summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2017-11-13Merge branch 'next-integrity' of ↵Linus Torvalds19-125/+164
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security Pull security subsystem integrity updates from James Morris: "There is a mixture of bug fixes, code cleanup, preparatory code for new functionality and new functionality. Commit 26ddabfe96bb ("evm: enable EVM when X509 certificate is loaded") enabled EVM without loading a symmetric key, but was limited to defining the x509 certificate pathname at build. Included in this set of patches is the ability of enabling EVM, without loading the EVM symmetric key, from userspace. New is the ability to prevent the loading of an EVM symmetric key." * 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: ima: Remove redundant conditional operator ima: Fix bool initialization/comparison ima: check signature enforcement against cmdline param instead of CONFIG module: export module signature enforcement status ima: fix hash algorithm initialization EVM: Only complain about a missing HMAC key once EVM: Allow userspace to signal an RSA key has been loaded EVM: Include security.apparmor in EVM measurements ima: call ima_file_free() prior to calling fasync integrity: use kernel_read_file_from_path() to read x509 certs ima: always measure and audit files in policy ima: don't remove the securityfs policy file vfs: fix mounting a filesystem with i_version
2017-11-13Merge branch 'next-general' of ↵Linus Torvalds17-279/+385
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security Pull general security subsystem updates from James Morris: "TPM (from Jarkko): - essential clean up for tpm_crb so that ARM64 and x86 versions do not distract each other as much as before - /dev/tpm0 rejects now too short writes (shorter buffer than specified in the command header - use DMA-safe buffer in tpm_tis_spi - otherwise mostly minor fixes. Smack: - base support for overlafs Capabilities: - BPRM_FCAPS fixes, from Richard Guy Briggs: The audit subsystem is adding a BPRM_FCAPS record when auditing setuid application execution (SYSCALL execve). This is not expected as it was supposed to be limited to when the file system actually had capabilities in an extended attribute. It lists all capabilities making the event really ugly to parse what is happening. The PATH record correctly records the setuid bit and owner. Suppress the BPRM_FCAPS record on set*id. TOMOYO: - Y2038 timestamping fixes" * 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (28 commits) MAINTAINERS: update the IMA, EVM, trusted-keys, encrypted-keys entries Smack: Base support for overlayfs MAINTAINERS: remove David Safford as maintainer for encrypted+trusted keys tomoyo: fix timestamping for y2038 capabilities: audit log other surprising conditions capabilities: fix logic for effective root or real root capabilities: invert logic for clarity capabilities: remove a layer of conditional logic capabilities: move audit log decision to function capabilities: use intuitive names for id changes capabilities: use root_priveleged inline to clarify logic capabilities: rename has_cap to has_fcap capabilities: intuitive names for cap gain status capabilities: factor out cap_bprm_set_creds privileged root tpm, tpm_tis: use ARRAY_SIZE() to define TPM_HID_USR_IDX tpm: fix duplicate inline declaration specifier tpm: fix type of a local variables in tpm_tis_spi.c tpm: fix type of a local variable in tpm2_map_command() tpm: fix type of a local variable in tpm2_get_cc_attrs_tbl() tpm-dev-common: Reject too short writes ...
2017-11-13Merge tag 'mmc-v4.15' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmcLinus Torvalds66-581/+3256
Pull MMC updates from Ulf Hansson: "MMC core: - Introduce host claiming by context to support blkmq - Preparations for enabling CQE (eMMC CMDQ) requests - Re-factorizations to prepare for blkmq support - Re-factorizations to prepare for CQE support - Fix signal voltage switch for SD cards without power cycle - Convert RPMB to a character device - Export eMMC revision via sysfs - Support eMMC DT binding for fixed driver type - Document mmc_regulator_get_supply() API MMC host: - omap_hsmmc: Updated regulator management for PBIAS - sdhci-omap: Add new OMAP SDHCI driver - meson-mx-sdio: New driver for the Amlogic Meson8 and Meson8b SoCs - sdhci-pci: Add support for Intel CDF - sdhci-acpi: Fix voltage switch for some Intel host controllers - sdhci-msm: Enable delay circuit calibration clocks - sdhci-msm: Manage power IRQ properly - mediatek: Add support of mt2701/mt2712 - mediatek: Updates management of clocks and tunings - mediatek: Upgrade eMMC HS400 support - rtsx_pci: Update tuning for gen3 PCI-Express - renesas_sdhi: Support R-Car Gen[123] fallback compatibility strings - Catch all errors when getting regulators - Various additional improvements and cleanups" * tag 'mmc-v4.15' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc: (91 commits) sdhci-fujitsu: add support for setting the CMD_DAT_DELAY attribute dt-bindings: sdhci-fujitsu: document cmd-dat-delay property mmc: tmio: Replace msleep() of 20ms or less with usleep_range() mmc: dw_mmc: Convert timers to use timer_setup() mmc: dw_mmc: Cleanup the DTO timer like the CTO one mmc: vub300: Use common code in __download_offload_pseudocode() mmc: tmio: Use common error handling code in tmio_mmc_host_probe() mmc: Convert timers to use timer_setup() mmc: sdhci-acpi: Fix voltage switch for some Intel host controllers mmc: sdhci-acpi: Let devices define their own private data mmc: mediatek: perfer to use rise edge latching for cmd line mmc: mediatek: improve eMMC hs400 mode read performance mmc: mediatek: add latch-ck support mmc: mediatek: add support of source_cg clock mmc: mediatek: add stop_clk fix and enhance_rx support mmc: mediatek: add busy_check support mmc: mediatek: add async fifo and data tune support mmc: mediatek: add pad_tune0 support mmc: mediatek: make hs400_tune_response only for mt8173 arm64: dts: mt8173: remove "mediatek, mt8135-mmc" from mmc nodes ...
