- 07 Aug, 2020 23 commits
-
-
Kees Cook authored
Patch series "mm: Expand CONFIG_SLAB_FREELIST_HARDENED to include SLAB" In reviewing Vlastimil Babka's latest slub debug series, I realized[1] that several checks under CONFIG_SLAB_FREELIST_HARDENED weren't being applied to SLAB. Fix this by expanding the Kconfig coverage, and adding a simple double-free test for SLAB. This patch (of 2): Include SLAB caches when performing kmem_cache pointer verification. A defense against such corruption[1] should be applied to all the allocators. With this added, the "SLAB_FREE_CROSS" and "SLAB_FREE_PAGE" LKDTM tests now pass on SLAB: lkdtm: Performing direct entry SLAB_FREE_CROSS lkdtm: Attempting cross-cache slab free ... ------------[ cut here ]------------ cache_from_obj: Wrong slab cache. lkdtm-heap-b but object is from lkdtm-heap-a WARNING: CPU: 2 PID: 2195 at mm/slab.h:530 kmem_cache_free+0x8d/0x1d0 ... lkdtm: Performing direct entry SLAB_FREE_PAGE lkdtm: Attempting non-Slab slab free ... ------------[ cut here ]------------ virt_to_cache: Object is not a Slab page! WARNING: CPU: 1 PID: 2202 at mm/slab.h:489 kmem_cache_free+0x196/0x1d0 Additionally clean up neighboring Kconfig entries for clarity, readability, and redundant option removal. [1] https://github.com/ThomasKing2014/slides/raw/master/Building%20universal%20Android%20rooting%20with%20a%20type%20confusion%20vulnerability.pdf Fixes: 598a0717 ("mm/slab: validate cache membership under freelist hardening") Signed-off-by:
Kees Cook <keescook@chromium.org> Signed-off-by:
Andrew Morton <akpm@linux-foundation.org> Acked-by:
Vlastimil Babka <vbabka@suse.cz> Cc: Alexander Popov <alex.popov@linux.com> Cc: Christoph Lameter <cl@linux.com> Cc: David Rientjes <rientjes@google.com> Cc: Jann Horn <jannh@google.com> Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com> Cc: Matthew Garrett <mjg59@google.com> Cc: Pekka Enberg <penberg@kernel.org> Cc: Roman Gushchin <guro@fb.com> Cc: Vijayanand Jitta <vjitta@codeaurora.org> Cc: Vinayak Menon <vinmenon@codeaurora.org> Link: http://lkml.kernel.org/r/20200625215548.389774-1-keescook@chromium.org Link: http://lkml.kernel.org/r/20200625215548.389774-2-keescook@chromium.orgSigned-off-by:
Linus Torvalds <torvalds@linux-foundation.org>
-
William Kucharski authored
Other mm routines such as kfree() and kzfree() silently do the right thing if passed a NULL pointer, so ksize() should do the same. Signed-off-by:
William Kucharski <william.kucharski@oracle.com> Signed-off-by:
Matthew Wilcox (Oracle) <willy@infradead.org> Reviewed-by:
David Hildenbrand <david@redhat.com> Cc: Christoph Lameter <cl@linux.com> Cc: Pekka Enberg <penberg@kernel.org> Cc: David Rientjes <rientjes@google.com> Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com> Link: http://lkml.kernel.org/r/20200616225409.4670-1-william.kucharski@oracle.comSigned-off-by:
-
Waiman Long authored
As said by Linus: A symmetric naming is only helpful if it implies symmetries in use. Otherwise it's actively misleading. In "kzalloc()", the z is meaningful and an important part of what the caller wants. In "kzfree()", the z is actively detrimental, because maybe in the future we really _might_ want to use that "memfill(0xdeadbeef)" or something. The "zero" part of the interface isn't even _relevant_. The main reason that kzfree() exists is to clear sensitive information that should not be leaked to other future users of the same memory objects. Rename kzfree() to kfree_sensitive() to follow the example of the recently added kvfree_sensitive() and make the intention of the API more explicit. In addition, memzero_explicit() is used to clear the memory to make sure that it won't get optimized away by the compiler. The renaming is done by using the command sequence: git grep -w --name-only kzfree |\ xargs sed -i 's/kzfree/kfree_sensitive/' followed by some editing of the kfree_sensitive() kerneldoc and adding a kzfree backward compatibility macro in slab.h. [akpm@linux-foundation.org: fs/crypto/inline_crypt.c needs linux/slab.h] [akpm@linux-foundation.org: fix fs/crypto/inline_crypt.c some more] Suggested-by:
Joe Perches <joe@perches.com> Signed-off-by:
Waiman Long <longman@redhat.com> Signed-off-by:
David Howells <dhowells@redhat.com> Acked-by:
Michal Hocko <mhocko@suse.com> Acked-by:
Johannes Weiner <hannes@cmpxchg.org> Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Cc: James Morris <jmorris@namei.org> Cc: "Serge E. Hallyn" <serge@hallyn.com> Cc: Joe Perches <joe@perches.com> Cc: Matthew Wilcox <willy@infradead.org> Cc: David Rientjes <rientjes@google.com> Cc: Dan Carpenter <dan.carpenter@oracle.com> Cc: "Jason A . Donenfeld" <Jason@zx2c4.com> Link: http://lkml.kernel.org/r/20200616154311.12314-3-longman@redhat.comSigned-off-by:
-
Pavel Machek authored
Based on what fails, function can return with nfs_sync_rwlock either locked or unlocked. That can not be right. Always return with lock unlocked on error. Fixes: 4cd9973f ("ocfs2: avoid inode removal while nfsd is accessing it") Signed-off-by:
Pavel Machek (CIP) <pavel@denx.de> Signed-off-by:
Joseph Qi <joseph.qi@linux.alibaba.com> Reviewed-by:
-
Alexander A. Klimov authored
Rationale: Reduces attack surface on kernel devs opening the links for MITM as HTTPS traffic is much harder to manipulate. Deterministic algorithm: For each file: If not .svg: For each line: If doesn't contain `xmlns`: For each link, `http://[^# ]*(?:\w|/)`: If neither `gnu\.org/license`, nor `mozilla\.org/MPL`: If both the HTTP and HTTPS versions return 200 OK and serve the same content: Replace HTTP with HTTPS. Signed-off-by:Alexander A. Klimov <grandmaster@al2klimov.de> Signed-off-by:
-
Junxiao Bi authored
Dan Carpenter reported the following static checker warning. fs/ocfs2/super.c:1269 ocfs2_parse_options() warn: '(-1)' 65535 can't fit into 32767 'mopt->slot' fs/ocfs2/suballoc.c:859 ocfs2_init_inode_steal_slot() warn: '(-1)' 65535 can't fit into 32767 'osb->s_inode_steal_slot' fs/ocfs2/suballoc.c:867 ocfs2_init_meta_steal_slot() warn: '(-1)' 65535 can't fit into 32767 'osb->s_meta_steal_slot' That's because OCFS2_INVALID_SLOT is (u16)-1. Slot number in ocfs2 can be never negative, so change s16 to u16. Fixes: 9277f833 ("ocfs2: fix value of OCFS2_INVALID_SLOT") Reported-by:
Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by:
Junxiao Bi <junxiao.bi@oracle.com> Signed-off-by:
Gang He <ghe@suse.com> Cc: Mark Fasheh <mark@fasheh.com> Cc: Joel Becker <jlbec@evilplan.org> Cc: Junxiao Bi <junxiao.bi@oracle.com> Cc: Changwei Ge <gechangwei@live.cn> Cc: Jun Piao <piaojun@huawei.com> Cc: <stable@vger.kernel.org> Link: http://lkml.kernel.org/r/20200627001259.19757-1-junxiao.bi@oracle.comSigned-off-by:
-
Randy Dunlap authored
Drop the repeated word "is" in a comment. Signed-off-by:
Randy Dunlap <rdunlap@infradead.org> Signed-off-by:
-
Gang He authored
When use setfacl command to change a file's acl, the user cannot get the latest acl information from the file via getfacl command, until remounting the file system. e.g. setfacl -m u:ivan:rw /ocfs2/ivan getfacl /ocfs2/ivan getfacl: Removing leading '/' from absolute path names file: ocfs2/ivan owner: root group: root user::rw- group::r-- mask::r-- other::r-- The latest acl record("u:ivan:rw") cannot be returned via getfacl command until remounting. Signed-off-by: -
Luca Stefani authored
Clang's Control Flow Integrity (CFI) is a security mechanism that can help prevent JOP chains, deployed extensively in downstream kernels used in Android. Its deployment is hindered by mismatches in function signatures. For this case, we make callbacks match their intended function signature, and cast parameters within them rather than casting the callback when passed as a parameter. When running `mount -t ntfs ...` we observe the following trace: Call trace: __cfi_check_fail+0x1c/0x24 name_to_dev_t+0x0/0x404 iget5_locked+0x594/0x5e8 ntfs_fill_super+0xbfc/0x43ec mount_bdev+0x30c/0x3cc ntfs_mount+0x18/0x24 mount_fs+0x1b0/0x380 vfs_kern_mount+0x90/0x398 do_mount+0x5d8/0x1a10 SyS_mount+0x108/0x144 el0_svc_naked+0x34/0x38 Signed-off-by:
Luca Stefani <luca.stefani.ge1@gmail.com> Signed-off-by:
freak07 <michalechner92@googlemail.com> Reviewed-by:
Nick Desaulniers <ndesaulniers@google.com> Reviewed-by:
Nathan Chancellor <natechancellor@gmail.com> Acked-by:
Anton Altaparmakov <anton@tuxera.com> Link: http://lkml.kernel.org/r/20200718112513.533800-1-luca.stefani.ge1@gmail.comSigned-off-by:
-
Colin Ian King authored
Here are some of the more common spelling mistakes and typos that I've found while fixing up spelling mistakes in the kernel since April 2020. Signed-off-by:
Colin Ian King <colin.king@canonical.com> Signed-off-by:
-
Joe Perches authored
Add regulator_ops to expected to be const list. Signed-off-by:
-
Konstantin Khlebnikov authored
Add option decode_stacktrace -r <release> to specify only release name. This is enough to guess standard paths to vmlinux and modules: $ echo -e 'schedule+0x0/0x0 tap_open+0x0/0x0 [tap]' | ./scripts/decode_stacktrace.sh -r 5.4.0-37-generic schedule (kernel/sched/core.c:4138) tap_open (drivers/net/tap.c:502) tap Signed-off-by:
Konstantin Khlebnikov <khlebnikov@yandex-team.ru> Signed-off-by:
-
Konstantin Khlebnikov authored
