1. 06 Apr, 2018 1 commit
  2. 05 Apr, 2018 14 commits
    • David S. Miller's avatar
      Merge branch 'net-tunnel-name-validate' · d68a19f8
      David S. Miller authored
      Eric Dumazet says:
      
      ====================
      net: better validate user provided tunnel names
      
      This series changes dev_valid_name() to not attempt reading
      a possibly too long user-provided device name, then use
      this helper in five different tunnel providers.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d68a19f8
    • Eric Dumazet's avatar
      vti6: better validate user provided tunnel names · 537b361f
      Eric Dumazet authored
      Use valid_name() to make sure user does not provide illegal
      device name.
      
      Fixes: ed1efb2a ("ipv6: Add support for IPsec virtual tunnel interfaces")
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Cc: Steffen Klassert <steffen.klassert@secunet.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      537b361f
    • Eric Dumazet's avatar
      ip6_tunnel: better validate user provided tunnel names · db7a65e3
      Eric Dumazet authored
      Use valid_name() to make sure user does not provide illegal
      device name.
      
      Fixes: 1da177e4 ("Linux-2.6.12-rc2")
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      db7a65e3
    • Eric Dumazet's avatar
      ip6_gre: better validate user provided tunnel names · 5f42df01
      Eric Dumazet authored
      Use dev_valid_name() to make sure user does not provide illegal
      device name.
      
      syzbot caught the following bug :
      
      BUG: KASAN: stack-out-of-bounds in strlcpy include/linux/string.h:300 [inline]
      BUG: KASAN: stack-out-of-bounds in ip6gre_tunnel_locate+0x334/0x860 net/ipv6/ip6_gre.c:339
      Write of size 20 at addr ffff8801afb9f7b8 by task syzkaller851048/4466
      
      CPU: 1 PID: 4466 Comm: syzkaller851048 Not tainted 4.16.0+ #1
      Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
      Call Trace:
       __dump_stack lib/dump_stack.c:17 [inline]
       dump_stack+0x1b9/0x29f lib/dump_stack.c:53
       print_address_description+0x6c/0x20b mm/kasan/report.c:256
       kasan_report_error mm/kasan/report.c:354 [inline]
       kasan_report.cold.7+0xac/0x2f5 mm/kasan/report.c:412
       check_memory_region_inline mm/kasan/kasan.c:260 [inline]
       check_memory_region+0x13e/0x1b0 mm/kasan/kasan.c:267
       memcpy+0x37/0x50 mm/kasan/kasan.c:303
       strlcpy include/linux/string.h:300 [inline]
       ip6gre_tunnel_locate+0x334/0x860 net/ipv6/ip6_gre.c:339
       ip6gre_tunnel_ioctl+0x69d/0x12e0 net/ipv6/ip6_gre.c:1195
       dev_ifsioc+0x43e/0xb90 net/core/dev_ioctl.c:334
       dev_ioctl+0x69a/0xcc0 net/core/dev_ioctl.c:525
       sock_ioctl+0x47e/0x680 net/socket.c:1015
       vfs_ioctl fs/ioctl.c:46 [inline]
       file_ioctl fs/ioctl.c:500 [inline]
       do_vfs_ioctl+0x1cf/0x1650 fs/ioctl.c:684
       ksys_ioctl+0xa9/0xd0 fs/ioctl.c:701
       SYSC_ioctl fs/ioctl.c:708 [inline]
       SyS_ioctl+0x24/0x30 fs/ioctl.c:706
       do_syscall_64+0x29e/0x9d0 arch/x86/entry/common.c:287
       entry_SYSCALL_64_after_hwframe+0x42/0xb7
      
      Fixes: c12b395a ("gre: Support GRE over IPv6")
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Reported-by: default avatarsyzbot <syzkaller@googlegroups.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      5f42df01
    • Eric Dumazet's avatar
      ipv6: sit: better validate user provided tunnel names · b95211e0
      Eric Dumazet authored
      Use dev_valid_name() to make sure user does not provide illegal
      device name.
      
      syzbot caught the following bug :
      
      BUG: KASAN: stack-out-of-bounds in strlcpy include/linux/string.h:300 [inline]
      BUG: KASAN: stack-out-of-bounds in ipip6_tunnel_locate+0x63b/0xaa0 net/ipv6/sit.c:254
      Write of size 33 at addr ffff8801b64076d8 by task syzkaller932654/4453
      
      CPU: 0 PID: 4453 Comm: syzkaller932654 Not tainted 4.16.0+ #1
      Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
      Call Trace:
       __dump_stack lib/dump_stack.c:17 [inline]
       dump_stack+0x1b9/0x29f lib/dump_stack.c:53
       print_address_description+0x6c/0x20b mm/kasan/report.c:256
       kasan_report_error mm/kasan/report.c:354 [inline]
       kasan_report.cold.7+0xac/0x2f5 mm/kasan/report.c:412
       check_memory_region_inline mm/kasan/kasan.c:260 [inline]
       check_memory_region+0x13e/0x1b0 mm/kasan/kasan.c:267
       memcpy+0x37/0x50 mm/kasan/kasan.c:303
       strlcpy include/linux/string.h:300 [inline]
       ipip6_tunnel_locate+0x63b/0xaa0 net/ipv6/sit.c:254
       ipip6_tunnel_ioctl+0xe71/0x241b net/ipv6/sit.c:1221
       dev_ifsioc+0x43e/0xb90 net/core/dev_ioctl.c:334
       dev_ioctl+0x69a/0xcc0 net/core/dev_ioctl.c:525
       sock_ioctl+0x47e/0x680 net/socket.c:1015
       vfs_ioctl fs/ioctl.c:46 [inline]
       file_ioctl fs/ioctl.c:500 [inline]
       do_vfs_ioctl+0x1cf/0x1650 fs/ioctl.c:684
       ksys_ioctl+0xa9/0xd0 fs/ioctl.c:701
       SYSC_ioctl fs/ioctl.c:708 [inline]
       SyS_ioctl+0x24/0x30 fs/ioctl.c:706
       do_syscall_64+0x29e/0x9d0 arch/x86/entry/common.c:287
       entry_SYSCALL_64_after_hwframe+0x42/0xb7
      
      Fixes: 1da177e4 ("Linux-2.6.12-rc2")
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Reported-by: default avatarsyzbot <syzkaller@googlegroups.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      b95211e0
    • Eric Dumazet's avatar
      ip_tunnel: better validate user provided tunnel names · 9cb726a2
      Eric Dumazet authored
      Use dev_valid_name() to make sure user does not provide illegal
      device name.
      
      syzbot caught the following bug :
      
      BUG: KASAN: stack-out-of-bounds in strlcpy include/linux/string.h:300 [inline]
      BUG: KASAN: stack-out-of-bounds in __ip_tunnel_create+0xca/0x6b0 net/ipv4/ip_tunnel.c:257
      Write of size 20 at addr ffff8801ac79f810 by task syzkaller268107/4482
      
      CPU: 0 PID: 4482 Comm: syzkaller268107 Not tainted 4.16.0+ #1
      Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
      Call Trace:
       __dump_stack lib/dump_stack.c:17 [inline]
       dump_stack+0x1b9/0x29f lib/dump_stack.c:53
       print_address_description+0x6c/0x20b mm/kasan/report.c:256
       kasan_report_error mm/kasan/report.c:354 [inline]
       kasan_report.cold.7+0xac/0x2f5 mm/kasan/report.c:412
       check_memory_region_inline mm/kasan/kasan.c:260 [inline]
       check_memory_region+0x13e/0x1b0 mm/kasan/kasan.c:267
       memcpy+0x37/0x50 mm/kasan/kasan.c:303
       strlcpy include/linux/string.h:300 [inline]
       __ip_tunnel_create+0xca/0x6b0 net/ipv4/ip_tunnel.c:257
       ip_tunnel_create net/ipv4/ip_tunnel.c:352 [inline]
       ip_tunnel_ioctl+0x818/0xd40 net/ipv4/ip_tunnel.c:861
       ipip_tunnel_ioctl+0x1c5/0x420 net/ipv4/ipip.c:350
       dev_ifsioc+0x43e/0xb90 net/core/dev_ioctl.c:334
       dev_ioctl+0x69a/0xcc0 net/core/dev_ioctl.c:525
       sock_ioctl+0x47e/0x680 net/socket.c:1015
       vfs_ioctl fs/ioctl.c:46 [inline]
       file_ioctl fs/ioctl.c:500 [inline]
       do_vfs_ioctl+0x1cf/0x1650 fs/ioctl.c:684
       ksys_ioctl+0xa9/0xd0 fs/ioctl.c:701
       SYSC_ioctl fs/ioctl.c:708 [inline]
       SyS_ioctl+0x24/0x30 fs/ioctl.c:706
       do_syscall_64+0x29e/0x9d0 arch/x86/entry/common.c:287
       entry_SYSCALL_64_after_hwframe+0x42/0xb7
      
      Fixes: c5441932 ("GRE: Refactor GRE tunneling code.")
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Reported-by: default avatarsyzbot <syzkaller@googlegroups.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      9cb726a2
    • Eric Dumazet's avatar
      net: fool proof dev_valid_name() · a9d48205
      Eric Dumazet authored
      We want to use dev_valid_name() to validate tunnel names,
      so better use strnlen(name, IFNAMSIZ) than strlen(name) to make
      sure to not upset KASAN.
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      a9d48205
    • Linus Torvalds's avatar
      Merge tag 'char-misc-4.17-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc · 06dd3dfe
      Linus Torvalds authored
      Pull char/misc updates from Greg KH:
       "Here is the big set of char/misc driver patches for 4.17-rc1.
      
