Граф коммитов

810304 Коммитов

Автор SHA1 Сообщение Дата
Casey Schaufler 33bf60cabc LSM: Infrastructure management of the file security
Move management of the file->f_security blob out of the
individual security modules and into the infrastructure.
The modules no longer allocate or free the data, instead
they tell the infrastructure how much space they require.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
[kees: adjusted for ordered init series]
Signed-off-by: Kees Cook <keescook@chromium.org>
2019-01-08 13:18:44 -08:00
Casey Schaufler f28952ac90 Smack: Abstract use of file security blob
Don't use the file->f_security pointer directly.
Provide a helper function that provides the security blob pointer.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
2019-01-08 13:18:44 -08:00
Casey Schaufler bb6c6b02cc SELinux: Abstract use of file security blob
Don't use the file->f_security pointer directly.
Provide a helper function that provides the security blob pointer.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
2019-01-08 13:18:44 -08:00
Casey Schaufler bbd3662a83 Infrastructure management of the cred security blob
Move management of the cred security blob out of the
security modules and into the security infrastructre.
Instead of allocating and freeing space the security
modules tell the infrastructure how much space they
require.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
[kees: adjusted for ordered init series]
Signed-off-by: Kees Cook <keescook@chromium.org>
2019-01-08 13:18:44 -08:00
Casey Schaufler 43fc460907 TOMOYO: Abstract use of cred security blob
Don't use the cred->security pointer directly.
Provide helper functions that provide the security blob pointer.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
[kees: adjusted for ordered init series]
Signed-off-by: Kees Cook <keescook@chromium.org>
2019-01-08 13:18:44 -08:00
Casey Schaufler 69b5a44a95 AppArmor: Abstract use of cred security blob
Don't use the cred->security pointer directly.
Provide a helper function that provides the security blob pointer.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
[kees: adjusted for ordered init series]
Signed-off-by: Kees Cook <keescook@chromium.org>
2019-01-08 13:18:44 -08:00
Casey Schaufler 3d25252948 SELinux: Remove unused selinux_is_enabled
There are no longer users of selinux_is_enabled().
Remove it. As selinux_is_enabled() is the only reason
for include/linux/selinux.h remove that as well.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
2019-01-08 13:18:44 -08:00
Casey Schaufler 98c8865136 SELinux: Remove cred security blob poisoning
The SELinux specific credential poisioning only makes sense
if SELinux is managing the credentials. As the intent of this
patch set is to move the blob management out of the modules
and into the infrastructure, the SELinux specific code has
to go. The poisioning could be introduced into the infrastructure
at some later date.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
2019-01-08 13:18:44 -08:00
Casey Schaufler 0c6cfa622c SELinux: Abstract use of cred security blob
Don't use the cred->security pointer directly.
Provide a helper function that provides the security blob pointer.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
[kees: adjusted for ordered init series]
Signed-off-by: Kees Cook <keescook@chromium.org>
2019-01-08 13:18:44 -08:00
Casey Schaufler b17103a8b8 Smack: Abstract use of cred security blob
Don't use the cred->security pointer directly.
Provide a helper function that provides the security blob pointer.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
[kees: adjusted for ordered init series]
Signed-off-by: Kees Cook <keescook@chromium.org>
2019-01-08 13:18:44 -08:00
Casey Schaufler 6d9c939dbe procfs: add smack subdir to attrs
Back in 2007 I made what turned out to be a rather serious
mistake in the implementation of the Smack security module.
The SELinux module used an interface in /proc to manipulate
the security context on processes. Rather than use a similar
interface, I used the same interface. The AppArmor team did
likewise. Now /proc/.../attr/current will tell you the
security "context" of the process, but it will be different
depending on the security module you're using.

This patch provides a subdirectory in /proc/.../attr for
Smack. Smack user space can use the "current" file in
this subdirectory and never have to worry about getting
SELinux attributes by mistake. Programs that use the
old interface will continue to work (or fail, as the case
may be) as before.

The proposed S.A.R.A security module is dependent on
the mechanism to create its own attr subdirectory.

The original implementation is by Kees Cook.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
2019-01-08 13:18:44 -08:00
Kees Cook d117a154e6 capability: Initialize as LSM_ORDER_FIRST
This converts capabilities to use the new LSM_ORDER_FIRST position.

Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
2019-01-08 13:18:44 -08:00
Kees Cook e2bc445b66 LSM: Introduce enum lsm_order
In preparation for distinguishing the "capability" LSM from other LSMs, it
must be ordered first. This introduces LSM_ORDER_MUTABLE for the general
LSMs and LSM_ORDER_FIRST for capability. In the future LSM_ORDER_LAST
for could be added for anything that must run last (e.g. Landlock may
use this).

Signed-off-by: Kees Cook <keescook@chromium.org>
2019-01-08 13:18:43 -08:00
Kees Cook d6aed64b74 Yama: Initialize as ordered LSM
This converts Yama from being a direct "minor" LSM into an ordered LSM.

Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
2019-01-08 13:18:43 -08:00
Kees Cook 70b62c2566 LoadPin: Initialize as ordered LSM
This converts LoadPin from being a direct "minor" LSM into an ordered LSM.

Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
2019-01-08 13:18:43 -08:00
Kees Cook d8e9bbd4fa LSM: Split LSM preparation from initialization
Since we already have to do a pass through the LSMs to figure out if
exclusive LSMs should be disabled after the first one is seen as enabled,
this splits the logic up a bit more cleanly. Now we do a full "prepare"
pass through the LSMs (which also allows for later use by the blob-sharing
code), before starting the LSM initialization pass.

Signed-off-by: Kees Cook <keescook@chromium.org>
2019-01-08 13:18:43 -08:00
Casey Schaufler c91d8106b3 LSM: Add all exclusive LSMs to ordered initialization
This removes CONFIG_DEFAULT_SECURITY in favor of the explicit ordering
offered by CONFIG_LSM and adds all the exclusive LSMs to the ordered
LSM initialization. The old meaning of CONFIG_DEFAULT_SECURITY is now
captured by which exclusive LSM is listed first in the LSM order. All
LSMs not added to the ordered list are explicitly disabled.

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
2019-01-08 13:18:43 -08:00
Kees Cook be6ec88f41 selinux: Remove SECURITY_SELINUX_BOOTPARAM_VALUE
In preparation for removing CONFIG_DEFAULT_SECURITY, this removes the
soon-to-be redundant SECURITY_SELINUX_BOOTPARAM_VALUE. Since explicit
ordering via CONFIG_LSM or "lsm=" will define whether an LSM is enabled or
not, this CONFIG will become effectively ignored, so remove it. However,
in order to stay backward-compatible with "security=selinux", the enable
variable defaults to true.

Signed-off-by: Kees Cook <keescook@chromium.org>
2019-01-08 13:18:43 -08:00
Kees Cook 0102fb83f9 apparmor: Remove SECURITY_APPARMOR_BOOTPARAM_VALUE
In preparation for removing CONFIG_DEFAULT_SECURITY, this removes the
soon-to-be redundant SECURITY_APPARMOR_BOOTPARAM_VALUE. Since explicit
ordering via CONFIG_LSM or "lsm=" will define whether an LSM is enabled or
not, this CONFIG will become effectively ignored, so remove it. However,
in order to stay backward-compatible with "security=apparmor", the enable
variable defaults to true.

Signed-off-by: Kees Cook <keescook@chromium.org>
2019-01-08 13:18:43 -08:00
Kees Cook 14bd99c821 LSM: Separate idea of "major" LSM from "exclusive" LSM
In order to both support old "security=" Legacy Major LSM selection, and
handling real exclusivity, this creates LSM_FLAG_EXCLUSIVE and updates
the selection logic to handle them.

Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
2019-01-08 13:18:43 -08:00
Kees Cook 7e611486d9 LSM: Refactor "security=" in terms of enable/disable
For what are marked as the Legacy Major LSMs, make them effectively
exclusive when selected on the "security=" boot parameter, to handle
the future case of when a previously major LSMs become non-exclusive
(e.g. when TOMOYO starts blob-sharing).

Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
2019-01-08 13:18:43 -08:00
Kees Cook 5ef4e41918 LSM: Prepare for reorganizing "security=" logic
This moves the string handling for "security=" boot parameter into
a stored pointer instead of a string duplicate. This will allow
easier handling of the string when switching logic to use the coming
enable/disable infrastructure.

Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: John Johansen <john.johansen@canonical.com>
2019-01-08 13:18:42 -08:00
Kees Cook a8027fb0d1 LSM: Tie enabling logic to presence in ordered list
Until now, any LSM without an enable storage variable was considered
enabled. This inverts the logic and sets defaults to true only if the
LSM gets added to the ordered initialization list. (And an exception
continues for the major LSMs until they are integrated into the ordered
initialization in a later patch.)

Signed-off-by: Kees Cook <keescook@chromium.org>
2019-01-08 13:18:42 -08:00
Kees Cook 79f7865d84 LSM: Introduce "lsm=" for boottime LSM selection
Provide a way to explicitly choose LSM initialization order via the new
"lsm=" comma-separated list of LSMs.

Signed-off-by: Kees Cook <keescook@chromium.org>
2019-01-08 13:18:42 -08:00
Kees Cook 13e735c0e9 LSM: Introduce CONFIG_LSM
This provides a way to declare LSM initialization order via the new
CONFIG_LSM. Currently only non-major LSMs are recognized. This will
be expanded in future patches.

Signed-off-by: Kees Cook <keescook@chromium.org>
2019-01-08 13:18:42 -08:00
Kees Cook 2d4d51198c LSM: Build ordered list of LSMs to initialize
This constructs an ordered list of LSMs to initialize, using a hard-coded
list of only "integrity": minor LSMs continue to have direct hook calls,
and major LSMs continue to initialize separately.

Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
2019-01-08 13:18:42 -08:00
Kees Cook f4941d75b9 LSM: Lift LSM selection out of individual LSMs
As a prerequisite to adjusting LSM selection logic in the future, this
moves the selection logic up out of the individual major LSMs, making
their init functions only run when actually enabled. This considers all
LSMs enabled by default unless they specified an external "enable"
variable.

Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: John Johansen <john.johansen@canonical.com>
2019-01-08 13:18:42 -08:00
Kees Cook c5459b829b LSM: Plumb visibility into optional "enabled" state
In preparation for lifting the "is this LSM enabled?" logic out of the
individual LSMs, pass in any special enabled state tracking (as needed
for SELinux, AppArmor, and LoadPin). This should be an "int" to include
handling any future cases where "enabled" is exposed via sysctl which
has no "bool" type.

Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: John Johansen <john.johansen@canonical.com>
2019-01-08 13:18:42 -08:00
Kees Cook 657d910b52 LSM: Provide separate ordered initialization
This provides a place for ordered LSMs to be initialized, separate from
the "major" LSMs. This is mainly a copy/paste from major_lsm_init() to
ordered_lsm_init(), but it will change drastically in later patches.

What is not obvious in the patch is that this change moves the integrity
LSM from major_lsm_init() into ordered_lsm_init(), since it is not marked
with the LSM_FLAG_LEGACY_MAJOR. As it is the only LSM in the "ordered"
list, there is no reordering yet created.

Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: John Johansen <john.johansen@canonical.com>
2019-01-08 13:18:42 -08:00
Kees Cook 47008e5161 LSM: Introduce LSM_FLAG_LEGACY_MAJOR
This adds a flag for the current "major" LSMs to distinguish them when
we have a universal method for ordering all LSMs. It's called "legacy"
since the distinction of "major" will go away in the blob-sharing world.

Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: John Johansen <john.johansen@canonical.com>
2019-01-08 13:18:42 -08:00
Linus Torvalds bfeffd1552 Linux 5.0-rc1 2019-01-06 17:08:20 -08:00
Linus Torvalds 85e1ffbd42 Kbuild late updates for v4.21
- improve boolinit.cocci and use_after_iter.cocci semantic patches
 
 - fix alignment for kallsyms
 
 - move 'asm goto' compiler test to Kconfig and clean up jump_label
   CONFIG option
 
 - generate asm-generic wrappers automatically if arch does not implement
   mandatory UAPI headers
 
 - remove redundant generic-y defines
 
 - misc cleanups
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJcMV5GAAoJED2LAQed4NsGs9gQAI/oGg8wJgk9a7+dJCX245W5
 F4ReftnQd4AFptFCi9geJkr+sfViXNgwPLqlJxiXz8Qe8XP7z3LcArDw3FUzwvGn
 bMSBiN9ggwWkOFgF523XesYgUVtcLpkNch/Migzf1Ac0FHk0G9o7gjcdsvAWHkUu
 qFwtNcUB6PElRbhsHsh5qCY1/6HaAXgf/7O7wztnaKRe9myN6f2HzT4wANS9HHde
 1e1r0LcIQeGWfG+3va3fZl6SDxSI/ybl244OcDmDyYl6RA1skSDlHbIBIFgUPoS0
 cLyzoVj+GkfI1fRFEIfou+dj7lpukoAXHsggHo0M+ofqtbMF+VB2T3jvg4txanCP
 TXzDc+04QUguK5yVnBfcnyC64Htrhnbq0eGy43kd1VZWAEGApl+680P8CRsWU3ZV
 kOiFvZQ6RP/Ssw+a42yU3SHr31WD7feuQqHU65osQt4rdyL5wnrfU1vaUvJSkltF
 cyPr9Kz/Ism0kPodhpFkuKxwtlKOw6/uwdCQoQHtxAPkvkcydhYx93x3iE0nxObS
 CRMximiRyE12DOcv/3uv69n0JOPn6AsITcMNp8XryASYrR2/52txhGKGhvo3+Zoq
 5pwc063JsuxJ/5/dcOw/erQar5d1eBRaBJyEWnXroxUjbsLPAznE+UIN8tmvyVly
 SunlxNOXBdYeWN6t6S3H
 =I+r6
 -----END PGP SIGNATURE-----

Merge tag 'kbuild-v4.21-3' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild

Pull more Kbuild updates from Masahiro Yamada:

 - improve boolinit.cocci and use_after_iter.cocci semantic patches

 - fix alignment for kallsyms

 - move 'asm goto' compiler test to Kconfig and clean up jump_label
   CONFIG option

 - generate asm-generic wrappers automatically if arch does not
   implement mandatory UAPI headers

 - remove redundant generic-y defines

 - misc cleanups

* tag 'kbuild-v4.21-3' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild:
  kconfig: rename generated .*conf-cfg to *conf-cfg
  kbuild: remove unnecessary stubs for archheader and archscripts
  kbuild: use assignment instead of define ... endef for filechk_* rules
  arch: remove redundant UAPI generic-y defines
  kbuild: generate asm-generic wrappers if mandatory headers are missing
  arch: remove stale comments "UAPI Header export list"
  riscv: remove redundant kernel-space generic-y
  kbuild: change filechk to surround the given command with { }
  kbuild: remove redundant target cleaning on failure
  kbuild: clean up rule_dtc_dt_yaml
  kbuild: remove UIMAGE_IN and UIMAGE_OUT
  jump_label: move 'asm goto' support test to Kconfig
  kallsyms: lower alignment on ARM
  scripts: coccinelle: boolinit: drop warnings on named constants
  scripts: coccinelle: check for redeclaration
  kconfig: remove unused "file" field of yylval union
  nds32: remove redundant kernel-space generic-y
  nios2: remove unneeded HAS_DMA define
2019-01-06 16:33:10 -08:00
Linus Torvalds ac5eed2b41 Merge branch 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull perf tooling updates form Ingo Molnar:
 "A final batch of perf tooling changes: mostly fixes and small
  improvements"

* 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (29 commits)
  perf session: Add comment for perf_session__register_idle_thread()
  perf thread-stack: Fix thread stack processing for the idle task
  perf thread-stack: Allocate an array of thread stacks
  perf thread-stack: Factor out thread_stack__init()
  perf thread-stack: Allow for a thread stack array
  perf thread-stack: Avoid direct reference to the thread's stack
  perf thread-stack: Tidy thread_stack__bottom() usage
  perf thread-stack: Simplify some code in thread_stack__process()
  tools gpio: Allow overriding CFLAGS
  tools power turbostat: Override CFLAGS assignments and add LDFLAGS to build command
  tools thermal tmon: Allow overriding CFLAGS assignments
  tools power x86_energy_perf_policy: Override CFLAGS assignments and add LDFLAGS to build command
  perf c2c: Increase the HITM ratio limit for displayed cachelines
  perf c2c: Change the default coalesce setup
  perf trace beauty ioctl: Beautify USBDEVFS_ commands
  perf trace beauty: Export function to get the files for a thread
  perf trace: Wire up ioctl's USBDEBFS_ cmd table generator
  perf beauty ioctl: Add generator for USBDEVFS_ ioctl commands
  tools headers uapi: Grab a copy of usbdevice_fs.h
  perf trace: Store the major number for a file when storing its pathname
  ...
2019-01-06 16:30:14 -08:00
Linus Torvalds 574823bfab Change mincore() to count "mapped" pages rather than "cached" pages
The semantics of what "in core" means for the mincore() system call are
somewhat unclear, but Linux has always (since 2.3.52, which is when
mincore() was initially done) treated it as "page is available in page
cache" rather than "page is mapped in the mapping".

