Update to 4.15-rc5
Also update the aufs and lockdown patchsets.
This commit is contained in:
parent
ab5d03cb3b
commit
7dd9b58675
|
@ -1,3 +1,13 @@
|
|||
linux (4.15~rc5-1~exp1) UNRELEASED; urgency=medium
|
||||
|
||||
* New upstream release candidate
|
||||
|
||||
[ Ben Hutchings ]
|
||||
* aufs: Update support patchset to aufs4.x-rcN-20171218
|
||||
* lockdown: Update patchset to 2017-11-10 version
|
||||
|
||||
-- Ben Hutchings <ben@decadent.org.uk> Tue, 26 Dec 2017 16:25:55 +0000
|
||||
|
||||
linux (4.14.7-1) unstable; urgency=medium
|
||||
|
||||
* New upstream stable update:
|
||||
|
|
|
@ -1,44 +0,0 @@
|
|||
From: Jann Horn <jannh@google.com>
|
||||
Date: Mon, 18 Dec 2017 20:11:59 -0800
|
||||
Subject: [7/9] bpf: don't prune branches when a scalar is replaced with a
|
||||
pointer
|
||||
Origin: https://git.kernel.org/linus/179d1c5602997fef5a940c6ddcf31212cbfebd14
|
||||
|
||||
This could be made safe by passing through a reference to env and checking
|
||||
for env->allow_ptr_leaks, but it would only work one way and is probably
|
||||
not worth the hassle - not doing it will not directly lead to program
|
||||
rejection.
|
||||
|
||||
Fixes: f1174f77b50c ("bpf/verifier: rework value tracking")
|
||||
Signed-off-by: Jann Horn <jannh@google.com>
|
||||
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
|
||||
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
||||
---
|
||||
kernel/bpf/verifier.c | 15 +++++++--------
|
||||
1 file changed, 7 insertions(+), 8 deletions(-)
|
||||
|
||||
--- a/kernel/bpf/verifier.c
|
||||
+++ b/kernel/bpf/verifier.c
|
||||
@@ -3366,15 +3366,14 @@ static bool regsafe(struct bpf_reg_state
|
||||
return range_within(rold, rcur) &&
|
||||
tnum_in(rold->var_off, rcur->var_off);
|
||||
} else {
|
||||
- /* if we knew anything about the old value, we're not
|
||||
- * equal, because we can't know anything about the
|
||||
- * scalar value of the pointer in the new value.
|
||||
+ /* We're trying to use a pointer in place of a scalar.
|
||||
+ * Even if the scalar was unbounded, this could lead to
|
||||
+ * pointer leaks because scalars are allowed to leak
|
||||
+ * while pointers are not. We could make this safe in
|
||||
+ * special cases if root is calling us, but it's
|
||||
+ * probably not worth the hassle.
|
||||
*/
|
||||
- return rold->umin_value == 0 &&
|
||||
- rold->umax_value == U64_MAX &&
|
||||
- rold->smin_value == S64_MIN &&
|
||||
- rold->smax_value == S64_MAX &&
|
||||
- tnum_is_unknown(rold->var_off);
|
||||
+ return false;
|
||||
}
|
||||
case PTR_TO_MAP_VALUE:
|
||||
/* If the new min/max/var_off satisfy the old ones and
|
|
@ -1,201 +0,0 @@
|
|||
From: Jakub Kicinski <jakub.kicinski@netronome.com>
|
||||
Date: Mon, 9 Oct 2017 10:30:10 -0700
|
||||
Subject: bpf: encapsulate verifier log state into a structure
|
||||
Origin: https://git.kernel.org/linus/e7bf8249e8f1bac64885eeccb55bcf6111901a81
|
||||
|
||||
Put the loose log_* variables into a structure. This will make
|
||||
it simpler to remove the global verifier state in following patches.
|
||||
|
||||
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
|
||||
Reviewed-by: Simon Horman <simon.horman@netronome.com>
|
||||
Acked-by: Alexei Starovoitov <ast@kernel.org>
|
||||
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
|
||||
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||||
---
|
||||
include/linux/bpf_verifier.h | 13 ++++++++++
|
||||
kernel/bpf/verifier.c | 57 +++++++++++++++++++++++---------------------
|
||||
2 files changed, 43 insertions(+), 27 deletions(-)
|
||||
|
||||
--- a/include/linux/bpf_verifier.h
|
||||
+++ b/include/linux/bpf_verifier.h
|
||||
@@ -115,6 +115,19 @@ struct bpf_insn_aux_data {
|
||||
|
||||
#define MAX_USED_MAPS 64 /* max number of maps accessed by one eBPF program */
|
||||
|
||||
+struct bpf_verifer_log {
|
||||
+ u32 level;
|
||||
+ char *kbuf;
|
||||
+ char __user *ubuf;
|
||||
+ u32 len_used;
|
||||
+ u32 len_total;
|
||||
+};
|
||||
+
|
||||
+static inline bool bpf_verifier_log_full(const struct bpf_verifer_log *log)
|
||||
+{
|
||||
+ return log->len_used >= log->len_total - 1;
|
||||
+}
|
||||
+
|
||||
struct bpf_verifier_env;
|
||||
struct bpf_ext_analyzer_ops {
|
||||
int (*insn_hook)(struct bpf_verifier_env *env,
|
||||
--- a/kernel/bpf/verifier.c
|
||||
+++ b/kernel/bpf/verifier.c
|
||||
@@ -156,8 +156,7 @@ struct bpf_call_arg_meta {
|
||||
/* verbose verifier prints what it's seeing
|
||||
* bpf_check() is called under lock, so no race to access these global vars
|
||||
*/
|
||||
-static u32 log_level, log_size, log_len;
|
||||
-static char *log_buf;
|
||||
+static struct bpf_verifer_log verifier_log;
|
||||
|
||||
static DEFINE_MUTEX(bpf_verifier_lock);
|
||||
|
||||
@@ -167,13 +166,15 @@ static DEFINE_MUTEX(bpf_verifier_lock);
|
||||
*/
|
||||
static __printf(1, 2) void verbose(const char *fmt, ...)
|
||||
{
|
||||
+ struct bpf_verifer_log *log = &verifier_log;
|
||||
va_list args;
|
||||
|
||||
- if (log_level == 0 || log_len >= log_size - 1)
|
||||
+ if (!log->level || bpf_verifier_log_full(log))
|
||||
return;
|
||||
|
||||
va_start(args, fmt);
|
||||
- log_len += vscnprintf(log_buf + log_len, log_size - log_len, fmt, args);
|
||||
+ log->len_used += vscnprintf(log->kbuf + log->len_used,
|
||||
+ log->len_total - log->len_used, fmt, args);
|
||||
va_end(args);
|
||||
}
|
||||
|
||||
@@ -834,7 +835,7 @@ static int check_map_access(struct bpf_v
|
||||
* need to try adding each of min_value and max_value to off
|
||||
* to make sure our theoretical access will be safe.
|
||||
*/
|
||||
- if (log_level)
|
||||
+ if (verifier_log.level)
|
||||
print_verifier_state(state);
|
||||
/* The minimum value is only important with signed
|
||||
* comparisons where we can't assume the floor of a
|
||||
@@ -2915,7 +2916,7 @@ static int check_cond_jmp_op(struct bpf_
|
||||
verbose("R%d pointer comparison prohibited\n", insn->dst_reg);
|
||||
return -EACCES;
|
||||
}
|
||||
- if (log_level)
|
||||
+ if (verifier_log.level)
|
||||
print_verifier_state(this_branch);
|
||||
return 0;
|
||||
}
|
||||
@@ -3633,7 +3634,7 @@ static int do_check(struct bpf_verifier_
|
||||
return err;
|
||||
if (err == 1) {
|
||||
/* found equivalent state, can prune the search */
|
||||
- if (log_level) {
|
||||
+ if (verifier_log.level) {
|
||||
if (do_print_state)
|
||||
verbose("\nfrom %d to %d: safe\n",
|
||||
prev_insn_idx, insn_idx);
|
||||
@@ -3646,8 +3647,9 @@ static int do_check(struct bpf_verifier_
|
||||
if (need_resched())
|
||||
cond_resched();
|
||||
|
||||
- if (log_level > 1 || (log_level && do_print_state)) {
|
||||
- if (log_level > 1)
|
||||
+ if (verifier_log.level > 1 ||
|
||||
+ (verifier_log.level && do_print_state)) {
|
||||
+ if (verifier_log.level > 1)
|
||||
verbose("%d:", insn_idx);
|
||||
else
|
||||
verbose("\nfrom %d to %d:",
|
||||
@@ -3656,7 +3658,7 @@ static int do_check(struct bpf_verifier_
|
||||
do_print_state = false;
|
||||
}
|
||||
|
||||
- if (log_level) {
|
||||
+ if (verifier_log.level) {
|
||||
verbose("%d: ", insn_idx);
|
||||
print_bpf_insn(env, insn);
|
||||
}
|
||||
@@ -4307,7 +4309,7 @@ static void free_states(struct bpf_verif
|
||||
|
||||
int bpf_check(struct bpf_prog **prog, union bpf_attr *attr)
|
||||
{
|
||||
- char __user *log_ubuf = NULL;
|
||||
+ struct bpf_verifer_log *log = &verifier_log;
|
||||
struct bpf_verifier_env *env;
|
||||
int ret = -EINVAL;
|
||||
|
||||
@@ -4332,23 +4334,23 @@ int bpf_check(struct bpf_prog **prog, un
|
||||
/* user requested verbose verifier output
|
||||
* and supplied buffer to store the verification trace
|
||||
*/
|
||||
- log_level = attr->log_level;
|
||||
- log_ubuf = (char __user *) (unsigned long) attr->log_buf;
|
||||
- log_size = attr->log_size;
|
||||
- log_len = 0;
|
||||
+ log->level = attr->log_level;
|
||||
+ log->ubuf = (char __user *) (unsigned long) attr->log_buf;
|
||||
+ log->len_total = attr->log_size;
|
||||
+ log->len_used = 0;
|
||||
|
||||
ret = -EINVAL;
|
||||
- /* log_* values have to be sane */
|
||||
- if (log_size < 128 || log_size > UINT_MAX >> 8 ||
|
||||
- log_level == 0 || log_ubuf == NULL)
|
||||
+ /* log attributes have to be sane */
|
||||
+ if (log->len_total < 128 || log->len_total > UINT_MAX >> 8 ||
|
||||
+ !log->level || !log->ubuf)
|
||||
goto err_unlock;
|
||||
|
||||
ret = -ENOMEM;
|
||||
- log_buf = vmalloc(log_size);
|
||||
- if (!log_buf)
|
||||
+ log->kbuf = vmalloc(log->len_total);
|
||||
+ if (!log->kbuf)
|
||||
goto err_unlock;
|
||||
} else {
|
||||
- log_level = 0;
|
||||
+ log->level = 0;
|
||||
}
|
||||
|
||||
env->strict_alignment = !!(attr->prog_flags & BPF_F_STRICT_ALIGNMENT);
|
||||
@@ -4385,15 +4387,16 @@ skip_full_check:
|
||||
if (ret == 0)
|
||||
ret = fixup_bpf_calls(env);
|
||||
|
||||
- if (log_level && log_len >= log_size - 1) {
|
||||
- BUG_ON(log_len >= log_size);
|
||||
+ if (log->level && bpf_verifier_log_full(log)) {
|
||||
+ BUG_ON(log->len_used >= log->len_total);
|
||||
/* verifier log exceeded user supplied buffer */
|
||||
ret = -ENOSPC;
|
||||
/* fall through to return what was recorded */
|
||||
}
|
||||
|
||||
/* copy verifier log back to user space including trailing zero */
|
||||
- if (log_level && copy_to_user(log_ubuf, log_buf, log_len + 1) != 0) {
|
||||
+ if (log->level && copy_to_user(log->ubuf, log->kbuf,
|
||||
+ log->len_used + 1) != 0) {
|
||||
ret = -EFAULT;
|
||||
goto free_log_buf;
|
||||
}
|
||||
@@ -4420,8 +4423,8 @@ skip_full_check:
|
||||
}
|
||||
|
||||
free_log_buf:
|
||||
- if (log_level)
|
||||
- vfree(log_buf);
|
||||
+ if (log->level)
|
||||
+ vfree(log->kbuf);
|
||||
if (!env->prog->aux->used_maps)
|
||||
/* if we didn't copy map pointers into bpf_prog_info, release
|
||||
* them now. Otherwise free_bpf_prog_info() will release them.
|
||||
@@ -4458,7 +4461,7 @@ int bpf_analyzer(struct bpf_prog *prog,
|
||||
/* grab the mutex to protect few globals used by verifier */
|
||||
mutex_lock(&bpf_verifier_lock);
|
||||
|
||||
- log_level = 0;
|
||||
+ verifier_log.level = 0;
|
||||
|
||||
env->strict_alignment = false;
|
||||
if (!IS_ENABLED(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS))
|
|
@ -1,82 +0,0 @@
|
|||
From: Jann Horn <jannh@google.com>
|
||||
Date: Mon, 18 Dec 2017 20:11:56 -0800
|
||||
Subject: [4/9] bpf: fix 32-bit ALU op verification
|
||||
Origin: https://git.kernel.org/linus/468f6eafa6c44cb2c5d8aad35e12f06c240a812a
|
||||
|
||||
32-bit ALU ops operate on 32-bit values and have 32-bit outputs.
|
||||
Adjust the verifier accordingly.
|
||||
|
||||
Fixes: f1174f77b50c ("bpf/verifier: rework value tracking")
|
||||
Signed-off-by: Jann Horn <jannh@google.com>
|
||||
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
|
||||
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
||||
---
|
||||
kernel/bpf/verifier.c | 28 +++++++++++++++++-----------
|
||||
1 file changed, 17 insertions(+), 11 deletions(-)
|
||||
|
||||
--- a/kernel/bpf/verifier.c
|
||||
+++ b/kernel/bpf/verifier.c
|
||||
@@ -2010,6 +2010,10 @@ static int adjust_ptr_min_max_vals(struc
|
||||
return 0;
|
||||
}
|
||||
|
||||
+/* WARNING: This function does calculations on 64-bit values, but the actual
|
||||
+ * execution may occur on 32-bit values. Therefore, things like bitshifts
|
||||
+ * need extra checks in the 32-bit case.
|
||||
+ */
|
||||
static int adjust_scalar_min_max_vals(struct bpf_verifier_env *env,
|
||||
struct bpf_insn *insn,
|
||||
struct bpf_reg_state *dst_reg,
|
||||
@@ -2020,12 +2024,8 @@ static int adjust_scalar_min_max_vals(st
|
||||
bool src_known, dst_known;
|
||||
s64 smin_val, smax_val;
|
||||
u64 umin_val, umax_val;
|
||||
+ u64 insn_bitness = (BPF_CLASS(insn->code) == BPF_ALU64) ? 64 : 32;
|
||||
|
||||
- if (BPF_CLASS(insn->code) != BPF_ALU64) {
|
||||
- /* 32-bit ALU ops are (32,32)->64 */
|
||||
- coerce_reg_to_size(dst_reg, 4);
|
||||
- coerce_reg_to_size(&src_reg, 4);
|
||||
- }
|
||||
smin_val = src_reg.smin_value;
|
||||
smax_val = src_reg.smax_value;
|
||||
umin_val = src_reg.umin_value;
|
||||
@@ -2161,9 +2161,9 @@ static int adjust_scalar_min_max_vals(st
|
||||
__update_reg_bounds(dst_reg);
|
||||
break;
|
||||
case BPF_LSH:
|
||||
- if (umax_val > 63) {
|
||||
- /* Shifts greater than 63 are undefined. This includes
|
||||
- * shifts by a negative number.
|
||||
+ if (umax_val >= insn_bitness) {
|
||||
+ /* Shifts greater than 31 or 63 are undefined.
|
||||
+ * This includes shifts by a negative number.
|
||||
*/
|
||||
mark_reg_unknown(env, regs, insn->dst_reg);
|
||||
break;
|
||||
@@ -2189,9 +2189,9 @@ static int adjust_scalar_min_max_vals(st
|
||||
__update_reg_bounds(dst_reg);
|
||||
break;
|
||||
case BPF_RSH:
|
||||
- if (umax_val > 63) {
|
||||
- /* Shifts greater than 63 are undefined. This includes
|
||||
- * shifts by a negative number.
|
||||
+ if (umax_val >= insn_bitness) {
|
||||
+ /* Shifts greater than 31 or 63 are undefined.
|
||||
+ * This includes shifts by a negative number.
|
||||
*/
|
||||
mark_reg_unknown(env, regs, insn->dst_reg);
|
||||
break;
|
||||
@@ -2227,6 +2227,12 @@ static int adjust_scalar_min_max_vals(st
|
||||
break;
|
||||
}
|
||||
|
||||
+ if (BPF_CLASS(insn->code) != BPF_ALU64) {
|
||||
+ /* 32-bit ALU ops are (32,32)->32 */
|
||||
+ coerce_reg_to_size(dst_reg, 4);
|
||||
+ coerce_reg_to_size(&src_reg, 4);
|
||||
+ }
|
||||
+
|
||||
__reg_deduce_bounds(dst_reg);
|
||||
__reg_bound_offset(dst_reg);
|
||||
return 0;
|
|
@ -1,112 +0,0 @@
|
|||
From: Alexei Starovoitov <ast@fb.com>
|
||||
Date: Wed, 22 Nov 2017 16:42:05 -0800
|
||||
Subject: bpf: fix branch pruning logic
|
||||
Origin: https://git.kernel.org/linus/c131187db2d3fa2f8bf32fdf4e9a4ef805168467
|
||||
|
||||
when the verifier detects that register contains a runtime constant
|
||||
and it's compared with another constant it will prune exploration
|
||||
of the branch that is guaranteed not to be taken at runtime.
|
||||
This is all correct, but malicious program may be constructed
|
||||
in such a way that it always has a constant comparison and
|
||||
the other branch is never taken under any conditions.
|
||||
In this case such path through the program will not be explored
|
||||
by the verifier. It won't be taken at run-time either, but since
|
||||
all instructions are JITed the malicious program may cause JITs
|
||||
to complain about using reserved fields, etc.
|
||||
To fix the issue we have to track the instructions explored by
|
||||
the verifier and sanitize instructions that are dead at run time
|
||||
with NOPs. We cannot reject such dead code, since llvm generates
|
||||
it for valid C code, since it doesn't do as much data flow
|
||||
analysis as the verifier does.
|
||||
|
||||
Fixes: 17a5267067f3 ("bpf: verifier (add verifier core)")
|
||||
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
|
||||
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
|
||||
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
||||
---
|
||||
include/linux/bpf_verifier.h | 2 +-
|
||||
kernel/bpf/verifier.c | 27 +++++++++++++++++++++++++++
|
||||
2 files changed, 28 insertions(+), 1 deletion(-)
|
||||
|
||||
--- a/include/linux/bpf_verifier.h
|
||||
+++ b/include/linux/bpf_verifier.h
|
||||
@@ -110,7 +110,7 @@ struct bpf_insn_aux_data {
|
||||
struct bpf_map *map_ptr; /* pointer for call insn into lookup_elem */
|
||||
};
|
||||
int ctx_field_size; /* the ctx field size for load insn, maybe 0 */
|
||||
- int converted_op_size; /* the valid value width after perceived conversion */
|
||||
+ bool seen; /* this insn was processed by the verifier */
|
||||
};
|
||||
|
||||
#define MAX_USED_MAPS 64 /* max number of maps accessed by one eBPF program */
|
||||
--- a/kernel/bpf/verifier.c
|
||||
+++ b/kernel/bpf/verifier.c
|
||||
@@ -3695,6 +3695,7 @@ static int do_check(struct bpf_verifier_
|
||||
if (err)
|
||||
return err;
|
||||
|
||||
+ env->insn_aux_data[insn_idx].seen = true;
|
||||
if (class == BPF_ALU || class == BPF_ALU64) {
|
||||
err = check_alu_op(env, insn);
|
||||
if (err)
|
||||
@@ -3885,6 +3886,7 @@ process_bpf_exit:
|
||||
return err;
|
||||
|
||||
insn_idx++;
|
||||
+ env->insn_aux_data[insn_idx].seen = true;
|
||||
} else {
|
||||
verbose(env, "invalid BPF_LD mode\n");
|
||||
return -EINVAL;
|
||||
@@ -4067,6 +4069,7 @@ static int adjust_insn_aux_data(struct b
|
||||
u32 off, u32 cnt)
|
||||
{
|
||||
struct bpf_insn_aux_data *new_data, *old_data = env->insn_aux_data;
|
||||
+ int i;
|
||||
|
||||
if (cnt == 1)
|
||||
return 0;
|
||||
@@ -4076,6 +4079,8 @@ static int adjust_insn_aux_data(struct b
|
||||
memcpy(new_data, old_data, sizeof(struct bpf_insn_aux_data) * off);
|
||||
memcpy(new_data + off + cnt - 1, old_data + off,
|
||||
sizeof(struct bpf_insn_aux_data) * (prog_len - off - cnt + 1));
|
||||
+ for (i = off; i < off + cnt - 1; i++)
|
||||
+ new_data[i].seen = true;
|
||||
env->insn_aux_data = new_data;
|
||||
vfree(old_data);
|
||||
return 0;
|
||||
@@ -4094,6 +4099,25 @@ static struct bpf_prog *bpf_patch_insn_d
|
||||
return new_prog;
|
||||
}
|
||||
|
||||
+/* The verifier does more data flow analysis than llvm and will not explore
|
||||
+ * branches that are dead at run time. Malicious programs can have dead code
|
||||
+ * too. Therefore replace all dead at-run-time code with nops.
|
||||
+ */
|
||||
+static void sanitize_dead_code(struct bpf_verifier_env *env)
|
||||
+{
|
||||
+ struct bpf_insn_aux_data *aux_data = env->insn_aux_data;
|
||||
+ struct bpf_insn nop = BPF_MOV64_REG(BPF_REG_0, BPF_REG_0);
|
||||
+ struct bpf_insn *insn = env->prog->insnsi;
|
||||
+ const int insn_cnt = env->prog->len;
|
||||
+ int i;
|
||||
+
|
||||
+ for (i = 0; i < insn_cnt; i++) {
|
||||
+ if (aux_data[i].seen)
|
||||
+ continue;
|
||||
+ memcpy(insn + i, &nop, sizeof(nop));
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
/* convert load instructions that access fields of 'struct __sk_buff'
|
||||
* into sequence of instructions that access fields of 'struct sk_buff'
|
||||
*/
|
||||
@@ -4410,6 +4434,9 @@ skip_full_check:
|
||||
free_states(env);
|
||||
|
||||
if (ret == 0)
|
||||
+ sanitize_dead_code(env);
|
||||
+
|
||||
+ if (ret == 0)
|
||||
/* program is valid, convert *(u32*)(ctx + off) accesses */
|
||||
ret = convert_ctx_accesses(env);
|
||||
|
|
@ -1,44 +0,0 @@
|
|||
From: Jann Horn <jannh@google.com>
|
||||
Date: Mon, 18 Dec 2017 20:11:54 -0800
|
||||
Subject: [2/9] bpf: fix incorrect sign extension in check_alu_op()
|
||||
Origin: https://git.kernel.org/linus/95a762e2c8c942780948091f8f2a4f32fce1ac6f
|
||||
|
||||
Distinguish between
|
||||
BPF_ALU64|BPF_MOV|BPF_K (load 32-bit immediate, sign-extended to 64-bit)
|
||||
and BPF_ALU|BPF_MOV|BPF_K (load 32-bit immediate, zero-padded to 64-bit);
|
||||
only perform sign extension in the first case.
|
||||
|
||||
Starting with v4.14, this is exploitable by unprivileged users as long as
|
||||
the unprivileged_bpf_disabled sysctl isn't set.
|
||||
|
||||
Debian assigned CVE-2017-16995 for this issue.
|
||||
|
||||
v3:
|
||||
- add CVE number (Ben Hutchings)
|
||||
|
||||
Fixes: 484611357c19 ("bpf: allow access into map value arrays")
|
||||
Signed-off-by: Jann Horn <jannh@google.com>
|
||||
Acked-by: Edward Cree <ecree@solarflare.com>
|
||||
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
|
||||
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
||||
---
|
||||
kernel/bpf/verifier.c | 8 +++++++-
|
||||
1 file changed, 7 insertions(+), 1 deletion(-)
|
||||
|
||||
--- a/kernel/bpf/verifier.c
|
||||
+++ b/kernel/bpf/verifier.c
|
||||
@@ -2401,7 +2401,13 @@ static int check_alu_op(struct bpf_verif
|
||||
* remember the value we stored into this reg
|
||||
*/
|
||||
regs[insn->dst_reg].type = SCALAR_VALUE;
|
||||
- __mark_reg_known(regs + insn->dst_reg, insn->imm);
|
||||
+ if (BPF_CLASS(insn->code) == BPF_ALU64) {
|
||||
+ __mark_reg_known(regs + insn->dst_reg,
|
||||
+ insn->imm);
|
||||
+ } else {
|
||||
+ __mark_reg_known(regs + insn->dst_reg,
|
||||
+ (u32)insn->imm);
|
||||
+ }
|
||||
}
|
||||
|
||||
} else if (opcode > BPF_END) {
|
|
@ -1,119 +0,0 @@
|
|||
From: Jann Horn <jannh@google.com>
|
||||
Date: Mon, 18 Dec 2017 20:11:55 -0800
|
||||
Subject: [3/9] bpf: fix incorrect tracking of register size truncation
|
||||
Origin: https://git.kernel.org/linus/0c17d1d2c61936401f4702e1846e2c19b200f958
|
||||
|
||||
Properly handle register truncation to a smaller size.
|
||||
|
||||
The old code first mirrors the clearing of the high 32 bits in the bitwise
|
||||
tristate representation, which is correct. But then, it computes the new
|
||||
arithmetic bounds as the intersection between the old arithmetic bounds and
|
||||
the bounds resulting from the bitwise tristate representation. Therefore,
|
||||
when coerce_reg_to_32() is called on a number with bounds
|
||||
[0xffff'fff8, 0x1'0000'0007], the verifier computes
|
||||
[0xffff'fff8, 0xffff'ffff] as bounds of the truncated number.
|
||||
This is incorrect: The truncated number could also be in the range [0, 7],
|
||||
and no meaningful arithmetic bounds can be computed in that case apart from
|
||||
the obvious [0, 0xffff'ffff].
|
||||
|
||||
Starting with v4.14, this is exploitable by unprivileged users as long as
|
||||
the unprivileged_bpf_disabled sysctl isn't set.
|
||||
|
||||
Debian assigned CVE-2017-16996 for this issue.
|
||||
|
||||
v2:
|
||||
- flip the mask during arithmetic bounds calculation (Ben Hutchings)
|
||||
v3:
|
||||
- add CVE number (Ben Hutchings)
|
||||
|
||||
Fixes: b03c9f9fdc37 ("bpf/verifier: track signed and unsigned min/max values")
|
||||
Signed-off-by: Jann Horn <jannh@google.com>
|
||||
Acked-by: Edward Cree <ecree@solarflare.com>
|
||||
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
|
||||
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
||||
[bwh: Backported to 4.14]
|
||||
---
|
||||
kernel/bpf/verifier.c | 44 +++++++++++++++++++++++++++-----------------
|
||||
1 file changed, 27 insertions(+), 17 deletions(-)
|
||||
|
||||
--- a/kernel/bpf/verifier.c
|
||||
+++ b/kernel/bpf/verifier.c
|
||||
@@ -1079,6 +1079,29 @@ static int check_ptr_alignment(struct bp
|
||||
strict);
|
||||
}
|
||||
|
||||
+/* truncate register to smaller size (in bytes)
|
||||
+ * must be called with size < BPF_REG_SIZE
|
||||
+ */
|
||||
+static void coerce_reg_to_size(struct bpf_reg_state *reg, int size)
|
||||
+{
|
||||
+ u64 mask;
|
||||
+
|
||||
+ /* clear high bits in bit representation */
|
||||
+ reg->var_off = tnum_cast(reg->var_off, size);
|
||||
+
|
||||
+ /* fix arithmetic bounds */
|
||||
+ mask = ((u64)1 << (size * 8)) - 1;
|
||||
+ if ((reg->umin_value & ~mask) == (reg->umax_value & ~mask)) {
|
||||
+ reg->umin_value &= mask;
|
||||
+ reg->umax_value &= mask;
|
||||
+ } else {
|
||||
+ reg->umin_value = 0;
|
||||
+ reg->umax_value = mask;
|
||||
+ }
|
||||
+ reg->smin_value = reg->umin_value;
|
||||
+ reg->smax_value = reg->umax_value;
|
||||
+}
|
||||
+
|
||||
/* check whether memory at (regno + off) is accessible for t = (read | write)
|
||||
* if t==write, value_regno is a register which value is stored into memory
|
||||
* if t==read, value_regno is a register which will receive the value from memory
|
||||
@@ -1217,9 +1240,7 @@ static int check_mem_access(struct bpf_v
|
||||
if (!err && size < BPF_REG_SIZE && value_regno >= 0 && t == BPF_READ &&
|
||||
state->regs[value_regno].type == SCALAR_VALUE) {
|
||||
/* b/h/w load zero-extends, mark upper bits as known 0 */
|
||||
- state->regs[value_regno].var_off = tnum_cast(
|
||||
- state->regs[value_regno].var_off, size);
|
||||
- __update_reg_bounds(&state->regs[value_regno]);
|
||||
+ coerce_reg_to_size(&state->regs[value_regno], size);
|
||||
}
|
||||
return err;
|
||||
}
|
||||
@@ -1765,14 +1786,6 @@ static int check_call(struct bpf_verifie
|
||||
return 0;
|
||||
}
|
||||
|
||||
-static void coerce_reg_to_32(struct bpf_reg_state *reg)
|
||||
-{
|
||||
- /* clear high 32 bits */
|
||||
- reg->var_off = tnum_cast(reg->var_off, 4);
|
||||
- /* Update bounds */
|
||||
- __update_reg_bounds(reg);
|
||||
-}
|
||||
-
|
||||
static bool signed_add_overflows(s64 a, s64 b)
|
||||
{
|
||||
/* Do the add in u64, where overflow is well-defined */
|
||||
@@ -2010,8 +2023,8 @@ static int adjust_scalar_min_max_vals(st
|
||||
|
||||
if (BPF_CLASS(insn->code) != BPF_ALU64) {
|
||||
/* 32-bit ALU ops are (32,32)->64 */
|
||||
- coerce_reg_to_32(dst_reg);
|
||||
- coerce_reg_to_32(&src_reg);
|
||||
+ coerce_reg_to_size(dst_reg, 4);
|
||||
+ coerce_reg_to_size(&src_reg, 4);
|
||||
}
|
||||
smin_val = src_reg.smin_value;
|
||||
smax_val = src_reg.smax_value;
|
||||
@@ -2391,10 +2404,7 @@ static int check_alu_op(struct bpf_verif
|
||||
return -EACCES;
|
||||
}
|
||||
mark_reg_unknown(env, regs, insn->dst_reg);
|
||||
- /* high 32 bits are known zero. */
|
||||
- regs[insn->dst_reg].var_off = tnum_cast(
|
||||
- regs[insn->dst_reg].var_off, 4);
|
||||
- __update_reg_bounds(®s[insn->dst_reg]);
|
||||
+ coerce_reg_to_size(®s[insn->dst_reg], 4);
|
||||
}
|
||||
} else {
|
||||
/* case: R = imm
|
|
@ -1,121 +0,0 @@
|
|||
From: Alexei Starovoitov <ast@kernel.org>
|
||||
Date: Mon, 18 Dec 2017 20:12:00 -0800
|
||||
Subject: [8/9] bpf: fix integer overflows
|
||||
Origin: https://git.kernel.org/linus/bb7f0f989ca7de1153bd128a40a71709e339fa03
|
||||
|
||||
There were various issues related to the limited size of integers used in
|
||||
the verifier:
|
||||
- `off + size` overflow in __check_map_access()
|
||||
- `off + reg->off` overflow in check_mem_access()
|
||||
- `off + reg->var_off.value` overflow or 32-bit truncation of
|
||||
`reg->var_off.value` in check_mem_access()
|
||||
- 32-bit truncation in check_stack_boundary()
|
||||
|
||||
Make sure that any integer math cannot overflow by not allowing
|
||||
pointer math with large values.
|
||||
|
||||
Also reduce the scope of "scalar op scalar" tracking.
|
||||
|
||||
Fixes: f1174f77b50c ("bpf/verifier: rework value tracking")
|
||||
Reported-by: Jann Horn <jannh@google.com>
|
||||
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
|
||||
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
||||
---
|
||||
include/linux/bpf_verifier.h | 4 ++--
|
||||
kernel/bpf/verifier.c | 48 ++++++++++++++++++++++++++++++++++++++++++++
|
||||
2 files changed, 50 insertions(+), 2 deletions(-)
|
||||
|
||||
--- a/include/linux/bpf_verifier.h
|
||||
+++ b/include/linux/bpf_verifier.h
|
||||
@@ -15,11 +15,11 @@
|
||||
* In practice this is far bigger than any realistic pointer offset; this limit
|
||||
* ensures that umax_value + (int)off + (int)size cannot overflow a u64.
|
||||
*/
|
||||
-#define BPF_MAX_VAR_OFF (1ULL << 31)
|
||||
+#define BPF_MAX_VAR_OFF (1 << 29)
|
||||
/* Maximum variable size permitted for ARG_CONST_SIZE[_OR_ZERO]. This ensures
|
||||
* that converting umax_value to int cannot overflow.
|
||||
*/
|
||||
-#define BPF_MAX_VAR_SIZ INT_MAX
|
||||
+#define BPF_MAX_VAR_SIZ (1 << 29)
|
||||
|
||||
/* Liveness marks, used for registers and spilled-regs (in stack slots).
|
||||
* Read marks propagate upwards until they find a write mark; they record that
|
||||
--- a/kernel/bpf/verifier.c
|
||||
+++ b/kernel/bpf/verifier.c
|
||||
@@ -1812,6 +1812,41 @@ static bool signed_sub_overflows(s64 a,
|
||||
return res > a;
|
||||
}
|
||||
|
||||
+static bool check_reg_sane_offset(struct bpf_verifier_env *env,
|
||||
+ const struct bpf_reg_state *reg,
|
||||
+ enum bpf_reg_type type)
|
||||
+{
|
||||
+ bool known = tnum_is_const(reg->var_off);
|
||||
+ s64 val = reg->var_off.value;
|
||||
+ s64 smin = reg->smin_value;
|
||||
+
|
||||
+ if (known && (val >= BPF_MAX_VAR_OFF || val <= -BPF_MAX_VAR_OFF)) {
|
||||
+ verbose(env, "math between %s pointer and %lld is not allowed\n",
|
||||
+ reg_type_str[type], val);
|
||||
+ return false;
|
||||
+ }
|
||||
+
|
||||
+ if (reg->off >= BPF_MAX_VAR_OFF || reg->off <= -BPF_MAX_VAR_OFF) {
|
||||
+ verbose(env, "%s pointer offset %d is not allowed\n",
|
||||
+ reg_type_str[type], reg->off);
|
||||
+ return false;
|
||||
+ }
|
||||
+
|
||||
+ if (smin == S64_MIN) {
|
||||
+ verbose(env, "math between %s pointer and register with unbounded min value is not allowed\n",
|
||||
+ reg_type_str[type]);
|
||||
+ return false;
|
||||
+ }
|
||||
+
|
||||
+ if (smin >= BPF_MAX_VAR_OFF || smin <= -BPF_MAX_VAR_OFF) {
|
||||
+ verbose(env, "value %lld makes %s pointer be out of bounds\n",
|
||||
+ smin, reg_type_str[type]);
|
||||
+ return false;
|
||||
+ }
|
||||
+
|
||||
+ return true;
|
||||
+}
|
||||
+
|
||||
/* Handles arithmetic on a pointer and a scalar: computes new min/max and var_off.
|
||||
* Caller should also handle BPF_MOV case separately.
|
||||
* If we return -EACCES, caller may want to try again treating pointer as a
|
||||
@@ -1880,6 +1915,10 @@ static int adjust_ptr_min_max_vals(struc
|
||||
dst_reg->type = ptr_reg->type;
|
||||
dst_reg->id = ptr_reg->id;
|
||||
|
||||
+ if (!check_reg_sane_offset(env, off_reg, ptr_reg->type) ||
|
||||
+ !check_reg_sane_offset(env, ptr_reg, ptr_reg->type))
|
||||
+ return -EINVAL;
|
||||
+
|
||||
switch (opcode) {
|
||||
case BPF_ADD:
|
||||
/* We can take a fixed offset as long as it doesn't overflow
|
||||
@@ -2010,6 +2049,9 @@ static int adjust_ptr_min_max_vals(struc
|
||||
return -EACCES;
|
||||
}
|
||||
|
||||
+ if (!check_reg_sane_offset(env, dst_reg, ptr_reg->type))
|
||||
+ return -EINVAL;
|
||||
+
|
||||
__update_reg_bounds(dst_reg);
|
||||
__reg_deduce_bounds(dst_reg);
|
||||
__reg_bound_offset(dst_reg);
|
||||
@@ -2039,6 +2081,12 @@ static int adjust_scalar_min_max_vals(st
|
||||
src_known = tnum_is_const(src_reg.var_off);
|
||||
dst_known = tnum_is_const(dst_reg->var_off);
|
||||
|
||||
+ if (!src_known &&
|
||||
+ opcode != BPF_ADD && opcode != BPF_SUB && opcode != BPF_AND) {
|
||||
+ __mark_reg_unknown(dst_reg);
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
switch (opcode) {
|
||||
case BPF_ADD:
|
||||
if (signed_add_overflows(dst_reg->smin_value, smin_val) ||
|
|
@ -1,26 +0,0 @@
|
|||
From: Jann Horn <jannh@google.com>
|
||||
Date: Mon, 18 Dec 2017 20:11:57 -0800
|
||||
Subject: [5/9] bpf: fix missing error return in check_stack_boundary()
|
||||
Origin: https://git.kernel.org/linus/ea25f914dc164c8d56b36147ecc86bc65f83c469
|
||||
|
||||
Prevent indirect stack accesses at non-constant addresses, which would
|
||||
permit reading and corrupting spilled pointers.