        There are a lot of little things in here, nothing huge, but all
        important to the different hardware types involved:
      
         -  thunderbolt driver updates
      
         -  parport updates (people still care...)
      
         -  nvmem driver updates
      
         -  mei updates (as always)
      
         -  hwtracing driver updates
      
         -  hyperv driver updates
      
         -  extcon driver updates
      
         -  ... and a handful of even smaller driver subsystem and individual
            driver updates
      
        All of these have been in linux-next with no reported issues"
      
      * tag 'char-misc-4.17-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc: (149 commits)
        hwtracing: Add HW tracing support menu
        intel_th: Add ACPI glue layer
        intel_th: Allow forcing host mode through drvdata
        intel_th: Pick up irq number from resources
        intel_th: Don't touch switch routing in host mode
        intel_th: Use correct method of finding hub
        intel_th: Add SPDX GPL-2.0 header to replace GPLv2 boilerplate
        stm class: Make dummy's master/channel ranges configurable
        stm class: Add SPDX GPL-2.0 header to replace GPLv2 boilerplate
        MAINTAINERS: Bestow upon myself the care for drivers/hwtracing
        hv: add SPDX license id to Kconfig
        hv: add SPDX license to trace
        Drivers: hv: vmbus: do not mark HV_PCIE as perf_device
        Drivers: hv: vmbus: respect what we get from hv_get_synint_state()
        /dev/mem: Avoid overwriting "err" in read_mem()
        eeprom: at24: use SPDX identifier instead of GPL boiler-plate
        eeprom: at24: simplify the i2c functionality checking
        eeprom: at24: fix a line break
        eeprom: at24: tweak newlines
        eeprom: at24: refactor at24_probe()
        ...
      06dd3dfe
    • Linus Torvalds's avatar
      Merge tag 'driver-core-4.17-rc1' of... · 38047d5c
      Linus Torvalds authored
      Merge tag 'driver-core-4.17-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core
      
      Pull driver core updates from Greg KH:
       "Here is the "big" set of driver core patches for 4.17-rc1.
      
        There's really not much here, just a bunch of firmware code
        refactoring from Luis as he attempts to wrangle that codebase into
        something that is managable, along with a bunch of userspace tests for
        it. Other than that, a handful of small bugfixes and reverts of things
        that didn't work out.
      
        Full details are in the shortlog, it's not all that much.
      
        All of these have been in linux-next for a while with no reported
        issues"
      
      * tag 'driver-core-4.17-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core: (30 commits)
        drivers: base: remove check for callback in coredump_store()
        mt7601u: use firmware_request_cache() to address cache on reboot
        firmware: add firmware_request_cache() to help with cache on reboot
        firmware: fix typo on pr_info_once() when ignore_sysfs_fallback is used
        firmware: explicitly include vmalloc.h
        firmware: ensure the firmware cache is not used on incompatible calls
        test_firmware: modify custom fallback tests to use unique files
        firmware: add helper to check to see if fw cache is setup
        firmware: fix checking for return values for fw_add_devm_name()
        rename: _request_firmware_load() fw_load_sysfs_fallback()
        test_firmware: test three firmware kernel configs using a proc knob
        test_firmware: expand on library with shared helpers
        firmware: enable to force disable the fallback mechanism at run time
        firmware: enable run time change of forcing fallback loader
        firmware: move firmware loader into its own directory
        firmware: split firmware fallback functionality into its own file
        firmware: move loading timeout under struct firmware_fallback_config
        firmware: use helpers for setting up a temporary cache timeout
        firmware: simplify CONFIG_FW_LOADER_USER_HELPER_FALLBACK further
        drivers: base: add description for .coredump() callback
        ...
      38047d5c
    • Linus Torvalds's avatar
      Merge tag 'staging-4.17-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging · df34df48
      Linus Torvalds authored
      Pull staging/IIO updates from Greg KH:
       "Here is the big set of Staging/IIO driver patches for 4.17-rc1.
      
        It is a lot, over 500 changes, but not huge by previous kernel release
        standards. We deleted more lines than we added again (27k added vs.
        91k remvoed), thanks to finally being able to delete the IRDA drivers
        and networking code.
      
        We also deleted the ccree crypto driver, but that's coming back in
        through the crypto tree to you, in a much cleaned-up form.
      
        Added this round is at lot of "mt7621" device support, which is for an
        embedded device that Neil Brown cares about, and of course a handful
        of new IIO drivers as well.
      
        And finally, the fsl-mc core code moved out of the staging tree to the
        "real" part of the kernel, which is nice to see happen as well.
      
        Full details are in the shortlog, which has all of the tiny cleanup
        patches described.
      
        All of these have been in linux-next for a while with no reported
        issues"
      
      * tag 'staging-4.17-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging: (579 commits)
        staging: rtl8723bs: Remove yield call, replace with cond_resched()
        staging: rtl8723bs: Replace yield() call with cond_resched()
        staging: rtl8723bs: Remove unecessary newlines from 'odm.h'.
        staging: rtl8723bs: Rework 'struct _ODM_Phy_Status_Info_' coding style.
        staging: rtl8723bs: Rework 'struct _ODM_Per_Pkt_Info_' coding style.
        staging: rtl8723bs: Replace NULL pointer comparison with '!'.
        staging: rtl8723bs: Factor out rtl8723bs_recv_tasklet() sections.
        staging: rtl8723bs: Fix function signature that goes over 80 characters.
        staging: rtl8723bs: Fix lines too long in update_recvframe_attrib().
        staging: rtl8723bs: Remove unnecessary blank lines in 'rtl8723bs_recv.c'.
        staging: rtl8723bs: Change camel case to snake case in 'rtl8723bs_recv.c'.
        staging: rtl8723bs: Add missing braces in else statement.
        staging: rtl8723bs: Add spaces around ternary operators.
        staging: rtl8723bs: Fix lines with trailing open parentheses.
        staging: rtl8723bs: Remove unnecessary length #define's.
        staging: rtl8723bs: Fix IEEE80211 authentication algorithm constants.
        staging: rtl8723bs: Fix alignment in rtw_wx_set_auth().
        staging: rtl8723bs: Remove braces from single statement conditionals.
        staging: rtl8723bs: Remove unecessary braces from switch statement.
        staging: rtl8723bs: Fix newlines in rtw_wx_set_auth().
        ...
      df34df48
    • Linus Torvalds's avatar
      Merge tag 'tty-4.17-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty · 9abf8ace
      Linus Torvalds authored
      Pull tty/serial driver updates from Greg KH:
       "Here is the big set of tty and serial driver patches for 4.17-rc1
      
        Not all that big really, most are just small fixes and additions to
        existing drivers. There's a bunch of work on the imx serial driver
        recently for some reason, and a new embedded serial driver added as
        well.
      
        Full details are in the shortlog.
      
