Stefan Berger [Thu, 19 Jan 2017 12:19:12 +0000 (07:19 -0500)]
tpm: Check size of response before accessing data
Make sure that we have not received less bytes than what is indicated
in the header of the TPM response. Also, check the number of bytes in
the response before accessing its data.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkine@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkine@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkine@linux.intel.com>
tpm_tis: use default timeout value if chip reports it as zero
Since commit 1107d065fdf1 ("tpm_tis: Introduce intermediate layer for
TPM access") Atmel 3203 TPM on ThinkPad X61S (TPM firmware version 13.9)
no longer works. The initialization proceeds fine until we get and
start using chip-reported timeouts - and the chip reports C and D
timeouts of zero.
It turns out that until commit 8e54caf407b98e ("tpm: Provide a generic
means to override the chip returned timeouts") we had actually let
default timeout values remain in this case, so let's bring back this
behavior to make chips like Atmel 3203 work again.
Use a common code that was introduced by that commit so a warning is
printed in this case and /sys/class/tpm/tpm*/timeouts correctly says the
timeouts aren't chip-original.
Fixes: 1107d065fdf1 ("tpm_tis: Introduce intermediate layer for TPM access") Cc: stable@vger.kernel.org Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Jason Gunthorpe [Mon, 21 Nov 2016 18:31:09 +0000 (11:31 -0700)]
tpm: Do not print an error message when doing TPM auto startup
This is a regression when this code was reworked and made the error
print unconditional. The original code deliberately suppressed printing
of the first error message so it could quietly sense
TPM_ERR_INVALID_POSTINIT.
Fixes: a502feb67b47 ("tpm: Clean up reading of timeout and duration capabilities") Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Jiandi An [Mon, 19 Dec 2016 04:20:53 +0000 (22:20 -0600)]
tpm, tpm_crb: Handle 64-bit resource in crb_check_resource()
crb_check_resource() in TPM CRB driver calls
acpi_dev_resource_memory() which only handles 32-bit resources.
Adding a call to acpi_dev_resource_address_space() in TPM CRB
driver which handles 64-bit resources.
Signed-off-by: Jiandi An <anjiandi@codeaurora.org> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Winkler, Tomas [Wed, 23 Nov 2016 10:04:14 +0000 (12:04 +0200)]
tpm/vtpm: fix kdoc warnings
Use corret kdoc format for function description and eliminate warning
of type:
tpm_ibmvtpm.c:66: warning: No description found for parameter 'count'
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Winkler, Tomas [Wed, 23 Nov 2016 10:04:13 +0000 (12:04 +0200)]
tmp: use pdev for parent device in tpm_chip_alloc
The tpm stack uses pdev name convention for the parent device.
Fix that also in tpm_chip_alloc().
Fixes: 3897cd9c8d1d ("tpm: Split out the devm stuff from tpmm_chip_alloc")' Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Winkler, Tomas [Wed, 23 Nov 2016 10:04:12 +0000 (12:04 +0200)]
tpm/tpm2-chip: fix kdoc errors
Use correct kdoc format, describe correct parameters and return values.
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Winkler, Tomas [Wed, 23 Nov 2016 10:04:11 +0000 (12:04 +0200)]
tpm: add kdoc for tpm_transmit and tpm_transmit_cmd
Functions tpm_transmit and transmit_cmd are referenced
from other functions kdoc hence deserve documentation.
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Mike Frysinger [Fri, 20 Jan 2017 04:28:57 +0000 (22:28 -0600)]
seccomp: dump core when using SECCOMP_RET_KILL
The SECCOMP_RET_KILL mode is documented as immediately killing the
process as if a SIGSYS had been sent and not caught (similar to a
SIGKILL). However, a SIGSYS is documented as triggering a coredump
which does not happen today.
This has the advantage of being able to more easily debug a process
that fails a seccomp filter. Today, most apps need to recompile and
change their filter in order to get detailed info out, or manually run
things through strace, or enable detailed kernel auditing. Now we get
coredumps that fit into existing system-wide crash reporting setups.
From a security pov, this shouldn't be a problem. Unhandled signals
can already be sent externally which trigger a coredump independent of
the status of the seccomp filter. The act of dumping core itself does
not cause change in execution of the program.