Try to find module in directory with vmlinux (for fresh build). Then try standard paths where debuginfo are usually placed. Pick first file which have elf section '.debug_line'. Before: $ echo 'tap_open+0x0/0x0 [tap]' | ./scripts/decode_stacktrace.sh /usr/lib/debug/boot/vmlinux-5.4.0-37-generic WARNING! Modules path isn't set, but is needed to parse this symbol tap_open+0x0/0x0 tap After: $ echo 'tap_open+0x0/0x0 [tap]' | ./scripts/decode_stacktrace.sh /usr/lib/debug/boot/vmlinux-5.4.0-37-generic tap_open (drivers/net/tap.c:502) tap Signed-off-by:
-
Konstantin Khlebnikov authored
Guess path to kernel sources using known location of symbol "kernel_init". Make basepath argument optional. Before: $ echo 'vfs_open+0x0/0x0' | ./scripts/decode_stacktrace.sh vmlinux "" vfs_open (home/khlebnikov/src/linux/fs/open.c:912) After: $ echo 'vfs_open+0x0/0x0' | ./scripts/decode_stacktrace.sh vmlinux vfs_open (fs/open.c:912) Signed-off-by:
-
Konstantin Khlebnikov authored
For now script turns missing symbols into '0' and make bogus decode. Skip them instead. Also simplify parsing output of 'nm'. Before: $ echo 'xxx+0x0/0x0' | ./scripts/decode_stacktrace.sh vmlinux "" xxx (home/khlebnikov/src/linux/./arch/x86/include/asm/processor.h:398) After: $ echo 'xxx+0x0/0x0' | ./scripts/decode_stacktrace.sh vmlinux "" xxx+0x0/0x0 Signed-off-by:
-
Nikolay Borisov authored
Library archives (.a) usually contain multiple object files so their output of nm --size-sort contains lines like: <omitted for brevity> 00000000000003a8 t run_test extent-map-tests.o: <omitted for brevity> bloat-o-meter currently doesn't handle them which results in errors when calling .split() on them. Fix this by simply ignoring them. This enables diffing subsystems which generate built-in.a files. Signed-off-by:
Nikolay Borisov <nborisov@suse.com> Signed-off-by:
-
Jialu Xu authored
Parse compiled source from *.cmd but don't 'find' too many files that are not related to compilation. [xujialu@vimux.org: don't expand symlinks by add option -s for realpath] Link: http://lkml.kernel.org/r/5efc5bfb.1c69fb81.41bf5.7131SMTPIN_ADDED_MISSING@mx.google.comSigned-off-by:
Jialu Xu <xujialu@vimux.org> Signed-off-by:
-
Gaurav Singh authored
Haven't reproduced this issue. This PR is does a minor code cleanup. Signed-off-by:
Gaurav Singh <gaurav1086@gmail.com> Signed-off-by:
-
Alexander A. Klimov authored
Rationale: Reduces attack surface on kernel devs opening the links for MITM as HTTPS traffic is much harder to manipulate. Signed-off-by:
-
Ilias Stamatis authored
Originally kthread_create_on_cpu() parked and woke up the new thread. However, since commit a65d4096 ("kthread/smpboot: do not park in kthread_create_on_cpu()") this is no longer the case. This patch removes the comment that has been left behind and is now incorrect / stale. Fixes: a65d4096 ("kthread/smpboot: do not park in kthread_create_on_cpu()") Signed-off-by:
Ilias Stamatis <stamatis.iliass@gmail.com> Signed-off-by:
Petr Mladek <pmladek@suse.com> Link: http://lkml.kernel.org/r/20200611135920.240551-1-stamatis.iliass@gmail.comSigned-off-by:
-
Peter Zijlstra authored
For SMP systems using IPI based TLB invalidation, looking at current->active_mm is entirely reasonable. This then presents the following race condition: CPU0 CPU1 flush_tlb_mm(mm) use_mm(mm) <send-IPI> tsk->active_mm = mm; <IPI> if (tsk->active_mm == mm) // flush TLBs </IPI> switch_mm(old_mm,mm,tsk); Where it is possible the IPI flushed the TLBs for @old_mm, not @mm, because the IPI lands before we actually switched. Avoid this by disabling IRQs across changing ->active_mm and switch_mm(). Of the (SMP) architectures that have IPI based TLB invalidate: Alpha - checks active_mm ARC - ASID specific IA64 - checks active_mm MIPS - ASID specific flush OpenRISC - shoots down world PARISC - shoots down world SH - ASID specific SPARC - ASID specific x86 - N/A xtensa - checks active_mm So at the very least Alpha, IA64 and Xtensa are suspect. On top of this, for scheduler consistency we need at least preemption disabled across changing tsk->mm and doing switch_mm(), which is currently provided by task_lock(), but that's not sufficient for PREEMPT_RT. [akpm@linux-foundation.org: add comment] Reported-by:Andy Lutomirski <luto@amacapital.net> Signed-off-by:
Peter Zijlstra (Intel) <peterz@infradead.org> Signed-off-by:
-
David Hildenbrand authored