2017-11-13/proc/module: fix building without kallsymsArnd Bergmann1-2/+8
As reported by kernelci and other build bots, we now get a link failure without CONFIG_KALLSYMS: module.c:(.text+0xf2c): undefined reference to `kallsyms_show_value' This adds a dummy helper with the same name that can be used for compilation. It's not entirely clear to me what this should return for !CONFIG_KALLSYMS, I picked an unconditional 'false', which leads to the module address being unavailable to user space. Link: https://kernelci.org/build/mainline/branch/master/kernel/v4.14-5-g516fb7f2e73d/ Fixes: 516fb7f2e73d ("/proc/module: use the same logic as /proc/kallsyms for address exposure") Signed-off-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-11-13kallsyms: fix building without printkArnd Bergmann1-1/+2
Building kallsyms fails without CONFIG_PRINTK due to a missing declaration: kernel/kallsyms.c: In function 'kallsyms_show_value': kernel/kallsyms.c:670:10: error: 'kptr_restrict' undeclared (first use in this function); did you mean 'keyring_restrict'? This moves the declaration outside of the #ifdef guard, the definition is already available without CONFIG_PRINTK. Fixes: c0f3ea158939 ("stop using '%pK' for /proc/kallsyms pointer values") Signed-off-by: Arnd Bergmann <arnd@arndb.de> [ I clearly need to start doing "allnoconfig" builds too, or just have a test branch for the 0day robot - Linus ] Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-11-13Merge tag 'regmap-v4.15' of ↵Linus Torvalds6-26/+161
git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regmap Pull regmap updates from Mark Brown: "After several quiet kernel releases we've got a couple of new features in regmap, support for using hwspinlocks as the lock for the internal data structures and a helper for polling on regmap_fields. The Kconfig dependencies on hwspinlocks were annoyingly difficult to squash between things behaving surprisingly and randconfig, I could've squashed those commits down but might've have caused hassle with other trees trying to use the new support. - support for using a hwspinlock to protect the regmap - an iopoll style helper for regmap_field" * tag 'regmap-v4.15' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regmap: regmap: Fix unused warning regmap: Try to work around Kconfig exploding on HWSPINLOCK regmap: Clean up hwspinlock on regmap exit regmap: Also protect hwspinlock in error handling path regmap: Add a config option for hwspinlock regmap: Add hardware spinlock support regmap: avoid -Wint-in-bool-context warning regmap: add iopoll-like polling macro for regmap_field regmap: constify regmap_bus structures regmap: Avoid namespace collision within macro & tidy up
2017-11-13Merge tag 'spi-v4.15' of ↵Linus Torvalds19-116/+926
git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi Pull spi updates from Mark Brown: "This release is almost entirely driver changes, there's a couple of fixes in the core but otherwise it's all drivers: - fix for mixed dynamic and static bus number assignment. - fixes for some leaks arising from confusing lifetime rules during device unregistration and improved documentation to try to help avoid this in the future. - fixes to make the native chip select support for i.MX usable. - slave mode support for i.MX. - support for Coldfire MCF5441x DSPI, Renesas R8A7443/5 and Spreadtrum ADI" * tag 'spi-v4.15' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi: (31 commits) spi: imx: Don't require platform data chipselect array spi: imx: Fix failure path leak on GPIO request error spi: imx: GPIO based chip selects should not be required spi: sh-msiof: remove redundant pointer dev spi: s3c64xx: remove redundant pointer sci spi: spi-fsl-dspi: enabling Coldfire mcf5441x dspi spi: fix IDR collision on systems with both fixed and dynamic SPI bus numbers spi: orion: remove redundant assignment of status to zero spi: sh-msiof: Fix DMA transfer size check spi: imx: Fix failure path leak on GPIO request error spi: spi-axi: fix potential use-after-free after deregistration spi: document odd controller reference handling spi: fix use-after-free at controller deregistration spi: sprd: Fix the possible negative value of BIT() spi: sprd-adi: fix platform_no_drv_owner.cocci warnings spi: a3700: Change SPI mode before asserting chip-select spi: tegra114: correct register name in definition spi: spreadtrum adi: add hwspinlock dependency spi: sh-msiof: Use of_device_get_match_data() helper spi: rspi: Use of_device_get_match_data() helper ...