The problem with that traditional semantic is that it exposes a lot of
system cache state that it really probably shouldn't, and that users
shouldn't really even care about.

So let's try to avoid that information leak by simply changing the
semantics to be that mincore() counts actual mapped pages, not pages
that might be cheaply mapped if they were faulted (note the "might be"
part of the old semantics: being in the cache doesn't actually guarantee
that you can access them without IO anyway, since things like network
filesystems may have to revalidate the cache before use).

In many ways the old semantics were somewhat insane even aside from the
information leak issue.  From the very beginning (and that beginning is
a long time ago: 2.3.52 was released in March 2000, I think), the code
had a comment saying

  Later we can get more picky about what "in core" means precisely.

and this is that "later".  Admittedly it is much later than is really
comfortable.

NOTE! This is a real semantic change, and it is for example known to
change the output of "fincore", since that program literally does a
mmmap without populating it, and then doing "mincore()" on that mapping
that doesn't actually have any pages in it.

I'm hoping that nobody actually has any workflow that cares, and the
info leak is real.

We may have to do something different if it turns out that people have
valid reasons to want the old semantics, and if we can limit the
information leak sanely.

Cc: Kevin Easton <kevin@guarana.org>
Cc: Jiri Kosina <jikos@kernel.org>
Cc: Masatake YAMATO <yamato@redhat.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Greg KH <gregkh@linuxfoundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Michal Hocko <mhocko@suse.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2019-01-06 13:43:02 -08:00
Linus Torvalds 94bd8a05cd Fix 'acccess_ok()' on alpha and SH
Commit 594cc251fd ("make 'user_access_begin()' do 'access_ok()'")
broke both alpha and SH booting in qemu, as noticed by Guenter Roeck.

It turns out that the bug wasn't actually in that commit itself (which
would have been surprising: it was mostly a no-op), but in how the
addition of access_ok() to the strncpy_from_user() and strnlen_user()
functions now triggered the case where those functions would test the
access of the very last byte of the user address space.

The string functions actually did that user range test before too, but
they did it manually by just comparing against user_addr_max().  But
with user_access_begin() doing the check (using "access_ok()"), it now
exposed problems in the architecture implementations of that function.

For example, on alpha, the access_ok() helper macro looked like this:

  #define __access_ok(addr, size) \
        ((get_fs().seg & (addr | size | (addr+size))) == 0)

and what it basically tests is of any of the high bits get set (the
USER_DS masking value is 0xfffffc0000000000).

And that's completely wrong for the "addr+size" check.  Because it's
off-by-one for the case where we check to the very end of the user
address space, which is exactly what the strn*_user() functions do.

Why? Because "addr+size" will be exactly the size of the address space,
so trying to access the last byte of the user address space will fail
the __access_ok() check, even though it shouldn't.  As a result, the
user string accessor functions failed consistently - because they
literally don't know how long the string is going to be, and the max
access is going to be that last byte of the user address space.

Side note: that alpha macro is buggy for another reason too - it re-uses
the arguments twice.

And SH has another version of almost the exact same bug:

  #define __addr_ok(addr) \
        ((unsigned long __force)(addr) < current_thread_info()->addr_limit.seg)

so far so good: yes, a user address must be below the limit.  But then:

  #define __access_ok(addr, size)         \
        (__addr_ok((addr) + (size)))

is wrong with the exact same off-by-one case: the case when "addr+size"
is exactly _equal_ to the limit is actually perfectly fine (think "one
byte access at the last address of the user address space")

The SH version is actually seriously buggy in another way: it doesn't
actually check for overflow, even though it did copy the _comment_ that
talks about overflow.

So it turns out that both SH and alpha actually have completely buggy
implementations of access_ok(), but they happened to work in practice
(although the SH overflow one is a serious serious security bug, not
that anybody likely cares about SH security).

This fixes the problems by using a similar macro on both alpha and SH.
It isn't trying to be clever, the end address is based on this logic:

        unsigned long __ao_end = __ao_a + __ao_b - !!__ao_b;

which basically says "add start and length, and then subtract one unless
the length was zero".  We can't subtract one for a zero length, or we'd
just hit an underflow instead.

For a lot of access_ok() users the length is a constant, so this isn't
actually as expensive as it initially looks.

Reported-and-tested-by: Guenter Roeck <linux@roeck-us.net>
Cc: Matt Turner <mattst88@gmail.com>
Cc: Yoshinori Sato <ysato@users.sourceforge.jp>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2019-01-06 13:25:45 -08:00
Linus Torvalds baa6707381 Add Adiantum support for fscrypt
-----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEEK2m5VNv+CHkogTfJ8vlZVpUNgaMFAlwyBbEACgkQ8vlZVpUN
 gaNrawgAhYWrPwsEFM17dziRWRm8Ub9QgQUK6JRt+vE5KCRRVdXgJSLVH4esW9rJ
 X+QQ0diT8ZMKjdbsyz0cVmwP7nqQ5EKzjxts6J8vtbWDB6+nvaDLNdicJgUOprcT
 jIi8/45XKmyGUVO9Au6Wdda/zZi4dQBkXd+zUFGWYQRYL0LgmboWHKlaWueu7Qha
 xVtavYPSKUSMH8+r1F+HU6P41+1IBiuK4tCwfKfAqJ367Ushzk9xVKHNGrGDAQNi
 BTbn4NOOFaYvmVudJbQjD3tHtuQu2JsxlclB5KAtLBm1r3+vb3fMGsNyPBUmNp6Y
 YE/xKhACP4kYlk9xCG7vWcWGyTu90g==
 =HR7f
 -----END PGP SIGNATURE-----

Merge tag 'fscrypt_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/fscrypt

Pull fscrypt updates from Ted Ts'o:
 "Add Adiantum support for fscrypt"

* tag 'fscrypt_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/fscrypt:
  fscrypt: add Adiantum support
2019-01-06 12:21:11 -08:00
Linus Torvalds 215240462a Fix a number of ext4 bugs.
-----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEEK2m5VNv+CHkogTfJ8vlZVpUNgaMFAlwyAi0ACgkQ8vlZVpUN
 gaMtEgf9GyIJ5UnbR3J5+tpOAjx2GFJmTgpinWcfqVBrWwQDTigxiLm5sRIz5ToY
 hoWvCIxWm9LgrdS0unYOUNzRyzSZisNAtceowbPErlV5NPS9zcftVt4pRYZ6hIZK
 L3wKQ/PdVxIaekP9SXvFx5tfnHSB6CTGOJu1YMlF8ERm4tXUXHIwHzwUwrYqPYN0
 5i0uWxbx7qMlEzTf/9sEMYrmdHjsrPlXe0kIP0sMyd7hJl28l0QTNQ2s126fRNLK
 wkVMduacGuFGLwqbh7O1QrayWtcni7PKgTW9MfTsjLbg/EWx77auZBTSLfEO+ZKq
 2gxxCbM0sID5sgVaw6ku8QJkfiU2fw==
 =aQSK
 -----END PGP SIGNATURE-----

Merge tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4

Pull ext4 bug fixes from Ted Ts'o:
 "Fix a number of ext4 bugs"

* tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4:
  ext4: fix special inode number checks in __ext4_iget()
  ext4: track writeback errors using the generic tracking infrastructure
  ext4: use ext4_write_inode() when fsyncing w/o a journal
  ext4: avoid kernel warning when writing the superblock to a dead device
  ext4: fix a potential fiemap/page fault deadlock w/ inline_data
  ext4: make sure enough credits are reserved for dioread_nolock writes
2019-01-06 12:19:23 -08:00
Linus Torvalds e2b745f469 dma-mapping fixes for Linux 4.21-rc1
Fix various regressions introduced in this cycles:
 
  - fix dma-debug tracking for the map_page / map_single consolidatation
  - properly stub out DMA mapping symbols for !HAS_DMA builds to avoid
    link failures
  - fix AMD Gart direct mappings
  - setup the dma address for no kernel mappings using the remap
    allocator
 -----BEGIN PGP SIGNATURE-----
 
 iQI/BAABCgApFiEEgdbnc3r/njty3Iq9D55TZVIEUYMFAlwyR9ULHGhjaEBsc3Qu
 ZGUACgkQD55TZVIEUYPvOA/+L+32p2pm8o6NTgvtRvqsKNrbOm02fORLrhBqAiok
 AcirFDxTfMuUWU2isr7E7WNqwEmUQ1nVUa+I0IJ/IJFfKdTggXcaTX1M19+62KWa
 1LHpZLg1t2rl2yFQHgTrFKr5sz1PwUKZO8UbrYaYYgLgQkWDRzJs4E/tFNju8pMm
 0Usexo/bkI5mreJBImMsFwAnuk0k3NT058XIeD+eNttKjcuz5kEH+bE/999vySW3
 sOj9Peic/EFelOGb4ODxUIPjhiGFMv5dVusSAsFBH26iwQfX/tFSmXhrI5cnDewg
 NlREennfyM+6uTH/DO+BlX7eGCRYbFc1GU5H9q4rRMXhEam6oc2AzVKuElJOVstZ
 XVjP6zTwmuOh/5ff0NG6EPjA/OFcmlBEsmeWu4xSS8KsNILOkpUaPed/uWnA7O+2
 mvU104NA5cHgVMgiGNM/4ilirkEZEFEHYhafH42bQxjMigm7ZHN14NtwM7StLTu6
 QgyfPUcW/LmHj2scgvB1AZ+iQX0z7yJJMGifUxtz+eMCWCC7neOJ7JLvNnS9WI5w
 9RwYaCOcDAZyAmCpbSADWxeG9cfsCDp8wmaGs3YVyhkDU8tCSqbxWJutvyDQnC17
 GtZ0vYLTaJXBCq1L/FC0y8NCCGgvySPXYU7/ZYuOCzS4q2jvjwTWD3dKodvnS+mb
 B0s=
 =H9J6
 -----END PGP SIGNATURE-----

Merge tag 'dma-mapping-4.21-1' of git://git.infradead.org/users/hch/dma-mapping

Pull dma-mapping fixes from Christoph Hellwig:
 "Fix various regressions introduced in this cycles:

   - fix dma-debug tracking for the map_page / map_single
     consolidatation

   - properly stub out DMA mapping symbols for !HAS_DMA builds to avoid
     link failures

   - fix AMD Gart direct mappings

   - setup the dma address for no kernel mappings using the remap
     allocator"

* tag 'dma-mapping-4.21-1' of git://git.infradead.org/users/hch/dma-mapping:
  dma-direct: fix DMA_ATTR_NO_KERNEL_MAPPING for remapped allocations
  x86/amd_gart: fix unmapping of non-GART mappings
  dma-mapping: remove a few unused exports
  dma-mapping: properly stub out the DMA API for !CONFIG_HAS_DMA
  dma-mapping: remove dmam_{declare,release}_coherent_memory
  dma-mapping: implement dmam_alloc_coherent using dmam_alloc_attrs
  dma-mapping: implement dma_map_single_attrs using dma_map_page_attrs
2019-01-06 11:47:26 -08:00
Linus Torvalds 12133258d7 chrome platform changes for v4.21
Changes for EC_MKBP_EVENT_SENSOR_FIFO handling.
 Also, maintainership changes. Olofj out, Enric balletbo in.
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEE6gYDF28Li+nEiKLaHwn1ewov5lgFAlwucOAACgkQHwn1ewov
 5lhuzA//VHzRpU+9DntQ1N8PWBzEH4+AX1nJSUh18CQ0h9dkHP/34vd5b5ZKZogY
 kwBAvfylxJnMYyTEoLa6y+Cvdy+YqGg5ltx41ZTxIF3nMKTvgLCKIxjWurrg9+Ip
 DLJ6NuhSyJfXnKigJW/E5j/1J8fL9xpJDvzQh0psfK37NZiHeQb6tDaKJ8gWNm0O
 KLrz+PWaKWJICoJIJtdTE/bplxneQNySVoA7xWKC++2cJMrbjCOg4PomHH20sGqR
 sCQNmpJU/ntVqPNnRuuOpW4tcF+Ua1gZnkdp6QXaJNFrgtG0JNwyiQk9Q5PA3Mhd
 /6GEv1TZWJK0b4T9urDQOypbN0t9VWBp/12SaGKbGOhC9MQEYiihOGzVBxJljKml
 KuWke6AoKr3JVAjItoSaplJy2u47sZ4sYlkqxSDrklGatP58l2i72Un3Z+xO9b1z
 9tz6X2hSRJHWZ/DwE7l9v63cHlSkEVEHuZRS2bDv23VRCLEwFmX43346ACCCRJFQ
 Ei+/npGQB0bBjHgpBUHMt5YpHt0dlzqRTLoGrUgTmxKR9KiinPmM/0Ks0/G0ZRGg
 Kygv71y9lL1Npf2rERLCdMgsp0cOaQ+ykv1JsfNIlbAWeSjhEDre5G0DS6cOZmT4
 dZ7D4nh9ERBHv/5jiqvGaU5HWyU9LFhYFXe882KF9BV9wgFLrXk=
 =fyvk
 -----END PGP SIGNATURE-----

Merge tag 'tag-chrome-platform-for-v4.21' of git://git.kernel.org/pub/scm/linux/kernel/git/bleung/chrome-platform

Pull chrome platform updates from Benson Leung:

 - Changes for EC_MKBP_EVENT_SENSOR_FIFO handling.

 - Also, maintainership changes. Olofj out, Enric balletbo in.

* tag 'tag-chrome-platform-for-v4.21' of git://git.kernel.org/pub/scm/linux/kernel/git/bleung/chrome-platform:
  MAINTAINERS: add maintainers for ChromeOS EC sub-drivers
  MAINTAINERS: platform/chrome: Add Enric as a maintainer
  MAINTAINERS: platform/chrome: remove myself as maintainer
  platform/chrome: don't report EC_MKBP_EVENT_SENSOR_FIFO as wakeup
  platform/chrome: straighten out cros_ec_get_{next,host}_event() error codes
2019-01-06 11:40:06 -08:00
Linus Torvalds 66e012f618 hwspinlock updates for v4.21
This adds support for the hardware semaphores found in STM32MP1.
 -----BEGIN PGP SIGNATURE-----
 
 iQJPBAABCAA5FiEEBd4DzF816k8JZtUlCx85Pw2ZrcUFAlwuaOMbHGJqb3JuLmFu
 ZGVyc3NvbkBsaW5hcm8ub3JnAAoJEAsfOT8Nma3FaTYQAKeBTYqoqYfkx/iecajM
 wtlpzlxCibkUGHyoZhPgWPt7Xc61/7jWhUB/JsIfVQAptlHqzwyxOGqW4z07TI5O
 /hwO5kzHQ79kDdIedmvmmPCZbo8n/xn50/Y/LpEMQrFKUtfmMXBXX6geIo8KxcxB
 uMPCv75tTgoqzz4+/ywX9qbhkOuLa6tfcnLO0ES7mQl5H8e1SIHJP0sL74XbLqqy
 z0N5eO23vPu/IE2YRi9e5gKNFGFKTovGK9oHKgab0aOtb5l67N8fBaZfJ3IE9EOT
 pi5rtIlr0SN3p8uhkOJAor7tNc9kNvm6gZv6Px2ROg12o9tNwOmWpOT/SH7pSNwD
 7QlATJGygD9oU76BT31OKrulCH3wAVxGX7TVrOnueqWJJeAQtGZd3xCqNF2ThgEh
 kCd6asCcdDRNE6OLxU2LeWlEsivClxLUuPpSvTqeUWCAhDnBphvmSgDwWhlsJkOT
 R2Lbaa1PhTeCY0tVwLsHvRq24eQqLWppF/6XwdaUeCb7R3rqlDEeqYyxZI42xRF9
 PlnitBXem27ZCGEY7f+jLgnPVOHdGFK1biVcPLtTghG5R8BxOQgggnkJGTIImotK
 T3eQF+EbFSV+fRfnMAm080mjveaqcFMueWavZCMwbn0fMJFpikbputDD6hV27usI
 pvGS1zH5vSxA4h5RBJGayFw1
 =le6D
 -----END PGP SIGNATURE-----

