- 15 Jul, 2015 1 commit
-
-
David Woodhouse authored
This is not required for the module signing key, although it doesn't do any harm — it just means that any additional certs in the PEM file are also trusted by the kernel. But it does allow us to use the extract-cert tool for processing the extra certs from CONFIG_SYSTEM_TRUSTED_KEYS, instead of that horrid awk|base64 hack. Also cope with being invoked with no input file, creating an empty output file as a result. Signed-off-by: David Woodhouse <David.Woodhouse@intel.com> Signed-off-by: David Howells <dhowells@redhat.com>
-
- 14 Jul, 2015 21 commits
-
-
David Howells authored
Make sign-file use the OpenSSL CMS routines to generate a message to be used as the signature blob instead of the PKCS#7 routines. This allows us to change how the matching X.509 certificate is selected. With PKCS#7 the only option is to match on the serial number and issuer fields of an X.509 certificate; with CMS, we also have the option of matching by subjectKeyId extension. The new behaviour is selected with the "-k" flag. Without the -k flag specified, the output is pretty much identical to the PKCS#7 output. Whilst we're at it, don't include the S/MIME capability list in the message as it's irrelevant to us. Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-By: David Woodhouse <David.Woodhouse@intel.com
-
David Howells authored
Since CMS is an evolution of PKCS#7, with much of the ASN.1 being compatible, add support for CMS signed-data messages also [RFC5652 sec 5]. Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-By: David Woodhouse <David.Woodhouse@intel.com>
-
David Howells authored
The key identifiers fabricated from an X.509 certificate are currently: (A) Concatenation of serial number and issuer (B) Concatenation of subject and subjectKeyID (SKID) When verifying one X.509 certificate with another, the AKID in the target can be used to match the authoritative certificate. The AKID can specify the match in one or both of two ways: (1) Compare authorityCertSerialNumber and authorityCertIssuer from the AKID to identifier (A) above. (2) Compare keyIdentifier from the AKID plus the issuer from the target certificate to identifier (B) above. When verifying a PKCS#7 message, the only available comparison is between the IssuerAndSerialNumber field and identifier (A) above. However, a subsequent patch adds CMS support. Whilst CMS still supports a match on IssuerAndSerialNumber as for PKCS#7, it also supports an alternative - which is the SubjectKeyIdentifier field. This is used to match to an X.509 certificate on the SKID alone. No subject information is available to be used. To this end change the fabrication of (B) above to be from the X.509 SKID alone. The AKID in keyIdentifier form then only matches on that and does not include the issuer. Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-By: David Woodhouse <David.Woodhouse@intel.com>
-
David Howells authored
Fix the handling of CHOICE types in the ASN.1 compiler to make SEQUENCE and SET elements in a CHOICE be correctly rendered as skippable and conditional as appropriate. For example, in the following ASN.1: Foo ::= SEQUENCE { w1 INTEGER, w2 Bar, w3 OBJECT IDENTIFIER } Bar ::= CHOICE { x1 Seq1, x2 [0] IMPLICIT OCTET STRING, x3 Seq2, x4 SET OF INTEGER } Seq1 ::= SEQUENCE { y1 INTEGER, y2 INTEGER, y3 INTEGER } Seq2 ::= SEQUENCE { z1 BOOLEAN, z2 BOOLEAN, z3 BOOLEAN } the output in foo.c generated by: ./scripts/asn1_compiler foo.asn1 foo.c foo.h included: // Bar // Seq1 [ 4] = ASN1_OP_MATCH, [ 5] = _tag(UNIV, CONS, SEQ), ... [ 13] = ASN1_OP_COND_MATCH_OR_SKIP, // x2 [ 14] = _tagn(CONT, PRIM, 0), // Seq2 [ 15] = ASN1_OP_MATCH, [ 16] = _tag(UNIV, CONS, SEQ), ... [ 24] = ASN1_OP_COND_MATCH_JUMP_OR_SKIP, // x4 [ 25] = _tag(UNIV, CONS, SET), ... [ 27] = ASN1_OP_COND_FAIL, as a result of the CHOICE - but this is wrong on lines 4 and 15 because both of these should be skippable (one and only one of the four can be picked) and the one on line 15 should also be