1. 08 Jul, 2018 6 commits
  2. 01 Jul, 2018 7 commits
    • Denis Efremov's avatar
      crypto: skcipher - remove the exporting of skcipher_walk_next · e4e47306
      Denis Efremov authored
      The function skcipher_walk_next declared as static and marked as
      EXPORT_SYMBOL_GPL. It's a bit confusing for internal function to be
      exported. The area of visibility for such function is its .c file
      and all other modules. Other *.c files of the same module can't use it,
      despite all other modules can. Relying on the fact that this is the
      internal function and it's not a crucial part of the API, the patch
      just removes the EXPORT_SYMBOL_GPL marking of skcipher_walk_next.
      
      Found by Linux Driver Verification project (linuxtesting.org).
      Signed-off-by: default avatarDenis Efremov <efremov@linux.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      e4e47306
    • Farhan Ali's avatar
      crypto: virtio - Register an algo only if it's supported · d0d859bb
      Farhan Ali authored
      Register a crypto algo with the Linux crypto layer only if
      the algorithm is supported by the backend virtio-crypto
      device.
      
      Also route crypto requests to a virtio-crypto
      device, only if it can support the requested service and
      algorithm.
      Signed-off-by: default avatarFarhan Ali <alifm@linux.ibm.com>
      Acked-by: default avatarGonglei <arei.gonglei@huawei.com>
      Acked-by: default avatarChristian Borntraeger <borntraeger@de.ibm.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      d0d859bb
    • Farhan Ali's avatar
      crypto: virtio - Read crypto services and algorithm masks · b551bac1
      Farhan Ali authored
      Read the crypto services and algorithm masks which provides
      information about the services and algorithms supported by
      virtio-crypto backend.
      Signed-off-by: default avatarFarhan Ali <alifm@linux.ibm.com>
      Acked-by: default avatarGonglei <arei.gonglei@huawei.com>
      Acked-by: default avatarChristian Borntraeger <borntraeger@de.ibm.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      b551bac1
    • Eric Biggers's avatar
      crypto: vmac - remove insecure version with hardcoded nonce · 0917b873
      Eric Biggers authored
      Remove the original version of the VMAC template that had the nonce
      hardcoded to 0 and produced a digest with the wrong endianness.  I'm
      unsure whether this had users or not (there are no explicit in-kernel
      references to it), but given that the hardcoded nonce made it wildly
      insecure unless a unique key was used for each message, let's try
      removing it and see if anyone complains.
      
      Leave the new "vmac64" template that requires the nonce to be explicitly
      specified as the first 16 bytes of data and uses the correct endianness
      for the digest.
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      0917b873
    • Eric Biggers's avatar
      crypto: vmac - add nonced version with big endian digest · ed331ada
      Eric Biggers authored
      Currently the VMAC template uses a "nonce" hardcoded to 0, which makes
      it insecure unless a unique key is set for every message.  Also, the
      endianness of the final digest is wrong: the implementation uses little
      endian, but the VMAC specification has it as big endian, as do other
      VMAC implementations such as the one in Crypto++.
      
      Add a new VMAC template where the nonce is passed as the first 16 bytes
      of data (similar to what is done for Poly1305's nonce), and the digest
      is big endian.  Call it "vmac64", since the old name of simply "vmac"
      didn't clarify whether the implementation is of VMAC-64 or of VMAC-128
      (which produce 64-bit and 128-bit digests respectively); so we fix the
      naming ambiguity too.
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      ed331ada
    • Eric Biggers's avatar
      crypto: vmac - separate tfm and request context · bb296481
      Eric Biggers authored
      syzbot reported a crash in vmac_final() when multiple threads
      concurrently use the same "vmac(aes)" transform through AF_ALG.  The bug
      is pretty fundamental: the VMAC template doesn't separate per-request
      state from per-tfm (per-key) state like the other hash algorithms do,
      but rather stores it all in the tfm context.  That's wrong.
      
      Also, vmac_final() incorrectly zeroes most of the state including the
      derived keys and cached pseudorandom pad.  Therefore, only the first
      VMAC invocation with a given key calculates the correct digest.
      
      Fix these bugs by splitting the per-tfm state from the per-request state
      and using the proper init/update/final sequencing for requests.
      