|
||||
|
||||
Fixes: f1174f77b50c ("bpf/verifier: rework value tracking")
|
||||
Signed-off-by: Jann Horn <jannh@google.com>
|
||||
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
|
||||
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
||||
---
|
||||
kernel/bpf/verifier.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
--- a/kernel/bpf/verifier.c
|
||||
+++ b/kernel/bpf/verifier.c
|
||||
@@ -1320,6 +1320,7 @@ static int check_stack_boundary(struct b
|
||||
tnum_strn(tn_buf, sizeof(tn_buf), regs[regno].var_off);
|
||||
verbose(env, "invalid variable stack read R%d var_off=%s\n",
|
||||
regno, tn_buf);
|
||||
+ return -EACCES;
|
||||
}
|
||||
off = regs[regno].off + regs[regno].var_off.value;
|
||||
if (off >= 0 || off < -MAX_BPF_STACK || off + access_size > 0 ||
|
|
@ -1,31 +0,0 @@
|
|||
From: Jann Horn <jannh@google.com>
|
||||
Date: Mon, 18 Dec 2017 20:11:58 -0800
|
||||
Subject: [6/9] bpf: force strict alignment checks for stack pointers
|
||||
Origin: https://git.kernel.org/linus/a5ec6ae161d72f01411169a938fa5f8baea16e8f
|
||||
|
||||
Force strict alignment checks for stack pointers because the tracking of
|
||||
stack spills relies on it; unaligned stack accesses can lead to corruption
|
||||
of spilled registers, which is exploitable.
|
||||
|
||||
Fixes: f1174f77b50c ("bpf/verifier: rework value tracking")
|
||||
Signed-off-by: Jann Horn <jannh@google.com>
|
||||
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
|
||||
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
||||
---
|
||||
kernel/bpf/verifier.c | 5 +++++
|
||||
1 file changed, 5 insertions(+)
|
||||
|
||||
--- a/kernel/bpf/verifier.c
|
||||
+++ b/kernel/bpf/verifier.c
|
||||
@@ -1071,6 +1071,11 @@ static int check_ptr_alignment(struct bp
|
||||
break;
|
||||
case PTR_TO_STACK:
|
||||
pointer_desc = "stack ";
|
||||
+ /* The stack spill tracking logic in check_stack_write()
|
||||
+ * and check_stack_read() relies on stack accesses being
|
||||
+ * aligned.
|
||||
+ */
|
||||
+ strict = true;
|
||||
break;
|
||||
default:
|
||||
break;
|
File diff suppressed because it is too large
Load Diff
|
@ -1,61 +0,0 @@
|
|||
From: Edward Cree <ecree@solarflare.com>
|
||||
Date: Mon, 18 Dec 2017 20:11:53 -0800
|
||||
Subject: [1/9] bpf/verifier: fix bounds calculation on BPF_RSH
|
||||
Origin: https://git.kernel.org/linus/4374f256ce8182019353c0c639bb8d0695b4c941
|
||||
|
||||
Incorrect signed bounds were being computed.
|
||||
If the old upper signed bound was positive and the old lower signed bound was
|
||||
negative, this could cause the new upper signed bound to be too low,
|
||||
leading to security issues.
|
||||
|
||||
Fixes: b03c9f9fdc37 ("bpf/verifier: track signed and unsigned min/max values")
|
||||
Reported-by: Jann Horn <jannh@google.com>
|
||||
Signed-off-by: Edward Cree <ecree@solarflare.com>
|
||||
Acked-by: Alexei Starovoitov <ast@kernel.org>
|
||||
[jannh@google.com: changed description to reflect bug impact]
|
||||
Signed-off-by: Jann Horn <jannh@google.com>
|
||||
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
|
||||
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
||||
---
|
||||
kernel/bpf/verifier.c | 30 ++++++++++++++++--------------
|
||||
1 file changed, 16 insertions(+), 14 deletions(-)
|
||||
|
||||
--- a/kernel/bpf/verifier.c
|
||||
+++ b/kernel/bpf/verifier.c
|
||||
@@ -2183,20 +2183,22 @@ static int adjust_scalar_min_max_vals(st
|
||||
mark_reg_unknown(env, regs, insn->dst_reg);
|
||||
break;
|
||||
}
|
||||
- /* BPF_RSH is an unsigned shift, so make the appropriate casts */
|
||||
- if (dst_reg->smin_value < 0) {
|
||||
- if (umin_val) {
|
||||
- /* Sign bit will be cleared */
|
||||
- dst_reg->smin_value = 0;
|
||||
- } else {
|
||||
- /* Lost sign bit information */
|
||||
- dst_reg->smin_value = S64_MIN;
|
||||
- dst_reg->smax_value = S64_MAX;
|
||||
- }
|
||||
- } else {
|
||||
- dst_reg->smin_value =
|
||||
- (u64)(dst_reg->smin_value) >> umax_val;
|
||||
- }
|
||||
+ /* BPF_RSH is an unsigned shift. If the value in dst_reg might
|
||||
+ * be negative, then either:
|
||||
+ * 1) src_reg might be zero, so the sign bit of the result is
|
||||
+ * unknown, so we lose our signed bounds
|
||||
+ * 2) it's known negative, thus the unsigned bounds capture the
|
||||
+ * signed bounds
|
||||
+ * 3) the signed bounds cross zero, so they tell us nothing
|
||||
+ * about the result
|
||||
+ * If the value in dst_reg is known nonnegative, then again the
|
||||
+ * unsigned bounts capture the signed bounds.
|
||||
+ * Thus, in all cases it suffices to blow away our signed bounds
|
||||
+ * and rely on inferring new ones from the unsigned bounds and
|
||||
+ * var_off of the result.
|
||||
+ */
|
||||
+ dst_reg->smin_value = S64_MIN;
|
||||
+ dst_reg->smax_value = S64_MAX;
|
||||
if (src_known)
|
||||
dst_reg->var_off = tnum_rshift(dst_reg->var_off,
|
||||
umin_val);
|
|
@ -5,10 +5,9 @@ Forwarded: https://marc.info/?l=linux-pm&m=149248268214265
|
|||
|
||||
Calls to cpufreq_cpu_exists(cpu) were converted to
|
||||
cpupower_is_cpu_online(cpu) when libcpupower was introduced and the
|
||||
former function was deleted. However, cpupower_is_cpu_online()
|
||||
returns 1 on success whereas cpufreq_cpu_exists() returned 0 on
|
||||
success. It also does not distinguish physically absent and offline
|
||||
CPUs, and does not set errno.
|
||||
former function was deleted. However, cpupower_is_cpu_online() does
|
||||
not distinguish physically absent and offline CPUs, and does not set
|
||||
errno.
|
||||
|
||||
cpufreq-set has already been fixed (commit c25badc9ceb6).
|
||||
|
||||
|
@ -16,6 +15,7 @@ In cpufreq-bench, which prints an error message for offline CPUs,
|
|||
properly distinguish and report the zero and negative cases.
|
||||
|
||||
Fixes: ac5a181d065d ("cpupower: Add cpuidle parts into library")
|
||||
Fixes: 53d1cd6b125f ("cpupowerutils: bench - Fix cpu online check")
|
||||
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
|
||||
---
|
||||
--- a/tools/power/cpupower/bench/system.c
|
||||
|
@ -28,7 +28,7 @@ Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
|
|||
|
||||
dprintf("set %s as cpufreq governor\n", governor);
|
||||
|
||||
- if (cpupower_is_cpu_online(cpu) != 0) {
|
||||
- if (cpupower_is_cpu_online(cpu) != 1) {
|
||||
- perror("cpufreq_cpu_exists");
|
||||
- fprintf(stderr, "error: cpu %u does not exist\n", cpu);
|
||||
+ rc = cpupower_is_cpu_online(cpu);
|
||||
|
|
|
@ -1,151 +0,0 @@
|
|||
From: Eric Biggers <ebiggers@google.com>
|
||||
Date: Tue, 28 Nov 2017 18:01:38 -0800
|
||||
Subject: crypto: hmac - require that the underlying hash algorithm is unkeyed
|
||||
Origin: https://git.kernel.org/linus/af3ff8045bbf3e32f1a448542e73abb4c8ceb6f1
|
||||
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-17806
|
||||
|
||||
Because the HMAC template didn't check that its underlying hash
|
||||
algorithm is unkeyed, trying to use "hmac(hmac(sha3-512-generic))"
|
||||
through AF_ALG or through KEYCTL_DH_COMPUTE resulted in the inner HMAC
|
||||
being used without having been keyed, resulting in sha3_update() being
|
||||
called without sha3_init(), causing a stack buffer overflow.
|
||||
|
||||
This is a very old bug, but it seems to have only started causing real
|
||||
problems when SHA-3 support was added (requires CONFIG_CRYPTO_SHA3)
|
||||
because the innermost hash's state is ->import()ed from a zeroed buffer,
|
||||
and it just so happens that other hash algorithms are fine with that,
|
||||
but SHA-3 is not. However, there could be arch or hardware-dependent
|
||||
hash algorithms also affected; I couldn't test everything.
|
||||
|
||||
Fix the bug by introducing a function crypto_shash_alg_has_setkey()
|
||||
which tests whether a shash algorithm is keyed. Then update the HMAC
|
||||
template to require that its underlying hash algorithm is unkeyed.
|
||||
|
||||
Here is a reproducer:
|
||||
|
||||
#include <linux/if_alg.h>
|
||||
#include <sys/socket.h>
|
||||
|
||||
int main()
|
||||
{
|
||||
int algfd;
|
||||
struct sockaddr_alg addr = {
|
||||
.salg_type = "hash",
|
||||
.salg_name = "hmac(hmac(sha3-512-generic))",
|
||||
};
|
||||
char key[4096] = { 0 };
|
||||
|
||||
algfd = socket(AF_ALG, SOCK_SEQPACKET, 0);
|
||||
bind(algfd, (const struct sockaddr *)&addr, sizeof(addr));
|
||||
setsockopt(algfd, SOL_ALG, ALG_SET_KEY, key, sizeof(key));
|
||||
}
|
||||
|
||||
Here was the KASAN report from syzbot:
|
||||
|
||||
BUG: KASAN: stack-out-of-bounds in memcpy include/linux/string.h:341 [inline]
|
||||
BUG: KASAN: stack-out-of-bounds in sha3_update+0xdf/0x2e0 crypto/sha3_generic.c:161
|
||||
Write of size 4096 at addr ffff8801cca07c40 by task syzkaller076574/3044
|
||||
|
||||
CPU: 1 PID: 3044 Comm: syzkaller076574 Not tainted 4.14.0-mm1+ #25
|
||||
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
|
||||
Call Trace:
|
||||
__dump_stack lib/dump_stack.c:17 [inline]
|
||||
dump_stack+0x194/0x257 lib/dump_stack.c:53
|
||||
print_address_description+0x73/0x250 mm/kasan/report.c:252
|
||||
kasan_report_error mm/kasan/report.c:351 [inline]
|
||||
kasan_report+0x25b/0x340 mm/kasan/report.c:409
|
||||
check_memory_region_inline mm/kasan/kasan.c:260 [inline]
|
||||
check_memory_region+0x137/0x190 mm/kasan/kasan.c:267
|
||||
memcpy+0x37/0x50 mm/kasan/kasan.c:303
|
||||
memcpy include/linux/string.h:341 [inline]
|
||||
sha3_update+0xdf/0x2e0 crypto/sha3_generic.c:161
|
||||
crypto_shash_update+0xcb/0x220 crypto/shash.c:109
|
||||
shash_finup_unaligned+0x2a/0x60 crypto/shash.c:151
|
||||
crypto_shash_finup+0xc4/0x120 crypto/shash.c:165
|
||||
hmac_finup+0x182/0x330 crypto/hmac.c:152
|
||||
crypto_shash_finup+0xc4/0x120 crypto/shash.c:165
|
||||
shash_digest_unaligned+0x9e/0xd0 crypto/shash.c:172
|
||||
crypto_shash_digest+0xc4/0x120 crypto/shash.c:186
|
||||
hmac_setkey+0x36a/0x690 crypto/hmac.c:66
|
||||
crypto_shash_setkey+0xad/0x190 crypto/shash.c:64
|
||||
shash_async_setkey+0x47/0x60 crypto/shash.c:207
|
||||
crypto_ahash_setkey+0xaf/0x180 crypto/ahash.c:200
|
||||
hash_setkey+0x40/0x90 crypto/algif_hash.c:446
|
||||
alg_setkey crypto/af_alg.c:221 [inline]
|
||||
alg_setsockopt+0x2a1/0x350 crypto/af_alg.c:254
|
||||
SYSC_setsockopt net/socket.c:1851 [inline]
|
||||
SyS_setsockopt+0x189/0x360 net/socket.c:1830
|
||||
entry_SYSCALL_64_fastpath+0x1f/0x96
|
||||
|
||||
Reported-by: syzbot <syzkaller@googlegroups.com>
|
||||
Cc: <stable@vger.kernel.org>
|
||||
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
||||
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
||||
---
|
||||
crypto/hmac.c | 6 +++++-
|
||||
crypto/shash.c | 5 +++--
|
||||
include/crypto/internal/hash.h | 8 ++++++++
|
||||
3 files changed, 16 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/crypto/hmac.c b/crypto/hmac.c
|
||||
index 92871dc2a63e..e74730224f0a 100644
|
||||
--- a/crypto/hmac.c
|
||||
+++ b/crypto/hmac.c
|
||||
@@ -195,11 +195,15 @@ static int hmac_create(struct crypto_template *tmpl, struct rtattr **tb)
|
||||
salg = shash_attr_alg(tb[1], 0, 0);
|
||||
if (IS_ERR(salg))
|
||||
return PTR_ERR(salg);
|
||||
+ alg = &salg->base;
|
||||
|
||||
+ /* The underlying hash algorithm must be unkeyed */
|
||||
err = -EINVAL;
|
||||
+ if (crypto_shash_alg_has_setkey(salg))
|
||||
+ goto out_put_alg;
|
||||
+
|
||||
ds = salg->digestsize;
|
||||
ss = salg->statesize;
|
||||
- alg = &salg->base;
|
||||
if (ds > alg->cra_blocksize ||
|
||||
ss < alg->cra_blocksize)
|
||||
goto out_put_alg;
|
||||
diff --git a/crypto/shash.c b/crypto/shash.c
|
||||
index 325a14da5827..e849d3ee2e27 100644
|
||||
--- a/crypto/shash.c
|
||||
+++ b/crypto/shash.c
|
||||
@@ -25,11 +25,12 @@
|
||||
|
||||
static const struct crypto_type crypto_shash_type;
|
||||
|
||||
-static int shash_no_setkey(struct crypto_shash *tfm, const u8 *key,
|
||||
- unsigned int keylen)
|
||||
+int shash_no_setkey(struct crypto_shash *tfm, const u8 *key,
|
||||
+ unsigned int keylen)
|
||||
{
|
||||
return -ENOSYS;
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(shash_no_setkey);
|
||||
|
||||
static int shash_setkey_unaligned(struct crypto_shash *tfm, const u8 *key,
|
||||
unsigned int keylen)
|
||||
diff --git a/include/crypto/internal/hash.h b/include/crypto/internal/hash.h
|
||||
index f0b44c16e88f..c2bae8da642c 100644
|
||||
--- a/include/crypto/internal/hash.h
|
||||
+++ b/include/crypto/internal/hash.h
|
||||
@@ -82,6 +82,14 @@ int ahash_register_instance(struct crypto_template *tmpl,
|
||||
struct ahash_instance *inst);
|
||||
void ahash_free_instance(struct crypto_instance *inst);
|
||||
|
||||
+int shash_no_setkey(struct crypto_shash *tfm, const u8 *key,
|
||||
+ unsigned int keylen);
|
||||
+
|
||||
+static inline bool crypto_shash_alg_has_setkey(struct shash_alg *alg)
|
||||
+{
|
||||
+ return alg->setkey != shash_no_setkey;
|
||||
+}
|
||||
+
|
||||
int crypto_init_ahash_spawn(struct crypto_ahash_spawn *spawn,
|
||||
struct hash_alg_common *alg,
|
||||
struct crypto_instance *inst);
|
||||
--
|
||||
2.11.0
|
||||
|
|
@ -1,91 +0,0 @@
|
|||
From: Eric Biggers <ebiggers@google.com>
|
||||
Date: Tue, 28 Nov 2017 20:56:59 -0800
|
||||
Subject: crypto: salsa20 - fix blkcipher_walk API usage
|
||||
Origin: https://git.kernel.org/linus/ecaaab5649781c5a0effdaf298a925063020500e
|
||||
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-17805
|
||||
|
||||
When asked to encrypt or decrypt 0 bytes, both the generic and x86
|
||||
implementations of Salsa20 crash in blkcipher_walk_done(), either when
|
||||
doing 'kfree(walk->buffer)' or 'free_page((unsigned long)walk->page)',
|
||||
because walk->buffer and walk->page have not been initialized.
|
||||
|
||||
The bug is that Salsa20 is calling blkcipher_walk_done() even when
|
||||
nothing is in 'walk.nbytes'. But blkcipher_walk_done() is only meant to
|
||||
be called when a nonzero number of bytes have been provided.
|
||||
|
||||
The broken code is part of an optimization that tries to make only one
|
||||
call to salsa20_encrypt_bytes() to process inputs that are not evenly
|
||||
divisible by 64 bytes. To fix the bug, just remove this "optimization"
|
||||
and use the blkcipher_walk API the same way all the other users do.
|
||||
|
||||
Reproducer:
|
||||
|
||||
#include <linux/if_alg.h>
|
||||
#include <sys/socket.h>
|
||||
#include <unistd.h>
|
||||
|
||||
int main()
|
||||
{
|
||||
int algfd, reqfd;
|
||||
struct sockaddr_alg addr = {
|
||||
.salg_type = "skcipher",
|
||||
.salg_name = "salsa20",
|
||||
};
|
||||
char key[16] = { 0 };
|
||||
|
||||
algfd = socket(AF_ALG, SOCK_SEQPACKET, 0);
|
||||
bind(algfd, (void *)&addr, sizeof(addr));
|
||||
reqfd = accept(algfd, 0, 0);
|
||||
setsockopt(algfd, SOL_ALG, ALG_SET_KEY, key, sizeof(key));
|
||||
read(reqfd, key, sizeof(key));
|
||||
}
|
||||
|
||||
Reported-by: syzbot <syzkaller@googlegroups.com>
|
||||
Fixes: eb6f13eb9f81 ("[CRYPTO] salsa20_generic: Fix multi-page processing")
|
||||
Cc: <stable@vger.kernel.org> # v2.6.25+
|
||||
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
||||
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
||||
---
|
||||
arch/x86/crypto/salsa20_glue.c | 7 -------
|
||||
crypto/salsa20_generic.c | 7 -------
|
||||
2 files changed, 14 deletions(-)
|
||||
|
||||
diff --git a/arch/x86/crypto/salsa20_glue.c b/arch/x86/crypto/salsa20_glue.c
|
||||
index 399a29d067d6..cb91a64a99e7 100644
|
||||
--- a/arch/x86/crypto/salsa20_glue.c
|
||||
+++ b/arch/x86/crypto/salsa20_glue.c
|
||||
@@ -59,13 +59,6 @@ static int encrypt(struct blkcipher_desc *desc,
|
||||
|
||||
salsa20_ivsetup(ctx, walk.iv);
|
||||
|
||||
- if (likely(walk.nbytes == nbytes))
|
||||
- {
|
||||
- salsa20_encrypt_bytes(ctx, walk.src.virt.addr,
|
||||
- walk.dst.virt.addr, nbytes);
|
||||
- return blkcipher_walk_done(desc, &walk, 0);
|
||||
- }
|
||||
-
|
||||
while (walk.nbytes >= 64) {
|
||||
salsa20_encrypt_bytes(ctx, walk.src.virt.addr,
|
||||
walk.dst.virt.addr,
|
||||
diff --git a/crypto/salsa20_generic.c b/crypto/salsa20_generic.c
|
||||
index f550b5d94630..d7da0eea5622 100644
|
||||
--- a/crypto/salsa20_generic.c
|
||||
+++ b/crypto/salsa20_generic.c
|
||||
@@ -188,13 +188,6 @@ static int encrypt(struct blkcipher_desc *desc,
|
||||
|
||||
salsa20_ivsetup(ctx, walk.iv);
|
||||
|
||||
- if (likely(walk.nbytes == nbytes))
|
||||
- {
|
||||
- salsa20_encrypt_bytes(ctx, walk.dst.virt.addr,
|
||||
- walk.src.virt.addr, nbytes);
|
||||
- return blkcipher_walk_done(desc, &walk, 0);
|
||||
- }
|
||||
-
|
||||
while (walk.nbytes >= 64) {
|
||||
salsa20_encrypt_bytes(ctx, walk.dst.virt.addr,
|
||||
walk.src.virt.addr,
|
||||
--
|
||||
2.11.0
|
||||
|
|
@ -1,38 +0,0 @@
|
|||
From: Mohamed Ghannam <simo.ghannam@gmail.com>
|
||||
Date: Tue, 5 Dec 2017 20:58:35 +0000
|
||||
Subject: dccp: CVE-2017-8824: use-after-free in DCCP code
|
||||
Origin: https://git.kernel.org/linus/69c64866ce072dea1d1e59a0d61e0f66c0dffb76
|
||||
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-8824
|
||||
|
||||
Whenever the sock object is in DCCP_CLOSED state,
|
||||
dccp_disconnect() must free dccps_hc_tx_ccid and
|
||||
dccps_hc_rx_ccid and set to NULL.
|
||||
|
||||
Signed-off-by: Mohamed Ghannam <simo.ghannam@gmail.com>
|
||||
Reviewed-by: Eric Dumazet <edumazet@google.com>
|
||||
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||||
---
|
||||
net/dccp/proto.c | 5 +++++
|
||||
1 file changed, 5 insertions(+)
|
||||
|
||||
--- a/net/dccp/proto.c
|
||||
+++ b/net/dccp/proto.c
|
||||
@@ -259,6 +259,7 @@ int dccp_disconnect(struct sock *sk, int
|
||||
{
|
||||
struct inet_connection_sock *icsk = inet_csk(sk);
|
||||
struct inet_sock *inet = inet_sk(sk);
|
||||
+ struct dccp_sock *dp = dccp_sk(sk);
|
||||
int err = 0;
|
||||
const int old_state = sk->sk_state;
|
||||
|
||||
@@ -278,6 +279,10 @@ int dccp_disconnect(struct sock *sk, int
|
||||
sk->sk_err = ECONNRESET;
|
||||
|
||||
dccp_clear_xmit_timers(sk);
|
||||
+ ccid_hc_rx_delete(dp->dccps_hc_rx_ccid, sk);
|
||||
+ ccid_hc_tx_delete(dp->dccps_hc_tx_ccid, sk);
|
||||
+ dp->dccps_hc_rx_ccid = NULL;
|
||||
+ dp->dccps_hc_tx_ccid = NULL;
|
||||
|
||||
__skb_queue_purge(&sk->sk_receive_queue);
|
||||
__skb_queue_purge(&sk->sk_write_queue);
|
|
@ -53,7 +53,7 @@ upstream submission.
|
|||
/* disable MPU */
|
||||
--- a/arch/x86/kernel/cpu/microcode/amd.c
|
||||
+++ b/arch/x86/kernel/cpu/microcode/amd.c
|
||||
@@ -732,10 +732,8 @@ static enum ucode_state request_microcod
|
||||
@@ -739,10 +739,8 @@ static enum ucode_state request_microcod
|
||||
if (c->x86 >= 0x15)
|
||||
snprintf(fw_name, sizeof(fw_name), "amd-ucode/microcode_amd_fam%.2xh.bin", c->x86);
|
||||
|
||||
|
@ -81,7 +81,7 @@ upstream submission.
|
|||
rec = (const struct ihex_binrec *)fw->data;
|
||||
--- a/drivers/atm/fore200e.c
|
||||
+++ b/drivers/atm/fore200e.c
|
||||
@@ -2496,10 +2496,9 @@ static int fore200e_load_and_start_fw(st
|
||||
@@ -2504,10 +2504,9 @@ static int fore200e_load_and_start_fw(st
|
||||
return err;
|
||||
|
||||
sprintf(buf, "%s%s", fore200e->bus->proc_name, FW_EXT);
|
||||
|
@ -96,7 +96,7 @@ upstream submission.
|
|||
fw_size = firmware->size / sizeof(u32);
|
||||
--- a/drivers/bluetooth/ath3k.c
|
||||
+++ b/drivers/bluetooth/ath3k.c
|
||||
@@ -424,10 +424,8 @@ static int ath3k_load_patch(struct usb_d
|
||||
@@ -425,10 +425,8 @@ static int ath3k_load_patch(struct usb_d
|
||||
le32_to_cpu(fw_version.rom_version));
|
||||
|
||||
ret = request_firmware(&firmware, filename, &udev->dev);
|
||||
|
@ -108,7 +108,7 @@ upstream submission.
|
|||
|
||||
pt_rom_version = get_unaligned_le32(firmware->data +
|
||||
firmware->size - 8);
|
||||
@@ -487,10 +485,8 @@ static int ath3k_load_syscfg(struct usb_
|
||||
@@ -488,10 +486,8 @@ static int ath3k_load_syscfg(struct usb_
|
||||
le32_to_cpu(fw_version.rom_version), clk_value, ".dfu");
|
||||
|
||||
ret = request_firmware(&firmware, filename, &udev->dev);
|
||||
|
@ -203,7 +203,7 @@ upstream submission.
|
|||
fw->size, fw_name);
|
||||
--- a/drivers/dma/imx-sdma.c
|
||||
+++ b/drivers/dma/imx-sdma.c
|
||||
@@ -1453,11 +1453,8 @@ static void sdma_load_firmware(const str
|
||||
@@ -1461,11 +1461,8 @@ static void sdma_load_firmware(const str
|
||||
const struct sdma_script_start_addrs *addr;
|
||||
unsigned short *ram_code;
|
||||
|
||||
|
@ -233,7 +233,7 @@ upstream submission.
|
|||
where = 0;
|
||||
--- a/drivers/gpu/drm/nouveau/nvkm/engine/gr/gf100.c
|
||||
+++ b/drivers/gpu/drm/nouveau/nvkm/engine/gr/gf100.c
|
||||
@@ -1833,10 +1833,8 @@ gf100_gr_ctor_fw_legacy(struct gf100_gr
|
||||
@@ -1839,10 +1839,8 @@ gf100_gr_ctor_fw_legacy(struct gf100_gr
|
||||
if (ret) {
|
||||
snprintf(f, sizeof(f), "nouveau/%s", fwname);
|
||||
ret = request_firmware(&fw, f, device->dev);
|
||||
|
@ -313,7 +313,7 @@ upstream submission.
|
|||
ret = qib_ibsd_ucode_loaded(dd->pport, fw);
|
||||
--- a/drivers/input/touchscreen/atmel_mxt_ts.c
|
||||
+++ b/drivers/input/touchscreen/atmel_mxt_ts.c
|
||||
@@ -2715,10 +2715,8 @@ static int mxt_load_fw(struct device *de
|
||||
@@ -2717,10 +2717,8 @@ static int mxt_load_fw(struct device *de
|
||||
int ret;
|
||||
|
||||
ret = request_firmware(&fw, fn, dev);
|
||||
|
@ -384,7 +384,7 @@ upstream submission.
|
|||
nim9090md_config[1].microcode_B_fe_size = state->frontend_firmware->size;
|
||||
--- a/drivers/media/usb/dvb-usb/dvb-usb-firmware.c
|
||||
+++ b/drivers/media/usb/dvb-usb/dvb-usb-firmware.c
|
||||
@@ -88,13 +88,9 @@ int dvb_usb_download_firmware(struct usb
|
||||
@@ -89,13 +89,9 @@ int dvb_usb_download_firmware(struct usb
|
||||
int ret;
|
||||
const struct firmware *fw = NULL;
|
||||
|
||||
|
@ -469,7 +469,7 @@ upstream submission.
|
|||
b = fw->data;
|
||||
--- a/drivers/media/dvb-frontends/cx24116.c
|
||||
+++ b/drivers/media/dvb-frontends/cx24116.c
|
||||
@@ -495,13 +495,8 @@ static int cx24116_firmware_ondemand(str
|
||||
@@ -491,13 +491,8 @@ static int cx24116_firmware_ondemand(str
|
||||
__func__, CX24116_DEFAULT_FIRMWARE);
|
||||
ret = request_firmware(&fw, CX24116_DEFAULT_FIRMWARE,
|
||||
state->i2c->dev.parent);
|
||||
|
@ -486,7 +486,7 @@ upstream submission.
|
|||
* during loading */
|
||||
--- a/drivers/media/dvb-frontends/drxd_hard.c
|
||||
+++ b/drivers/media/dvb-frontends/drxd_hard.c
|
||||
@@ -901,10 +901,8 @@ static int load_firmware(struct drxd_sta
|
||||
@@ -903,10 +903,8 @@ static int load_firmware(struct drxd_sta
|
||||
{
|
||||
const struct firmware *fw;
|
||||
|
||||
|
@ -497,7 +497,7 @@ upstream submission.
|
|||
- }
|
||||
|
||||
state->microcode = kmemdup(fw->data, fw->size, GFP_KERNEL);
|
||||
if (state->microcode == NULL) {
|
||||
if (!state->microcode) {
|
||||
--- a/drivers/media/dvb-frontends/drxk_hard.c
|
||||
+++ b/drivers/media/dvb-frontends/drxk_hard.c
|
||||
@@ -6287,10 +6287,6 @@ static void load_firmware_cb(const struc
|
||||
|
@ -513,7 +513,7 @@ upstream submission.
|
|||
/*
|
||||
--- a/drivers/media/dvb-frontends/ds3000.c
|
||||
+++ b/drivers/media/dvb-frontends/ds3000.c
|
||||
@@ -362,12 +362,8 @@ static int ds3000_firmware_ondemand(stru
|
||||
@@ -360,12 +360,8 @@ static int ds3000_firmware_ondemand(stru
|
||||
DS3000_DEFAULT_FIRMWARE);
|
||||
ret = request_firmware(&fw, DS3000_DEFAULT_FIRMWARE,
|
||||
state->i2c->dev.parent);
|
||||
|
@ -691,7 +691,7 @@ upstream submission.
|
|||
}
|
||||
--- a/drivers/media/common/siano/smscoreapi.c
|
||||
+++ b/drivers/media/common/siano/smscoreapi.c
|
||||
@@ -1158,10 +1158,8 @@ static int smscore_load_firmware_from_fi
|
||||
@@ -1156,10 +1156,8 @@ static int smscore_load_firmware_from_fi
|
||||
return -EINVAL;
|
||||
|
||||
rc = request_firmware(&fw, fw_filename, coredev->device);
|
||||
|
@ -906,7 +906,7 @@ upstream submission.
|
|||
pr_err("ERROR: Firmware size mismatch (have %zu, expected %d)\n",
|
||||
--- a/drivers/media/pci/cx23885/cx23885-cards.c
|
||||
+++ b/drivers/media/pci/cx23885/cx23885-cards.c
|
||||
@@ -2339,10 +2339,7 @@ void cx23885_card_setup(struct cx23885_d
|
||||
@@ -2345,10 +2345,7 @@ void cx23885_card_setup(struct cx23885_d
|
||||
cinfo.rev, filename);
|
||||
|
||||
ret = request_firmware(&fw, filename, &dev->pci->dev);
|
||||
|
@ -1003,7 +1003,7 @@ upstream submission.
|
|||
|
||||
--- a/drivers/media/usb/s2255/s2255drv.c
|
||||
+++ b/drivers/media/usb/s2255/s2255drv.c
|
||||
@@ -2306,10 +2306,8 @@ static int s2255_probe(struct usb_interf
|
||||
@@ -2307,10 +2307,8 @@ static int s2255_probe(struct usb_interf
|
||||
}
|
||||
/* load the first chunk */
|
||||
if (request_firmware(&dev->fw_data->fw,
|
||||
|
@ -1156,7 +1156,7 @@ upstream submission.
|
|||
if (bp->mips_firmware->size < sizeof(*mips_fw) ||
|
||||
--- a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c
|
||||
+++ b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c
|
||||
@@ -13490,11 +13490,8 @@ static int bnx2x_init_firmware(struct bn
|
||||
@@ -13495,11 +13495,8 @@ static int bnx2x_init_firmware(struct bn
|
||||
BNX2X_DEV_INFO("Loading %s\n", fw_file_name);
|
||||
|
||||
rc = request_firmware(&bp->firmware, fw_file_name, &bp->pdev->dev);
|
||||
|
@ -1171,7 +1171,7 @@ upstream submission.
|
|||
if (rc) {
|
||||
--- a/drivers/net/ethernet/broadcom/tg3.c
|
||||
+++ b/drivers/net/ethernet/broadcom/tg3.c
|
||||
@@ -11357,11 +11357,8 @@ static int tg3_request_firmware(struct t
|
||||
@@ -11355,11 +11355,8 @@ static int tg3_request_firmware(struct t
|
||||
{
|
||||
const struct tg3_firmware_hdr *fw_hdr;
|
||||
|
||||
|
@ -1200,7 +1200,7 @@ upstream submission.
|
|||
*bfi_image_size = fw->size/sizeof(u32);
|
||||
--- a/drivers/net/ethernet/chelsio/cxgb3/cxgb3_main.c
|
||||
+++ b/drivers/net/ethernet/chelsio/cxgb3/cxgb3_main.c
|
||||
@@ -1033,12 +1033,8 @@ int t3_get_edc_fw(struct cphy *phy, int
|
||||
@@ -1037,12 +1037,8 @@ int t3_get_edc_fw(struct cphy *phy, int
|
||||
fw_name = get_edc_fw_name(edc_idx);
|
||||
if (fw_name)
|
||||
ret = request_firmware(&fw, fw_name, &adapter->pdev->dev);
|
||||
|
@ -1214,7 +1214,7 @@ upstream submission.
|
|||
|
||||
/* check size, take checksum in account */
|
||||
if (fw->size > size + 4) {
|
||||
@@ -1075,11 +1071,8 @@ static int upgrade_fw(struct adapter *ad
|
||||
@@ -1079,11 +1075,8 @@ static int upgrade_fw(struct adapter *ad
|
||||
struct device *dev = &adap->pdev->dev;
|
||||
|
||||
ret = request_firmware(&fw, FW_FNAME, dev);
|
||||
|
@ -1227,7 +1227,7 @@ upstream submission.
|
|||
ret = t3_load_fw(adap, fw->data, fw->size);
|
||||
release_firmware(fw);
|
||||
|
||||
@@ -1124,11 +1117,8 @@ static int update_tpsram(struct adapter
|
||||
@@ -1128,11 +1121,8 @@ static int update_tpsram(struct adapter
|
||||
snprintf(buf, sizeof(buf), TPSRAM_NAME, rev);
|
||||
|
||||
ret = request_firmware(&tpsram, buf, dev);
|
||||
|
@ -1386,7 +1386,7 @@ upstream submission.
|
|||
|
||||
--- a/drivers/net/wireless/atmel/atmel.c
|
||||
+++ b/drivers/net/wireless/atmel/atmel.c
|
||||
@@ -3911,12 +3911,8 @@ static int reset_atmel_card(struct net_d
|
||||
@@ -3908,12 +3908,8 @@ static int reset_atmel_card(struct net_d
|
||||
strcpy(priv->firmware_id, "atmel_at76c502.bin");
|
||||
}
|
||||
err = request_firmware(&fw_entry, priv->firmware_id, priv->sys_dev);
|
||||
|
@ -1480,7 +1480,7 @@ upstream submission.
|
|||
|
||||
--- a/drivers/net/wireless/intel/ipw2x00/ipw2200.c
|
||||
+++ b/drivers/net/wireless/intel/ipw2x00/ipw2200.c
|
||||
@@ -3416,10 +3416,8 @@ static int ipw_get_fw(struct ipw_priv *p
|
||||
@@ -3417,10 +3417,8 @@ static int ipw_get_fw(struct ipw_priv *p
|
||||
|
||||
/* ask firmware_class module to get the boot firmware off disk */
|
||||
rc = request_firmware(raw, name, &priv->pci_dev->dev);
|
||||
|
@ -1504,7 +1504,7 @@ upstream submission.