Merge tag 'hwlock-v4.21' of git://github.com/andersson/remoteproc

Pull hwspinlock updates from Bjorn Andersson:
 "This adds support for the hardware semaphores found in STM32MP1"

* tag 'hwlock-v4.21' of git://github.com/andersson/remoteproc:
  hwspinlock: fix return value check in stm32_hwspinlock_probe()
  hwspinlock: add STM32 hwspinlock device
  dt-bindings: hwlock: Document STM32 hwspinlock bindings
2019-01-06 11:37:44 -08:00
Eric Biggers 8094c3ceb2 fscrypt: add Adiantum support
Add support for the Adiantum encryption mode to fscrypt.  Adiantum is a
tweakable, length-preserving encryption mode with security provably
reducible to that of XChaCha12 and AES-256, subject to a security bound.
It's also a true wide-block mode, unlike XTS.  See the paper
"Adiantum: length-preserving encryption for entry-level processors"
(https://eprint.iacr.org/2018/720.pdf) for more details.  Also see
commit 059c2a4d8e ("crypto: adiantum - add Adiantum support").

On sufficiently long messages, Adiantum's bottlenecks are XChaCha12 and
the NH hash function.  These algorithms are fast even on processors
without dedicated crypto instructions.  Adiantum makes it feasible to
enable storage encryption on low-end mobile devices that lack AES
instructions; currently such devices are unencrypted.  On ARM Cortex-A7,
on 4096-byte messages Adiantum encryption is about 4 times faster than
AES-256-XTS encryption; decryption is about 5 times faster.

In fscrypt, Adiantum is suitable for encrypting both file contents and
names.  With filenames, it fixes a known weakness: when two filenames in
a directory share a common prefix of >= 16 bytes, with CTS-CBC their
encrypted filenames share a common prefix too, leaking information.
Adiantum does not have this problem.

Since Adiantum also accepts long tweaks (IVs), it's also safe to use the
master key directly for Adiantum encryption rather than deriving
per-file keys, provided that the per-file nonce is included in the IVs
and the master key isn't used for any other encryption mode.  This
configuration saves memory and improves performance.  A new fscrypt
policy flag is added to allow users to opt-in to this configuration.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
2019-01-06 08:36:21 -05:00
Linus Torvalds b5aef86e08 A handful of late-arriving documentation fixes.
-----BEGIN PGP SIGNATURE-----
 
 iQFDBAABCAAtFiEEIw+MvkEiF49krdp9F0NaE2wMflgFAlwv15sPHGNvcmJldEBs
 d24ubmV0AAoJEBdDWhNsDH5YxksH/2kdPM4ltyUfb7Nl3ioX6UQdiNf8zzYWXG+6
 TllwzGWpI1nK5H+hOGRVLeF/CPNdij/9ScdMhRWTb7Di2mlp3py+5bebZgkTA4KJ
 1wy+wnonbtNkHenAjP/e14PL8/JSsyTugADnLwxb4PiURiHiAhvM4jTuxsYAhAQf
 LlBoGyfowzI/laNRoh8RonHFtPI3U2oMkhtdx5OIySMlMJNgEIID63KkJsdsIujz
 CDUijaFX226s9PiobMNX09Y99fSfOly4yBASabePwrUtVKKL7AJ/vBTgqgdgVTBk
 ixTaooEYyLWaPSjMFNYlWH9hCu+N7MZAhrdNNPhHjgGJjTjaFXQ=
 =VfF6
 -----END PGP SIGNATURE-----

Merge tag 'docs-5.0-fixes' of git://git.lwn.net/linux

Pull documentation fixes from Jonathan Corbet:
 "A handful of late-arriving documentation fixes"

* tag 'docs-5.0-fixes' of git://git.lwn.net/linux:
  doc: filesystems: fix bad references to nonexistent ext4.rst file
  Documentation/admin-guide: update URL of LKML information link
  Docs/kernel-api.rst: Remove blk-tag.c reference
2019-01-05 18:35:02 -08:00
Linus Torvalds 15b215e5aa FireWire (IEEE 1394) subsystem patch:
- remove an explicit dependency in Kconfig which is implied by another dependency
 -----BEGIN PGP SIGNATURE-----
 
 iQJOBAABCAA4FiEElVwAmOXEbvmhUkgUefNvslRdedAFAlww1TAaHHN0ZWZhbnJA
 czVyNi5pbi1iZXJsaW4uZGUACgkQefNvslRdedBzJw/9Hwu5PIjPl6aLe7MLriZ8
 Av1UbVTKoT79eNDUK9EMN/1VPn+dYeWrko2y6c99YBACuI/VtSScLYbgFcBpzG/9
 witPFLL1LYhA/t4w3jLzPmnGv0+X4zCbO7HQG1CG24XlxvmQJkljvXi4RsmUTcFF
 ez5JRpK5DesDbx3WHDXSLrM+Jivrwdc5kImw+TkgqDIybsnrKgIlr3yQrdxc2bE9
 NoyT42tntXj6/fYTQ7JA2A9d94sJ6duV0jNeJ/r86/tu4dkUyZVWo+B45VJPEu37
 65/H1xIgI4tbqbrcoDK7H+HakZ3qLl19arTV4X6m+idPeLv74+bGYwSB0qp1BiQA
 VLwR0t0g3YcNAZOw5iFN/FuzpUYvlHRxkGIEVA8RLRL9sxSUYIbGrBZ77f1X7C82
 e4SvwxeOWr+4t4QcMQsEldwb1hg1Rm2a1benbd+5yciyzztGGGHnCIw+aehxBL2l
 1RFJsmSB4uU7cxpUwdvAAYnXOytEbRZey9nBn+APlt1zlzrv9Ptts/tE8gw/P10N
 /vVa7rPW+OYkQjGxjbYarM+9l169txcjd0wSM7t3rMfvtnDGbzla6WOLsDMs/yh0
 7H9mFk02IbolEee91TAym1KXnPLZLdv9psfpS1I2Pihy+sx7Wk2zLDK6ICQ0pbhZ
 R379ujTcy2WFzJcyYqkmp5Y=
 =1Qr0
 -----END PGP SIGNATURE-----

Merge tag 'firewire-update' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394

Pull firewire fixlet from Stefan Richter:
 "Remove an explicit dependency in Kconfig which is implied by another
  dependency"