Especially with memory hotplug, we can have offline sections (with a garbage memmap) and overlapping zones. We have to make sure to only touch initialized memmaps (online sections managed by the buddy) and that the zone matches, to not move pages between zones. To test if this can actually happen, I added a simple BUG_ON(page_zone(page_i) != page_zone(page_j)); right before the swap. When hotplugging a 256M DIMM to a 4G x86-64 VM and onlining the first memory block "online_movable" and the second memory block "online_kernel", it will trigger the BUG, as both zones (NORMAL and MOVABLE) overlap. This might result in all kinds of weird situations (e.g., double allocations, list corruptions, unmovable allocations ending up in the movable zone). Fixes: e900a918 ("mm: shuffle initial free memory to improve memory-side-cache utilization") Signed-off-by:
Wei Yang <richard.weiyang@linux.alibaba.com> Acked-by:
Dan Williams <dan.j.williams@intel.com> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Johannes Weiner <hannes@cmpxchg.org> Cc: Michal Hocko <mhocko@suse.com> Cc: Minchan Kim <minchan@kernel.org> Cc: Huang Ying <ying.huang@intel.com> Cc: Wei Yang <richard.weiyang@gmail.com> Cc: Mel Gorman <mgorman@techsingularity.net> Cc: <stable@vger.kernel.org> [5.2+] Link: http://lkml.kernel.org/r/20200624094741.9918-2-david@redhat.comSigned-off-by:
-
Ralph Campbell authored
On x86_64, when CONFIG_MMU_NOTIFIER is not set/enabled, there is a compiler error: mm/migrate.c: In function 'migrate_vma_collect': mm/migrate.c:2481:7: error: 'struct mmu_notifier_range' has no member named 'migrate_pgmap_owner' range.migrate_pgmap_owner = migrate->pgmap_owner; ^ Fixes: 998427b3 ("mm/notifier: add migration invalidation type") Reported-by:Ralph Campbell <rcampbell@nvidia.com> Signed-off-by:
-
- 06 Aug, 2020 17 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/ttyLinus Torvalds authored
Pull tty/serial updates from Greg KH: "Here is the large set of TTY and Serial driver patches for 5.9-rc1. Lots of bugfixes in here, thanks to syzbot fuzzing for serial and vt and console code. Other highlights include: - much needed vt/vc code cleanup from Jiri Slaby - 8250 driver fixes and additions - various serial driver updates and feature enhancements - locking cleanup for serial/console initializations - other minor cleanups All of these have been in linux-next with no reported issues" * tag 'tty-5.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty: (90 commits) MAINTAINERS: enlist Greg formally for console stuff vgacon: Fix for missing check in scrollback handling Revert "serial: 8250: Let serial core initialise spin lock" serial: 8250: Let serial core initialise spin lock tty: keyboard, do not speculate on func_table index serial: stm32: Add RS485 RTS GPIO control serial: 8250_dw: Fix common clocks usage race condition serial: 8250_dw: Pass the same rate to the clk round and set rate methods serial: 8250_dw: Simplify the ref clock rate setting procedure serial: 8250: Add 8250 port clock update method tty: serial: imx: add imx earlycon driver tty: serial: imx: enable imx serial console port as module tty/synclink: remove leftover bits of non-PCI card support tty: Use the preferred form for passing the size of a structure type tty: Fix identation issues in struct serial_struct32 tty: Avoid the use of one-element arrays serial: msm_serial: add sparse context annotation serial: pmac_zilog: add sparse context annotation newport_con: vc_color is now in state serial: imx: use hrtimers for rs485 delays ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/stagingLinus Torvalds authored
Pull staging/IIO driver updates from Greg KH: "Here is the large set of Staging and IIO driver patches for 5.9-rc1. Lots of churn here, but overall the size increase in lines added is small, while adding a load of new IIO drivers. Major things in here: - lots and lots of IIO new drivers and frameworks added - IIO driver fixes and updates - lots of tiny coding style cleanups for staging drivers - vc04_services major reworks and cleanups We had 3 set of drivers move out of staging in this round as well: - wilc1000 wireless driver moved out of staging - speakup moved out of staging - most USB driver moved out of staging Full details are in the shortlog. All of these have been in linux-next with no reported issues. The last few changes here were to resolve reported linux-next issues, and they seem to have resolved the problems" * tag 'staging-5.