_spi: Move reset_count to struct qcaspi hv_netvsc: Fix offset usage in netvsc_send_table() hv_netvsc: Fix send_table offset in case of a host bug afs: Fix large file support drm: panel-lvds: Potential Oops in probe error handling hwrng: omap3-rom - Fix missing clock by probing with device tree dpaa_eth: perform DMA unmapping before read dpaa_eth: avoid timestamp read on error paths MIPS: Loongson: Fix return value of loongson_hwmon_init hv_netvsc: flag software created hash value net: neigh: use long type to store jiffies delta packet: fix data-race in fanout_flow_is_huge() i2c: stm32f7: report dma error during probe mmc: sdio: fix wl1251 vendor id mmc: core: fix wl1251 sdio quirks affs: fix a memory leak in affs_remount afs: Remove set but not used variables 'before', 'after' dmaengine: ti: edma: fix missed failure handling drm/radeon: fix bad DMA from INTERRUPT_CNTL2 arm64: dts: juno: Fix UART frequency samples/bpf: Fix broken xdp_rxq_info due to map order assumptions usb: dwc3: Allow building USB_DWC3_QCOM without EXTCON IB/iser: Fix dma_nents type definition serial: stm32: fix clearing interrupt error flags arm64: dts: meson-gxm-khadas-vim2: fix uart_A bluetooth node m68k: Call timer_interrupt() with interrupts disabled Linux 4.19.99 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ieabeab79ea5c8cb4b6b1552702fa5d6100cea5db |
||
|
Alexei Starovoitov
|
62bce3654c |
bpf: fix BTF limits
[ Upstream commit |
||
|
Florian Westphal
|
1f791d99e8 |
netfilter: nf_tables: correct NFT_LOGLEVEL_MAX value
[ Upstream commit |
||
|
Pankaj Gupta
|
748a437c5c |
UPSTREAM: virtio-pmem: Add virtio pmem driver
This patch adds virtio-pmem driver for KVM guest.
Guest reads the persistent memory range information from
Qemu over VIRTIO and registers it on nvdimm_bus. It also
creates a nd_region object with the persistent memory
range information so that existing 'nvdimm/pmem' driver
can reserve this into system memory map. This way
'virtio-pmem' driver uses existing functionality of pmem
driver to register persistent memory compatible for DAX
capable filesystems.
This also provides function to perform guest flush over
VIRTIO from 'pmem' driver when userspace performs flush
on DAX memory range.
Signed-off-by: Pankaj Gupta <pagupta@redhat.com>
Reviewed-by: Yuval Shaia <yuval.shaia@oracle.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Jakub Staron <jstaron@google.com>
Tested-by: Jakub Staron <jstaron@google.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
(cherry picked from commit
|
||
|
Barani Muthukumaran
|
23b81578bf |
ANDROID: fscrypt: add support for hardware-wrapped keys
To prevent keys from being compromised if an attacker acquires read access to kernel memory, some inline encryption hardware supports protecting the keys in hardware without software having access to or the ability to set the plaintext keys. Instead, software only sees "wrapped keys", which may differ on every boot. The keys can be initially generated either by software (in which case they need to be imported to hardware to be wrapped), or directly by the hardware. Add support for this type of hardware by allowing keys to be flagged as hardware-wrapped and encryption policies to be flagged as needing a hardware-wrapped key. When used, fscrypt will pass the wrapped key directly to the inline encryption hardware to encrypt file contents. The hardware is responsible for internally unwrapping the key and deriving the actual file contents encryption key. fscrypt also asks the inline encryption hardware to derive a cryptographically isolated software "secret", which fscrypt then uses as the master key for all other purposes besides file contents encryption, e.g. to derive filenames encryption keys and the key identifier. Bug: 147209885 Change-Id: I7f4cc5c32f130709db3eb9ebdb1ebfff5751ca95 Co-developed-by: Gaurav Kashyap <gaurkash@codeaurora.org> Signed-off-by: Gaurav Kashyap <gaurkash@codeaurora.org> Signed-off-by: Barani Muthukumaran <bmuthuku@codeaurora.org> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
|
Andrey Konovalov
|
bbd1677580 |
UPSTREAM: kcov: fix struct layout for kcov_remote_arg
(Upstream commit a69b83e1ae7f6c5ff2cc310870c1708405d86be2.)
Make the layout of kcov_remote_arg the same for 32-bit and 64-bit code.
This makes it more convenient to write userspace apps that can be
compiled into 32-bit or 64-bit binaries and still work with the same
64-bit kernel.
Also use proper __u32 types in uapi headers instead of unsigned ints.
Link: http://lkml.kernel.org/r/9e91020876029cfefc9211ff747685eba9536426.1575638983.git.andreyknvl@google.com
Fixes:
|
||
|
Andrey Konovalov
|
a7ed6cc7b7 |
UPSTREAM: kcov: remote coverage support
(Upstream commit eec028c9386ed1a692aa01a85b55952202b41619.) Patch series " kcov: collect coverage from usb and vhost", v3. This patchset extends kcov to allow collecting coverage from backgound kernel threads. This extension requires custom annotations for each of the places where coverage collection is desired. This patchset implements this for hub events in the USB subsystem and for vhost workers. See the first patch description for details about the kcov extension. The other two patches apply this kcov extension to USB and vhost. Examples of other subsystems that might potentially benefit from this when custom annotations are added (the list is based on process_one_work() callers for bugs recently reported by syzbot): 1. fs: writeback wb_workfn() worker, 2. net: addrconf_dad_work()/addrconf_verify_work() workers, 3. net: neigh_periodic_work() worker, 4. net/p9: p9_write_work()/p9_read_work() workers, 5. block: blk_mq_run_work_fn() worker. These patches have been used to enable coverage-guided USB fuzzing with syzkaller for the last few years, see the details here: https://github.com/google/syzkaller/blob/master/docs/linux/external_fuzzing_usb.md This patchset has been pushed to the public Linux kernel Gerrit instance: https://linux-review.googlesource.com/c/linux/kernel/git/torvalds/linux/+/1524 This patch (of 3): Add background thread coverage collection ability to kcov. With KCOV_ENABLE coverage is collected only for syscalls that are issued from the current process. With KCOV_REMOTE_ENABLE it's possible to collect coverage for arbitrary parts of the kernel code, provided that those parts are annotated with kcov_remote_start()/kcov_remote_stop(). This allows to collect coverage from two types of kernel background threads: the global ones, that are spawned during kernel boot in a limited number of instances (e.g. one USB hub_event() worker thread is spawned per USB HCD); and the local ones, that are spawned when a user interacts with some kernel interface (e.g. vhost workers). To enable collecting coverage from a global background thread, a unique global handle must be assigned and passed to the corresponding kcov_remote_start() call. Then a userspace process can pass a list of such handles to the KCOV_REMOTE_ENABLE ioctl in the handles array field of the kcov_remote_arg struct. This will attach the used kcov device to the code sections, that are referenced by those handles. Since there might be many local background threads spawned from different userspace processes, we can't use a single global handle per annotation. Instead, the userspace process passes a non-zero handle through the common_handle field of the kcov_remote_arg struct. This common handle gets saved to the kcov_handle field in the current task_struct and needs to be passed to the newly spawned threads via custom annotations. Those threads should in turn be annotated with kcov_remote_start()/kcov_remote_stop(). Internally kcov stores handles as u64 integers. The top byte of a handle is used to denote the id of a subsystem that this handle belongs to, and the lower 4 bytes are used to denote the id of a thread instance within that subsystem. A reserved value 0 is used as a subsystem id for common handles as they don't belong to a particular subsystem. The bytes 4-7 are currently reserved and must be zero. In the future the number of bytes used for the subsystem or handle ids might be increased. When a particular userspace process collects coverage by via a common handle, kcov will collect coverage for each code section that is annotated to use the common handle obtained as kcov_handle from the current task_struct. However non common handles allow to collect coverage selectively from different subsystems. Link: http://lkml.kernel.org/r/e90e315426a384207edbec1d6aa89e43008e4caf.1572366574.git.andreyknvl@google.com Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: Alan Stern <stern@rowland.harvard.edu> Cc: "Michael S. Tsirkin" <mst@redhat.com> Cc: Jason Wang <jasowang@redhat.com> Cc: Arnd Bergmann <arnd@arndb.de> Cc: Steven Rostedt <rostedt@goodmis.org> Cc: David Windsor <dwindsor@gmail.com> Cc: Elena Reshetova <elena.reshetova@intel.com> Cc: Anders Roxell <anders.roxell@linaro.org> Cc: Alexander Potapenko <glider@google.com> Cc: Marco Elver <elver@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Bug: 147413187 Change-Id: I868c4846a412bfbae16086017e113813571df377 |
||
|
Greg Kroah-Hartman
|
21e3a71314 |
This is the 4.19.96 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl4eEV4ACgkQONu9yGCS aT6D6Q//W205i6vBtK440pV659K29fw2+XYhJnG+3kkcXJ1GBEHlS7ddZCzV1lua uOLYxG2J0A3D0WC8S78XwE1ZXe1YTor647qW0H6pDeZIj/ID2x4TEN6rZq0YlCb7 JLx6d+yb7MkK9fHGXVyTZbKESLr7WimDnZckWbO4xWTqtlh195ygMYxdwTxa97ZP rMJXR/qS/n5rlgQE8BEFsPZBNcsSVKecIi8ibSWu8zDJerBb2h0TuUMKvn1fteG9 O69y8MeoJSWGTsorii+f7toGKhECFRWSrDj9GhK4SFTj3eV5evrkozAWJpXuzIOA 9ou9OHUQnJxpXaVyBxiUDkP58tDYYddsrSCHFSNPtPcsTJSxDUEwZBDXr7V8TyVq axjoXgHwXOg9qi5IvEOvOBIahTX9OdKvR578eLQIFinZTRmZGKl2XW08olybcUw3 ZpTBW6A97Xmhs4szFOQfgxRrc3n0F4+Mk9tFp2HFzSu23y6A/wwctIt4xoOWJ8Nq ouZbGwI3Em6rtTWDufNJbagm5QYLEcsS5F4Ala6uGIxBXs8mD7dAisILEXxFfSAn aPzPvsKh1vMhYBFmTStsowxy1pjeuUMHukrBQLDtmhzR4aBs5GXCJi/Iq2ojC123 LLAnG/ytLyYyVUxpYyNMsconLITZ1iS3iUAIcUHeYcEFZ3JAV3E= =D3a0 -----END PGP SIGNATURE----- Merge 4.19.96 into android-4.19 Changes in 4.19.96 chardev: Avoid potential use-after-free in 'chrdev_open()' i2c: fix bus recovery stop mode timing usb: chipidea: host: Disable port power only if previously enabled ALSA: usb-audio: Apply the sample rate quirk for Bose Companion 5 ALSA: hda/realtek - Add new codec supported for ALCS1200A ALSA: hda/realtek - Set EAPD control to default for ALC222 ALSA: hda/realtek - Add quirk for the bass speaker on Lenovo Yoga X1 7th gen kernel/trace: Fix do not unregister tracepoints when register sched_migrate_task fail tracing: Have stack tracer compile when MCOUNT_INSN_SIZE is not defined tracing: Change offset type to s32 in preempt/irq tracepoints HID: Fix slab-out-of-bounds read in hid_field_extract HID: uhid: Fix returning EPOLLOUT from uhid_char_poll HID: hid-input: clear unmapped