* tag 'firewire-update' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394:
  firewire: Remove depends on HAS_DMA in case of platform dependency
2019-01-05 18:33:21 -08:00
Linus Torvalds d7252d0d36 for-linus-20190104
-----BEGIN PGP SIGNATURE-----
 
 iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAlwvz9EQHGF4Ym9lQGtl
 cm5lbC5kawAKCRD301j7KXHgprVuD/9dD3K/Fhl22UHyuL7mwCyUX8BQ6fwniNlI
 96a7IpAqdYG52MeZ8Ns1WZwWzzlNsJ6IUFLTUeHboMq1POsVSFBG2xWJEhwMWHq1
 ayWXH5MkeV2IM31o/LFbQM1WNtChqCqlHUKnpvB3UiGaozaTa4pqkNNRuEMTd0CA
 RSrXGEDtkPFdOWeQQuOqfjYD1K13GLFMFw9a3vXV/TYJkPE+w+1tR2ms49N7wqX3
 Kdh7ddGkJyBOre9kg0GXrjgXTgpanQOJE9152wIoWL0U9ZYJk91SkwQ2rOmgwFSm
 KLD4gI4rbrBT2/KLCEwv1PmmSNR0yiikPPeGZLIZy/hfmJEreECrv/5wDAz/0cBU
 KPgheNf7ZecDUxa/use9F15m5VYkd8TxnwssXD47GZ26Sp/UHU5/cuGsnxxuuiqU
 AgYVsgZxnWLhj1rhSB+8WZRWjoLX/1UMkt/mNOMIhVBCf0QGGtpl1FocIxHpDa1q
 w9AUS4JNHuVLU4npnTKMXXTJcixa2MT/8Lhhv9OTDFLWDGTVFed12NA8sX6R0vA8
 JnEFuKin03IdqRQyLM3s8YHJpWS/tni6YzCmaFE6g7K7MwuiFn25qsN3LwS4QYU5
 5HZ5Za8jpqQtJ2ESpcOSOOD7ILC3qOyIgDtatvdSv+13kgyT7EAWXWDIJ6KWzeGN
 FSbgtrTu2w==
 =bh1v
 -----END PGP SIGNATURE-----

Merge tag 'for-linus-20190104' of git://git.kernel.dk/linux-block

Pull block updates and fixes from Jens Axboe:

 - Pulled in MD changes that Shaohua had queued up for 4.21.

   Unfortunately we lost Shaohua late 2018, I'm sending these in on his
   behalf.

 - In conjunction with the above, I added a CREDITS entry for Shaoua.

 - sunvdc queue restart fix (Ming)

* tag 'for-linus-20190104' of git://git.kernel.dk/linux-block:
  Add CREDITS entry for Shaohua Li
  block: sunvdc: don't run hw queue synchronously from irq context
  md: fix raid10 hang issue caused by barrier
  raid10: refactor common wait code from regular read/write request
  md: remvoe redundant condition check
  lib/raid6: add option to skip algo benchmarking
  lib/raid6: sort algos in rough performance order
  lib/raid6: check for assembler SSSE3 support
  lib/raid6: avoid __attribute_const__ redefinition
  lib/raid6: add missing include for raid6test
  md: remove set but not used variable 'bi_rdev'
2019-01-05 18:29:13 -08:00
Linus Torvalds 0fe4e2d5cd drm i915 gvt, amdgpu, core fixes
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJcL65eAAoJEAx081l5xIa+y7EP+wQnTk3GV7rKiIi5LEtux5xW
 X2tTaPKHnwrMYjRaP2VNUntJPH6Wxcby3OHGNvGMe1IqNGL/5qRLQ/g1rSSPuM4z
 rYwWR/ooDU/KwYvsT/o+DSO62AoVzIqx8gn8+ShirRN3MdobCcwDebd5oqKjduOn
 hRy9WQwgPOnDG1D3fRWOGSzOE1K9yDFCUaR0AmhUehn9NvsztQGamMBBwMNg+y52
 a5vu+nSLxQrv3ZyZ5TQUgAzi2pWFtC6QxIVuLpl5TqFA3vdRVyN1T78klDnQ7WU7
 6GY1yq9D923c1Tfa0RZoXnE++bX91KKJ5y9YFuNFv8X/th6UoEzRrOPDINfLoZv3
 JsPPSPAiZTgoXc/RGfoMbnidajNB7Gx+No+Pd8P6MeY5H1E+ivMXt5MrOgcMXUqk
 FajthiuSlaB+u5OjNjuS6gBbAMIKw7Idg4hEFSabj91qhJIet/fPhzNmp0HPJ1wF
 XlNnxI7XOytCAORrjLy2q4/lkaoG2AlVpZzeMLgXSxGGlSCtIpDUIqgQbtV1ppCi
 RboQ8yMflRejeK6oXoC92mI8yDB6rwoQy2tK0Hvnag5/q1r7AVYJq+3890NFEU4X
 F5TuCgvhswdkTEJUED1G6pnX7aQzW0dh6KrCltF34sFzD1etYb150En7laa+2kmX
 G5HfZbkLwscPt91moA6B
 =hFld
 -----END PGP SIGNATURE-----

Merge tag 'drm-next-2019-01-05' of git://anongit.freedesktop.org/drm/drm

Pull drm fixes from Dave Airlie:
 "Happy New Year, just decloaking from leave to get some stuff from the
  last week in before rc1:

  core:
   - two regression fixes for damage blob and atomic

  i915 gvt:
   - Some missed GVT fixes from the original pull

  amdgpu:
   - new PCI IDs
   - SR-IOV fixes
   - DC fixes
   - Vega20 fixes"

* tag 'drm-next-2019-01-05' of git://anongit.freedesktop.org/drm/drm: (53 commits)
  drm: Put damage blob when destroy plane state
  drm: fix null pointer dereference on null state pointer
  drm/amdgpu: Add new VegaM pci id
  drm/ttm: Use drm_debug_printer for all ttm_bo_mem_space_debug output
  drm/amdgpu: add Vega20 PSP ASD firmware loading
  drm/amd/display: Fix MST dp_blank REG_WAIT timeout
  drm/amd/display: validate extended dongle caps
  drm/amd/display: Use div_u64 for flip timestamp ns to ms
  drm/amdgpu/uvd:Change uvd ring name convention
  drm/amd/powerplay: add Vega20 LCLK DPM level setting support
  drm/amdgpu: print process info when job timeout
  drm/amdgpu/nbio7.4: add hw bug workaround for vega20
  drm/amdgpu/nbio6.1: add hw bug workaround for vega10/12
  drm/amd/display: Optimize passive update planes.
  drm/amd/display: verify lane status before exiting verify link cap
  drm/amd/display: Fix bug with not updating VSP infoframe
  drm/amd/display: Add retry to read ddc_clock pin
  drm/amd/display: Don't skip link training for empty dongle
  drm/amd/display: Wait edp HPD to high in detect_sink
  drm/amd/display: fix surface update sequence
  ...
2019-01-05 18:25:19 -08:00
Linus Torvalds 3954e1d031 4.21 merge window 2nd pull request
Over the break a few defects were found, so this is a -rc style pull
 request of various small things that have been posted.
 
 - An attempt to shorten RCU grace period driven delays showed crashes
   during heavier testing, and has been entirely reverted
 
 - A missed merge/rebase error between the advise_mr and ib_device_ops
   series
 
 - Some small static analysis driven fixes from Julia and Aditya
 
 - Missed ability to create a XRC_INI in the devx verbs interop series
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEfB7FMLh+8QxL+6i3OG33FX4gmxoFAlwu4TIACgkQOG33FX4g
 mxqPgw//XU7X2/AbXALQOvZgI6y/qs6BSzucGEkTEEMyJ5KvjS537yJqN7ltfe9d
 BiJLIpCUJ2NKqyUnbah7nHT06Mm7wZM+FkIxtf2N3te/MfYd5HwIvUdIwwmX+VEc
 k1DcRD1EfowZCSgBAVQAqqJu6oBW//Wi48BQ7HNGvyXVJJ/F+uKIM/Am6oGUTV/5
 69yo0ZfqP/+bRfbNvg7cHqWafCL8ed70pIqpoL67hRfHcxUW/TQVV6njw8FNB/MH
 DNL6pN3oncUweyOPDV/Z6Cx+De5BFF498Rbvosugk8OO62wQ780DTvTeA5AlEtxV
 TEjTtd7QqDhWRELzv4WtU9ojrOnp3bzEu36Ok7ANEGAW40WdAL//eWQiaJF423Az
 zcD3w/t9ZE2mIX9h7YcVnMpmDvGpyQorG4mFYPfZgXLVxgrY2phLwiZsOk3B6PY8
 cszL4mJFnk6DKB9/31nWgPpWl+V1/E48JODwU9Fz1d3ov+XvNC4SBp0hM6cfG25c
 insZevsAfMQ+k43Rw+iE62Sz9JTfJZpVekyMmIG5fqCZlzG4UXhB6On5r6TGvWc0
 cnbZ+ELmsZY54DyAloOAKvBUuVY/t8QYaFo3y69v0B5ZiVnY1I00r74FyGEo21Cv
 /uxKbUmQxW4T9rdgZtWtfsSKcuiGrRDLTcLJ5j19c6bqJyF3fao=
 =REsM
 -----END PGP SIGNATURE-----

Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma

Pull rdma fixes from Jason Gunthorpe:
 "Over the break a few defects were found, so this is a -rc style pull
  request of various small things that have been posted.