URL: https://crbug.com/676357 Signed-off-by: Mike Frysinger <vapier@chromium.org> Acked-by: Jorge Lucangeli Obes <jorgelo@chromium.org> Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: James Morris <james.l.morris@oracle.com>
Casey Schaufler [Thu, 19 Jan 2017 01:09:05 +0000 (17:09 -0800)]
LSM: Add /sys/kernel/security/lsm
I am still tired of having to find indirect ways to determine
what security modules are active on a system. I have added
/sys/kernel/security/lsm, which contains a comma separated
list of the active security modules. No more groping around
in /proc/filesystems or other clever hacks.
Unchanged from previous versions except for being updated
to the latest security next branch.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Acked-by: John Johansen <john.johansen@canonical.com> Acked-by: Paul Moore <paul@paul-moore.com> Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: James Morris <james.l.morris@oracle.com>
John Johansen [Mon, 16 Jan 2017 21:21:27 +0000 (13:21 -0800)]
apparmor: fix undefined reference to `aa_g_hash_policy'
The kernel build bot turned up a bad config combination when
CONFIG_SECURITY_APPARMOR is y and CONFIG_SECURITY_APPARMOR_HASH is n,
resulting in the build error
security/built-in.o: In function `aa_unpack':
(.text+0x841e2): undefined reference to `aa_g_hash_policy'
Signed-off-by: John Johansen <john.johansen@canonical.com>
Tyler Hicks [Thu, 17 Mar 2016 00:19:10 +0000 (19:19 -0500)]
apparmor: sysctl to enable unprivileged user ns AppArmor policy loading
If this sysctl is set to non-zero and a process with CAP_MAC_ADMIN in
the root namespace has created an AppArmor policy namespace,
unprivileged processes will be able to change to a profile in the
newly created AppArmor policy namespace and, if the profile allows
CAP_MAC_ADMIN and appropriate file permissions, will be able to load
policy in the respective policy namespace.
Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Signed-off-by: John Johansen <john.johansen@canonical.com>
William Hua [Mon, 16 Jan 2017 00:49:28 +0000 (16:49 -0800)]
apparmor: support querying extended trusted helper extra data
Allow a profile to carry extra data that can be queried via userspace.
This provides a means to store extra data in a profile that a trusted
helper can extract and use from live policy.
Signed-off-by: William Hua <william.hua@canonical.com> Signed-off-by: John Johansen <john.johansen@canonical.com>
John Johansen [Mon, 16 Jan 2017 08:43:08 +0000 (00:43 -0800)]
apparmor: update cap audit to check SECURITY_CAP_NOAUDIT
apparmor should be checking the SECURITY_CAP_NOAUDIT constant. Also
in complain mode make it so apparmor can elect to log a message,
informing of the check.
Signed-off-by: John Johansen <john.johansen@canonical.com>
John Johansen [Mon, 16 Jan 2017 08:43:06 +0000 (00:43 -0800)]
apparmor: convert change_profile to use fqname later to give better control
Moving the use of fqname to later allows learning profiles to be based
on the fqname request instead of just the hname. It also allows cleaning
up some of the name parsing and lookup by allowing the use of
the fqlookupn_profile() lib fn.
Signed-off-by: John Johansen <john.johansen@canonical.com>
John Johansen [Mon, 16 Jan 2017 08:43:02 +0000 (00:43 -0800)]
apparmor: change aad apparmor_audit_data macro to a fn macro
The aad macro can replace aad strings when it is not intended to. Switch
to a fn macro so it is only applied when intended.
Also at the same time cleanup audit_data initialization by putting
common boiler plate behind a macro, and dropping the gfp_t parameter
which will become useless.
Signed-off-by: John Johansen <john.johansen@canonical.com>
John Johansen [Mon, 16 Jan 2017 08:43:01 +0000 (00:43 -0800)]
apparmor: change op from int to const char *
Having ops be an integer that is an index into an op name table is
awkward and brittle. Every op change requires an edit for both the
op constant and a string in the table. Instead switch to using const
strings directly, eliminating the need for the table that needs to
be kept in sync.
Signed-off-by: John Johansen <john.johansen@canonical.com>
John Johansen [Mon, 16 Jan 2017 08:42:59 +0000 (00:42 -0800)]
apparmor: fail task profile update if current_cred isn't real_cred
Trying to update the task cred while the task current cred is not the
real cred will result in an error at the cred layer. Avoid this by
failing early and delaying the update.