      Reproducer for the crash:
      
          #include <linux/if_alg.h>
          #include <sys/socket.h>
          #include <unistd.h>
      
          int main()
          {
                  int fd;
                  struct sockaddr_alg addr = {
                          .salg_type = "hash",
                          .salg_name = "vmac(aes)",
                  };
                  char buf[256] = { 0 };
      
                  fd = socket(AF_ALG, SOCK_SEQPACKET, 0);
                  bind(fd, (void *)&addr, sizeof(addr));
                  setsockopt(fd, SOL_ALG, ALG_SET_KEY, buf, 16);
                  fork();
                  fd = accept(fd, NULL, NULL);
                  for (;;)
                          write(fd, buf, 256);
          }
      
      The immediate cause of the crash is that vmac_ctx_t.partial_size exceeds
      VMAC_NHBYTES, causing vmac_final() to memset() a negative length.
      
      Reported-by: syzbot+264bca3a6e8d645550d3@syzkaller.appspotmail.com
      Fixes: f1939f7c ("crypto: vmac - New hash algorithm for intel_txt support")
      Cc: <stable@vger.kernel.org> # v2.6.32+
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      bb296481
    • Eric Biggers's avatar
      crypto: vmac - require a block cipher with 128-bit block size · 73bf20ef
      Eric Biggers authored
      The VMAC template assumes the block cipher has a 128-bit block size, but
      it failed to check for that.  Thus it was possible to instantiate it
      using a 64-bit block size cipher, e.g. "vmac(cast5)", causing
      uninitialized memory to be used.
      
      Add the needed check when instantiating the template.
      
      Fixes: f1939f7c ("crypto: vmac - New hash algorithm for intel_txt support")
      Cc: <stable@vger.kernel.org> # v2.6.32+
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      73bf20ef
  3. 22 Jun, 2018 15 commits
  4. 16 Jun, 2018 8 commits
    • Linus Torvalds's avatar
      Linux 4.18-rc1 · ce397d21
      Linus Torvalds authored
      ce397d21
    • Linus Torvalds's avatar
      Merge tag 'for-linus-20180616' of git://git.kernel.dk/linux-block · 265c5596
      Linus Torvalds authored
      Pull block fixes from Jens Axboe:
       "A collection of fixes that should go into -rc1. This contains:
      
         - bsg_open vs bsg_unregister race fix (Anatoliy)
      
         - NVMe pull request from Christoph, with fixes for regressions in
           this window, FC connect/reconnect path code unification, and a
           trace point addition.
      
         - timeout fix (Christoph)
      
         - remove a few unused functions (Christoph)
      
         - blk-mq tag_set reinit fix (Roman)"
      
      * tag 'for-linus-20180616' of git://git.kernel.dk/linux-block:
        bsg: fix race of bsg_open and bsg_unregister
        block: remov blk_queue_invalidate_tags
        nvme-fabrics: fix and refine state checks in __nvmf_check_ready
        nvme-fabrics: handle the admin-only case properly in nvmf_check_ready
        nvme-fabrics: refactor queue ready check
        blk-mq: remove blk_mq_tagset_iter
        nvme: remove nvme_reinit_tagset
        nvme-fc: fix nulling of queue data on reconnect
        nvme-fc: remove reinit_request routine
        blk-mq: don't time out requests again that are in the timeout handler
        nvme-fc: change controllers first connect to use reconnect path
        nvme: don't rely on the changed namespace list log
        nvmet: free smart-log buffer after use
        nvme-rdma: fix error flow during mapping request data
        nvme: add bio remapping tracepoint
        nvme: fix NULL pointer dereference in nvme_init_subsystem
        blk-mq: reinit q->tag_set_list entry only after grace period
      265c5596
    • Linus Torvalds's avatar
      Merge tag 'docs-broken-links' of git://linuxtv.org/mchehab/experimental · 5e7b9212
      Linus Torvalds authored
      Pull documentation fixes from Mauro Carvalho Chehab:
       "This solves a series of broken links for files under Documentation,
        and improves a script meant to detect such broken links (see
        scripts/documentation-file-ref-check).
      
        The changes on this series are:
      
         - can.rst: fix a footnote reference;
      
         - crypto_engine.rst: Fix two parsing warnings;
      
         - Fix a lot of broken references to Documentation/*;
      
         - improve the scripts/documentation-file-ref-check script, in order
           to help detecting/fixing broken references, preventing
           false-positives.
      