        All of these have been in the linux-next tree for a while with no
        reported issues"
      
      * tag 'tty-4.17-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty: (66 commits)
        serial: expose buf_overrun count through proc interface
        serial: mvebu-uart: fix tx lost characters
        tty: serial: msm_geni_serial: Fix return value check in qcom_geni_serial_probe()
        tty: serial: msm_geni_serial: Add serial driver support for GENI based QUP
        8250-men-mcb: add support for 16z025 and 16z057
        powerpc: Mark the variable earlycon_acpi_spcr_enable maybe_unused
        serial: stm32: fix initialization of RS485 mode
        ARM: dts: STi: Remove "console=ttyASN" from bootargs for STi boards
        vt: change SGR 21 to follow the standards
        serdev: Fix typo in serdev_device_alloc
        ARM: dts: STi: Fix aliases property name for STi boards
        tty: st-asc: Update tty alias
        serial: stm32: add support for RS485 hardware control mode
        dt-bindings: serial: stm32: add RS485 optional properties
        selftests: add devpts selftests
        devpts: comment devpts_mntget()
        devpts: resolve devpts bind-mounts
        devpts: hoist out check for DEVPTS_SUPER_MAGIC
        serial: 8250: Add Nuvoton NPCM UART
        serial: mxs-auart: disable clks of Alphascale ASM9260
        ...
      9abf8ace
    • Linus Torvalds's avatar
      Merge tag 'usb-4.17-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb · ac9053d2
      Linus Torvalds authored
      Pull USB/PHY updates from Greg KH:
       "Here is the big set of USB and PHY driver patches for 4.17-rc1.
      
        Lots of USB typeC work happened this round, with code moving from the
        staging directory into the "real" part of the kernel, as well as new
        infrastructure being added to be able to handle the different types of
        "roles" that typeC requires.
      
        There is also the normal huge set of USB gadget controller and driver
        updates, along with XHCI changes, and a raft of other tiny fixes all
        over the USB tree. And the PHY driver updates are merged in here as
        well as they interacted with the USB drivers in some places.
      
        All of these have been in linux-next for a while with no reported
        issues"
      
      * tag 'usb-4.17-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: (250 commits)
        Revert "USB: serial: ftdi_sio: add Id for Physik Instrumente E-870"
        usb: musb: gadget: misplaced out of bounds check
        usb: chipidea: imx: Fix ULPI on imx53
        usb: chipidea: imx: Cleanup ci_hdrc_imx_platform_flag
        usb: chipidea: usbmisc: small clean up
        usb: chipidea: usbmisc: evdo can be set e/o reset
        usb: chipidea: usbmisc: evdo is only specific to OTG port
        USB: serial: ftdi_sio: add Id for Physik Instrumente E-870
        usb: dwc3: gadget: never call ->complete() from ->ep_queue()
        usb: gadget: udc: core: update usb_ep_queue() documentation
        usb: host: Remove the deprecated ATH79 USB host config options
        usb: roles: Fix return value check in intel_xhci_usb_probe()
        USB: gadget: f_midi: fixing a possible double-free in f_midi
        usb: core: Add USB_QUIRK_DELAY_CTRL_MSG to usbcore quirks
        usb: core: Copy parameter string correctly and remove superfluous null check
        USB: announce bcdDevice as well as idVendor, idProduct.
        USB:fix USB3 devices behind USB3 hubs not resuming at hibernate thaw
        usb: hub: Reduce warning to notice on power loss
        USB: serial: ftdi_sio: add support for Harman FirmwareHubEmulator
        USB: serial: cp210x: add ELDAT Easywave RX09 id
        ...
      ac9053d2
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net · f9ca6a56
      Linus Torvalds authored
      Pull networking fixes from David Miller:
       "This fixes some fallout from the net-next merge the other day, plus
        some non-merge-window-related bug fixes:
      
        1) Fix sparse warnings in bcmgenet, systemport, b53, and mt7530
           (Florian Fainelli)
      
        2) pptp does a bogus dst_release() on a route we have a single
           refcount on, and attached to a socket, which needs that refcount
           (Eric Dumazet)
      
        3) UDP connected sockets on ipv6 can race with route update handling,
           resulting in a pre-PMTU update route still stuck on the socket and
           thus continuing to get ICMPV6_PKT_TOOBIG errors. We end up never
           seeing the updated route. (Alexey Kodanev)
      
        4) Missing list initializer(s) in TIPC (Jon Maloy)
      
        5) Connect phy early to prevent crashes in lan78xx driver (Alexander
           Graf)
      
        6) Fix build with modular NVMEM (Arnd Bergmann)
      
        7) netdevsim canot mark nsim_devlink_net_ops and nsim_fib_net_ops as
           __net_initdata, as these are references from module unload
           unconditionally (Arnd Bergmann)"
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (23 commits)
        netdevsim: remove incorrect __net_initdata annotations
        sfc: remove ctpio_dmabuf_start from stats
        inet: frags: fix ip6frag_low_thresh boundary
        tipc: Fix namespace violation in tipc_sk_fill_sock_diag
        net: avoid unneeded atomic operation in ip*_append_data()
        nvmem: disallow modular CONFIG_NVMEM
        net: hns3: fix length overflow when CONFIG_ARM64_64K_PAGES
        nfp: use full 40 bits of the NSP buffer address
        lan78xx: Connect phy early
        nfp: add a separate counter for packets with CHECKSUM_COMPLETE
        tipc: Fix missing list initializations in struct tipc_subscription
        ipv6: udp: set dst cache for a connected sk if current not valid
        ipv6: udp: convert 'connected' to bool type in udpv6_sendmsg()
        ipv6: allow to cache dst for a connected sk in ip6_sk_dst_lookup_flow()
        ipv6: add a wrapper for ip6_dst_store() with flowi6 checks
        net: phy: marvell10g: add thermal hwmon device
        pptp: remove a buggy dst release in pptp_connect()
        net: dsa: mt7530: Use NULL instead of plain integer
        net: dsa: b53: Fix sparse warnings in b53_mmap.c
        af_unix: remove redundant lockdep class
        ...
      f9ca6a56
    • Linus Torvalds's avatar
      Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 · 9eb31227
      Linus Torvalds authored
      Pull crypto updates from Herbert Xu:
       "API:
      
         - add AEAD support to crypto engine
      
         - allow batch registration in simd
      
        Algorithms:
      
         - add CFB mode
      
         - add speck block cipher
      
         - add sm4 block cipher
      
         - new test case for crct10dif
      
         - improve scheduling latency on ARM
      
         - scatter/gather support to gcm in aesni
      
         - convert x86 crypto algorithms to skcihper
      
        Drivers:
      
         - hmac(sha224/sha256) support in inside-secure
      
         - aes gcm/ccm support in stm32
      
         - stm32mp1 support in stm32
      
         - ccree driver from staging tree
      
         - gcm support over QI in caam
      
         - add ks-sa hwrng driver"
      
      * 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (212 commits)
        crypto: ccree - remove unused enums
        crypto: ahash - Fix early termination in hash walk
        crypto: brcm - explicitly cast cipher to hash type
        crypto: talitos - don't leak pointers to authenc keys
        crypto: qat - don't leak pointers to authenc keys
        crypto: picoxcell - don't leak pointers to authenc keys
        crypto: ixp4xx - don't leak pointers to authenc keys
        crypto: chelsio - don't leak pointers to authenc keys
        crypto: caam/qi - don't leak pointers to authenc keys
        crypto: caam - don't leak pointers to authenc keys
        crypto: lrw - Free rctx->ext with kzfree
        crypto: talitos - fix IPsec cipher in length
        crypto: Deduplicate le32_to_cpu_array() and cpu_to_le32_array()
        crypto: doc - clarify hash callbacks state machine
        crypto: api - Keep failed instances alive
        crypto: api - Make crypto_alg_lookup static
        crypto: api - Remove unused crypto_type lookup function
        crypto: chelsio - Remove declaration of static function from header
        crypto: inside-secure - hmac(sha224) support
        crypto: inside-secure - hmac(sha256) support
        ..
      9eb31227
  3. 04 Apr, 2018 25 commits
    • Linus Torvalds's avatar
      Merge tag 'riscv-for-linus-4.17-mw0' of... · 527cd207
      Linus Torvalds authored
      Merge tag 'riscv-for-linus-4.17-mw0' of git://git.kernel.org/pub/scm/linux/kernel/git/palmer/riscv-linux
      
      Pull RISC-V updates from Palmer Dabbelt:
       "This contains the new features we'd like to incorporate into the
        RISC-V port for 4.17. We might have a bit more stuff land later in the
        merge window, but I wanted to get this out earlier just so everyone
        can see where we currently stand.
      
        A short summary of the changes is:
      
         - We've added support for dynamic ftrace on RISC-V targets.
      
         - There have been a handful of cleanups to our atomic and locking
           routines. They now more closely match the released RISC-V memory
           model draft.
      
         - Our module loading support has been cleaned up and is now enabled
           by default, despite some limitations still existing.
      