usages Input: add safety guards to input_set_keycode() Input: input_event - fix struct padding on sparc64 drm/sun4i: tcon: Set RGB DCLK min. divider based on hardware model drm/fb-helper: Round up bits_per_pixel if possible drm/dp_mst: correct the shifting in DP_REMOTE_I2C_READ can: kvaser_usb: fix interface sanity check can: gs_usb: gs_usb_probe(): use descriptors of current altsetting can: mscan: mscan_rx_poll(): fix rx path lockup when returning from polling to irq mode can: can_dropped_invalid_skb(): ensure an initialized headroom in outgoing CAN sk_buffs gpiolib: acpi: Turn dmi_system_id table into a generic quirk table gpiolib: acpi: Add honor_wakeup module-option + quirk mechanism staging: vt6656: set usb_set_intfdata on driver fail. USB: serial: option: add ZLP support for 0x1bc7/0x9010 usb: musb: fix idling for suspend after disconnect interrupt usb: musb: Disable pullup at init usb: musb: dma: Correct parameter passed to IRQ handler staging: comedi: adv_pci1710: fix AI channels 16-31 for PCI-1713 staging: rtl8188eu: Add device code for TP-Link TL-WN727N v5.21 serdev: Don't claim unsupported ACPI serial devices tty: link tty and port before configuring it as console tty: always relink the port mwifiex: fix possible heap overflow in mwifiex_process_country_ie() mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf scsi: bfa: release allocated memory in case of error rtl8xxxu: prevent leaking urb ath10k: fix memory leak HID: hiddev: fix mess in hiddev_open() USB: Fix: Don't skip endpoint descriptors with maxpacket=0 phy: cpcap-usb: Fix error path when no host driver is loaded phy: cpcap-usb: Fix flakey host idling and enumerating of devices netfilter: arp_tables: init netns pointer in xt_tgchk_param struct netfilter: conntrack: dccp, sctp: handle null timeout argument netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present drm/i915/gen9: Clear residual context state on context switch Linux 4.19.96 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I261d6a9e90a5461701f74e3ca1482e3c00939f3e |
||
|
Jaegeuk Kim
|
13e96f0215 |
Merge remote-tracking branch 'aosp/upstream-f2fs-stable-linux-4.19.y' into android-4.19
Merged in v5.5-rc1. * aosp/upstream-f2fs-stable-linux-4.19.y: docs: fs-verity: mention statx() support f2fs: support STATX_ATTR_VERITY ext4: support STATX_ATTR_VERITY statx: define STATX_ATTR_VERITY docs: fs-verity: document first supported kernel version f2fs: add support for IV_INO_LBLK_64 encryption policies ext4: add support for IV_INO_LBLK_64 encryption policies fscrypt: add support for IV_INO_LBLK_64 policies fscrypt: avoid data race on fscrypt_mode::logged_impl_name fscrypt: zeroize fscrypt_info before freeing fscrypt: remove struct fscrypt_ctx fscrypt: invoke crypto API for ESSIV handling Change-Id: I9325127228fb82b67f064ce8b3bc8d40ac76e65b Signed-off-by: Jaegeuk Kim <jaegeuk@google.com> |
||
|
Arnd Bergmann
|
c00eb2b2d0 |
Input: input_event - fix struct padding on sparc64
commit |
||
|
Greg Kroah-Hartman
|
5da11144c3 |
This is the 4.19.95 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl4bAEoACgkQONu9yGCS aT70DQ//YgSd3JJ9/d7TLy+Mm8GrlZIZWgRrz8YZdKcJBG+l/c+m6FR0uLDw95nf zIFq1GY8DwS3djuNkxPoz8yvIgqoHuSjEUo+YF8v71ZdnGCXIt6SCoKbugAH+azp zTEJ4lU3/Wrc1Gh4w5zeSgdQVPIJBQ+d7pKccZHOJ0DFwbU3hQ69vqXcaxrFuhop vqKvNNEeCT2l1AxgAhKwNhceFL3Rb/2HxAjUED68ueY/EZ0/OsoinboBu2riSKNu NWZTPq7B2Kht19aV48FThwksEvkelz72gkSzKvrsT03tDtNewQ7C/mreUqpU6VZE lrcIWOHjXMQyk3g3XZfG3j8ppzHvZPaG/WEqmnJV8txjtaRU8hvj3Q95kHPheTv6 O/Ds4OpHBaS5g6+dmsUmtfSrbrhm3KKXMn0IJvyYkC/VY0RVdLKTZu0TM5ZS5id/ zW4AZWWzephUID9LAwRrTWvfGKMBK6gEiv2AtnY4XRiEMYEFw45uP97yWcUCg89L a3BCbhhiO4tMqL/lf7KD4vPbXZsRgDM3q1wLitvM2KCVVSA32XGRMT9x8A6uwTJl OLL39NSi8h8rqn5S22AowKcR/3VakRNw9pf5Y6AH5xOnP3R/OBHzYJNho2DUc8OI 6p+zeUZkDEIsFI1wdJSaaSWsNdpJj3Sw6SdB2QJI3c782F4pFUA= =RCVS -----END PGP SIGNATURE----- Merge 4.19.95 into android-4.19 Changes in 4.19.95 USB: dummy-hcd: use usb_urb_dir_in instead of usb_pipein USB: dummy-hcd: increase max number of devices to 32 bpf: Fix passing modified ctx to ld/abs/ind instruction regulator: fix use after free issue ASoC: max98090: fix possible race conditions locking/spinlock/debug: Fix various data races netfilter: ctnetlink: netns exit must wait for callbacks mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame() libtraceevent: Fix lib installation with O= x86/efi: Update e820 with reserved EFI boot services data to fix kexec breakage ASoC: Intel: bytcr_rt5640: Update quirk for Teclast X89 efi/gop: Return EFI_NOT_FOUND if there are no usable GOPs efi/gop: Return EFI_SUCCESS if a usable GOP was found efi/gop: Fix memory leak in __gop_query32/64() ARM: dts: imx6ul: imx6ul-14x14-evk.dtsi: Fix SPI NOR probing ARM: vexpress: Set-up shared OPP table instead of individual for each CPU netfilter: uapi: Avoid undefined left-shift in xt_sctp.h netfilter: nft_set_rbtree: bogus lookup/get on consecutive elements in named sets netfilter: nf_tables: validate NFT_SET_ELEM_INTERVAL_END netfilter: nf_tables: validate NFT_DATA_VALUE after nft_data_init() ARM: dts: BCM5301X: Fix MDIO node address/size cells selftests/ftrace: Fix multiple kprobe testcase ARM: dts: Cygnus: Fix MDIO node address/size cells spi: spi-cavium-thunderx: Add missing pci_release_regions() ASoC: topology: Check return value for soc_tplg_pcm_create() ARM: dts: bcm283x: Fix critical trip point bnxt_en: Return error if FW returns more data than dump length bpf, mips: Limit to 33 tail calls spi: spi-ti-qspi: Fix a bug when accessing non default CS ARM: dts: am437x-gp/epos-evm: fix panel compatible samples: bpf: Replace symbol compare of trace_event samples: bpf: fix syscall_tp due to unused syscall powerpc: Ensure that swiotlb buffer is allocated from low memory btrfs: Fix error messages in qgroup_rescan_init bpf: Clear skb->tstamp in bpf_redirect when necessary bnx2x: Do not handle requests from VFs after parity bnx2x: Fix logic to get total no. of PFs per engine cxgb4: Fix kernel panic while accessing sge_info net: usb: lan78xx: Fix error message format specifier parisc: add missing __init annotation rfkill: Fix incorrect check to avoid NULL pointer dereference ASoC: wm8962: fix lambda value regulator: rn5t618: fix module aliases iommu/iova: Init the struct iova to fix the possible memleak kconfig: don't crash on NULL expressions in expr_eq() perf/x86/intel: Fix PT PMI handling fs: avoid softlockups in s_inodes iterators net: stmmac: Do not accept invalid MTU values net: stmmac: xgmac: Clear previous RX buffer size net: stmmac: RX buffer size must be 16 byte aligned net: stmmac: Always arm TX Timer at end of transmission start s390/purgatory: do not build purgatory with kcov, kasan and friends drm/exynos: gsc: add missed component_del s390/dasd/cio: Interpret ccw_device_get_mdc return value correctly s390/dasd: fix memleak in path handling error case block: fix memleak when __blk_rq_map_user_iov() is failed parisc: Fix compiler warnings in debug_core.c llc2: Fix return statement of llc_stat_ev_rx_null_dsap_xid_c (and _test_c) hv_netvsc: Fix unwanted rx_table reset powerpc/vcpu: Assume dedicated processors as non-preempt powerpc/spinlocks: Include correct header for static key cpufreq: imx6q: read OCOTP through nvmem for imx6ul/imx6ull ARM: dts: imx6ul: use nvmem-cells for cpu speed grading PCI/switchtec: Read all 64 bits of part_event_bitmap gtp: fix bad unlock balance in gtp_encap_enable_socket macvlan: do not assume mac_header is set in macvlan_broadcast() net: dsa: mv88e6xxx: Preserve priority when setting CPU port. net: stmmac: dwmac-sun8i: Allow all RGMII modes net: stmmac: dwmac-sunxi: Allow all RGMII modes net: usb: lan78xx: fix possible skb leak pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM sch_cake: avoid possible divide by zero in cake_enqueue() sctp: free cmd->obj.chunk for the unprocessed SCTP_CMD_REPLY tcp: fix "old stuff" D-SACK causing SACK to be treated as D-SACK vxlan: fix tos value before xmit vlan: fix memory leak in vlan_dev_set_egress_priority vlan: vlan_changelink() should propagate errors mlxsw: spectrum_qdisc: Ignore grafting of invisible FIFO net: sch_prio: When ungrafting, replace with FIFO usb: dwc3: gadget: Fix request complete check USB: core: fix check for duplicate endpoints USB: serial: option: add Telit ME910G1 0x110a composition usb: missing parentheses in USE_NEW_SCHEME Linux 4.19.95 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I611f034c58f975a5d2b70eed0a0884f1ff5b09cc |
||
|
Phil Sutter
|
962debec83 |
netfilter: uapi: Avoid undefined left-shift in xt_sctp.h
[ Upstream commit
|
||
|
Eric Biggers
|
1017779f1e |
statx: define STATX_ATTR_VERITY
Add a statx attribute bit STATX_ATTR_VERITY which will be set if the file has fs-verity enabled. This is the statx() equivalent of FS_VERITY_FL which is returned by FS_IOC_GETFLAGS. This is useful because it allows applications to check whether a file is a verity file without opening it. Opening a verity file can be expensive because the fsverity_info is set up on open, which involves parsing metadata and optionally verifying a cryptographic signature. This is analogous to how various other bits are exposed through both FS_IOC_GETFLAGS and statx(), e.g. the encrypt bit. Reviewed-by: Andreas Dilger <adilger@dilger.ca> Acked-by: Darrick J. Wong <darrick.wong@oracle.com> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
|
Eric Biggers
|
d679fad505 |
fscrypt: add support for IV_INO_LBLK_64 policies
Inline encryption hardware compliant with the UFS v2.1 standard or with
the upcoming version of the eMMC standard has the following properties:
(1) Per I/O request, the encryption key is specified by a previously
loaded keyslot. There might be only a small number of keyslots.
(2) Per I/O request, the starting IV is specified by a 64-bit "data unit
number" (DUN). IV bits 64-127 are assumed to be 0. The hardware
automatically increments the DUN for each "data unit" of
configurable size in the request, e.g. for each filesystem block.
Property (1) makes it inefficient to use the traditional fscrypt
per-file keys. Property (2) precludes the use of the existing
DIRECT_KEY fscrypt policy flag, which needs at least 192 IV bits.
Therefore, add a new fscrypt policy flag IV_INO_LBLK_64 which causes the
encryption to modified as follows:
- The encryption keys are derived from the master key, encryption mode
number, and filesystem UUID.
- The IVs are chosen as (inode_number << 32) | file_logical_block_num.
For filenames encryption, file_logical_block_num is 0.
Since the file nonces aren't used in the key derivation, many files may
share the same encryption key. This is much more efficient on the
target hardware. Including the inode number in the IVs and mixing the
filesystem UUID into the keys ensures that data in different files is
nevertheless still encrypted differently.