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging: (428 commits) staging: most: fix up movement of USB driver staging: rts5208: clear alignment style issues staging: r8188eu: replace rtw_netdev_priv define with inline function staging: netlogic: clear alignment style issues staging: android: ashmem: Fix lockdep warning for write operation drivers: most: add USB adapter driver staging: most: Use %pM format specifier for MAC addresses staging: ks7010: Use %pM format specifier for MAC addresses staging: qlge: qlge_dbg: removed comment repition staging: wfx: Use flex_array_size() helper in memcpy() staging: rtl8723bs: Align macro definitions staging: rtl8723bs: Clean up function declations staging: rtl8723bs: Fix coding style errors drivers: staging: audio: Fix the missing header file for helper file staging: greybus: audio: Enable GB codec, audio module compilation. staging: greybus: audio: Add helper APIs for dynamic audio modules staging: greybus: audio: Resolve compilation error in topology parser staging: greybus: audio: Resolve compilation errors for GB codec module staging: greybus: audio: Maintain jack list within GB Audio module staging: greybus: audio: Update snd_jack FW usage as per new APIs ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/soundLinus Torvalds authored
Pull sound updates from Takashi Iwai: "This became wide and scattered updates all over the sound tree as diffstat shows: lots of (still ongoing) refactoring works in ASoC, fixes and cleanups caught by static analysis, inclusive term conversions as well as lots of new drivers. Below are highlights: ASoC core: - API cleanups and conversions to the unified mute_stream() call - Simplify I/O helper functions - Use helper macros to retrieve RTD from substreams ASoC drivers: - Lots of fixes and cleanups in Intel ASoC drivers - Lots of new stuff: Freescale MQS and i.MX6sx, Intel KeemBay I2S, Maxim MAX98360A and MAX98373 SoundWire, various Mediatek boards, nVidia Tegra 186 and 210, RealTek RL6231, Samsung Midas and Aries boards, TI J721e EVM ALSA core: - Minor code refacotring for SG-buffer handling HD-audio: - Generalization of mute-LED handling with LED classdev - Intel silent stream support for HDMI - Device-specific fixes: CA0132, Loongson-3 Others: - Usual USB- and HD-audio quirks for various devices - Fixes for echoaudio DMA position handling - Various documents and trivial fixes for sparse warnings - Conversion to adopt inclusive terms" * tag 'sound-5.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound: (479 commits) ALSA: pci: delete repeated words in comments ALSA: isa: delete repeated words in comments ALSA: hda/tegra: Add 100us dma stop delay ALSA: hda: Add dma stop delay variable ASoC: hda/tegra: Set buffer alignment to 128 bytes ALSA: seq: oss: Serialize ioctls ALSA: hda/hdmi: Add quirk to force connectivity ALSA: usb-audio: add startech usb audio dock name ALSA: usb-audio: Add support for Lenovo ThinkStation P620 Revert "ALSA: hda: call runtime_allow() for all hda controllers" ALSA: hda/ca0132 - Fix AE-5 microphone selection commands. ALSA: hda/ca0132 - Add new quirk ID for Recon3D. ALSA: hda/ca0132 - Fix ZxR Headphone gain control get value. ALSA: hda/realtek: Add alc269/alc662 pin-tables for Loongson-3 laptops ALSA: docs: fix typo ALSA: doc: use correct config variable name ASoC: core: Two step component registration ASoC: core: Simplify snd_soc_component_initialize declaration ASoC: core: Relocate and expose snd_soc_component_initialize ASoC: sh: Replace 'select' DMADEVICES 'with depends on' ... -
git://git.kernel.org/pub/scm/virt/kvm/kvmLinus Torvalds authored
Pull KVM updates from Paolo Bonzini: "s390: - implement diag318 x86: - Report last CPU for debugging - Emulate smaller MAXPHYADDR in the guest than in the host - .noinstr and tracing fixes from Thomas - nested SVM page table switching optimization and fixes Generic: - Unify shadow MMU cache data structures across architectures" * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: (127 commits) KVM: SVM: Fix sev_pin_memory() error handling KVM: LAPIC: Set the TDCR settable bits KVM: x86: Specify max TDP level via kvm_configure_mmu() KVM: x86/mmu: Rename max_page_level to max_huge_page_level KVM: x86: Dynamically calculate TDP level from max level and MAXPHYADDR KVM: VXM: Remove temporary WARN on expected vs. actual EPTP level mismatch KVM: x86: Pull the PGD's level from the MMU instead of recalculating it KVM: VMX: Make vmx_load_mmu_pgd() static KVM: x86/mmu: Add separate helper for shadow NPT root page role calc KVM: VMX: Drop a duplicate declaration of construct_eptp() KVM: nSVM: Correctly set the shadow NPT root level in its MMU role KVM: Using macros instead of magic values MIPS: KVM: Fix build error caused by 'kvm_run' cleanup KVM: nSVM: remove nonsensical EXITINFO1 adjustment on nested NPF KVM: x86: Add a capability for GUEST_MAXPHYADDR < HOST_MAXPHYADDR support KVM: VMX: optimize #PF injection when MAXPHYADDR does not match KVM: VMX: Add guest physical address check in EPT violation and misconfig KVM: VMX: introduce vmx_need_pf_intercept KVM: x86: update exception bitmap on CPUID changes KVM: x86: rename update_bp_intercept to update_exception_bitmap ...