         - A patch to define COMMANDLINE_FORCE instead of COMMANDLINE_OVERRIDE
           so the generic device tree code picks up handling all our command
           line stuff.
      
        There's more information in the merge commits for each patch set"
      
      * tag 'riscv-for-linus-4.17-mw0' of git://git.kernel.org/pub/scm/linux/kernel/git/palmer/riscv-linux: (21 commits)
        RISC-V: Rename CONFIG_CMDLINE_OVERRIDE to CONFIG_CMDLINE_FORCE
        RISC-V: Add definition of relocation types
        RISC-V: Enable module support in defconfig
        RISC-V: Support SUB32 relocation type in kernel module
        RISC-V: Support ADD32 relocation type in kernel module
        RISC-V: Support ALIGN relocation type in kernel module
        RISC-V: Support RVC_BRANCH/JUMP relocation type in kernel modulewq
        RISC-V: Support HI20/LO12_I/LO12_S relocation type in kernel module
        RISC-V: Support CALL relocation type in kernel module
        RISC-V: Support GOT_HI20/CALL_PLT relocation type in kernel module
        RISC-V: Add section of GOT.PLT for kernel module
        RISC-V: Add sections of PLT and GOT for kernel module
        riscv/atomic: Strengthen implementations with fences
        riscv/spinlock: Strengthen implementations with fences
        riscv/barrier: Define __smp_{store_release,load_acquire}
        riscv/ftrace: Add HAVE_FUNCTION_GRAPH_RET_ADDR_PTR support
        riscv/ftrace: Add DYNAMIC_FTRACE_WITH_REGS support
        riscv/ftrace: Add ARCH_SUPPORTS_FTRACE_OPS support
        riscv/ftrace: Add dynamic function graph tracer support
        riscv/ftrace: Add dynamic function tracer support
        ...
      527cd207
    • Linus Torvalds's avatar
      Merge tag 'arm64-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux · 23221d99
      Linus Torvalds authored
      Pull arm64 updates from Will Deacon:
       "Nothing particularly stands out here, probably because people were
        tied up with spectre/meltdown stuff last time around. Still, the main
        pieces are:
      
         - Rework of our CPU features framework so that we can whitelist CPUs
           that don't require kpti even in a heterogeneous system
      
         - Support for the IDC/DIC architecture extensions, which allow us to
           elide instruction and data cache maintenance when writing out
           instructions
      
         - Removal of the large memory model which resulted in suboptimal
           codegen by the compiler and increased the use of literal pools,
           which could potentially be used as ROP gadgets since they are
           mapped as executable
      
         - Rework of forced signal delivery so that the siginfo_t is
           well-formed and handling of show_unhandled_signals is consolidated
           and made consistent between different fault types
      
         - More siginfo cleanup based on the initial patches from Eric
           Biederman
      
         - Workaround for Cortex-A55 erratum #1024718
      
         - Some small ACPI IORT updates and cleanups from Lorenzo Pieralisi
      
         - Misc cleanups and non-critical fixes"
      
      * tag 'arm64-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux: (70 commits)
        arm64: uaccess: Fix omissions from usercopy whitelist
        arm64: fpsimd: Split cpu field out from struct fpsimd_state
        arm64: tlbflush: avoid writing RES0 bits
        arm64: cmpxchg: Include linux/compiler.h in asm/cmpxchg.h
        arm64: move percpu cmpxchg implementation from cmpxchg.h to percpu.h
        arm64: cmpxchg: Include build_bug.h instead of bug.h for BUILD_BUG
        arm64: lse: Include compiler_types.h and export.h for out-of-line LL/SC
        arm64: fpsimd: include <linux/init.h> in fpsimd.h
        drivers/perf: arm_pmu_platform: do not warn about affinity on uniprocessor
        perf: arm_spe: include linux/vmalloc.h for vmap()
        Revert "arm64: Revert L1_CACHE_SHIFT back to 6 (64-byte cache line size)"
        arm64: cpufeature: Avoid warnings due to unused symbols
        arm64: Add work around for Arm Cortex-A55 Erratum 1024718
        arm64: Delay enabling hardware DBM feature
        arm64: Add MIDR encoding for Arm Cortex-A55 and Cortex-A35
        arm64: capabilities: Handle shared entries
        arm64: capabilities: Add support for checks based on a list of MIDRs
        arm64: Add helpers for checking CPU MIDR against a range
        arm64: capabilities: Clean up midr range helpers
        arm64: capabilities: Change scope of VHE to Boot CPU feature
        ...
      23221d99
    • Linus Torvalds's avatar
      Merge branch 'irq-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 5b1f3dc9
      Linus Torvalds authored
      Pull irq updates from Thomas Gleixner:
       "The usual pile of boring changes:
      
         - Consolidate tasklet functions to share code instead of duplicating
           it
      
         - The first step for making the low level entry handler management on
           multi-platform kernels generic
      
         - A new sysfs file which allows to retrieve the wakeup state of
           interrupts.
      
         - Ensure that the interrupt thread follows the effective affinity and
           not the programmed affinity to avoid cross core wakeups.
      
         - Two new interrupt controller drivers (Microsemi Ocelot and Qualcomm
           PDC)
      
         - Fix the wakeup path clock handling for Reneasas interrupt chips.
      
         - Rework the boot time register reset for ARM GIC-V2/3
      
         - Better suspend/resume support for ARM GIV-V3/ITS
      
         - Add missing locking to the ARM GIC set_type() callback
      
         - Small fixes for the irq simulator code
      
         - SPDX identifiers for the irq core code and removal of boiler plate
      
         - Small cleanups all over the place"
      
      * 'irq-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (37 commits)
        openrisc: Set CONFIG_MULTI_IRQ_HANDLER
        arm64: Set CONFIG_MULTI_IRQ_HANDLER
        genirq: Make GENERIC_IRQ_MULTI_HANDLER depend on !MULTI_IRQ_HANDLER
        irqchip/gic: Take lock when updating irq type
        irqchip/gic: Update supports_deactivate static key to modern api
        irqchip/gic-v3: Ensure GICR_CTLR.EnableLPI=0 is observed before enabling
        irqchip: Add a driver for the Microsemi Ocelot controller
        dt-bindings: interrupt-controller: Add binding for the Microsemi Ocelot interrupt controller
        irqchip/gic-v3: Probe for SCR_EL3 being clear before resetting AP0Rn
        irqchip/gic-v3: Don't try to reset AP0Rn
        irqchip/gic-v3: Do not check trigger configuration of partitionned LPIs
        genirq: Remove license boilerplate/references
        genirq: Add missing SPDX identifiers
        genirq/matrix: Cleanup SPDX identifier
        genirq: Cleanup top of file comments
        genirq: Pass desc to __irq_free instead of irq number
        irqchip/gic-v3: Loudly complain about the use of IRQ_TYPE_NONE
        irqchip/gic: Loudly complain about the use of IRQ_TYPE_NONE
        RISC-V: Move to the new GENERIC_IRQ_MULTI_HANDLER handler
        genirq: Add CONFIG_GENERIC_IRQ_MULTI_HANDLER
        ...
      5b1f3dc9
    • Linus Torvalds's avatar
      Merge branch 'timers-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 680014d6
      Linus Torvalds authored
      Pull time(r) updates from Thomas Gleixner:
       "A small set of updates for timers and timekeeping:
      
         - The most interesting change is the consolidation of clock MONOTONIC
           and clock BOOTTIME.
      
           Clock MONOTONIC behaves now exactly like clock BOOTTIME and does
           not longer ignore the time spent in suspend. A new clock
           MONOTONIC_ACTIVE is provived which behaves like clock MONOTONIC in
           kernels before this change. This allows applications to
           programmatically check for the clock MONOTONIC behaviour.
      
           As discussed in the review thread, this has the potential of
           breaking user space and we might have to revert this. Knock on wood
           that we can avoid that exercise.
      
         - Updates to the NTP mechanism to improve accuracy
      
         - A new kernel internal data structure to aid the ongoing Y2038 work.
      
         - Cleanups and simplifications of the clocksource code.
      