Additionally, limiting the inode and block numbers to 32 bits and
placing the block number in the low bits maintains compatibility with
the 64-bit DUN convention (property (2) above).
Since this scheme assumes that inode numbers are stable (which may
preclude filesystem shrinking) and that inode and file logical block
numbers are at most 32-bit, IV_INO_LBLK_64 will only be allowed on
filesystems that meet these constraints. These are acceptable
limitations for the cases where this format would actually be used.
Note that IV_INO_LBLK_64 is an on-disk format, not an implementation.
This patch just adds support for it using the existing filesystem layer
encryption. A later patch will add support for inline encryption.
Reviewed-by: Paul Crowley <paulcrowley@google.com>
Co-developed-by: Satya Tangirala <satyat@google.com>
Signed-off-by: Satya Tangirala <satyat@google.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
||
|
Greg Kroah-Hartman
|
c8a465e614 |
This is the 4.19.92 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl4La9gACgkQONu9yGCS aT6hlA//TDpj9rdEwkaKyg/Ge4TCOJSOiwlp2/5lg2Sroiuizz527hVybGOOYAHl gMA2Syt73PWStyfgl5B3AimcBvPADX8h/b1KiSoIdHFkq5rPFyneB6aEj+5jSK1V 63UnnTV0T49wt0Jvs6nN0FxI4ZCXbfjzaSVz4BGIflz6h9UUkPAu91CJTKtPmrAp pliH20cMOykxyS/KfKa6zDcpIfU0k+DxL5U0Y5F1YRDKc1iPg8e6I3cNLgwKSja6 21BgdoTyZdvbC85HxSY7V6Dswp4YQPBY3y8crp8npZ9apbYV7eNU3L1+WVQvxpFg kahhyjalqwqkKq+cTEsIFj7cjPksSlH/qytTS+lnN3BScXbFPp8GdzIazhQNSCv3 S/7T51CcvNoVcs9Qeu+nwyvx+H1LH4MYO4C7RYWZhPnMcA+/MxvT5WXNKfjf2ekM N5h8xNATllzDuDkX+zVwW8i80SCyhVqQIKbXLn8ugGYW3G5TNdy8Ysh0kdrq26Y+ LAELsbQhK/Kt8WF+XNBpb9LLbeUGn1GTwhnbEuD7IKI+bVxnmsGk8QUu3h+a9xFh lI7bsj8Ku9T+59/9xqAnoStEto+0tdTPB9Cx1jNdWlLiVdkewiDKiUbloFpDFS1n L3SvqB68DC/IznQcK970g3aIx9zbkb2KZRdj2Fu7apaY5D9q85I= =W+5k -----END PGP SIGNATURE----- Merge 4.19.92 into android-4.19 Changes in 4.19.92 af_packet: set defaule value for tmo fjes: fix missed check in fjes_acpi_add mod_devicetable: fix PHY module format net: dst: Force 4-byte alignment of dst_metrics net: gemini: Fix memory leak in gmac_setup_txqs net: hisilicon: Fix a BUG trigered by wrong bytes_compl net: nfc: nci: fix a possible sleep-in-atomic-context bug in nci_uart_tty_receive() net: qlogic: Fix error paths in ql_alloc_large_buffers() net: usb: lan78xx: Fix suspend/resume PHY register access error qede: Disable hardware gro when xdp prog is installed qede: Fix multicast mac configuration sctp: fully initialize v4 addr in some functions selftests: forwarding: Delete IPv6 address at the end btrfs: don't double lock the subvol_sem for rename exchange btrfs: do not call synchronize_srcu() in inode_tree_del Btrfs: fix missing data checksums after replaying a log tree btrfs: send: remove WARN_ON for readonly mount btrfs: abort transaction after failed inode updates in create_subvol btrfs: skip log replay on orphaned roots btrfs: do not leak reloc root if we fail to read the fs root btrfs: handle ENOENT in btrfs_uuid_tree_iterate Btrfs: fix removal logic of the tree mod log that leads to use-after-free issues ALSA: pcm: Avoid possible info leaks from PCM stream buffers ALSA: hda/ca0132 - Keep power on during processing DSP response ALSA: hda/ca0132 - Avoid endless loop ALSA: hda/ca0132 - Fix work handling in delayed HP detection drm: mst: Fix query_payload ack reply struct drm/panel: Add missing drm_panel_init() in panel drivers drm/bridge: analogix-anx78xx: silence -EPROBE_DEFER warnings iio: light: bh1750: Resolve compiler warning and make code more readable drm/amdgpu: grab the id mgr lock while accessing passid_mapping spi: Add call to spi_slave_abort() function when spidev driver is released staging: rtl8192u: fix multiple memory leaks on error path staging: rtl8188eu: fix possible null dereference rtlwifi: prevent memory leak in rtl_usb_probe libertas: fix a potential NULL pointer dereference ath10k: fix backtrace on coredump IB/iser: bound protection_sg size by data_sg size media: am437x-vpfe: Setting STD to current value is not an error media: i2c: ov2659: fix s_stream return value media: ov6650: Fix crop rectangle alignment not passed back media: i2c: ov2659: Fix missing 720p register config media: ov6650: Fix stored frame format not in sync with hardware media: ov6650: Fix stored crop rectangle not in sync with hardware tools/power/cpupower: Fix initializer override in hsw_ext_cstates media: venus: core: Fix msm8996 frequency table ath10k: fix offchannel tx failure when no ath10k_mac_tx_frm_has_freq pinctrl: devicetree: Avoid taking direct reference to device name string drm/amdkfd: fix a potential NULL pointer dereference (v2) selftests/bpf: Correct path to include msg + path media: venus: Fix occasionally failures to suspend usb: renesas_usbhs: add suspend event support in gadget mode hwrng: omap3-rom - Call clk_disable_unprepare() on exit only if not idled regulator: max8907: Fix the usage of uninitialized variable in max8907_regulator_probe() media: flexcop-usb: fix NULL-ptr deref in flexcop_usb_transfer_init() media: cec-funcs.h: add status_req checks drm/bridge: dw-hdmi: Refuse DDC/CI transfers on the internal I2C controller samples: pktgen: fix proc_cmd command result check logic block: Fix writeback throttling W=1 compiler warnings mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring drm/drm_vblank: Change EINVAL by the correct errno media: cx88: Fix some error handling path in 'cx8800_initdev()' media: ti-vpe: vpe: Fix Motion Vector vpdma stride media: ti-vpe: vpe: fix a v4l2-compliance warning about invalid pixel format media: ti-vpe: vpe: fix a v4l2-compliance failure about frame sequence number media: ti-vpe: vpe: Make sure YUYV is set as default format media: ti-vpe: vpe: fix a v4l2-compliance failure causing a kernel panic media: ti-vpe: vpe: ensure buffers are cleaned up properly in abort cases media: ti-vpe: vpe: fix a v4l2-compliance failure about invalid sizeimage syscalls/x86: Use the correct function type in SYSCALL_DEFINE0 drm/amd/display: Fix dongle_caps containing stale information. extcon: sm5502: Reset registers during initialization x86/mm: Use the correct function type for native_set_fixmap() ath10k: Correct error handling of dma_map_single() drm/bridge: dw-hdmi: Restore audio when setting a mode perf test: Report failure for mmap events perf report: Add warning when libunwind not compiled in usb: usbfs: Suppress problematic bind and unbind uevents. iio: adc: max1027: Reset the device at probe time Bluetooth: missed cpu_to_le16 conversion in hci_init4_req Bluetooth: Workaround directed advertising bug in Broadcom controllers Bluetooth: hci_core: fix init for HCI_USER_CHANNEL bpf/stackmap: Fix deadlock with rq_lock in bpf_get_stack() x86/mce: Lower throttling MCE messages' priority to warning perf tests: Disable bp_signal testing for arm64 drm/gma500: fix memory disclosures due to uninitialized bytes rtl8xxxu: fix RTL8723BU connection failure issue after warm reboot ipmi: Don't allow device module unload when in use x86/ioapic: Prevent inconsistent state when moving an interrupt media: smiapp: Register sensor after enabling runtime PM on the device md/bitmap: avoid race window between md_bitmap_resize and bitmap_file_clear_bit arm64: psci: Reduce the waiting time for cpu_psci_cpu_kill() i40e: initialize ITRN registers with correct values net: phy: dp83867: enable robust auto-mdix drm/tegra: sor: Use correct SOR index on Tegra210 spi: sprd: adi: Add missing lock protection when rebooting ACPI: button: Add DMI quirk for Medion Akoya E2215T RDMA/qedr: Fix memory leak in user qp and mr gpu: host1x: Allocate gather copy for host1x net: dsa: LAN9303: select REGMAP when LAN9303 enable phy: qcom-usb-hs: Fix extcon double register after power cycle s390/time: ensure get_clock_monotonic() returns monotonic values s390/mm: add mm_pxd_folded() checks to pxd_free() net: hns3: add struct netdev_queue debug info for TX timeout libata: Ensure ata_port probe has completed before detach loop: fix no-unmap write-zeroes request behavior pinctrl: sh-pfc: sh7734: Fix duplicate TCLK1_B iio: dln2-adc: fix iio_triggered_buffer_postenable() position libbpf: Fix error handling in bpf_map__reuse_fd() Bluetooth: Fix advertising duplicated flags pinctrl: amd: fix __iomem annotation in amd_gpio_irq_handler() ixgbe: protect TX timestamping from API misuse media: rcar_drif: fix a memory disclosure media: v4l2-core: fix touch support in v4l_g_fmt nvmem: imx-ocotp: reset error status on probe rfkill: allocate static minor bnx2x: Fix PF-VF communication over multi-cos queues. spi: img-spfi: fix potential double release ALSA: timer: Limit max amount of slave instances rtlwifi: fix memory leak in rtl92c_set_fw_rsvdpagepkt() perf probe: Fix to find range-only function instance perf probe: Fix to list probe event with correct line number perf jevents: Fix resource leak in process_mapfile() and main() perf probe: Walk function lines in lexical blocks perf probe: Fix to probe an inline function which has no entry pc perf probe: Fix to show ranges of variables in functions without entry_pc perf probe: Fix to show inlined function callsite without entry_pc libsubcmd: Use -O0 with DEBUG=1 perf probe: Fix to probe a function which has no entry pc perf tools: Splice events onto evlist even on error drm/amdgpu: disallow direct upload save restore list from gfx driver drm/amdgpu: fix potential double drop fence reference xen/gntdev: Use select for DMA_SHARED_BUFFER perf parse: If pmu configuration fails free terms perf probe: Skip overlapped location on searching variables perf probe: Return a better scope DIE if there is no best scope perf probe: Fix to show calling lines of inlined functions perf probe: Skip end-of-sequence and non statement lines perf probe: Filter out instances except for inlined subroutine and subprogram ath10k: fix get invalid tx rate for Mesh metric fsi: core: Fix small accesses and unaligned offsets via sysfs media: pvrusb2: Fix oops on tear-down when radio support is not present soundwire: intel: fix PDI/stream mapping for Bulk crypto: atmel - Fix authenc support when it is set to m ice: delay less media: si470x-i2c: add missed operations in remove EDAC/ghes: Fix grain calculation spi: pxa2xx: Add missed security checks ASoC: rt5677: Mark reg RT5677_PWR_ANLG2 as volatile iio: dac: ad5446: Add support for new AD5600 DAC ASoC: Intel: kbl_rt5663_rt5514_max98927: Add dmic format constraint s390/disassembler: don't hide instruction addresses nvme: Discard workaround for non-conformant devices parport: load lowlevel driver if ports not found bcache: fix static checker warning in bcache_device_free() cpufreq: Register drivers only after CPU devices have been registered x86/crash: Add a forward declaration of struct kimage tracing: use kvcalloc for tgid_map array allocation tracing/kprobe: Check whether the non-suffixed symbol is notrace bcache: fix deadlock in bcache_allocator iwlwifi: mvm: fix unaligned read of rx_pkt_status ASoC: wm8904: fix regcache handling spi: tegra20-slink: add missed clk_unprepare tun: fix data-race in gro_normal_list() crypto: virtio - deal with unsupported input sizes mmc: tmio: Add MMC_CAP_ERASE