conditional so that it is ignored if anything before it matches. After the patch, it looks like: // Bar // Seq1 [ 4] = ASN1_OP_MATCH_JUMP_OR_SKIP, // x1 [ 5] = _tag(UNIV, CONS, SEQ), ... [ 7] = ASN1_OP_COND_MATCH_OR_SKIP, // x2 [ 8] = _tagn(CONT, PRIM, 0), // Seq2 [ 9] = ASN1_OP_COND_MATCH_JUMP_OR_SKIP, // x3 [ 10] = _tag(UNIV, CONS, SEQ), ... [ 12] = ASN1_OP_COND_MATCH_JUMP_OR_SKIP, // x4 [ 13] = _tag(UNIV, CONS, SET), ... [ 15] = ASN1_OP_COND_FAIL, where all four options are skippable and the second, third and fourth are all conditional, as is the backstop at the end. This hasn't been a problem so far because in the ASN.1 specs we have are either using primitives or are using SET OF and SEQUENCE OF which are handled correctly. Whilst we're at it, also make sure that element labels get included in comments in the output for elements that have complex types. Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-By: David Woodhouse <David.Woodhouse@intel.com>
-
David Howells authored
Add an ASN.1 compiler option to dump the element tree to stdout. Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-By: David Woodhouse <David.Woodhouse@intel.com>
-
David Howells authored
We only support PKCS#7 signed-data [RFC2315 sec 9] content at the top level, so reject anything else. Further, check that the version numbers in SignedData and SignerInfo are 1 in both cases. Note that we don't restrict the inner content type. In the PKCS#7 code we don't parse the data attached there, but merely verify the signature over it. Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-By: David Woodhouse <David.Woodhouse@intel.com>
-
David Woodhouse authored
Let the user explicitly provide a file containing trusted keys, instead of just automatically finding files matching *.x509 in the build tree and trusting whatever we find. This really ought to be an *explicit* configuration, and the build rules for dealing with the files were fairly painful too. Signed-off-by: David Woodhouse <David.Woodhouse@intel.com> Signed-off-by: David Howells <dhowells@redhat.com>
-
David Woodhouse authored
The current rule for generating signing_key.priv and signing_key.x509 is a classic example of a bad rule which has a tendency to break parallel make. When invoked to create *either* target, it generates the other target as a side-effect that make didn't predict. So let's switch to using a single file signing_key.pem which contains both key and certificate. That matches what we do in the case of an external key specified by CONFIG_MODULE_SIG_KEY anyway, so it's also slightly cleaner. Signed-off-by: David Woodhouse <David.Woodhouse@intel.com> Signed-off-by: David Howells <dhowells@redhat.com>
-
David Woodhouse authored
Where an external PEM file or PKCS#11 URI is given, we can get the cert from it for ourselves instead of making the user drop signing_key.x509 in place for us. Signed-off-by: David Woodhouse <David.Woodhouse@intel.com> Signed-off-by: David Howells <dhowells@redhat.com>
-
David Woodhouse authored
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com> Signed-off-by: David Howells <dhowells@redhat.com>
-
David Woodhouse authored
This is only the key; the corresponding *cert* still needs to be in $(topdir)/signing_key.x509. And there's no way to actually use this from the build system yet. Signed-off-by: David Woodhouse <David.Woodhouse@intel.com> Signed-off-by: David Howells <dhowells@redhat.com>
-
David Woodhouse authored
We don't want this in the Kconfig since it might then get exposed in /proc/config.gz. So make it a parameter to Kbuild instead. This also means we don't have to jump through hoops to strip quotes from it, as we would if it was a config option. Signed-off-by: David Woodhouse <David.Woodhouse@intel.com> Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
-
David Woodhouse authored
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com> Signed-off-by: David Howells <dhowells@redhat.com>
-
David Howells authored