2017-11-13Merge tag 'regulator-v4.15' of ↵Linus Torvalds12-47/+241
git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator Pull regulator updates from Mark Brown: "A very quiet release for regulator, there's some new device support in existing drivers here and a few fixes but nothing in the core. Summary: - New device support for Allwinner AXP813, Dialog DA223/4/5 and Qualcomm PMI8994" * tag 'regulator-v4.15' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator: regulator: tps65218: remove unused tps_info structure regulator: tps65218: Fix strobe assignment regulator: qcom_spmi: Include offset when translating voltages regulator: qcom_spmi: Add support for pmi8994 regulator: da9211: update for supporting da9223/4/5 ASoC: pfuze100: Remove leading zero from '@08' notation regulator: axp20x: Simplify axp20x_is_polyphase_slave implementation regulator: axp20x: Add support for AXP813 regulators
2017-11-13Merge tag 'hwmon-for-linus-v4.15' of ↵Linus Torvalds26-403/+1131
git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging Pull hwmon updates from Guenter Roeck: - drivers for MAX31785 and MAX6621 - support for AMD family 17h (Ryzen, Threadripper) temperature sensors - various driver cleanups and minor improvements * tag 'hwmon-for-linus-v4.15' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging: (30 commits) dt-bindings: pmbus: Add Maxim MAX31785 documentation pmbus: Add driver for Maxim MAX31785 Intelligent Fan Controller hwmon: (aspeed-pwm-tacho) Sort headers hwmon: (xgene) Minor clean up of ifdef and acpi_match_table reference hwmon: (max6621) Inverted if condition in max6621_read() hwmon: (asc7621) remove redundant assignment to newval hwmon: (xgene) Support hwmon v2 hwmon: (gpio-fan) Fix null pointer dereference at probe hwmon: (gpio-fan) Convert to use GPIO descriptors hwmon: (gpio-fan) Rename GPIO line state variables hwmon: (gpio-fan) Get rid of the gpio alarm struct hwmon: (gpio-fan) Get rid of platform data struct hwmon: (gpio-fan) Mandate OF_GPIO and cut pdata path hwmon: (gpio-fan) Send around device pointer hwmon: (gpio-fan) Localize platform data hwmon: (gpio-fan) Use local variable pointers hwmon: (gpio-fan) Move DT bindings to the right place Documentation: devicetree: add max6621 device hwmon: (max6621) Add support for Maxim MAX6621 temperature sensor hwmon: (w83793) make const array watchdog_minors static, reduces object code size ...
2017-11-13Merge tag 'edac_for_4.15' of git://git.kernel.org/pub/scm/linux/kernel/git/bp/bpLinus Torvalds10-125/+158
Pull EDAC updates from Borislav Petkov: "The usual pile of bugfixes, cleanups and minor driver enhancements. Worth noting are the changes to ghes_edac to use a whitelist of known-good platforms on which GHES error reporting works relatively reliably. By Toshi Kani and Borislav Petkov" * tag 'edac_for_4.15' of git://git.kernel.org/pub/scm/linux/kernel/git/bp/bp: EDAC, sb_edac: Fix missing break in switch MAINTAINERS: Split Cavium EDAC entry and add myself EDAC, sb_edac: Fix missing DIMM sysfs entries with KNL SNC2/SNC4 mode EDAC, skx_edac: Handle systems with segmented PCI busses EDAC, thunderx: Remove suspend/resume support EDAC, skx_edac: Fix detection of single-rank DIMMs EDAC, sb_edac: Don't create a second memory controller if HA1 is not present EDAC: Add owner check to the x86 platform drivers EDAC: Add helper which returns the loaded platform driver EDAC, ghes: Add platform check EDAC, ghes: Model a single, logical memory controller EDAC, ghes: Remove symbol exports EDAC: Handle return value of kasprintf()
2017-11-13Merge tag 'docs-4.15' of git://git.lwn.net/linuxLinus Torvalds83-1041/+2015
Pull documentation updates from Jonathan Corbet: "A relatively calm cycle for the docs tree again. - The old driver statement has been added to the kernel docs. - We have a couple of new helper scripts. find-unused-docs.sh from Sayli Karnic will point out kerneldoc comments that are not actually used in the documentation. Jani Nikula's documentation-file-ref-check finds references to non-existing files. - A new ftrace document from Steve Rostedt. - Vinod Koul converted the dmaengine docs to RST Beyond that, it's mostly simple fixes. This set reaches outside of Documentation/ a bit more than most. In all cases, the changes are to comment docs, mostly from Randy, in places where there didn't seem to be anybody better to take them" * tag 'docs-4.15' of git://git.lwn.net/linux: (52 commits) documentation: fb: update list of available compiled-in fonts MAINTAINERS: update DMAengine documentation location dmaengine: doc: ReSTize pxa_dma doc dmaengine: doc: ReSTize dmatest doc dmaengine: doc: ReSTize client API doc dmaengine: doc: ReSTize provider doc dmaengine: doc: Add ReST style dmaengine document ftrace/docs: Add documentation on how to use ftrace from within the kernel bug-hunting.rst: Fix an example and a typo in a Sphinx tag scripts: Add a script to find unused documentation samples: Convert timers to use timer_setup() documentation: kernel-api: add more info on bitmap functions Documentation: fix selftests related file refs Documentation: fix ref to power basic-pm-debugging Documentation: fix ref to trace stm content Documentation: fix ref to coccinelle content Documentation: fix ref to workqueue content Documentation: fix ref to sphinx/kerneldoc.py Documentation: fix locking rt-mutex doc refs docs: dev-tools: correct Coccinelle version number ...