|
|||
else
|
||||
--- a/drivers/net/wireless/intel/iwlwifi/iwl-drv.c
|
||||
+++ b/drivers/net/wireless/intel/iwlwifi/iwl-drv.c
|
||||
@@ -234,8 +234,6 @@ static int iwl_request_firmware(struct i
|
||||
@@ -235,8 +235,6 @@ static int iwl_request_firmware(struct i
|
||||
}
|
||||
|
||||
if (drv->fw_index < cfg->ucode_api_min) {
|
||||
|
@ -1526,7 +1526,7 @@ upstream submission.
|
|||
}
|
||||
--- a/drivers/net/wireless/marvell/mwifiex/main.c
|
||||
+++ b/drivers/net/wireless/marvell/mwifiex/main.c
|
||||
@@ -526,11 +526,8 @@ static int _mwifiex_fw_dpc(const struct
|
||||
@@ -525,11 +525,8 @@ static int _mwifiex_fw_dpc(const struct
|
||||
struct wireless_dev *wdev;
|
||||
struct completion *fw_done = adapter->fw_done;
|
||||
|
||||
|
@ -1620,7 +1620,7 @@ upstream submission.
|
|||
|
||||
--- a/drivers/net/wireless/intersil/orinoco/orinoco_usb.c
|
||||
+++ b/drivers/net/wireless/intersil/orinoco/orinoco_usb.c
|
||||
@@ -1679,7 +1679,6 @@ static int ezusb_probe(struct usb_interf
|
||||
@@ -1677,7 +1677,6 @@ static int ezusb_probe(struct usb_interf
|
||||
if (ezusb_firmware_download(upriv, &firmware) < 0)
|
||||
goto error;
|
||||
} else {
|
||||
|
@ -1705,7 +1705,7 @@ upstream submission.
|
|||
}
|
||||
--- a/drivers/net/wireless/realtek/rtlwifi/rtl8192se/sw.c
|
||||
+++ b/drivers/net/wireless/realtek/rtlwifi/rtl8192se/sw.c
|
||||
@@ -91,7 +91,6 @@ static void rtl92se_fw_cb(const struct f
|
||||
@@ -92,7 +92,6 @@ static void rtl92se_fw_cb(const struct f
|
||||
"Firmware callback routine entered!\n");
|
||||
complete(&rtlpriv->firmware_loading_complete);
|
||||
if (!firmware) {
|
||||
|
@ -1850,7 +1850,7 @@ upstream submission.
|
|||
if (err) {
|
||||
--- a/drivers/scsi/bfa/bfad.c
|
||||
+++ b/drivers/scsi/bfa/bfad.c
|
||||
@@ -1758,7 +1758,6 @@ bfad_read_firmware(struct pci_dev *pdev,
|
||||
@@ -1756,7 +1756,6 @@ bfad_read_firmware(struct pci_dev *pdev,
|
||||
const struct firmware *fw;
|
||||
|
||||
if (request_firmware(&fw, fw_name, &pdev->dev)) {
|
||||
|
@ -1860,7 +1860,7 @@ upstream submission.
|
|||
}
|
||||
--- a/drivers/scsi/ipr.c
|
||||
+++ b/drivers/scsi/ipr.c
|
||||
@@ -4083,10 +4083,8 @@ static ssize_t ipr_store_update_fw(struc
|
||||
@@ -4094,10 +4094,8 @@ static ssize_t ipr_store_update_fw(struc
|
||||
if (endline)
|
||||
*endline = '\0';
|
||||
|
||||
|
@ -1874,7 +1874,7 @@ upstream submission.
|
|||
|
||||
--- a/drivers/scsi/pm8001/pm8001_ctl.c
|
||||
+++ b/drivers/scsi/pm8001/pm8001_ctl.c
|
||||
@@ -685,10 +685,6 @@ static ssize_t pm8001_store_update_fw(st
|
||||
@@ -737,10 +737,6 @@ static ssize_t pm8001_store_update_fw(st
|
||||
pm8001_ha->dev);
|
||||
|
||||
if (ret) {
|
||||
|
@ -1898,7 +1898,7 @@ upstream submission.
|
|||
}
|
||||
--- a/drivers/scsi/qla2xxx/qla_init.c
|
||||
+++ b/drivers/scsi/qla2xxx/qla_init.c
|
||||
@@ -6651,8 +6651,6 @@ qla2x00_load_risc(scsi_qla_host_t *vha,
|
||||
@@ -6906,8 +6906,6 @@ qla2x00_load_risc(scsi_qla_host_t *vha,
|
||||
/* Load firmware blob. */
|
||||
blob = qla2x00_request_firmware(vha);
|
||||
if (!blob) {
|
||||
|
@ -1907,7 +1907,7 @@ upstream submission.
|
|||
ql_log(ql_log_info, vha, 0x0084,
|
||||
"Firmware images can be retrieved from: "QLA_FW_URL ".\n");
|
||||
return QLA_FUNCTION_FAILED;
|
||||
@@ -6754,8 +6752,6 @@ qla24xx_load_risc_blob(scsi_qla_host_t *
|
||||
@@ -7009,8 +7007,6 @@ qla24xx_load_risc_blob(scsi_qla_host_t *
|
||||
/* Load firmware blob. */
|
||||
blob = qla2x00_request_firmware(vha);
|
||||
if (!blob) {
|
||||
|
@ -1933,7 +1933,7 @@ upstream submission.
|
|||
if (qla82xx_validate_firmware_blob(vha,
|
||||
--- a/drivers/scsi/qla2xxx/qla_os.c
|
||||
+++ b/drivers/scsi/qla2xxx/qla_os.c
|
||||
@@ -6149,8 +6149,6 @@ qla2x00_request_firmware(scsi_qla_host_t
|
||||
@@ -6269,8 +6269,6 @@ qla2x00_request_firmware(scsi_qla_host_t
|
||||
goto out;
|
||||
|
||||
if (request_firmware(&blob->fw, blob->name, &ha->pdev->dev)) {
|
||||
|
@ -2017,11 +2017,11 @@ upstream submission.
|
|||
if (0 != ret) {
|
||||
--- a/drivers/staging/media/lirc/lirc_zilog.c
|
||||
+++ b/drivers/staging/media/lirc/lirc_zilog.c
|
||||
@@ -753,9 +753,6 @@ static int fw_load(struct IR_tx *tx)
|
||||
@@ -752,9 +752,6 @@ static int fw_load(struct IR_tx *tx)
|
||||
/* Request codeset data file */
|
||||
ret = request_firmware(&fw_entry, "haup-ir-blaster.bin", tx->ir->l.dev);
|
||||
ret = request_firmware(&fw_entry, "haup-ir-blaster.bin", tx->ir->dev);
|
||||
if (ret != 0) {
|
||||
- dev_err(tx->ir->l.dev,
|
||||
- dev_err(tx->ir->dev,
|
||||
- "firmware haup-ir-blaster.bin not available (%d)\n",
|
||||
- ret);
|
||||
ret = ret < 0 ? ret : -EFAULT;
|
||||
|
@ -2029,7 +2029,7 @@ upstream submission.
|
|||
}
|
||||
--- a/drivers/staging/rtl8192u/r819xU_firmware.c
|
||||
+++ b/drivers/staging/rtl8192u/r819xU_firmware.c
|
||||
@@ -244,10 +244,8 @@ bool init_firmware(struct net_device *de
|
||||
@@ -245,10 +245,8 @@ bool init_firmware(struct net_device *de
|
||||
*/
|
||||
if (rst_opt == OPT_SYSTEM_RESET) {
|
||||
rc = request_firmware(&fw_entry, fw_name[init_step], &priv->udev->dev);
|
||||
|
@ -2097,7 +2097,7 @@ upstream submission.
|
|||
if (!buffer)
|
||||
--- a/drivers/tty/cyclades.c
|
||||
+++ b/drivers/tty/cyclades.c
|
||||
@@ -3492,10 +3492,8 @@ static int cyz_load_fw(struct pci_dev *p
|
||||
@@ -3489,10 +3489,8 @@ static int cyz_load_fw(struct pci_dev *p
|
||||
int retval;
|
||||
|
||||
retval = request_firmware(&fw, "cyzfirm.bin", &pdev->dev);
|
||||
|
@ -2111,7 +2111,7 @@ upstream submission.
|
|||
positive, skip this board */
|
||||
--- a/drivers/tty/moxa.c
|
||||
+++ b/drivers/tty/moxa.c
|
||||
@@ -866,13 +866,8 @@ static int moxa_init_board(struct moxa_b
|
||||
@@ -862,13 +862,8 @@ static int moxa_init_board(struct moxa_b
|
||||
}
|
||||
|
||||
ret = request_firmware(&fw, file, dev);
|
||||
|
@ -2128,7 +2128,7 @@ upstream submission.
|
|||
|
||||
--- a/drivers/tty/serial/icom.c
|
||||
+++ b/drivers/tty/serial/icom.c
|
||||
@@ -374,7 +374,6 @@ static void load_code(struct icom_port *
|
||||
@@ -360,7 +360,6 @@ static void load_code(struct icom_port *
|
||||
|
||||
/* Load Call Setup into Adapter */
|
||||
if (request_firmware(&fw, "icom_call_setup.bin", &dev->dev) < 0) {
|
||||
|
@ -2136,7 +2136,7 @@ upstream submission.
|
|||
status = -1;
|
||||
goto load_code_exit;
|
||||
}
|
||||
@@ -394,7 +393,6 @@ static void load_code(struct icom_port *
|
||||
@@ -380,7 +379,6 @@ static void load_code(struct icom_port *
|
||||
|
||||
/* Load Resident DCE portion of Adapter */
|
||||
if (request_firmware(&fw, "icom_res_dce.bin", &dev->dev) < 0) {
|
||||
|
@ -2144,7 +2144,7 @@ upstream submission.
|
|||
status = -1;
|
||||
goto load_code_exit;
|
||||
}
|
||||
@@ -439,7 +437,6 @@ static void load_code(struct icom_port *
|
||||
@@ -425,7 +423,6 @@ static void load_code(struct icom_port *
|
||||
}
|
||||
|
||||
if (request_firmware(&fw, "icom_asc.bin", &dev->dev) < 0) {
|
||||
|
@ -2154,7 +2154,7 @@ upstream submission.
|
|||
}
|
||||
--- a/drivers/tty/serial/ucc_uart.c
|
||||
+++ b/drivers/tty/serial/ucc_uart.c
|
||||
@@ -1167,10 +1167,8 @@ static void uart_firmware_cont(const str
|
||||
@@ -1165,10 +1165,8 @@ static void uart_firmware_cont(const str
|
||||
struct device *dev = context;
|
||||
int ret;
|
||||
|
||||
|
@ -2168,7 +2168,7 @@ upstream submission.
|
|||
|
||||
--- a/drivers/usb/atm/cxacru.c
|
||||
+++ b/drivers/usb/atm/cxacru.c
|
||||
@@ -1088,8 +1088,6 @@ static int cxacru_find_firmware(struct c
|
||||
@@ -1082,8 +1082,6 @@ static int cxacru_find_firmware(struct c
|
||||
return -ENOENT;
|
||||
}
|
||||
|
||||
|
@ -2179,7 +2179,7 @@ upstream submission.
|
|||
|
||||
--- a/drivers/usb/atm/ueagle-atm.c
|
||||
+++ b/drivers/usb/atm/ueagle-atm.c
|
||||
@@ -649,10 +649,8 @@ static void uea_upload_pre_firmware(cons
|
||||
@@ -650,10 +650,8 @@ static void uea_upload_pre_firmware(cons
|
||||
int ret, size;
|
||||
|
||||
uea_enters(usb);
|
||||
|
@ -2191,7 +2191,7 @@ upstream submission.
|
|||
|
||||
pfw = fw_entry->data;
|
||||
size = fw_entry->size;
|
||||
@@ -747,10 +745,6 @@ static int uea_load_firmware(struct usb_
|
||||
@@ -748,10 +746,6 @@ static int uea_load_firmware(struct usb_
|
||||
ret = request_firmware_nowait(THIS_MODULE, 1, fw_name, &usb->dev,
|
||||
GFP_KERNEL, usb,
|
||||
uea_upload_pre_firmware);
|
||||
|
@ -2202,7 +2202,7 @@ upstream submission.
|
|||
|
||||
uea_leaves(usb);
|
||||
return ret;
|
||||
@@ -912,12 +906,8 @@ static int request_dsp(struct uea_softc
|
||||
@@ -913,12 +907,8 @@ static int request_dsp(struct uea_softc
|
||||
}
|
||||
|
||||
ret = request_firmware(&sc->dsp_firm, dsp_name, &sc->usb_dev->dev);
|
||||
|
@ -2216,7 +2216,7 @@ upstream submission.
|
|||
|
||||
if (UEA_CHIP_VERSION(sc) == EAGLE_IV)
|
||||
ret = check_dsp_e4(sc->dsp_firm->data, sc->dsp_firm->size);
|
||||
@@ -1630,12 +1620,8 @@ static int request_cmvs_old(struct uea_s
|
||||
@@ -1631,12 +1621,8 @@ static int request_cmvs_old(struct uea_s
|
||||
|
||||
cmvs_file_name(sc, cmv_name, 1);
|
||||
ret = request_firmware(fw, cmv_name, &sc->usb_dev->dev);
|
||||
|
@ -2230,7 +2230,7 @@ upstream submission.
|
|||
|
||||
data = (u8 *) (*fw)->data;
|
||||
size = (*fw)->size;
|
||||
@@ -1672,9 +1658,6 @@ static int request_cmvs(struct uea_softc
|
||||
@@ -1673,9 +1659,6 @@ static int request_cmvs(struct uea_softc
|
||||
"try to get older cmvs\n", cmv_name);
|
||||
return request_cmvs_old(sc, cmvs, fw);
|
||||
}
|
||||
|
@ -2240,7 +2240,7 @@ upstream submission.
|
|||
return ret;
|
||||
}
|
||||
|
||||
@@ -1957,11 +1940,8 @@ static int load_XILINX_firmware(struct u
|
||||
@@ -1958,11 +1941,8 @@ static int load_XILINX_firmware(struct u
|
||||
uea_enters(INS_TO_USBDEV(sc));
|
||||
|
||||
ret = request_firmware(&fw_entry, fw_name, &sc->usb_dev->dev);
|
||||
|
@ -2255,7 +2255,7 @@ upstream submission.
|
|||
size = fw_entry->size;
|
||||
--- a/drivers/usb/misc/emi26.c
|
||||
+++ b/drivers/usb/misc/emi26.c
|
||||
@@ -88,21 +88,17 @@ static int emi26_load_firmware (struct u
|
||||
@@ -85,21 +85,17 @@ static int emi26_load_firmware (struct u
|
||||
|
||||
err = request_ihex_firmware(&loader_fw, "emi26/loader.fw", &dev->dev);
|
||||
if (err)
|
||||
|
@ -2282,7 +2282,7 @@ upstream submission.
|
|||
err = emi26_set_reset(dev,1);
|
||||
--- a/drivers/usb/misc/ezusb.c
|
||||
+++ b/drivers/usb/misc/ezusb.c
|
||||
@@ -79,12 +79,8 @@ static int ezusb_ihex_firmware_download(
|
||||
@@ -76,12 +76,8 @@ static int ezusb_ihex_firmware_download(
|
||||
const struct ihex_binrec *record;
|
||||
|
||||
if (request_ihex_firmware(&firmware, firmware_path,
|
||||
|
@ -2298,7 +2298,7 @@ upstream submission.
|
|||
if (ret < 0)
|
||||
--- a/drivers/usb/misc/isight_firmware.c
|
||||
+++ b/drivers/usb/misc/isight_firmware.c
|
||||
@@ -48,7 +48,6 @@ static int isight_firmware_load(struct u
|
||||
@@ -45,7 +45,6 @@ static int isight_firmware_load(struct u
|
||||
return -ENOMEM;
|
||||
|
||||
if (request_firmware(&firmware, "isight.fw", &dev->dev) != 0) {
|
||||
|
@ -2308,7 +2308,7 @@ upstream submission.
|
|||
}
|
||||
--- a/drivers/usb/serial/io_edgeport.c
|
||||
+++ b/drivers/usb/serial/io_edgeport.c
|
||||
@@ -379,11 +379,8 @@ static void update_edgeport_E2PROM(struc
|
||||
@@ -375,11 +375,8 @@ static void update_edgeport_E2PROM(struc
|
||||
|
||||
response = request_ihex_firmware(&fw, fw_name,
|
||||
&edge_serial->serial->dev->dev);
|
||||
|
@ -2323,7 +2323,7 @@ upstream submission.
|
|||
BootMajorVersion = rec->data[0];
|
||||
--- a/drivers/usb/serial/io_ti.c
|
||||
+++ b/drivers/usb/serial/io_ti.c
|
||||
@@ -1014,8 +1014,6 @@ static int download_fw(struct edgeport_s
|
||||
@@ -1010,8 +1010,6 @@ static int download_fw(struct edgeport_s
|
||||
|
||||
status = request_firmware(&fw, fw_name, dev);
|
||||
if (status) {
|
||||
|
@ -2334,7 +2334,7 @@ upstream submission.
|
|||
|
||||
--- a/drivers/usb/serial/ti_usb_3410_5052.c
|
||||
+++ b/drivers/usb/serial/ti_usb_3410_5052.c
|
||||
@@ -1696,10 +1696,8 @@ static int ti_download_firmware(struct t
|
||||
@@ -1692,10 +1692,8 @@ static int ti_download_firmware(struct t
|
||||
}
|
||||
|
||||
check_firmware:
|
||||
|
@ -2505,7 +2505,7 @@ upstream submission.
|
|||
if (!chip->disabled) {
|
||||
--- a/sound/pci/korg1212/korg1212.c
|
||||
+++ b/sound/pci/korg1212/korg1212.c
|
||||
@@ -2350,7 +2350,6 @@ static int snd_korg1212_create(struct sn
|
||||
@@ -2349,7 +2349,6 @@ static int snd_korg1212_create(struct sn
|
||||
err = request_firmware(&dsp_code, "korg/k1212.dsp", &pci->dev);
|
||||
if (err < 0) {
|
||||
release_firmware(dsp_code);
|
||||
|
@ -2561,7 +2561,7 @@ upstream submission.
|
|||
if (err) {
|
||||
--- a/sound/pci/rme9652/hdsp.c
|
||||
+++ b/sound/pci/rme9652/hdsp.c
|
||||
@@ -5136,11 +5136,8 @@ static int hdsp_request_fw_loader(struct
|
||||
@@ -5132,11 +5132,8 @@ static int hdsp_request_fw_loader(struct
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
|
|
|
@ -1,32 +0,0 @@
|
|||
From: Jacob Keller <jacob.e.keller@intel.com>
|
||||
Date: Thu, 7 Sep 2017 15:19:12 -0700
|
||||
Subject: i40e: fix flags declaration
|
||||
Origin: https://git.kernel.org/linus/b48be9978e4b21b28b7349f57574dae21378ddd5
|
||||
|
||||
Since we don't yet have more than 32 flags, we'll use a u32 for both the
|
||||
hw_features and flag field. Should we gain more flags in the future, we
|
||||
may need to convert to a u64 or separate flags out into two fields.
|
||||
|
||||
This was overlooked in the previous commit 2781de2134c4 ("i40e/i40evf:
|
||||
organize and re-number feature flags"), where the feature flag was not
|
||||
converted form u64 to u32.
|
||||
|
||||
Signed-off-by: Jacob Keller <jacob.e.keller@intel.com>
|
||||
Reviewed-by: Mitch Williams <mitch.a.williams@intel.com>
|
||||
Tested-by: Andrew Bowers <andrewx.bowers@intel.com>
|
||||
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
|
||||
---
|
||||
drivers/net/ethernet/intel/i40e/i40e.h | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
--- a/drivers/net/ethernet/intel/i40e/i40e.h
|
||||
+++ b/drivers/net/ethernet/intel/i40e/i40e.h
|
||||
@@ -422,7 +422,7 @@ struct i40e_pf {
|
||||
#define I40E_HW_PORT_ID_VALID BIT(17)
|
||||
#define I40E_HW_RESTART_AUTONEG BIT(18)
|
||||
|
||||
- u64 flags;
|
||||
+ u32 flags;
|
||||
#define I40E_FLAG_RX_CSUM_ENABLED BIT(0)
|
||||
#define I40E_FLAG_MSI_ENABLED BIT(1)
|
||||
#define I40E_FLAG_MSIX_ENABLED BIT(2)
|
|
@ -1,203 +0,0 @@
|
|||
From: Jacob Keller <jacob.e.keller@intel.com>
|
||||
Date: Fri, 1 Sep 2017 13:54:07 -0700
|
||||
Subject: i40e/i40evf: organize and re-number feature flags
|
||||
Origin: https://git.kernel.org/linus/b74f571f59a8a3dae998e3b95e0f88fac39bfef3
|
||||
|
||||
Now that we've reduced the number of flags, organize similar flags
|
||||
together and re-number them accordingly.
|
||||
|
||||
Since we don't yet have more than 32 flags, we'll use a u32 for both the
|
||||
hw_features and flag field. Should we gain more flags in the future, we
|
||||
may need to convert to a u64 or separate flags out into two fields.
|
||||
|
||||
One alternative approach considered, but not implemented here, was to
|
||||
use an enumeration for the flag variables, and create a macro
|
||||
I40E_FLAG() which used string concatenation to generate BIT_ULL values.
|
||||
This has the advantage of making the actual bit values compile-time
|
||||
dynamic so that we do not need to worry about matching the order to the
|
||||
bit value. However, this does produce a high level of code churn, and
|
||||
makes it more difficult to read a dumped flags value when debugging.
|
||||
|
||||
Change-ID: I8653fff69453cd547d6fe98d29dfa9d8710387d1
|
||||
Signed-off-by: Jacob Keller <jacob.e.keller@intel.com>
|
||||
Reviewed-by: Mitch Williams <mitch.a.williams@intel.com>
|
||||
Tested-by: Andrew Bowers <andrewx.bowers@intel.com>
|
||||
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
|
||||
[bwh: Backported to 4.14: leave out I40E_FLAG_LINK_DOWN_ON_CLOSE_ENABLED,
|
||||
I40E_FLAG_SOURCE_PRUNING_DISABLED, I40EVF_FLAG_REINIT_ITR_NEEDED]
|
||||
---
|
||||
drivers/net/ethernet/intel/i40e/i40e.h | 98 +++++++++++++-------------
|
||||
drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 6 +-
|
||||
drivers/net/ethernet/intel/i40evf/i40evf.h | 32 ++++-----
|
||||
3 files changed, 68 insertions(+), 68 deletions(-)
|
||||
|
||||
--- a/drivers/net/ethernet/intel/i40e/i40e.h
|
||||
+++ b/drivers/net/ethernet/intel/i40e/i40e.h
|
||||
@@ -401,55 +401,55 @@ struct i40e_pf {
|
||||
struct timer_list service_timer;
|
||||
struct work_struct service_task;
|
||||
|
||||
- u64 hw_features;
|
||||
-#define I40E_HW_RSS_AQ_CAPABLE BIT_ULL(0)
|
||||
-#define I40E_HW_128_QP_RSS_CAPABLE BIT_ULL(1)
|
||||
-#define I40E_HW_ATR_EVICT_CAPABLE BIT_ULL(2)
|
||||
-#define I40E_HW_WB_ON_ITR_CAPABLE BIT_ULL(3)
|
||||
-#define I40E_HW_MULTIPLE_TCP_UDP_RSS_PCTYPE BIT_ULL(4)
|
||||
-#define I40E_HW_NO_PCI_LINK_CHECK BIT_ULL(5)
|
||||
-#define I40E_HW_100M_SGMII_CAPABLE BIT_ULL(6)
|
||||
-#define I40E_HW_NO_DCB_SUPPORT BIT_ULL(7)
|
||||
-#define I40E_HW_USE_SET_LLDP_MIB BIT_ULL(8)
|
||||
-#define I40E_HW_GENEVE_OFFLOAD_CAPABLE BIT_ULL(9)
|
||||
-#define I40E_HW_PTP_L4_CAPABLE BIT_ULL(10)
|
||||
-#define I40E_HW_WOL_MC_MAGIC_PKT_WAKE BIT_ULL(11)
|
||||
-#define I40E_HW_MPLS_HDR_OFFLOAD_CAPABLE BIT_ULL(12)
|
||||
-#define I40E_HW_HAVE_CRT_RETIMER BIT_ULL(13)
|
||||
-#define I40E_HW_OUTER_UDP_CSUM_CAPABLE BIT_ULL(14)
|
||||
-#define I40E_HW_PHY_CONTROLS_LEDS BIT_ULL(15)
|
||||
-#define I40E_HW_STOP_FW_LLDP BIT_ULL(16)
|
||||
-#define I40E_HW_PORT_ID_VALID BIT_ULL(17)
|
||||
-#define I40E_HW_RESTART_AUTONEG BIT_ULL(18)
|
||||
+ u32 hw_features;
|
||||
+#define I40E_HW_RSS_AQ_CAPABLE BIT(0)
|
||||
+#define I40E_HW_128_QP_RSS_CAPABLE BIT(1)
|
||||
+#define I40E_HW_ATR_EVICT_CAPABLE BIT(2)
|
||||
+#define I40E_HW_WB_ON_ITR_CAPABLE BIT(3)
|
||||
+#define I40E_HW_MULTIPLE_TCP_UDP_RSS_PCTYPE BIT(4)
|
||||
+#define I40E_HW_NO_PCI_LINK_CHECK BIT(5)
|
||||
+#define I40E_HW_100M_SGMII_CAPABLE BIT(6)
|
||||
+#define I40E_HW_NO_DCB_SUPPORT BIT(7)
|
||||
+#define I40E_HW_USE_SET_LLDP_MIB BIT(8)
|
||||
+#define I40E_HW_GENEVE_OFFLOAD_CAPABLE BIT(9)
|
||||
+#define I40E_HW_PTP_L4_CAPABLE BIT(10)
|
||||
+#define I40E_HW_WOL_MC_MAGIC_PKT_WAKE BIT(11)
|
||||
+#define I40E_HW_MPLS_HDR_OFFLOAD_CAPABLE BIT(12)
|
||||
+#define I40E_HW_HAVE_CRT_RETIMER BIT(13)
|
||||
+#define I40E_HW_OUTER_UDP_CSUM_CAPABLE BIT(14)
|
||||
+#define I40E_HW_PHY_CONTROLS_LEDS BIT(15)
|
||||
+#define I40E_HW_STOP_FW_LLDP BIT(16)
|
||||
+#define I40E_HW_PORT_ID_VALID BIT(17)
|
||||
+#define I40E_HW_RESTART_AUTONEG BIT(18)
|
||||
|
||||
u64 flags;
|
||||
-#define I40E_FLAG_RX_CSUM_ENABLED BIT_ULL(1)
|
||||
-#define I40E_FLAG_MSI_ENABLED BIT_ULL(2)
|
||||
-#define I40E_FLAG_MSIX_ENABLED BIT_ULL(3)
|
||||
-#define I40E_FLAG_HW_ATR_EVICT_ENABLED BIT_ULL(4)
|
||||
-#define I40E_FLAG_RSS_ENABLED BIT_ULL(6)
|
||||
-#define I40E_FLAG_VMDQ_ENABLED BIT_ULL(7)
|
||||
-#define I40E_FLAG_IWARP_ENABLED BIT_ULL(10)
|
||||
-#define I40E_FLAG_FILTER_SYNC BIT_ULL(15)
|
||||
-#define I40E_FLAG_SERVICE_CLIENT_REQUESTED BIT_ULL(16)
|
||||
-#define I40E_FLAG_SRIOV_ENABLED BIT_ULL(19)
|
||||
-#define I40E_FLAG_DCB_ENABLED BIT_ULL(20)
|
||||
-#define I40E_FLAG_FD_SB_ENABLED BIT_ULL(21)
|
||||
-#define I40E_FLAG_FD_ATR_ENABLED BIT_ULL(22)
|
||||
-#define I40E_FLAG_FD_SB_AUTO_DISABLED BIT_ULL(23)
|
||||
-#define I40E_FLAG_FD_ATR_AUTO_DISABLED BIT_ULL(24)
|
||||
-#define I40E_FLAG_PTP BIT_ULL(25)
|
||||
-#define I40E_FLAG_MFP_ENABLED BIT_ULL(26)
|
||||
-#define I40E_FLAG_UDP_FILTER_SYNC BIT_ULL(27)
|
||||
-#define I40E_FLAG_DCB_CAPABLE BIT_ULL(29)
|
||||
-#define I40E_FLAG_VEB_STATS_ENABLED BIT_ULL(37)
|
||||
-#define I40E_FLAG_LINK_POLLING_ENABLED BIT_ULL(39)
|
||||
-#define I40E_FLAG_VEB_MODE_ENABLED BIT_ULL(40)
|
||||
-#define I40E_FLAG_TRUE_PROMISC_SUPPORT BIT_ULL(51)
|
||||
-#define I40E_FLAG_CLIENT_RESET BIT_ULL(54)
|
||||
-#define I40E_FLAG_TEMP_LINK_POLLING BIT_ULL(55)
|
||||
-#define I40E_FLAG_CLIENT_L2_CHANGE BIT_ULL(56)
|
||||
-#define I40E_FLAG_LEGACY_RX BIT_ULL(58)
|
||||
+#define I40E_FLAG_RX_CSUM_ENABLED BIT(0)
|
||||
+#define I40E_FLAG_MSI_ENABLED BIT(1)
|
||||
+#define I40E_FLAG_MSIX_ENABLED BIT(2)
|
||||
+#define I40E_FLAG_RSS_ENABLED BIT(3)
|
||||
+#define I40E_FLAG_VMDQ_ENABLED BIT(4)
|
||||
+#define I40E_FLAG_FILTER_SYNC BIT(5)
|
||||
+#define I40E_FLAG_SRIOV_ENABLED BIT(6)
|
||||
+#define I40E_FLAG_DCB_CAPABLE BIT(7)
|
||||
+#define I40E_FLAG_DCB_ENABLED BIT(8)
|
||||
+#define I40E_FLAG_FD_SB_ENABLED BIT(9)
|
||||
+#define I40E_FLAG_FD_ATR_ENABLED BIT(10)
|
||||
+#define I40E_FLAG_FD_SB_AUTO_DISABLED BIT(11)
|
||||
+#define I40E_FLAG_FD_ATR_AUTO_DISABLED BIT(12)
|
||||
+#define I40E_FLAG_MFP_ENABLED BIT(13)
|
||||
+#define I40E_FLAG_UDP_FILTER_SYNC BIT(14)
|
||||
+#define I40E_FLAG_HW_ATR_EVICT_ENABLED BIT(15)
|
||||
+#define I40E_FLAG_VEB_MODE_ENABLED BIT(16)
|
||||
+#define I40E_FLAG_VEB_STATS_ENABLED BIT(17)
|
||||
+#define I40E_FLAG_LINK_POLLING_ENABLED BIT(18)
|
||||
+#define I40E_FLAG_TRUE_PROMISC_SUPPORT BIT(19)
|
||||
+#define I40E_FLAG_TEMP_LINK_POLLING BIT(20)
|
||||
+#define I40E_FLAG_LEGACY_RX BIT(21)
|
||||
+#define I40E_FLAG_PTP BIT(22)
|
||||
+#define I40E_FLAG_IWARP_ENABLED BIT(23)
|
||||
+#define I40E_FLAG_SERVICE_CLIENT_REQUESTED BIT(24)
|
||||
+#define I40E_FLAG_CLIENT_L2_CHANGE BIT(25)
|
||||
+#define I40E_FLAG_CLIENT_RESET BIT(26)
|
||||
|
||||
struct i40e_client_instance *cinst;
|
||||
bool stat_offsets_loaded;
|
||||
--- a/drivers/net/ethernet/intel/i40e/i40e_ethtool.c
|
||||
+++ b/drivers/net/ethernet/intel/i40e/i40e_ethtool.c
|
||||
@@ -4090,7 +4090,7 @@ static int i40e_set_priv_flags(struct ne
|
||||
struct i40e_netdev_priv *np = netdev_priv(dev);
|
||||
struct i40e_vsi *vsi = np->vsi;
|
||||
struct i40e_pf *pf = vsi->back;
|
||||
- u64 orig_flags, new_flags, changed_flags;
|
||||
+ u32 orig_flags, new_flags, changed_flags;
|
||||
u32 i, j;
|
||||
|
||||
orig_flags = READ_ONCE(pf->flags);
|
||||
@@ -4142,12 +4142,12 @@ flags_complete:
|
||||
return -EOPNOTSUPP;
|
||||
|
||||
/* Compare and exchange the new flags into place. If we failed, that
|
||||
- * is if cmpxchg64 returns anything but the old value, this means that
|
||||
+ * is if cmpxchg returns anything but the old value, this means that
|
||||
* something else has modified the flags variable since we copied it
|
||||
* originally. We'll just punt with an error and log something in the
|
||||
* message buffer.
