Zerocopy skbs frags are copied when the skb is looped to a local sock.
Commit 1080e512d4 ("net: orphan frags on receive") introduced calls
to skb_orphan_frags to deliver_skb and __netif_receive_skb for this.
With msg_zerocopy, these skbs can also exist in the tx path and thus
loop from dev_queue_xmit_nit. This already calls deliver_skb in its
loop. But it does not orphan before a separate pt_prev->func().
Add the missing skb_orphan_frags_rx.
Changes
v1->v2: handle skb_orphan_frags_rx failure
Fixes: 1f8b977ab3 ("sock: enable MSG_ZEROCOPY")
Signed-off-by: Willem de Bruijn <willemb@google.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
- Fix a regression in cpufreq on systems using DT as the source of
CPU configuration information where two different code paths
attempt to create the cpufreq-dt device object (there can be only
one) and fix up the "compatible" matching for some TI platforms
on top of that (Viresh Kumar, Dave Gerlach).
- Fix an initialization time memory leak in cpuidle on ARM which
occurs if the cpuidle driver initialization fails (Stefan Wahren).
- Fix a PM core function that checks whether or not there are any
system suspend/resume callbacks for a device, but forgets to
check legacy callbacks which then may be skipped incorrectly
and the system may crash and/or the device may become unusable
after a suspend-resume cycle (Rafael Wysocki).
- Fix request type validation for latency tolerance PM QoS requests
which may lead to unexpected behavior (Jan Schönherr).
- Fix a broken link to PM documentation from a header file and a
typo in a PM document (Geert Uytterhoeven, Rafael Wysocki).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABCAAGBQJZxYXOAAoJEILEb/54YlRxgkQP/1tQha6hykoryGscv1XGFPsc
VP7tpsf00gjMcUnbuRFbgD+jF60SAWtt48sIACUOqtxSXRTGdPHS8zggLo9pa0+A
A0Y8QlFXYHlk6up2iUyNOE0C2+UfD1pnh1fGfDtNLKob+hDhrrmRI2foMRVij9Cw
0+szDkUENcVwLcCzyWgv7uCdrG823kzBS0gCOJT4cpYid+s7lfFEwRZMz7m2Q/2Y
s0MMELdhBaaMAZyGIh28B2D+bAS1QTTxLr++nSiiIejVplraWlUYRToGlQMpZbJn
yPjKld5Zc6+VJ4sPl3oRw3wnfo4Rndwgx0VDGDdne1e0S7pQtIjNRbyGTbl2n6yS
+nckLpW767l9Mt9TVQzQBgnalUUZX78sqHqa3Ca9j8QXFcG0Khn5aewq76+9KVdv
uSAxUmthvErJUGa6GTkhBGywZxKtuIdA/eg23XDN/P2PSVW8hj+z4Fn8DylXSEo7
H3KMOJgSRWDFvAaYsusNEdQwy6+UWN9OiMoZYMVL6XcDYyFZrAaXtaZIb7MjOL5i
U9cv3QCU4CWtsbKoQb3qvQZudUa92MIHtLWILTuLT/lWPIPGiUGLbIYRE+hzRzkj
26J21Ex8veYuGEJT+YP6GBqtywX9aKuec2RZVSfqtAK/x/zXxwjFP6T3JHVril3T
/mxhLZIg/aJwIeJQ3JTG
=Cbgd
-----END PGP SIGNATURE-----
Merge tag 'pm-4.14-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
Pull power management fixes from Rafael Wysocki:
"These fix a cpufreq regression introduced by recent changes related to
the generic DT driver, an initialization time memory leak in cpuidle
on ARM, a PM core bug that may cause system suspend/resume to fail on
some systems, a request type validation issue in the PM QoS framework
and two documentation-related issues.
Specifics:
- Fix a regression in cpufreq on systems using DT as the source of
CPU configuration information where two different code paths
attempt to create the cpufreq-dt device object (there can be only
one) and fix up the "compatible" matching for some TI platforms on
top of that (Viresh Kumar, Dave Gerlach).