2017-11-13/proc/module: use the same logic as /proc/kallsyms for address exposureLinus Torvalds3-9/+27
The (alleged) users of the module addresses are the same: kernel profiling. So just expose the same helper and format macros, and unify the logic. Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-11-13modules: make sysfs attribute files readable by owner onlyLinus Torvalds1-1/+1
This code goes back to the historical bitkeeper tree commit 3f7b0672086 ("Module section offsets in /sys/module"), where Jonathan Corbet wanted to show people how to debug loadable modules. See https://lwn.net/Articles/88052/ from June 2004. To expose the required load address information, Jonathan added the sections subdirectory for every module in /sys/modules, and made them S_IRUGO - readable by everybody. It was a more innocent time, plus those S_IRxxx macro names are a lot more confusing than the octal numbers are, so maybe it wasn't even intentional. But here we are, thirteen years later, and I'll just change it to S_IRUSR instead. Let's see if anybody even notices. Cc: Jonathan Corbet <corbet@lwn.net> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-11-13Merge branch 'kallsyms-restrictions'Linus Torvalds1-2/+47
Merge /proc/kallsyms pointer value restrictions. Instead of using %pK, and making it about root access (at the wrong time, no less), make the whole choice of whether to show the actual pointer value be very explicit to the kallsyms code. In particular, we can now default to not doing so, and yet avoid annoying kernel profiling by actually looking at whether kernel profiling is allowed or not (by default it is not). This is all mostly preparation for the real "let's stop leaking kernel addresses" work that Tobin Harding is working on. Small steps. * kallsyms-restrictions: stop using '%pK' for /proc/kallsyms pointer values
2017-11-13modpost: detect modules without a MODULE_LICENSERandy Dunlap1-1/+1
Partially revert commit 2fa365682943 ("kbuild: soften MODULE_LICENSE check") so that modpost detects modules that do not have a MODULE_LICENSE. Sam's commit also changed the fatal error to a warning, which I am leaving as is. This gives advance notice of when a module has no license and will taint the kernel if the module is loaded. This produces the following warnings on x86_64 allmodconfig: MODPOST 6520 modules WARNING: modpost: missing MODULE_LICENSE() in drivers/auxdisplay/img-ascii-lcd.o WARNING: modpost: missing MODULE_LICENSE() in drivers/gpio/gpio-ath79.o WARNING: modpost: missing MODULE_LICENSE() in drivers/gpio/gpio-iop.o WARNING: modpost: missing MODULE_LICENSE() in drivers/iio/accel/kxsd9-i2c.o WARNING: modpost: missing MODULE_LICENSE() in drivers/iio/adc/qcom-vadc-common.o WARNING: modpost: missing MODULE_LICENSE() in drivers/media/platform/mtk-vcodec/mtk-vcodec-common.o WARNING: modpost: missing MODULE_LICENSE() in drivers/media/platform/soc_camera/soc_scale_crop.o WARNING: modpost: missing MODULE_LICENSE() in drivers/mtd/nand/denali_pci.o WARNING: modpost: missing MODULE_LICENSE() in drivers/net/phy/cortina.o WARNING: modpost: missing MODULE_LICENSE() in drivers/pinctrl/pxa/pinctrl-pxa2xx.o WARNING: modpost: missing MODULE_LICENSE() in drivers/power/reset/zx-reboot.o WARNING: modpost: missing MODULE_LICENSE() in drivers/rpmsg/qcom_glink_native.o WARNING: modpost: missing MODULE_LICENSE() in drivers/staging/comedi/drivers/ni_atmio.o WARNING: modpost: missing MODULE_LICENSE() in net/9p/9pnet_xen.o WARNING: modpost: missing MODULE_LICENSE() in sound/soc/codecs/snd-soc-pcm512x-spi.o Signed-off-by: Randy Dunlap <rdunlap@infradead.org> Cc: Sam Ravnborg <sam@ravnborg.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-11-12Linux 4.14v4.14Linus Torvalds1-1/+1
2017-11-12Merge branch 'x86-urgent-for-linus' of ↵Linus Torvalds7-19/+20
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 fixes from Thomas Gleixner: "A set of small fixes: - make KGDB work again which got broken by the conversion of WARN() to #UD. The WARN fixup needs to run before the notifier callchain, otherwise KGDB tries to handle it and crashes. - disable KASAN in the ORC unwinder to prevent false positive KASAN warnings - prevent default mapping above 47bit when 5 level page tables are enabled - make the delay calibration optimization work correctly, which had the conditionals the wrong way around and was operating on data which was not yet updated. - remove the bogus X86_TRAP_BP trap init from the default IDT init table, which broke 32bit int3 handling by overwriting the correct int3 setup. - replace this_cpu* with boot_cpu_data access in the preemptible oprofile init code" * 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/debug: Handle warnings before the notifier chain, to fix KGDB crash x86/mm: Fix ELF_ET_DYN_BASE for 5-level paging x86/idt: Remove X86_TRAP_BP initialization in idt_setup_traps() x86/oprofile/ppro: Do not use __this_cpu*() in preemptible context x86/unwind: Disable KASAN checking in the ORC unwinder x86/smpboot: Make optimization of delay calibration work correctly