|
||||
*/
|
||||
- if (cmpxchg64(&pf->flags, orig_flags, new_flags) != orig_flags) {
|
||||
+ if (cmpxchg(&pf->flags, orig_flags, new_flags) != orig_flags) {
|
||||
dev_warn(&pf->pdev->dev,
|
||||
"Unable to update pf->flags as it was modified by another thread...\n");
|
||||
return -EAGAIN;
|
||||
--- a/drivers/net/ethernet/intel/i40evf/i40evf.h
|
||||
+++ b/drivers/net/ethernet/intel/i40evf/i40evf.h
|
||||
@@ -220,21 +220,21 @@ struct i40evf_adapter {
|
||||
|
||||
u32 flags;
|
||||
#define I40EVF_FLAG_RX_CSUM_ENABLED BIT(0)
|
||||
-#define I40EVF_FLAG_IMIR_ENABLED BIT(5)
|
||||
-#define I40EVF_FLAG_MQ_CAPABLE BIT(6)
|
||||
-#define I40EVF_FLAG_PF_COMMS_FAILED BIT(8)
|
||||
-#define I40EVF_FLAG_RESET_PENDING BIT(9)
|
||||
-#define I40EVF_FLAG_RESET_NEEDED BIT(10)
|
||||
-#define I40EVF_FLAG_WB_ON_ITR_CAPABLE BIT(11)
|
||||
-#define I40EVF_FLAG_OUTER_UDP_CSUM_CAPABLE BIT(12)
|
||||
-#define I40EVF_FLAG_ADDR_SET_BY_PF BIT(13)
|
||||
-#define I40EVF_FLAG_SERVICE_CLIENT_REQUESTED BIT(14)
|
||||
-#define I40EVF_FLAG_CLIENT_NEEDS_OPEN BIT(15)
|
||||
-#define I40EVF_FLAG_CLIENT_NEEDS_CLOSE BIT(16)
|
||||
-#define I40EVF_FLAG_CLIENT_NEEDS_L2_PARAMS BIT(17)
|
||||
-#define I40EVF_FLAG_PROMISC_ON BIT(18)
|
||||
-#define I40EVF_FLAG_ALLMULTI_ON BIT(19)
|
||||
-#define I40EVF_FLAG_LEGACY_RX BIT(20)
|
||||
+#define I40EVF_FLAG_IMIR_ENABLED BIT(1)
|
||||
+#define I40EVF_FLAG_MQ_CAPABLE BIT(2)
|
||||
+#define I40EVF_FLAG_PF_COMMS_FAILED BIT(3)
|
||||
+#define I40EVF_FLAG_RESET_PENDING BIT(4)
|
||||
+#define I40EVF_FLAG_RESET_NEEDED BIT(5)
|
||||
+#define I40EVF_FLAG_WB_ON_ITR_CAPABLE BIT(6)
|
||||
+#define I40EVF_FLAG_OUTER_UDP_CSUM_CAPABLE BIT(7)
|
||||
+#define I40EVF_FLAG_ADDR_SET_BY_PF BIT(8)
|
||||
+#define I40EVF_FLAG_SERVICE_CLIENT_REQUESTED BIT(9)
|
||||
+#define I40EVF_FLAG_CLIENT_NEEDS_OPEN BIT(10)
|
||||
+#define I40EVF_FLAG_CLIENT_NEEDS_CLOSE BIT(11)
|
||||
+#define I40EVF_FLAG_CLIENT_NEEDS_L2_PARAMS BIT(12)
|
||||
+#define I40EVF_FLAG_PROMISC_ON BIT(13)
|
||||
+#define I40EVF_FLAG_ALLMULTI_ON BIT(14)
|
||||
+#define I40EVF_FLAG_LEGACY_RX BIT(15)
|
||||
/* duplicates for common code */
|
||||
#define I40E_FLAG_DCB_ENABLED 0
|
||||
#define I40E_FLAG_RX_CSUM_ENABLED I40EVF_FLAG_RX_CSUM_ENABLED
|
|
@ -22,7 +22,7 @@ Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
|
|||
---
|
||||
--- a/scripts/Kbuild.include
|
||||
+++ b/scripts/Kbuild.include
|
||||
@@ -121,7 +121,7 @@ CC_OPTION_CFLAGS = $(filter-out $(GCC_PL
|
||||
@@ -194,7 +194,7 @@ CC_OPTION_CFLAGS = $(filter-out $(GCC_PL
|
||||
# Usage: cflags-y += $(call cc-option,-march=winchip-c6,-march=i586)
|
||||
|
||||
cc-option = $(call __cc-option, $(CC),\
|
||||
|
@ -31,47 +31,47 @@ Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
|
|||
|
||||
# hostcc-option
|
||||
# Usage: cflags-y += $(call hostcc-option,-march=winchip-c6,-march=i586)
|
||||
@@ -131,23 +131,24 @@ hostcc-option = $(call __cc-option, $(HO
|
||||
@@ -204,23 +204,24 @@ hostcc-option = $(call __cc-option, $(HO
|
||||
# cc-option-yn
|
||||
# Usage: flag := $(call cc-option-yn,-march=winchip-c6)
|
||||
cc-option-yn = $(call try-run,\
|
||||
cc-option-yn = $(call try-run-cached,\
|
||||
- $(CC) -Werror $(KBUILD_CPPFLAGS) $(CC_OPTION_CFLAGS) $(1) -c -x c /dev/null -o "$$TMP",y,n)
|
||||
+ $(CC) -Werror $(NOSTDINC_FLAGS) $(KBUILD_CPPFLAGS) $(CC_OPTION_CFLAGS) $(1) -c -x c /dev/null -o "$$TMP",y,n)
|
||||
|
||||
# cc-disable-warning
|
||||
# Usage: cflags-y += $(call cc-disable-warning,unused-but-set-variable)
|
||||
cc-disable-warning = $(call try-run,\
|
||||
cc-disable-warning = $(call try-run-cached,\
|
||||
- $(CC) -Werror $(KBUILD_CPPFLAGS) $(CC_OPTION_CFLAGS) -W$(strip $(1)) -c -x c /dev/null -o "$$TMP",-Wno-$(strip $(1)))
|
||||
+ $(CC) -Werror $(NOSTDINC_FLAGS) $(KBUILD_CPPFLAGS) $(CC_OPTION_CFLAGS) -W$(strip $(1)) -c -x c /dev/null -o "$$TMP",-Wno-$(strip $(1)))
|
||||
|
||||
# cc-name
|
||||
# Expands to either gcc or clang
|
||||
cc-name = $(shell $(CC) -v 2>&1 | grep -q "clang version" && echo clang || echo gcc)
|
||||
cc-name = $(call shell-cached,$(CC) -v 2>&1 | grep -q "clang version" && echo clang || echo gcc)
|
||||
|
||||
# cc-version
|
||||
-cc-version = $(shell $(CONFIG_SHELL) $(srctree)/scripts/gcc-version.sh $(CC))
|
||||
+cc-version = $(shell $(CONFIG_SHELL) \
|
||||
-cc-version = $(call shell-cached,$(CONFIG_SHELL) $(srctree)/scripts/gcc-version.sh $(CC))
|
||||
+cc-version = $(call shell-cached,$(CONFIG_SHELL) \
|
||||
+ $(srctree)/scripts/gcc-version.sh $(CC) $(NOSTDINC_FLAGS))
|
||||
|
||||
# cc-fullversion
|
||||
cc-fullversion = $(shell $(CONFIG_SHELL) \
|
||||
cc-fullversion = $(call shell-cached,$(CONFIG_SHELL) \
|
||||
- $(srctree)/scripts/gcc-version.sh -p $(CC))
|
||||
+ $(srctree)/scripts/gcc-version.sh -p $(CC) $(NOSTDINC_FLAGS))
|
||||
|
||||
# cc-ifversion
|
||||
# Usage: EXTRA_CFLAGS += $(call cc-ifversion, -lt, 0402, -O1)
|
||||
@@ -165,7 +166,7 @@ cc-ldoption = $(call try-run,\
|
||||
@@ -238,7 +239,7 @@ cc-ldoption = $(call try-run-cached,\
|
||||
# ld-option
|
||||
# Usage: LDFLAGS += $(call ld-option, -X)
|
||||
ld-option = $(call try-run,\
|
||||
- $(CC) -x c /dev/null -c -o "$$TMPO" ; $(LD) $(1) "$$TMPO" -o "$$TMP",$(1),$(2))
|
||||
+ $(CC) $(NOSTDINC_FLAGS) -x c /dev/null -c -o "$$TMPO" ; $(LD) $(1) "$$TMPO" -o "$$TMP",$(1),$(2))
|
||||
ld-option = $(call try-run-cached,\
|
||||
- $(CC) $(KBUILD_CPPFLAGS) $(CC_OPTION_CFLAGS) -x c /dev/null -c -o "$$TMPO"; \
|
||||
+ $(CC) $(NOSTDINC_FLAGS) $(KBUILD_CPPFLAGS) $(CC_OPTION_CFLAGS) -x c /dev/null -c -o "$$TMPO"; \
|
||||
$(LD) $(LDFLAGS) $(1) "$$TMPO" -o "$$TMP",$(1),$(2))
|
||||
|
||||
# ar-option
|
||||
# Usage: KBUILD_ARFLAGS := $(call ar-option,D)
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -650,6 +650,8 @@ endif
|
||||
@@ -667,6 +667,8 @@ endif
|
||||
KBUILD_CFLAGS += $(call cc-ifversion, -lt, 0409, \
|
||||
$(call cc-disable-warning,maybe-uninitialized,))
|
||||
|
||||
|
@ -80,12 +80,12 @@ Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
|
|||
# Tell gcc to never replace conditional load with a non-conditional one
|
||||
KBUILD_CFLAGS += $(call cc-option,--param=allow-store-data-races=0)
|
||||
|
||||
@@ -790,7 +792,7 @@ KBUILD_CFLAGS += $(call cc-option,-fdata
|
||||
@@ -776,7 +778,7 @@ KBUILD_CFLAGS += $(call cc-option,-fdata
|
||||
endif
|
||||
|
||||
# arch Makefile may override CC so keep this after arch Makefile is included
|
||||
-NOSTDINC_FLAGS += -nostdinc -isystem $(shell $(CC) -print-file-name=include)
|
||||
+NOSTDINC_FLAGS += -isystem $(shell $(CC) -print-file-name=include)
|
||||
-NOSTDINC_FLAGS += -nostdinc -isystem $(call shell-cached,$(CC) -print-file-name=include)
|
||||
+NOSTDINC_FLAGS += -isystem $(call shell-cached,$(CC) -print-file-name=include)
|
||||
CHECKFLAGS += $(NOSTDINC_FLAGS)
|
||||
|
||||
# warn about C99 declaration after statement
|
||||
|
|
|
@ -1,153 +0,0 @@
|
|||
From: Wanpeng Li <wanpeng.li@hotmail.com>
|
||||
Date: Thu, 14 Dec 2017 17:40:50 -0800
|
||||
Subject: KVM: Fix stack-out-of-bounds read in write_mmio
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
Origin: https://git.kernel.org/pub/scm/virt/kvm/kvm.git/commit?id=e39d200fa5bf5b94a0948db0dae44c1b73b84a56
|
||||
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-17741
|
||||
|
||||
Reported by syzkaller:
|
||||
|
||||
BUG: KASAN: stack-out-of-bounds in write_mmio+0x11e/0x270 [kvm]
|
||||
Read of size 8 at addr ffff8803259df7f8 by task syz-executor/32298
|
||||
|
||||
CPU: 6 PID: 32298 Comm: syz-executor Tainted: G OE 4.15.0-rc2+ #18
|
||||
Hardware name: LENOVO ThinkCentre M8500t-N000/SHARKBAY, BIOS FBKTC1AUS 02/16/2016
|
||||
Call Trace:
|
||||
dump_stack+0xab/0xe1
|
||||
print_address_description+0x6b/0x290
|
||||
kasan_report+0x28a/0x370
|
||||
write_mmio+0x11e/0x270 [kvm]
|
||||
emulator_read_write_onepage+0x311/0x600 [kvm]
|
||||
emulator_read_write+0xef/0x240 [kvm]
|
||||
emulator_fix_hypercall+0x105/0x150 [kvm]
|
||||
em_hypercall+0x2b/0x80 [kvm]
|
||||
x86_emulate_insn+0x2b1/0x1640 [kvm]
|
||||
x86_emulate_instruction+0x39a/0xb90 [kvm]
|
||||
handle_exception+0x1b4/0x4d0 [kvm_intel]
|
||||
vcpu_enter_guest+0x15a0/0x2640 [kvm]
|
||||
kvm_arch_vcpu_ioctl_run+0x549/0x7d0 [kvm]
|
||||
kvm_vcpu_ioctl+0x479/0x880 [kvm]
|
||||
do_vfs_ioctl+0x142/0x9a0
|
||||
SyS_ioctl+0x74/0x80
|
||||
entry_SYSCALL_64_fastpath+0x23/0x9a
|
||||
|
||||
The path of patched vmmcall will patch 3 bytes opcode 0F 01 C1(vmcall)
|
||||
to the guest memory, however, write_mmio tracepoint always prints 8 bytes
|
||||
through *(u64 *)val since kvm splits the mmio access into 8 bytes. This
|
||||
leaks 5 bytes from the kernel stack (CVE-2017-17741). This patch fixes
|
||||
it by just accessing the bytes which we operate on.
|
||||
|
||||
Before patch:
|
||||
|
||||
syz-executor-5567 [007] .... 51370.561696: kvm_mmio: mmio write len 3 gpa 0x10 val 0x1ffff10077c1010f
|
||||
|
||||
After patch:
|
||||
|
||||
syz-executor-13416 [002] .... 51302.299573: kvm_mmio: mmio write len 3 gpa 0x10 val 0xc1010f
|
||||
|
||||
Reported-by: Dmitry Vyukov <dvyukov@google.com>
|
||||
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
|
||||
Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
|
||||
Tested-by: Marc Zyngier <marc.zyngier@arm.com>
|
||||
Cc: Paolo Bonzini <pbonzini@redhat.com>
|
||||
Cc: Radim Krčmář <rkrcmar@redhat.com>
|
||||
Cc: Marc Zyngier <marc.zyngier@arm.com>
|
||||
Cc: Christoffer Dall <christoffer.dall@linaro.org>
|
||||
Signed-off-by: Wanpeng Li <wanpeng.li@hotmail.com>
|
||||
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||
---
|
||||
arch/x86/kvm/x86.c | 8 ++++----
|
||||
include/trace/events/kvm.h | 7 +++++--
|
||||
virt/kvm/arm/mmio.c | 6 +++---
|
||||
3 files changed, 12 insertions(+), 9 deletions(-)
|
||||
|
||||
--- a/arch/x86/kvm/x86.c
|
||||
+++ b/arch/x86/kvm/x86.c
|
||||
@@ -4362,7 +4362,7 @@ static int vcpu_mmio_read(struct kvm_vcp
|
||||
addr, n, v))
|
||||
&& kvm_io_bus_read(vcpu, KVM_MMIO_BUS, addr, n, v))
|
||||
break;
|
||||
- trace_kvm_mmio(KVM_TRACE_MMIO_READ, n, addr, *(u64 *)v);
|
||||
+ trace_kvm_mmio(KVM_TRACE_MMIO_READ, n, addr, v);
|
||||
handled += n;
|
||||
addr += n;
|
||||
len -= n;
|
||||
@@ -4621,7 +4621,7 @@ static int read_prepare(struct kvm_vcpu
|
||||
{
|
||||
if (vcpu->mmio_read_completed) {
|
||||
trace_kvm_mmio(KVM_TRACE_MMIO_READ, bytes,
|
||||
- vcpu->mmio_fragments[0].gpa, *(u64 *)val);
|
||||
+ vcpu->mmio_fragments[0].gpa, val);
|
||||
vcpu->mmio_read_completed = 0;
|
||||
return 1;
|
||||
}
|
||||
@@ -4643,14 +4643,14 @@ static int write_emulate(struct kvm_vcpu
|
||||
|
||||
static int write_mmio(struct kvm_vcpu *vcpu, gpa_t gpa, int bytes, void *val)
|
||||
{
|
||||
- trace_kvm_mmio(KVM_TRACE_MMIO_WRITE, bytes, gpa, *(u64 *)val);
|
||||
+ trace_kvm_mmio(KVM_TRACE_MMIO_WRITE, bytes, gpa, val);
|
||||
return vcpu_mmio_write(vcpu, gpa, bytes, val);
|
||||
}
|
||||
|
||||
static int read_exit_mmio(struct kvm_vcpu *vcpu, gpa_t gpa,
|
||||
void *val, int bytes)
|
||||
{
|
||||
- trace_kvm_mmio(KVM_TRACE_MMIO_READ_UNSATISFIED, bytes, gpa, 0);
|
||||
+ trace_kvm_mmio(KVM_TRACE_MMIO_READ_UNSATISFIED, bytes, gpa, NULL);
|
||||
return X86EMUL_IO_NEEDED;
|
||||
}
|
||||
|
||||
--- a/include/trace/events/kvm.h
|
||||
+++ b/include/trace/events/kvm.h
|
||||
@@ -211,7 +211,7 @@ TRACE_EVENT(kvm_ack_irq,
|
||||
{ KVM_TRACE_MMIO_WRITE, "write" }
|
||||
|
||||
TRACE_EVENT(kvm_mmio,
|
||||
- TP_PROTO(int type, int len, u64 gpa, u64 val),
|
||||
+ TP_PROTO(int type, int len, u64 gpa, void *val),
|
||||
TP_ARGS(type, len, gpa, val),
|
||||
|
||||
TP_STRUCT__entry(
|
||||
@@ -225,7 +225,10 @@ TRACE_EVENT(kvm_mmio,
|
||||
__entry->type = type;
|
||||
__entry->len = len;
|
||||
__entry->gpa = gpa;
|
||||
- __entry->val = val;
|
||||
+ __entry->val = 0;
|
||||
+ if (val)
|
||||
+ memcpy(&__entry->val, val,
|
||||
+ min_t(u32, sizeof(__entry->val), len));
|
||||
),
|
||||
|
||||
TP_printk("mmio %s len %u gpa 0x%llx val 0x%llx",
|
||||
--- a/virt/kvm/arm/mmio.c
|
||||
+++ b/virt/kvm/arm/mmio.c
|
||||
@@ -112,7 +112,7 @@ int kvm_handle_mmio_return(struct kvm_vc
|
||||
}
|
||||
|
||||
trace_kvm_mmio(KVM_TRACE_MMIO_READ, len, run->mmio.phys_addr,
|
||||
- data);
|
||||
+ &data);
|
||||
data = vcpu_data_host_to_guest(vcpu, data, len);
|
||||
vcpu_set_reg(vcpu, vcpu->arch.mmio_decode.rt, data);
|
||||
}
|
||||
@@ -182,14 +182,14 @@ int io_mem_abort(struct kvm_vcpu *vcpu,
|
||||
data = vcpu_data_guest_to_host(vcpu, vcpu_get_reg(vcpu, rt),
|
||||
len);
|
||||
|
||||
- trace_kvm_mmio(KVM_TRACE_MMIO_WRITE, len, fault_ipa, data);
|
||||
+ trace_kvm_mmio(KVM_TRACE_MMIO_WRITE, len, fault_ipa, &data);
|
||||
kvm_mmio_write_buf(data_buf, len, data);
|
||||
|
||||
ret = kvm_io_bus_write(vcpu, KVM_MMIO_BUS, fault_ipa, len,
|
||||
data_buf);
|
||||
} else {
|
||||
trace_kvm_mmio(KVM_TRACE_MMIO_READ_UNSATISFIED, len,
|
||||
- fault_ipa, 0);
|
||||
+ fault_ipa, NULL);
|
||||
|
||||
ret = kvm_io_bus_read(vcpu, KVM_MMIO_BUS, fault_ipa, len,
|
||||
data_buf);
|
|
@ -1,70 +0,0 @@
|
|||
From: Mohamed Ghannam <simo.ghannam@gmail.com>
|
||||
Date: Sun, 10 Dec 2017 03:50:58 +0000
|
||||
Subject: net: ipv4: fix for a race condition in raw_sendmsg
|
||||
Origin: https://git.kernel.org/linus/8f659a03a0ba9289b9aeb9b4470e6fb263d6f483
|
||||
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-17712
|
||||
|
||||
inet->hdrincl is racy, and could lead to uninitialized stack pointer
|
||||
usage, so its value should be read only once.
|
||||
|
||||
Fixes: c008ba5bdc9f ("ipv4: Avoid reading user iov twice after raw_probe_proto_opt")
|
||||
Signed-off-by: Mohamed Ghannam <simo.ghannam@gmail.com>
|
||||
Reviewed-by: Eric Dumazet <edumazet@google.com>
|
||||
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||||
---
|
||||
net/ipv4/raw.c | 15 ++++++++++-----
|
||||
1 file changed, 10 insertions(+), 5 deletions(-)
|
||||
|
||||
--- a/net/ipv4/raw.c
|
||||
+++ b/net/ipv4/raw.c
|
||||
@@ -513,11 +513,16 @@ static int raw_sendmsg(struct sock *sk,
|
||||
int err;
|
||||
struct ip_options_data opt_copy;
|
||||
struct raw_frag_vec rfv;
|
||||
+ int hdrincl;
|
||||
|
||||
err = -EMSGSIZE;
|
||||
if (len > 0xFFFF)
|
||||
goto out;
|
||||
|
||||
+ /* hdrincl should be READ_ONCE(inet->hdrincl)
|
||||
+ * but READ_ONCE() doesn't work with bit fields
|
||||
+ */
|
||||
+ hdrincl = inet->hdrincl;
|
||||
/*
|
||||
* Check the flags.
|
||||
*/
|
||||
@@ -593,7 +598,7 @@ static int raw_sendmsg(struct sock *sk,
|
||||
/* Linux does not mangle headers on raw sockets,
|
||||
* so that IP options + IP_HDRINCL is non-sense.
|
||||
*/
|
||||
- if (inet->hdrincl)
|
||||
+ if (hdrincl)
|
||||
goto done;
|
||||
if (ipc.opt->opt.srr) {
|
||||
if (!daddr)
|
||||
@@ -615,12 +620,12 @@ static int raw_sendmsg(struct sock *sk,
|
||||
|
||||
flowi4_init_output(&fl4, ipc.oif, sk->sk_mark, tos,
|
||||
RT_SCOPE_UNIVERSE,
|
||||
- inet->hdrincl ? IPPROTO_RAW : sk->sk_protocol,
|
||||
+ hdrincl ? IPPROTO_RAW : sk->sk_protocol,
|
||||
inet_sk_flowi_flags(sk) |
|
||||
- (inet->hdrincl ? FLOWI_FLAG_KNOWN_NH : 0),
|
||||
+ (hdrincl ? FLOWI_FLAG_KNOWN_NH : 0),
|
||||
daddr, saddr, 0, 0, sk->sk_uid);
|
||||
|
||||
- if (!inet->hdrincl) {
|
||||
+ if (!hdrincl) {
|
||||
rfv.msg = msg;
|
||||
rfv.hlen = 0;
|
||||
|
||||
@@ -645,7 +650,7 @@ static int raw_sendmsg(struct sock *sk,
|
||||
goto do_confirm;
|
||||
back_from_confirm:
|
||||
|
||||
- if (inet->hdrincl)
|
||||
+ if (hdrincl)
|
||||
err = raw_send_hdrinc(sk, &fl4, msg, len,
|
||||
&rt, msg->msg_flags, &ipc.sockc);
|
||||
|
|
@ -1,74 +0,0 @@
|
|||
From: Kevin Cernekee <cernekee@chromium.org>
|
||||
Date: Sun, 3 Dec 2017 12:12:45 -0800
|
||||
Subject: netfilter: nfnetlink_cthelper: Add missing permission checks
|
||||
Origin: https://git.kernel.org/linus/4b380c42f7d00a395feede754f0bc2292eebe6e5
|
||||
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-17448
|
||||
|
||||
The capability check in nfnetlink_rcv() verifies that the caller
|
||||
has CAP_NET_ADMIN in the namespace that "owns" the netlink socket.
|
||||
However, nfnl_cthelper_list is shared by all net namespaces on the
|
||||
system. An unprivileged user can create user and net namespaces
|
||||
in which he holds CAP_NET_ADMIN to bypass the netlink_net_capable()
|
||||
check:
|
||||
|
||||
$ nfct helper list
|
||||
nfct v1.4.4: netlink error: Operation not permitted
|
||||
$ vpnns -- nfct helper list
|
||||
{
|
||||
.name = ftp,
|
||||
.queuenum = 0,
|
||||
.l3protonum = 2,
|
||||
.l4protonum = 6,
|
||||
.priv_data_len = 24,
|
||||
.status = enabled,
|
||||
};
|
||||
|
||||
Add capable() checks in nfnetlink_cthelper, as this is cleaner than
|
||||
trying to generalize the solution.
|
||||
|
||||
Signed-off-by: Kevin Cernekee <cernekee@chromium.org>
|
||||
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
||||
---
|
||||
net/netfilter/nfnetlink_cthelper.c | 10 ++++++++++
|
||||
1 file changed, 10 insertions(+)
|
||||
|
||||
--- a/net/netfilter/nfnetlink_cthelper.c
|
||||
+++ b/net/netfilter/nfnetlink_cthelper.c
|
||||
@@ -17,6 +17,7 @@
|
||||
#include <linux/types.h>
|
||||
#include <linux/list.h>
|
||||
#include <linux/errno.h>
|
||||
+#include <linux/capability.h>
|
||||
#include <net/netlink.h>
|
||||
#include <net/sock.h>
|
||||
|
||||
@@ -407,6 +408,9 @@ static int nfnl_cthelper_new(struct net
|
||||
struct nfnl_cthelper *nlcth;
|
||||
int ret = 0;
|
||||
|
||||
+ if (!capable(CAP_NET_ADMIN))
|
||||
+ return -EPERM;
|
||||
+
|
||||
if (!tb[NFCTH_NAME] || !tb[NFCTH_TUPLE])
|
||||
return -EINVAL;
|
||||
|
||||
@@ -611,6 +615,9 @@ static int nfnl_cthelper_get(struct net
|
||||
struct nfnl_cthelper *nlcth;
|
||||
bool tuple_set = false;
|
||||
|
||||
+ if (!capable(CAP_NET_ADMIN))
|
||||
+ return -EPERM;
|
||||
+
|
||||
if (nlh->nlmsg_flags & NLM_F_DUMP) {
|
||||
struct netlink_dump_control c = {
|
||||
.dump = nfnl_cthelper_dump_table,
|
||||
@@ -678,6 +685,9 @@ static int nfnl_cthelper_del(struct net
|
||||
struct nfnl_cthelper *nlcth, *n;
|
||||
int j = 0, ret;
|
||||
|
||||
+ if (!capable(CAP_NET_ADMIN))
|
||||
+ return -EPERM;
|
||||
+
|
||||
if (tb[NFCTH_NAME])
|
||||
helper_name = nla_data(tb[NFCTH_NAME]);
|
||||
|
|
@ -1,56 +0,0 @@
|
|||
From: Kevin Cernekee <cernekee@chromium.org>
|
||||
Date: Tue, 5 Dec 2017 15:42:41 -0800
|
||||
Subject: netfilter: xt_osf: Add missing permission checks
|
||||
Origin: https://git.kernel.org/linus/916a27901de01446bcf57ecca4783f6cff493309
|
||||
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-17450
|
||||
|
||||
The capability check in nfnetlink_rcv() verifies that the caller
|
||||
has CAP_NET_ADMIN in the namespace that "owns" the netlink socket.
|
||||
However, xt_osf_fingers is shared by all net namespaces on the
|
||||
system. An unprivileged user can create user and net namespaces
|
||||
in which he holds CAP_NET_ADMIN to bypass the netlink_net_capable()
|
||||
check:
|
||||
|
||||
vpnns -- nfnl_osf -f /tmp/pf.os
|
||||
|
||||
vpnns -- nfnl_osf -f /tmp/pf.os -d
|
||||
|
||||
These non-root operations successfully modify the systemwide OS
|
||||
fingerprint list. Add new capable() checks so that they can't.
|
||||
|
||||
Signed-off-by: Kevin Cernekee <cernekee@chromium.org>
|
||||
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
||||
---
|
||||
net/netfilter/xt_osf.c | 7 +++++++
|
||||
1 file changed, 7 insertions(+)
|
||||
|
||||
--- a/net/netfilter/xt_osf.c
|
||||
+++ b/net/netfilter/xt_osf.c
|
||||
@@ -19,6 +19,7 @@
|
||||
#include <linux/module.h>
|
||||
#include <linux/kernel.h>
|
||||
|
||||
+#include <linux/capability.h>
|
||||
#include <linux/if.h>
|
||||
#include <linux/inetdevice.h>
|
||||
#include <linux/ip.h>
|
||||
@@ -70,6 +71,9 @@ static int xt_osf_add_callback(struct ne
|
||||
struct xt_osf_finger *kf = NULL, *sf;
|
||||
int err = 0;
|
||||
|
||||
+ if (!capable(CAP_NET_ADMIN))
|
||||
+ return -EPERM;
|
||||
+
|
||||
if (!osf_attrs[OSF_ATTR_FINGER])
|
||||
return -EINVAL;
|
||||
|
||||
@@ -115,6 +119,9 @@ static int xt_osf_remove_callback(struct
|
||||
struct xt_osf_finger *sf;
|
||||
int err = -ENOENT;
|
||||
|
||||
+ if (!capable(CAP_NET_ADMIN))
|
||||
+ return -EPERM;
|
||||
+
|
||||
if (!osf_attrs[OSF_ATTR_FINGER])
|
||||
return -EINVAL;
|
||||
|
|
@ -1,39 +0,0 @@
|
|||
From: Kevin Cernekee <cernekee@chromium.org>
|
||||
Date: Wed, 6 Dec 2017 12:12:27 -0800
|
||||
Subject: netlink: Add netns check on taps
|
||||
Origin: https://git.kernel.org/linus/93c647643b48f0131f02e45da3bd367d80443291
|
||||
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-17449
|
||||
|
||||
Currently, a nlmon link inside a child namespace can observe systemwide
|
||||
netlink activity. Filter the traffic so that nlmon can only sniff
|
||||
netlink messages from its own netns.
|
||||
|
||||
Test case:
|
||||
|
||||
vpnns -- bash -c "ip link add nlmon0 type nlmon; \
|
||||
ip link set nlmon0 up; \
|
||||
tcpdump -i nlmon0 -q -w /tmp/nlmon.pcap -U" &
|
||||
sudo ip xfrm state add src 10.1.1.1 dst 10.1.1.2 proto esp \
|
||||
spi 0x1 mode transport \
|
||||
auth sha1 0x6162633132330000000000000000000000000000 \
|
||||
enc aes 0x00000000000000000000000000000000
|
||||
grep --binary abc123 /tmp/nlmon.pcap
|
||||
|
||||
Signed-off-by: Kevin Cernekee <cernekee@chromium.org>
|
||||
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||||
---
|
||||
net/netlink/af_netlink.c | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
--- a/net/netlink/af_netlink.c
|
||||
+++ b/net/netlink/af_netlink.c
|
||||
@@ -254,6 +254,9 @@ static int __netlink_deliver_tap_skb(str
|
||||
struct sock *sk = skb->sk;
|
||||
int ret = -ENOMEM;
|
||||
|
||||
+ if (!net_eq(dev_net(dev), sock_net(sk)))
|
||||
+ return 0;
|
||||
+
|
||||
dev_hold(dev);
|
||||
|
||||
if (is_vmalloc_addr(skb->head))
|
|
@ -26,16 +26,16 @@ missing, except for the pre-R600 case.
|
|||
---
|
||||
--- a/drivers/gpu/drm/radeon/radeon_drv.c
|
||||
+++ b/drivers/gpu/drm/radeon/radeon_drv.c
|
||||
@@ -44,6 +44,8 @@
|
||||
@@ -43,6 +43,8 @@
|
||||
#include <drm/drm_fb_helper.h>
|
||||
|
||||
#include <drm/drm_crtc_helper.h>
|
||||
#include "radeon_kfd.h"
|
||||
+#include <linux/namei.h>
|
||||
+#include <linux/path.h>
|
||||
|
||||
/*
|
||||
* KMS wrapper.
|
||||
@@ -312,6 +314,29 @@ static struct drm_driver kms_driver;
|
||||
@@ -311,6 +313,29 @@ static struct drm_driver kms_driver;
|
||||
|
||||
bool radeon_device_is_virtual(void);
|
||||
|
||||
|
@ -65,7 +65,7 @@ missing, except for the pre-R600 case.
|
|||
static int radeon_kick_out_firmware_fb(struct pci_dev *pdev)
|
||||
{
|
||||
struct apertures_struct *ap;
|
||||
@@ -349,6 +374,12 @@ static int radeon_pci_probe(struct pci_d
|
||||
@@ -340,6 +365,12 @@ static int radeon_pci_probe(struct pci_d
|
||||
if (vga_switcheroo_client_probe_defer(pdev))
|
||||
return -EPROBE_DEFER;
|
||||
|
||||
|
|
|
@ -1,25 +0,0 @@
|
|||
From: Ben Hutchings <ben@decadent.org.uk>
|
||||
Date: Sun, 01 Oct 2017 15:39:34 +0100
|
||||
Subject: tools/lib/lockdep: Define pr_cont()
|
||||
|
||||
lockdep.c now also uses pr_cont(), so we need to implement it in
|
||||
liblockdep.
|
||||
|
||||
It is currently always used to continue warning lines, so define
|
||||
pr_cont() the same as pr_warn(). If this changes, we might need to
|
||||
record the last log level in a TLS variable and have pr_cont() check
|
||||
that.
|
||||
|
||||
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
|
||||
---
|
||||
--- a/tools/include/linux/lockdep.h
|
||||
+++ b/tools/include/linux/lockdep.h
|
||||
@@ -47,6 +47,8 @@ static inline int debug_locks_off(void)
|
||||
#define printk(...) dprintf(STDOUT_FILENO, __VA_ARGS__)
|
||||
#define pr_err(format, ...) fprintf (stderr, format, ## __VA_ARGS__)
|
||||
#define pr_warn pr_err
|
||||
+/* XXX we assume pr_cont() is only used for warnings */
|
||||
+#define pr_cont pr_warn
|
||||
|
||||
#define list_del_rcu list_del
|
||||
|
|
@ -1,44 +0,0 @@
|
|||
From: Alan Stern <stern@rowland.harvard.edu>
|
||||
Date: Tue, 12 Dec 2017 14:25:13 -0500
|
||||
Subject: USB: core: prevent malicious bNumInterfaces overflow
|
||||
Origin: https://git.kernel.org/linus/48a4ff1c7bb5a32d2e396b03132d20d552c0eca7
|
||||
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-17558
|
||||
|
||||
A malicious USB device with crafted descriptors can cause the kernel
|
||||
to access unallocated memory by setting the bNumInterfaces value too
|
||||
high in a configuration descriptor. Although the value is adjusted
|
||||
during parsing, this adjustment is skipped in one of the error return
|
||||
paths.
|
||||
|
||||
This patch prevents the problem by setting bNumInterfaces to 0
|
||||
initially. The existing code already sets it to the proper value
|
||||
after parsing is complete.
|
||||
|
||||
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
|
||||
Reported-by: Andrey Konovalov <andreyknvl@google.com>
|
||||
CC: <stable@vger.kernel.org>
|
||||
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||||
---
|
||||
drivers/usb/core/config.c | 4 +++-
|
||||
1 file changed, 3 insertions(+), 1 deletion(-)
|
||||
|
||||
--- a/drivers/usb/core/config.c
|
||||
+++ b/drivers/usb/core/config.c
|
||||
@@ -555,6 +555,9 @@ static int usb_parse_configuration(struc
|
||||
unsigned iad_num = 0;
|
||||
|
||||
memcpy(&config->desc, buffer, USB_DT_CONFIG_SIZE);
|
||||
+ nintf = nintf_orig = config->desc.bNumInterfaces;
|
||||
+ config->desc.bNumInterfaces = 0; // Adjusted later
|
||||
+
|
||||
if (config->desc.bDescriptorType != USB_DT_CONFIG ||
|
||||
config->desc.bLength < USB_DT_CONFIG_SIZE ||
|
||||
config->desc.bLength > size) {
|
||||
@@ -568,7 +571,6 @@ static int usb_parse_configuration(struc
|
||||
buffer += config->desc.bLength;
|
||||
size -= config->desc.bLength;
|
||||
|
||||
- nintf = nintf_orig = config->desc.bNumInterfaces;
|
||||
if (nintf > USB_MAXINTERFACES) {
|
||||
dev_warn(ddev, "config %d has too many interfaces: %d, "
|
||||
"using maximum allowed: %d\n",
|
|
@ -1,200 +0,0 @@
|
|||
From: Dongli Zhang <dongli.zhang@oracle.com>
|
||||
Date: Wed, 1 Nov 2017 09:46:33 +0800
|
||||
Subject: xen/time: do not decrease steal time after live migration on xen
|
||||
Origin: https://git.kernel.org/linus/5e25f5db6abb96ca8ee2aaedcb863daa6dfcc07a
|
||||
Bug-Debian: https://bugs.debian.org/871608
|
||||
|
||||
After guest live migration on xen, steal time in /proc/stat
|
||||
(cpustat[CPUTIME_STEAL]) might decrease because steal returned by
|
||||
xen_steal_lock() might be less than this_rq()->prev_steal_time which is
|
||||
derived from previous return value of xen_steal_clock().
|
||||
|
||||
For instance, steal time of each vcpu is 335 before live migration.
|
||||
|
||||
cpu 198 0 368 200064 1962 0 0 1340 0 0
|
||||
cpu0 38 0 81 50063 492 0 0 335 0 0
|
||||
cpu1 65 0 97 49763 634 0 0 335 0 0
|
||||
cpu2 38 0 81 50098 462 0 0 335 0 0
|
||||
cpu3 56 0 107 50138 374 0 0 335 0 0
|
||||
|
||||
After live migration, steal time is reduced to 312.
|
||||
|
||||
cpu 200 0 370 200330 1971 0 0 1248 0 0
|
||||
cpu0 38 0 82 50123 500 0 0 312 0 0
|
||||
cpu1 65 0 97 49832 634 0 0 312 0 0
|
||||
cpu2 39 0 82 50167 462 0 0 312 0 0
|
||||
cpu3 56 0 107 50207 374 0 0 312 0 0
|
||||
|
||||
Since runstate times are cumulative and cleared during xen live migration
|
||||
by xen hypervisor, the idea of this patch is to accumulate runstate times
|
||||
to global percpu variables before live migration suspend. Once guest VM is
|
||||
resumed, xen_get_runstate_snapshot_cpu() would always return the sum of new
|
||||
runstate times and previously accumulated times stored in global percpu
|
||||
variables.
|
||||
|
||||
Comment above HYPERVISOR_suspend() has been removed as it is inaccurate:
|
||||
the call can return an error code (e.g., possibly -EPERM in the future).
|
||||
|
||||
Similar and more severe issue would impact prior linux 4.8-4.10 as
|
||||
discussed by Michael Las at
|
||||
https://0xstubs.org/debugging-a-flaky-cpu-steal-time-counter-on-a-paravirtualized-xen-guest,
|
||||
which would overflow steal time and lead to 100% st usage in top command
|
||||
for linux 4.8-4.10. A backport of this patch would fix that issue.
|
||||
|
||||
[boris: added linux/slab.h to driver/xen/time.c, slightly reformatted
|
||||
commit message]
|
||||
|
||||
References: https://0xstubs.org/debugging-a-flaky-cpu-steal-time-counter-on-a-paravirtualized-xen-guest
|
||||
Signed-off-by: Dongli Zhang <dongli.zhang@oracle.com>
|
||||
Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
|
||||
Signed-off-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
|
||||
---
|
||||
drivers/xen/manage.c | 7 ++---
|
||||
drivers/xen/time.c | 72 +++++++++++++++++++++++++++++++++++++++++++++++++--
|
||||
include/xen/xen-ops.h | 1 +
|
||||
3 files changed, 73 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/drivers/xen/manage.c b/drivers/xen/manage.c
|
||||
index c425d03d37d2..8835065029d3 100644
|
||||
--- a/drivers/xen/manage.c
|
||||
+++ b/drivers/xen/manage.c
|
||||
@@ -72,18 +72,15 @@ static int xen_suspend(void *data)
|
||||
}
|
||||
|
||||
gnttab_suspend();
|
||||
+ xen_manage_runstate_time(-1);
|
||||
xen_arch_pre_suspend();
|
||||
|
||||
- /*
|
||||
- * This hypercall returns 1 if suspend was cancelled
|
||||
- * or the domain was merely checkpointed, and 0 if it
|
||||
- * is resuming in a new domain.