   - An attempt to shorten RCU grace period driven delays showed crashes
     during heavier testing, and has been entirely reverted

   - A missed merge/rebase error between the advise_mr and ib_device_ops
     series

   - Some small static analysis driven fixes from Julia and Aditya

   - Missed ability to create a XRC_INI in the devx verbs interop
     series"

* tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma:
  infiniband/qedr: Potential null ptr dereference of qp
  infiniband: bnxt_re: qplib: Check the return value of send_message
  IB/ipoib: drop useless LIST_HEAD
  IB/core: Add advise_mr to the list of known ops
  Revert "IB/mlx5: Fix long EEH recover time with NVMe offloads"
  IB/mlx5: Allow XRC INI usage via verbs in DEVX context
2019-01-05 18:20:51 -08:00
Linus Torvalds a8a6b1186b fbdev changes for v4.21:
- fix fbcon to not cause crash on unregister_framebuffer()
   when there is more than one framebuffer (Noralf Trønnes)
 
 - improve support for small rotated displays (Peter Rosin)
 
 - fix probe failure handling in udlfb driver (Dan Carpenter)
 
 - add config option to center the bootup logo (Peter Rosin)
 
 - make FB_BACKLIGHT config option tristate (Rob Clark)
 
 - remove superfluous HAS_DMA dependency for goldfishfb driver
   (Geert Uytterhoeven)
 
 - misc fixes (Alexey Khoroshilov, YueHaibing, Colin Ian King,
   Lubomir Rintel)
 
 - misc cleanups (Yangtao Li, Wen Yang)
 
 also there is DRM's nouveau driver fix for wrong FB_BACKLIGHT
 config option usage (FB_BACKLIGHT is for internal fbdev
 subsystem use only)
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJcL0mpAAoJEH4ztj+gR8ILCikP/iXITim75hV2VU3EIB2xQ6B8
 oRpksZ2NnkS+TKQD7RbbweytBUIPtC3awd7uck6MNoiROmkZVqEl9jXsM84yU9XL
 1t+CQHtLQbnN84RTSBtA5G75PViRK9k39y2uKagJeANlaMVK8dRxR+6QFwnxlWnx
 zWbP70GyTQba+d2uJIEyVuZBRzhNyjoK9KjwidMvVqthlmRQKTHuAkZnuVUbt9l1
 xhO8YxMj8zdc9DPsUGB4tsPwJ6q+qq4FihC7tamcJeWRW6sxBmYTWWnfYuYQrRN1
 izp5xnGoeGr+s9pfOxLno2IMFDxOlZpF7aZg22pB9joMciqvy58OyPzKckdgLveq
 VIjx8l+dffgq12z6adPkLYHxHp7U4D5EFQg5WRKcImHAPTtea3+vS2C2aZhadEgK
 0EcJrcIWO4cUijtH8aelur/I87iVrn81G34mSOvR45/RlKqcn569hlANPAGp8Gop
 R6WSq16xY67eb3oRLbeK5W46cNd36L/9UOJOvxAMlo/Or3zyrgQn9z4Zj0IKJjXZ
 ixR+AL4nKlhZDkNdK8cmUTLFyN9JsbOjjW3GKgw9hz/BST6Z+Rk8L8OxhyyAahVk
 9wuupyHdpHdhuWWzzOLrmRcpNE3l1w79j79dHfbqrzQn/Uql0P5u0Hyrc5f8Fy4W
 bslNoVbRMXtlktacxv4X
 =rd5j
 -----END PGP SIGNATURE-----

Merge tag 'fbdev-v4.21' of git://github.com/bzolnier/linux

Pull fbdev updates from Bartlomiej Zolnierkiewicz:
 "This time the pull request is really small.

  The most notable changes are fixing fbcon to not cause crash on
  unregister_framebuffer() operation when there is more than one
  framebuffer, adding config option to center the bootup logo and making
  FB_BACKLIGHT config option tristate (which in turn uncovered incorrect
  FB_BACKLIGHT usage by DRM's nouveau driver).

  Summary:

   - fix fbcon to not cause crash on unregister_framebuffer() when there
     is more than one framebuffer (Noralf Trønnes)

   - improve support for small rotated displays (Peter Rosin)

   - fix probe failure handling in udlfb driver (Dan Carpenter)

   - add config option to center the bootup logo (Peter Rosin)

   - make FB_BACKLIGHT config option tristate (Rob Clark)

   - remove superfluous HAS_DMA dependency for goldfishfb driver (Geert
     Uytterhoeven)

   - misc fixes (Alexey Khoroshilov, YueHaibing, Colin Ian King, Lubomir
     Rintel)

   - misc cleanups (Yangtao Li, Wen Yang)

  also there is DRM's nouveau driver fix for wrong FB_BACKLIGHT config
  option usage (FB_BACKLIGHT is for internal fbdev subsystem use only)"

* tag 'fbdev-v4.21' of git://github.com/bzolnier/linux:
  drm/nouveau: fix incorrect FB_BACKLIGHT usage in Kconfig
  fbdev: fbcon: Fix unregister crash when more than one framebuffer
  fbdev: Remove depends on HAS_DMA in case of platform dependency
  pxa168fb: trivial typo fix
  fbdev: fsl-diu: remove redundant null check on cmap
  fbdev: omap2: omapfb: convert to DEFINE_SHOW_ATTRIBUTE
  fbdev: uvesafb: fix spelling mistake "memoery" -> "memory"
  fbdev: fbmem: add config option to center the bootup logo
  fbdev: fbmem: make fb_show_logo_line return the end instead of the height
  video: fbdev: pxafb: Fix "WARNING: invalid free of devm_ allocated data"
  fbdev: fbmem: behave better with small rotated displays and many CPUs
  video: clps711x-fb: release disp device node in probe()
  fbdev: make FB_BACKLIGHT a tristate
  udlfb: fix some inconsistent NULL checking
2019-01-05 18:15:37 -08:00
Linus Torvalds 7671c14e6a Merge branch 'i2c/for-5.0' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux
Pull i2c updates from Wolfram Sang:
 "I2C has only driver updates for you this time.

  Mostly new IDs/DT compatibles, also SPDX conversions, small cleanups.
  STM32F7 got FastMode+ and PM support, Axxia some reliabilty
  improvements"

* 'i2c/for-5.0' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux: (26 commits)
  i2c: Add Actions Semiconductor Owl family S700 I2C support
  dt-bindings: i2c: Add S700 support for Actions Semi Soc's
  i2c: ismt: Add support for Intel Cedar Fork
  i2c: tegra: Switch to SPDX identifier
  i2c: tegra: Add missing kerneldoc for some fields
  i2c: tegra: Cleanup kerneldoc comments
  i2c: axxia: support sequence command mode
  dt-bindings: i2c: rcar: Add r8a774c0 support
  dt-bindings: i2c: sh_mobile: Add r8a774c0 support
  i2c: sh_mobile: Add support for r8a774c0 (RZ/G2E)
  i2c: i2c-cros-ec-tunnel: Switch to SPDX identifier.
  i2c: powermac: Use of_node_name_eq for node name comparisons
  i2c-axxia: check for error conditions first
  i2c-axxia: dedicated function to set client addr
  dt-bindings: i2c: Use correct vendor prefix for Atmel
  i2c: tegra: replace spin_lock_irqsave with spin_lock in ISR
  eeprom: at24: add support for 24c2048
  dt-bindings: eeprom: at24: add "atmel,24c2048" compatible string
  i2c: i2c-stm32f7: add PM Runtime support
  i2c: sh_mobile: add support for r8a77990 (R-Car E3)
  ...
2019-01-05 18:13:35 -08:00
Linus Torvalds 926b02d3eb pci-v4.21-changes
-----BEGIN PGP SIGNATURE-----
 