Extract the function that drives the PKCS#7 signature verification given a data blob and a PKCS#7 blob out from the module signing code and lump it with the system keyring code as it's generic. This makes it independent of module config options and opens it to use by the firmware loader. Signed-off-by: David Howells <dhowells@redhat.com> Cc: Luis R. Rodriguez <mcgrof@suse.com> Cc: Rusty Russell <rusty@rustcorp.com.au> Cc: Ming Lei <ming.lei@canonical.com> Cc: Seth Forshee <seth.forshee@canonical.com> Cc: Kyle McMartin <kyle@kernel.org>
-
David Howells authored
system_keyring.c doesn't need to #include module-internal.h as it doesn't use the one thing that exports. Remove the inclusion. Signed-off-by: David Howells <dhowells@redhat.com>
-
Luis R. Rodriguez authored
Make the -d option (which currently isn't actually wired to anything) write out the PKCS#7 message as per the -p option and then exit without either modifying the source or writing out a compound file of the source, signature and metadata. This will be useful when firmware signature support is added upstream as firmware will be left intact, and we'll only require the signature file. The descriptor is implicit by file extension and the file's own size. Signed-off-by: Luis R. Rodriguez <mcgrof@suse.com> Signed-off-by: David Howells <dhowells@redhat.com>
-
David Howells authored
Move to using PKCS#7 messages as module signatures because: (1) We have to be able to support the use of X.509 certificates that don't have a subjKeyId set. We're currently relying on this to look up the X.509 certificate in the trusted keyring list. (2) PKCS#7 message signed information blocks have a field that supplies the data required to match with the X.509 certificate that signed it. (3) The PKCS#7 certificate carries fields that specify the digest algorithm used to generate the signature in a standardised way and the X.509 certificates specify the public key algorithm in a standardised way - so we don't need our own methods of specifying these. (4) We now have PKCS#7 message support in the kernel for signed kexec purposes and we can make use of this. To make this work, the old sign-file script has been replaced with a program that needs compiling in a previous patch. The rules to build it are added here. Signed-off-by: David Howells <dhowells@redhat.com> Tested-by: Vivek Goyal <vgoyal@redhat.com>
-
David Howells authored
Provide a utility that: (1) Digests a module using the specified hash algorithm (typically sha256). [The digest can be dumped into a file by passing the '-d' flag] (2) Generates a PKCS#7 message that: (a) Has detached data (ie. the module content). (b) Is signed with the specified private key. (c) Refers to the specified X.509 certificate. (d) Has an empty X.509 certificate list. [The PKCS#7 message can be dumped into a file by passing the '-p' flag] (3) Generates a signed module by concatenating the old module, the PKCS#7 message, a descriptor and a magic string. The descriptor contains the size of the PKCS#7 message and indicates the id_type as PKEY_ID_PKCS7. (4) Either writes the signed module to the specified destination or renames it over the source module. This allows module signing to reuse the PKCS#7 handling code that was added for PE file parsing for signed kexec. Note that the utility is written in C and must be linked against the OpenSSL crypto library. Note further that I have temporarily dropped support for handling externally created signatures until we can work out the best way to do those. Hopefully, whoever creates the signature can give me a PKCS#7 certificate. Signed-off-by: David Howells <dhowells@redhat.com> Tested-by: Vivek Goyal <vgoyal@redhat.com>
-
David Howells authored
It is possible for a PKCS#7 message to have detached data. However, to verify the signatures on a PKCS#7 message, we have to be able to digest the data. Provide a function to supply that data. An error is given if the PKCS#7 message included embedded data. This is used in a subsequent patch to supply the data to module signing where the signature is in the form of a PKCS#7 message with detached data, whereby the detached data is the module content that is signed. Signed-off-by: David Howells <dhowells@redhat.com> Tested-by: Vivek Goyal <vgoyal@redhat.com>