        After this patch series, only 33 broken references to doc files are
        detected by scripts/documentation-file-ref-check"
      
      * tag 'docs-broken-links' of git://linuxtv.org/mchehab/experimental: (26 commits)
        fix a series of Documentation/ broken file name references
        Documentation: rstFlatTable.py: fix a broken reference
        ABI: sysfs-devices-system-cpu: remove a broken reference
        devicetree: fix a series of wrong file references
        devicetree: fix name of pinctrl-bindings.txt
        devicetree: fix some bindings file names
        MAINTAINERS: fix location of DT npcm files
        MAINTAINERS: fix location of some display DT bindings
        kernel-parameters.txt: fix pointers to sound parameters
        bindings: nvmem/zii: Fix location of nvmem.txt
        docs: Fix more broken references
        scripts/documentation-file-ref-check: check tools/*/Documentation
        scripts/documentation-file-ref-check: get rid of false-positives
        scripts/documentation-file-ref-check: hint: dash or underline
        scripts/documentation-file-ref-check: add a fix logic for DT
        scripts/documentation-file-ref-check: accept more wildcards at filenames
        scripts/documentation-file-ref-check: fix help message
        media: max2175: fix location of driver's companion documentation
        media: v4l: fix broken video4linux docs locations
        media: dvb: point to the location of the old README.dvb-usb file
        ...
      5e7b9212
    • Linus Torvalds's avatar
      Merge tag 'fsnotify_for_v4.18-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs · dbb2816f
      Linus Torvalds authored
      Pull fsnotify updates from Jan Kara:
       "fsnotify cleanups unifying handling of different watch types.
      
        This is the shortened fsnotify series from Amir with the last five
        patches pulled out. Amir has modified those patches to not change
        struct inode but obviously it's too late for those to go into this
        merge window"
      
      * tag 'fsnotify_for_v4.18-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs:
        fsnotify: add fsnotify_add_inode_mark() wrappers
        fanotify: generalize fanotify_should_send_event()
        fsnotify: generalize send_to_group()
        fsnotify: generalize iteration of marks by object type
        fsnotify: introduce marks iteration helpers
        fsnotify: remove redundant arguments to handle_event()
        fsnotify: use type id to identify connector object type
      dbb2816f
    • Linus Torvalds's avatar
      Merge tag 'fbdev-v4.18' of git://github.com/bzolnier/linux · 644f2639
      Linus Torvalds authored
      Pull fbdev updates from Bartlomiej Zolnierkiewicz:
       "There is nothing really major here, few small fixes, some cleanups and
        dead drivers removal:
      
         - mark omapfb drivers as orphans in MAINTAINERS file (Tomi Valkeinen)
      
         - add missing module license tags to omap/omapfb driver (Arnd
           Bergmann)
      
         - add missing GPIOLIB dependendy to omap2/omapfb driver (Arnd
           Bergmann)
      
         - convert savagefb, aty128fb & radeonfb drivers to use msleep & co.
           (Jia-Ju Bai)
      
         - allow COMPILE_TEST build for viafb driver (media part was reviewed
           by media subsystem Maintainer)
      
         - remove unused MERAM support from sh_mobile_lcdcfb and shmob-drm
           drivers (drm parts were acked by shmob-drm driver Maintainer)
      
         - remove unused auo_k190xfb drivers
      
         - misc cleanups (Souptick Joarder, Wolfram Sang, Markus Elfring, Andy
           Shevchenko, Colin Ian King)"
      