- Fix an initialization time memory leak in cpuidle on ARM which
occurs if the cpuidle driver initialization fails (Stefan Wahren).
- Fix a PM core function that checks whether or not there are any
system suspend/resume callbacks for a device, but forgets to check
legacy callbacks which then may be skipped incorrectly and the
system may crash and/or the device may become unusable after a
suspend-resume cycle (Rafael Wysocki).
- Fix request type validation for latency tolerance PM QoS requests
which may lead to unexpected behavior (Jan Schönherr).
- Fix a broken link to PM documentation from a header file and a typo
in a PM document (Geert Uytterhoeven, Rafael Wysocki)"
* tag 'pm-4.14-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
cpufreq: ti-cpufreq: Support additional am43xx platforms
ARM: cpuidle: Avoid memleak if init fail
cpufreq: dt-platdev: Add some missing platforms to the blacklist
PM: core: Fix device_pm_check_callbacks()
PM: docs: Drop an excess character from devices.rst
PM / QoS: Use the correct variable to check the QoS request type
driver core: Fix link to device power management documentation
Pull input fixes from Dmitry Torokhov:
- fixes for two long standing issues (lock up and a crash) in force
feedback handling in uinput driver
- tweak to firmware update timing in Elan I2C touchpad driver.
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input:
Input: elan_i2c - extend Flash-Write delay
Input: uinput - avoid crash when sending FF request to device going away
Input: uinput - avoid FF flush when destroying device
- sysctl and seccomp operation to discover available actions. (tyhicks)
- new per-filter configurable logging infrastructure and sysctl. (tyhicks)
- SECCOMP_RET_LOG to log allowed syscalls. (tyhicks)
- SECCOMP_RET_KILL_PROCESS as the new strictest possible action.
- self-tests for new behaviors.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Kees Cook <kees@outflux.net>
iQIcBAABCgAGBQJZxVbTAAoJEIly9N/cbcAmvIAQALR9aVQQXjma4lLhZxwTsLtG
rJm8t/o4y/2aBV8vzpFbMPT5gfN/PAkHJpCoxVPssx0k4PH2M7HjpnR6E1OC+erg
RNom3uNdNqZeFlDpdX1qriYiCTB9p6rHe0DPwgG9iGqgDxsJ+G3W+x1sMZ1C+A0M
shxA3fwt+Qpivo8Zq44xjMFjK+Zeor9V3yPc51QoZktWHlM16ID3HvHVnUtzqAUb
nTWF6ZlmZlJ/lp4Dq8/55lytVcXPo240G3H0Odai+SNFakK6p5UO//BRBV209bmb
05jpAOH6uym1sxVz00TQXCtDqOEzs2mQgomtTSShHg8SrLFX7nFkEFtAVA6tEri2
FqDYce9KX7ZtOYiq83C7pnpAFCouc0z31dQl9USHiAiexXklwBIX+OsVv98omWGi
pW43uLE2ovY0cpOsN50xI4mnxiGh6MhFcdbor2VLRJwLIFSw3XjjgNCCLyK4AJxs
N514252qi70c9cWyAHYDLy077yTVxu3JUlsVQKtRTMfoFUq6bX1jPXVXE8qkVrui
bc/Ay54pPrUwM854IpQ9ZBOuMfs6I5opocGIsBvMaND45U4o2B0ANCsxhuZ0zEtM
E55DhK5OgjukNemQmlWK2foDckYdtkJXCj2yMBNQady0Uynr2BWZ6VDBP7vFcnRB
UihRlFZRZleu8383uHsc
=sKeC
-----END PGP SIGNATURE-----
Merge tag 'seccomp-v4.14-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
Pull seccomp updates from Kees Cook:
"Major additions:
- sysctl and seccomp operation to discover available actions