|
||||
- */
|
||||
si->cancelled = HYPERVISOR_suspend(xen_pv_domain()
|
||||
? virt_to_gfn(xen_start_info)
|
||||
: 0);
|
||||
|
||||
xen_arch_post_suspend(si->cancelled);
|
||||
+ xen_manage_runstate_time(si->cancelled ? 1 : 0);
|
||||
gnttab_resume();
|
||||
|
||||
if (!si->cancelled) {
|
||||
diff --git a/drivers/xen/time.c b/drivers/xen/time.c
|
||||
index ac5f23fcafc2..8c46f555d82a 100644
|
||||
--- a/drivers/xen/time.c
|
||||
+++ b/drivers/xen/time.c
|
||||
@@ -5,6 +5,7 @@
|
||||
#include <linux/kernel_stat.h>
|
||||
#include <linux/math64.h>
|
||||
#include <linux/gfp.h>
|
||||
+#include <linux/slab.h>
|
||||
|
||||
#include <asm/paravirt.h>
|
||||
#include <asm/xen/hypervisor.h>
|
||||
@@ -19,6 +20,8 @@
|
||||
/* runstate info updated by Xen */
|
||||
static DEFINE_PER_CPU(struct vcpu_runstate_info, xen_runstate);
|
||||
|
||||
+static DEFINE_PER_CPU(u64[4], old_runstate_time);
|
||||
+
|
||||
/* return an consistent snapshot of 64-bit time/counter value */
|
||||
static u64 get64(const u64 *p)
|
||||
{
|
||||
@@ -47,8 +50,8 @@ static u64 get64(const u64 *p)
|
||||
return ret;
|
||||
}
|
||||
|
||||
-static void xen_get_runstate_snapshot_cpu(struct vcpu_runstate_info *res,
|
||||
- unsigned int cpu)
|
||||
+static void xen_get_runstate_snapshot_cpu_delta(
|
||||
+ struct vcpu_runstate_info *res, unsigned int cpu)
|
||||
{
|
||||
u64 state_time;
|
||||
struct vcpu_runstate_info *state;
|
||||
@@ -66,6 +69,71 @@ static void xen_get_runstate_snapshot_cpu(struct vcpu_runstate_info *res,
|
||||
(state_time & XEN_RUNSTATE_UPDATE));
|
||||
}
|
||||
|
||||
+static void xen_get_runstate_snapshot_cpu(struct vcpu_runstate_info *res,
|
||||
+ unsigned int cpu)
|
||||
+{
|
||||
+ int i;
|
||||
+
|
||||
+ xen_get_runstate_snapshot_cpu_delta(res, cpu);
|
||||
+
|
||||
+ for (i = 0; i < 4; i++)
|
||||
+ res->time[i] += per_cpu(old_runstate_time, cpu)[i];
|
||||
+}
|
||||
+
|
||||
+void xen_manage_runstate_time(int action)
|
||||
+{
|
||||
+ static struct vcpu_runstate_info *runstate_delta;
|
||||
+ struct vcpu_runstate_info state;
|
||||
+ int cpu, i;
|
||||
+
|
||||
+ switch (action) {
|
||||
+ case -1: /* backup runstate time before suspend */
|
||||
+ if (unlikely(runstate_delta))
|
||||
+ pr_warn_once("%s: memory leak as runstate_delta is not NULL\n",
|
||||
+ __func__);
|
||||
+
|
||||
+ runstate_delta = kmalloc_array(num_possible_cpus(),
|
||||
+ sizeof(*runstate_delta),
|
||||
+ GFP_ATOMIC);
|
||||
+ if (unlikely(!runstate_delta)) {
|
||||
+ pr_warn("%s: failed to allocate runstate_delta\n",
|
||||
+ __func__);
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ for_each_possible_cpu(cpu) {
|
||||
+ xen_get_runstate_snapshot_cpu_delta(&state, cpu);
|
||||
+ memcpy(runstate_delta[cpu].time, state.time,
|
||||
+ sizeof(runstate_delta[cpu].time));
|
||||
+ }
|
||||
+
|
||||
+ break;
|
||||
+
|
||||
+ case 0: /* backup runstate time after resume */
|
||||
+ if (unlikely(!runstate_delta)) {
|
||||
+ pr_warn("%s: cannot accumulate runstate time as runstate_delta is NULL\n",
|
||||
+ __func__);
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ for_each_possible_cpu(cpu) {
|
||||
+ for (i = 0; i < 4; i++)
|
||||
+ per_cpu(old_runstate_time, cpu)[i] +=
|
||||
+ runstate_delta[cpu].time[i];
|
||||
+ }
|
||||
+
|
||||
+ break;
|
||||
+
|
||||
+ default: /* do not accumulate runstate time for checkpointing */
|
||||
+ break;
|
||||
+ }
|
||||
+
|
||||
+ if (action != -1 && runstate_delta) {
|
||||
+ kfree(runstate_delta);
|
||||
+ runstate_delta = NULL;
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
/*
|
||||
* Runstate accounting
|
||||
*/
|
||||
diff --git a/include/xen/xen-ops.h b/include/xen/xen-ops.h
|
||||
index 218e6aae5433..09072271f122 100644
|
||||
--- a/include/xen/xen-ops.h
|
||||
+++ b/include/xen/xen-ops.h
|
||||
@@ -32,6 +32,7 @@ void xen_resume_notifier_unregister(struct notifier_block *nb);
|
||||
bool xen_vcpu_stolen(int vcpu);
|
||||
void xen_setup_runstate_info(int cpu);
|
||||
void xen_time_setup_guest(void);
|
||||
+void xen_manage_runstate_time(int action);
|
||||
void xen_get_runstate_snapshot(struct vcpu_runstate_info *res);
|
||||
u64 xen_steal_clock(int cpu);
|
||||
|
||||
--
|
||||
2.15.1
|
||||
|
|
@ -1,36 +0,0 @@
|
|||
From: Andrzej Pietrasiewicz <andrzej.p@samsung.com>
|
||||
Date: Mon, 18 Sep 2017 12:02:13 +0200
|
||||
Subject: ARM: dts: exynos: Add dwc3 SUSPHY quirk
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/krzk/linux.git/commit?id=3bf689f9275ff73de1ffad3e571837c8bff41d27
|
||||
Bug-Debian: https://bugs.debian.org/843448
|
||||
|
||||
Odroid XU4 board does not enumerate SuperSpeed devices.
|
||||
This patch makes exynos5 series chips use USB SUSPHY quirk,
|
||||
which solves the problem.
|
||||
|
||||
Signed-off-by: Andrzej Pietrasiewicz <andrzej.p@samsung.com>
|
||||
Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
|
||||
---
|
||||
arch/arm/boot/dts/exynos54xx.dtsi | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/arch/arm/boot/dts/exynos54xx.dtsi b/arch/arm/boot/dts/exynos54xx.dtsi
|
||||
index 0389e8a10d0b..8ca4fef8b1ce 100644
|
||||
--- a/arch/arm/boot/dts/exynos54xx.dtsi
|
||||
+++ b/arch/arm/boot/dts/exynos54xx.dtsi
|
||||
@@ -134,6 +134,7 @@
|
||||
interrupts = <GIC_SPI 72 IRQ_TYPE_LEVEL_HIGH>;
|
||||
phys = <&usbdrd_phy0 0>, <&usbdrd_phy0 1>;
|
||||
phy-names = "usb2-phy", "usb3-phy";
|
||||
+ snps,dis_u3_susphy_quirk;
|
||||
};
|
||||
};
|
||||
|
||||
@@ -154,6 +155,7 @@
|
||||
reg = <0x12400000 0x10000>;
|
||||
phys = <&usbdrd_phy1 0>, <&usbdrd_phy1 1>;
|
||||
phy-names = "usb2-phy", "usb3-phy";
|
||||
+ snps,dis_u3_susphy_quirk;
|
||||
};
|
||||
};
|
||||
|
|
@ -2,35 +2,39 @@ From: Ben Hutchings <ben@decadent.org.uk>
|
|||
Date: Wed, 5 Jul 2017 13:32:43 +0100
|
||||
Subject: mmap: Remember the MAP_FIXED flag as VM_FIXED
|
||||
|
||||
Since 4.15 there are no spare bits, but we can use VM_ARCH_1 as
|
||||
VM_FIXED wil only be needed on x86.
|
||||
|
||||
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
|
||||
---
|
||||
include/linux/mm.h | 1 +
|
||||
include/linux/mman.h | 3 ++-
|
||||
2 files changed, 3 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/include/linux/mm.h b/include/linux/mm.h
|
||||
index 43edf659453b..1f84cc52389e 100644
|
||||
--- a/include/linux/mm.h
|
||||
+++ b/include/linux/mm.h
|
||||
@@ -190,6 +190,7 @@ extern unsigned int kobjsize(const void *objp);
|
||||
#define VM_ACCOUNT 0x00100000 /* Is a VM accounted object */
|
||||
#define VM_NORESERVE 0x00200000 /* should the VM suppress accounting */
|
||||
@@ -201,6 +201,11 @@ extern unsigned int kobjsize(const void
|
||||
#define VM_HUGETLB 0x00400000 /* Huge TLB Page VM */
|
||||
+#define VM_FIXED 0x00800000 /* Allocated at fixed address */
|
||||
#define VM_SYNC 0x00800000 /* Synchronous page faults */
|
||||
#define VM_ARCH_1 0x01000000 /* Architecture-specific flag */
|
||||
+#ifdef CONFIG_X86
|
||||
+#define VM_FIXED VM_ARCH_1 /* Allocated at fixed address */
|
||||
+#else
|
||||
+#define VM_FIXED 0
|
||||
+#endif
|
||||
#define VM_WIPEONFORK 0x02000000 /* Wipe VMA contents in child. */
|
||||
#define VM_DONTDUMP 0x04000000 /* Do not include in the core dump */
|
||||
diff --git a/include/linux/mman.h b/include/linux/mman.h
|
||||
index 7c87b6652244..f22c15d5e24c 100644
|
||||
|
||||
--- a/include/linux/mman.h
|
||||
+++ b/include/linux/mman.h
|
||||
@@ -87,7 +87,8 @@ calc_vm_flag_bits(unsigned long flags)
|
||||
{
|
||||
@@ -131,7 +131,9 @@ calc_vm_flag_bits(unsigned long flags)
|
||||
return _calc_vm_trans(flags, MAP_GROWSDOWN, VM_GROWSDOWN ) |
|
||||
_calc_vm_trans(flags, MAP_DENYWRITE, VM_DENYWRITE ) |
|
||||
- _calc_vm_trans(flags, MAP_LOCKED, VM_LOCKED );
|
||||
+ _calc_vm_trans(flags, MAP_LOCKED, VM_LOCKED ) |
|
||||
+ _calc_vm_trans(flags, MAP_FIXED, VM_FIXED );
|
||||
_calc_vm_trans(flags, MAP_LOCKED, VM_LOCKED ) |
|
||||
- _calc_vm_trans(flags, MAP_SYNC, VM_SYNC );
|
||||
+ _calc_vm_trans(flags, MAP_SYNC, VM_SYNC ) |
|
||||
+ (VM_FIXED ?
|
||||
+ _calc_vm_trans(flags, MAP_FIXED, VM_FIXED ) : 0);
|
||||
}
|
||||
|
||||
unsigned long vm_commit_limit(void);
|
||||
|
|
|
@ -15,7 +15,7 @@ Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
|
|||
---
|
||||
--- a/kernel/fork.c
|
||||
+++ b/kernel/fork.c
|
||||
@@ -87,6 +87,11 @@
|
||||
@@ -102,6 +102,11 @@
|
||||
|
||||
#define CREATE_TRACE_POINTS
|
||||
#include <trace/events/task.h>
|
||||
|
@ -27,7 +27,7 @@ Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
|
|||
|
||||
/*
|
||||
* Minimum number of threads to boot the kernel
|
||||
@@ -1252,6 +1257,10 @@ static struct task_struct *copy_process(
|
||||
@@ -1550,6 +1555,10 @@ static __latent_entropy struct task_stru
|
||||
if ((clone_flags & (CLONE_NEWUSER|CLONE_FS)) == (CLONE_NEWUSER|CLONE_FS))
|
||||
return ERR_PTR(-EINVAL);
|
||||
|
||||
|
@ -38,7 +38,7 @@ Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
|
|||
/*
|
||||
* Thread groups must share signals as well, and detached threads
|
||||
* can only be started up within the thread group.
|
||||
@@ -1944,6 +1953,12 @@ SYSCALL_DEFINE1(unshare, unsigned long,
|
||||
@@ -2343,6 +2352,12 @@ SYSCALL_DEFINE1(unshare, unsigned long,
|
||||
if (unshare_flags & CLONE_NEWNS)
|
||||
unshare_flags |= CLONE_FS;
|
||||
|
||||
|
@ -53,7 +53,7 @@ Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
|
|||
goto bad_unshare_out;
|
||||
--- a/kernel/sysctl.c
|
||||
+++ b/kernel/sysctl.c
|
||||
@@ -102,6 +102,9 @@ extern int core_uses_pid;
|
||||
@@ -105,6 +105,9 @@ extern int core_uses_pid;
|
||||
extern char core_pattern[];
|
||||
extern unsigned int core_pipe_limit;
|
||||
#endif
|
||||
|
@ -63,7 +63,7 @@ Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
|
|||
extern int pid_max;
|
||||
extern int pid_max_min, pid_max_max;
|
||||
extern int percpu_pagelist_fraction;
|
||||
@@ -489,6 +492,15 @@ static struct ctl_table kern_table[] = {
|
||||
@@ -512,6 +515,15 @@ static struct ctl_table kern_table[] = {
|
||||
.mode = 0644,
|
||||
.proc_handler = proc_dointvec,
|
||||
},
|
||||
|
@ -81,9 +81,9 @@ Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
|
|||
{
|
||||
--- a/kernel/user_namespace.c
|
||||
+++ b/kernel/user_namespace.c
|
||||
@@ -23,6 +23,9 @@
|
||||
#include <linux/projid.h>
|
||||
#include <linux/fs_struct.h>
|
||||
@@ -26,6 +26,9 @@
|
||||
#include <linux/bsearch.h>
|
||||
#include <linux/sort.h>
|
||||
|
||||
+/* sysctl */
|
||||
+int unprivileged_userns_clone;
|
||||
|
|
|
@ -12,8 +12,8 @@ actually used.
|
|||
---
|
||||
--- a/fs/notify/fanotify/fanotify_user.c
|
||||
+++ b/fs/notify/fanotify/fanotify_user.c
|
||||
@@ -847,6 +847,14 @@ SYSCALL_DEFINE5(fanotify_mark, int, fano
|
||||
#endif
|
||||
@@ -866,6 +866,14 @@ SYSCALL_DEFINE5(fanotify_mark, int, fano
|
||||
if (mask & ~valid_mask)
|
||||
return -EINVAL;
|
||||
|
||||
+#ifdef CONFIG_FANOTIFY_ACCESS_PERMISSIONS
|
||||
|
|
|
@ -7,8 +7,8 @@ Forwarded: not-needed
|
|||
|
||||
--- a/.gitignore
|
||||
+++ b/.gitignore
|
||||
@@ -53,23 +53,11 @@ Module.symvers
|
||||
/Module.markers
|
||||
@@ -61,23 +61,11 @@ modules.builtin
|
||||
/*.spec
|
||||
|
||||
#
|
||||
-# Debian directory (make deb-pkg)
|
||||
|
@ -31,7 +31,7 @@ Forwarded: not-needed
|
|||
# Generated include files
|
||||
#
|
||||
include/config
|
||||
@@ -114,3 +102,10 @@ all.config
|
||||
@@ -122,3 +110,10 @@ all.config
|
||||
|
||||
# Kdevelop4
|
||||
*.kdev4
|
||||
|
|
|
@ -14,7 +14,7 @@ use of $(ARCH) needs to be moved after this.
|
|||
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -251,42 +251,6 @@ SUBARCH := $(shell uname -m | sed -e s/i
|
||||
@@ -314,39 +314,6 @@ SUBARCH := $(shell uname -m | sed -e s/i
|
||||
ARCH ?= $(SUBARCH)
|
||||
CROSS_COMPILE ?= $(CONFIG_CROSS_COMPILE:"%"=%)
|
||||
|
||||
|
@ -50,14 +50,11 @@ use of $(ARCH) needs to be moved after this.
|
|||
-ifeq ($(ARCH),tilegx)
|
||||
- SRCARCH := tile
|
||||
-endif
|
||||
-
|
||||
-# Where to locate arch specific headers
|
||||
-hdr-arch := $(SRCARCH)
|
||||
-
|
||||
KCONFIG_CONFIG ?= .config
|
||||
export KCONFIG_CONFIG
|
||||
|
||||
@@ -374,6 +338,45 @@ CFLAGS_KERNEL =
|
||||
@@ -395,6 +362,38 @@ CFLAGS_KERNEL =
|
||||
AFLAGS_KERNEL =
|
||||
LDFLAGS_vmlinux =
|
||||
|
||||
|
@ -92,14 +89,7 @@ use of $(ARCH) needs to be moved after this.
|
|||
+ifeq ($(ARCH),tilegx)
|
||||
+ SRCARCH := tile
|
||||
+endif
|
||||
+
|
||||
+# Where to locate arch specific headers
|
||||
+hdr-arch := $(SRCARCH)
|
||||
+
|
||||
+ifeq ($(ARCH),m68knommu)
|
||||
+ hdr-arch := m68k
|
||||
+endif
|
||||
+
|
||||
# Use USERINCLUDE when you must reference the UAPI directories only.
|
||||
USERINCLUDE := \
|
||||
-I$(srctree)/arch/$(hdr-arch)/include/uapi \
|
||||
-I$(srctree)/arch/$(SRCARCH)/include/uapi \
|
||||
|
|
|
@ -176,7 +176,7 @@ and commit 8b3f5ac6b55f5f3f60723a58f14ec235a5b8cfe
|
|||
|
||||
#include "bus.h"
|
||||
#include "channel.h"
|
||||
@@ -177,38 +176,11 @@ static int host1x_probe(struct platform_
|
||||
@@ -218,37 +217,11 @@ static int host1x_probe(struct platform_
|
||||
return err;
|
||||
}
|
||||
|
||||
|
@ -201,8 +201,7 @@ and commit 8b3f5ac6b55f5f3f60723a58f14ec235a5b8cfe
|
|||
-
|
||||
- order = __ffs(host->domain->pgsize_bitmap);
|
||||
- init_iova_domain(&host->iova, 1UL << order,
|
||||
- geometry->aperture_start >> order,
|
||||
- geometry->aperture_end >> order);
|
||||
- geometry->aperture_start >> order);
|
||||
- host->iova_end = geometry->aperture_end;
|
||||
- }
|
||||
-
|
||||
|
@ -216,7 +215,7 @@ and commit 8b3f5ac6b55f5f3f60723a58f14ec235a5b8cfe
|
|||
}
|
||||
|
||||
err = clk_prepare_enable(host->clk);
|
||||
@@ -253,15 +225,6 @@ fail_unprepare_disable:
|
||||
@@ -293,15 +266,6 @@ fail_unprepare_disable:
|
||||
clk_disable_unprepare(host->clk);
|
||||
fail_free_channels:
|
||||
host1x_channel_list_free(&host->channel_list);
|
||||
|
@ -232,7 +231,7 @@ and commit 8b3f5ac6b55f5f3f60723a58f14ec235a5b8cfe
|
|||
return err;
|
||||
}
|
||||
|
||||
@@ -275,12 +238,6 @@ static int host1x_remove(struct platform
|
||||
@@ -315,12 +279,6 @@ static int host1x_remove(struct platform
|
||||
reset_control_assert(host->rst);
|
||||
clk_disable_unprepare(host->clk);
|
||||
|
||||
|
@ -256,7 +255,7 @@ and commit 8b3f5ac6b55f5f3f60723a58f14ec235a5b8cfe
|
|||
#include <linux/platform_device.h>
|
||||
#include <linux/reset.h>
|
||||
|
||||
@@ -112,10 +110,6 @@ struct host1x {
|
||||
@@ -117,10 +115,6 @@ struct host1x {
|
||||
struct clk *clk;
|
||||
struct reset_control *rst;
|
||||
|
||||
|
|
|
@ -9,7 +9,7 @@ are set.
|
|||
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -1055,7 +1055,7 @@ endif
|
||||
@@ -1048,7 +1048,7 @@ endif
|
||||
prepare2: prepare3 prepare-compiler-check outputmakefile asm-generic
|
||||
|
||||
prepare1: prepare2 $(version_h) include/generated/utsrelease.h \
|
||||
|
@ -18,7 +18,7 @@ are set.
|
|||
$(cmd_crmodverdir)
|
||||
|
||||
archprepare: archheaders archscripts prepare1 scripts_basic
|
||||
@@ -1116,6 +1116,16 @@ define filechk_version.h
|
||||
@@ -1118,6 +1118,16 @@ define filechk_version.h
|
||||
echo '#define KERNEL_VERSION(a,b,c) (((a) << 16) + ((b) << 8) + (c))';)
|
||||
endef
|
||||
|
||||
|
@ -35,7 +35,7 @@ are set.
|
|||
$(version_h): $(srctree)/Makefile FORCE
|
||||
$(call filechk,version.h)
|
||||
$(Q)rm -f $(old_version_h)
|
||||
@@ -1123,6 +1133,9 @@ $(version_h): $(srctree)/Makefile FORCE
|
||||
@@ -1125,6 +1135,9 @@ $(version_h): $(srctree)/Makefile FORCE
|
||||
include/generated/utsrelease.h: include/config/kernel.release FORCE
|
||||
$(call filechk,utsrelease.h)
|
||||
|
||||
|
@ -69,7 +69,7 @@ are set.
|
|||
printk(KERN_INFO "RSP: %016lx EFLAGS: %08lx\n", PT_REGS_SP(regs),
|
||||
--- a/arch/ia64/kernel/process.c
|
||||
+++ b/arch/ia64/kernel/process.c
|
||||
@@ -34,6 +34,7 @@
|
||||
@@ -35,6 +35,7 @@
|
||||
#include <linux/utsname.h>
|
||||
#include <linux/tracehook.h>
|
||||
#include <linux/rcupdate.h>
|
||||
|
@ -77,7 +77,7 @@ are set.
|
|||
|
||||
#include <asm/cpu.h>
|
||||
#include <asm/delay.h>
|
||||
@@ -107,9 +108,9 @@ show_regs (struct pt_regs *regs)
|
||||
@@ -108,9 +109,9 @@ show_regs (struct pt_regs *regs)
|
||||
print_modules();
|
||||
printk("\n");
|
||||
show_regs_print_info(KERN_DEFAULT);
|
||||
|
@ -99,13 +99,13 @@ are set.
|
|||
|
||||
#include <asm/pgtable.h>
|
||||
#include <asm/io.h>
|
||||
@@ -1382,8 +1383,9 @@ void show_regs(struct pt_regs * regs)
|
||||
@@ -1403,8 +1404,9 @@ void show_regs(struct pt_regs * regs)
|
||||
|
||||
printk("NIP: "REG" LR: "REG" CTR: "REG"\n",
|
||||
regs->nip, regs->link, regs->ctr);
|
||||
- printk("REGS: %p TRAP: %04lx %s (%s)\n",
|
||||
- printk("REGS: %px TRAP: %04lx %s (%s)\n",
|
||||
- regs, regs->trap, print_tainted(), init_utsname()->release);
|
||||
+ printk("REGS: %p TRAP: %04lx %s (%s%s)\n",
|
||||
+ printk("REGS: %px TRAP: %04lx %s (%s%s)\n",
|
||||
+ regs, regs->trap, print_tainted(), init_utsname()->release,
|
||||
+ LINUX_PACKAGE_ID);
|
||||
printk("MSR: "REG" ", regs->msr);
|
||||
|
|
|
@ -1,18 +1,19 @@
|
|||
From: J. R. Okajima <hooanon05@yahoo.co.jp>
|
||||
Date: Thu Nov 16 10:20:27 2017 +0900
|
||||
Subject: aufs4.14 base patch
|
||||
Origin: https://github.com/sfjro/aufs4-standalone/tree/bf518fb574cee10c6112f0e9ca5c67b277426630
|
||||
Date: Sat Dec 16 15:29:33 2017 +0900
|
||||
Subject: SPDX-License-Identifier: GPL-2.0
|
||||
Origin: https://github.com/sfjro/aufs4-standalone/tree/8b9c1be851f351af1104f55952e211ae541695ee
|
||||
Bug-Debian: https://bugs.debian.org/541828
|
||||
|
||||
Patch headers added by debian/patches/features/all/aufs4/gen-patch
|
||||
|
||||
aufs4.14 base patch
|
||||
SPDX-License-Identifier: GPL-2.0
|
||||
aufs4.x-rcN base patch
|
||||
|
||||
diff --git a/MAINTAINERS b/MAINTAINERS
|
||||
index 2811a21..02b6deb 100644
|
||||
index 82ad0ea..7d8b461 100644
|
||||
--- a/MAINTAINERS
|
||||
+++ b/MAINTAINERS
|
||||
@@ -2465,6 +2465,19 @@ F: include/linux/audit.h
|
||||
@@ -2478,6 +2478,19 @@ F: include/linux/audit.h
|
||||
F: include/uapi/linux/audit.h
|
||||
F: kernel/audit*
|
||||
|
||||
|
@ -33,10 +34,10 @@ index 2811a21..02b6deb 100644
|
|||
M: Miguel Ojeda Sandonis <miguel.ojeda.sandonis@gmail.com>
|
||||
W: http://miguelojeda.es/auxdisplay.htm
|
||||
diff --git a/drivers/block/loop.c b/drivers/block/loop.c
|
||||
index 85de673..d44de9d 100644
|
||||
index bc8e615..e51a59d 100644
|
||||
--- a/drivers/block/loop.c
|
||||
+++ b/drivers/block/loop.c
|
||||
@@ -686,6 +686,24 @@ static inline int is_loop_device(struct file *file)
|
||||
@@ -691,6 +691,24 @@ static inline int is_loop_device(struct file *file)
|
||||
return i && S_ISBLK(i->i_mode) && MAJOR(i->i_rdev) == LOOP_MAJOR;
|
||||
}
|
||||
|
||||
|
@ -62,7 +63,7 @@ index 85de673..d44de9d 100644
|
|||
|
||||
static ssize_t loop_attr_show(struct device *dev, char *page,
|
||||
diff --git a/fs/dcache.c b/fs/dcache.c
|
||||
index f901413..e3719a5 100644
|
||||
index 5c7df1d..019f14b 100644
|
||||
--- a/fs/dcache.c
|
||||
+++ b/fs/dcache.c
|
||||
@@ -1197,7 +1197,7 @@ enum d_walk_ret {
|
||||
|
@ -75,7 +76,7 @@ index f901413..e3719a5 100644
|
|||
void (*finish)(void *))
|
||||
{
|
||||
diff --git a/fs/fcntl.c b/fs/fcntl.c
|
||||
index 8d78ffd..cffefab 100644
|
||||
index 0522e28..74c255d 100644
|
||||
--- a/fs/fcntl.c
|
||||
+++ b/fs/fcntl.c
|
||||
@@ -32,7 +32,7 @@
|
||||
|
@ -97,7 +98,7 @@ index 8d78ffd..cffefab 100644
|
|||
return error;
|
||||
|
||||
diff --git a/fs/inode.c b/fs/inode.c
|
||||
index d1e35b5..f7800d6 100644
|
||||
index 03102d6..517883c 100644
|
||||
--- a/fs/inode.c
|
||||
+++ b/fs/inode.c
|
||||
@@ -1655,7 +1655,7 @@ EXPORT_SYMBOL(generic_update_time);
|
||||
|
@ -110,7 +111,7 @@ index d1e35b5..f7800d6 100644
|
|||
int (*update_time)(struct inode *, struct timespec *, int);
|
||||
|
||||
diff --git a/fs/namespace.c b/fs/namespace.c
|
||||
index d18deb4..e5a4a7f 100644
|
||||
index e158ec6..312bdbd8 100644
|
||||
--- a/fs/namespace.c
|
||||
+++ b/fs/namespace.c
|
||||
@@ -846,6 +846,12 @@ static inline int check_mnt(struct mount *mnt)
|
||||
|
@ -127,7 +128,7 @@ index d18deb4..e5a4a7f 100644
|
|||
* vfsmount lock must be held for write
|
||||
*/
|
||||
diff --git a/fs/read_write.c b/fs/read_write.c
|
||||
index 0046d72..2388284 100644
|
||||
index f8547b8..0a5c47b 100644
|
||||
--- a/fs/read_write.c
|
||||
+++ b/fs/read_write.c
|
||||
@@ -484,6 +484,28 @@ ssize_t __vfs_write(struct file *file, const char __user *p, size_t count,
|
||||
|
@ -160,7 +161,7 @@ index 0046d72..2388284 100644
|
|||
{
|
||||
mm_segment_t old_fs;
|
||||
diff --git a/fs/splice.c b/fs/splice.c
|
||||
index f3084cc..eb888c6 100644
|
||||
index 39e2dc0..c5fb195 100644
|
||||
--- a/fs/splice.c
|
||||
+++ b/fs/splice.c
|
||||
@@ -837,8 +837,8 @@ EXPORT_SYMBOL(generic_splice_sendpage);
|
||||
|
@ -188,7 +189,7 @@ index f3084cc..eb888c6 100644
|
|||
ssize_t (*splice_read)(struct file *, loff_t *,
|
||||
struct pipe_inode_info *, size_t, unsigned int);
|
||||
diff --git a/fs/sync.c b/fs/sync.c
|
||||
index 83ac79a..fe15900 100644
|
||||
index 6e0a2cb..a6891ee 100644
|
||||
--- a/fs/sync.c
|
||||
+++ b/fs/sync.c
|
||||
@@ -28,7 +28,7 @@
|
||||
|
@ -213,7 +214,7 @@ index 279720d..76e38ea 100644
|
|||
static inline void fput_light(struct file *file, int fput_needed)
|
||||
{
|
||||
diff --git a/include/linux/fs.h b/include/linux/fs.h
|
||||
index 885266a..e489e42 100644
|
||||
index 511fbaa..96e05b3 100644
|
||||
--- a/include/linux/fs.h
|
||||
+++ b/include/linux/fs.h
|
||||
@@ -1265,6 +1265,7 @@ extern void fasync_free(struct fasync_struct *);
|
||||
|
@ -224,7 +225,7 @@ index 885266a..e489e42 100644
|
|||
extern void __f_setown(struct file *filp, struct pid *, enum pid_type, int force);
|
||||
extern int f_setown(struct file *filp, unsigned long arg, int force);
|
||||
extern void f_delown(struct file *filp);
|
||||
@@ -1711,6 +1712,7 @@ struct file_operations {
|
||||
@@ -1712,6 +1713,7 @@ struct file_operations {
|
||||
ssize_t (*sendpage) (struct file *, struct page *, int, size_t, loff_t *, int);
|
||||
unsigned long (*get_unmapped_area)(struct file *, unsigned long, unsigned long, unsigned long, unsigned long);
|
||||
int (*check_flags)(int);
|
||||
|
@ -232,7 +233,7 @@ index 885266a..e489e42 100644
|
|||
int (*flock) (struct file *, int, struct file_lock *);
|
||||
ssize_t (*splice_write)(struct pipe_inode_info *, struct file *, loff_t *, size_t, unsigned int);
|
||||
ssize_t (*splice_read)(struct file *, loff_t *, struct pipe_inode_info *, size_t, unsigned int);
|
||||
@@ -1781,6 +1783,12 @@ ssize_t rw_copy_check_uvector(int type, const struct iovec __user * uvector,
|
||||
@@ -1782,6 +1784,12 @@ ssize_t rw_copy_check_uvector(int type, const struct iovec __user * uvector,
|
||||
struct iovec *fast_pointer,
|
||||
struct iovec **ret_pointer);
|
||||
|
||||
|
@ -245,7 +246,7 @@ index 885266a..e489e42 100644
|
|||
extern ssize_t __vfs_read(struct file *, char __user *, size_t, loff_t *);
|
||||
extern ssize_t vfs_read(struct file *, char __user *, size_t, loff_t *);
|
||||
extern ssize_t vfs_write(struct file *, const char __user *, size_t, loff_t *);
|
||||
@@ -2183,6 +2191,7 @@ extern int current_umask(void);
|
||||
@@ -2201,6 +2209,7 @@ extern int current_umask(void);
|
||||
extern void ihold(struct inode * inode);
|
||||
extern void iput(struct inode *);
|
||||
extern int generic_update_time(struct inode *, struct timespec *, int);
|
||||
|
@ -253,7 +254,7 @@ index 885266a..e489e42 100644
|
|||
|
||||
/* /sys/fs */
|
||||
extern struct kobject *fs_kobj;
|
||||
@@ -2463,6 +2472,7 @@ static inline bool sb_is_blkdev_sb(struct super_block *sb)
|
||||
@@ -2481,6 +2490,7 @@ static inline bool sb_is_blkdev_sb(struct super_block *sb)
|
||||
return false;
|
||||
}
|
||||
#endif
|
||||
|
@ -262,7 +263,7 @@ index 885266a..e489e42 100644
|
|||
extern const struct file_operations def_blk_fops;
|
||||
extern const struct file_operations def_chr_fops;
|
||||
diff --git a/include/linux/lockdep.h b/include/linux/lockdep.h
|
||||
index f301d31..c26f5b4 100644
|
||||
index a842551..453e941 100644
|
||||
--- a/include/linux/lockdep.h
|
||||
+++ b/include/linux/lockdep.h
|
||||
@@ -406,6 +406,8 @@ static inline int lockdep_match_key(struct lockdep_map *lock,
|
||||
|
@ -274,7 +275,7 @@ index f301d31..c26f5b4 100644
|
|||
/*
|
||||
* Acquire a lock.