Signed-off-by: John Johansen <john.johansen@canonical.com>
John Johansen [Mon, 16 Jan 2017 08:42:55 +0000 (00:42 -0800)]
apparmor: allow introspecting the loaded policy pre internal transform
Store loaded policy and allow introspecting it through apparmorfs. This
has several uses from debugging, policy validation, and policy checkpoint
and restore for containers.
Signed-off-by: John Johansen <john.johansen@canonical.com>
John Johansen [Mon, 16 Jan 2017 08:42:52 +0000 (00:42 -0800)]
apparmor: add profile and ns params to aa_may_manage_policy()
Policy management will be expanded beyond traditional unconfined root.
This will require knowning the profile of the task doing the management
and the ns view.
Signed-off-by: John Johansen <john.johansen@canonical.com>
John Johansen [Mon, 16 Jan 2017 08:42:50 +0000 (00:42 -0800)]
apparmor: add ns being viewed as a param to policy_view_capable()
Prepare for a tighter pairing of user namespaces and apparmor policy
namespaces, by making the ns to be viewed available and checking
that the user namespace level is the same as the policy ns level.
This strict pairing will be relaxed once true support of user namespaces
lands.
Signed-off-by: John Johansen <john.johansen@canonical.com>
John Johansen [Mon, 16 Jan 2017 08:42:43 +0000 (00:42 -0800)]
apparmor: provide userspace flag indicating binfmt_elf_mmap change
Commit 9f834ec18def ("binfmt_elf: switch to new creds when switching to new mm")
changed when the creds are installed by the binfmt_elf handler. This
affects which creds are used to mmap the executable into the address
space. Which can have an affect on apparmor policy.
Add a flag to apparmor at
/sys/kernel/security/apparmor/features/domain/fix_binfmt_elf_mmap
to make it possible to detect this semantic change so that the userspace
tools and the regression test suite can correctly deal with the change.
John Johansen [Mon, 16 Jan 2017 08:42:41 +0000 (00:42 -0800)]
apparmor: allow policydb to be used as the file dfa
Newer policy will combine the file and policydb dfas, allowing for
better optimizations. However to support older policy we need to
keep the ability to address the "file" dfa separately. So dup
the policydb as if it is the file dfa and set the appropriate start
state.
Signed-off-by: John Johansen <john.johansen@canonical.com>
John Johansen [Mon, 16 Jan 2017 08:42:36 +0000 (00:42 -0800)]
apparmor: name null-XXX profiles after the executable
When possible its better to name a learning profile after the missing
profile in question. This allows for both more informative names and
for profile reuse.
Signed-off-by: John Johansen <john.johansen@canonical.com>
John Johansen [Mon, 16 Jan 2017 08:42:34 +0000 (00:42 -0800)]
apparmor: refactor prepare_ns() and make usable from different views
prepare_ns() will need to be called from alternate views, and namespaces
will need to be created via different interfaces. So refactor and
allow specifying the view ns.
Signed-off-by: John Johansen <john.johansen@canonical.com>
Kees Cook [Sat, 17 Dec 2016 01:04:13 +0000 (17:04 -0800)]
apparmor: use designated initializers
Prepare to mark sensitive kernel structures for randomization by making
sure they're using designated initializers. These were identified during
allyesconfig builds of x86, arm, and arm64, with most initializer fixes
extracted from grsecurity.
Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: John Johansen <john.johansen@canonical.com>
Tetsuo Handa [Mon, 14 Nov 2016 11:11:52 +0000 (20:11 +0900)]
AppArmor: Use GFP_KERNEL for __aa_kvmalloc().
Calling kmalloc(GFP_NOIO) with order == PAGE_ALLOC_COSTLY_ORDER is not
recommended because it might fall into infinite retry loop without
invoking the OOM killer.
Since aa_dfa_unpack() is the only caller of kvzalloc() and
aa_dfa_unpack() which is calling kvzalloc() via unpack_table() is
doing kzalloc(GFP_KERNEL), it is safe to use GFP_KERNEL from
__aa_kvmalloc().
Since aa_simple_write_to_buffer() is the only caller of kvmalloc()
and aa_simple_write_to_buffer() is calling copy_from_user() which
is GFP_KERNEL context (see memdup_user_nul()), it is safe to use
GFP_KERNEL from __aa_kvmalloc().
Therefore, replace GFP_NOIO with GFP_KERNEL. Also, since we have
vmalloc() fallback, add __GFP_NORETRY so that we don't invoke the OOM
killer by kmalloc(GFP_KERNEL) with order == PAGE_ALLOC_COSTLY_ORDER.