(tyhicks)
- new per-filter configurable logging infrastructure and sysctl
(tyhicks)
- SECCOMP_RET_LOG to log allowed syscalls (tyhicks)
- SECCOMP_RET_KILL_PROCESS as the new strictest possible action
- self-tests for new behaviors"
[ This is the seccomp part of the security pull request during the merge
window that was nixed due to unrelated problems - Linus ]
* tag 'seccomp-v4.14-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
samples: Unrename SECCOMP_RET_KILL
selftests/seccomp: Test thread vs process killing
seccomp: Implement SECCOMP_RET_KILL_PROCESS action
seccomp: Introduce SECCOMP_RET_KILL_PROCESS
seccomp: Rename SECCOMP_RET_KILL to SECCOMP_RET_KILL_THREAD
seccomp: Action to log before allowing
seccomp: Filter flag to log all actions except SECCOMP_RET_ALLOW
seccomp: Selftest for detection of filter flag support
seccomp: Sysctl to configure actions that are allowed to be logged
seccomp: Operation for checking if an action is available
seccomp: Sysctl to display available actions
seccomp: Provide matching filter for introspection
selftests/seccomp: Refactor RET_ERRNO tests
selftests/seccomp: Add simple seccomp overhead benchmark
selftests/seccomp: Add tests for basic ptrace actions
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQGcBAABAgAGBQJZxb1HAAoJEIosvXAHck9RH48L/AnYLWFHp+9RK+elSTAFJkOn
seLJXoQTJtOQ9XA1Fz4wp5jiGTIJgx2Yq3Vj7hl8rQHNE6MvJxTfHxNSMwfrLUkS
HznrXpagSsKFcAHTyHojL3ZZCOzRFOE5c08xpfJ9cGsL3boJGfh+cXawP/mXBpIR
6IP5Om97PMH5QZhfoVkDJT+/L1ZKYdBDPoX56RH33l5w0h5ctHz24Zfk6K1e/NRw
/UMZ6di1FRxD5sZu+cQiKMymw/XohKOXkz48hj/x1wWZ0rkpxb4qlSRuQ5se9sKq
AwpRWacZkN7Vhwl4hLzQV914tLSkT2Z/pTKTZ7Xn0UBxXIpU/hYq/TuzS6E74rcs
n2H0FOdeaSPW7lE9Z0j0wWP3lNad2ii6qUE+BJxxaNTVa1Z5lOH2iNrmmp0HUi1G
FnKBiYdws2uJQDYQBFlKyrZY14LvRB3MAXKV94qRr1KWoIqFLrg+4O0mf/TcvzIV
fr8YT147UuK5FhSfLKJMJLQXYSGUA/M4QhdClFe+Sg==
=FS3F
-----END PGP SIGNATURE-----
Merge tag '4.14-smb3-fixes-from-recent-test-events-for-stable' of git://git.samba.org/sfrench/cifs-2.6
Pull cifs fixes from Steve French:
"Various SMB3 fixes for stable and security improvements from the
recently completed SMB3/Samba test events
* tag '4.14-smb3-fixes-from-recent-test-events-for-stable' of git://git.samba.org/sfrench/cifs-2.6:
SMB3: Don't ignore O_SYNC/O_DSYNC and O_DIRECT flags
SMB3: handle new statx fields
SMB: Validate negotiate (to protect against downgrade) even if signing off
cifs: release auth_key.response for reconnect.
cifs: release cifs root_cred after exit_cifs
CIFS: make arrays static const, reduces object code size
[SMB3] Update session and share information displayed for debugging SMB2/SMB3
cifs: show 'soft' in the mount options for hard mounts
SMB3: Warn user if trying to sign connection that authenticated as guest
SMB3: Fix endian warning
Fix SMB3.1.1 guest authentication to Samba
release and a rare NULL dereference in create_session_open_msg().