to allow erase/discard/trim requests btrfs: don't prematurely free work in end_workqueue_fn() btrfs: don't prematurely free work in run_ordered_work() ASoC: wm2200: add missed operations in remove and probe failure spi: st-ssc4: add missed pm_runtime_disable ASoC: wm5100: add missed pm_runtime_disable ASoC: Intel: bytcr_rt5640: Update quirk for Acer Switch 10 SW5-012 2-in-1 x86/insn: Add some Intel instructions to the opcode map brcmfmac: remove monitor interface when detaching iwlwifi: check kasprintf() return value fbtft: Make sure string is NULL terminated net: ethernet: ti: ale: clean ale tbl on init and intf restart crypto: sun4i-ss - Fix 64-bit size_t warnings crypto: sun4i-ss - Fix 64-bit size_t warnings on sun4i-ss-hash.c mac80211: consider QoS Null frames for STA_NULLFUNC_ACKED crypto: vmx - Avoid weird build failures libtraceevent: Fix memory leakage in copy_filter_type mips: fix build when "48 bits virtual memory" is enabled drm/amdgpu: fix bad DMA from INTERRUPT_CNTL2 net: phy: initialise phydev speed and duplex sanely btrfs: don't prematurely free work in reada_start_machine_worker() btrfs: don't prematurely free work in scrub_missing_raid56_worker() Revert "mmc: sdhci: Fix incorrect switch to HS mode" mmc: mediatek: fix CMD_TA to 2 for MT8173 HS200/HS400 mode can: kvaser_usb: kvaser_usb_leaf: Fix some info-leaks to USB devices usb: xhci: Fix build warning seen with CONFIG_PM=n drm/amdgpu: fix uninitialized variable pasid_mapping_needed s390/ftrace: fix endless recursion in function_graph tracer btrfs: return error pointer from alloc_test_extent_buffer usbip: Fix receive error in vhci-hcd when using scatter-gather usbip: Fix error path of vhci_recv_ret_submit() cpufreq: Avoid leaving stale IRQ work items during CPU offline USB: EHCI: Do not return -EPIPE when hub is disconnected intel_th: pci: Add Comet Lake PCH-V support intel_th: pci: Add Elkhart Lake SOC support platform/x86: hp-wmi: Make buffer for HPWMI_FEATURE2_QUERY 128 bytes staging: comedi: gsc_hpdi: check dma_alloc_coherent() return value ext4: fix ext4_empty_dir() for directories with holes ext4: check for directory entries too close to block end ext4: unlock on error in ext4_expand_extra_isize() KVM: arm64: Ensure 'params' is initialised when looking up sys register x86/MCE/AMD: Do not use rdmsr_safe_on_cpu() in smca_configure() x86/MCE/AMD: Allow Reserved types to be overwritten in smca_banks[] powerpc/vcpu: Assume dedicated processors as non-preempt powerpc/irq: fix stack overflow verification mmc: sdhci-msm: Correct the offset and value for DDR_CONFIG register mmc: sdhci-of-esdhc: Revert "mmc: sdhci-of-esdhc: add erratum A-009204 support" mmc: sdhci: Update the tuning failed messages to pr_debug level mmc: sdhci-of-esdhc: fix P2020 errata handling mmc: sdhci: Workaround broken command queuing on Intel GLK mmc: sdhci: Add a quirk for broken command queuing nbd: fix shutdown and recv work deadlock v2 perf probe: Fix to show function entry line as probe-able Linux 4.19.92 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ic4c7f9c713549ebb3319cd0275e88678bfa0e53d |
||
|
Hans Verkuil
|
7d939dd8e4 |
media: cec-funcs.h: add status_req checks
[ Upstream commit
|
||
|
Greg Kroah-Hartman
|
d902dae13d |
This is the 4.19.90 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl35M30ACgkQONu9yGCS aT7MxQ/+P2k2knFpbzGfqn7Ug4fyrWJ8T0cvmcQYLxcddJdM+tQWuFfXR6rhg2U6 cCEkIAKVxihEA51PT6LYiynIMQ1UDAEYENfwYK4inVX2HbMsqDC4D0qnAkABzH27 sLXwhKOOGB/z1F7oKjjsX/cCwP3V2E0PL1P7owHZis6tB24pZrMEss24x/4+dDm9 zBDDxpR++mJypRvG3fA8oP5dhZZJNacIvLW+48wrxZWkIcVNnRV+QnyHZe68af1R SH4+I12AAeEDyEsQI8yX8PmGAnj1RZrzRQhibxooyBH4642RbX2qCYJkutPjI5rG pUl4970MdSHYMyEUwxh77b0jSO/9w7k02yatyp0DVA0PQ7p0lLBFZ96GEG9ytXJm Csuc6HEXSSTvuX8pf/KAf18L6kgnUhlxywkDcrcAVLQofMDhODul3fJALmGSVJXW jbp6AFoqT84I8Gm+je+vyuQciLnuH5C9wwxrOrWZzr+hLzZk60iG+OpRohn/g+Bx PjDjvnump0JGjF89hfNc+v9F+ihz7GBwOxspGrgb27ViRIhcxf0GuYFxyJtEuDiW 6+gYNzWUaVC4RR1l1jXGWtGUPBsNV50sxFHK/Hx09UMIu/uJPMtF+TW9QDhJT1jr kL1kKeCsRV54nWjiWKwTTI2I37xJCPuidW5hvLqf2+ZHYTfQzsE= =Op5F -----END PGP SIGNATURE----- Merge 4.19.90 into android-4.19 Changes in 4.19.90 usb: gadget: configfs: Fix missing spin_lock_init() usb: gadget: pch_udc: fix use after free scsi: qla2xxx: Fix driver unload hang media: venus: remove invalid compat_ioctl32 handler USB: uas: honor flag to avoid CAPACITY16 USB: uas: heed CAPACITY_HEURISTICS USB: documentation: flags on usb-storage versus UAS usb: Allow USB device to be warm reset in suspended state staging: rtl8188eu: fix interface sanity check staging: rtl8712: fix interface sanity check staging: gigaset: fix general protection fault on probe staging: gigaset: fix illegal free on probe errors staging: gigaset: add endpoint-type sanity check usb: xhci: only set D3hot for pci device xhci: Fix memory leak in xhci_add_in_port() xhci: Increase STS_HALT timeout in xhci_suspend() xhci: handle some XHCI_TRUST_TX_LENGTH quirks cases as default behaviour. ARM: dts: pandora-common: define wl1251 as child node of mmc3 iio: adis16480: Add debugfs_reg_access entry iio: humidity: hdc100x: fix IIO_HUMIDITYRELATIVE channel reporting iio: imu: inv_mpu6050: fix temperature reporting using bad unit USB: atm: ueagle-atm: add missing endpoint check USB: idmouse: fix interface sanity checks USB: serial: io_edgeport: fix epic endpoint lookup usb: roles: fix a potential use after free USB: adutux: fix interface sanity check usb: core: urb: fix URB structure initialization function usb: mon: Fix a deadlock in usbmon between mmap and read tpm: add check after commands attribs tab allocation mtd: spear_smi: Fix Write Burst mode virtio-balloon: fix managed page counts when migrating pages between zones usb: dwc3: pci: add ID for the Intel Comet Lake -H variant usb: dwc3: gadget: Fix logical condition usb: dwc3: ep0: Clear started flag on completion phy: renesas: rcar-gen3-usb2: Fix sysfs interface of "role" btrfs: check page->mapping when loading free space cache btrfs: use refcount_inc_not_zero in kill_all_nodes Btrfs: fix metadata space leak on fixup worker failure to set range as delalloc Btrfs: fix negative subv_writers counter and data space leak after buffered write btrfs: Avoid getting stuck during cyclic writebacks btrfs: Remove btrfs_bio::flags member Btrfs: send, skip backreference walking for extents with many references btrfs: record all roots for rename exchange on a subvol rtlwifi: rtl8192de: Fix missing code to retrieve RX buffer address rtlwifi: rtl8192de: Fix missing callback that tests for hw release of buffer rtlwifi: rtl8192de: Fix missing enable interrupt flag lib: raid6: fix awk build warnings ovl: fix corner case of non-unique st_dev;st_ino ovl: relax WARN_ON() on rename to self hwrng: omap - Fix RNG wait loop timeout dm writecache: handle REQ_FUA dm zoned: reduce overhead of backing device checks workqueue: Fix spurious sanity check failures in destroy_workqueue() workqueue: Fix pwq ref leak in rescuer_thread() ASoC: rt5645: Fixed buddy jack support. ASoC: rt5645: Fixed typo for buddy jack support. ASoC: Jack: Fix NULL pointer dereference in snd_soc_jack_report md: improve handling of bio with REQ_PREFLUSH in md_flush_request() blk-mq: avoid sysfs buffer overflow with too many CPU cores cgroup: pids: use atomic64_t for pids->limit ar5523: check NULL before memcpy() in ar5523_cmd() s390/mm: properly clear _PAGE_NOEXEC bit when it is not supported media: bdisp: fix memleak on release media: radio: wl1273: fix interrupt masking on release media: cec.h: CEC_OP_REC_FLAG_ values were swapped cpuidle: Do not unset the driver if it is there already erofs: zero out when listxattr is called with no xattr intel_th: Fix a double put_device() in error path intel_th: pci: Add Ice Lake CPU support intel_th: pci: Add Tiger Lake CPU support PM / devfreq: Lock devfreq in trans_stat_show cpufreq: powernv: fix stack bloat and hard limit on number of CPUs ACPI / hotplug / PCI: Allocate resources directly under the non-hotplug bridge ACPI: OSL: only free map once in osl.c ACPI: bus: Fix NULL pointer check in acpi_bus_get_private_data() ACPI: PM: Avoid attaching ACPI PM domain to certain devices pinctrl: armada-37xx: Fix irq mask access in armada_37xx_irq_set_type() pinctrl: samsung: Add of_node_put() before return in error path pinctrl: samsung: Fix device node refcount leaks in Exynos wakeup controller init pinctrl: samsung: Fix device node refcount leaks in S3C24xx wakeup controller init pinctrl: samsung: Fix device node refcount leaks in init code pinctrl: samsung: Fix device node refcount leaks in S3C64xx wakeup controller init mmc: host: omap_hsmmc: add code for special init of wl1251 to get rid of pandora_wl1251_init_card ARM: dts: omap3-tao3530: Fix incorrect MMC card detection GPIO polarity ppdev: fix PPGETTIME/PPSETTIME ioctls powerpc: Allow 64bit VDSO __kernel_sync_dicache to work across ranges >4GB powerpc/xive: Prevent page fault issues in the machine crash handler powerpc: Allow flush_icache_range to work across ranges >4GB powerpc/xive: Skip ioremap() of ESB pages for LSI interrupts video/hdmi: Fix AVI bar unpack quota: Check that quota is not dirty before release ext2: check err when partial != NULL quota: fix livelock in dquot_writeback_dquots ext4: Fix credit estimate for final inode freeing reiserfs: fix extended attributes on the root directory block: fix single range discard merge scsi: zfcp: trace channel log even for FCP command responses scsi: qla2xxx: Fix DMA unmap leak scsi: qla2xxx: Fix hang in fcport delete path scsi: qla2xxx: Fix session lookup in qlt_abort_work() scsi: qla2xxx: Fix qla24xx_process_bidir_cmd() scsi: qla2xxx: Always check the qla2x00_wait_for_hba_online() return value scsi: qla2xxx: Fix message indicating vectors used by driver scsi: qla2xxx: Fix SRB leak on switch command timeout xhci: make sure interrupts are restored to correct state usb: typec: fix use after free in typec_register_port() omap: pdata-quirks: remove openpandora quirks for mmc3 and wl1251 scsi: lpfc: Cap NPIV vports to 256 scsi: lpfc: Correct code setting non existent bits in sli4 ABORT WQE scsi: lpfc: Correct topology type reporting on G7 adapters drbd: Change drbd_request_detach_interruptible's return type to int e100: Fix passing zero to 'PTR_ERR' warning in e100_load_ucode_wait pvcalls-front: don't return error when the ring is full sch_cake: Correctly update parent qlen when splitting GSO packets net/smc: do not wait under send_lock net: hns3: clear pci private data when unload hns3 driver net: hns3: change hnae3_register_ae_dev() to int net: hns3: Check variable is valid before assigning it to another scsi: hisi_sas: send primitive NOTIFY to SSP situation only scsi: hisi_sas: Reject setting programmed minimum linkrate > 1.5G x86/MCE/AMD: Turn off MC4_MISC thresholding on all family 0x15 models x86/MCE/AMD: Carve out the MC4_MISC thresholding quirk power: supply: cpcap-battery: Fix signed counter sample register mlxsw: spectrum_router: Refresh nexthop neighbour when it becomes dead media: vimc: fix component match compare ath10k: fix fw crash by moving chip reset after napi disabled regulator: 88pm800: fix warning