-
David Howells authored
If an X.509 certificate has an AuthorityKeyIdentifier extension that provides an issuer and serialNumber, then make it so that these are used in preference to the keyIdentifier field also held therein for searching for the signing certificate. If both the issuer+serialNumber and the keyIdentifier are supplied, then the certificate is looked up by the former but the latter is checked as well. If the latter doesn't match the subjectKeyIdentifier of the parent certificate, EKEYREJECTED is returned. This makes it possible to chain X.509 certificates based on the issuer and serialNumber fields rather than on subjectKeyIdentifier. This is necessary as we are having to deal with keys that are represented by X.509 certificates that lack a subjectKeyIdentifier. Signed-off-by: David Howells <dhowells@redhat.com> Tested-by: Vivek Goyal <vgoyal@redhat.com>
-
David Howells authored
Extract both parts of the AuthorityKeyIdentifier, not just the keyIdentifier, as the second part can be used to match X.509 certificates by issuer and serialNumber. Signed-off-by: David Howells <dhowells@redhat.com> Tested-by: Vivek Goyal <vgoyal@redhat.com>
-
- 13 Jul, 2015 3 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/netLinus Torvalds authored
Pull networking fixes from David Miller: 1) Missing list head init in bluetooth hidp session creation, from Tedd Ho-Jeong An. 2) Don't leak SKB in bridge netfilter error paths, from Florian Westphal. 3) ipv6 netdevice private leak in netfilter bridging, fixed by Julien Grall. 4) Fix regression in IP over hamradio bpq encapsulation, from Ralf Baechle. 5) Fix race between rhashtable resize events and table walks, from Phil Sutter. 6) Missing validation of IFLA_VF_INFO netlink attributes, fix from Daniel Borkmann. 7) Missing security layer socket state initialization in tipc code, from Stephen Smalley. 8) Fix shared IRQ handling in boomerang 3c59x interrupt handler, from Denys Vlasenko. 9) Missing minor_idr destroy on module unload on macvtap driver, from Johannes Thumshirn. 10) Various pktgen kernel thread races, from Oleg Nesterov. 11) Fix races that can cause packets to be processed in the backlog even after a device attached to that SKB has been fully unregistered. From Julian Anastasov. 12) bcmgenet driver doesn't account packet drops vs. errors properly, fix from Petri Gynther. 13) Array index validation and off by one fix in DSA layer from Florian Fainelli * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (66 commits) can: replace timestamp as unique skb attribute ARM: dts: dra7x-evm: Prevent glitch on DCAN1 pinmux can: c_can: Fix default pinmux glitch at init can: rcar_can: unify error messages can: rcar_can: print request_irq() error code can: rcar_can: fix typo in error message can: rcar_can: print signed IRQ # can: rcar_can: fix IRQ check net: dsa: Fix off-by-one in switch address parsing net: dsa: Test array index before use net: switchdev: don't abort unsupported operations net: bcmgenet: fix accounting of packet drops vs errors cdc_ncm: update specs URL Doc: z8530book: Fix typo in API-z8530-sync-txdma-open.html net: inet_diag: always export IPV6_V6ONLY sockopt for listening sockets bridge: mdb: allow the user to delete mdb entry if there's a querier net: call rcu_read_lock early in process_backlog net: do not process device backlog during unregistration bridge: fix potential crash in __netdev_pick_tx() net: axienet: Fix devm_ioremap_resource return value check ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6Linus Torvalds authored
Pull crypto fixes from Herbert Xu: "This fixes a duplicate dma_unmap_sg call in omap-des and reentrancy bugs in the powerpc nx driver which may cause bogus output or worse memory corruption" * git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: crypto: nx - Fix reentrancy bugs crypto: omap-des - Fix unmapping of dma channels