-
Linus Torvalds authored
This reverts commit 8bb9bf24. It seems the vmalloc page tables aren't always preallocated in all situations, because Jason Donenfeld reports an oops with this commit: BUG: unable to handle page fault for address: ffffe8ffffd00608 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP CPU: 2 PID: 22 Comm: kworker/2:0 Not tainted 5.8.0+ #154 RIP: process_one_work+0x2c/0x2d0 Code: 41 56 41 55 41 54 55 48 89 f5 53 48 89 fb 48 83 ec 08 48 8b 06 4c 8b 67 40 49 89 c6 45 30 f6 a8 04 b8 00 00 00 00 4c 0f 44 f0 <49> 8b 46 08 44 8b a8 00 01 05 Call Trace: worker_thread+0x4b/0x3b0 ? rescuer_thread+0x360/0x360 kthread+0x116/0x140 ? __kthread_create_worker+0x110/0x110 ret_from_fork+0x1f/0x30 CR2: ffffe8ffffd00608 and that page fault address is right in that vmalloc space, and we clearly don't have a PGD/P4D entry for it. Looking at the "Code:" line, the actual fault seems to come from the 'pwq->wq' dereference at the top of the process_one_work() function: struct pool_workqueue *pwq = get_work_pwq(work); struct worker_pool *pool = worker->pool; bool cpu_intensive = pwq->wq->flags & WQ_CPU_INTENSIVE; so 'struct pool_workqueue *pwq' is the allocation that hasn't been synchronized across CPUs. Just revert for now, while Joerg figures out the cause. Reported-and-bisected-by:
Jason A. Donenfeld <Jason@zx2c4.com> Acked-by:
Ingo Molnar <mingo@kernel.org> Acked-by:
Joerg Roedel <jroedel@suse.de> Signed-off-by:
-
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tipLinus Torvalds authored
Pull sched/fifo updates from Ingo Molnar: "This adds the sched_set_fifo*() encapsulation APIs to remove static priority level knowledge from non-scheduler code. The three APIs for non-scheduler code to set SCHED_FIFO are: - sched_set_fifo() - sched_set_fifo_low() - sched_set_normal() These are two FIFO priority levels: default (high), and a 'low' priority level, plus sched_set_normal() to set the policy back to non-SCHED_FIFO. Since the changes affect a lot of non-scheduler code, we kept this in a separate tree" * tag 'sched-fifo-2020-08-04' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (24 commits) sched,tracing: Convert to sched_set_fifo() sched: Remove sched_set_*() return value sched: Remove sched_setscheduler*() EXPORTs sched,psi: Convert to sched_set_fifo_low() sched,rcutorture: Convert to sched_set_fifo_low() sched,rcuperf: Convert to sched_set_fifo_low() sched,locktorture: Convert to sched_set_fifo() sched,irq: Convert to sched_set_fifo() sched,watchdog: Convert to sched_set_fifo() sched,serial: Convert to sched_set_fifo() sched,powerclamp: Convert to sched_set_fifo() sched,ion: Convert to sched_set_normal() sched,powercap: Convert to sched_set_fifo*() sched,spi: Convert to sched_set_fifo*() sched,mmc: Convert to sched_set_fifo*() sched,ivtv: Convert to sched_set_fifo*() sched,drm/scheduler: Convert to sched_set_fifo*() sched,msm: Convert to sched_set_fifo*() sched,psci: Convert to sched_set_fifo*() sched,drbd: Convert to sched_set_fifo*() ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrityLinus Torvalds authored
Pull integrity updates from Mimi Zohar: "The nicest change is the IMA policy rule checking. The other changes include allowing the kexec boot cmdline line measure policy rules to be defined in terms of the inode associated with the kexec kernel image, making the IMA_APPRAISE_BOOTPARAM, which governs the IMA appraise mode (log, fix, enforce), a runtime decision based on the secure boot mode of the system, and including errno in the audit log" * tag 'integrity-v5.9' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity: integrity: remove redundant initialization of variable ret ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime ima: AppArmor satisfies the audit rule requirements ima: Rename internal filter rule functions ima: Support additional conditionals in the KEXEC_CMDLINE hook function ima: Use the common function to detect LSM conditionals in a rule ima: Move comprehensive rule validation checks out of the token