|
||||
*
|
||||
@@ -530,6 +532,7 @@ struct lock_class_key { };
|
||||
@@ -535,6 +537,7 @@ struct lockdep_map { };
|
||||
|
||||
#define lockdep_depth(tsk) (0)
|
||||
|
||||
|
@ -317,10 +318,10 @@ index 74b4911..19789fb 100644
|
|||
+ unsigned int flags);
|
||||
#endif
|
||||
diff --git a/kernel/locking/lockdep.c b/kernel/locking/lockdep.c
|
||||
index e36e652..bc97a97 100644
|
||||
index 670d8d7..2cd0282 100644
|
||||
--- a/kernel/locking/lockdep.c
|
||||
+++ b/kernel/locking/lockdep.c
|
||||
@@ -144,7 +144,7 @@ static struct lock_list list_entries[MAX_LOCKDEP_ENTRIES];
|
||||
@@ -156,7 +156,7 @@ static struct lock_list list_entries[MAX_LOCKDEP_ENTRIES];
|
||||
unsigned long nr_lock_classes;
|
||||
static struct lock_class lock_classes[MAX_LOCKDEP_KEYS];
|
||||
|
||||
|
@ -329,7 +330,7 @@ index e36e652..bc97a97 100644
|
|||
{
|
||||
if (!hlock->class_idx) {
|
||||
/*
|
||||
@@ -155,6 +155,7 @@ static inline struct lock_class *hlock_class(struct held_lock *hlock)
|
||||
@@ -167,6 +167,7 @@ static inline struct lock_class *hlock_class(struct held_lock *hlock)
|
||||
}
|
||||
return lock_classes + hlock->class_idx - 1;
|
||||
}
|
||||
|
|
|
@ -1,18 +1,19 @@
|
|||
From: J. R. Okajima <hooanon05@yahoo.co.jp>
|
||||
Date: Thu Nov 16 10:20:27 2017 +0900
|
||||
Subject: aufs4.14 mmap patch
|
||||
Origin: https://github.com/sfjro/aufs4-standalone/tree/bf518fb574cee10c6112f0e9ca5c67b277426630
|
||||
Date: Sat Dec 16 15:29:33 2017 +0900
|
||||
Subject: SPDX-License-Identifier: GPL-2.0
|
||||
Origin: https://github.com/sfjro/aufs4-standalone/tree/8b9c1be851f351af1104f55952e211ae541695ee
|
||||
Bug-Debian: https://bugs.debian.org/541828
|
||||
|
||||
Patch headers added by debian/patches/features/all/aufs4/gen-patch
|
||||
|
||||
aufs4.14 mmap patch
|
||||
SPDX-License-Identifier: GPL-2.0
|
||||
aufs4.x-rcN mmap patch
|
||||
|
||||
diff --git a/fs/proc/base.c b/fs/proc/base.c
|
||||
index 9d357b2..11f4f23 100644
|
||||
index 60316b5..ce5314e 100644
|
||||
--- a/fs/proc/base.c
|
||||
+++ b/fs/proc/base.c
|
||||
@@ -1988,7 +1988,7 @@ static int map_files_get_link(struct dentry *dentry, struct path *path)
|
||||
@@ -1987,7 +1987,7 @@ static int map_files_get_link(struct dentry *dentry, struct path *path)
|
||||
down_read(&mm->mmap_sem);
|
||||
vma = find_exact_vma(mm, vm_start, vm_end);
|
||||
if (vma && vma->vm_file) {
|
||||
|
@ -38,10 +39,10 @@ index 7563437..7c0dc0f 100644
|
|||
ino = inode->i_ino;
|
||||
}
|
||||
diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c
|
||||
index 6744bd7..6d4dea3 100644
|
||||
index 339e4c1..1138098 100644
|
||||
--- a/fs/proc/task_mmu.c
|
||||
+++ b/fs/proc/task_mmu.c
|
||||
@@ -310,7 +310,10 @@ show_map_vma(struct seq_file *m, struct vm_area_struct *vma, int is_pid)
|
||||
@@ -306,7 +306,10 @@ show_map_vma(struct seq_file *m, struct vm_area_struct *vma, int is_pid)
|
||||
const char *name = NULL;
|
||||
|
||||
if (file) {
|
||||
|
@ -53,7 +54,7 @@ index 6744bd7..6d4dea3 100644
|
|||
dev = inode->i_sb->s_dev;
|
||||
ino = inode->i_ino;
|
||||
pgoff = ((loff_t)vma->vm_pgoff) << PAGE_SHIFT;
|
||||
@@ -1739,7 +1742,7 @@ static int show_numa_map(struct seq_file *m, void *v, int is_pid)
|
||||
@@ -1736,7 +1739,7 @@ static int show_numa_map(struct seq_file *m, void *v, int is_pid)
|
||||
struct proc_maps_private *proc_priv = &numa_priv->proc_maps;
|
||||
struct vm_area_struct *vma = v;
|
||||
struct numa_maps *md = &numa_priv->md;
|
||||
|
@ -79,10 +80,10 @@ index 5b62f57..dfb4a3b 100644
|
|||
ino = inode->i_ino;
|
||||
pgoff = (loff_t)vma->vm_pgoff << PAGE_SHIFT;
|
||||
diff --git a/include/linux/mm.h b/include/linux/mm.h
|
||||
index 43edf65..3f9acd9 100644
|
||||
index ea818ff..fbd4799 100644
|
||||
--- a/include/linux/mm.h
|
||||
+++ b/include/linux/mm.h
|
||||
@@ -1349,6 +1349,28 @@ static inline int fixup_user_fault(struct task_struct *tsk,
|
||||
@@ -1362,6 +1362,28 @@ static inline int fixup_user_fault(struct task_struct *tsk,
|
||||
}
|
||||
#endif
|
||||
|
||||
|
@ -112,10 +113,10 @@ index 43edf65..3f9acd9 100644
|
|||
unsigned int gup_flags);
|
||||
extern int access_remote_vm(struct mm_struct *mm, unsigned long addr,
|
||||
diff --git a/include/linux/mm_types.h b/include/linux/mm_types.h
|
||||
index c85f11d..a63875a 100644
|
||||
index cfd0ac4..135e11c 100644
|
||||
--- a/include/linux/mm_types.h
|
||||
+++ b/include/linux/mm_types.h
|
||||
@@ -261,6 +261,7 @@ struct vm_region {
|
||||
@@ -255,6 +255,7 @@ struct vm_region {
|
||||
unsigned long vm_top; /* region allocated to here */
|
||||
unsigned long vm_pgoff; /* the offset in vm_file corresponding to vm_start */
|
||||
struct file *vm_file; /* the backing file or NULL */
|
||||
|
@ -123,7 +124,7 @@ index c85f11d..a63875a 100644
|
|||
|
||||
int vm_usage; /* region usage count (access under nommu_region_sem) */
|
||||
bool vm_icache_flushed : 1; /* true if the icache has been flushed for
|
||||
@@ -335,6 +336,7 @@ struct vm_area_struct {
|
||||
@@ -329,6 +330,7 @@ struct vm_area_struct {
|
||||
unsigned long vm_pgoff; /* Offset (within vm_file) in PAGE_SIZE
|
||||
units */
|
||||
struct file * vm_file; /* File we map to (can be NULL). */
|
||||
|
@ -132,7 +133,7 @@ index c85f11d..a63875a 100644
|
|||
|
||||
atomic_long_t swap_readahead_info;
|
||||
diff --git a/kernel/fork.c b/kernel/fork.c
|
||||
index 07cc743..b1d2b43 100644
|
||||
index 432eadf..8b2ba5b 100644
|
||||
--- a/kernel/fork.c
|
||||
+++ b/kernel/fork.c
|
||||
@@ -676,7 +676,7 @@ static __latent_entropy int dup_mmap(struct mm_struct *mm,
|
||||
|
@ -145,10 +146,10 @@ index 07cc743..b1d2b43 100644
|
|||
atomic_dec(&inode->i_writecount);
|
||||
i_mmap_lock_write(mapping);
|
||||
diff --git a/mm/Makefile b/mm/Makefile
|
||||
index 4659b93..84488841 100644
|
||||
index e669f02..9c36567 100644
|
||||
--- a/mm/Makefile
|
||||
+++ b/mm/Makefile
|
||||
@@ -40,7 +40,7 @@ obj-y := filemap.o mempool.o oom_kill.o \
|
||||
@@ -39,7 +39,7 @@ obj-y := filemap.o mempool.o oom_kill.o \
|
||||
mm_init.o mmu_context.o percpu.o slab_common.o \
|
||||
compaction.o vmacache.o swap_slots.o \
|
||||
interval_tree.o list_lru.o workingset.o \
|
||||
|
@ -158,10 +159,10 @@ index 4659b93..84488841 100644
|
|||
obj-y += init-mm.o
|
||||
|
||||
diff --git a/mm/filemap.c b/mm/filemap.c
|
||||
index 594d73f..7183aef 100644
|
||||
index ee83baa..7677d13 100644
|
||||
--- a/mm/filemap.c
|
||||
+++ b/mm/filemap.c
|
||||
@@ -2590,7 +2590,7 @@ int filemap_page_mkwrite(struct vm_fault *vmf)
|
||||
@@ -2704,7 +2704,7 @@ int filemap_page_mkwrite(struct vm_fault *vmf)
|
||||
int ret = VM_FAULT_LOCKED;
|
||||
|
||||
sb_start_pagefault(inode->i_sb);
|
||||
|
@ -171,7 +172,7 @@ index 594d73f..7183aef 100644
|
|||
if (page->mapping != inode->i_mapping) {
|
||||
unlock_page(page);
|
||||
diff --git a/mm/mmap.c b/mm/mmap.c
|
||||
index 680506f..081406a 100644
|
||||
index a4d5468..cb06cbd 100644
|
||||
--- a/mm/mmap.c
|
||||
+++ b/mm/mmap.c
|
||||
@@ -171,7 +171,7 @@ static struct vm_area_struct *remove_vma(struct vm_area_struct *vma)
|
||||
|
@ -192,7 +193,7 @@ index 680506f..081406a 100644
|
|||
}
|
||||
if (next->anon_vma)
|
||||
anon_vma_merge(vma, next);
|
||||
@@ -1746,8 +1746,8 @@ unsigned long mmap_region(struct file *file, unsigned long addr,
|
||||
@@ -1761,8 +1761,8 @@ unsigned long mmap_region(struct file *file, unsigned long addr,
|
||||
return addr;
|
||||
|
||||
unmap_and_free_vma:
|
||||
|
@ -202,7 +203,7 @@ index 680506f..081406a 100644
|
|||
|
||||
/* Undo any partial mapping done by a device driver. */
|
||||
unmap_region(mm, vma, prev, vma->vm_start, vma->vm_end);
|
||||
@@ -2569,7 +2569,7 @@ int __split_vma(struct mm_struct *mm, struct vm_area_struct *vma,
|
||||
@@ -2586,7 +2586,7 @@ int __split_vma(struct mm_struct *mm, struct vm_area_struct *vma,
|
||||
goto out_free_mpol;
|
||||
|
||||
if (new->vm_file)
|
||||
|
@ -211,7 +212,7 @@ index 680506f..081406a 100644
|
|||
|
||||
if (new->vm_ops && new->vm_ops->open)
|
||||
new->vm_ops->open(new);
|
||||
@@ -2588,7 +2588,7 @@ int __split_vma(struct mm_struct *mm, struct vm_area_struct *vma,
|
||||
@@ -2605,7 +2605,7 @@ int __split_vma(struct mm_struct *mm, struct vm_area_struct *vma,
|
||||
if (new->vm_ops && new->vm_ops->close)
|
||||
new->vm_ops->close(new);
|
||||
if (new->vm_file)
|
||||
|
@ -220,7 +221,7 @@ index 680506f..081406a 100644
|
|||
unlink_anon_vmas(new);
|
||||
out_free_mpol:
|
||||
mpol_put(vma_policy(new));
|
||||
@@ -2750,7 +2750,7 @@ SYSCALL_DEFINE5(remap_file_pages, unsigned long, start, unsigned long, size,
|
||||
@@ -2767,7 +2767,7 @@ SYSCALL_DEFINE5(remap_file_pages, unsigned long, start, unsigned long, size,
|
||||
struct vm_area_struct *vma;
|
||||
unsigned long populate = 0;
|
||||
unsigned long ret = -EINVAL;
|
||||
|
@ -229,7 +230,7 @@ index 680506f..081406a 100644
|
|||
|
||||
pr_warn_once("%s (%d) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.txt.\n",
|
||||
current->comm, current->pid);
|
||||
@@ -2825,10 +2825,27 @@ SYSCALL_DEFINE5(remap_file_pages, unsigned long, start, unsigned long, size,
|
||||
@@ -2842,10 +2842,27 @@ SYSCALL_DEFINE5(remap_file_pages, unsigned long, start, unsigned long, size,
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -258,7 +259,7 @@ index 680506f..081406a 100644
|
|||
out:
|
||||
up_write(&mm->mmap_sem);
|
||||
if (populate)
|
||||
@@ -3136,7 +3153,7 @@ struct vm_area_struct *copy_vma(struct vm_area_struct **vmap,
|
||||
@@ -3153,7 +3170,7 @@ struct vm_area_struct *copy_vma(struct vm_area_struct **vmap,
|
||||
if (anon_vma_clone(new_vma, vma))
|
||||
goto out_free_mempol;
|
||||
if (new_vma->vm_file)
|
||||
|
@ -313,11 +314,12 @@ index 17c00d9..4bcdf94 100644
|
|||
|
||||
diff --git a/mm/prfile.c b/mm/prfile.c
|
||||
new file mode 100644
|
||||
index 0000000..1ef053b
|
||||
index 0000000..3f56669
|
||||
--- /dev/null
|
||||
+++ b/mm/prfile.c
|
||||
@@ -0,0 +1,85 @@
|
||||
@@ -0,0 +1,86 @@
|
||||
+/*
|
||||
+ * SPDX-License-Identifier: GPL-2.0
|
||||
+ * Mainly for aufs which mmap(2) different file and wants to print different
|
||||
+ * path in /proc/PID/maps.
|
||||
+ * Call these functions via macros defined in linux/mm.h.
|
||||
|
|
|
@ -1,16 +1,19 @@
|
|||
From: J. R. Okajima <hooanon05@yahoo.co.jp>
|
||||
Date: Thu Nov 16 10:20:27 2017 +0900
|
||||
Subject: aufs4.14 standalone patch
|
||||
Origin: https://github.com/sfjro/aufs4-standalone/tree/bf518fb574cee10c6112f0e9ca5c67b277426630
|
||||
Date: Sat Dec 16 15:29:33 2017 +0900
|
||||
Subject: SPDX-License-Identifier: GPL-2.0
|
||||
Origin: https://github.com/sfjro/aufs4-standalone/tree/8b9c1be851f351af1104f55952e211ae541695ee
|
||||
Bug-Debian: https://bugs.debian.org/541828
|
||||
|
||||
Patch headers added by debian/patches/features/all/aufs4/gen-patch
|
||||
|
||||
aufs4.14 standalone patch
|
||||
SPDX-License-Identifier: GPL-2.0
|
||||
aufs4.x-rcN standalone patch
|
||||
|
||||
diff --git a/fs/dcache.c b/fs/dcache.c
|
||||
index 019f14b..10c1a6d 100644
|
||||
--- a/fs/dcache.c
|
||||
+++ b/fs/dcache.c
|
||||
@@ -1305,6 +1305,7 @@ rename_retry:
|
||||
@@ -1305,6 +1305,7 @@ void d_walk(struct dentry *parent, void *data,
|
||||
seq = 1;
|
||||
goto again;
|
||||
}
|
||||
|
@ -18,7 +21,7 @@ aufs4.14 standalone patch
|
|||
|
||||
struct check_mount {
|
||||
struct vfsmount *mnt;
|
||||
@@ -2894,6 +2895,7 @@ void d_exchange(struct dentry *dentry1,
|
||||
@@ -2892,6 +2893,7 @@ void d_exchange(struct dentry *dentry1, struct dentry *dentry2)
|
||||
|
||||
write_sequnlock(&rename_lock);
|
||||
}
|
||||
|
@ -26,9 +29,11 @@ aufs4.14 standalone patch
|
|||
|
||||
/**
|
||||
* d_ancestor - search for an ancestor
|
||||
diff --git a/fs/exec.c b/fs/exec.c
|
||||
index 6be2aa0..1e003f9 100644
|
||||
--- a/fs/exec.c
|
||||
+++ b/fs/exec.c
|
||||
@@ -109,6 +109,7 @@ bool path_noexec(const struct path *path
|
||||
@@ -109,6 +109,7 @@ bool path_noexec(const struct path *path)
|
||||
return (path->mnt->mnt_flags & MNT_NOEXEC) ||
|
||||
(path->mnt->mnt_sb->s_iflags & SB_I_NOEXEC);
|
||||
}
|
||||
|
@ -36,9 +41,11 @@ aufs4.14 standalone patch
|
|||
|
||||
#ifdef CONFIG_USELIB
|
||||
/*
|
||||
diff --git a/fs/fcntl.c b/fs/fcntl.c
|
||||
index 74c255d..ec53ee1 100644
|
||||
--- a/fs/fcntl.c
|
||||
+++ b/fs/fcntl.c
|
||||
@@ -85,6 +85,7 @@ int setfl(int fd, struct file * filp, un
|
||||
@@ -85,6 +85,7 @@ int setfl(int fd, struct file * filp, unsigned long arg)
|
||||
out:
|
||||
return error;
|
||||
}
|
||||
|
@ -46,9 +53,11 @@ aufs4.14 standalone patch
|
|||
|
||||
static void f_modown(struct file *filp, struct pid *pid, enum pid_type type,
|
||||
int force)
|
||||
diff --git a/fs/file_table.c b/fs/file_table.c
|
||||
index 2dc9f38..7bf57df 100644
|
||||
--- a/fs/file_table.c
|
||||
+++ b/fs/file_table.c
|
||||
@@ -148,6 +148,7 @@ over:
|
||||
@@ -148,6 +148,7 @@ struct file *get_empty_filp(void)
|
||||
}
|
||||
return ERR_PTR(-ENFILE);
|
||||
}
|
||||
|
@ -80,9 +89,11 @@ aufs4.14 standalone patch
|
|||
|
||||
void __init files_init(void)
|
||||
{
|
||||
diff --git a/fs/inode.c b/fs/inode.c
|
||||
index 517883c..5cece5e 100644
|
||||
--- a/fs/inode.c
|
||||
+++ b/fs/inode.c
|
||||
@@ -1664,6 +1664,7 @@ int update_time(struct inode *inode, str
|
||||
@@ -1664,6 +1664,7 @@ int update_time(struct inode *inode, struct timespec *time, int flags)
|
||||
|
||||
return update_time(inode, time, flags);
|
||||
}
|
||||
|
@ -90,9 +101,11 @@ aufs4.14 standalone patch
|
|||
|
||||
/**
|
||||
* touch_atime - update the access time
|
||||
diff --git a/fs/namespace.c b/fs/namespace.c
|
||||
index 312bdbd8..a5baeb5 100644
|
||||
--- a/fs/namespace.c
|
||||
+++ b/fs/namespace.c
|
||||
@@ -517,6 +517,7 @@ void __mnt_drop_write(struct vfsmount *m
|
||||
@@ -517,6 +517,7 @@ void __mnt_drop_write(struct vfsmount *mnt)
|
||||
mnt_dec_writers(real_mount(mnt));
|
||||
preempt_enable();
|
||||
}
|
||||
|
@ -100,7 +113,7 @@ aufs4.14 standalone patch
|
|||
|
||||
/**
|
||||
* mnt_drop_write - give up write access to a mount
|
||||
@@ -851,6 +852,7 @@ int is_current_mnt_ns(struct vfsmount *m
|
||||
@@ -851,6 +852,7 @@ int is_current_mnt_ns(struct vfsmount *mnt)
|
||||
{
|
||||
return check_mnt(real_mount(mnt));
|
||||
}
|
||||
|
@ -108,7 +121,7 @@ aufs4.14 standalone patch
|
|||
|
||||
/*
|
||||
* vfsmount lock must be held for write
|
||||
@@ -1887,6 +1889,7 @@ int iterate_mounts(int (*f)(struct vfsmo
|
||||
@@ -1887,6 +1889,7 @@ int iterate_mounts(int (*f)(struct vfsmount *, void *), void *arg,
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
@ -116,6 +129,8 @@ aufs4.14 standalone patch
|
|||
|
||||
static void cleanup_group_ids(struct mount *mnt, struct mount *end)
|
||||
{
|
||||
diff --git a/fs/notify/group.c b/fs/notify/group.c
|
||||
index b7a4b6a..5a69d60 100644
|
||||
--- a/fs/notify/group.c
|
||||
+++ b/fs/notify/group.c
|
||||
@@ -22,6 +22,7 @@
|
||||
|
@ -126,23 +141,23 @@ aufs4.14 standalone patch
|
|||
|
||||
#include <linux/fsnotify_backend.h>
|
||||
#include "fsnotify.h"
|
||||
@@ -109,6 +110,7 @@ void fsnotify_get_group(struct fsnotify_
|
||||
@@ -109,6 +110,7 @@ void fsnotify_get_group(struct fsnotify_group *group)
|
||||
{
|
||||
atomic_inc(&group->refcnt);
|
||||
refcount_inc(&group->refcnt);
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(fsnotify_get_group);
|
||||
|
||||
/*
|
||||
* Drop a reference to a group. Free it if it's through.
|
||||
@@ -118,6 +120,7 @@ void fsnotify_put_group(struct fsnotify_
|
||||
if (atomic_dec_and_test(&group->refcnt))
|
||||
@@ -118,6 +120,7 @@ void fsnotify_put_group(struct fsnotify_group *group)
|
||||
if (refcount_dec_and_test(&group->refcnt))
|
||||
fsnotify_final_destroy_group(group);
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(fsnotify_put_group);
|
||||
|
||||
/*
|
||||
* Create a new fsnotify_group and hold a reference for the group returned.
|
||||
@@ -147,6 +150,7 @@ struct fsnotify_group *fsnotify_alloc_gr
|
||||
@@ -147,6 +150,7 @@ struct fsnotify_group *fsnotify_alloc_group(const struct fsnotify_ops *ops)
|
||||
|
||||
return group;
|
||||
}
|
||||
|
@ -150,17 +165,19 @@ aufs4.14 standalone patch
|
|||
|
||||
int fsnotify_fasync(int fd, struct file *file, int on)
|
||||
{
|
||||
diff --git a/fs/notify/mark.c b/fs/notify/mark.c
|
||||
index e9191b4..1f8ccfa 100644
|
||||
--- a/fs/notify/mark.c
|
||||
+++ b/fs/notify/mark.c
|
||||
@@ -245,6 +245,7 @@ void fsnotify_put_mark(struct fsnotify_m
|
||||
queue_delayed_work(system_unbound_wq, &reaper_work,
|
||||
FSNOTIFY_REAPER_DELAY);
|
||||
@@ -108,6 +108,7 @@ void fsnotify_get_mark(struct fsnotify_mark *mark)
|
||||
WARN_ON_ONCE(!refcount_read(&mark->refcnt));
|
||||
refcount_inc(&mark->refcnt);
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(fsnotify_put_mark);
|
||||
|
||||
/*
|
||||
* Get mark reference when we found the mark via lockless traversal of object
|
||||
@@ -392,6 +393,7 @@ void fsnotify_destroy_mark(struct fsnoti
|
||||
static void __fsnotify_recalc_mask(struct fsnotify_mark_connector *conn)
|
||||
{
|
||||
@@ -392,6 +393,7 @@ void fsnotify_destroy_mark(struct fsnotify_mark *mark,
|
||||
mutex_unlock(&group->mark_mutex);
|
||||
fsnotify_free_mark(mark);
|
||||
}
|
||||
|
@ -168,7 +185,7 @@ aufs4.14 standalone patch
|
|||
|
||||
/*
|
||||
* Sorting function for lists of fsnotify marks.
|
||||
@@ -604,6 +606,7 @@ err:
|
||||
@@ -606,6 +608,7 @@ int fsnotify_add_mark_locked(struct fsnotify_mark *mark, struct inode *inode,
|
||||
fsnotify_put_mark(mark);
|
||||
return ret;
|
||||
}
|
||||
|
@ -176,7 +193,7 @@ aufs4.14 standalone patch
|
|||
|
||||
int fsnotify_add_mark(struct fsnotify_mark *mark, struct inode *inode,
|
||||
struct vfsmount *mnt, int allow_dups)
|
||||
@@ -739,6 +742,7 @@ void fsnotify_init_mark(struct fsnotify_
|
||||
@@ -741,6 +744,7 @@ void fsnotify_init_mark(struct fsnotify_mark *mark,
|
||||
fsnotify_get_group(group);
|
||||
mark->group = group;
|
||||
}
|
||||
|
@ -184,9 +201,11 @@ aufs4.14 standalone patch
|
|||
|
||||
/*
|
||||
* Destroy all marks in destroy_list, waits for SRCU period to finish before
|
||||
diff --git a/fs/open.c b/fs/open.c
|
||||
index 7ea1184..6e2e241 100644
|
||||
--- a/fs/open.c
|
||||
+++ b/fs/open.c
|
||||
@@ -64,6 +64,7 @@ int do_truncate(struct dentry *dentry, l
|
||||
@@ -64,6 +64,7 @@ int do_truncate(struct dentry *dentry, loff_t length, unsigned int time_attrs,
|
||||
inode_unlock(dentry->d_inode);
|
||||
return ret;
|
||||
}
|
||||
|
@ -202,9 +221,11 @@ aufs4.14 standalone patch
|
|||
|
||||
static int do_dentry_open(struct file *f,
|
||||
struct inode *inode,
|
||||
diff --git a/fs/read_write.c b/fs/read_write.c
|
||||
index 0a5c47b..d423a5f 100644
|
||||
--- a/fs/read_write.c
|
||||
+++ b/fs/read_write.c
|
||||
@@ -454,6 +454,7 @@ ssize_t vfs_read(struct file *file, char
|
||||
@@ -454,6 +454,7 @@ ssize_t vfs_read(struct file *file, char __user *buf, size_t count, loff_t *pos)
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
@ -220,7 +241,7 @@ aufs4.14 standalone patch
|
|||
|
||||
vfs_writef_t vfs_writef(struct file *file)
|
||||
{
|
||||
@@ -505,6 +507,7 @@ vfs_writef_t vfs_writef(struct file *fil
|
||||
@@ -505,6 +507,7 @@ vfs_writef_t vfs_writef(struct file *file)
|
||||
return new_sync_write;
|
||||
return ERR_PTR(-ENOSYS);
|
||||
}
|
||||
|
@ -228,7 +249,7 @@ aufs4.14 standalone patch
|
|||
|
||||
ssize_t __kernel_write(struct file *file, const void *buf, size_t count, loff_t *pos)
|
||||
{
|
||||
@@ -574,6 +577,7 @@ ssize_t vfs_write(struct file *file, con
|
||||
@@ -574,6 +577,7 @@ ssize_t vfs_write(struct file *file, const char __user *buf, size_t count, loff_
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
@ -236,9 +257,11 @@ aufs4.14 standalone patch
|
|||
|
||||
static inline loff_t file_pos_read(struct file *file)
|
||||
{
|
||||
diff --git a/fs/splice.c b/fs/splice.c
|
||||
index c5fb195..ce01a74 100644
|
||||
--- a/fs/splice.c
|
||||
+++ b/fs/splice.c
|
||||
@@ -850,6 +850,7 @@ long do_splice_from(struct pipe_inode_in
|
||||
@@ -850,6 +850,7 @@ long do_splice_from(struct pipe_inode_info *pipe, struct file *out,
|
||||
|
||||
return splice_write(pipe, out, ppos, len, flags);
|
||||
}
|
||||
|
@ -246,7 +269,7 @@ aufs4.14 standalone patch
|
|||
|
||||
/*
|
||||
* Attempt to initiate a splice from a file to a pipe.
|
||||
@@ -879,6 +880,7 @@ long do_splice_to(struct file *in, loff_
|
||||
@@ -879,6 +880,7 @@ long do_splice_to(struct file *in, loff_t *ppos,
|
||||
|
||||
return splice_read(in, ppos, pipe, len, flags);
|
||||
}
|
||||
|
@ -254,9 +277,11 @@ aufs4.14 standalone patch
|
|||
|
||||
/**
|
||||
* splice_direct_to_actor - splices data directly between two non-pipes
|
||||
diff --git a/fs/sync.c b/fs/sync.c
|
||||
index a6891ee..47a78bd 100644
|
||||
--- a/fs/sync.c
|
||||
+++ b/fs/sync.c
|
||||
@@ -39,6 +39,7 @@ int __sync_filesystem(struct super_block
|
||||
@@ -39,6 +39,7 @@ int __sync_filesystem(struct super_block *sb, int wait)
|
||||
sb->s_op->sync_fs(sb, wait);
|
||||
return __sync_blockdev(sb->s_bdev, wait);
|
||||
}
|
||||
|
@ -264,9 +289,11 @@ aufs4.14 standalone patch
|
|||
|
||||
/*
|
||||
* Write out and wait upon all dirty data associated with this
|
||||
diff --git a/fs/xattr.c b/fs/xattr.c
|
||||
index 61cd28b..35570cd 100644
|
||||
--- a/fs/xattr.c
|
||||
+++ b/fs/xattr.c
|
||||
@@ -297,6 +297,7 @@ vfs_getxattr_alloc(struct dentry *dentry
|
||||
@@ -297,6 +297,7 @@ vfs_getxattr_alloc(struct dentry *dentry, const char *name, char **xattr_value,
|
||||
*xattr_value = value;
|
||||
return error;
|
||||
}
|
||||
|
@ -274,9 +301,11 @@ aufs4.14 standalone patch
|
|||
|
||||
ssize_t
|
||||
__vfs_getxattr(struct dentry *dentry, struct inode *inode, const char *name,
|
||||
diff --git a/kernel/locking/lockdep.c b/kernel/locking/lockdep.c
|
||||
index 2cd0282..af59768 100644
|
||||
--- a/kernel/locking/lockdep.c
|
||||
+++ b/kernel/locking/lockdep.c
|
||||
@@ -155,6 +155,7 @@ inline struct lock_class *lockdep_hlock_
|
||||
@@ -167,6 +167,7 @@ inline struct lock_class *lockdep_hlock_class(struct held_lock *hlock)
|
||||
}
|
||||
return lock_classes + hlock->class_idx - 1;
|
||||
}
|
||||
|
@ -284,6 +313,8 @@ aufs4.14 standalone patch
|
|||
#define hlock_class(hlock) lockdep_hlock_class(hlock)
|
||||
|
||||
#ifdef CONFIG_LOCK_STAT
|
||||
diff --git a/kernel/task_work.c b/kernel/task_work.c
|
||||
index 0fef395..83fb1ec 100644
|
||||
--- a/kernel/task_work.c
|
||||
+++ b/kernel/task_work.c
|
||||
@@ -116,3 +116,4 @@ void task_work_run(void)
|
||||
|
@ -291,9 +322,11 @@ aufs4.14 standalone patch
|
|||
}
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(task_work_run);
|
||||
diff --git a/security/commoncap.c b/security/commoncap.c
|
||||
index 4f8e093..f1e0544 100644
|
||||
--- a/security/commoncap.c
|
||||
+++ b/security/commoncap.c
|
||||
@@ -1270,12 +1270,14 @@ int cap_mmap_addr(unsigned long addr)
|
||||
@@ -1333,12 +1333,14 @@ int cap_mmap_addr(unsigned long addr)
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
@ -308,6 +341,8 @@ aufs4.14 standalone patch
|
|||
|
||||
#ifdef CONFIG_SECURITY
|
||||
|
||||
diff --git a/security/device_cgroup.c b/security/device_cgroup.c
|
||||
index c65b39b..e363d22 100644
|
||||
--- a/security/device_cgroup.c
|
||||
+++ b/security/device_cgroup.c
|
||||
@@ -8,6 +8,7 @@
|
||||
|
@ -318,17 +353,16 @@ aufs4.14 standalone patch
|
|||
#include <linux/list.h>
|
||||
#include <linux/uaccess.h>
|
||||
#include <linux/seq_file.h>
|
||||
@@ -850,6 +851,7 @@ int __devcgroup_inode_permission(struct
|
||||
return __devcgroup_check_permission(type, imajor(inode), iminor(inode),
|
||||
access);
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(__devcgroup_inode_permission);
|
||||
@@ -824,3 +825,4 @@ int __devcgroup_check_permission(short type, u32 major, u32 minor,
|
||||
|
||||
int devcgroup_inode_mknod(int mode, dev_t dev)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(__devcgroup_check_permission);
|
||||
diff --git a/security/security.c b/security/security.c
|
||||
index 1cd8526..f2e4736 100644
|
||||
--- a/security/security.c
|
||||
+++ b/security/security.c
|
||||
@@ -530,6 +530,7 @@ int security_path_rmdir(const struct pat
|
||||
@@ -531,6 +531,7 @@ int security_path_rmdir(const struct path *dir, struct dentry *dentry)
|
||||
return 0;
|
||||
return call_int_hook(path_rmdir, 0, dir, dentry);
|
||||
}
|
||||
|
@ -336,7 +370,7 @@ aufs4.14 standalone patch
|
|||
|
||||
int security_path_unlink(const struct path *dir, struct dentry *dentry)
|
||||
{
|
||||
@@ -546,6 +547,7 @@ int security_path_symlink(const struct p
|
||||
@@ -547,6 +548,7 @@ int security_path_symlink(const struct path *dir, struct dentry *dentry,
|
||||
return 0;
|
||||
return call_int_hook(path_symlink, 0, dir, dentry, old_name);
|
||||
}
|
||||
|
@ -344,7 +378,7 @@ aufs4.14 standalone patch
|
|||
|
||||
int security_path_link(struct dentry *old_dentry, const struct path *new_dir,
|
||||
struct dentry *new_dentry)
|
||||
@@ -554,6 +556,7 @@ int security_path_link(struct dentry *ol
|
||||
@@ -555,6 +557,7 @@ int security_path_link(struct dentry *old_dentry, const struct path *new_dir,
|
||||
return 0;
|
||||
return call_int_hook(path_link, 0, old_dentry, new_dir, new_dentry);
|
||||
}
|
||||
|
@ -352,7 +386,7 @@ aufs4.14 standalone patch
|
|||
|
||||
int security_path_rename(const struct path *old_dir, struct dentry *old_dentry,
|
||||
const struct path *new_dir, struct dentry *new_dentry,
|
||||
@@ -581,6 +584,7 @@ int security_path_truncate(const struct
|
||||
@@ -582,6 +585,7 @@ int security_path_truncate(const struct path *path)
|
||||
return 0;
|
||||
return call_int_hook(path_truncate, 0, path);
|
||||
}
|
||||
|
@ -360,7 +394,7 @@ aufs4.14 standalone patch
|
|||
|
||||
int security_path_chmod(const struct path *path, umode_t mode)
|
||||
{
|
||||
@@ -588,6 +592,7 @@ int security_path_chmod(const struct pat
|
||||
@@ -589,6 +593,7 @@ int security_path_chmod(const struct path *path, umode_t mode)
|
||||
return 0;
|
||||
return call_int_hook(path_chmod, 0, path, mode);
|
||||
}
|
||||
|
@ -368,7 +402,7 @@ aufs4.14 standalone patch
|
|||
|
||||
int security_path_chown(const struct path *path, kuid_t uid, kgid_t gid)
|
||||
{
|
||||
@@ -595,6 +600,7 @@ int security_path_chown(const struct pat
|
||||
@@ -596,6 +601,7 @@ int security_path_chown(const struct path *path, kuid_t uid, kgid_t gid)
|
||||
return 0;
|
||||
return call_int_hook(path_chown, 0, path, uid, gid);
|
||||
}
|
||||
|
@ -376,7 +410,7 @@ aufs4.14 standalone patch
|
|||
|
||||
int security_path_chroot(const struct path *path)
|
||||
{
|
||||
@@ -680,6 +686,7 @@ int security_inode_readlink(struct dentr
|
||||
@@ -681,6 +687,7 @@ int security_inode_readlink(struct dentry *dentry)
|
||||
return 0;
|
||||
return call_int_hook(inode_readlink, 0, dentry);
|
||||
}
|
||||
|
@ -384,7 +418,7 @@ aufs4.14 standalone patch
|
|||
|
||||
int security_inode_follow_link(struct dentry *dentry, struct inode *inode,
|
||||
bool rcu)
|
||||
@@ -695,6 +702,7 @@ int security_inode_permission(struct ino
|
||||
@@ -696,6 +703,7 @@ int security_inode_permission(struct inode *inode, int mask)
|
||||
return 0;
|
||||
return call_int_hook(inode_permission, 0, inode, mask);
|
||||
}
|
||||
|
@ -392,7 +426,7 @@ aufs4.14 standalone patch
|
|||
|
||||
int security_inode_setattr(struct dentry *dentry, struct iattr *attr)
|
||||
{
|
||||
@@ -866,6 +874,7 @@ int security_file_permission(struct file
|
||||
@@ -867,6 +875,7 @@ int security_file_permission(struct file *file, int mask)
|
||||
|
||||
return fsnotify_perm(file, mask);
|
||||
}
|
||||
|
@ -400,7 +434,7 @@ aufs4.14 standalone patch
|
|||
|
||||
int security_file_alloc(struct file *file)
|
||||
{
|
||||
@@ -925,6 +934,7 @@ int security_mmap_file(struct file *file
|
||||
@@ -926,6 +935,7 @@ int security_mmap_file(struct file *file, unsigned long prot,
|
||||
return ret;
|
||||
return ima_file_mmap(file, prot);
|
||||
}
|
||||
|
|
165
debian/patches/features/all/lockdown/0001-Add-the-ability-to-lock-down-access-to-the-running-k.patch
vendored
Normal file
165
debian/patches/features/all/lockdown/0001-Add-the-ability-to-lock-down-access-to-the-running-k.patch
vendored
Normal file
|
@ -0,0 +1,165 @@
|
|||
From: David Howells <dhowells@redhat.com>
|
||||
Date: Wed, 8 Nov 2017 15:11:31 +0000
|
||||
Subject: [01/29] Add the ability to lock down access to the running kernel
|
||||
image
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=6d350e2534bfaaaa3e523484b2ca44d22377e951
|
||||
|
||||
Provide a single call to allow kernel code to determine whether the system
|
||||
should be locked down, thereby disallowing various accesses that might
|
||||
allow the running kernel image to be changed including the loading of
|
||||
modules that aren't validly signed with a key we recognise, fiddling with
|
||||
MSR registers and disallowing hibernation,
|
||||
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
Acked-by: James Morris <james.l.morris@oracle.com>
|
||||
---
|
||||
include/linux/kernel.h | 17 ++++++++++++++
|
||||
include/linux/security.h | 8 +++++++
|
||||
security/Kconfig | 8 +++++++
|
||||
security/Makefile | 3 +++
|
||||
security/lock_down.c | 60 ++++++++++++++++++++++++++++++++++++++++++++++++
|
||||
5 files changed, 96 insertions(+)
|
||||
create mode 100644 security/lock_down.c
|
||||
|
||||
diff --git a/include/linux/kernel.h b/include/linux/kernel.h
|
||||
index 0ad4c3044cf9..362da2e4bf53 100644
|
||||
--- a/include/linux/kernel.h
|
||||
+++ b/include/linux/kernel.h
|
||||
@@ -287,6 +287,23 @@ static inline void refcount_error_report(struct pt_regs *regs, const char *err)
|
||||
{ }
|
||||
#endif
|
||||
|
||||
+#ifdef CONFIG_LOCK_DOWN_KERNEL
|
||||
+extern bool __kernel_is_locked_down(const char *what, bool first);
|
||||
+#else
|
||||
+static inline bool __kernel_is_locked_down(const char *what, bool first)
|
||||
+{
|
||||
+ return false;
|
||||
+}
|
||||
+#endif
|
||||
+
|
||||
+#define kernel_is_locked_down(what) \
|
||||
+ ({ \
|
||||
+ static bool message_given; \
|
||||
+ bool locked_down = __kernel_is_locked_down(what, !message_given); \
|
||||
+ message_given = true; \
|
||||
+ locked_down; \
|
||||
+ })
|
||||
+
|
||||
/* Internal, do not use. */
|
||||
int __must_check _kstrtoul(const char *s, unsigned int base, unsigned long *res);
|
||||
int __must_check _kstrtol(const char *s, unsigned int base, long *res);
|
||||
diff --git a/include/linux/security.h b/include/linux/security.h
|
||||
index ce6265960d6c..310775476b68 100644
|
||||
--- a/include/linux/security.h
|
||||
+++ b/include/linux/security.h
|
||||
@@ -1753,5 +1753,13 @@ static inline void free_secdata(void *secdata)
|
||||
{ }
|
||||
#endif /* CONFIG_SECURITY */
|
||||
|
||||
+#ifdef CONFIG_LOCK_DOWN_KERNEL
|
||||
+extern void __init init_lockdown(void);
|
||||
+#else
|
||||
+static inline void __init init_lockdown(void)
|
||||
+{
|
||||
+}
|
||||
+#endif
|
||||
+
|
||||
#endif /* ! __LINUX_SECURITY_H */
|
||||
|
||||
diff --git a/security/Kconfig b/security/Kconfig
|
||||
index e8e449444e65..8e01fd59ae7e 100644
|
||||
--- a/security/Kconfig
|
||||
+++ b/security/Kconfig
|
||||
@@ -205,6 +205,14 @@ config STATIC_USERMODEHELPER_PATH
|
||||
If you wish for all usermode helper programs to be disabled,
|
||||
specify an empty string here (i.e. "").