same module names powerpc: Avoid clang warnings around setjmp and longjmp powerpc: Fix vDSO clock_getres() ext4: work around deleting a file with i_nlink == 0 safely firmware: qcom: scm: Ensure 'a0' status code is treated as signed mm/shmem.c: cast the type of unmap_start to u64 rtc: disable uie before setting time and enable after splice: only read in as much information as there is pipe buffer space ext4: fix a bug in ext4_wait_for_tail_page_commit mfd: rk808: Fix RK818 ID template mm, thp, proc: report THP eligibility for each vma s390/smp,vdso: fix ASCE handling blk-mq: make sure that line break can be printed workqueue: Fix missing kfree(rescuer) in destroy_workqueue() perf callchain: Fix segfault in thread__resolve_callchain_sample() gre: refetch erspan header from skb->data after pskb_may_pull() firmware: arm_scmi: Avoid double free in error flow sunrpc: fix crash when cache_head become valid before update net/mlx5e: Fix SFF 8472 eeprom length leds: trigger: netdev: fix handling on interface rename PCI: rcar: Fix missing MACCTLR register setting in initialization sequence gfs2: fix glock reference problem in gfs2_trans_remove_revoke of: overlay: add_changeset_property() memory leak kernel/module.c: wakeup processes in module_wq on module unload cifs: Fix potential softlockups while refreshing DFS cache gpiolib: acpi: Add Terra Pad 1061 to the run_edge_events_on_boot_blacklist raid5: need to set STRIPE_HANDLE for batch head scsi: qla2xxx: Change discovery state before PLOGI iio: imu: mpu6050: add missing available scan masks idr: Fix idr_get_next_ul race with idr_remove scsi: zorro_esp: Limit DMA transfers to 65536 bytes (except on Fastlane) of: unittest: fix memory leak in attach_node_and_children Linux 4.19.90 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I790291e9f3d3c8dd3f53e4387de25ff272ad4f39 |
||
|
Hans Verkuil
|
aedc1c75ff |
media: cec.h: CEC_OP_REC_FLAG_ values were swapped
commit
|
||
|
Christian Brauner
|
a482713b5a |
UPSTREAM: binderfs: rename header to binderfs.h
It doesn't make sense to call the header binder_ctl.h when its sole
existence is tied to binderfs. So give it a sensible name. Users will far
more easily remember binderfs.h than binder_ctl.h.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 136497735
(cherry picked from commit
|
||
|
Christian Brauner
|
3492afe5d5 |
UPSTREAM: binder: implement binderfs
As discussed at Linux Plumbers Conference 2018 in Vancouver [1] this is the
implementation of binderfs.
/* Abstract */
binderfs is a backwards-compatible filesystem for Android's binder ipc
mechanism. Each ipc namespace will mount a new binderfs instance. Mounting
binderfs multiple times at different locations in the same ipc namespace
will not cause a new super block to be allocated and hence it will be the
same filesystem instance.
Each new binderfs mount will have its own set of binder devices only
visible in the ipc namespace it has been mounted in. All devices in a new
binderfs mount will follow the scheme binder%d and numbering will always
start at 0.
/* Backwards compatibility */
Devices requested in the Kconfig via CONFIG_ANDROID_BINDER_DEVICES for the
initial ipc namespace will work as before. They will be registered via
misc_register() and appear in the devtmpfs mount. Specifically, the
standard devices binder, hwbinder, and vndbinder will all appear in their
standard locations in /dev. Mounting or unmounting the binderfs mount in
the initial ipc namespace will have no effect on these devices, i.e. they
will neither show up in the binderfs mount nor will they disappear when the
binderfs mount is gone.
/* binder-control */
Each new binderfs instance comes with a binder-control device. No other
devices will be present at first. The binder-control device can be used to
dynamically allocate binder devices. All requests operate on the binderfs
mount the binder-control device resides in.
Assuming a new instance of binderfs has been mounted at /dev/binderfs
via mount -t binderfs binderfs /dev/binderfs. Then a request to create a
new binder device can be made as illustrated in [2].
Binderfs devices can simply be removed via unlink().
/* Implementation details */
- dynamic major number allocation:
When binderfs is registered as a new filesystem it will dynamically
allocate a new major number. The allocated major number will be returned
in struct binderfs_device when a new binder device is allocated.
- global minor number tracking:
Minor are tracked in a global idr struct that is capped at
BINDERFS_MAX_MINOR. The minor number tracker is protected by a global
mutex. This is the only point of contention between binderfs mounts.
- struct binderfs_info:
Each binderfs super block has its own struct binderfs_info that tracks
specific details about a binderfs instance:
- ipc namespace
- dentry of the binder-control device
- root uid and root gid of the user namespace the binderfs instance
was mounted in
- mountable by user namespace root:
binderfs can be mounted by user namespace root in a non-initial user
namespace. The devices will be owned by user namespace root.
- binderfs binder devices without misc infrastructure:
New binder devices associated with a binderfs mount do not use the
full misc_register() infrastructure.
The misc_register() infrastructure can only create new devices in the
host's devtmpfs mount. binderfs does however only make devices appear
under its own mountpoint and thus allocates new character device nodes
from the inode of the root dentry of the super block. This will have
the side-effect that binderfs specific device nodes do not appear in
sysfs. This behavior is similar to devpts allocated pts devices and
has no effect on the functionality of the ipc mechanism itself.
[1]: https://goo.gl/JL2tfX
[2]: program to allocate a new binderfs binder device:
#define _GNU_SOURCE
#include <errno.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/ioctl.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>
#include <linux/android/binder_ctl.h>
int main(int argc, char *argv[])
{
int fd, ret, saved_errno;
size_t len;
struct binderfs_device device = { 0 };
if (argc < 2)
exit(EXIT_FAILURE);
len = strlen(argv[1]);
if (len > BINDERFS_MAX_NAME)
exit(EXIT_FAILURE);
memcpy(device.name, argv[1], len);
fd = open("/dev/binderfs/binder-control", O_RDONLY | O_CLOEXEC);
if (fd < 0) {
printf("%s - Failed to open binder-control device\n",
strerror(errno));
exit(EXIT_FAILURE);
}
ret = ioctl(fd, BINDER_CTL_ADD, &device);
saved_errno = errno;
close(fd);
errno = saved_errno;
if (ret < 0) {
printf("%s - Failed to allocate new binder device\n",
strerror(errno));
exit(EXIT_FAILURE);
}
printf("Allocated new binder device with major %d, minor %d, and "
"name %s\n", device.major, device.minor,
device.name);
exit(EXIT_SUCCESS);
}
Cc: Martijn Coenen <maco@android.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Acked-by: Todd Kjos <tkjos@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 136497735
(cherry picked from commit
|
||
|
Eric Biggers
|
94231712cf |
BACKPORT: FROMLIST: fscrypt: add support for IV_INO_LBLK_64 policies
Inline encryption hardware compliant with the UFS v2.1 standard or with
the upcoming version of the eMMC standard has the following properties:
(1) Per I/O request, the encryption key is specified by a previously
loaded keyslot. There might be only a small number of keyslots.
(2) Per I/O request, the starting IV is specified by a 64-bit "data unit
number" (DUN). IV bits 64-127 are assumed to be 0. The hardware
automatically increments the DUN for each "data unit" of
configurable size in the request, e.g. for each filesystem block.
Property (1) makes it inefficient to use the traditional fscrypt
per-file keys. Property (2) precludes the use of the existing
DIRECT_KEY fscrypt policy flag, which needs at least 192 IV bits.
Therefore, add a new fscrypt policy flag IV_INO_LBLK_64 which causes the
encryption to modified as follows:
- The encryption keys are derived from the master key, encryption mode
number, and filesystem UUID.
- The IVs are chosen as (inode_number << 32) | file_logical_block_num.
For filenames encryption, file_logical_block_num is 0.
Since the file nonces aren't used in the key derivation, many files may
share the same encryption key. This is much more efficient on the
target hardware. Including the inode number in the IVs and mixing the
filesystem UUID into the keys ensures that data in different files is
nevertheless still encrypted differently.
Additionally, limiting the inode and block numbers to 32 bits and
placing the block number in the low bits maintains compatibility with
the 64-bit DUN convention (property (2) above).
Since this scheme assumes that inode numbers are stable (which may
preclude filesystem shrinking) and that inode and file logical block
numbers are at most 32-bit, IV_INO_LBLK_64 will only be allowed on
filesystems that meet these constraints. These are acceptable
limitations for the cases where this format would actually be used.
Note that IV_INO_LBLK_64 is an on-disk format, not an implementation.
This patch just adds support for it using the existing filesystem layer
encryption. A later patch will add support for inline encryption.
Co-developed-by: Satya Tangirala <satyat@google.com>
Signed-off-by: Satya Tangirala <satyat@google.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Change-Id: Iedecd7fa1ce8eefffdec57257e27e679938b0ad7
Signed-off-by: Satya Tangirala <satyat@google.com>
Link: https://patchwork.kernel.org/patch/11210909/
|
||
|
Jaegeuk Kim
|
c2ad33f029 |
Merge remote-tracking branch 'aosp/upstream-f2fs-stable-linux-4.19.y' into android-4.19
* aosp/upstream-f2fs-stable-linux-4.19.y:
f2fs: add a condition to detect overflow in f2fs_ioc_gc_range()
f2fs: fix to add missing F2FS_IO_ALIGNED() condition
f2fs: fix to fallback to buffered IO in IO aligned mode
f2fs: fix to handle error path correctly in f2fs_map_blocks
f2fs: fix extent corrupotion during directIO in LFS mode
f2fs: check all the data segments against all node ones
f2fs: Add a small clarification to CONFIG_FS_F2FS_FS_SECURITY
f2fs: fix inode rwsem regression
f2fs: fix to avoid accessing uninitialized field of inode page in is_alive()
f2fs: avoid infinite GC loop due to stale atomic files
f2fs: Fix indefinite loop in f2fs_gc()
f2fs: convert inline_data in prior to i_size_write
f2fs: fix error path of f2fs_convert_inline_page()
f2fs: add missing documents of reserve_root/resuid/resgid
f2fs: fix flushing node pages when checkpoint is disabled
f2fs: enhance f2fs_is_checkpoint_ready()'s readability
f2fs: clean up __bio_alloc()'s parameter
f2fs: fix wrong error injection path in inc_valid_block_count()
f2fs: fix to writeout dirty inode during node flush
f2fs: optimize case-insensitive lookups
f2fs: introduce f2fs_match_name() for cleanup
f2fs: Fix indefinite loop in f2fs_gc()
f2fs: allocate memory in batch in build_sit_info()
f2fs: support FS_IOC_{GET,SET}FSLABEL
f2fs: fix to avoid data corruption by forbidding SSR overwrite
f2fs: Fix build error while CONFIG_NLS=m
Revert "f2fs: avoid out-of-range memory access"
f2fs: cleanup the code in build_sit_entries.