parser ima: Use correct type for the args_p member of ima_rule_entry.lsm elements ima: Shallow copy the args_p member of ima_rule_entry.lsm elements ima: Fail rule parsing when appraise_flag=blacklist is unsupportable ima: Fail rule parsing when the KEY_CHECK hook is combined with an invalid cond ima: Fail rule parsing when the KEXEC_CMDLINE hook is combined with an invalid cond ima: Fail rule parsing when buffer hook functions have an invalid action ima: Free the entire rule if it fails to parse ima: Free the entire rule when deleting a list of rules ima: Have the LSM free its audit rule IMA: Add audit log for failure conditions integrity: Add errno field in audit message
-
git://git.kernel.org/pub/scm/linux/kernel/git/jlawall/linuxLinus Torvalds authored
Pull coccinelle updates from Julia Lawall: "New semantic patches and semantic patch improvements from Denis Efremov" * 'for-5.9' of git://git.kernel.org/pub/scm/linux/kernel/git/jlawall/linux: coccinelle: api: filter out memdup_user definitions coccinelle: api: extend memdup_user rule with vmemdup_user() coccinelle: api: extend memdup_user transformation with GFP_USER coccinelle: api: add kzfree script coccinelle: misc: add array_size_dup script to detect missed overflow checks coccinelle: api/kstrdup: fix coccinelle position coccinelle: api: add device_attr_show script
-
Linus Torvalds authored
Merge tag 'livepatching-for-5.9' of git://git.kernel.org/pub/scm/linux/kernel/git/livepatching/livepatching Pull livepatching updates from Petr Mladek: "Improvements and cleanups of livepatching selftests" * tag 'livepatching-for-5.9' of git://git.kernel.org/pub/scm/linux/kernel/git/livepatching/livepatching: selftests/livepatch: adopt to newer sysctl error format selftests/livepatch: Use "comm" instead of "diff" for dmesg selftests/livepatch: add test delimiter to dmesg selftests/livepatch: refine dmesg 'taints' in dmesg comparison selftests/livepatch: Don't clear dmesg when running tests selftests/livepatch: fix mem leaks in test-klp-shadow-vars selftests/livepatch: more verification in test-klp-shadow-vars selftests/livepatch: rework test-klp-shadow-vars selftests/livepatch: simplify test-klp-callbacks busy target tests
-
git://github.com/cschaufler/smack-nextLinus Torvalds authored
Pull smack updates from Casey Schaufler: "Minor fixes to Smack for the v5.9 release. All were found by automated checkers and have straightforward resolution" * tag 'Smack-for-5.9' of git://github.com/cschaufler/smack-next: Smack: prevent underflow in smk_set_cipso() Smack: fix another vsscanf out of bounds Smack: fix use-after-free in smk_write_relabel_self()
-
git://git.kernel.org/pub/scm/linux/kernel/git/mips/linuxLinus Torvalds authored
Pull MIPS upates from Thomas Bogendoerfer: - improvements for Loongson64 - extended ingenic support - removal of not maintained paravirt system type - cleanups and fixes * tag 'mips_5.9' of git://git.kernel.org/pub/scm/linux/kernel/git/mips/linux: (81 commits) MIPS: SGI-IP27: always enable NUMA in Kconfig MAINTAINERS: Update KVM/MIPS maintainers MIPS: Update default config file for Loongson-3 MIPS: KVM: Add kvm guest support for Loongson-3 dt-bindings: mips: Document Loongson kvm guest board MIPS: handle Loongson-specific GSExc exception MIPS: add definitions for Loongson-specific CP0.Diag1 register MIPS: only register FTLBPar exception handler for supported models MIPS: ingenic: Hardcode mem size for qi,lb60 board MIPS: DTS: ingenic/qi,lb60: Add model and memory node MIPS: ingenic: Use fw_passed_dtb even if CONFIG_BUILTIN_DTB MIPS: head.S: Init fw_passed_dtb to builtin DTB of: address: Fix parser address/size cells initialization of_address: Guard of_bus_pci_get_flags with CONFIG_PCI MIPS: DTS: Fix number of msi vectors for Loongson64G MIPS: Loongson64: Add ISA node for LS7A PCH MIPS: Loongson64: DTS: Fix ISA and PCI I/O ranges for RS780E PCH MIPS: Loongson64: Enlarge IO_SPACE_LIMIT MIPS: Loongson64: Process ISA Node in DeviceTree of_address: Add bus type match for pci ranges parser ...