-
David S. Miller authored
Merge tag 'linux-can-fixes-for-4.2-20150712' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can Marc Kleine-Budde says: ==================== pull-request: can 2015-07-12 this is a pull request of 8 patchs for net/master. Sergei Shtylyov contributes 5 patches for the rcar_can driver, fixing the IRQ check and several info and error messages. There are two patches by J.D. Schroeder and Roger Quadros for the c_can driver and dra7x-evm device tree, which precent a glitch in the DCAN1 pinmux. Oliver Hartkopp provides a better approach to make the CAN skbs unique, the timestamp is replaced by a counter. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 12 Jul, 2015 15 commits
-
-
Linus Torvalds authored
-
Linus Torvalds authored
This reverts commit dec4f799. Jörg Otte reports a NULL pointder dereference due to this commit, as 'crtc_state' very much can be NULL: crtc_state = state->base.state ? intel_atomic_get_crtc_state(state->base.state, intel_crtc) : NULL; So the change to test 'crtc_state->base.active' cannot possibly be correct as-is. There may be some other minimal fix (like just checking crtc_state for NULL), but I'm just reverting it now for the rc2 release, and people like Daniel Vetter who actually know this code will figure out what the right solution is in the longer term. Reported-and-bisected-by: Jörg Otte <jrg.otte@gmail.com> Cc: Ander Conselvan de Oliveira <ander.conselvan.de.oliveira@intel.com> Cc: Jani Nikula <jani.nikula@linux.intel.com> Cc: Daniel Vetter <daniel.vetter@intel.com> CC: Maarten Lankhorst <maarten.lankhorst@linux.intel.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfsLinus Torvalds authored
Pull VFS fixes from Al Viro: "Fixes for this cycle regression in overlayfs and a couple of long-standing (== all the way back to 2.6.12, at least) bugs" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: freeing unlinked file indefinitely delayed fix a braino in ovl_d_select_inode() 9p: don't leave a half-initialized inode sitting around
-
git://git.linux-mips.org/pub/scm/ralf/upstream-linusLinus Torvalds authored
Pull MIPS fixes from Ralf Baechle: "A fair number of 4.2 fixes also because Markos opened the flood gates. - Patch up the math used calculate the location for the page bitmap. - The FDC (Not what you think, FDC stands for Fast Debug Channel) IRQ around was causing issues on non-Malta platforms, so move the code to a Malta specific location. - A spelling fix replicated through several files. - Fix to the emulation of an R2 instruction for R6 cores. - Fix the JR emulation for R6. - Further patching of mindless 64 bit issues. - Ensure the kernel won't crash on CPUs with L2 caches with >= 8 ways. - Use compat_sys_getsockopt for O32 ABI on 64 bit kernels. - Fix cache flushing for multithreaded cores. - A build fix" * 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus: MIPS: O32: Use compat_sys_getsockopt. MIPS: c-r4k: Extend way_string array MIPS: Pistachio: Support CDMM & Fast Debug Channel MIPS: Malta: Make GIC FDC IRQ workaround Malta specific MIPS: c-r4k: Fix cache flushing for MT cores Revert "MIPS: Kconfig: Disable SMP/CPS for 64-bit" MIPS: cps-vec: Use macros for various arithmetics and memory operations MIPS: kernel: cps-vec: Replace KSEG0 with CKSEG0 MIPS: kernel: cps-vec: Use ta0-ta3 pseudo-registers for 64-bit MIPS: kernel: cps-vec: Replace mips32r2 ISA level with mips64r2 MIPS: kernel: cps-vec: Replace 'la' macro with PTR_LA MIPS: kernel: smp-cps: Fix 64-bit compatibility errors due to pointer casting MIPS: Fix erroneous JR emulation for MIPS R6 MIPS: Fix branch emulation for BLTC and BGEC instructions MIPS: kernel: traps: Fix broken indentation MIPS: bootmem: Don't use memory holes for page bitmap MIPS: O32: Do not handle require 32 bytes from the stack to be readable. MIPS, CPUFREQ: Fix spelling of Institute. MIPS: Lemote 2F: Fix build caused by recent mass rename.