2017-11-12Merge branch 'perf-urgent-for-linus' of ↵Linus Torvalds3-2/+14
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull perf tool fixes from Thomas Gleixner: "A small set of fixes for perf tool: - synchronize the i915 drm header to avoid the 'out of date' warning - make sure that perf trace cleans up its temporary files on exit - unbreak the build with newer flex versions - add missing braces in the eBPF parsing rules" * 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: tooling/headers: Sync the tools/include/uapi/drm/i915_drm.h UAPI header perf trace: Call machine__exit() at exit perf tools: Fix eBPF event specification parsing perf tools: Add "reject" option for parse-events.l
2017-11-11Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netLinus Torvalds15-34/+68
Pull networking fixes from David Miller: 1) Use after free in vlan, from Cong Wang. 2) Handle NAPI poll with a zero budget properly in mlx5 driver, from Saeed Mahameed. 3) If DMA mapping fails in mlx5 driver, NULL out page, from Inbar Karmy. 4) Handle overrun in RX FIFO of sun4i CAN driver, from Gerhard Bertelsmann. 5) Missing return in mdb and vlan prepare phase of DSA layer, from Vivien Didelot. * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: vlan: fix a use-after-free in vlan_device_event() net: dsa: return after vlan prepare phase net: dsa: return after mdb prepare phase can: ifi: Fix transmitter delay calculation tcp: fix tcp_fastretrans_alert warning tcp: gso: avoid refcount_t warning from tcp_gso_segment() can: peak: Add support for new PCIe/M2 CAN FD interfaces can: sun4i: handle overrun in RX FIFO can: c_can: don't indicate triple sampling support for D_CAN net/mlx5e: Increase Striding RQ minimum size limit to 4 multi-packet WQEs net/mlx5e: Set page to null in case dma mapping fails net/mlx5e: Fix napi poll with zero budget net/mlx5: Cancel health poll before sending panic teardown command net/mlx5: Loop over temp list to release delay events rds: ib: Fix NULL pointer dereference in debug code
2017-11-11Merge tag 'linux-can-fixes-for-4.14-20171110' of ↵David S. Miller5-9/+25
git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can Marc Kleine-Budde says: ==================== pull-request: can 2017-11-10 this is a pull request for net/master. The first patch by Richard Schütz for the c_can driver removes the false indication to support triple sampling for d_can. Gerhard Bertelsmann's patch for the sun4i driver improves the RX overrun handling. The patch by Stephane Grosjean for the peak_canfd driver adds the PCI ids for various new PCIe/M2 interfaces. Marek Vasut's patch for the ifi driver fix transmitter delay calculation. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
2017-11-11Merge tag 'mlx5-fixes-2017-11-08' of ↵David S. Miller5-13/+20
git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux Saeed Mahameed says: ==================== Mellanox, mlx5 fixes 2017-11-08 The following series includes some fixes for mlx5 core and etherent driver. Sorry for the late submission but as you can see i have some very critical fixes below that i would like them merged into this RC. Please pull and let me know if there is any problem. For -stable: ('net/mlx5e: Set page to null in case dma mapping fails') kernels >= 4.13 ('net/mlx5: FPGA, return -EINVAL if size is zero') kernels >= 4.13 ('net/mlx5: Cancel health poll before sending panic teardown command') kernels >= 4.13 V1->V2: - Fix Reviewed-by tag of the 2nd patch. - Drop the FPGA 0 size fix, it needs some more change log info. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
2017-11-11vlan: fix a use-after-free in vlan_device_event()Cong Wang1-3/+3
After refcnt reaches zero, vlan_vid_del() could free dev->vlan_info via RCU: RCU_INIT_POINTER(dev->vlan_info, NULL); call_rcu(&vlan_info->rcu, vlan_info_rcu_free); However, the pointer 'grp' still points to that memory since it is set before vlan_vid_del(): vlan_info = rtnl_dereference(dev->vlan_info); if (!vlan_info) goto out; grp = &vlan_info->grp; Depends on when that RCU callback is scheduled, we could trigger a use-after-free in vlan_group_for_each_dev() right following this vlan_vid_del(). Fix it by moving vlan_vid_del() before setting grp. This is also symmetric to the vlan_vid_add() we call in vlan_device_event(). Reported-by: Fengguang Wu <fengguang.wu@intel.com> Fixes: efc73f4bbc23 ("net: Fix memory leak - vlan_info struct") Cc: Alexander Duyck <alexander.duyck@gmail.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Girish Moodalbail <girish.moodalbail@oracle.com> Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> Reviewed-by: Girish Moodalbail <girish.moodalbail@oracle.com> Tested-by: Fengguang Wu <fengguang.wu@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2017-11-11tooling/headers: Sync the tools/include/uapi/drm/i915_drm.h UAPI headerIngo Molnar1-0/+1