f2fs: fix wrong available node count calculation
f2fs: remove duplicate code in f2fs_file_write_iter
f2fs: fix to migrate blocks correctly during defragment
f2fs: use wrapped f2fs_cp_error()
f2fs: fix to use more generic EOPNOTSUPP
f2fs: use wrapped IS_SWAPFILE()
f2fs: Support case-insensitive file name lookups
f2fs: include charset encoding information in the superblock
fs: Reserve flag for casefolding
f2fs: fix to avoid call kvfree under spinlock
fs: f2fs: Remove unnecessary checks of SM_I(sbi) in update_general_status()
f2fs: disallow direct IO in atomic write
f2fs: fix to handle quota_{on,off} correctly
f2fs: fix to detect cp error in f2fs_setxattr()
f2fs: fix to spread f2fs_is_checkpoint_ready()
f2fs: support fiemap() for directory inode
f2fs: fix to avoid discard command leak
f2fs: fix to avoid tagging SBI_QUOTA_NEED_REPAIR incorrectly
f2fs: fix to drop meta/node pages during umount
f2fs: disallow switching io_bits option during remount
f2fs: fix panic of IO alignment feature
f2fs: introduce {page,io}_is_mergeable() for readability
f2fs: fix livelock in swapfile writes
f2fs: add fs-verity support
ext4: update on-disk format documentation for fs-verity
ext4: add fs-verity read support
ext4: add basic fs-verity support
fs-verity: support builtin file signatures
fs-verity: add SHA-512 support
fs-verity: implement FS_IOC_MEASURE_VERITY ioctl
fs-verity: implement FS_IOC_ENABLE_VERITY ioctl
fs-verity: add data verification hooks for ->readpages()
fs-verity: add the hook for file ->setattr()
fs-verity: add the hook for file ->open()
fs-verity: add inode and superblock fields
fs-verity: add Kconfig and the helper functions for hashing
fs: uapi: define verity bit for FS_IOC_GETFLAGS
fs-verity: add UAPI header
fs-verity: add MAINTAINERS file entry
fs-verity: add a documentation file
ext4: fix kernel oops caused by spurious casefold flag
ext4: fix coverity warning on error path of filename setup
ext4: optimize case-insensitive lookups
ext4: fix dcache lookup of !casefolded directories
unicode: update to Unicode 12.1.0 final
unicode: add missing check for an error return from utf8lookup()
ext4: export /sys/fs/ext4/feature/casefold if Unicode support is present
unicode: refactor the rule for regenerating utf8data.h
ext4: Support case-insensitive file name lookups
ext4: include charset encoding information in the superblock
unicode: update unicode database unicode version 12.1.0
unicode: introduce test module for normalized utf8 implementation
unicode: implement higher level API for string handling
unicode: reduce the size of utf8data[]
unicode: introduce code for UTF-8 normalization
unicode: introduce UTF-8 character database
ext4 crypto: fix to check feature status before get policy
fscrypt: document the new ioctls and policy version
ubifs: wire up new fscrypt ioctls
f2fs: wire up new fscrypt ioctls
ext4: wire up new fscrypt ioctls
fscrypt: require that key be added when setting a v2 encryption policy
fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS ioctl
fscrypt: allow unprivileged users to add/remove keys for v2 policies
fscrypt: v2 encryption policy support
fscrypt: add an HKDF-SHA512 implementation
fscrypt: add FS_IOC_GET_ENCRYPTION_KEY_STATUS ioctl
fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl
fscrypt: add FS_IOC_ADD_ENCRYPTION_KEY ioctl
fscrypt: rename keyinfo.c to keysetup.c
fscrypt: move v1 policy key setup to keysetup_v1.c
fscrypt: refactor key setup code in preparation for v2 policies
fscrypt: rename fscrypt_master_key to fscrypt_direct_key
fscrypt: add ->ci_inode to fscrypt_info
fscrypt: use FSCRYPT_* definitions, not FS_*
fscrypt: use FSCRYPT_ prefix for uapi constants
fs, fscrypt: move uapi definitions to new header <linux/fscrypt.h>
fscrypt: use ENOPKG when crypto API support missing
fscrypt: improve warnings for missing crypto API support
fscrypt: improve warning messages for unsupported encryption contexts
fscrypt: make fscrypt_msg() take inode instead of super_block
fscrypt: clean up base64 encoding/decoding
fscrypt: remove loadable module related code
Conflicts:
fs/ext4/ioctl.c
fs/ext4/readpage.c
Bug: 141329812
Change-Id: I2e10c22a7c52982d073ac6897cc8aa4d5a811a38
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
|
||
|
Catalin Marinas
|
f077ee2609 |
BACKPORT: arm64: Introduce prctl() options to control the tagged user addresses ABI
(Upstream commit
|
||
|
Daniel Rosenberg
|
e304fb5ba0 |
fs: Reserve flag for casefolding
In preparation for including the casefold feature within f2fs, elevate the EXT4_CASEFOLD_FL flag to FS_CASEFOLD_FL. Signed-off-by: Daniel Rosenberg <drosen@google.com> Reviewed-by: Chao Yu <yuchao0@huawei.com> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org> |
||
|
Eric Biggers
|
9b8425a7cd |
fs-verity: add SHA-512 support
Add SHA-512 support to fs-verity. This is primarily a demonstration of the trivial changes needed to support a new hash algorithm in fs-verity; most users will still use SHA-256, due to the smaller space required to store the hashes. But some users may prefer SHA-512. Reviewed-by: Theodore Ts'o <tytso@mit.edu> Reviewed-by: Jaegeuk Kim <jaegeuk@kernel.org> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
|
Eric Biggers
|
375b9e1f36 |
fs: uapi: define verity bit for FS_IOC_GETFLAGS
Add FS_VERITY_FL to the flags for FS_IOC_GETFLAGS, so that applications can easily determine whether a file is a verity file at the same time as they're checking other file flags. This flag will be gettable only; FS_IOC_SETFLAGS won't allow setting it, since an ioctl must be used instead to provide more parameters. This flag matches the on-disk bit that was already allocated for ext4. Reviewed-by: Theodore Ts'o <tytso@mit.edu> Reviewed-by: Jaegeuk Kim <jaegeuk@kernel.org> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
|
Eric Biggers
|
489fcc8c99 |
fs-verity: add UAPI header
Add the UAPI header for fs-verity, including two ioctls: - FS_IOC_ENABLE_VERITY - FS_IOC_MEASURE_VERITY These ioctls are documented in the "User API" section of Documentation/filesystems/fsverity.rst. Examples of using these ioctls can be found in fsverity-utils (https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/fsverity-utils.git). I've also written xfstests that test these ioctls (https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/xfstests-dev.git/log/?h=fsverity). Reviewed-by: Theodore Ts'o <tytso@mit.edu> Reviewed-by: Jaegeuk Kim <jaegeuk@kernel.org> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
|
Eric Biggers
|
080389cb51 |
fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS ioctl
Add a root-only variant of the FS_IOC_REMOVE_ENCRYPTION_KEY ioctl which removes all users' claims of the key, not just the current user's claim. I.e., it always removes the key itself, no matter how many users have added it. This is useful for forcing a directory to be locked, without having to figure out which user ID(s) the key was added under. This is planned to be used by a command like 'sudo fscrypt lock DIR --all-users' in the fscrypt userspace tool (http://github.com/google/fscrypt). Reviewed-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
|
Eric Biggers
|
8e1c887424 |
fscrypt: allow unprivileged users to add/remove keys for v2 policies
Allow the FS_IOC_ADD_ENCRYPTION_KEY and FS_IOC_REMOVE_ENCRYPTION_KEY ioctls to be used by non-root users to add and remove encryption keys from the filesystem-level crypto keyrings, subject to limitations. Motivation: while privileged fscrypt key management is sufficient for some users (e.g. Android and Chromium OS, where a privileged process manages all keys), the old API by design also allows non-root users to set up and use encrypted directories, and we don't want to regress on that. Especially, we don't want to force users to continue using the old API, running into the visibility mismatch between files and keyrings and being unable to "lock" encrypted directories. Intuitively, the ioctls have to be privileged since they manipulate filesystem-level state. However, it's actually safe to make them unprivileged if we very carefully enforce some specific limitations. First, each key must be identified by a cryptographic hash so that a user can't add the wrong key for another user's files. For v2 encryption policies, we use the key_identifier for this. v1 policies don't have this, so managing keys for them remains privileged. Second, each key a user adds is charged to their quota for the keyrings service. Thus, a user can't exhaust memory by adding a huge number of keys. By default each non-root user is allowed up to 200 keys; this can be changed using the existing sysctl 'kernel.keys.maxkeys'. Third, if multiple users add the same key, we keep track of those users of the key (of which there remains a single copy), and won't really remove the key, i.e. "lock" the encrypted files, until all those users have removed it. This prevents denial of service attacks that would be possible under simpler schemes, such allowing the first user who added a key to remove it -- since that could be a malicious user who has compromised the key. Of course, encryption keys should be kept secret, but the idea is that using encryption should never be *less* secure than not using encryption, even if your key was compromised. We tolerate that a user will be unable to really remove a key, i.e. unable to "lock" their encrypted files, if another user has added the same key. But in a sense, this is actually a good thing because it will avoid providing a false notion of security where a key appears to have been removed when actually it's still in memory, available to any attacker who compromises the operating system kernel. Reviewed-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
|
Eric Biggers
|
73ce50dc2d |
fscrypt: v2 encryption policy support
Add a new fscrypt policy version, "v2". It has the following changes
from the original policy version, which we call "v1" (*):
- Master keys (the user-provided encryption keys) are only ever used as
input to HKDF-SHA512. This is more flexible and less error-prone, and
it avoids the quirks and limitations of the AES-128-ECB based KDF.
Three classes of cryptographically isolated subkeys are defined:
- Per-file keys, like used in v1 policies except for the new KDF.
- Per-mode keys. These implement the semantics of the DIRECT_KEY
flag, which for v1 policies made the master key be used directly.
These are also planned to be used for inline encryption when
support for it is added.
- Key identifiers (see below).
- Each master key is identified by a 16-byte master_key_identifier,
which is derived from the key itself using HKDF-SHA512. This prevents
users from associating the wrong key with an encrypted file or
directory. This was easily possible with v1 policies, which
identified the key by an arbitrary 8-byte master_key_descriptor.
- The key must be provided in the filesystem-level keyring, not in a
process-subscribed keyring.
The following UAPI additions are made:
- The existing ioctl FS_IOC_SET_ENCRYPTION_POLICY can now be passed a
fscrypt_policy_v2 to set a v2 encryption policy. It's disambiguated
from fscrypt_policy/fscrypt_policy_v1 by the version code prefix.
- A new ioctl FS_IOC_GET_ENCRYPTION_POLICY_EX is added. It allows
getting the v1 or v2 encryption policy of an encrypted file or
directory. The existing FS_IOC_GET_ENCRYPTION_POLICY ioctl could not
be used because it did not have a way for userspace to indicate which
policy structure is expected. The new ioctl includes a size field, so
it is extensible to future fscrypt policy versions.
- The ioctls FS_IOC_ADD_ENCRYPTION_KEY, FS_IOC_REMOVE_ENCRYPTION_KEY,
and FS_IOC_GET_ENCRYPTION_KEY_STATUS now support managing keys for v2
encryption policies. Such keys are kept logically separate from keys
for v1 encryption policies, and are identified by 'identifier' rather
than by 'descriptor'. The 'identifier' need not be provided when
adding a key, since the kernel will calculate it anyway.