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAABCAAGBQJZxQ4tAAoJEEp/3jgCEfOLnrEH+wXHfoLTTFPRfHtvp3E1X0j0
FGBYg/AuOejMOxXrP824XURjaPSV5GiNJA6g62GXf31Va7lmYfI5u+70XbdVluEm
j1e8fT/qNfCizKq+dv8LyiPse6QDi+0siuxbLo7sMmJYODzrhKFWpbPsXabafCBc
XFc3sk6J6wPoZynPsd2QtxXhrZpmQ7Xq+Us2u+pA7DZvtiZCRn0unqUPWV0vFl0j
7cPqPBX5LOSJoLNHmffXMQBqAWq1mErNs8islm+DIJvookhdlc0J5Qsu2a8lGrkP
57Sln1nr1vNJ2f2qUj2feOm02+Vcy2HFBuLL82kFAGJAVAvlDH7tiFlO3WdFvx4=
=b0uS
-----END PGP SIGNATURE-----
Merge tag 'ceph-for-4.14-rc2' of git://github.com/ceph/ceph-client
Pull ceph fixes from Ilya Dryomov:
"Two small but important fixes: RADOS semantic change in upcoming v12.2.1
release and a rare NULL dereference in create_session_open_msg()"
* tag 'ceph-for-4.14-rc2' of git://github.com/ceph/ceph-client:
ceph: avoid panic in create_session_open_msg() if utsname() returns NULL
libceph: don't allow bidirectional swap of pg-upmap-items
Patches for ieee802154 will go through my new trees towards netdev from
now on. The 6LoWPAN subsystem will stay as is (shared between ieee802154
and bluetooth) and go through the bluetooth tree as usual.
Signed-off-by: Stefan Schmidt <stefan@osg.samsung.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Steve French <smfrench@gmail.com>
CC: Stable <stable@vger.kernel.org>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
Including:
- Two Kconfig fixes to fix dependencies that cause compile
failures when they are not fulfilled.
- Section mismatch fix for Intel VT-d
- A fix for PCI topology detection in ARM device-tree code
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABAgAGBQJZxPuhAAoJECvwRC2XARrj0DsP/AzoQJEcxxYi7L8dvf8YmTbj
/7ZrdpDJh7mP7DmIhgJcR8JAUFmvUFhfkT1AomPJwB3g2iQnaFHHe8KpMdUt/qLa
it7hyJm2qGoBiD5btbxMxhGWz/9UZOKORdP7jXbcwUP9pF9UrupMnW6B47YK8d3p
fAvP4c5zI2wmP3+nb9oBCHaFZVfa6YUYjvnR6OPv48vz6NzWMwQT7U8J4vCxIAce
U5u/INaKuq+M48oZoERb5KMFGKclw6jkKveqEGeQUsq1iSe/ICGjKizOxY2ZwQK4
sMdeirqz777FPabm/FBl6uhLicEgQVM0pm5vA/A++AHZcprYuvsjtT+VNBektJqA
eABZ8cgE5TVenCcG1oy+xAo34yEGnb9Zi1bthL9kA3RKB3zI6/OUOGuEEsRnIPKe
FbcOtLIom2C+YgMvqw0SYOMZ11f9VrF2jhabNLBZ+GealMjMPg8dSgN1zAv25I6r
JNzGX2MRBaL08DNEWnh8Ar/wIG0jQijgPwS6uWjhK2ac6m19BL3hXxhP5uwoG7+x
Q5LMFhIydihbCspjYGcDaHJbAReKVSETTgv5EbaywtKDCiE1f3lwpeW5+hMcG+wQ
q5WTrgRrwaHOW3uYaHC3MzR9YuHbClCX7zqLJ9m4TtlkTv8sGJ8byxHMhe/ccFsD
p0t+tMmGUIexl5L2TPad
=Oyo+
-----END PGP SIGNATURE-----
Merge tag 'iommu-fixes-v4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu
Pull IOMMU fixes from Joerg Roedel:
- two Kconfig fixes to fix dependencies that cause compile failures
when they are not fulfilled.