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: John Johansen <john.johansen@canonical.com>
Linus Torvalds [Sun, 8 Jan 2017 19:42:04 +0000 (11:42 -0800)]
Merge tag 'usb-4.10-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb
Pull USB fixes from Greg KH:
"Here are a bunch of USB fixes for 4.10-rc3. Yeah, it's a lot, an
artifact of the holiday break I think.
Lots of gadget and the usual XHCI fixups for reported issues (one day
that driver will calm down...) Also included are a bunch of usb-serial
driver fixes, and for good measure, a number of much-reported MUSB
driver issues have finally been resolved.
All of these have been in linux-next with no reported issues"
* tag 'usb-4.10-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: (72 commits)
USB: fix problems with duplicate endpoint addresses
usb: ohci-at91: use descriptor-based gpio APIs correctly
usb: storage: unusual_uas: Add JMicron JMS56x to unusual device
usb: hub: Move hub_port_disable() to fix warning if PM is disabled
usb: musb: blackfin: add bfin_fifo_offset in bfin_ops
usb: musb: fix compilation warning on unused function
usb: musb: Fix trying to free already-free IRQ 4
usb: musb: dsps: implement clear_ep_rxintr() callback
usb: musb: core: add clear_ep_rxintr() to musb_platform_ops
USB: serial: ti_usb_3410_5052: fix NULL-deref at open
USB: serial: spcp8x5: fix NULL-deref at open
USB: serial: quatech2: fix sleep-while-atomic in close
USB: serial: pl2303: fix NULL-deref at open
USB: serial: oti6858: fix NULL-deref at open
USB: serial: omninet: fix NULL-derefs at open and disconnect
USB: serial: mos7840: fix misleading interrupt-URB comment
USB: serial: mos7840: remove unused write URB
USB: serial: mos7840: fix NULL-deref at open
USB: serial: mos7720: remove obsolete port initialisation
USB: serial: mos7720: fix parallel probe
...
Linus Torvalds [Sun, 8 Jan 2017 19:37:44 +0000 (11:37 -0800)]
Merge tag 'char-misc-4.10-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc
Pull char/misc fixes from Greg KH:
"Here are a few small char/misc driver fixes for 4.10-rc3.
Two MEI driver fixes, and three NVMEM patches for reported issues, and
a new Hyper-V driver MAINTAINER update. Nothing major at all, all have
been in linux-next with no reported issues"
* tag 'char-misc-4.10-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc:
hyper-v: Add myself as additional MAINTAINER
nvmem: fix nvmem_cell_read() return type doc
nvmem: imx-ocotp: Fix wrong register size
nvmem: qfprom: Allow single byte accesses for read/write
mei: move write cb to completion on credentials failures
mei: bus: fix mei_cldev_enable KDoc
Linus Torvalds [Sun, 8 Jan 2017 19:22:00 +0000 (11:22 -0800)]
Merge tag 'staging-4.10-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging
Pull staging/IIO fixes from Greg KH:
"Here are some staging and IIO driver fixes for 4.10-rc3.
Most of these are minor IIO fixes of reported issues, along with one
network driver fix to resolve an issue. And a MAINTAINERS update with
a new mailing list. All of these, except the MAINTAINERS file update,
have been in linux-next with no reported issues (the MAINTAINERS patch
happened on Friday...)"
* tag 'staging-4.10-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging:
MAINTAINERS: add greybus subsystem mailing list
staging: octeon: Call SET_NETDEV_DEV()
iio: accel: st_accel: fix LIS3LV02 reading and scaling
iio: common: st_sensors: fix channel data parsing
iio: max44000: correct value in illuminance_integration_time_available
iio: adc: TI_AM335X_ADC should depend on HAS_DMA
iio: bmi160: Fix time needed to sleep after command execution
iio: 104-quad-8: Fix active level mismatch for the preset enable option
iio: 104-quad-8: Fix off-by-one errors when addressing IOR
iio: 104-quad-8: Fix index control configuration
Johannes Weiner [Sat, 7 Jan 2017 00:21:43 +0000 (19:21 -0500)]
mm: workingset: fix use-after-free in shadow node shrinker
Several people report seeing warnings about inconsistent radix tree
nodes followed by crashes in the workingset code, which all looked like
use-after-free access from the shadow node shrinker.