      * tag 'fbdev-v4.18' of git://github.com/bzolnier/linux: (26 commits)
        fb_omap2: add gpiolib dependency
        video/omap: add module license tags
        MAINTAINERS: make omapfb orphan
        video: fbdev: pxafb: match_string() conversion fixup
        video: fbdev: nvidia: fix spelling mistake: "scaleing" -> "scaling"
        video: fbdev: fix spelling mistake: "frambuffer" -> "framebuffer"
        video: fbdev: pxafb: Convert to use match_string() helper
        video: fbdev: via: allow COMPILE_TEST build
        video: fbdev: remove unused sh_mobile_meram driver
        drm: shmobile: remove unused MERAM support
        video: fbdev: sh_mobile_lcdcfb: remove unused MERAM support
        video: fbdev: remove unused auo_k190xfb drivers
        video: omap: Improve a size determination in omapfb_do_probe()
        video: sm501fb: Improve a size determination in sm501fb_probe()
        video: fbdev-MMP: Improve a size determination in path_init()
        video: fbdev-MMP: Delete an error message for a failed memory allocation in two functions
        video: auo_k190x: Delete an error message for a failed memory allocation in auok190x_common_probe()
        video: sh_mobile_lcdcfb: Delete an error message for a failed memory allocation in two functions
        video: sh_mobile_meram: Delete an error message for a failed memory allocation in sh_mobile_meram_probe()
        video: fbdev: sh_mobile_meram: Drop SUPERH platform dependency
        ...
      644f2639
    • Linus Torvalds's avatar
      Merge branch 'afs-proc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs · 35773c93
      Linus Torvalds authored
      Pull AFS updates from Al Viro:
       "Assorted AFS stuff - ended up in vfs.git since most of that consists
        of David's AFS-related followups to Christoph's procfs series"
      
      * 'afs-proc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
        afs: Optimise callback breaking by not repeating volume lookup
        afs: Display manually added cells in dynamic root mount
        afs: Enable IPv6 DNS lookups
        afs: Show all of a server's addresses in /proc/fs/afs/servers
        afs: Handle CONFIG_PROC_FS=n
        proc: Make inline name size calculation automatic
        afs: Implement network namespacing
        afs: Mark afs_net::ws_cell as __rcu and set using rcu functions
        afs: Fix a Sparse warning in xdr_decode_AFSFetchStatus()
        proc: Add a way to make network proc files writable
        afs: Rearrange fs/afs/proc.c to remove remaining predeclarations.
        afs: Rearrange fs/afs/proc.c to move the show routines up
        afs: Rearrange fs/afs/proc.c by moving fops and open functions down
        afs: Move /proc management functions to the end of the file
      35773c93
    • Linus Torvalds's avatar
      Merge branch 'work.compat' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs · 29d6849d
      Linus Torvalds authored
      Pull compat updates from Al Viro:
       "Some biarch patches - getting rid of assorted (mis)uses of
        compat_alloc_user_space().
      
        Not much in that area this cycle..."
      
      * 'work.compat' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
        orangefs: simplify compat ioctl handling
        signalfd: lift sigmask copyin and size checks to callers of do_signalfd4()
        vmsplice(): lift importing iovec into vmsplice(2) and compat counterpart
      29d6849d
    • Linus Torvalds's avatar
      Merge branch 'work.aio' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs · a5b729ea
      Linus Torvalds authored
      Pull aio fixes from Al Viro:
       "Assorted AIO followups and fixes"
      
      * 'work.aio' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
        eventpoll: switch to ->poll_mask
        aio: only return events requested in poll_mask() for IOCB_CMD_POLL
        eventfd: only return events requested in poll_mask()
        aio: mark __aio_sigset::sigmask const
      a5b729ea
  5. 15 Jun, 2018 4 commits
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net · 9215310c
      Linus Torvalds authored
      Pull networking fixes from David Miller:
      
       1) Various netfilter fixlets from Pablo and the netfilter team.
      
       2) Fix regression in IPVS caused by lack of PMTU exceptions on local
          routes in ipv6, from Julian Anastasov.
      
       3) Check pskb_trim_rcsum for failure in DSA, from Zhouyang Jia.
      
       4) Don't crash on poll in TLS, from Daniel Borkmann.
      
       5) Revert SO_REUSE{ADDR,PORT} change, it regresses various things
          including Avahi mDNS. From Bart Van Assche.
      
       6) Missing of_node_put in qcom/emac driver, from Yue Haibing.
      
       7) We lack checking of the TCP checking in one special case during SYN
          receive, from Frank van der Linden.
      
       8) Fix module init error paths of mac80211 hwsim, from Johannes Berg.
      
       9) Handle 802.1ad properly in stmmac driver, from Elad Nachman.
      