 iQJIBAABCgAyFiEEgMe7l+5h9hnxdsnuWYigwDrT+vwFAlwtMCIUHGJoZWxnYWFz
 QGdvb2dsZS5jb20ACgkQWYigwDrT+vwQUQ/+P5/VDpo4abjudGO2c7FU1bJOwvfN
 cfV5dvDCw0kpx0Em5SmnpAD7Punllxxvb/04K75lqarGyx/Txqaw+lbIF+qSj6my
 GsQ16Iy8T48x5hr+Pf6vTh1eE+NaAVZfOPDOt7CyTNAgwfzHeVNyfNvz7pfKTIIJ
 Mk/jRE4kkeWo60jsY5p3sFo3OVOxBOsRdN+2sruaQuWFXrKHLyNDR+7Z9ZPxubFk
 cCO/TYPhNXmmKhCAR4V/rGiqz9OL2wyFixGhGhmD3tnC9nAb/wTMzjARsyBopBPi
 b/KkR2eLFEyXN0HJrwqxiURo4J3nveAYEuNXH5KjRBQZnoBCGSCIlqFhlrp9vdBk
 B4KIdT8h/M6LsVGeVSEIxIEXCp67YE31kxraFrk4Vsggdh2TFQ0llh1sajj8IFJB
 XekutedAOlTSOaM1/jvVPUJYg04X90bp3uXn3IU45XlQ8nBOG3immFVITRLkvd3w
 ywH+SEdeZAhWl3RGy8SHhqdeCJ7nNQbcRaRJ5CoWJBDNJTBGF1X+zJD2Swi6H9vA
 nWGNRlb3CPPIMPF127nADnOE7Cj2FlpAEIEu52HpcpIrhEdrGvLkGeQfgdWBjbyU
 aHwC04bLWnvsA9SEFVnuMIBaFQmJ1RuaWAHdtscyyO2uoeCtN8Aa+BX6jXFbVZQN
 9eFzpiv0kUiXlAQ=
 =g1ia
 -----END PGP SIGNATURE-----

Merge tag 'pci-v4.21-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci

Pull PCI updates from Bjorn Helgaas:

 - Remove unused lists from ASPM pcie_link_state (Frederick Lawler)

 - Fix Broadcom CNB20LE host bridge unintended sign extension (Colin Ian
   King)

 - Expand Kconfig "PF" acronyms (Randy Dunlap)

 - Update MAINTAINERS for arch/x86/kernel/early-quirks.c (Bjorn Helgaas)

 - Add missing include to drivers/pci.h (Alexandru Gagniuc)

 - Override Synopsys USB 3.x HAPS device class so dwc3-haps can claim it
   instead of xhci (Thinh Nguyen)

 - Clean up P2PDMA documentation (Randy Dunlap)

 - Allow runtime PM even if driver doesn't supply callbacks (Jarkko
   Nikula)

 - Remove status check after submitting Switchtec MRPC Firmware Download
   commands to avoid Completion Timeouts (Kelvin Cao)

 - Set Switchtec coherent DMA mask to allow 64-bit DMA (Boris Glimcher)

 - Fix Switchtec SWITCHTEC_IOCTL_EVENT_IDX_ALL flag overwrite issue
   (Joey Zhang)

 - Enable write combining for Switchtec MRPC Input buffers (Kelvin Cao)

 - Add Switchtec MRPC DMA mode support (Wesley Sheng)

 - Skip VF scanning on powerpc, which does this in firmware (Sebastian
   Ott)

 - Add Amlogic Meson PCIe controller driver and DT bindings (Yue Wang)

 - Constify histb dw_pcie_host_ops structure (Julia Lawall)

 - Support multiple power domains for imx6 (Leonard Crestez)

 - Constify layerscape driver data (Stefan Agner)

 - Update imx6 Kconfig to allow imx6 PCIe in imx7 kernel (Trent Piepho)

 - Support armada8k GPIO reset (Baruch Siach)

 - Support suspend/resume support on imx6 (Leonard Crestez)

 - Don't hard-code DesignWare DBI/ATU offst (Stephen Warren)

 - Skip i.MX6 PHY setup on i.MX7D (Andrey Smirnov)

 - Remove Jianguo Sun from HiSilicon STB maintainers (Lorenzo Pieralisi)

 - Mask DesignWare interrupts instead of disabling them to avoid lost
   interrupts (Marc Zyngier)

 - Add locking when acking DesignWare interrupts (Marc Zyngier)

 - Ack DesignWare interrupts in the proper callbacks (Marc Zyngier)

 - Use devm resource parser in mediatek (Honghui Zhang)

 - Remove unused mediatek "num-lanes" DT property (Honghui Zhang)

 - Add UniPhier PCIe controller driver and DT bindings (Kunihiko
   Hayashi)

 - Enable MSI for imx6 downstream components (Richard Zhu)

* tag 'pci-v4.21-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci: (40 commits)
  PCI: imx: Enable MSI from downstream components
  s390/pci: skip VF scanning
  PCI/IOV: Add flag so platforms can skip VF scanning
  PCI/IOV: Factor out sriov_add_vfs()
  PCI: uniphier: Add UniPhier PCIe host controller support
  dt-bindings: PCI: Add UniPhier PCIe host controller description
  PCI: amlogic: Add the Amlogic Meson PCIe controller driver
  dt-bindings: PCI: meson: add DT bindings for Amlogic Meson PCIe controller
  arm64: dts: mt7622: Remove un-used property for PCIe
  arm: dts: mt7623: Remove un-used property for PCIe
  dt-bindings: PCI: MediaTek: Remove un-used property
  PCI: mediatek: Remove un-used variant in struct mtk_pcie_port
  MAINTAINERS: Remove Jianguo Sun from HiSilicon STB DWC entry
  PCI: dwc: Don't hard-code DBI/ATU offset
  PCI: imx: Add imx6sx suspend/resume support
  PCI: armada8k: Add support for gpio controlled reset signal
  PCI: dwc: Adjust Kconfig to allow IMX6 PCIe host on IMX7
  PCI: dwc: layerscape: Constify driver data
  PCI: imx: Add multi-pd support
  PCI: Override Synopsys USB 3.x HAPS device class
  ...
2019-01-05 17:57:34 -08:00
Linus Torvalds cf26057a94 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid
Pull HID updates from Jiri Kosina:

 - high-resolution scrolling support that gracefully handles differences
   between MS and Logitech implementations in HW, from Peter Hutterer
   and Harry Cutts

 - MSI IRQ support for intel-ish driver, from Song Hongyan

 - support for new hardware (Cougar 700K, Odys Winbook 13, ASUS FX503VD,
   ASUS T101HA) from Daniel M. Lambea, Hans de Goede and Aleix Roca
   Nonell

 - other small assorted fixups

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid: (22 commits)
  HID: i2c-hid: Add Odys Winbook 13 to descriptor override
  HID: lenovo: Add checks to fix of_led_classdev_register
  HID: intel-ish-hid: add MSI interrupt support
  HID: debug: Change to use DEFINE_SHOW_ATTRIBUTE macro
  HID: doc: fix wrong data structure reference for UHID_OUTPUT
  HID: intel-ish-hid: fixes incorrect error handling
  HID: asus: Add support for the ASUS T101HA keyboard dock
  HID: logitech: Use LDJ_DEVICE macro for existing Logitech mice
  HID: logitech: Enable high-resolution scrolling on Logitech mice
  HID: logitech: Add function to enable HID++ 1.0 "scrolling acceleration"
  HID: logitech-hidpp: fix typo, hiddpp to hidpp
  HID: input: use the Resolution Multiplier for high-resolution scrolling
  HID: core: process the Resolution Multiplier
  HID: core: store the collections as a basic tree
  Input: add `REL_WHEEL_HI_RES` and `REL_HWHEEL_HI_RES`
  HID: input: support Microsoft wireless radio control hotkey
  HID: use macros in IS_INPUT_APPLICATION
  HID: asus: Add support for the ASUS FX503VD laptop
  HID: asus: Add event handler to catch unmapped Asus Vendor UsagePage codes
  HID: cougar: Add support for Cougar 700K Gaming Keyboard
  ...
2019-01-05 17:53:40 -08:00