         - Make the alarmtimer code play nicely with debugobjects"
      
      * 'timers-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        alarmtimer: Init nanosleep alarm timer on stack
        y2038: Introduce struct __kernel_old_timeval
        tracing: Unify the "boot" and "mono" tracing clocks
        hrtimer: Unify MONOTONIC and BOOTTIME clock behavior
        posix-timers: Unify MONOTONIC and BOOTTIME clock behavior
        timekeeping: Remove boot time specific code
        Input: Evdev - unify MONOTONIC and BOOTTIME clock behavior
        timekeeping: Make the MONOTONIC clock behave like the BOOTTIME clock
        timekeeping: Add the new CLOCK_MONOTONIC_ACTIVE clock
        timekeeping/ntp: Determine the multiplier directly from NTP tick length
        timekeeping/ntp: Don't align NTP frequency adjustments to ticks
        clocksource: Use ATTRIBUTE_GROUPS
        clocksource: Use DEVICE_ATTR_RW/RO/WO to define device attributes
        clocksource: Don't walk the clocksource list for empty override
      680014d6
    • Linus Torvalds's avatar
      Merge tag 'random_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/random · 0c21fd6e
      Linus Torvalds authored
      Pull /dev/random updates from Ted Ts'o:
       "A few random (cough, cough) cleanups for the /dev/random driver"
      
      * tag 'random_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/random:
        drivers/char/random.c: remove unused dont_count_entropy
        random: optimize add_interrupt_randomness
        random: always fill buffer in get_random_bytes_wait
        random: use a tighter cap in credit_entropy_bits_safe()
      0c21fd6e
    • Linus Torvalds's avatar
      Merge tag 'ext4_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4 · 3e968c9f
      Linus Torvalds authored
      Pull ext4 updates from Ted Ts'o:
       "Cleanups and bugfixes for ext4, including some fixes to make ext4 more
        robust against maliciously crafted file system images.
      
        (I still don't recommend that container folks hold any delusions that
        mounting arbitary images that can be crafted by malicious attackers
        should be considered sane thing to do, though!)"
      
      * tag 'ext4_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4: (29 commits)
        ext4: force revalidation of directory pointer after seekdir(2)
        ext4: add extra checks to ext4_xattr_block_get()
        ext4: add bounds checking to ext4_xattr_find_entry()
        ext4: move call to ext4_error() into ext4_xattr_check_block()
        ext4: don't show data=<mode> option if defaulted
        ext4: omit init_itable=n in procfs when disabled
        ext4: show more binary mount options in procfs
        ext4: simplify kobject usage
        ext4: remove unused parameters in sysfs code
        ext4: null out kobject* during sysfs cleanup
        ext4: don't allow r/w mounts if metadata blocks overlap the superblock
        ext4: always initialize the crc32c checksum driver
        ext4: fail ext4_iget for root directory if unallocated
        ext4: limit xattr size to INT_MAX
        ext4: add validity checks for bitmap block numbers
        ext4: fix comments in ext4_swap_extents()
        ext4: use generic_writepages instead of __writepage/write_cache_pages
        ext4: don't complain about incorrect features when probing
        ext4: remove EXT4_STATE_DIOREAD_LOCK flag
        ext4: fix offset overflow on 32-bit archs in ext4_iomap_begin()
        ...
      3e968c9f
    • Linus Torvalds's avatar
      Merge tag '4.17-SMB3-Fixes' of git://git.samba.org/sfrench/cifs-2.6 · a8f8e8ac
      Linus Torvalds authored
      Pull cifs updates from Steve French:
       "Includes SMB3.11 security improvements, as well as various fixes for
        stable and some debugging improvements"
      
      * tag '4.17-SMB3-Fixes' of git://git.samba.org/sfrench/cifs-2.6:
        cifs: Add minor debug message during negprot
        smb3: Fix root directory when server returns inode number of zero
        cifs: fix sparse warning on previous patch in a few printks
        cifs: add server->vals->header_preamble_size
        cifs: smbd: disconnect transport on RDMA errors
        cifs: smbd: avoid reconnect lockup
        Don't log confusing message on reconnect by default
        Don't log expected error on DFS referral request
        fs: cifs: Replace _free_xid call in cifs_root_iget function
        SMB3.1.1 dialect is no longer experimental
        Tree connect for SMB3.1.1 must be signed for non-encrypted shares
        fix smb3-encryption breakage when CONFIG_DEBUG_SG=y
        CIFS: fix sha512 check in cifs_crypto_secmech_release
        CIFS: implement v3.11 preauth integrity
        CIFS: add sha512 secmech
        CIFS: refactor crypto shash/sdesc allocation&free
        Update README file for cifs.ko
        Update TODO list for cifs.ko
        cifs: fix memory leak in SMB2_open()
        CIFS: SMBD: fix spelling mistake: "faield" and "legnth"
      a8f8e8ac
    • Linus Torvalds's avatar
      Merge tag 'gfs2-4.17.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2 · 2bd99df5
      Linus Torvalds authored
      Pull gfs2 updates from Bob Peterson:
       "We've only got nine GFS2 patches for this merge window:
      
         - report journal recovery times more accurately during journal replay
           (Abhi Das)
      
         - fix fallocate chunk size (Andreas Gruenbacher)
      
         - correctly dirty inodes during rename (Andreas Gruenbacher)
      
         - improve the comment for function gfs2_block_map (Andreas
           Gruenbacher)
      
         - improve kernel trace point iomap end: The physical block address
           was added (Andreas Gruenbacher)
      
         - fix a nasty file system corruption bug that surfaced in xfstests
           476 in punch-hole/truncate (Andreas Gruenbacher)
      
         - fix a problem Christoph Helwig pointed out, namely, that GFS2 was
           misusing the IOMAP_ZERO flag. The zeroing of new blocks was moved
           to the proper fallocate code (Andreas Gruenbacher)
      
         - declare function gfs2_remove_from_ail as static (Bob Peterson)
      
         - only set PageChecked for jdata page writes (Bob Peterson)"
      
      * tag 'gfs2-4.17.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2:
        gfs2: time journal recovery steps accurately
        gfs2: Zero out fallocated blocks in fallocate_chunk
        gfs2: Check for the end of metadata in punch_hole
        gfs2: gfs2_iomap_end tracepoint: log block address
        gfs2: Improve gfs2_block_map comment
        GFS2: Only set PageChecked for jdata pages
        GFS2: Make function gfs2_remove_from_ail static
        gfs2: Dirty source inode during rename
        gfs2: Fix fallocate chunk size
      2bd99df5
    • Linus Torvalds's avatar
      Merge tag 'for-4.17-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux · 94514bbe
      Linus Torvalds authored
      Pull btrfs updates from David Sterba:
       "There are a several user visible changes, the rest is mostly invisible
        and continues to clean up the whole code base.
      
        User visible changes:
         - new mount option nossd_spread (pair for ssd_spread)
      
         - mount option subvolid will detect junk after the number and fail
           the mount
      
         - add message after cancelled device replace
      
         - direct module dependency on libcrc32, removed own crc wrappers
      
         - removed user space transaction ioctls
      
         - use lighter locking when reading /proc/self/mounts, RCU instead of
           mutex to avoid unnecessary contention
      
        Enhancements:
         - skip writeback of last page when truncating file to same size
      
         - send: do not issue unnecessary truncate operations
      
         - mount option token specifiers: use %u for unsigned values, more
           validation
      
         - selftests: more tree block validations
      
        qgroups:
         - preparatory work for splitting reservation types for data and
           metadata, this should allow for more accurate tracking and fix some
           issues with underflows or do further enhancements
      
         - split metadata reservations for started and joined transaction so
           they do not get mixed up and are accounted correctly at commit time
      
         - with the above, it's possible to revert patch that potentially
           deadlocks when trying to make more space by explicitly committing
           when the quota limit is hit
      
         - fix root item corruption when multiple same source snapshots are
           created with quota enabled
      
        RAID56:
         - make sure target is identical to source when raid56 rebuild fails
           after dev-replace
      
         - faster rebuild during scrub, batch by stripes and not
           block-by-block
      
         - make more use of cached data when rebuilding from a missing device
      
        Fixes:
         - null pointer deref when device replace target is missing
      
         - fix fsync after hole punching when using no-holes feature
      
         - fix lockdep splat when allocating percpu data with wrong GFP flags
      
        Cleanups, refactoring, core changes:
         - drop redunant parameters from various functions
      
         - kill and opencode trivial helpers
      
         - __cold/__exit function annotations
      
         - dead code removal
      
         - continued audit and documentation of memory barriers
      
         - error handling: handle removal from uuid tree
      
         - error handling: remove handling of impossible condtitons
      
         - more debugging or error messages
      
         - updated tracepoints
      
         - one VLA use removal (and one still left)"
      