Dave Jones managed to reproduce the issue with a debug patch applied,
which confirmed that the radix tree shrinking indeed frees shadow nodes
while they are still linked to the shadow LRU:
This is the WARN_ON_ONCE(!list_empty(&node->private_list)) placed in the
inlined radix_tree_shrink().
The problem is with 14b468791fa9 ("mm: workingset: move shadow entry
tracking to radix tree exceptional tracking"), which passes an update
callback into the radix tree to link and unlink shadow leaf nodes when
tree entries change, but forgot to pass the callback when reclaiming a
shadow node.
While the reclaimed shadow node itself is unlinked by the shrinker, its
deletion from the tree can cause the left-most leaf node in the tree to
be shrunk. If that happens to be a shadow node as well, we don't unlink
it from the LRU as we should.
Consider this tree, where the s are shadow entries:
root->rnode
|
[0 n]
| |
[s ] [sssss]
Now the shadow node shrinker reclaims the rightmost leaf node through
the shadow node LRU:
root->rnode
|
[0 ]
|
[s ]
Because the parent of the deleted node is the first level below the
root and has only one child in the left-most slot, the intermediate
level is shrunk and the node containing the single shadow is put in
its place:
root->rnode
|
[s ]
The shrinker again sees a single left-most slot in a first level node
and thus decides to store the shadow in root->rnode directly and free
the node - which is a leaf node on the shadow node LRU.
root->rnode
|
s
Without the update callback, the freed node remains on the shadow LRU,
where it causes later shrinker runs to crash.
Pass the node updater callback into __radix_tree_delete_node() in case
the deletion causes the left-most branch in the tree to collapse too.
Also add warnings when linked nodes are freed right away, rather than
wait for the use-after-free when the list is scanned much later.
Fixes: 14b468791fa9 ("mm: workingset: move shadow entry tracking to radix tree exceptional tracking") Reported-by: Dave Chinner <david@fromorbit.com> Reported-by: Hugh Dickins <hughd@google.com> Reported-by: Andrea Arcangeli <aarcange@redhat.com> Reported-and-tested-by: Dave Jones <davej@codemonkey.org.uk> Signed-off-by: Johannes Weiner <hannes@cmpxchg.org> Cc: Christoph Hellwig <hch@lst.de> Cc: Chris Leech <cleech@redhat.com> Cc: Lee Duncan <lduncan@suse.com> Cc: Jan Kara <jack@suse.cz> Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Cc: Matthew Wilcox <mawilcox@linuxonhyperv.com> Cc: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Hugh Dickins [Sat, 7 Jan 2017 23:37:31 +0000 (15:37 -0800)]
mm: stop leaking PageTables
4.10-rc loadtest (even on x86, and even without THPCache) fails with
"fork: Cannot allocate memory" or some such; and /proc/meminfo shows
PageTables growing.
Commit 953c66c2b22a ("mm: THP page cache support for ppc64") that got
merged in rc1 removed the freeing of an unused preallocated pagetable
after do_fault_around() has called map_pages().
This is usually a good optimization, so that the followup doesn't have
to reallocate one; but it's not sufficient to shift the freeing into
alloc_set_pte(), since there are failure cases (most commonly
VM_FAULT_RETRY) which never reach finish_fault().
Check and free it at the outer level in do_fault(), then we don't need
to worry in alloc_set_pte(), and can restore that to how it was (I
cannot find any reason to pte_free() under lock as it was doing).
And fix a separate pagetable leak, or crash, introduced by the same
change, that could only show up on some ppc64: why does do_set_pmd()'s
failure case attempt to withdraw a pagetable when it never deposited
one, at the same time overwriting (so leaking) the vmf->prealloc_pte?
Residue of an earlier implementation, perhaps? Delete it.
Fixes: 953c66c2b22a ("mm: THP page cache support for ppc64") Cc: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Cc: Michael Ellerman <mpe@ellerman.id.au> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: Michael Neuling <mikey@neuling.org> Cc: Paul Mackerras <paulus@samba.org> Cc: Balbir Singh <bsingharora@gmail.com> Cc: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Hugh Dickins <hughd@google.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Linus Torvalds [Sat, 7 Jan 2017 17:47:43 +0000 (09:47 -0800)]
Merge branch 'rc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild
Pull kbuild fix from Michal Marek:
"The asm-prototypes.h file added in the last merge window results in
invalid code with CONFIG_KMEMCHECK=y. The net result is that genksyms
segfaults.