Last minute upstream update to one of the UAPI headers - sync it with tooling, to address this warning: Warning: Kernel ABI header at 'tools/include/uapi/drm/i915_drm.h' differs from latest version at 'include/uapi/drm/i915_drm.h' Cc: Arnaldo Carvalho de Melo <acme@redhat.com> Cc: Jiri Olsa <jolsa@redhat.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: linux-kernel@vger.kernel.org Signed-off-by: Ingo Molnar <mingo@kernel.org>
2017-11-11Merge branch 'perf/urgent' of ↵Ingo Molnar2-2/+13
git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux into perf/urgent Pull perf tooling fixes from Arnaldo Carvalho de Melo. Signed-off-by: Ingo Molnar <mingo@kernel.org>
2017-11-11net: dsa: return after vlan prepare phaseVivien Didelot1-0/+2
The current code does not return after successfully preparing the VLAN addition on every ports member of a it. Fix this. Fixes: 1ca4aa9cd4cc ("net: dsa: check VLAN capability of every switch") Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com> Reviewed-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2017-11-11net: dsa: return after mdb prepare phaseVivien Didelot1-0/+2
The current code does not return after successfully preparing the MDB addition on every ports member of a multicast group. Fix this. Fixes: a1a6b7ea7f2d ("net: dsa: add cross-chip multicast support") Reported-by: Egil Hjelmeland <privat@egil-hjelmeland.no> Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com> Reviewed-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2017-11-11Merge tag 'ceph-for-4.14-rc9' of git://github.com/ceph/ceph-clientLinus Torvalds1-2/+2
Pull ceph gix from Ilya Dryomov: "Memory allocation flags fix, marked for stable" * tag 'ceph-for-4.14-rc9' of git://github.com/ceph/ceph-client: rbd: use GFP_NOIO for parent stat and data requests
2017-11-11Merge branch 'for-linus' of ↵Linus Torvalds3-2/+4
git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input Pull input layer updates from Dmitry Torokhov: - a new ACPI ID for Elan touchpad found in yet another Ideapad model - Synaptics RMI4 will allow binding to controllers reporting SMB version 3 (note that we are not adding any new ACPI IDs to the Synaptics PS/2 drover so unless user explicitly enables intertouch support there is no user-visible change) - a fixup to TSC 2004/5 touchscreen driver to mark input devices as "direct" to help userspace identify the type of device they are dealing with * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input: Input: synaptics-rmi4 - RMI4 can also use SMBUS version 3 Input: tsc200x-core - set INPUT_PROP_DIRECT Input: elan_i2c - add ELAN060C to the ACPI table
2017-11-11Merge remote-tracking branches 'spi/topic/sh-msiof', 'spi/topic/slave', ↵Mark Brown7-15/+495
'spi/topic/spreadtrum' and 'spi/topic/tegra114' into spi-next
2017-11-11Merge remote-tracking branches 'spi/topic/imx', 'spi/topic/mxs', ↵Mark Brown6-61/+330
'spi/topic/orion', 'spi/topic/rspi' and 'spi/topic/s3c64xx' into spi-next
2017-11-11Merge remote-tracking branches 'spi/topic/armada', 'spi/topic/axi', ↵Mark Brown6-36/+94
'spi/topic/davinci' and 'spi/topic/fsl-dspi' into spi-next
2017-11-11Merge remote-tracking branch 'spi/topic/core' into spi-nextMark Brown1-1/+3
2017-11-11Merge remote-tracking branches 'spi/fix/idr' and 'spi/fix/sh-msiof' into ↵Mark Brown2-3/+4
spi-linus
2017-11-11Merge remote-tracking branches 'regulator/topic/da9211', ↵Mark Brown8-37/+95
'regulator/topic/pfuze100' and 'regulator/topic/tps65218' into regulator-next
2017-11-11Merge remote-tracking branch 'regulator/topic/qcom-spmi' into regulator-nextMark Brown2-0/+22
2017-11-11Merge remote-tracking branch 'regulator/topic/axp20x' into regulator-nextMark Brown2-4/+91
2017-11-11Merge remote-tracking branch 'regulator/fix/qcom-spmi' into regulator-linusMark Brown1-6/+33
2017-11-11spi: imx: Don't require platform data chipselect arrayTrent Piepho1-7/+9
If the array is not present, assume all chip selects are native. This is the standard behavior for SPI masters configured via the device tree and the behavior of this driver as well when it is configured via device tree. This reduces platform data vs DT differences and allows most of the platform data based boards to remove their chip select arrays. CC: Shawn Guo <shawnguo@kernel.org> CC: Sascha Hauer <kernel@pengutronix.de> CC: Fabio Estevam <fabio.estevam@nxp.com> CC: Mark Brown <broonie@kernel.org> Signed-off-by: Trent Piepho <tpiepho@impinj.com> Signed-off-by: Mark Brown <broonie@kernel.org>
2017-11-11spi: imx: Fix failure path leak on GPIO request errorTrent Piepho1-1/+3
If the code that requests any chip select GPIOs fails, the cleanup of spi_bitbang_start() by calling spi_bitbang_stop() is not done. Add this to the failure path. Note that spi_bitbang_start() has to be called before requesting GPIOs because the GPIO data in the spi master is populated when the master is registed, and that doesn't happen until spi_bitbang_start() is called. CC: Shawn Guo <shawnguo@kernel.org> CC: Sascha Hauer <kernel@pengutronix.de> CC: Fabio Estevam <fabio.estevam@nxp.com> CC: Mark Brown <broonie@kernel.org> CC: Oleksij Rempel <o.rempel@pengutronix.de> Signed-off-by: Trent Piepho <tpiepho@impinj.com> Signed-off-by: Mark Brown <broonie@kernel.org>