      * tag 'for-4.17-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux: (164 commits)
        btrfs: lift errors from add_extent_changeset to the callers
        Btrfs: print error messages when failing to read trees
        btrfs: user proper type for btrfs_mask_flags flags
        btrfs: split dev-replace locking helpers for read and write
        btrfs: remove stale comments about fs_mutex
        btrfs: use RCU in btrfs_show_devname for device list traversal
        btrfs: update barrier in should_cow_block
        btrfs: use lockdep_assert_held for mutexes
        btrfs: use lockdep_assert_held for spinlocks
        btrfs: Validate child tree block's level and first key
        btrfs: tests/qgroup: Fix wrong tree backref level
        Btrfs: fix copy_items() return value when logging an inode
        Btrfs: fix fsync after hole punching when using no-holes feature
        btrfs: use helper to set ulist aux from a qgroup
        Revert "btrfs: qgroups: Retry after commit on getting EDQUOT"
        btrfs: qgroup: Update trace events for metadata reservation
        btrfs: qgroup: Use root::qgroup_meta_rsv_* to record qgroup meta reserved space
        btrfs: delayed-inode: Use new qgroup meta rsv for delayed inode and item
        btrfs: qgroup: Use separate meta reservation type for delalloc
        btrfs: qgroup: Introduce function to convert META_PREALLOC into META_PERTRANS
        ...
      94514bbe
    • Linus Torvalds's avatar
      Merge tag 'xfs-4.17-merge-1' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux · 547c43d7
      Linus Torvalds authored
      Pull xfs updates from Darrick Wong:
       "Here's the first round of fixes for XFS for 4.17.
      
        The biggest new features this time around are the addition of lazytime
        support, further enhancement of the on-disk inode metadata verifiers,
        and a patch to smooth over some of the AGFL padding problems that have
        intermittently plagued users since 4.5. I forsee sending a second pull
        request next week with further bug fixes and speedups in the online
        scrub code and elsewhere.
      
        This series has been run through a full xfstests run over the weekend
        and through a quick xfstests run against this morning's master, with
        no major failures reported.
      
        Summary of changes for this release:
      
         - Various cleanups and code fixes
      
         - Implement lazytime as a mount option
      
         - Convert various on-disk metadata checks from asserts to -EFSCORRUPTED
      
         - Fix accounting problems with the rmap per-ag reservations
      
         - Refactorings and cleanups for xfs_log_force
      
         - Various bugfixes for the reflink code
      
         - Work around v5 AGFL padding problems to prevent fs shutdowns
      
         - Establish inode fork verifiers to inspect on-disk metadata
           correctness
      
         - Various online scrub fixes
      
         - Fix v5 swapext blowing up on deleted inodes"
      
      * tag 'xfs-4.17-merge-1' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux: (49 commits)
        xfs: do not log/recover swapext extent owner changes for deleted inodes
        xfs: clean up xfs_mount allocation and dynamic initializers
        xfs: remove dead inode version setting code
        xfs: catch inode allocation state mismatch corruption
        xfs: xfs_scrub_iallocbt_xref_rmap_inodes should use xref_set_corrupt
        xfs: flag inode corruption if parent ptr doesn't get us a real inode
        xfs: don't accept inode buffers with suspicious unlinked chains
        xfs: move inode extent size hint validation to libxfs
        xfs: record inode buf errors as a xref error in inobt scrubber
        xfs: remove xfs_buf parameter from inode scrub methods
        xfs: inode scrubber shouldn't bother with raw checks
        xfs: bmap scrubber should do rmap xref with bmap for sparse files
        xfs: refactor inode buffer verifier error logging
        xfs: refactor inode verifier error logging
        xfs: refactor bmap record validation
        xfs: sanity-check the unused space before trying to use it
        xfs: detect agfl count corruption and reset agfl
        xfs: unwind the try_again loop in xfs_log_force
        xfs: refactor xfs_log_force_lsn
        xfs: minor cleanup for xfs_reflink_end_cow
        ...
      547c43d7
    • Linus Torvalds's avatar
      Merge branch 'work.dcache' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs · 2e08edc5
      Linus Torvalds authored
      Pull vfs dcache updates from Al Viro:
       "Part of this is what the trylock loop elimination series has turned
        into, part making d_move() preserve the parent (and thus the path) of
        victim, plus some general cleanups"
      
      * 'work.dcache' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (22 commits)
        d_genocide: move export to definition
        fold dentry_lock_for_move() into its sole caller and clean it up
        make non-exchanging __d_move() copy ->d_parent rather than swap them
        oprofilefs: don't oops on allocation failure
        lustre: get rid of pointless casts to struct dentry *
        debugfs_lookup(): switch to lookup_one_len_unlocked()
        fold lookup_real() into __lookup_hash()
        take out orphan externs (empty_string/slash_string)
        split d_path() and friends into a separate file
        dcache.c: trim includes
        fs/dcache: Avoid a try_lock loop in shrink_dentry_list()
        get rid of trylock loop around dentry_kill()
        handle move to LRU in retain_dentry()
        dput(): consolidate the "do we need to retain it?" into an inlined helper
        split the slow part of lock_parent() off
        now lock_parent() can't run into killed dentry
        get rid of trylock loop in locking dentries on shrink list
        d_delete(): get rid of trylock loop
        fs/dcache: Move dentry_kill() below lock_parent()
        fs/dcache: Remove stale comment from dentry_kill()
        ...
      2e08edc5
    • Arnd Bergmann's avatar
      netdevsim: remove incorrect __net_initdata annotations · 87248d31
      Arnd Bergmann authored
      The __net_initdata section cannot currently be used for structures that
      get cleaned up in an exitcall using unregister_pernet_operations:
      
      WARNING: vmlinux.o(.text+0x868c34): Section mismatch in reference from the function nsim_devlink_exit() to the (unknown reference) .init.data:(unknown)
      The function nsim_devlink_exit() references
      the (unknown reference) __initdata (unknown).
      This is often because nsim_devlink_exit lacks a __initdata
      annotation or the annotation of (unknown) is wrong.
      WARNING: vmlinux.o(.text+0x868c64): Section mismatch in reference from the function nsim_devlink_init() to the (unknown reference) .init.data:(unknown)
      WARNING: vmlinux.o(.text+0x8692bc): Section mismatch in reference from the function nsim_fib_exit() to the (unknown reference) .init.data:(unknown)
      WARNING: vmlinux.o(.text+0x869300): Section mismatch in reference from the function nsim_fib_init() to the (unknown reference) .init.data:(unknown)
      
      As that warning tells us, discarding the structure after a module is
      loaded would lead to a undefined behavior when that module is removed.
      
      It might be possible to change that annotation so it has no effect for
      loadable modules, but I have not figured out exactly how to do that, and
      we want this to be fixed in -rc1.
      
      This just removes the annotations, just like we do for all other such
      modules.
      
      Fixes: 37923ed6 ("netdevsim: Add simple FIB resource controller via devlink")
      Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      87248d31
    • Bert Kenward's avatar
      sfc: remove ctpio_dmabuf_start from stats · 458bd99e
      Bert Kenward authored
      The ctpio_dmabuf_start entry is not actually a stat and shouldn't
      be exposed to ethtool.
      
      Fixes: 2c0b6ee8 ("sfc: expose CTPIO stats on NICs that support them")
      Signed-off-by: default avatarBert Kenward <bkenward@solarflare.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      458bd99e
    • Eric Dumazet's avatar
      inet: frags: fix ip6frag_low_thresh boundary · 3d234012
      Eric Dumazet authored
      Giving an integer to proc_doulongvec_minmax() is dangerous on 64bit arches,
      since linker might place next to it a non zero value preventing a change
      to ip6frag_low_thresh.
      
      ip6frag_low_thresh is not used anymore in the kernel, but we do not
      want to prematuraly break user scripts wanting to change it.
      
      Since specifying a minimal value of 0 for proc_doulongvec_minmax()
      is moot, let's remove these zero values in all defrag units.
      
      Fixes: 6e00f7dd ("ipv6: frags: fix /proc/sys/net/ipv6/ip6frag_low_thresh")
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Reported-by: default avatarMaciej Żenczykowski <maze@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      3d234012
    • GhantaKrishnamurthy MohanKrishna's avatar
      tipc: Fix namespace violation in tipc_sk_fill_sock_diag · 4b2e6877
      GhantaKrishnamurthy MohanKrishna authored
      To fetch UID info for socket diagnostics, we determine the
      namespace of user context using tipc socket instance. This
      may cause namespace violation, as the kernel will remap based
      on UID.
      
      We fix this by fetching namespace info using the calling userspace
      netlink socket.
      