This pull request fixes the header, the genksyms fix is in my kbuild
branch for 4.11"
* 'rc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild:
asm-prototypes: Clear any CPP defines before declaring the functions
Linus Torvalds [Fri, 6 Jan 2017 23:38:39 +0000 (15:38 -0800)]
Merge tag 'sound-4.10-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound
Pull sound fixes from Takashi Iwai:
"Nothing particular stands out, only a few small fixes for USB-audio,
HD-audio and Firewire. The USB-audio fix is the respin of the previous
race fix after a revert due to the regression"
* tag 'sound-4.10-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
Revert "ALSA: firewire-lib: change structure member with proper type"
ALSA: usb-audio: test EP_FLAG_RUNNING at urb completion
ALSA: usb-audio: Fix irq/process data synchronization
ALSA: hda - Apply asus-mode8 fixup to ASUS X71SL
ALSA: hda - Fix up GPIO for ASUS ROG Ranger
ALSA: firewire-lib: change structure member with proper type
ALSA: firewire-tascam: Fix to handle error from initialization of stream data
ALSA: fireworks: fix asymmetric API call at unit removal
Linus Torvalds [Fri, 6 Jan 2017 23:35:27 +0000 (15:35 -0800)]
Merge tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux
Pull clk fixes from Stephen Boyd:
"One fix for a broken driver on Renesas RZ/A1 SoCs with bootloaders
that don't turn all the clks on and another fix for stm32f4 SoCs where
we have multiple drivers attaching to the same DT node"
* tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux:
clk: stm32f4: Use CLK_OF_DECLARE_DRIVER initialization method
clk: renesas: mstp: Support 8-bit registers for r7s72100
Linus Torvalds [Fri, 6 Jan 2017 19:19:03 +0000 (11:19 -0800)]
Merge tag 'vfio-v4.10-rc3' of git://github.com/awilliam/linux-vfio
Pull VFIO fixes from Alex Williamson:
- Add mtty sample driver properly into build system (Alex Williamson)
- Restore type1 mapping performance after mdev (Alex Williamson)
- Fix mdev device race (Alex Williamson)
- Cleanups to the mdev ABI used by vendor drivers (Alex Williamson)
- Build fix for old compilers (Arnd Bergmann)
- Fix sample driver error path (Dan Carpenter)
- Handle pci_iomap() error (Arvind Yadav)
- Fix mdev ioctl return type (Paul Gortmaker)
* tag 'vfio-v4.10-rc3' of git://github.com/awilliam/linux-vfio:
vfio-mdev: fix non-standard ioctl return val causing i386 build fail
vfio-pci: Handle error from pci_iomap
vfio-mdev: fix some error codes in the sample code
vfio-pci: use 32-bit comparisons for register address for gcc-4.5
vfio-mdev: Make mdev_device private and abstract interfaces
vfio-mdev: Make mdev_parent private
vfio-mdev: de-polute the namespace, rename parent_device & parent_ops
vfio-mdev: Fix remove race
vfio/type1: Restore mapping performance with mdev support
vfio-mdev: Fix mtty sample driver building
Linus Torvalds [Fri, 6 Jan 2017 18:53:21 +0000 (10:53 -0800)]
Merge branch 'stable/for-linus-4.10' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/swiotlb
Pull swiotlb fixes from Konrad Rzeszutek Wilk:
"This has one fix to make i915 work when using Xen SWIOTLB, and a
feature from Geert to aid in debugging of devices that can't do DMA
outside the 32-bit address space.
The feature from Geert is on top of v4.10 merge window commit
(specifically you pulling my previous branch), as his changes were
dependent on the Documentation/ movement patches.
I figured it would just easier than me trying than to cherry-pick the
Documentation patches to satisfy git.