-
Oliver Hartkopp authored
Commit 514ac99c "can: fix multiple delivery of a single CAN frame for overlapping CAN filters" requires the skb->tstamp to be set to check for identical CAN skbs. Without timestamping to be required by user space applications this timestamp was not generated which lead to commit 36c01245 "can: fix loss of CAN frames in raw_rcv" - which forces the timestamp to be set in all CAN related skbuffs by introducing several __net_timestamp() calls. This forces e.g. out of tree drivers which are not using alloc_can{,fd}_skb() to add __net_timestamp() after skbuff creation to prevent the frame loss fixed in mainline Linux. This patch removes the timestamp dependency and uses an atomic counter to create an unique identifier together with the skbuff pointer. Btw: the new skbcnt element introduced in struct can_skb_priv has to be initialized with zero in out-of-tree drivers which are not using alloc_can{,fd}_skb() too. Signed-off-by: Oliver Hartkopp <socketcan@hartkopp.net> Cc: linux-stable <stable@vger.kernel.org> Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
-
Roger Quadros authored
Driver core sets "default" pinmux on on probe and CAN driver sets "sleep" pinmux during register. This causes a small window where the CAN pins are in "default" state with the DCAN module being disabled. Change the "default" state to be like sleep so this glitch is avoided. Add a new "active" state that is used by the driver when CAN is actually active. Signed-off-by: Roger Quadros <rogerq@ti.com> Cc: linux-stable <stable@vger.kernel.org> Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
-
J.D. Schroeder authored
The previous change 3973c526 (net: can: c_can: Disable pins when CAN interface is down) causes a slight glitch on the pinctrl settings when used. Since commit ab78029e (drivers/pinctrl: grab default handles from device core), the device core will automatically set the default pins. This causes the pins to be momentarily set to the default and then to the sleep state in register_c_can_dev(). By adding an optional "enable" state, boards can set the default pin state to be disabled and avoid the glitch when the switch from default to sleep first occurs. If the "enable" state is not available c_can_pinctrl_select_state() falls back to using the "default" pinctrl state. [Roger Q] - Forward port to v4.2 and use pinctrl_get_select(). Signed-off-by: J.D. Schroeder <jay.schroeder@garmin.com> Signed-off-by: Roger Quadros <rogerq@ti.com> Reviewed-by: Grygorii Strashko <grygorii.strashko@ti.com> Cc: linux-stable <stable@vger.kernel.org> Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
-
Sergei Shtylyov authored
All the error messages in the driver but the ones from devm_clk_get() failures use similar format. Make those two messages consitent with others. Signed-off-by: Sergei Shtylyov <sergei.shtylyov@cogentembedded.com> Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
-
Sergei Shtylyov authored
Also print the error code when the request_irq() call fails in rcar_can_open(), rewording the error message... Signed-off-by: Sergei Shtylyov <sergei.shtylyov@cogentembedded.com> Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
-
Sergei Shtylyov authored
Fix typo in the first error message printed by rcar_can_open(). Based on the original patch by Vladimir Barinov. Fixes: 862e2b6a ("can: rcar_can: support all input clocks") Reported-by: Vladimir Barinov <vladimir.barinov@cogentembedded.com> Signed-off-by: Sergei Shtylyov <sergei.shtylyov@cogentembedded.com> Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
-
Sergei Shtylyov authored
Printing IRQ # using "%x" and "%u" unsigned formats isn't quite correct as 'ndev->irq' is of type *int*, so the "%d" format needs to be used instead. While fixing this, beautify the dev_info() message in rcar_can_probe() a bit. Fixes: fd115931 ("can: add Renesas R-Car CAN driver") Signed-off-by: Sergei Shtylyov <sergei.shtylyov@cogentembedded.com> Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
-
Sergei Shtylyov authored