2017-11-11spi: imx: GPIO based chip selects should not be requiredTrent Piepho1-8/+10
The driver will fail to load if no gpio chip selects are specified, this patch changes this so that it no longer fails. It's possible to use all native chip selects, in which case there is no reason to have a gpio chip select array. This is what happens if the *optional* device tree property "cs-gpios" is omitted. The spi core already checks for the absence of gpio chip selects in the master and assigns any slaves the gpio_cs value of -ENOENT. Also have the driver respect the standard SPI device tree property "num-cs" to allow setting the number of chip selects without using cs-gpios. CC: Mark Brown <broonie@kernel.org> CC: Shawn Guo <shawnguo@kernel.org> CC: Sascha Hauer <kernel@pengutronix.de> CC: Fabio Estevam <fabio.estevam@nxp.com> CC: Oleksij Rempel <o.rempel@pengutronix.de> Signed-off-by: Trent Piepho <tpiepho@impinj.com> Signed-off-by: Mark Brown <broonie@kernel.org>
2017-11-10Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvmLinus Torvalds2-10/+29
Pull KVM fix from Radim Krčmář: "Fix PPC HV host crash that can occur as a result of resizing the guest hashed page table" * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: KVM: PPC: Book3S HV: Fix exclusion between HPT resizing and other HPT updates
2017-11-10Merge tag 'mips_fixes_4.14_2' of ↵Linus Torvalds3-4/+7
git://git.kernel.org/pub/scm/linux/kernel/git/jhogan/mips Pull MIPS fixes from James Hogan: "A final few MIPS fixes for 4.14: - fix BMIPS NULL pointer dereference (4.7) - fix AR7 early GPIO init allocation failure (3.19) - fix dead serial output on certain AR7 platforms (2.6.35)" * tag 'mips_fixes_4.14_2' of git://git.kernel.org/pub/scm/linux/kernel/git/jhogan/mips: MIPS: AR7: Ensure that serial ports are properly set up MIPS: AR7: Defer registration of GPIO MIPS: BMIPS: Fix missing cbr address
2017-11-10.mailmap: Add Maciej W. Rozycki's Imagination e-mail addressMaciej W. Rozycki1-0/+1
Following my recent transition from Imagination Technologies to the=20 reincarnated MIPS company add a .mailmap mapping for my work address, so that `scripts/get_maintainer.pl' gets it right for past commits. Signed-off-by: Maciej W. Rozycki <macro@mips.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-11-10Revert "x86: CPU: Fix up "cpu MHz" in /proc/cpuinfo"Linus Torvalds3-11/+6
This reverts commit 941f5f0f6ef5338814145cf2b813cf1f98873e2f. Sadly, it turns out that we really can't just do the cross-CPU IPI to all CPU's to get their proper frequencies, because it's much too expensive on systems with lots of cores. So we'll have to revert this for now, and revisit it using a smarter model (probably doing one system-wide IPI at open time, and doing all the frequency calculations in parallel). Reported-by: WANG Chao <chao.wang@ucloud.cn> Reported-by: Ingo Molnar <mingo@kernel.org> Cc: Rafael J Wysocki <rafael.j.wysocki@intel.com> Cc: stable@kernel.org Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-11-10Merge tag 'drm-fixes-for-v4.14-rc9' of ↵Linus Torvalds5-18/+20
git://people.freedesktop.org/~airlied/linux Pull drm fixes from Dave Airlie: "Last few patches to wrap up. Two i915 fixes that are on their way to stable, one vmware black screen bug, and one const patch that I was going to drop, but it was clearly a pretty safe one liner" * tag 'drm-fixes-for-v4.14-rc9' of git://people.freedesktop.org/~airlied/linux: drm/i915: Deconstruct struct sgt_dma initialiser drm/i915: Reject unknown syncobj flags drm/vmwgfx: Fix Ubuntu 17.10 Wayland black screen issue drm/vmwgfx: constify vmw_fence_ops
2017-11-10regulator: tps65218: remove unused tps_info structureKeerthy1-19/+0
remove unused tps_info structure. Signed-off-by: Keerthy <j-keerthy@ti.com> Signed-off-by: Mark Brown <broonie@kernel.org>
2017-11-10regulator: tps65218: Fix strobe assignmentKeerthy1-1/+1
Currentlly tps_info structure is no longer used. So use the strobes parameter in tps65218 structure to capture the info. Fixes: 2dc4940360d4c0c (regulator: tps65218: Remove all the compatibles) Signed-off-by: Keerthy <j-keerthy@ti.com> Signed-off-by: Mark Brown <broonie@kernel.org>
2017-11-10can: ifi: Fix transmitter delay calculationMarek Vasut1-3/+3
The CANFD transmitter delay calculation formula was updated in the latest software drop from IFI and improves the behavior of the IFI CANFD core during bitrate switching. Use the new formula to improve stability of the CANFD operation. Signed-off-by: Marek Vasut <marex@denx.de> Cc: Markus Marb <markus@marb.org> Cc: linux-stable <stable@vger.kernel.org> Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
2017-11-10tcp: fix tcp_fastretrans_alert warningYuchung Cheng1-2/+1