- a section mismatch fix for Intel VT-d
- a fix for PCI topology detection in ARM device-tree code
* tag 'iommu-fixes-v4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu:
iommu/of: Remove PCI host bridge node check
iommu/qcom: Depend on HAS_DMA to fix compile error
iommu/vt-d: Fix harmless section mismatch warning
iommu: Add missing dependencies
Pull arch/tile fixes from Chris Metcalf:
"These are a code cleanup and config cleanup, respectively"
* git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile:
tile: array underflow in setup_maxnodemem()
tile: defconfig: Cleanup from old Kconfig options
- #ifdef CONFIG_EFI around __efi_fpsimd_begin/end
- Assembly code alignment reduced to 4 bytes from 16
- Ensure the kernel is compiled for LP64 (there are some arm64 compilers
around defaulting to ILP32)
- Fix arm_pmu_acpi memory leak on the error path
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEE5RElWfyWxS+3PLO2a9axLQDIXvEFAlnFPSsACgkQa9axLQDI
XvGdxBAAhdWVExEaygHhoWl6/Dj5wpMu3ydYKb3crF7Ok+X/H5842vqVGxhSLxiN
5P9ZPmFN0nzOabBEGY5bJX35l0/JLA9UnYoNvHtIJc3MkLMCgJspf7yTE18jAjlj
rC53CBysDyMTTgfuJEOjyh2r06vuHnbMg5bXPtdXZe63tOSwWIiVxErhz3sl32cK
MTzAkLlJtnei5Da8EqEQuSV5/aRGK9ZHwWVuJqtnjOIT8rnR0ZZKVebwPdXJrMLt
FWjQLYuHHzlt6guQvV85SuokWX/Rkd/3VR1/6ShLXFbDGEgeRO9hvwoyZ7yRmxr8
y/agTDUWmGQoM7wtxKDXJUW/GFgib1Kg70C9L0YofN4CpcXrlBvqPDF2OIslfTil
smFkjchLHu1ToVww8zOgeMnXuWJoFvmUTvKau5jyWqNBqw71OYuxUBDWsx2NDVEi
OJJrQ1YMKRhI/n2berYJxZxreSsySEejcrPff55H60NlFPwlX6xQwzcJLpa6umkb
OfwW9gC29rpbM1uVMbPKj0faLNo11/+tkBxvZivzLKN2jtuPaV5MuIfXfvTZhuM1
16WYRMk4fQ2rqfQOiF1R5RIbKr1JHRCAmSEv2hiUSei35mfeVcqfUHcBS3VURgwa
UBcwCdlLkSxkLgCV4MAhZlST7FsRkQx+6OBiOJtiReGqkQtyjkg=
=ZHek
-----END PGP SIGNATURE-----
Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux
Pull arm64 fixes from Catalin Marinas:
- #ifdef CONFIG_EFI around __efi_fpsimd_begin/end
- Assembly code alignment reduced to 4 bytes from 16
- Ensure the kernel is compiled for LP64 (there are some arm64
compilers around defaulting to ILP32)
- Fix arm_pmu_acpi memory leak on the error path
* tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
drivers/perf: arm_pmu_acpi: Release memory obtained by kasprintf
arm64: ensure the kernel is compiled for LP64
arm64: relax assembly code alignment from 16 byte to 4 byte
arm64: efi: Don't include EFI fpsimd save/restore code in non-EFI kernels
We weren't returning the creation time or the two easily supported
attributes (ENCRYPTED or COMPRESSED) for the getattr call to
allow statx to return these fields.
Signed-off-by: Steve French <smfrench@gmail.com>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>\
Acked-by: Jeff Layton <jlayton@poochiereds.net>
CC: Stable <stable@vger.kernel.org>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
Some architectures define the no-op macros/functions copy_segments,
release_segments and forget_segments. These are used nowhere in the
tree, so removed them.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Acked-by: Vineet Gupta <vgupta@synopsys.com> [for arch/arc]
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* pm-core:
PM: core: Fix device_pm_check_callbacks()
* pm-qos:
PM / QoS: Use the correct variable to check the QoS request type
* pm-docs:
PM: docs: Drop an excess character from devices.rst
driver core: Fix link to device power management documentation
gcc-7 optimizes the byte-wise accesses of get_unaligned_le32() into
word-wise accesses if the 32-bit integer output_len is declared as
external. This panics then the bootloader since we don't have the
unaligned access fault trap handler installed during boot time.