|
||||
|
||||
+config LOCK_DOWN_KERNEL
|
||||
+ bool "Allow the kernel to be 'locked down'"
|
||||
+ help
|
||||
+ Allow the kernel to be locked down under certain circumstances, for
|
||||
+ instance if UEFI secure boot is enabled. Locking down the kernel
|
||||
+ turns off various features that might otherwise allow access to the
|
||||
+ kernel image (eg. setting MSR registers).
|
||||
+
|
||||
source security/selinux/Kconfig
|
||||
source security/smack/Kconfig
|
||||
source security/tomoyo/Kconfig
|
||||
diff --git a/security/Makefile b/security/Makefile
|
||||
index f2d71cdb8e19..8c4a43e3d4e0 100644
|
||||
--- a/security/Makefile
|
||||
+++ b/security/Makefile
|
||||
@@ -29,3 +29,6 @@ obj-$(CONFIG_CGROUP_DEVICE) += device_cgroup.o
|
||||
# Object integrity file lists
|
||||
subdir-$(CONFIG_INTEGRITY) += integrity
|
||||
obj-$(CONFIG_INTEGRITY) += integrity/
|
||||
+
|
||||
+# Allow the kernel to be locked down
|
||||
+obj-$(CONFIG_LOCK_DOWN_KERNEL) += lock_down.o
|
||||
diff --git a/security/lock_down.c b/security/lock_down.c
|
||||
new file mode 100644
|
||||
index 000000000000..d8595c0e6673
|
||||
--- /dev/null
|
||||
+++ b/security/lock_down.c
|
||||
@@ -0,0 +1,60 @@
|
||||
+/* Lock down the kernel
|
||||
+ *
|
||||
+ * Copyright (C) 2016 Red Hat, Inc. All Rights Reserved.
|
||||
+ * Written by David Howells (dhowells@redhat.com)
|
||||
+ *
|
||||
+ * This program is free software; you can redistribute it and/or
|
||||
+ * modify it under the terms of the GNU General Public Licence
|
||||
+ * as published by the Free Software Foundation; either version
|
||||
+ * 2 of the Licence, or (at your option) any later version.
|
||||
+ */
|
||||
+
|
||||
+#include <linux/security.h>
|
||||
+#include <linux/export.h>
|
||||
+
|
||||
+static __ro_after_init bool kernel_locked_down;
|
||||
+
|
||||
+/*
|
||||
+ * Put the kernel into lock-down mode.
|
||||
+ */
|
||||
+static void __init lock_kernel_down(const char *where)
|
||||
+{
|
||||
+ if (!kernel_locked_down) {
|
||||
+ kernel_locked_down = true;
|
||||
+ pr_notice("Kernel is locked down from %s; see man kernel_lockdown.7\n",
|
||||
+ where);
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+static int __init lockdown_param(char *ignored)
|
||||
+{
|
||||
+ lock_kernel_down("command line");
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+early_param("lockdown", lockdown_param);
|
||||
+
|
||||
+/*
|
||||
+ * Lock the kernel down from very early in the arch setup. This must happen
|
||||
+ * prior to things like ACPI being initialised.
|
||||
+ */
|
||||
+void __init init_lockdown(void)
|
||||
+{
|
||||
+#ifdef CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT
|
||||
+ if (efi_enabled(EFI_SECURE_BOOT))
|
||||
+ lock_kernel_down("EFI secure boot");
|
||||
+#endif
|
||||
+}
|
||||
+
|
||||
+/**
|
||||
+ * kernel_is_locked_down - Find out if the kernel is locked down
|
||||
+ * @what: Tag to use in notice generated if lockdown is in effect
|
||||
+ */
|
||||
+bool __kernel_is_locked_down(const char *what, bool first)
|
||||
+{
|
||||
+ if (what && first && kernel_locked_down)
|
||||
+ pr_notice("Lockdown: %s is restricted; see man kernel_lockdown.7\n",
|
||||
+ what);
|
||||
+ return kernel_locked_down;
|
||||
+}
|
||||
+EXPORT_SYMBOL(__kernel_is_locked_down);
|
|
@ -1,103 +1,55 @@
|
|||
From: Kyle McMartin <kyle@redhat.com>
|
||||
Date: Wed, 5 Apr 2017 17:40:30 +0100
|
||||
Subject: [43/61] Add a sysrq option to exit secure boot mode
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=e26d9e1cb0218082265875505edc284a63385010
|
||||
Date: Wed, 8 Nov 2017 15:11:31 +0000
|
||||
Subject: [02/29] Add a SysRq option to lift kernel lockdown
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=47a04d29e952d4dd896f2ec4c2ecee6971ab364d
|
||||
|
||||
Make sysrq+x exit secure boot mode on x86_64, thereby allowing the running
|
||||
kernel image to be modified. This lifts the lockdown.
|
||||
Make an option to provide a sysrq key that will lift the kernel lockdown,
|
||||
thereby allowing the running kernel image to be accessed and modified.
|
||||
|
||||
On x86 this is triggered with SysRq+x, but this key may not be available on
|
||||
all arches, so it is set by setting LOCKDOWN_LIFT_KEY in asm/setup.h.
|
||||
Since this macro must be defined in an arch to be able to use this facility
|
||||
for that arch, the Kconfig option is restricted to arches that support it.
|
||||
|
||||
Signed-off-by: Kyle McMartin <kyle@redhat.com>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
[bwh: For 4.12, adjust context]
|
||||
cc: x86@kernel.org
|
||||
[bwh: Forward-ported to 4.15]
|
||||
---
|
||||
arch/x86/Kconfig | 10 ++++++++++
|
||||
arch/x86/kernel/setup.c | 31 +++++++++++++++++++++++++++++++
|
||||
drivers/input/misc/uinput.c | 1 +
|
||||
drivers/tty/sysrq.c | 19 +++++++++++++------
|
||||
include/linux/input.h | 5 +++++
|
||||
include/linux/sysrq.h | 8 +++++++-
|
||||
kernel/debug/kdb/kdb_main.c | 2 +-
|
||||
7 files changed, 68 insertions(+), 8 deletions(-)
|
||||
arch/x86/include/asm/setup.h | 2 ++
|
||||
drivers/input/misc/uinput.c | 1 +
|
||||
drivers/tty/sysrq.c | 19 ++++++++++++------
|
||||
include/linux/input.h | 5 +++++
|
||||
include/linux/sysrq.h | 8 +++++++-
|
||||
kernel/debug/kdb/kdb_main.c | 2 +-
|
||||
security/Kconfig | 10 ++++++++++
|
||||
security/lock_down.c | 47 ++++++++++++++++++++++++++++++++++++++++++++
|
||||
8 files changed, 86 insertions(+), 8 deletions(-)
|
||||
|
||||
--- a/arch/x86/Kconfig
|
||||
+++ b/arch/x86/Kconfig
|
||||
@@ -1898,6 +1898,16 @@ config EFI_SECURE_BOOT_LOCK_DOWN
|
||||
image. Say Y here to automatically lock down the kernel when a
|
||||
system boots with UEFI Secure Boot enabled.
|
||||
--- a/arch/x86/include/asm/setup.h
|
||||
+++ b/arch/x86/include/asm/setup.h
|
||||
@@ -9,6 +9,8 @@
|
||||
#include <linux/linkage.h>
|
||||
#include <asm/page_types.h>
|
||||
|
||||
+config EFI_ALLOW_SECURE_BOOT_EXIT
|
||||
+ def_bool n
|
||||
+ depends on EFI_SECURE_BOOT_LOCK_DOWN && MAGIC_SYSRQ
|
||||
+ select ALLOW_LOCKDOWN_LIFT
|
||||
+ prompt "Allow secure boot mode to be exited with SysRq+x on a keyboard"
|
||||
+ ---help---
|
||||
+ Allow secure boot mode to be exited and the kernel lockdown lifted by
|
||||
+ typing SysRq+x on a keyboard attached to the system (not permitted
|
||||
+ through procfs).
|
||||
+#define LOCKDOWN_LIFT_KEY 'x'
|
||||
+
|
||||
config SECCOMP
|
||||
def_bool y
|
||||
prompt "Enable seccomp to safely compute untrusted bytecode"
|
||||
--- a/arch/x86/kernel/setup.c
|
||||
+++ b/arch/x86/kernel/setup.c
|
||||
@@ -72,6 +72,11 @@
|
||||
#include <linux/mem_encrypt.h>
|
||||
#include <linux/security.h>
|
||||
#ifdef __i386__
|
||||
|
||||
+#include <linux/fips.h>
|
||||
+#include <linux/cred.h>
|
||||
+#include <linux/sysrq.h>
|
||||
+#include <linux/init_task.h>
|
||||
+
|
||||
#include <linux/usb/xhci-dbgp.h>
|
||||
#include <video/edid.h>
|
||||
|
||||
@@ -1353,6 +1358,32 @@ void __init i386_reserve_resources(void)
|
||||
|
||||
#endif /* CONFIG_X86_32 */
|
||||
|
||||
+#ifdef CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT
|
||||
+
|
||||
+static void sysrq_handle_secure_boot(int key)
|
||||
+{
|
||||
+ if (!efi_enabled(EFI_SECURE_BOOT))
|
||||
+ return;
|
||||
+
|
||||
+ pr_info("Secure boot disabled\n");
|
||||
+ lift_kernel_lockdown();
|
||||
+}
|
||||
+static struct sysrq_key_op secure_boot_sysrq_op = {
|
||||
+ .handler = sysrq_handle_secure_boot,
|
||||
+ .help_msg = "unSB(x)",
|
||||
+ .action_msg = "Disabling Secure Boot restrictions",
|
||||
+ .enable_mask = SYSRQ_DISABLE_USERSPACE,
|
||||
+};
|
||||
+static int __init secure_boot_sysrq(void)
|
||||
+{
|
||||
+ if (efi_enabled(EFI_SECURE_BOOT))
|
||||
+ register_sysrq_key('x', &secure_boot_sysrq_op);
|
||||
+ return 0;
|
||||
+}
|
||||
+late_initcall(secure_boot_sysrq);
|
||||
+#endif /*CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT*/
|
||||
+
|
||||
+
|
||||
static struct notifier_block kernel_offset_notifier = {
|
||||
.notifier_call = dump_kernel_offset
|
||||
};
|
||||
#include <linux/pfn.h>
|
||||
--- a/drivers/input/misc/uinput.c
|
||||
+++ b/drivers/input/misc/uinput.c
|
||||
@@ -408,6 +408,7 @@ static int uinput_allocate_device(struct
|
||||
if (!udev->dev)
|
||||
return -ENOMEM;
|
||||
@@ -362,6 +362,7 @@ static int uinput_create_device(struct u
|
||||
dev->flush = uinput_dev_flush;
|
||||
}
|
||||
|
||||
+ dev->flags |= INPUTDEV_FLAGS_SYNTHETIC;
|
||||
dev->event = uinput_dev_event;
|
||||
|
||||
+ udev->dev->flags |= INPUTDEV_FLAGS_SYNTHETIC;
|
||||
udev->dev->event = uinput_dev_event;
|
||||
input_set_drvdata(udev->dev, udev);
|
||||
|
||||
--- a/drivers/tty/sysrq.c
|
||||
+++ b/drivers/tty/sysrq.c
|
||||
@@ -481,6 +481,7 @@ static struct sysrq_key_op *sysrq_key_ta
|
||||
@@ -487,6 +487,7 @@ static struct sysrq_key_op *sysrq_key_ta
|
||||
/* x: May be registered on mips for TLB dump */
|
||||
/* x: May be registered on ppc/powerpc for xmon */
|
||||
/* x: May be registered on sparc64 for global PMU dump */
|
||||
|
@ -105,7 +57,7 @@ Signed-off-by: David Howells <dhowells@redhat.com>
|
|||
NULL, /* x */
|
||||
/* y: May be registered on sparc64 for global register dump */
|
||||
NULL, /* y */
|
||||
@@ -524,7 +525,7 @@ static void __sysrq_put_key_op(int key,
|
||||
@@ -530,7 +531,7 @@ static void __sysrq_put_key_op(int key,
|
||||
sysrq_key_table[i] = op_p;
|
||||
}
|
||||
|
||||
|
@ -114,7 +66,7 @@ Signed-off-by: David Howells <dhowells@redhat.com>
|
|||
{
|
||||
struct sysrq_key_op *op_p;
|
||||
int orig_log_level;
|
||||
@@ -544,11 +545,15 @@ void __handle_sysrq(int key, bool check_
|
||||
@@ -550,11 +551,15 @@ void __handle_sysrq(int key, bool check_
|
||||
|
||||
op_p = __sysrq_get_key_op(key);
|
||||
if (op_p) {
|
||||
|
@ -131,7 +83,7 @@ Signed-off-by: David Howells <dhowells@redhat.com>
|
|||
pr_cont("%s\n", op_p->action_msg);
|
||||
console_loglevel = orig_log_level;
|
||||
op_p->handler(key);
|
||||
@@ -580,7 +585,7 @@ void __handle_sysrq(int key, bool check_
|
||||
@@ -586,7 +591,7 @@ void __handle_sysrq(int key, bool check_
|
||||
void handle_sysrq(int key)
|
||||
{
|
||||
if (sysrq_on())
|
||||
|
@ -140,7 +92,7 @@ Signed-off-by: David Howells <dhowells@redhat.com>
|
|||
}
|
||||
EXPORT_SYMBOL(handle_sysrq);
|
||||
|
||||
@@ -661,7 +666,7 @@ static void sysrq_do_reset(unsigned long
|
||||
@@ -667,7 +672,7 @@ static void sysrq_do_reset(struct timer_
|
||||
static void sysrq_handle_reset_request(struct sysrq_state *state)
|
||||
{
|
||||
if (state->reset_requested)
|
||||
|
@ -149,7 +101,7 @@ Signed-off-by: David Howells <dhowells@redhat.com>
|
|||
|
||||
if (sysrq_reset_downtime_ms)
|
||||
mod_timer(&state->keyreset_timer,
|
||||
@@ -812,8 +817,10 @@ static bool sysrq_handle_keypress(struct
|
||||
@@ -818,8 +823,10 @@ static bool sysrq_handle_keypress(struct
|
||||
|
||||
default:
|
||||
if (sysrq->active && value && value != 2) {
|
||||
|
@ -161,7 +113,7 @@ Signed-off-by: David Howells <dhowells@redhat.com>
|
|||
}
|
||||
break;
|
||||
}
|
||||
@@ -1097,7 +1104,7 @@ static ssize_t write_sysrq_trigger(struc
|
||||
@@ -1102,7 +1109,7 @@ static ssize_t write_sysrq_trigger(struc
|
||||
|
||||
if (get_user(c, buf))
|
||||
return -EFAULT;
|
||||
|
@ -200,7 +152,7 @@ Signed-off-by: David Howells <dhowells@redhat.com>
|
|||
*/
|
||||
--- a/include/linux/sysrq.h
|
||||
+++ b/include/linux/sysrq.h
|
||||
@@ -28,6 +28,8 @@
|
||||
@@ -29,6 +29,8 @@
|
||||
#define SYSRQ_ENABLE_BOOT 0x0080
|
||||
#define SYSRQ_ENABLE_RTNICE 0x0100
|
||||
|
||||
|
@ -209,7 +161,7 @@ Signed-off-by: David Howells <dhowells@redhat.com>
|
|||
struct sysrq_key_op {
|
||||
void (*handler)(int);
|
||||
char *help_msg;
|
||||
@@ -42,8 +44,12 @@ struct sysrq_key_op {
|
||||
@@ -43,8 +45,12 @@ struct sysrq_key_op {
|
||||
* are available -- else NULL's).
|
||||
*/
|
||||
|
||||
|
@ -234,3 +186,84 @@ Signed-off-by: David Howells <dhowells@redhat.com>
|
|||
kdb_trap_printk--;
|
||||
|
||||
return 0;
|
||||
--- a/security/Kconfig
|
||||
+++ b/security/Kconfig
|
||||
@@ -222,6 +222,16 @@ config LOCK_DOWN_KERNEL
|
||||
turns off various features that might otherwise allow access to the
|
||||
kernel image (eg. setting MSR registers).
|
||||
|
||||
+config ALLOW_LOCKDOWN_LIFT_BY_SYSRQ
|
||||
+ bool "Allow the kernel lockdown to be lifted by SysRq"
|
||||
+ depends on LOCK_DOWN_KERNEL
|
||||
+ depends on MAGIC_SYSRQ
|
||||
+ depends on X86
|
||||
+ help
|
||||
+ Allow the lockdown on a kernel to be lifted, by pressing a SysRq key
|
||||
+ combination on a wired keyboard.
|
||||
+
|
||||
+
|
||||
source security/selinux/Kconfig
|
||||
source security/smack/Kconfig
|
||||
source security/tomoyo/Kconfig
|
||||
--- a/security/lock_down.c
|
||||
+++ b/security/lock_down.c
|
||||
@@ -11,8 +11,14 @@
|
||||
|
||||
#include <linux/security.h>
|
||||
#include <linux/export.h>
|
||||
+#include <linux/sysrq.h>
|
||||
+#include <asm/setup.h>
|
||||
|
||||
+#ifdef CONFIG_ALLOW_LOCKDOWN_LIFT_BY_SYSRQ
|
||||
+static __read_mostly bool kernel_locked_down;
|
||||
+#else
|
||||
static __ro_after_init bool kernel_locked_down;
|
||||
+#endif
|
||||
|
||||
/*
|
||||
* Put the kernel into lock-down mode.
|
||||
@@ -58,3 +64,44 @@ bool __kernel_is_locked_down(const char
|
||||
return kernel_locked_down;
|
||||
}
|
||||
EXPORT_SYMBOL(__kernel_is_locked_down);
|
||||
+
|
||||
+#ifdef CONFIG_ALLOW_LOCKDOWN_LIFT_BY_SYSRQ
|
||||
+
|
||||
+/*
|
||||
+ * Take the kernel out of lockdown mode.
|
||||
+ */
|
||||
+static void lift_kernel_lockdown(void)
|
||||
+{
|
||||
+ pr_notice("Lifting lockdown\n");
|
||||
+ kernel_locked_down = false;
|
||||
+}
|
||||
+
|
||||
+/*
|
||||
+ * Allow lockdown to be lifted by pressing something like SysRq+x (and not by
|
||||
+ * echoing the appropriate letter into the sysrq-trigger file).
|
||||
+ */
|
||||
+static void sysrq_handle_lockdown_lift(int key)
|
||||
+{
|
||||
+ if (kernel_locked_down)
|
||||
+ lift_kernel_lockdown();
|
||||
+}
|
||||
+
|
||||
+static struct sysrq_key_op lockdown_lift_sysrq_op = {
|
||||
+ .handler = sysrq_handle_lockdown_lift,
|
||||
+ .help_msg = "unSB(x)",
|
||||
+ .action_msg = "Disabling Secure Boot restrictions",
|
||||
+ .enable_mask = SYSRQ_DISABLE_USERSPACE,
|
||||
+};
|
||||
+
|
||||
+static int __init lockdown_lift_sysrq(void)
|
||||
+{
|
||||
+ if (kernel_locked_down) {
|
||||
+ lockdown_lift_sysrq_op.help_msg[5] = LOCKDOWN_LIFT_KEY;
|
||||
+ register_sysrq_key(LOCKDOWN_LIFT_KEY, &lockdown_lift_sysrq_op);
|
||||
+ }
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+late_initcall(lockdown_lift_sysrq);
|
||||
+
|
||||
+#endif /* CONFIG_ALLOW_LOCKDOWN_LIFT_BY_SYSRQ */
|
75
debian/patches/features/all/lockdown/0003-ima-require-secure_boot-rules-in-lockdown-mode.patch
vendored
Normal file
75
debian/patches/features/all/lockdown/0003-ima-require-secure_boot-rules-in-lockdown-mode.patch
vendored
Normal file
|
@ -0,0 +1,75 @@
|
|||
From: Mimi Zohar <zohar@linux.vnet.ibm.com>
|
||||
Date: Wed, 8 Nov 2017 15:11:32 +0000
|
||||
Subject: [03/29] ima: require secure_boot rules in lockdown mode
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=29c55d71a8185208c7962843a29c9a84ae27b2b0
|
||||
|
||||
Require the "secure_boot" rules, whether or not it is specified
|
||||
on the boot command line, for both the builtin and custom policies
|
||||
in secure boot lockdown mode.
|
||||
|
||||
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
---
|
||||
security/integrity/ima/ima_policy.c | 39 +++++++++++++++++++++++++++----------
|
||||
1 file changed, 29 insertions(+), 10 deletions(-)
|
||||
|
||||
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
|
||||
index 95209a5f8595..49c75e2a1ec5 100644
|
||||
--- a/security/integrity/ima/ima_policy.c
|
||||
+++ b/security/integrity/ima/ima_policy.c
|
||||
@@ -427,14 +427,21 @@ void ima_update_policy_flag(void)
|
||||
*/
|
||||
void __init ima_init_policy(void)
|
||||
{
|
||||
- int i, measure_entries, appraise_entries, secure_boot_entries;
|
||||
+ int i;
|
||||
+ int measure_entries = 0;
|
||||
+ int appraise_entries = 0;
|
||||
+ int secure_boot_entries = 0;
|
||||
+ bool kernel_locked_down = __kernel_is_locked_down(NULL, false);
|
||||
|
||||
/* if !ima_policy set entries = 0 so we load NO default rules */
|
||||
- measure_entries = ima_policy ? ARRAY_SIZE(dont_measure_rules) : 0;
|
||||
- appraise_entries = ima_use_appraise_tcb ?
|
||||
- ARRAY_SIZE(default_appraise_rules) : 0;
|
||||
- secure_boot_entries = ima_use_secure_boot ?
|
||||
- ARRAY_SIZE(secure_boot_rules) : 0;
|
||||
+ if (ima_policy)
|
||||
+ measure_entries = ARRAY_SIZE(dont_measure_rules);
|
||||
+
|
||||
+ if (ima_use_appraise_tcb)
|
||||
+ appraise_entries = ARRAY_SIZE(default_appraise_rules);
|
||||
+
|
||||
+ if (ima_use_secure_boot || kernel_locked_down)
|
||||
+ secure_boot_entries = ARRAY_SIZE(secure_boot_rules);
|
||||
|
||||
for (i = 0; i < measure_entries; i++)
|
||||
list_add_tail(&dont_measure_rules[i].list, &ima_default_rules);
|
||||
@@ -455,11 +462,23 @@ void __init ima_init_policy(void)
|
||||
|
||||
/*
|
||||
* Insert the appraise rules requiring file signatures, prior to
|
||||
- * any other appraise rules.
|
||||
+ * any other appraise rules. In secure boot lock-down mode, also
|
||||
+ * require these appraise rules for custom policies.
|
||||
*/
|
||||
- for (i = 0; i < secure_boot_entries; i++)
|
||||
- list_add_tail(&secure_boot_rules[i].list,
|
||||
- &ima_default_rules);
|
||||
+ for (i = 0; i < secure_boot_entries; i++) {
|
||||
+ struct ima_rule_entry *entry;
|
||||
+
|
||||
+ /* Include for builtin policies */
|
||||
+ list_add_tail(&secure_boot_rules[i].list, &ima_default_rules);
|
||||
+
|
||||
+ /* Include for custom policies */
|
||||
+ if (kernel_locked_down) {
|
||||
+ entry = kmemdup(&secure_boot_rules[i], sizeof(*entry),
|
||||
+ GFP_KERNEL);
|
||||
+ if (entry)
|
||||
+ list_add_tail(&entry->list, &ima_policy_rules);
|
||||
+ }
|
||||
+ }
|
||||
|
||||
for (i = 0; i < appraise_entries; i++) {
|
||||
list_add_tail(&default_appraise_rules[i].list,
|
|
@ -0,0 +1,90 @@
|
|||
From: David Howells <dhowells@redhat.com>
|
||||
Date: Wed, 8 Nov 2017 15:11:32 +0000
|
||||
Subject: [04/29] Enforce module signatures if the kernel is locked down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=1616ef1deccf5fdb525643a6b3efae34946a148d
|
||||
|
||||
If the kernel is locked down, require that all modules have valid
|
||||
signatures that we can verify or that IMA can validate the file.
|
||||
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
Reviewed-by: "Lee, Chun-Yi" <jlee@suse.com>
|
||||
Reviewed-by: James Morris <james.l.morris@oracle.com>
|
||||
---
|
||||
kernel/module.c | 19 ++++++++++++-------
|
||||
1 file changed, 12 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/kernel/module.c b/kernel/module.c
|
||||
index de66ec825992..0ce29c8aa75a 100644
|
||||
--- a/kernel/module.c
|
||||
+++ b/kernel/module.c
|
||||
@@ -64,6 +64,7 @@
|
||||
#include <linux/bsearch.h>
|
||||
#include <linux/dynamic_debug.h>
|
||||
#include <linux/audit.h>
|
||||
+#include <linux/ima.h>
|
||||
#include <uapi/linux/module.h>
|
||||
#include "module-internal.h"
|
||||
|
||||
@@ -2757,7 +2758,8 @@ static inline void kmemleak_load_module(const struct module *mod,
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_MODULE_SIG
|
||||
-static int module_sig_check(struct load_info *info, int flags)
|
||||
+static int module_sig_check(struct load_info *info, int flags,
|
||||
+ bool can_do_ima_check)
|
||||
{
|
||||
int err = -ENOKEY;
|
||||
const unsigned long markerlen = sizeof(MODULE_SIG_STRING) - 1;
|
||||
@@ -2781,13 +2783,16 @@ static int module_sig_check(struct load_info *info, int flags)
|
||||
}
|
||||
|
||||
/* Not having a signature is only an error if we're strict. */
|
||||
- if (err == -ENOKEY && !sig_enforce)
|
||||
+ if (err == -ENOKEY && !sig_enforce &&
|
||||
+ (!can_do_ima_check || !is_ima_appraise_enabled()) &&
|
||||
+ !kernel_is_locked_down("Loading of unsigned modules"))
|
||||
err = 0;
|
||||
|
||||
return err;
|
||||
}
|
||||
#else /* !CONFIG_MODULE_SIG */
|
||||
-static int module_sig_check(struct load_info *info, int flags)
|
||||
+static int module_sig_check(struct load_info *info, int flags,
|
||||
+ bool can_do_ima_check)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
@@ -3630,13 +3635,13 @@ static int unknown_module_param_cb(char *param, char *val, const char *modname,
|
||||
/* Allocate and load the module: note that size of section 0 is always
|
||||
zero, and we rely on this for optional sections. */
|
||||
static int load_module(struct load_info *info, const char __user *uargs,
|
||||
- int flags)
|
||||
+ int flags, bool can_do_ima_check)
|
||||
{
|
||||
struct module *mod;
|
||||
long err;
|
||||
char *after_dashes;
|
||||
|
||||
- err = module_sig_check(info, flags);
|
||||
+ err = module_sig_check(info, flags, can_do_ima_check);
|
||||
if (err)
|
||||
goto free_copy;
|
||||
|
||||
@@ -3830,7 +3835,7 @@ SYSCALL_DEFINE3(init_module, void __user *, umod,
|
||||
if (err)
|
||||
return err;
|
||||
|
||||
- return load_module(&info, uargs, 0);
|
||||
+ return load_module(&info, uargs, 0, false);
|
||||
}
|
||||
|
||||
SYSCALL_DEFINE3(finit_module, int, fd, const char __user *, uargs, int, flags)
|
||||
@@ -3857,7 +3862,7 @@ SYSCALL_DEFINE3(finit_module, int, fd, const char __user *, uargs, int, flags)
|
||||
info.hdr = hdr;
|
||||
info.len = size;
|
||||
|
||||
- return load_module(&info, uargs, flags);
|
||||
+ return load_module(&info, uargs, flags, true);
|
||||
}
|
||||
|
||||
static inline int within(unsigned long addr, void *start, unsigned long size)
|
|
@ -0,0 +1,35 @@
|
|||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Wed, 8 Nov 2017 15:11:32 +0000
|
||||
Subject: [05/29] Restrict /dev/{mem,kmem,port} when the kernel is locked down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=8214bb0d847928bf08a7d8475f84c06541c5a352
|
||||
|
||||
Allowing users to read and write to core kernel memory makes it possible
|
||||
for the kernel to be subverted, avoiding module loading restrictions, and
|
||||
also to steal cryptographic information.
|
||||
|
||||
Disallow /dev/mem and /dev/kmem from being opened this when the kernel has
|
||||
been locked down to prevent this.
|
||||
|
||||
Also disallow /dev/port from being opened to prevent raw ioport access and
|
||||
thus DMA from being used to accomplish the same thing.
|
||||
|
||||
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
Reviewed-by: "Lee, Chun-Yi" <jlee@suse.com>
|
||||
---
|
||||
drivers/char/mem.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/drivers/char/mem.c b/drivers/char/mem.c
|
||||
index 593a8818aca9..0ce5ac0a5c6b 100644
|
||||
--- a/drivers/char/mem.c
|
||||
+++ b/drivers/char/mem.c
|
||||
@@ -762,6 +762,8 @@ static loff_t memory_lseek(struct file *file, loff_t offset, int orig)
|
||||
|
||||
static int open_port(struct inode *inode, struct file *filp)
|
||||
{
|
||||
+ if (kernel_is_locked_down("/dev/mem,kmem,port"))
|
||||
+ return -EPERM;
|
||||
return capable(CAP_SYS_RAWIO) ? 0 : -EPERM;
|
||||
}
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Wed, 5 Apr 2017 17:40:30 +0100
|
||||
Subject: [44/61] kexec: Disable at runtime if the kernel is locked down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=e7c340d3a52b23631aa5e67cd10eac766042db50
|
||||
Date: Wed, 8 Nov 2017 15:11:32 +0000
|
||||
Subject: [06/29] kexec: Disable at runtime if the kernel is locked down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=6081db9ba435b757a3a3473d0cd50ee2252ccaeb
|
||||
|
||||
kexec permits the loading and execution of arbitrary code in ring 0, which
|
||||
is something that lock-down is meant to prevent. It makes sense to disable
|
||||
|
@ -12,25 +12,29 @@ image to be booted.
|
|||
|
||||
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
Acked-by: Dave Young <dyoung@redhat.com>
|
||||
Reviewed-by: "Lee, Chun-Yi" <jlee@suse.com>
|
||||
Reviewed-by: James Morris <james.l.morris@oracle.com>
|
||||
cc: kexec@lists.infradead.org
|
||||
---
|
||||
kernel/kexec.c | 7 +++++++
|
||||
1 file changed, 7 insertions(+)
|
||||
|
||||
diff --git a/kernel/kexec.c b/kernel/kexec.c
|
||||
index 980936a90ee6..46de8e6b42f4 100644
|
||||
index e62ec4dc6620..7dadfed9b676 100644
|
||||
--- a/kernel/kexec.c
|
||||
+++ b/kernel/kexec.c
|
||||
@@ -194,6 +194,13 @@ SYSCALL_DEFINE4(kexec_load, unsigned long, entry, unsigned long, nr_segments,
|
||||
@@ -201,6 +201,13 @@ SYSCALL_DEFINE4(kexec_load, unsigned long, entry, unsigned long, nr_segments,
|
||||
if (!capable(CAP_SYS_BOOT) || kexec_load_disabled)
|
||||
return -EPERM;
|
||||
|
||||
/*
|
||||
+ /*
|
||||
+ * kexec can be used to circumvent module loading restrictions, so
|
||||
+ * prevent loading in that case
|
||||
+ */
|
||||
+ if (kernel_is_locked_down())
|
||||
+ if (kernel_is_locked_down("kexec of unsigned images"))
|
||||
+ return -EPERM;
|
||||
+
|
||||
+ /*
|
||||
/*
|
||||
* Verify we have a legal set of flags
|
||||
* This leaves us room for future extensions.
|
||||
*/
|
|
@ -1,7 +1,7 @@
|
|||
From: Dave Young <dyoung@redhat.com>
|
||||
Date: Wed, 5 Apr 2017 17:40:30 +0100
|
||||
Subject: [45/61] Copy secure_boot flag in boot params across kexec reboot
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=c124b113ed50045c2a81ddaab104578e592ebec3
|
||||
Date: Wed, 8 Nov 2017 15:11:32 +0000
|
||||
Subject: [07/29] Copy secure_boot flag in boot params across kexec reboot
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=a6b7f780bdaa731f3e2970d65dcd52fe9ba2409d
|
||||
|
||||
Kexec reboot in case secure boot being enabled does not keep the secure
|
||||
boot mode in new kernel, so later one can load unsigned kernel via legacy
|
||||
|
@ -16,12 +16,14 @@ stub. Fixing this issue by copying secure_boot flag across kexec reboot.
|
|||
|
||||
Signed-off-by: Dave Young <dyoung@redhat.com>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
Reviewed-by: "Lee, Chun-Yi" <jlee@suse.com>
|
||||
cc: kexec@lists.infradead.org
|
||||
---
|
||||
arch/x86/kernel/kexec-bzimage64.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/arch/x86/kernel/kexec-bzimage64.c b/arch/x86/kernel/kexec-bzimage64.c
|
||||
index d0a814a9d96a..3551bcaa1eaf 100644
|
||||
index fb095ba0c02f..7d0fac5bcbbe 100644
|
||||
--- a/arch/x86/kernel/kexec-bzimage64.c
|
||||
+++ b/arch/x86/kernel/kexec-bzimage64.c
|
||||
@@ -179,6 +179,7 @@ setup_efi_state(struct boot_params *params, unsigned long params_load_addr,
|
|
@ -0,0 +1,40 @@
|
|||
From: Chun-Yi Lee <joeyli.kernel@gmail.com>
|
||||
Date: Wed, 8 Nov 2017 15:11:33 +0000
|
||||
Subject: [08/29] kexec_file: Restrict at runtime if the kernel is locked down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=eed4aca0409692d7d24bc64f5c98d346cd0506c4
|
||||
|
||||
When KEXEC_VERIFY_SIG is not enabled, kernel should not load images through
|
||||
kexec_file systemcall if the kernel is locked down unless IMA can be used
|
||||
to validate the image.
|
||||
|
||||
This code was showed in Matthew's patch but not in git:
|
||||
https://lkml.org/lkml/2015/3/13/778
|
||||
|
||||
Cc: Matthew Garrett <mjg59@srcf.ucam.org>
|
||||
Signed-off-by: Chun-Yi Lee <jlee@suse.com>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
Reviewed-by: James Morris <james.l.morris@oracle.com>
|
||||
cc: kexec@lists.infradead.org
|
||||
---
|
||||
kernel/kexec_file.c | 8 ++++++++
|
||||
1 file changed, 8 insertions(+)
|
||||
|
||||
diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c
|
||||
index 9f48f4412297..3ba28fc3fab0 100644
|
||||
--- a/kernel/kexec_file.c
|
||||
+++ b/kernel/kexec_file.c
|
||||
@@ -255,6 +255,14 @@ SYSCALL_DEFINE5(kexec_file_load, int, kernel_fd, int, initrd_fd,
|
||||
if (!capable(CAP_SYS_BOOT) || kexec_load_disabled)
|
||||
return -EPERM;
|
||||
|
||||
+ /* Don't permit images to be loaded into trusted kernels if we're not
|
||||
+ * going to verify the signature on them
|
||||
+ */
|
||||
+ if (!IS_ENABLED(CONFIG_KEXEC_VERIFY_SIG) &&
|
||||
+ !is_ima_appraise_enabled() &&
|
||||
+ kernel_is_locked_down("kexec of unsigned images"))
|
||||
+ return -EPERM;
|
||||
+
|
||||
/* Make sure we have a legal set of flags */
|
||||
if (flags != (flags & KEXEC_FILE_FLAGS))
|
||||
return -EINVAL;
|
|
@ -1,7 +1,7 @@
|
|||
From: Josh Boyer <jwboyer@fedoraproject.org>
|
||||
Date: Wed, 5 Apr 2017 17:40:30 +0100
|
||||
Subject: [47/61] hibernate: Disable when the kernel is locked down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=398b27dd51e2c295ec870943a5afb842acf7726b
|
||||
Date: Wed, 8 Nov 2017 15:11:33 +0000
|
||||
Subject: [09/29] hibernate: Disable when the kernel is locked down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=480ddca2a40c2efd1c01cfa20d8f6c1377ddafe3
|
||||
|
||||
There is currently no way to verify the resume image when returning
|
||||
from hibernate. This might compromise the signed modules trust model,
|
||||
|
@ -10,12 +10,14 @@ kernel is locked down.