This patch fixes the cause of an WARNING indicatng TCP has pending retransmission in Open state in tcp_fastretrans_alert(). The root cause is a bad interaction between path mtu probing, if enabled, and the RACK loss detection. Upong receiving a SACK above the sequence of the MTU probing packet, RACK could mark the probe packet lost in tcp_fastretrans_alert(), prior to calling tcp_simple_retransmit(). tcp_simple_retransmit() only enters Loss state if it newly marks the probe packet lost. If the probe packet is already identified as lost by RACK, the sender remains in Open state with some packets marked lost and retransmitted. Then the next SACK would trigger the warning. The likely scenario is that the probe packet was lost due to its size or network congestion. The actual impact of this warning is small by potentially entering fast recovery an ACK later. The simple fix is always entering recovery (Loss) state if some packet is marked lost during path MTU probing. Fixes: a0370b3f3f2c ("tcp: enable RACK loss detection to trigger recovery") Reported-by: Oleksandr Natalenko <oleksandr@natalenko.name> Reported-by: Alexei Starovoitov <alexei.starovoitov@gmail.com> Reported-by: Roman Gushchin <guro@fb.com> Signed-off-by: Yuchung Cheng <ycheng@google.com> Reviewed-by: Eric Dumazet <edumazet@google.com> Acked-by: Neal Cardwell <ncardwell@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2017-11-10tcp: gso: avoid refcount_t warning from tcp_gso_segment()Eric Dumazet1-2/+10
When a GSO skb of truesize O is segmented into 2 new skbs of truesize N1 and N2, we want to transfer socket ownership to the new fresh skbs. In order to avoid expensive atomic operations on a cache line subject to cache bouncing, we replace the sequence : refcount_add(N1, &sk->sk_wmem_alloc); refcount_add(N2, &sk->sk_wmem_alloc); // repeated by number of segments refcount_sub(O, &sk->sk_wmem_alloc); by a single refcount_add(sum_of(N) - O, &sk->sk_wmem_alloc); Problem is : In some pathological cases, sum(N) - O might be a negative number, and syzkaller bot was apparently able to trigger this trace [1] atomic_t was ok with this construct, but we need to take care of the negative delta with refcount_t [1] refcount_t: saturated; leaking memory. ------------[ cut here ]------------ WARNING: CPU: 0 PID: 8404 at lib/refcount.c:77 refcount_add_not_zero+0x198/0x200 lib/refcount.c:77 Kernel panic - not syncing: panic_on_warn set ... CPU: 0 PID: 8404 Comm: syz-executor2 Not tainted 4.14.0-rc5-mm1+ #20 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 panic+0x1e4/0x41c kernel/panic.c:183 __warn+0x1c4/0x1e0 kernel/panic.c:546 report_bug+0x211/0x2d0 lib/bug.c:183 fixup_bug+0x40/0x90 arch/x86/kernel/traps.c:177 do_trap_no_signal arch/x86/kernel/traps.c:211 [inline] do_trap+0x260/0x390 arch/x86/kernel/traps.c:260 do_error_trap+0x120/0x390 arch/x86/kernel/traps.c:297 do_invalid_op+0x1b/0x20 arch/x86/kernel/traps.c:310 invalid_op+0x18/0x20 arch/x86/entry/entry_64.S:905 RIP: 0010:refcount_add_not_zero+0x198/0x200 lib/refcount.c:77 RSP: 0018:ffff8801c606e3a0 EFLAGS: 00010282 RAX: 0000000000000026 RBX: 0000000000001401 RCX: 0000000000000000 RDX: 0000000000000026 RSI: ffffc900036fc000 RDI: ffffed0038c0dc68 RBP: ffff8801c606e430 R08: 0000000000000001 R09: 0000000000000000 R10: ffff8801d97f5eba R11: 0000000000000000 R12: ffff8801d5acf73c R13: 1ffff10038c0dc75 R14: 00000000ffffffff R15: 00000000fffff72f refcount_add+0x1b/0x60 lib/refcount.c:101 tcp_gso_segment+0x10d0/0x16b0 net/ipv4/tcp_offload.c:155 tcp4_gso_segment+0xd4/0x310 net/ipv4/tcp_offload.c:51 inet_gso_segment+0x60c/0x11c0 net/ipv4/af_inet.c:1271 skb_mac_gso_segment+0x33f/0x660 net/core/dev.c:2749 __skb_gso_segment+0x35f/0x7f0 net/core/dev.c:2821 skb_gso_segment include/linux/netdevice.h:3971 [inline] validate_xmit_skb+0x4ba/0xb20 net/core/dev.c:3074 __dev_queue_xmit+0xe49/0x2070 net/core/dev.c:3497 dev_queue_xmit+0x17/0x20 net/core/dev.c:3538 neigh_hh_output include/net/neighbour.h:471 [inline] neigh_output include/net/neighbour.h:479 [inline] ip_finish_output2+0xece/0x1460 net/ipv4/ip_output.c:229 ip_finish_output+0x85e/0xd10 net/ipv4/ip_output.c:317 NF_HOOK_COND include/linux/netfilter.h:238 [inline] ip_output+0x1cc/0x860 net/ipv4/ip_output.c:405 dst_output include/net/dst.h:459 [inline] ip_local_out+0x95/0x160 net/ipv4/ip_output.c:124 ip_queue_xmit+0x8c6/0x18e0 net/ipv4/ip_output.c:504 tcp_transmit_skb+0x1ab7/0x3840 net/ipv4/tcp_output.c:1137 tcp_write_xmit+0x663/0x4de0 net/ipv4/tcp_output.c:2341 __tcp_push_pending_frames+0xa0/0x250 net/ipv4/tcp_output.c:2513 tcp_push_pending_frames include/net/tcp.h:1722 [inline] tcp_data_snd_check net/ipv4/tcp_input.c:5050 [inline] tcp_rcv_established+0x8c7/0x18a0 net/ipv4/tcp_input.c:5497 tcp_v4_do_rcv+0x2ab/0x7d0 net/ipv4/tcp_ipv4.c:1460 sk_backlog_rcv include/net/sock.h:909 [inline] __release_sock+0x124/0x360 net/core/sock.c:2264 release_sock+0xa4/0x2a0 net/core/sock.c:2776 tcp_sendmsg+0x3a/0x50 net/ipv4/tcp.c:1462 inet_sendmsg+0x11f/0x5e0 net/ipv4/af_inet.c:763 sock_sendmsg_nosec net/socket.c:632 [inline] sock_sendmsg+0xca/0x110 net/socket.c:642 ___sys_sendmsg+0x31c/0x890 net/socket.c:2048 __sys_sendmmsg+0x1e6/0x5f0 net/socket.c:2138 Fixes: 14afee4b6092 ("net: convert sock.sk_wmem_alloc from atomic_t to refcount_t") Signed-off-by: Eric Dumazet <edumazet@google.com> Reported-by: syzbot <syzkaller@googlegroups.com> Signed-off-by: David S. Miller <davem@davemloft.net>