The patches have been soaking since 12/20, albeit I updated the last
patch due to linux-next catching an compiler error and adding an
Tested-and-Reported-by tag"
* 'stable/for-linus-4.10' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/swiotlb:
swiotlb: Export swiotlb_max_segment to users
swiotlb: Add swiotlb=noforce debug option
swiotlb: Convert swiotlb_force from int to enum
x86, swiotlb: Simplify pci_swiotlb_detect_override()
Linus Torvalds [Fri, 6 Jan 2017 18:49:36 +0000 (10:49 -0800)]
Merge tag 'iommu-fixes-v4.10-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu
Pull IOMMU fixes from Joerg Roedel:
"Three fixes queued up:
- fix an issue with command buffer overflow handling in the AMD IOMMU
driver
- add an additional context entry flush to the Intel VT-d driver to
make sure any old context entry from kdump copying is flushed out
of the cache
- correct the encoding of the PASID table size in the Intel VT-d
driver"
* tag 'iommu-fixes-v4.10-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu:
iommu/amd: Fix the left value check of cmd buffer
iommu/vt-d: Fix pasid table size encoding
iommu/vt-d: Flush old iommu caches for kdump when the device gets context mapped
Linus Torvalds [Fri, 6 Jan 2017 18:40:17 +0000 (10:40 -0800)]
Merge tag 'acpi-4.10-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
Pull ACPI fixes from Rafael Wysocki:
"These fix a device enumeration problem related to _ADR matching and an
IOMMU initialization issue related to the DMAR table missing, remove
an excessive function call from the core ACPI code, update an error
message in the ACPI WDAT watchdog driver and add a way to work around
problems with unhandled GPE notifications.
Specifics:
- Fix a device enumeration issue leading to incorrect associations
between ACPI device objects and platform device objects
representing physical devices if the given device object has both
_ADR and _HID (Rafael Wysocki).
- Avoid passing NULL to acpi_put_table() during IOMMU initialization
which triggers a (rightful) warning from ACPICA (Rafael Wysocki).
- Drop an excessive call to acpi_dma_deconfigure() from the core code
that binds ACPI device objects to device objects representing
physical devices (Lorenzo Pieralisi).
- Update an error message in the ACPI WDAT watchdog driver to make it
provide more useful information (Mika Westerberg).
- Add a mechanism to work around issues with unhandled GPE
notifications that occur during system initialization and cannot be
prevented by means of sysfs (Lv Zheng)"
* tag 'acpi-4.10-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
ACPI / DMAR: Avoid passing NULL to acpi_put_table()
ACPI / scan: Prefer devices without _HID/_CID for _ADR matching
ACPI / watchdog: Print out error number when device creation fails
ACPI / sysfs: Provide quirk mechanism to prevent GPE flooding
ACPI: Drop misplaced acpi_dma_deconfigure() call from acpi_bind_one()
Linus Torvalds [Fri, 6 Jan 2017 18:37:50 +0000 (10:37 -0800)]
Merge tag 'pm-4.10-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
Pull power management fixes from Rafael Wysocki:
"These fix a few issues in the intel_pstate driver, a documetation
issue, a false-positive compiler warning in the generic power domains
framework and two problems in the devfreq subsystem. They also update
the MAINTAINERS entry for devfreq and add a new "compatible" string to
the generic cpufreq-dt driver.
Specifics:
- Fix a few intel_pstate driver issues: add missing locking it two
places, avoid exposing a useless debugfs interface and keep the
attribute values in sysfs in sync (Rafael Wysocki).
- Drop confusing kernel-doc references related to power management
and ACPI from the driver API manual (Rafael Wysocki).
- Make a false-positive compiler warning in the generic power domains
framework go away (Augusto Mecking Caringi).
- Fix two initialization issues in the devfreq subsystem and update
the MAINTAINERS entry for it (Chanwoo Choi).
- Add a new "compatible" string for APM X-Gene 2 to the generic DT
cpufreq driver (Hoan Tran)"
* tag 'pm-4.10-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
cpufreq: dt: Add support for APM X-Gene 2
PM / devfreq: exynos-bus: Fix the wrong return value
PM / devfreq: Fix the bug of devfreq_add_device when governor is NULL
MAINTAINERS: Add myself as reviewer for DEVFREQ subsystem support
PM / docs: Drop confusing kernel-doc references from infrastructure.rst
PM / domains: Fix 'may be used uninitialized' build warning
cpufreq: intel_pstate: Always keep all limits settings in sync
cpufreq: intel_pstate: Use locking in intel_cpufreq_verify_policy()
cpufreq: intel_pstate: Use locking in intel_pstate_resume()
cpufreq: intel_pstate: Do not expose PID parameters in passive mode
So they can figure out what is the optimal number of pages
that can be contingously stitched together without fear of
bounce buffer.