-
git://git.armlinux.org.uk/~rmk/linux-armLinus Torvalds authored
Pull ARM updates from Russell King: - add arch/arm/Kbuild from Masahiro Yamada. - simplify act_mm macro, since it contains an open-coded get_thread_info. - VFP updates for Clang from Stefan Agner. - Fix unwinder for Clang from Nathan Huckleberry. - Remove unused it8152 PCI host controller, used by the removed cm-x2xx platforms from Mike Rapoport. - Further explanation of __range_ok(). - Remove kimage_voffset that isn't used anymore from Marc Zyngier. - Drop ancient Thumb-2 workaround for old binutils from Ard Biesheuvel. - Documentation cleanup for mach-* from Pete Zaitcev. * tag 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm: ARM: 8996/1: Documentation/Clean up the description of mach-<class> ARM: 8995/1: drop Thumb-2 workaround for ancient binutils ARM: 8994/1: mm: drop kimage_voffset which was only used by KVM ARM: uaccess: add further explanation of __range_ok() ARM: 8993/1: remove it8152 PCI controller driver ARM: 8992/1: Fix unwind_frame for clang-built kernels ARM: 8991/1: use VFP assembler mnemonics if available ARM: 8990/1: use VFP assembler mnemonics in register load/store macros ARM: 8989/1: use .fpu assembler directives instead of assembler arguments ARM: 8982/1: mm: Simplify act_mm macro ARM: 8981/1: add arch/arm/Kbuild
-
https://github.com/c-sky/csky-linuxLinus Torvalds authored
Pull arch/csky updates from Guo Ren: "New features: - seccomp-filter - err-injection - top-down&random mmap-layout - irq_work - show_ipi - context-tracking Fixes & Optimizations: - kprobe_on_ftrace - optimize panic print" * tag 'csky-for-linus-5.9-rc1' of https://github.com/c-sky/csky-linux: csky: Add context tracking support csky: Add arch_show_interrupts for IPI interrupts csky: Add irq_work support csky: Fixup warning by EXPORT_SYMBOL(kmap) csky: Set CONFIG_NR_CPU 4 as default csky: Use top-down mmap layout csky: Optimize the trap processing flow csky: Add support for function error injection csky: Fixup kprobes handler couldn't change pc csky: Fixup duplicated restore sp in RESTORE_REGS_FTRACE csky: Add cpu feature register hint for smp csky: Add SECCOMP_FILTER supported csky: remove unusued thread_saved_pc and *_segments functions/macros
-
git://github.com/jcmvbkbc/linux-xtensaLinus Torvalds authored
Pull Xtensa updates from Max Filippov: - add syscall audit support - add seccomp filter support - clean up make rules under arch/xtensa/boot - fix state management for exclusive access opcodes - fix build with PMU enabled * tag 'xtensa-20200805' of git://github.com/jcmvbkbc/linux-xtensa: xtensa: add missing exclusive access state management xtensa: fix xtensa_pmu_setup prototype xtensa: add boot subdirectories build artifacts to 'targets' xtensa: add uImage and xipImage to targets xtensa: move vmlinux.bin[.gz] to boot subdirectory xtensa: initialize_mmu.h: fix a duplicated word selftests/seccomp: add xtensa support xtensa: add seccomp support xtensa: expose syscall through user_pt_regs xtensa: add audit support
-
git://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linuxLinus Torvalds authored
Pull hyperv updates from Wei Liu: - A patch series from Andrea to improve vmbus code - Two clean-up patches from Alexander and Randy * tag 'hyperv-next-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux: hyperv: hyperv.h: drop a duplicated word tools: hv: change http to https in hv_kvp_daemon.c Drivers: hv: vmbus: Remove the lock field from the vmbus_channel struct scsi: storvsc: Introduce the per-storvsc_device spinlock Drivers: hv: vmbus: Remove unnecessary channel->lock critical sections (sc_list updaters) Drivers: hv: vmbus: Use channel_mutex in channel_vp_mapping_show() Drivers: hv: vmbus: Remove unnecessary channel->lock critical sections (sc_list readers) Drivers: hv: vmbus: Replace cpumask_test_cpu(, cpu_online_mask) with cpu_online() Drivers: hv: vmbus: Remove the numa_node field from the vmbus_channel struct Drivers: hv: vmbus: Remove the target_vp field from the vmbus_channel struct
-
Randy Dunlap authored
Drop duplicated words in sound/pci/. {and, the, at} Signed-off-by:Takashi Iwai <tiwai@suse.de>
-
Randy Dunlap authored
Drop duplicated words in sound/isa/. {be, bit} Signed-off-by:
-