Avoid this optimization by declaring output_len as byte-aligned and thus
unbreak the bootloader code.
Additionally, compile the boot code optimized for size.
Signed-off-by: Helge Deller <deller@gmx.de>
By adding the feature to build the kernel as self-extracting
executeable, the possibility to simply compress the kernel with gzip was
lost.
This patch now reintroduces this possibilty again and leaves it up to
the user to decide how the kernel should be built.
The palo bootloader is able to natively load both formats.
Signed-off-by: Helge Deller <deller@gmx.de>
The DAC access permissions for several apparmorfs files are wrong.
.access - needs to be writable by all tasks to perform queries
the others in the set only provide a read fn so should be read only.
With policy namespace virtualization all apparmor needs to control
the permission and visibility checks directly which means DAC
access has to be allowed for all user, group, and other.
BugLink: http://bugs.launchpad.net/bugs/1713103
Fixes: c97204baf8 ("apparmor: rename apparmor file fns and data to indicate use")
Signed-off-by: John Johansen <john.johansen@canonical.com>
In file included from security/apparmor/ipc.c:23:0:
security/apparmor/include/sig_names.h:26:3: error: 'SIGSTKFLT' undeclared here (not in a function)
[SIGSTKFLT] = 16, /* -, 16, - */
^
security/apparmor/include/sig_names.h:26:3: error: array index in initializer not of integer type
security/apparmor/include/sig_names.h:26:3: note: (near initialization for 'sig_map')
security/apparmor/include/sig_names.h:51:3: error: 'SIGUNUSED' undeclared here (not in a function)
[SIGUNUSED] = 34, /* -, 31, - */
^
security/apparmor/include/sig_names.h:51:3: error: array index in initializer not of integer type
security/apparmor/include/sig_names.h:51:3: note: (near initialization for 'sig_map')
Reported-by: Stephen Rothwell <sfr@canb.auug.org.au>
Fixes: c6bf1adaecaa ("apparmor: add the ability to mediate signals")
Signed-off-by: John Johansen <john.johansen@canonical.com>
sparse reports
poisoning the proxy->label before freeing the struct is resulting in
a sparse build warning.
../security/apparmor/label.c:52:30: warning: incorrect type in assignment (different address spaces)
../security/apparmor/label.c:52:30: expected struct aa_label [noderef] <asn:4>*label
../security/apparmor/label.c:52:30: got struct aa_label *<noident>
fix with RCU_INIT_POINTER as this is one of those cases where
rcu_assign_pointer() is not needed.
Signed-off-by: John Johansen <john.johansen@canonical.com>
Generally unconfined has early bailout tests and does not need the
dfas initialized, however if an early bailout test is ever missed
it will result in an oops.
Be defensive and initialize the unconfined profile to have null dfas
(no permission) so if an early bailout test is missed we fail
closed (no perms granted) instead of oopsing.
Signed-off-by: John Johansen <john.johansen@canonical.com>
There is a race when null- profile is being created between the
initial lookup/creation of the profile and lock/addition of the
profile. This could result in multiple version of a profile being
added to the list which need to be removed/replaced.
Since these are learning profile their is no affect on mediation.
Signed-off-by: John Johansen <john.johansen@canonical.com>
new_null_profile will need to use some of the profile lookup fns()
so move instead of doing forward fn declarations.
Signed-off-by: John Johansen <john.johansen@canonical.com>
Switch unpack auditing to using the generic name field in the audit
struct and make it so we can start adding new info messages about
why an unpack failed.
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Seth Arnold <seth.arnold@canonical.com>
With apparmor policy virtualization based on policy namespace View's
we don't generally want/need absolute root based views, however there
are cases like debugging and some secid based conversions where
using a root based view is important.