We also expose an mechanism for sub-users of SWIOTLB API, such
as Xen-SWIOTLB to set the max segment value. And lastly
if swiotlb=force is set (which mandates we bounce buffer everything)
we set max_segment so at least we can bounce buffer one 4K page
instead of a giant 512KB one for which we may not have space.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Reported-and-Tested-by: Juergen Gross <jgross@suse.com>
Merge branches 'pm-domains', 'pm-docs' and 'pm-devfreq'
* pm-domains:
PM / domains: Fix 'may be used uninitialized' build warning
* pm-docs:
PM / docs: Drop confusing kernel-doc references from infrastructure.rst
* pm-devfreq:
PM / devfreq: exynos-bus: Fix the wrong return value
PM / devfreq: Fix the bug of devfreq_add_device when governor is NULL
MAINTAINERS: Add myself as reviewer for DEVFREQ subsystem support
* pm-cpufreq:
cpufreq: dt: Add support for APM X-Gene 2
cpufreq: intel_pstate: Always keep all limits settings in sync
cpufreq: intel_pstate: Use locking in intel_cpufreq_verify_policy()
cpufreq: intel_pstate: Use locking in intel_pstate_resume()
cpufreq: intel_pstate: Do not expose PID parameters in passive mode
Linus Torvalds [Fri, 6 Jan 2017 07:17:41 +0000 (23:17 -0800)]
Merge tag 'platform-drivers-x86-v4.10-3' of git://git.infradead.org/users/dvhart/linux-platform-drivers-x86
Pull x86 platform driver fixes from Darren Hart:
"Just two small fixes for platform drivers x86:
- use brightness_set_blocking for LED-setting callbacks on Fujitsu
laptops
- fix surface3_button build errors"
* tag 'platform-drivers-x86-v4.10-3' of git://git.infradead.org/users/dvhart/linux-platform-drivers-x86:
platform/x86: fujitsu-laptop: use brightness_set_blocking for LED-setting callbacks
platform/x86: fix surface3_button build errors
Linus Torvalds [Fri, 6 Jan 2017 07:06:06 +0000 (23:06 -0800)]
Merge branch 'stable-4.10' of git://git.infradead.org/users/pcmoore/audit
Pull audit fixes from Paul Moore:
"Two small fixes relating to audit's use of fsnotify.
The first patch plugs a leak and the second fixes some lock
shenanigans. The patches are small and I banged on this for an
afternoon with our testsuite and didn't see anything odd"
* 'stable-4.10' of git://git.infradead.org/users/pcmoore/audit:
audit: Fix sleep in atomic
fsnotify: Remove fsnotify_duplicate_mark()
Linus Torvalds [Thu, 5 Jan 2017 23:06:02 +0000 (15:06 -0800)]
Merge tag 'drm-intel-fixes-2017-01-05' of git://anongit.freedesktop.org/git/drm-intel
Pull i915 drm fixes from Jani Nikula:
"Here's a bunch of drm/i915 fixes for v4.10-rc3. It includes GVT-g
fixes.
My new year's resolution is to start using signed tags for pulls. If
that feels like a déjà vu, it's ((new year's) resolution), not (new
(year's resolution))"
[ Taking this directly from Jani because Dave Airlie is only partially
connected right now. - Linus ]
* tag 'drm-intel-fixes-2017-01-05' of git://anongit.freedesktop.org/git/drm-intel:
drm/i915: Prevent timeline updates whilst performing reset
drm/i915: Silence allocation failure during sg_trim()
drm/i915: Don't clflush before release phys object
drm/i915: Fix oops in overlay due to frontbuffer tracking
drm/i915: Fix oopses in the overlay code due to i915_gem_active stuff
drm/i915: Initialize overlay->last_flip properly
drm/i915: Move the min_pixclk[] handling to the end of readout
drm/i915: Force VDD off on the new power seqeuencer before starting to use it
drm/i915/gvt: fix typo in cfg_space range check
drm/i915/gvt: fix an issue in emulating cfg space PCI_COMMAND
drm/i915/gvt/kvmgt: trival: code cleanup
drm/i915/gvt/kvmgt: prevent double-release of vgpu
drm/i915/gvt/kvmgt: check returned slot for gfn
drm/i915/gvt/kvmgt: dereference the pointer within lock
drm/i915/gvt: reset the GGTT entry when vGPU created
drm/i915/gvt: fix an error in opregion handling
projects / karo-tx-linux.git / log