      Fixes: c30b70de (tipc: implement socket diagnostics for AF_TIPC)
      Reported-by: syzbot+326e587eff1074657718@syzkaller.appspotmail.com
      Acked-by: default avatarJon Maloy <jon.maloy@ericsson.com>
      Signed-off-by: default avatarGhantaKrishnamurthy MohanKrishna <mohan.krishna.ghanta.krishnamurthy@ericsson.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      4b2e6877
    • Paolo Abeni's avatar
      net: avoid unneeded atomic operation in ip*_append_data() · 9e8445a5
      Paolo Abeni authored
      After commit 694aba69 ("ipv4: factorize sk_wmem_alloc updates
      done by __ip_append_data()") and commit 1f4c6eb2 ("ipv6:
      factorize sk_wmem_alloc updates done by __ip6_append_data()"),
      when transmitting sub MTU datagram, an addtional, unneeded atomic
      operation is performed in ip*_append_data() to update wmem_alloc:
      in the above condition the delta is 0.
      
      The above cause small but measurable performance regression in UDP
      xmit tput test with packet size below MTU.
      
      This change avoids such overhead updating wmem_alloc only if
      wmem_alloc_delta is non zero.
      
      The error path is left intentionally unmodified: it's a slow path
      and simplicity is preferred to performances.
      
      Fixes: 694aba69 ("ipv4: factorize sk_wmem_alloc updates done by __ip_append_data()")
      Fixes: 1f4c6eb2 ("ipv6: factorize sk_wmem_alloc updates done by __ip6_append_data()")
      Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      Reviewed-by: default avatarEric Dumazet <edumazet@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      9e8445a5
    • Arnd Bergmann's avatar
      nvmem: disallow modular CONFIG_NVMEM · 2a37ce25
      Arnd Bergmann authored
      The new of_get_nvmem_mac_address() helper function causes a link error
      with CONFIG_NVMEM=m:
      
      drivers/of/of_net.o: In function `of_get_nvmem_mac_address':
      of_net.c:(.text+0x168): undefined reference to `of_nvmem_cell_get'
      of_net.c:(.text+0x19c): undefined reference to `nvmem_cell_read'
      of_net.c:(.text+0x1a8): undefined reference to `nvmem_cell_put'
      
      I could not come up with a good solution for this, as the code is always
      built-in. Using an #if IS_REACHABLE() check around it would solve the
      link time issue but then stop it from working in that configuration.
      Making of_nvmem_cell_get() an inline function could also solve that, but
      seems a bit ugly since it's somewhat larger than most inline functions,
      and it would just bring that problem into the callers.  Splitting the
      function into a separate file might be an alternative.
      
      This uses the big hammer by making CONFIG_NVMEM itself a 'bool' symbol,
      which avoids the problem entirely but makes the vmlinux larger for anyone
      that might use NVMEM support but doesn't need it built-in otherwise.
      
      Fixes: 9217e566 ("of_net: Implement of_get_nvmem_mac_address helper")
      Cc: Mike Looijmans <mike.looijmans@topic.nl>
      Cc: Florian Fainelli <f.fainelli@gmail.com>
      Cc: Andrew Lunn <andrew@lunn.ch>
      Cc: David S. Miller <davem@davemloft.net>
      Cc: netdev@vger.kernel.org
      Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      Acked-by: Mike Looijmans
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      2a37ce25
    • Tan Xiaojun's avatar
      net: hns3: fix length overflow when CONFIG_ARM64_64K_PAGES · 48d154e7
      Tan Xiaojun authored
      When enable the config item "CONFIG_ARM64_64K_PAGES", the size of PAGE_SIZE
      is 65536(64K). But the type of length is u16, it will overflow. So change it
      to u32.
      Signed-off-by: default avatarTan Xiaojun <tanxiaojun@huawei.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      48d154e7
    • Dirk van der Merwe's avatar
      nfp: use full 40 bits of the NSP buffer address · 1489bbd1
      Dirk van der Merwe authored
      The NSP default buffer is a piece of NFP memory where additional
      command data can be placed.  Its format has been copied from
      host buffer, but the PCIe selection bits do not make sense in
      this case.  If those get masked out from a NFP address - writes
      to random place in the chip memory may be issued and crash the
      device.
      
      Even in the general NSP buffer case, it doesn't make sense to have the
      PCIe selection bits there anymore. These are unused at the moment, and
      when it becomes necessary, the PCIe selection bits should rather be
      moved to another register to utilise more bits for the buffer address.
      
      This has never been an issue because the buffer used to be
      allocated in memory with less-than-38-bit-long address but that
      is about to change.
      
      Fixes: 1a64821c ("nfp: add support for service processor access")
      Signed-off-by: default avatarDirk van der Merwe <dirk.vandermerwe@netronome.com>
      Reviewed-by: default avatarJakub Kicinski <jakub.kicinski@netronome.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      1489bbd1
    • Alexander Graf's avatar
      lan78xx: Connect phy early · 92571a1a
      Alexander Graf authored
      When using wicked with a lan78xx device attached to the system, we
      end up with ethtool commands issued on the device before an ifup
      got issued. That lead to the following crash:
      
          Unable to handle kernel NULL pointer dereference at virtual address 0000039c
          pgd = ffff800035b30000
          [0000039c] *pgd=0000000000000000
          Internal error: Oops: 96000004 [#1] SMP
          Modules linked in: [...]
          Supported: Yes
          CPU: 3 PID: 638 Comm: wickedd Tainted: G            E      4.12.14-0-default #1
          Hardware name: raspberrypi rpi/rpi, BIOS 2018.03-rc2 02/21/2018
          task: ffff800035e74180 task.stack: ffff800036718000
          PC is at phy_ethtool_ksettings_get+0x20/0x98
          LR is at lan78xx_get_link_ksettings+0x44/0x60 [lan78xx]
          pc : [<ffff0000086f7f30>] lr : [<ffff000000dcca84>] pstate: 20000005
          sp : ffff80003671bb20
          x29: ffff80003671bb20 x28: ffff800035e74180
          x27: ffff000008912000 x26: 000000000000001d
          x25: 0000000000000124 x24: ffff000008f74d00
          x23: 0000004000114809 x22: 0000000000000000
          x21: ffff80003671bbd0 x20: 0000000000000000
          x19: ffff80003671bbd0 x18: 000000000000040d
          x17: 0000000000000001 x16: 0000000000000000
          x15: 0000000000000000 x14: ffffffffffffffff
          x13: 0000000000000000 x12: 0000000000000020
          x11: 0101010101010101 x10: fefefefefefefeff
          x9 : 7f7f7f7f7f7f7f7f x8 : fefefeff31677364
          x7 : 0000000080808080 x6 : ffff80003671bc9c
          x5 : ffff80003671b9f8 x4 : ffff80002c296190
          x3 : 0000000000000000 x2 : 0000000000000000
          x1 : ffff80003671bbd0 x0 : ffff80003671bc00
          Process wickedd (pid: 638, stack limit = 0xffff800036718000)
          Call trace:
          Exception stack(0xffff80003671b9e0 to 0xffff80003671bb20)
          b9e0: ffff80003671bc00 ffff80003671bbd0 0000000000000000 0000000000000000
          ba00: ffff80002c296190 ffff80003671b9f8 ffff80003671bc9c 0000000080808080
          ba20: fefefeff31677364 7f7f7f7f7f7f7f7f fefefefefefefeff 0101010101010101
          ba40: 0000000000000020 0000000000000000 ffffffffffffffff 0000000000000000
          ba60: 0000000000000000 0000000000000001 000000000000040d ffff80003671bbd0
          ba80: 0000000000000000 ffff80003671bbd0 0000000000000000 0000004000114809
          baa0: ffff000008f74d00 0000000000000124 000000000000001d ffff000008912000
          bac0: ffff800035e74180 ffff80003671bb20 ffff000000dcca84 ffff80003671bb20
          bae0: ffff0000086f7f30 0000000020000005 ffff80002c296000 ffff800035223900
          bb00: 0000ffffffffffff 0000000000000000 ffff80003671bb20 ffff0000086f7f30
          [<ffff0000086f7f30>] phy_ethtool_ksettings_get+0x20/0x98
          [<ffff000000dcca84>] lan78xx_get_link_ksettings+0x44/0x60 [lan78xx]
          [<ffff0000087cbc40>] ethtool_get_settings+0x68/0x210
          [<ffff0000087cc0d4>] dev_ethtool+0x214/0x2180
          [<ffff0000087e5008>] dev_ioctl+0x400/0x630
          [<ffff00000879dd00>] sock_do_ioctl+0x70/0x88
          [<ffff00000879f5f8>] sock_ioctl+0x208/0x368
          [<ffff0000082cde10>] do_vfs_ioctl+0xb0/0x848
          [<ffff0000082ce634>] SyS_ioctl+0x8c/0xa8
          Exception stack(0xffff80003671bec0 to 0xffff80003671c000)
          bec0: 0000000000000009 0000000000008946 0000fffff4e841d0 0000aa0032687465
          bee0: 0000aaaafa2319d4 0000fffff4e841d4 0000000032687465 0000000032687465
          bf00: 000000000000001d 7f7fff7f7f7f7f7f 72606b622e71ff4c 7f7f7f7f7f7f7f7f
          bf20: 0101010101010101 0000000000000020 ffffffffffffffff 0000ffff7f510c68
          bf40: 0000ffff7f6a9d18 0000ffff7f44ce30 000000000000040d 0000ffff7f6f98f0
          bf60: 0000fffff4e842c0 0000000000000001 0000aaaafa2c2e00 0000ffff7f6ab000
          bf80: 0000fffff4e842c0 0000ffff7f62a000 0000aaaafa2b9f20 0000aaaafa2c2e00
          bfa0: 0000fffff4e84818 0000fffff4e841a0 0000ffff7f5ad0cc 0000fffff4e841a0
          bfc0: 0000ffff7f44ce3c 0000000080000000 0000000000000009 000000000000001d
          bfe0: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
      