rcar_can_probe() regards 0 as a wrong IRQ #, despite platform_get_irq() that it calls returns negative error code in that case. This leads to the following being printed to the console when attempting to open the device: error requesting interrupt fffffffa because rcar_can_open() calls request_irq() with a negative IRQ #, and that function naturally fails with -EINVAL. Check for the negative error codes instead and propagate them upstream instead of just returning -ENODEV. Fixes: fd115931 ("can: add Renesas R-Car CAN driver") Signed-off-by: Sergei Shtylyov <sergei.shtylyov@cogentembedded.com> Cc: linux-stable <stable@vger.kernel.org> Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
-
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tipLinus Torvalds authored
Pull x86 fixes from Thomas Gleixner: - the high latency PIT detection fix, which slipped through the cracks for rc1 - a regression fix for the early printk mechanism - the x86 part to plug irq/vector related hotplug races - move the allocation of the espfix pages on cpu hotplug to non atomic context. The current code triggers a might_sleep() warning. - a series of KASAN fixes addressing boot crashes and usability - a trivial typo fix for Kconfig help text * 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/kconfig: Fix typo in the CONFIG_CMDLINE_BOOL help text x86/irq: Retrieve irq data after locking irq_desc x86/irq: Use proper locking in check_irq_vectors_for_cpu_disable() x86/irq: Plug irq vector hotplug race x86/earlyprintk: Allow early_printk() to use console style parameters like '115200n8' x86/espfix: Init espfix on the boot CPU side x86/espfix: Add 'cpu' parameter to init_espfix_ap() x86/kasan: Move KASAN_SHADOW_OFFSET to the arch Kconfig x86/kasan: Add message about KASAN being initialized x86/kasan: Fix boot crash on AMD processors x86/kasan: Flush TLBs after switching CR3 x86/kasan: Fix KASAN shadow region page tables x86/init: Clear 'init_level4_pgt' earlier x86/tsc: Let high latency PIT fail fast in quick_pit_calibrate()
-
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tipLinus Torvalds authored
Pull timer fixes from Thomas Gleixner: "This update from the timer departement contains: - A series of patches which address a shortcoming in the tick broadcast code. If the broadcast device is not available or an hrtimer emulated broadcast device, some of the original assumptions lead to boot failures. I rather plugged all of the corner cases instead of only addressing the issue reported, so the change got a little larger. Has been extensivly tested on x86 and arm. - Get rid of the last holdouts using do_posix_clock_monotonic_gettime() - A regression fix for the imx clocksource driver - An update to the new state callbacks mechanism for clockevents. This is required to simplify the conversion, which will take place in 4.3" * 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: tick/broadcast: Prevent NULL pointer dereference time: Get rid of do_posix_clock_monotonic_gettime cris: Replace do_posix_clock_monotonic_gettime() tick/broadcast: Unbreak CONFIG_GENERIC_CLOCKEVENTS=n build tick/broadcast: Handle spurious interrupts gracefully tick/broadcast: Check for hrtimer broadcast active early tick/broadcast: Return busy when IPI is pending tick/broadcast: Return busy if periodic mode and hrtimer broadcast tick/broadcast: Move the check for periodic mode inside state handling tick/broadcast: Prevent deep idle if no broadcast device available tick/broadcast: Make idle check independent from mode and config tick/broadcast: Sanity check the shutdown of the local clock_event tick/broadcast: Prevent hrtimer recursion clockevents: Allow set-state callbacks to be optional clocksource/imx: Define clocksource for mx27
-
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tipLinus Torvalds authored
Pull irq fix from Thomas Gleixner: "A single fix for a cpu hotplug race vs. interrupt descriptors: Prevent irq setup/teardown across the cpu starting/dying parts of cpu hotplug so that the starting/dying cpu has a stable view of the descriptor space. This has been an issue for all architectures in the cpu dying phase, where interrupts are migrated away from the dying cpu. In the starting phase its mostly a x86 issue vs the vector space update" * 'irq-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: hotplug: Prevent alloc/free of irq descriptors during cpu up/down
-