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Seth Arnold <seth.arnold@canonical.com>
Add signal mediation where the signal can be mediated based on the
signal, direction, or the label or the peer/target. The signal perms
are verified on a cross check to ensure policy consistency in the case
of incremental policy load/replacement.
The optimization of skipping the cross check when policy is guaranteed
to be consistent (single compile unit) remains to be done.
policy rules have the form of
SIGNAL_RULE = [ QUALIFIERS ] 'signal' [ SIGNAL ACCESS PERMISSIONS ]
[ SIGNAL SET ] [ SIGNAL PEER ]
SIGNAL ACCESS PERMISSIONS = SIGNAL ACCESS | SIGNAL ACCESS LIST
SIGNAL ACCESS LIST = '(' Comma or space separated list of SIGNAL
ACCESS ')'
SIGNAL ACCESS = ( 'r' | 'w' | 'rw' | 'read' | 'write' | 'send' |
'receive' )
SIGNAL SET = 'set' '=' '(' SIGNAL LIST ')'
SIGNAL LIST = Comma or space separated list of SIGNALS
SIGNALS = ( 'hup' | 'int' | 'quit' | 'ill' | 'trap' | 'abrt' |
'bus' | 'fpe' | 'kill' | 'usr1' | 'segv' | 'usr2' |
'pipe' | 'alrm' | 'term' | 'stkflt' | 'chld' | 'cont' |
'stop' | 'stp' | 'ttin' | 'ttou' | 'urg' | 'xcpu' |
'xfsz' | 'vtalrm' | 'prof' | 'winch' | 'io' | 'pwr' |
'sys' | 'emt' | 'exists' | 'rtmin+0' ... 'rtmin+32'
)
SIGNAL PEER = 'peer' '=' AARE
eg.
signal, # allow all signals
signal send set=(hup, kill) peer=foo,
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Seth Arnold <seth.arnold@canonical.com>
We accidentally forgot to set the error code on this path. It means we
return NULL instead of an error pointer. I looked through a bunch of
callers and I don't think it really causes a big issue, but the
documentation says we're supposed to return error pointers here.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Serge Hallyn <serge@hallyn.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
verify_header() is currently checking whether interface version is less
than 5 *and* greater than 7, which always evaluates to false. Instead it
should check whether it is less than 5 *or* greater than 7.
Signed-off-by: Christos Gkekas <chris.gekas@gmail.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
with W=2:
security/apparmor/policy_unpack.c: In function ‘unpack_trans_table’:
security/apparmor/policy_unpack.c:469: warning: declaration of ‘pos’ shadows a previous local
security/apparmor/policy_unpack.c:451: warning: shadowed declaration is here
Rename the old "pos" to "saved_pos" to fix this.
Fixes: 5379a33120 ("apparmor: support v7 transition format compatible with label_parse")
Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
Reviewed-by: Serge Hallyn <serge@hallyn.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
FW needs the 0th GID Entry in the Table to be preserved before
it's corresponding QP1 is deleted, else it will fail the cmd.
Check for the same and return to prevent error msg being logged for
cmd failure.
Signed-off-by: Somnath Kotur <somnath.kotur@broadcom.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
This patch fixes a memory leak issue when alloc_mr is used.
mr->pages and mr->npages are used only in alloc_mr path. mr->pages
is allocated when alloc_mr is called or in the case of FRMR, while
creating the MR. mr->npages is updated only when the MR created
is used i.e. after invoking map_mr_sg verb, before data transfer.
In the dereg_mr path, if mr->npages is 0, driver ends up not freeing
the memory created.
Removing the npages check from the dereg_mr path for kernel consumers.
Signed-off-by: Selvin Xavier <selvin.xavier@broadcom.com>
Signed-off-by: Somnath Kotur <somnath.kotur@broadcom.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
When there is a NETDEV_UNREGISTER event, bnxt_re driver calls
ib_unregister_device() (RTNL lock held).
ib_unregister_device attempts to flush a worker queue scheduled by
ib_core and that queue might have a pending ib_query_port().
ib_query_port in turn calls bnxt_re_query_port(), which while querying the
link speed using ib_get_eth_speed(), tries to acquire the rtnl_lock() which
was already held by NETDEV_UNREGISTER.