      10) Must grab HW caps before doing quirk checks in stmmac driver, from
          Jose Abreu.
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (81 commits)
        net: stmmac: Run HWIF Quirks after getting HW caps
        neighbour: skip NTF_EXT_LEARNED entries during forced gc
        net: cxgb3: add error handling for sysfs_create_group
        tls: fix waitall behavior in tls_sw_recvmsg
        tls: fix use-after-free in tls_push_record
        l2tp: filter out non-PPP sessions in pppol2tp_tunnel_ioctl()
        l2tp: reject creation of non-PPP sessions on L2TPv2 tunnels
        mlxsw: spectrum_switchdev: Fix port_vlan refcounting
        mlxsw: spectrum_router: Align with new route replace logic
        mlxsw: spectrum_router: Allow appending to dev-only routes
        ipv6: Only emit append events for appended routes
        stmmac: added support for 802.1ad vlan stripping
        cfg80211: fix rcu in cfg80211_unregister_wdev
        mac80211: Move up init of TXQs
        mac80211_hwsim: fix module init error paths
        cfg80211: initialize sinfo in cfg80211_get_station
        nl80211: fix some kernel doc tag mistakes
        hv_netvsc: Fix the variable sizes in ipsecv2 and rsc offload
        rds: avoid unenecessary cong_update in loop transport
        l2tp: clean up stale tunnel or session in pppol2tp_connect's error path
        ...
      9215310c
    • Linus Torvalds's avatar
      Merge tag 'modules-for-v4.18' of git://git.kernel.org/pub/scm/linux/kernel/git/jeyu/linux · de7f01c2
      Linus Torvalds authored
      Pull module updates from Jessica Yu:
       "Minor code cleanup and also allow sig_enforce param to be shown in
        sysfs with CONFIG_MODULE_SIG_FORCE"
      
      * tag 'modules-for-v4.18' of git://git.kernel.org/pub/scm/linux/kernel/git/jeyu/linux:
        module: Allow to always show the status of modsign
        module: Do not access sig_enforce directly
      de7f01c2
    • Linus Torvalds's avatar
      Merge branch 'for-linus-4.18-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rw/uml · 8d1e5133
      Linus Torvalds authored
      Pull uml updates from Richard Weinberger:
       "Minor updates for UML:
      
         - fixes for our new vector network driver by Anton
      
         - initcall cleanup by Alexander
      
         - We have a new mailinglist, sourceforge.net sucks"
      
      * 'for-linus-4.18-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rw/uml:
        um: Fix raw interface options
        um: Fix initialization of vector queues
        um: remove uml initcalls
        um: Update mailing list address
      8d1e5133
    • Linus Torvalds's avatar
      Merge tag 'riscv-for-linus-4.18-merge_window' of... · 6a4d4b32
      Linus Torvalds authored
      Merge tag 'riscv-for-linus-4.18-merge_window' of git://git.kernel.org/pub/scm/linux/kernel/git/palmer/riscv-linux
      
      Pull RISC-V updates from Palmer Dabbelt:
       "This contains some small RISC-V updates I'd like to target for 4.18.
      
        They are all fairly small this time. Here's a short summary, there's
        more info in the commits/merges:
      
         - a fix to __clear_user to respect the passed arguments.
      
         - enough support for the perf subsystem to work with RISC-V's ISA
           defined performance counters.
      
         - support for sparse and cleanups suggested by it.
      
         - support for R_RISCV_32 (a relocation, not the 32-bit ISA).
      
         - some MAINTAINERS cleanups.
      
         - the addition of CONFIG_HVC_RISCV_SBI to our defconfig, as it's
           always present.
      
        I've given these a simple build+boot test"
      
      * tag 'riscv-for-linus-4.18-merge_window' of git://git.kernel.org/pub/scm/linux/kernel/git/palmer/riscv-linux:
        RISC-V: Add CONFIG_HVC_RISCV_SBI=y to defconfig
        RISC-V: Handle R_RISCV_32 in modules
        riscv/ftrace: Export _mcount when DYNAMIC_FTRACE isn't set
        riscv: add riscv-specific predefines to CHECKFLAGS
        riscv: split the declaration of __copy_user
        riscv: no __user for probe_kernel_address()
        riscv: use NULL instead of a plain 0
        perf: riscv: Add Document for Future Porting Guide
        perf: riscv: preliminary RISC-V support
        MAINTAINERS: Update Albert's email, he's back at Berkeley
        MAINTAINERS: Add myself as a maintainer for SiFive's drivers
        riscv: Fix the bug in memory access fixup code
      6a4d4b32