      The culprit is quite simple: The driver tries to access the phy left and right,
      but only actually has a working reference to it when the device is up.
      
      The fix thus is quite simple too: Get a reference to the phy on probe already
      and keep it even when the device is going down.
      
      With this patch applied, I can successfully run wicked on my system and bring
      the interface up and down as many times as I want, without getting NULL pointer
      dereferences in between.
      Signed-off-by: default avatarAlexander Graf <agraf@suse.de>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      92571a1a
    • Jakub Kicinski's avatar
      nfp: add a separate counter for packets with CHECKSUM_COMPLETE · 0df57e60
      Jakub Kicinski authored
      We are currently counting packets with CHECKSUM_COMPLETE as
      "hw_rx_csum_ok".  This is confusing.  Add a new counter.
      To make sure it fits in the same cacheline move the less used
      error counter to a different location.
      Signed-off-by: default avatarJakub Kicinski <jakub.kicinski@netronome.com>
      Reviewed-by: default avatarDirk van der Merwe <dirk.vandermerwe@netronome.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      0df57e60
    • Jon Maloy's avatar
      tipc: Fix missing list initializations in struct tipc_subscription · b714295a
      Jon Maloy authored
      When an item of struct tipc_subscription is created, we fail to
      initialize the two lists aggregated into the struct. This has so far
      never been a problem, since the items are just added to a root
      object by list_add(), which does not require the addee list to be
      pre-initialized. However, syzbot is provoking situations where this
      addition fails, whereupon the attempted removal if the item from
      the list causes a crash.
      
      This problem seems to always have been around, despite that the code
      for creating this object was rewritten in commit 242e82cc ("tipc:
      collapse subscription creation functions"), which is still in net-next.
      
      We fix this for that commit by initializing the two lists properly.
      
      Fixes: 242e82cc ("tipc: collapse subscription creation functions")
      Reported-by: syzbot+0bb443b74ce09197e970@syzkaller.appspotmail.com
      Signed-off-by: default avatarJon Maloy <jon.maloy@ericsson.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      b714295a
    • David S. Miller's avatar
      Merge branch 'ipv6-udp-set-dst-cache-for-a-connected-sk-if-current-not-valid' · f51ffde9
      David S. Miller authored
      Alexey Kodanev says:
      
      ====================
      ipv6: udp: set dst cache for a connected sk if current not valid
      
      A new RTF_CACHE route can be created with the socket's dst cache
      update between the below calls in udpv6_sendmsg(), when datagram
      sending results to ICMPV6_PKT_TOOBIG error:
      
         dst = ip6_sk_dst_lookup_flow(...)
         ...
      release_dst:
          if (dst) {
              if (connected) {
                  ip6_dst_store(sk, dst)
      
      Therefore, the new socket's dst cache reset to the old one on
      "release_dst:".
      
      The first three patches prepare the code to store dst cache
      with ip6_sk_dst_lookup_flow():
      
        * the first patch adds ip6_sk_dst_store_flow() function with
          commonly used source and destiantion addresses checks using
          the flow information.
      
        * the second patch adds a new argument to ip6_sk_dst_lookup_flow()
          and ability to store dst in the socket's cache. Also, the two
          users of the function are updated without enabling the new
          behavior: pingv6_sendmsg() and udpv6_sendmsg().
      
        * the third patch makes 'connected' variable in udpv6_sendmsg()
          to be consistent with ip6_sk_dst_store_flow(), changes its type
          from int to bool.
      
      The last patch contains the actual fix that removes sk dst cache
      update in the end of udpv6_sendmsg(), and allows to do it in
      ip6_sk_dst_lookup_flow().
      
      v6: * use bool type for a new parameter in ip_sk_dst_lookup_flow()
          * add one more patch to convert 'connected' variable in
            udpv6_sendmsg() from int to bool type. If it shouldn't be
            here I will resend it when the net-next is opened.
      
      v5: * relocate ip6_sk_dst_store_flow() to net/ipv6/route.c and
            rename ip6_dst_store_flow() to ip6_sk_dst_store_flow() as
            suggested by Martin
      
      v4: * fix the error in the build of ip_dst_store_flow() reported by
            kbuild test robot due to missing checks for CONFIG_IPV6: add
            new function to ip6_output.c instead of ip6_route.h
          * add 'const' to struct flowi6 in ip6_dst_store_flow()
          * minor commit messages fixes
      
      v3: * instead of moving ip6_dst_store() above udp_v6_send_skb(),
            update socket's dst cache inside ip6_sk_dst_lookup_flow()
            if the current one is invalid
          * the issue not reproduced in 4.1, but starting from 4.2. Add
            one more 'Fixes:' commit that creates new RTF_CACHE route.
            Though, it is also mentioned in the first one
      ====================
      Acked-by: default avatarMartin KaFai Lau <kafai@fb.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f51ffde9
    • Alexey Kodanev's avatar
      ipv6: udp: set dst cache for a connected sk if current not valid · 4f858c56
      Alexey Kodanev authored
      A new RTF_CACHE route can be created between ip6_sk_dst_lookup_flow()
      and ip6_dst_store() calls in udpv6_sendmsg(), when datagram sending
      results to ICMPV6_PKT_TOOBIG error:
      
          udp_v6_send_skb(), for example with vti6 tunnel:
              vti6_xmit(), get ICMPV6_PKT_TOOBIG error
                  skb_dst_update_pmtu(), can create a RTF_CACHE clone
                  icmpv6_send()
          ...
          udpv6_err()
              ip6_sk_update_pmtu()
                 ip6_update_pmtu(), can create a RTF_CACHE clone
                 ...
                 ip6_datagram_dst_update()
                      ip6_dst_store()
      
      And after commit 33c162a9 ("ipv6: datagram: Update dst cache of
      a connected datagram sk during pmtu update"), the UDPv6 error handler
      can update socket's dst cache, but it can happen before the update in
      the end of udpv6_sendmsg(), preventing getting the new dst cache on
      the next udpv6_sendmsg() calls.
      
      In order to fix it, save dst in a connected socket only if the current
      socket's dst cache is invalid.
      
      The previous patch prepared ip6_sk_dst_lookup_flow() to do that with
      the new argument, and this patch enables it in udpv6_sendmsg().
      
      Fixes: 33c162a9 ("ipv6: datagram: Update dst cache of a connected datagram sk during pmtu update")
      Fixes: 45e4fd26 ("ipv6: Only create RTF_CACHE routes after encountering pmtu exception")
      Signed-off-by: default avatarAlexey Kodanev <alexey.kodanev@oracle.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      4f858c56
    • Alexey Kodanev's avatar
      ipv6: udp: convert 'connected' to bool type in udpv6_sendmsg() · 9f542f61
      Alexey Kodanev authored
      This should make it consistent with ip6_sk_dst_lookup_flow()
      that is accepting the new 'connected' parameter of type bool.
      Signed-off-by: default avatarAlexey Kodanev <alexey.kodanev@oracle.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      9f542f61