Fixing the issue by removing the link speed query from bnxt_re_query_port()
Now the speed is queried post a successful ib_register_device or whenever
there is a NETDEV_CHANGE event.
Signed-off-by: Somnath Kotur <somnath.kotur@broadcom.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
Upon receipt of the NETDEV_REGISTER event from the netdev notifier chain,
the IB stack registration is spawned off to a workqueue since that also
requires an rtnl lock.
There could be 2 kinds of races between the NETDEV_REGISTER and the
NETDEV_UNREGISTER event handling.
a)The NETDEV_UNREGISTER event is received in rapid succession after
the NETDEV_REGISTER event even before the work queue got a chance to run.
b)The NETDEV_UNREGISTER event is received while the workqueue that handles
registration with the IB stack is still in progress.
Handle both the races with a bit flag that is set just before the work item
is queued and cleared in the workqueue after the event is handled just
before the workqueue item is freed.
While adding the new flag, it was noted that the flags are all used in
*_bit() operations which expect a bit number and not a literal constant
with a bit set. So change the numbers to be bit numbers.
Signed-off-by: Somnath Kotur <somnath.kotur@broadcom.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
Clean up all devices added to the bnxt_re_dev_list in the
module_exit entry point.
Signed-off-by: Somnath Kotur <somnath.kotur@broadcom.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
Driver must assign the user supplied compare/swap values in
the wqe to successfully complete the atomic compare and
swap operation.
Signed-off-by: Devesh Sharma <devesh.sharma@broadcom.com>
Signed-off-by: Somnath Kotur <somnath.kotur@broadcom.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
Once a cmd to FW times out(after 20s) it is reasonable to
assume the FW or atleast the control path is dead.
No point issuing further cmds to the FW as each subsequent cmd
with another 20s timeout will cascade resulting in unnecessary
traces and/or NMI Lockups.
Signed-off-by: Somnath Kotur <somnath.kotur@broadcom.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
The MTU value in the qplib_qp.mtu should be
consistent with whatever mtu was set during
INIT to RTR.The Next PSN and number of packets
are calculated based on this member in the qplib_qp structure.
Signed-off-by: Narender Reddy <narender.reddy@broadcom.com>
Signed-off-by: Devesh Sharma <devesh.sharma@broadcom.com>
Signed-off-by: Somnath Kotur <somnath.kotur@broadcom.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
Commit 24587380f6 ("parisc: Add MADV_HWPOISON and MADV_SOFT_OFFLINE") added
the necessary constants to handle hardware-poisoning. Those were needed to
support the page deallocation feature from firmware.
But I completely missed to add the relevant fault handler code. This now
showed up when I ran the madvise07 testcase from the Linux Test Project,
which failed with a kernel BUG at arch/parisc/mm/fault.c:320.
With this patch the parisc kernel now behaves like other platforms and
gives the same kernel syslog warnings when poisoning pages.
Signed-off-by: Helge Deller <deller@gmx.de>
While scanning the PDT for reported broken memory modules, warn if the
initrd was coincidentally loaded into bad memory.
Signed-off-by: Helge Deller <deller@gmx.de>
According to the programming note at page 1-31 of the PA 1.1 Firmware
Architecture document, one should use the PDC_INSTR firmware function to
get the instruction that invokes a PDCE_CHECK in the HPMC handler. This
patch follows this note and sets the instruction which has been a nop up
until now.
Testing on a C3000 and C8000 showed that this firmware call isn't
implemented on those machines, so maybe it's only needed on older ones.
Signed-off-by: Helge Deller <deller@gmx.de>
Willem de Bruijn
Linus Torvalds
Stefan Schmidt
Steve French
Tobias Klauser
Rafael J. Wysocki
Helge Deller
John Johansen
Dan Carpenter
Christos Gkekas
Geert Uytterhoeven
Somnath Kotur
Selvin Xavier
Devesh Sharma