This patch temporarily keeps adding/removing v2 policy keys behind the
same permission check done for adding/removing v1 policy keys:
capable(CAP_SYS_ADMIN). However, the next patch will carefully take
advantage of the cryptographically secure master_key_identifier to allow
non-root users to add/remove v2 policy keys, thus providing a full
replacement for v1 policies.
(*) Actually, in the API fscrypt_policy::version is 0 while on-disk
fscrypt_context::format is 1. But I believe it makes the most sense
to advance both to '2' to have them be in sync, and to consider the
numbering to start at 1 except for the API quirk.
Reviewed-by: Paul Crowley <paulcrowley@google.com>
Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
||
|
Eric Biggers
|
dbfc6584b3 |
fscrypt: add FS_IOC_GET_ENCRYPTION_KEY_STATUS ioctl
Add a new fscrypt ioctl, FS_IOC_GET_ENCRYPTION_KEY_STATUS. Given a key specified by 'struct fscrypt_key_specifier' (the same way a key is specified for the other fscrypt key management ioctls), it returns status information in a 'struct fscrypt_get_key_status_arg'. The main motivation for this is that applications need to be able to check whether an encrypted directory is "unlocked" or not, so that they can add the key if it is not, and avoid adding the key (which may involve prompting the user for a passphrase) if it already is. It's possible to use some workarounds such as checking whether opening a regular file fails with ENOKEY, or checking whether the filenames "look like gibberish" or not. However, no workaround is usable in all cases. Like the other key management ioctls, the keyrings syscalls may seem at first to be a good fit for this. Unfortunately, they are not. Even if we exposed the keyring ID of the ->s_master_keys keyring and gave everyone Search permission on it (note: currently the keyrings permission system would also allow everyone to "invalidate" the keyring too), the fscrypt keys have an additional state that doesn't map cleanly to the keyrings API: the secret can be removed, but we can be still tracking the files that were using the key, and the removal can be re-attempted or the secret added again. After later patches, some applications will also need a way to determine whether a key was added by the current user vs. by some other user. Reserved fields are included in fscrypt_get_key_status_arg for this and other future extensions. Reviewed-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
|
Eric Biggers
|
cacc84e003 |
fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl
Add a new fscrypt ioctl, FS_IOC_REMOVE_ENCRYPTION_KEY. This ioctl
removes an encryption key that was added by FS_IOC_ADD_ENCRYPTION_KEY.
It wipes the secret key itself, then "locks" the encrypted files and
directories that had been unlocked using that key -- implemented by
evicting the relevant dentries and inodes from the VFS caches.
The problem this solves is that many fscrypt users want the ability to
remove encryption keys, causing the corresponding encrypted directories
to appear "locked" (presented in ciphertext form) again. Moreover,
users want removing an encryption key to *really* remove it, in the
sense that the removed keys cannot be recovered even if kernel memory is
compromised, e.g. by the exploit of a kernel security vulnerability or
by a physical attack. This is desirable after a user logs out of the
system, for example. In many cases users even already assume this to be
the case and are surprised to hear when it's not.
It is not sufficient to simply unlink the master key from the keyring
(or to revoke or invalidate it), since the actual encryption transform
objects are still pinned in memory by their inodes. Therefore, to
really remove a key we must also evict the relevant inodes.
Currently one workaround is to run 'sync && echo 2 >
/proc/sys/vm/drop_caches'. But, that evicts all unused inodes in the
system rather than just the inodes associated with the key being
removed, causing severe performance problems. Moreover, it requires
root privileges, so regular users can't "lock" their encrypted files.
Another workaround, used in Chromium OS kernels, is to add a new
VFS-level ioctl FS_IOC_DROP_CACHE which is a more restricted version of
drop_caches that operates on a single super_block. It does:
shrink_dcache_sb(sb);
invalidate_inodes(sb, false);
But it's still a hack. Yet, the major users of filesystem encryption
want this feature badly enough that they are actually using these hacks.
To properly solve the problem, start maintaining a list of the inodes
which have been "unlocked" using each master key. Originally this
wasn't possible because the kernel didn't keep track of in-use master
keys at all. But, with the ->s_master_keys keyring it is now possible.
Then, add an ioctl FS_IOC_REMOVE_ENCRYPTION_KEY. It finds the specified
master key in ->s_master_keys, then wipes the secret key itself, which
prevents any additional inodes from being unlocked with the key. Then,
it syncs the filesystem and evicts the inodes in the key's list. The
normal inode eviction code will free and wipe the per-file keys (in
->i_crypt_info). Note that freeing ->i_crypt_info without evicting the
inodes was also considered, but would have been racy.
Some inodes may still be in use when a master key is removed, and we
can't simply revoke random file descriptors, mmap's, etc. Thus, the
ioctl simply skips in-use inodes, and returns -EBUSY to indicate that
some inodes weren't evicted. The master key *secret* is still removed,
but the fscrypt_master_key struct remains to keep track of the remaining
inodes. Userspace can then retry the ioctl to evict the remaining
inodes. Alternatively, if userspace adds the key again, the refreshed
secret will be associated with the existing list of inodes so they
remain correctly tracked for future key removals.
The ioctl doesn't wipe pagecache pages. Thus, we tolerate that after a
kernel compromise some portions of plaintext file contents may still be
recoverable from memory. This can be solved by enabling page poisoning
system-wide, which security conscious users may choose to do. But it's
very difficult to solve otherwise, e.g. note that plaintext file
contents may have been read in other places than pagecache pages.
Like FS_IOC_ADD_ENCRYPTION_KEY, FS_IOC_REMOVE_ENCRYPTION_KEY is
initially restricted to privileged users only. This is sufficient for
some use cases, but not all. A later patch will relax this restriction,
but it will require introducing key hashes, among other changes.
Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
||
|
Eric Biggers
|
9846255919 |
fscrypt: add FS_IOC_ADD_ENCRYPTION_KEY ioctl
Add a new fscrypt ioctl, FS_IOC_ADD_ENCRYPTION_KEY. This ioctl adds an
encryption key to the filesystem's fscrypt keyring ->s_master_keys,
making any files encrypted with that key appear "unlocked".
Why we need this
~~~~~~~~~~~~~~~~
The main problem is that the "locked/unlocked" (ciphertext/plaintext)
status of encrypted files is global, but the fscrypt keys are not.
fscrypt only looks for keys in the keyring(s) the process accessing the
filesystem is subscribed to: the thread keyring, process keyring, and
session keyring, where the session keyring may contain the user keyring.
Therefore, userspace has to put fscrypt keys in the keyrings for
individual users or sessions. But this means that when a process with a
different keyring tries to access encrypted files, whether they appear
"unlocked" or not is nondeterministic. This is because it depends on
whether the files are currently present in the inode cache.
Fixing this by consistently providing each process its own view of the
filesystem depending on whether it has the key or not isn't feasible due
to how the VFS caches work. Furthermore, while sometimes users expect
this behavior, it is misguided for two reasons. First, it would be an
OS-level access control mechanism largely redundant with existing access
control mechanisms such as UNIX file permissions, ACLs, LSMs, etc.
Encryption is actually for protecting the data at rest.
Second, almost all users of fscrypt actually do need the keys to be
global. The largest users of fscrypt, Android and Chromium OS, achieve
this by having PID 1 create a "session keyring" that is inherited by
every process. This works, but it isn't scalable because it prevents
session keyrings from being used for any other purpose.
On general-purpose Linux distros, the 'fscrypt' userspace tool [1] can't
similarly abuse the session keyring, so to make 'sudo' work on all
systems it has to link all the user keyrings into root's user keyring
[2]. This is ugly and raises security concerns. Moreover it can't make
the keys available to system services, such as sshd trying to access the
user's '~/.ssh' directory (see [3], [4]) or NetworkManager trying to
read certificates from the user's home directory (see [5]); or to Docker
containers (see [6], [7]).
By having an API to add a key to the *filesystem* we'll be able to fix
the above bugs, remove userspace workarounds, and clearly express the
intended semantics: the locked/unlocked status of an encrypted directory
is global, and encryption is orthogonal to OS-level access control.
Why not use the add_key() syscall
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
We use an ioctl for this API rather than the existing add_key() system
call because the ioctl gives us the flexibility needed to implement
fscrypt-specific semantics that will be introduced in later patches:
- Supporting key removal with the semantics such that the secret is
removed immediately and any unused inodes using the key are evicted;
also, the eviction of any in-use inodes can be retried.
- Calculating a key-dependent cryptographic identifier and returning it
to userspace.
- Allowing keys to be added and removed by non-root users, but only keys
for v2 encryption policies; and to prevent denial-of-service attacks,
users can only remove keys they themselves have added, and a key is
only really removed after all users who added it have removed it.
Trying to shoehorn these semantics into the keyrings syscalls would be
very difficult, whereas the ioctls make things much easier.
However, to reuse code the implementation still uses the keyrings
service internally. Thus we get lockless RCU-mode key lookups without
having to re-implement it, and the keys automatically show up in
/proc/keys for debugging purposes.
References:
[1] https://github.com/google/fscrypt
[2] https://goo.gl/55cCrI#heading=h.vf09isp98isb
[3] https://github.com/google/fscrypt/issues/111#issuecomment-444347939
[4] https://github.com/google/fscrypt/issues/116
[5] https://bugs.launchpad.net/ubuntu/+source/fscrypt/+bug/1770715
[6] https://github.com/google/fscrypt/issues/128
[7] https://askubuntu.com/questions/1130306/cannot-run-docker-on-an-encrypted-filesystem
Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
||
|
Eric Biggers
|
fc987b387a |
fscrypt: use FSCRYPT_* definitions, not FS_*
Update fs/crypto/ to use the new names for the UAPI constants rather than the old names, then make the old definitions conditional on !__KERNEL__. Reviewed-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
|
Eric Biggers
|
678ee27619 |
fscrypt: use FSCRYPT_ prefix for uapi constants
Prefix all filesystem encryption UAPI constants except the ioctl numbers with "FSCRYPT_" rather than with "FS_". This namespaces the constants more appropriately and makes it clear that they are related specifically to the filesystem encryption feature, and to the 'fscrypt_*' structures. With some of the old names like "FS_POLICY_FLAGS_VALID", it was not immediately clear that the constant had anything to do with encryption. This is also useful because we'll be adding more encryption-related constants, e.g. for the policy version, and we'd otherwise have to choose whether to use unclear names like FS_POLICY_V1 or inconsistent names like FS_ENCRYPTION_POLICY_V1. For source compatibility with existing userspace programs, keep the old names defined as aliases to the new names. Finally, as long as new names are being defined anyway, I skipped defining new names for the fscrypt mode numbers that aren't actually used: INVALID (0), AES_256_GCM (2), AES_256_CBC (3), SPECK128_256_XTS (7), and SPECK128_256_CTS (8). Reviewed-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
|
Eric Biggers
|
a48b7adcd9 |
fs, fscrypt: move uapi definitions to new header <linux/fscrypt.h>
More fscrypt definitions are being added, and we shouldn't use a disproportionate amount of space in <linux/fs.h> for fscrypt stuff. So move the fscrypt definitions to a new header <linux/fscrypt.h>. For source compatibility with existing userspace programs, <linux/fs.h> still includes the new header. Reviewed-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
|
Greg Kroah-Hartman
|
de5730eaef |
This is the 4.19.75 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl2FslsACgkQONu9yGCS
aT4kYBAAkOZ1wVwFD4mFkUmKvLmsGlwwkY/5/kQneBDUj4VQG9/1PFSN7Cfb9DdJ
zdIcsdsfx/J+41FKJe9rxgJL6ttB1L8ob6GYdCI/8uA23TUGCQB5RSF/cwGeZUSz
RRvqm1gstRimh4c+kibgkr3yxwBIUTzBMlBz1OMTsbP9YVzheGPahml2/mJAyb6C
z6ETlLmrw0VixyyyvAF6r210K9qftjK4nMMDeFvftgU/eJUr59jBhSkEirS3jo5G
KKP0kD3wDiOzqhZ83qU0bEG9EIiayap6k9H3r1u4Qu0xjyc095Jta+3JFpOqd66u
CLfAKO0wf/jVx3/3EzWLtnxfXIpcfWi7Vj6rcTjASOsH8PrCLageHbyoA5JmKGsW
gp4HUgwdgQPtMU7rFXCVEcoLqu0uU3PUGkOQlcx9AYLoaE2LsTijcLLJqb0tZztr
IetrhXFVmeMnz2/ejqvORZw3mLNYMTD6OfNATMEgh1LkXqaCCWXdTVj2Bsp4IcD8
d63E8ftILxxanfNjRS0T5+kc+yCkQs8oNRqZGXQQ9zjVzXiu0kyKDIh93lC7V+yF
EM4pO/+kEljtc6vP+2hdpCG7buwvhSklOs2TvWJpU7umwEfHfxeetvnQajDzk5n0
XLPDc+B/ZThND8+DrlhHvkx4dMU7xtR6IDvix9XpME65pWiB7nk=
=ebAT
-----END PGP SIGNATURE-----
Merge 4.19.75 into android-4.19
Changes in 4.19.75
netfilter: nf_flow_table: set default timeout after successful insertion
HID: wacom: generic: read HID_DG_CONTACTMAX from any feature report
RDMA/restrack: Release task struct which was hold by CM_ID object
Input: elan_i2c - remove Lenovo Legion Y7000 PnpID
powerpc/mm/radix: Use the right page size for vmemmap mapping
USB: usbcore: Fix slab-out-of-bounds bug during device reset
media: tm6000: double free if usb disconnect while streaming
phy: renesas: rcar-gen3-usb2: Disable clearing VBUS in over-current
ip6_gre: fix a dst leak in ip6erspan_tunnel_xmit
udp: correct reuseport selection with connected sockets
xen-netfront: do not assume sk_buff_head list is empty in error handling
net_sched: let qdisc_put() accept NULL pointer
KVM: coalesced_mmio: add bounds checking
firmware: google: check if size is valid when decoding VPD data
serial: sprd: correct the wrong sequence of arguments
tty/serial: atmel: reschedule TX after RX was started
mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings
nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds
ieee802154: hwsim: Fix error handle path in hwsim_init_module
ieee802154: hwsim: unregister hw while hwsim_subscribe_all_others fails
ARM: dts: am57xx: Disable voltage switching for SD card
ARM: OMAP2+: Fix missing SYSC_HAS_RESET_STATUS for dra7 epwmss
bus: ti-sysc: Fix using configured sysc mask value
s390/bpf: fix lcgr instruction encoding
ARM: OMAP2+: Fix omap4 errata warning on other SoCs
ARM: dts: dra74x: Fix iodelay configuration for mmc3
ARM: OMAP1: ams-delta-fiq: Fix missing irq_ack
bus: ti-sysc: Simplify cleanup upon failures in sysc_probe()
s390/bpf: use 32-bit index for tail calls
selftests/bpf: fix "bind{4, 6} deny specific IP & port" on s390
tools: bpftool: close prog FD before exit on showing a single program
fpga: altera-ps-spi: Fix getting of optional confd gpio
netfilter: ebtables: Fix argument order to ADD_COUNTER
netfilter: nft_flow_offload: missing netlink attribute policy
netfilter: xt_nfacct: Fix alignment mismatch in xt_nfacct_match_info
NFSv4: Fix return values for nfs4_file_open()
NFSv4: Fix return value in nfs_finish_open()
NFS: Fix initialisation of I/O result struct in nfs_pgio_rpcsetup
Kconfig: Fix the reference to the IDT77105 Phy driver in the description of ATM_NICSTAR_USE_IDT77105
xdp: unpin xdp umem pages in error path
qed: Add cleanup in qed_slowpath_start()
ARM: 8874/1: mm: only adjust sections of valid mm structures
batman-adv: Only read OGM2 tvlv_len after buffer len check
bpf: allow narrow loads of some sk_reuseport_md fields with offset > 0
r8152: Set memory to all 0xFFs on failed reg reads
x86/apic: Fix arch_dynirq_lower_bound() bug for DT enabled machines
netfilter: xt_physdev: Fix spurious error message in physdev_mt_check
netfilter: nf_conntrack_ftp: Fix debug output
NFSv2: Fix eof handling
NFSv2: Fix write regression
kallsyms: Don't let kallsyms_lookup_size_offset() fail on retrieving the first symbol
cifs: set domainName when a domain-key is used in multiuser
cifs: Use kzfree() to zero out the password
usb: host: xhci-tegra: Set DMA mask correctly
ARM: 8901/1: add a criteria for pfn_valid of arm
ibmvnic: Do not process reset during or after device removal
sky2: Disable MSI on yet another ASUS boards (P6Xxxx)
i2c: designware: Synchronize IRQs when unregistering slave client
perf/x86/intel: Restrict period on Nehalem
perf/x86/amd/ibs: Fix sample bias for dispatched micro-ops
amd-xgbe: Fix error path in xgbe_mod_init()
tools/power x86_energy_perf_policy: Fix "uninitialized variable" warnings at -O2
tools/power x86_energy_perf_policy: Fix argument parsing
tools/power turbostat: fix buffer overrun
net: aquantia: fix out of memory condition on rx side
net: seeq: Fix the function used to release some memory in an error handling path
dmaengine: ti: dma-crossbar: Fix a memory leak bug
dmaengine: ti: omap-dma: Add cleanup in omap_dma_probe()
x86/uaccess: Don't leak the AC flags into __get_user() argument evaluation
x86/hyper-v: Fix overflow bug in fill_gva_list()
keys: Fix missing null pointer check in request_key_auth_describe()
iommu/amd: Flush old domains in kdump kernel
iommu/amd: Fix race in increase_address_space()
PCI: kirin: Fix section mismatch warning
ovl: fix regression caused by overlapping layers detection
floppy: fix usercopy direction
binfmt_elf: move brk out of mmap when doing direct loader exec
arm64: kpti: Whitelist Cortex-A CPUs that don't implement the CSV3 field
media: technisat-usb2: break out of loop at end of buffer
Linux 4.19.75
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I1dd841f112ee81497cd085b102979f45ee5e6b9d
|
||
|
Juliana Rodrigueiro
|
4e5fbcb9a6 |
netfilter: xt_nfacct: Fix alignment mismatch in xt_nfacct_match_info
[ Upstream commit
|
||
|
Greg Kroah-Hartman
|
046263fec6 |
This is the 4.19.74 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl2DKbUACgkQONu9yGCS aT6YGg//abjWbd60zh1bErEl/ZlGfqjcKwM6GZ2k+Knhk14JzogJHGtBbuhIcaQB c2KH44r1QiNg9nJ2Gtq+mQnH5/GnY1aGlMHrfqb2uO7sKxoOVUZsxKiNjevtrOwI 6LsiiKE6bBRAP3f8pCiFj84ubWiWzDnb+FA3p2sfh11F9wrxAcNPsvl8jsnwHisr sAJn9KgXQRezJdwRk+JgSYdSR6WSnaf4m4rrDGe9a2qxsvH9ttCtiOmf63m184cb iMoYs1ceBfUefyJjum077KVBb/ryRDr4VMMPhKDGqgcctXAlPVAUwcUY5HG3YWQg HQaHK9AyoAiEDh+iyAMHCYZaNr/lUPNUFbsYU7nf4o058EX1fpLtFmn0T1Dh9hOn N0TN1stNDQ8KAZ5iugYBMDKKmHznIo1umxiv68dMIsUSANdBSGENio+4Tkpvmfod zagE5aOoYtsh9Qxytz9IExkGYhinfrLT5fpTLrALQwneCquZqynqBFbwYj/VOYC2 9MKGSeAKyRQqM02Bf4TrMptzO5jNsR+aWG7yyIR/L0fqis4h1fyCUTCdHd1fD1+0 hEvR+2lkKiRT+B6ArhVOWf61N0RZ4TdkCzST6WoVosonCPFImJmmSkoYQ0KmnqKP DhnIp68n4zx8uutDoFuQ5HLJeiubmHOikjnO6F+pYPyzT0PW/wQ= =VrIK -----END PGP SIGNATURE----- Merge 4.19.74 into android-4.19 Changes in 4.19.74 bridge/mdb: remove wrong use of NLM_F_MULTI cdc_ether: fix rndis support for Mediatek based smartphones ipv6: Fix the link time qualifier of 'ping_v6_proc_exit_net()' isdn/capi: check message length in capi_write() ixgbe: Fix secpath usage for IPsec TX offload. net: Fix null de-reference of device refcount net: gso: Fix skb_segment splat when splitting gso_size mangled skb having linear-headed frag_list net: phylink: Fix flow control resolution net: sched: fix reordering issues sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero sctp: Fix the link time qualifier of 'sctp_ctrlsock_exit()' sctp: use transport pf_retrans in sctp_do_8_2_transport_strike tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR tipc: add NULL pointer check before calling kfree_rcu tun: fix use-after-free when register netdev failed gpiolib: acpi: Add gpiolib_acpi_run_edge_events_on_boot option and blacklist gpio: fix line flag validation in linehandle_create Btrfs: fix assertion failure during fsync and use of stale transaction ixgbe: Prevent u8 wrapping of ITR value to something less than 10us genirq: Prevent NULL pointer dereference in resend_irqs() KVM: s390: kvm_s390_vm_start_migration: check dirty_bitmap before using it as target for memset() KVM: s390: Do not leak kernel stack data in the KVM_S390_INTERRUPT ioctl KVM: x86: work around leak of uninitialized stack contents KVM: nVMX: handle page fault in vmread x86/purgatory: Change compiler flags from -mcmodel=kernel to -mcmodel=large to fix kexec relocation errors powerpc: Add barrier_nospec to raw_copy_in_user() drm/meson: Add support for XBGR8888 & ABGR8888 formats clk: rockchip: Don't yell about bad mmc phases when getting mtd: rawnand: mtk: Fix wrongly assigned OOB buffer pointer issue PCI: Always allow probing with driver_override gpio: fix line flag validation in lineevent_create ubifs: Correctly use tnc_next() in search_dh_cookie() driver core: Fix use-after-free and double free on glue directory crypto: talitos - check AES key size crypto: talitos - fix CTR alg blocksize crypto: talitos - check data blocksize in ablkcipher. crypto: talitos - fix ECB algs ivsize crypto: talitos - Do not modify req->cryptlen on decryption. crypto: talitos - HMAC SNOOP NO AFEU mode requires SW icv checking. firmware: ti_sci: Always request response from firmware drm: panel-orientation-quirks: Add extra quirk table entry for GPD MicroPC drm/mediatek: mtk_drm_drv.c: Add of_node_put() before goto Revert "Bluetooth: btusb: driver to enable the usb-wakeup feature" iio: adc: stm32-dfsdm: fix data type modules: fix BUG when load module with rodata=n modules: fix compile error if don't have strict module rwx platform/x86: pmc_atom: Add CB4063 Beckhoff Automation board to critclk_systems DMI table rsi: fix a double free bug in rsi_91x_deinit() nvmem: Use the same permissions for eeprom as for nvmem x86/build: Add -Wnoaddress-of-packed-member to REALMODE_CFLAGS, to silence GCC9 build warning Linux 4.19.74 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I6dc03ee31e33b10ad8f7e2a68af42fe102a7743d |
||
|
Eric Biggers
|
2354e925e3 |
isdn/capi: check message length in capi_write()
[ Upstream commit
|