|
|||
|
||||
Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
Reviewed-by: "Lee, Chun-Yi" <jlee@suse.com>
|
||||
cc: linux-pm@vger.kernel.org
|
||||
---
|
||||
kernel/power/hibernate.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/kernel/power/hibernate.c b/kernel/power/hibernate.c
|
||||
index a8b978c35a6a..50cca5dcb62f 100644
|
||||
index a5c36e9c56a6..f2eafefeec50 100644
|
||||
--- a/kernel/power/hibernate.c
|
||||
+++ b/kernel/power/hibernate.c
|
||||
@@ -70,7 +70,7 @@ static const struct platform_hibernation_ops *hibernation_ops;
|
||||
|
@ -23,7 +25,7 @@ index a8b978c35a6a..50cca5dcb62f 100644
|
|||
bool hibernation_available(void)
|
||||
{
|
||||
- return (nohibernate == 0);
|
||||
+ return nohibernate == 0 && !kernel_is_locked_down();
|
||||
+ return nohibernate == 0 && !kernel_is_locked_down("Hibernation");
|
||||
}
|
||||
|
||||
/**
|
|
@ -1,7 +1,7 @@
|
|||
From: Matthew Garrett <mjg59@srcf.ucam.org>
|
||||
Date: Wed, 5 Apr 2017 17:40:30 +0100
|
||||
Subject: [48/61] uswsusp: Disable when the kernel is locked down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=6c773b2f00bec7cdccc1adf4a1af1afb082b78b8
|
||||
Date: Wed, 8 Nov 2017 15:11:33 +0000
|
||||
Subject: [10/29] uswsusp: Disable when the kernel is locked down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=706def46d58e9c69e91db506305485731f615e44
|
||||
|
||||
uswsusp allows a user process to dump and then restore kernel state, which
|
||||
makes it possible to modify the running kernel. Disable this if the kernel
|
||||
|
@ -9,19 +9,22 @@ is locked down.
|
|||
|
||||
Signed-off-by: Matthew Garrett <mjg59@srcf.ucam.org>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
Reviewed-by: "Lee, Chun-Yi" <jlee@suse.com>
|
||||
Reviewed-by: James Morris <james.l.morris@oracle.com>
|
||||
cc: linux-pm@vger.kernel.org
|
||||
---
|
||||
kernel/power/user.c | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/kernel/power/user.c b/kernel/power/user.c
|
||||
index 22df9f7ff672..e4b926d329b7 100644
|
||||
index 22df9f7ff672..678ade9decfe 100644
|
||||
--- a/kernel/power/user.c
|
||||
+++ b/kernel/power/user.c
|
||||
@@ -52,6 +52,9 @@ static int snapshot_open(struct inode *inode, struct file *filp)
|
||||
if (!hibernation_available())
|
||||
return -EPERM;
|
||||
|
||||
+ if (kernel_is_locked_down())
|
||||
+ if (kernel_is_locked_down("/dev/snapshot"))
|
||||
+ return -EPERM;
|
||||
+
|
||||
lock_system_sleep();
|
|
@ -1,7 +1,7 @@
|
|||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Wed, 5 Apr 2017 17:40:30 +0100
|
||||
Subject: [49/61] PCI: Lock down BAR access when the kernel is locked down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=fdfe195b5f8e0693a98f1f37eb1281ea7830dbff
|
||||
Date: Wed, 8 Nov 2017 15:11:33 +0000
|
||||
Subject: [11/29] PCI: Lock down BAR access when the kernel is locked down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=d107d11fd7ac982a34b1233722cb3e72f9fe5a20
|
||||
|
||||
Any hardware that can potentially generate DMA has to be locked down in
|
||||
order to avoid it being possible for an attacker to modify kernel code,
|
||||
|
@ -11,84 +11,94 @@ sufficiently IOMMU-isolated devices.
|
|||
|
||||
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
[bwh: For 4.12, adjust context]
|
||||
Acked-by: Bjorn Helgaas <bhelgaas@google.com>
|
||||
Reviewed-by: "Lee, Chun-Yi" <jlee@suse.com>
|
||||
cc: linux-pci@vger.kernel.org
|
||||
---
|
||||
drivers/pci/pci-sysfs.c | 9 +++++++++
|
||||
drivers/pci/proc.c | 8 +++++++-
|
||||
drivers/pci/syscall.c | 2 +-
|
||||
3 files changed, 17 insertions(+), 2 deletions(-)
|
||||
drivers/pci/proc.c | 9 ++++++++-
|
||||
drivers/pci/syscall.c | 3 ++-
|
||||
3 files changed, 19 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c
|
||||
index 1eecfa301f7f..e1a3b0e765c2 100644
|
||||
--- a/drivers/pci/pci-sysfs.c
|
||||
+++ b/drivers/pci/pci-sysfs.c
|
||||
@@ -754,6 +754,9 @@ static ssize_t pci_write_config(struct f
|
||||
@@ -881,6 +881,9 @@ static ssize_t pci_write_config(struct file *filp, struct kobject *kobj,
|
||||
loff_t init_off = off;
|
||||
u8 *data = (u8 *) buf;
|
||||
|
||||
+ if (kernel_is_locked_down())
|
||||
+ if (kernel_is_locked_down("Direct PCI access"))
|
||||
+ return -EPERM;
|
||||
+
|
||||
if (off > dev->cfg_size)
|
||||
return 0;
|
||||
if (off + count > dev->cfg_size) {
|
||||
@@ -1048,6 +1051,9 @@ static int pci_mmap_resource(struct kobj
|
||||
@@ -1175,6 +1178,9 @@ static int pci_mmap_resource(struct kobject *kobj, struct bin_attribute *attr,
|
||||
enum pci_mmap_state mmap_type;
|
||||
struct resource *res = &pdev->resource[bar];
|
||||
|
||||
+ if (kernel_is_locked_down())
|
||||
+ if (kernel_is_locked_down("Direct PCI access"))
|
||||
+ return -EPERM;
|
||||
+
|
||||
if (res->flags & IORESOURCE_MEM && iomem_is_exclusive(res->start))
|
||||
return -EINVAL;
|
||||
|
||||
@@ -1131,6 +1137,9 @@ static ssize_t pci_write_resource_io(str
|
||||
@@ -1255,6 +1261,9 @@ static ssize_t pci_write_resource_io(struct file *filp, struct kobject *kobj,
|
||||
struct bin_attribute *attr, char *buf,
|
||||
loff_t off, size_t count)
|
||||
{
|
||||
+ if (kernel_is_locked_down())
|
||||
+ if (kernel_is_locked_down("Direct PCI access"))
|
||||
+ return -EPERM;
|
||||
+
|
||||
return pci_resource_io(filp, kobj, attr, buf, off, count, true);
|
||||
}
|
||||
|
||||
diff --git a/drivers/pci/proc.c b/drivers/pci/proc.c
|
||||
index 098360d7ff81..a6c53d855daa 100644
|
||||
--- a/drivers/pci/proc.c
|
||||
+++ b/drivers/pci/proc.c
|
||||
@@ -116,6 +116,9 @@ static ssize_t proc_bus_pci_write(struct
|
||||
@@ -116,6 +116,9 @@ static ssize_t proc_bus_pci_write(struct file *file, const char __user *buf,
|
||||
int size = dev->cfg_size;
|
||||
int cnt;
|
||||
|
||||
+ if (kernel_is_locked_down())
|
||||
+ if (kernel_is_locked_down("Direct PCI access"))
|
||||
+ return -EPERM;
|
||||
+
|
||||
if (pos >= size)
|
||||
return 0;
|
||||
if (nbytes >= size)
|
||||
@@ -195,6 +198,9 @@ static long proc_bus_pci_ioctl(struct fi
|
||||
@@ -195,6 +198,9 @@ static long proc_bus_pci_ioctl(struct file *file, unsigned int cmd,
|
||||
#endif /* HAVE_PCI_MMAP */
|
||||
int ret = 0;
|
||||
|
||||
+ if (kernel_is_locked_down())
|
||||
+ if (kernel_is_locked_down("Direct PCI access"))
|
||||
+ return -EPERM;
|
||||
+
|
||||
switch (cmd) {
|
||||
case PCIIOC_CONTROLLER:
|
||||
ret = pci_domain_nr(dev->bus);
|
||||
@@ -236,7 +242,7 @@ static int proc_bus_pci_mmap(struct file
|
||||
@@ -236,7 +242,8 @@ static int proc_bus_pci_mmap(struct file *file, struct vm_area_struct *vma)
|
||||
struct pci_filp_private *fpriv = file->private_data;
|
||||
int i, ret, write_combine = 0, res_bit = IORESOURCE_MEM;
|
||||
|
||||
- if (!capable(CAP_SYS_RAWIO))
|
||||
+ if (!capable(CAP_SYS_RAWIO) || kernel_is_locked_down())
|
||||
+ if (!capable(CAP_SYS_RAWIO) ||
|
||||
+ kernel_is_locked_down("Direct PCI access"))
|
||||
return -EPERM;
|
||||
|
||||
if (fpriv->mmap_state == pci_mmap_io) {
|
||||
diff --git a/drivers/pci/syscall.c b/drivers/pci/syscall.c
|
||||
index 9bf993e1f71e..afa01cc3ceec 100644
|
||||
--- a/drivers/pci/syscall.c
|
||||
+++ b/drivers/pci/syscall.c
|
||||
@@ -92,7 +92,7 @@ SYSCALL_DEFINE5(pciconfig_write, unsigne
|
||||
@@ -92,7 +92,8 @@ SYSCALL_DEFINE5(pciconfig_write, unsigned long, bus, unsigned long, dfn,
|
||||
u32 dword;
|
||||
int err = 0;
|
||||
|
||||
- if (!capable(CAP_SYS_ADMIN))
|
||||
+ if (!capable(CAP_SYS_ADMIN) || kernel_is_locked_down())
|
||||
+ if (!capable(CAP_SYS_ADMIN) ||
|
||||
+ kernel_is_locked_down("Direct PCI access"))
|
||||
return -EPERM;
|
||||
|
||||
dev = pci_get_bus_and_slot(bus, dfn);
|
|
@ -1,7 +1,7 @@
|
|||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Wed, 5 Apr 2017 17:40:30 +0100
|
||||
Subject: [50/61] x86: Lock down IO port access when the kernel is locked down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=37a19fd0d859cc12f1d6f47085071e35d34a0a41
|
||||
Date: Wed, 8 Nov 2017 15:11:34 +0000
|
||||
Subject: [12/29] x86: Lock down IO port access when the kernel is locked down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=00ebba940247d4c37c06da4aedecf6b80db213cf
|
||||
|
||||
IO port access would permit users to gain access to PCI configuration
|
||||
registers, which in turn (on a lot of hardware) give access to MMIO
|
||||
|
@ -13,43 +13,34 @@ KDDISABIO console ioctls.
|
|||
|
||||
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
|
||||
Reviewed-by: "Lee, Chun-Yi" <jlee@suse.com>
|
||||
cc: x86@kernel.org
|
||||
---
|
||||
arch/x86/kernel/ioport.c | 4 ++--
|
||||
drivers/char/mem.c | 2 ++
|
||||
2 files changed, 4 insertions(+), 2 deletions(-)
|
||||
arch/x86/kernel/ioport.c | 6 ++++--
|
||||
1 file changed, 4 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/arch/x86/kernel/ioport.c b/arch/x86/kernel/ioport.c
|
||||
index 9c3cf0944bce..4a613fed94b6 100644
|
||||
index 9c3cf0944bce..2c0f058651c5 100644
|
||||
--- a/arch/x86/kernel/ioport.c
|
||||
+++ b/arch/x86/kernel/ioport.c
|
||||
@@ -30,7 +30,7 @@ asmlinkage long sys_ioperm(unsigned long from, unsigned long num, int turn_on)
|
||||
@@ -30,7 +30,8 @@ asmlinkage long sys_ioperm(unsigned long from, unsigned long num, int turn_on)
|
||||
|
||||
if ((from + num <= from) || (from + num > IO_BITMAP_BITS))
|
||||
return -EINVAL;
|
||||
- if (turn_on && !capable(CAP_SYS_RAWIO))
|
||||
+ if (turn_on && (!capable(CAP_SYS_RAWIO) || kernel_is_locked_down()))
|
||||
+ if (turn_on && (!capable(CAP_SYS_RAWIO) ||
|
||||
+ kernel_is_locked_down("ioperm")))
|
||||
return -EPERM;
|
||||
|
||||
/*
|
||||
@@ -120,7 +120,7 @@ SYSCALL_DEFINE1(iopl, unsigned int, level)
|
||||
@@ -120,7 +121,8 @@ SYSCALL_DEFINE1(iopl, unsigned int, level)
|
||||
return -EINVAL;
|
||||
/* Trying to gain more privileges? */
|
||||
if (level > old) {
|
||||
- if (!capable(CAP_SYS_RAWIO))
|
||||
+ if (!capable(CAP_SYS_RAWIO) || kernel_is_locked_down())
|
||||
+ if (!capable(CAP_SYS_RAWIO) ||
|
||||
+ kernel_is_locked_down("iopl"))
|
||||
return -EPERM;
|
||||
}
|
||||
regs->flags = (regs->flags & ~X86_EFLAGS_IOPL) |
|
||||
diff --git a/drivers/char/mem.c b/drivers/char/mem.c
|
||||
index f8144049bda3..9afebb60550f 100644
|
||||
--- a/drivers/char/mem.c
|
||||
+++ b/drivers/char/mem.c
|
||||
@@ -741,6 +741,8 @@ static loff_t memory_lseek(struct file *file, loff_t offset, int orig)
|
||||
|
||||
static int open_port(struct inode *inode, struct file *filp)
|
||||
{
|
||||
+ if (kernel_is_locked_down())
|
||||
+ return -EPERM;
|
||||
return capable(CAP_SYS_RAWIO) ? 0 : -EPERM;
|
||||
}
|
||||
|
|
@ -0,0 +1,50 @@
|
|||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Wed, 8 Nov 2017 15:11:34 +0000
|
||||
Subject: [13/29] x86/msr: Restrict MSR access when the kernel is locked down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=696dcddb285558b4febf318fe620a344d2b2fa47
|
||||
|
||||
Writing to MSRs should not be allowed if the kernel is locked down, since
|
||||
it could lead to execution of arbitrary code in kernel mode. Based on a
|
||||
patch by Kees Cook.
|
||||
|
||||
MSR accesses are logged for the purposes of building up a whitelist as per
|
||||
Alan Cox's suggestion.
|
||||
|
||||
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
Acked-by: Kees Cook <keescook@chromium.org>
|
||||
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
|
||||
Reviewed-by: "Lee, Chun-Yi" <jlee@suse.com>
|
||||
cc: x86@kernel.org
|
||||
---
|
||||
arch/x86/kernel/msr.c | 10 ++++++++++
|
||||
1 file changed, 10 insertions(+)
|
||||
|
||||
diff --git a/arch/x86/kernel/msr.c b/arch/x86/kernel/msr.c
|
||||
index ef688804f80d..dfb61d358196 100644
|
||||
--- a/arch/x86/kernel/msr.c
|
||||
+++ b/arch/x86/kernel/msr.c
|
||||
@@ -84,6 +84,11 @@ static ssize_t msr_write(struct file *file, const char __user *buf,
|
||||
int err = 0;
|
||||
ssize_t bytes = 0;
|
||||
|
||||
+ if (kernel_is_locked_down("Direct MSR access")) {
|
||||
+ pr_info("Direct access to MSR %x\n", reg);
|
||||
+ return -EPERM;
|
||||
+ }
|
||||
+
|
||||
if (count % 8)
|
||||
return -EINVAL; /* Invalid chunk size */
|
||||
|
||||
@@ -135,6 +140,11 @@ static long msr_ioctl(struct file *file, unsigned int ioc, unsigned long arg)
|
||||
err = -EFAULT;
|
||||
break;
|
||||
}
|
||||
+ if (kernel_is_locked_down("Direct MSR access")) {
|
||||
+ pr_info("Direct access to MSR %x\n", regs[1]); /* Display %ecx */
|
||||
+ err = -EPERM;
|
||||
+ break;
|
||||
+ }
|
||||
err = wrmsr_safe_regs_on_cpu(cpu, regs);
|
||||
if (err)
|
||||
break;
|
|
@ -1,8 +1,8 @@
|
|||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Wed, 5 Apr 2017 17:40:30 +0100
|
||||
Subject: [52/61] asus-wmi: Restrict debugfs interface when the kernel is
|
||||
Date: Wed, 8 Nov 2017 15:11:34 +0000
|
||||
Subject: [14/29] asus-wmi: Restrict debugfs interface when the kernel is
|
||||
locked down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=bfa10bc7193d6309dc8029e18fe7d844f9a3a1c0
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=2e6d31b3176ee27d216bb92a3b108f6b19d4719a
|
||||
|
||||
We have no way of validating what all of the Asus WMI methods do on a given
|
||||
machine - and there's a risk that some will allow hardware state to be
|
||||
|
@ -12,37 +12,42 @@ kernel is locked down.
|
|||
|
||||
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
Reviewed-by: "Lee, Chun-Yi" <jlee@suse.com>
|
||||
cc: acpi4asus-user@lists.sourceforge.net
|
||||
cc: platform-driver-x86@vger.kernel.org
|
||||
---
|
||||
drivers/platform/x86/asus-wmi.c | 9 +++++++++
|
||||
1 file changed, 9 insertions(+)
|
||||
|
||||
diff --git a/drivers/platform/x86/asus-wmi.c b/drivers/platform/x86/asus-wmi.c
|
||||
index 48e1541dc8d4..ef5587469337 100644
|
||||
--- a/drivers/platform/x86/asus-wmi.c
|
||||
+++ b/drivers/platform/x86/asus-wmi.c
|
||||
@@ -1905,6 +1905,9 @@ static int show_dsts(struct seq_file *m,
|
||||
@@ -1905,6 +1905,9 @@ static int show_dsts(struct seq_file *m, void *data)
|
||||
int err;
|
||||
u32 retval = -1;
|
||||
|
||||
+ if (kernel_is_locked_down())
|
||||
+ if (kernel_is_locked_down("Asus WMI"))
|
||||
+ return -EPERM;
|
||||
+
|
||||
err = asus_wmi_get_devstate(asus, asus->debug.dev_id, &retval);
|
||||
|
||||
if (err < 0)
|
||||
@@ -1921,6 +1924,9 @@ static int show_devs(struct seq_file *m,
|
||||
@@ -1921,6 +1924,9 @@ static int show_devs(struct seq_file *m, void *data)
|
||||
int err;
|
||||
u32 retval = -1;
|
||||
|
||||
+ if (kernel_is_locked_down())
|
||||
+ if (kernel_is_locked_down("Asus WMI"))
|
||||
+ return -EPERM;
|
||||
+
|
||||
err = asus_wmi_set_devstate(asus->debug.dev_id, asus->debug.ctrl_param,
|
||||
&retval);
|
||||
|
||||
@@ -1945,6 +1951,9 @@ static int show_call(struct seq_file *m,
|
||||
@@ -1945,6 +1951,9 @@ static int show_call(struct seq_file *m, void *data)
|
||||
union acpi_object *obj;
|
||||
acpi_status status;
|
||||
|
||||
+ if (kernel_is_locked_down())
|
||||
+ if (kernel_is_locked_down("Asus WMI"))
|
||||
+ return -EPERM;
|
||||
+
|
||||
status = wmi_evaluate_method(ASUS_WMI_MGMT_GUID,
|
|
@ -1,8 +1,8 @@
|
|||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Wed, 5 Apr 2017 17:40:30 +0100
|
||||
Subject: [53/61] ACPI: Limit access to custom_method when the kernel is locked
|
||||
Date: Wed, 8 Nov 2017 15:11:34 +0000
|
||||
Subject: [15/29] ACPI: Limit access to custom_method when the kernel is locked
|
||||
down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=c333ace27a3115f2b56f25987bdb7ef05f71836c
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=5ff99c830aacf02f25816a0da427216fb63ba16d
|
||||
|
||||
custom_method effectively allows arbitrary access to system memory, making
|
||||
it possible for an attacker to circumvent restrictions on module loading.
|
||||
|
@ -10,19 +10,21 @@ Disable it if the kernel is locked down.
|
|||
|
||||
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
Reviewed-by: "Lee, Chun-Yi" <jlee@suse.com>
|
||||
cc: linux-acpi@vger.kernel.org
|
||||
---
|
||||
drivers/acpi/custom_method.c | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/drivers/acpi/custom_method.c b/drivers/acpi/custom_method.c
|
||||
index c68e72414a67..e4d721c330c0 100644
|
||||
index c68e72414a67..b33fba70ec51 100644
|
||||
--- a/drivers/acpi/custom_method.c
|
||||
+++ b/drivers/acpi/custom_method.c
|
||||
@@ -29,6 +29,9 @@ static ssize_t cm_write(struct file *file, const char __user * user_buf,
|
||||
struct acpi_table_header table;
|
||||
acpi_status status;
|
||||
|
||||
+ if (kernel_is_locked_down())
|
||||
+ if (kernel_is_locked_down("ACPI custom methods"))
|
||||
+ return -EPERM;
|
||||
+
|
||||
if (!(*ppos)) {
|
|
@ -1,21 +1,24 @@
|
|||
From: Josh Boyer <jwboyer@redhat.com>
|
||||
Date: Wed, 5 Apr 2017 17:40:31 +0100
|
||||
Subject: [54/61] acpi: Ignore acpi_rsdp kernel param when the kernel has been
|
||||
Date: Wed, 8 Nov 2017 15:11:34 +0000
|
||||
Subject: [16/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been
|
||||
locked down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=1e915addf2f56a29d84dfc899017a926de9c0264
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=67890a0361626ec3e035264656896c77670c414b
|
||||
|
||||
This option allows userspace to pass the RSDP address to the kernel, which
|
||||
makes it possible for a user to circumvent any restrictions imposed on
|
||||
loading modules. Ignore the option when the kernel is locked down.
|
||||
makes it possible for a user to modify the workings of hardware . Reject
|
||||
the option when the kernel is locked down.
|
||||
|
||||
Signed-off-by: Josh Boyer <jwboyer@redhat.com>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
Reviewed-by: "Lee, Chun-Yi" <jlee@suse.com>
|
||||
cc: Dave Young <dyoung@redhat.com>
|
||||
cc: linux-acpi@vger.kernel.org
|
||||
---
|
||||
drivers/acpi/osl.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/drivers/acpi/osl.c b/drivers/acpi/osl.c
|
||||
index db78d353bab1..d4d4ba348451 100644
|
||||
index db78d353bab1..36c6527c1b0a 100644
|
||||
--- a/drivers/acpi/osl.c
|
||||
+++ b/drivers/acpi/osl.c
|
||||
@@ -192,7 +192,7 @@ acpi_physical_address __init acpi_os_get_root_pointer(void)
|
||||
|
@ -23,7 +26,7 @@ index db78d353bab1..d4d4ba348451 100644
|
|||
|
||||
#ifdef CONFIG_KEXEC
|
||||
- if (acpi_rsdp)
|
||||
+ if (acpi_rsdp && !kernel_is_locked_down())
|
||||
+ if (acpi_rsdp && !kernel_is_locked_down("ACPI RSDP specification"))
|
||||
return acpi_rsdp;
|
||||
#endif
|
||||
|
|
@ -1,8 +1,8 @@
|
|||
From: Linn Crosetto <linn@hpe.com>
|
||||
Date: Wed, 5 Apr 2017 17:40:31 +0100
|
||||
Subject: [55/61] acpi: Disable ACPI table override if the kernel is locked
|
||||
Date: Wed, 8 Nov 2017 15:11:34 +0000
|
||||
Subject: [17/29] acpi: Disable ACPI table override if the kernel is locked
|
||||
down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=2a3b80bfba52f3f71bbb9b20942fb86ca6f491fe
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=5976d26de05569951641ebeb95f7240993b66063
|
||||
|
||||
From the kernel documentation (initrd_table_override.txt):
|
||||
|
||||
|
@ -16,19 +16,21 @@ so do not allow ACPI tables to be overridden if the kernel is locked down.
|
|||
|
||||
Signed-off-by: Linn Crosetto <linn@hpe.com>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
Reviewed-by: "Lee, Chun-Yi" <jlee@suse.com>
|
||||
cc: linux-acpi@vger.kernel.org
|
||||
---
|
||||
drivers/acpi/tables.c | 5 +++++
|
||||
1 file changed, 5 insertions(+)
|
||||
|
||||
diff --git a/drivers/acpi/tables.c b/drivers/acpi/tables.c
|
||||
index 2604189d6cd1..601096d0d849 100644
|
||||
index 80ce2a7d224b..5cc13c42daf9 100644
|
||||
--- a/drivers/acpi/tables.c
|
||||
+++ b/drivers/acpi/tables.c
|
||||
@@ -542,6 +542,11 @@ void __init acpi_table_upgrade(void)
|
||||
@@ -526,6 +526,11 @@ void __init acpi_table_upgrade(void)
|
||||
if (table_nr == 0)
|
||||
return;
|
||||
|
||||
+ if (kernel_is_locked_down()) {
|
||||
+ if (kernel_is_locked_down("ACPI table override")) {
|
||||
+ pr_notice("kernel is locked down, ignoring table override\n");
|
||||
+ return;
|
||||
+ }
|
|
@ -1,8 +1,8 @@
|
|||
From: Linn Crosetto <linn@hpe.com>
|
||||
Date: Wed, 5 Apr 2017 17:40:31 +0100
|
||||
Subject: [56/61] acpi: Disable APEI error injection if the kernel is locked
|
||||
Date: Wed, 8 Nov 2017 15:11:35 +0000
|
||||
Subject: [18/29] acpi: Disable APEI error injection if the kernel is locked
|
||||
down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=cc8de994de095fc6b88f92c9a768c806605fba07
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=a9c239382bce17b9108f941130392151d5fff262
|
||||
|
||||
ACPI provides an error injection mechanism, EINJ, for debugging and testing
|
||||
the ACPI Platform Error Interface (APEI) and other RAS features. If
|
||||
|
@ -21,19 +21,21 @@ the kernel is locked down.
|
|||
|
||||
Signed-off-by: Linn Crosetto <linn@hpe.com>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
Reviewed-by: "Lee, Chun-Yi" <jlee@suse.com>
|
||||
cc: linux-acpi@vger.kernel.org
|
||||
---
|
||||
drivers/acpi/apei/einj.c | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/drivers/acpi/apei/einj.c b/drivers/acpi/apei/einj.c
|
||||
index ec50c32ea3da..e082718d01c2 100644
|
||||
index b38737c83a24..6d71e1e97b20 100644
|
||||
--- a/drivers/acpi/apei/einj.c
|
||||
+++ b/drivers/acpi/apei/einj.c
|
||||
@@ -518,6 +518,9 @@ static int einj_error_inject(u32 type, u32 flags, u64 param1, u64 param2,
|
||||
int rc;
|
||||
u64 base_addr, size;
|
||||
|
||||
+ if (kernel_is_locked_down())
|
||||
+ if (kernel_is_locked_down("ACPI error injection"))
|
||||
+ return -EPERM;
|
||||
+
|
||||
/* If user manually set "flags", make sure it is legal */
|
|
@ -1,7 +1,7 @@
|
|||
From: David Howells <dhowells@redhat.com>
|
||||
Date: Wed, 5 Apr 2017 17:40:31 +0100
|
||||
Subject: [58/61] scsi: Lock down the eata driver
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=e6fc4e593143fbbb8b83c558bb8e6445d9aaa45a
|
||||
Date: Wed, 8 Nov 2017 15:11:35 +0000
|
||||
Subject: [19/29] scsi: Lock down the eata driver
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=54aab7f5b0e4e6f68cec46d92c37e6c482b5e56e
|
||||
|
||||
When the kernel is running in secure boot mode, we lock down the kernel to
|
||||
prevent userspace from modifying the running kernel image. Whilst this
|
||||
|
@ -20,23 +20,21 @@ cc: "James E.J. Bottomley" <jejb@linux.vnet.ibm.com>
|
|||
cc: "Martin K. Petersen" <martin.petersen@oracle.com>
|
||||
cc: linux-scsi@vger.kernel.org
|
||||
---
|
||||
drivers/scsi/eata.c | 7 ++++++-
|
||||
1 file changed, 6 insertions(+), 1 deletion(-)
|
||||
drivers/scsi/eata.c | 5 ++++-
|
||||
1 file changed, 4 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/drivers/scsi/eata.c b/drivers/scsi/eata.c
|
||||
index 227dd2c2ec2f..5c036d10c18b 100644
|
||||
index 6501c330d8c8..72fceaa8f3da 100644
|
||||
--- a/drivers/scsi/eata.c
|
||||
+++ b/drivers/scsi/eata.c
|
||||
@@ -1552,8 +1552,13 @@ static int eata2x_detect(struct scsi_host_template *tpnt)
|
||||
@@ -1552,8 +1552,11 @@ static int eata2x_detect(struct scsi_host_template *tpnt)
|
||||
|
||||
tpnt->proc_name = "eata2x";
|
||||
|
||||
- if (strlen(boot_options))
|
||||
+ if (strlen(boot_options)) {
|
||||
+ if (kernel_is_locked_down()) {
|
||||
+ pr_err("Command line-specified device addresses, irqs and dma channels are not permitted when the kernel is locked down\n");
|
||||
+ if (kernel_is_locked_down("Command line-specified device addresses, irqs and dma channels"))
|
||||
+ return -EPERM;
|
||||
+ }
|
||||
option_setup(boot_options);
|
||||
+ }
|
||||
|
|
@ -1,29 +1,28 @@
|
|||
From: David Howells <dhowells@redhat.com>
|
||||
Date: Wed, 5 Apr 2017 17:40:31 +0100
|
||||
Subject: [59/61] Prohibit PCMCIA CIS storage when the kernel is locked down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=36b3c01337b2d0e4aa69828186586951b9cf50fa
|
||||
Date: Wed, 8 Nov 2017 15:11:35 +0000
|
||||
Subject: [20/29] Prohibit PCMCIA CIS storage when the kernel is locked down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=18b2dfc74efeafbdbb8f5d4d28da6334b7e1f1ac
|
||||
|
||||
Prohibit replacement of the PCMCIA Card Information Structure when the
|
||||
kernel is locked down.
|
||||
|
||||
Suggested-by: Dominik Brodowski <linux@dominikbrodowski.net>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
cc: linux-pcmcia@lists.infradead.org
|
||||
---
|
||||
drivers/pcmcia/cistpl.c | 5 +++++
|
||||
1 file changed, 5 insertions(+)
|
||||
drivers/pcmcia/cistpl.c | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/drivers/pcmcia/cistpl.c b/drivers/pcmcia/cistpl.c
|
||||
index 55ef7d1fd8da..193e4f7b73b1 100644
|
||||
index 55ef7d1fd8da..b7a0e42eeb25 100644
|
||||
--- a/drivers/pcmcia/cistpl.c
|
||||
+++ b/drivers/pcmcia/cistpl.c
|
||||
@@ -1578,6 +1578,11 @@ static ssize_t pccard_store_cis(struct file *filp, struct kobject *kobj,
|
||||
@@ -1578,6 +1578,9 @@ static ssize_t pccard_store_cis(struct file *filp, struct kobject *kobj,
|
||||
struct pcmcia_socket *s;
|
||||
int error;
|
||||
|
||||
+ if (kernel_is_locked_down()) {
|
||||
+ pr_err("Direct CIS storage isn't permitted when the kernel is locked down\n");
|
||||
+ if (kernel_is_locked_down("Direct PCMCIA CIS storage"))
|
||||
+ return -EPERM;
|
||||
+ }
|
||||
+
|
||||
s = to_socket(container_of(kobj, struct device, kobj));
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
From: David Howells <dhowells@redhat.com>
|
||||
Date: Wed, 5 Apr 2017 17:40:31 +0100
|
||||
Subject: [60/61] Lock down TIOCSSERIAL
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=3f0d5eb601c66451afebe889623bcbafec0e4bb8
|
||||
Date: Wed, 8 Nov 2017 15:11:35 +0000
|
||||
Subject: [21/29] Lock down TIOCSSERIAL
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=f5fdeda0622ca040961521819794193777a03e8a
|
||||
|
||||
Lock down TIOCSSERIAL as that can be used to change the ioport and irq
|
||||
settings on a serial port. This only appears to be an issue for the serial
|
||||
|
@ -10,18 +10,21 @@ ignore attempts to change port/irq or give an error.
|
|||
|
||||
Reported-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
cc: Jiri Slaby <jslaby@suse.com>
|
||||
---
|
||||
drivers/tty/serial/serial_core.c | 6 ++++++
|
||||
1 file changed, 6 insertions(+)
|
||||
|
||||
diff --git a/drivers/tty/serial/serial_core.c b/drivers/tty/serial/serial_core.c
|
||||
index 3a14cccbd7ff..41f0922ad842 100644
|
||||
--- a/drivers/tty/serial/serial_core.c
|
||||
+++ b/drivers/tty/serial/serial_core.c
|
||||
@@ -842,6 +842,12 @@ static int uart_set_info(struct tty_stru
|
||||
@@ -842,6 +842,12 @@ static int uart_set_info(struct tty_struct *tty, struct tty_port *port,
|
||||
new_flags = (__force upf_t)new_info->flags;
|
||||
old_custom_divisor = uport->custom_divisor;
|
||||
|
||||
+ if ((change_port || change_irq) && kernel_is_locked_down()) {
|
||||
+ pr_err("Using TIOCSSERIAL to change device addresses, irqs and dma channels is not permitted when the kernel is locked down\n");
|
||||
+ if ((change_port || change_irq) &&
|
||||
+ kernel_is_locked_down("Using TIOCSSERIAL to change device addresses, irqs and dma channels")) {
|
||||
+ retval = -EPERM;
|
||||
+ goto exit;
|
||||
+ }
|
|
@ -1,8 +1,8 @@
|
|||
From: David Howells <dhowells@redhat.com>
|
||||
Date: Wed, 5 Apr 2017 13:50:07 +0100
|
||||
Subject: [61/61] Lock down module params that specify hardware parameters (eg.
|
||||
Date: Wed, 8 Nov 2017 15:11:36 +0000
|
||||
Subject: [22/29] Lock down module params that specify hardware parameters (eg.
|
||||
ioport)
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=0240fa7c7c948b19d57c0163d57e55296277ff3c
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=d20a28efda02a7ce70b943c15246ea2f07e780f4
|
||||
|
||||
Provided an annotation for module parameters that specify hardware
|
||||
parameters (such as io ports, iomem addresses, irqs, dma channels, fixed
|
||||
|
@ -11,14 +11,14 @@ dma buffers and other types).
|
|||
Suggested-by: Alan Cox <gnomes@lxorguk.ukuu.org.uk>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
---
|
||||
kernel/params.c | 27 ++++++++++++++++++++++-----
|
||||
1 file changed, 22 insertions(+), 5 deletions(-)
|
||||
kernel/params.c | 26 +++++++++++++++++++++-----
|
||||
1 file changed, 21 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/kernel/params.c b/kernel/params.c
|
||||
index a6d6149c0fe6..04185c5aa929 100644
|
||||
index 60b2d8101355..422979adb60a 100644
|
||||
--- a/kernel/params.c
|
||||
+++ b/kernel/params.c
|
||||
@@ -108,13 +108,20 @@ bool parameq(const char *a, const char *b)
|
||||
@@ -108,13 +108,19 @@ bool parameq(const char *a, const char *b)
|
||||
return parameqn(a, b, strlen(a)+1);
|
||||
}
|
||||
|
||||
|
@ -32,15 +32,14 @@ index a6d6149c0fe6..04185c5aa929 100644
|
|||
add_taint(TAINT_USER, LOCKDEP_STILL_OK);
|
||||
}
|
||||
+
|
||||
+ if (kp->flags & KERNEL_PARAM_FL_HWPARAM && kernel_is_locked_down()) {
|
||||
+ pr_err("Command line-specified device addresses, irqs and dma channels are not permitted when the kernel is locked down (%s.%s)\n", doing, kp->name);
|
||||
+ if (kp->flags & KERNEL_PARAM_FL_HWPARAM &&
|
||||
+ kernel_is_locked_down("Command line-specified device addresses, irqs and dma channels"))
|
||||
+ return false;
|
||||
+ }
|
||||
+ return true;
|
||||
}
|
||||
|
||||
static int parse_one(char *param,
|
||||
@@ -144,8 +151,10 @@ static int parse_one(char *param,
|
||||
@@ -144,8 +150,10 @@ static int parse_one(char *param,
|
||||
pr_debug("handling %s with %p\n", param,
|
||||
params[i].ops->set);
|
||||
kernel_param_lock(params[i].mod);
|
||||
|
@ -53,7 +52,7 @@ index a6d6149c0fe6..04185c5aa929 100644
|
|||
kernel_param_unlock(params[i].mod);
|
||||
return err;
|
||||
}
|
||||
@@ -608,6 +617,12 @@ static ssize_t param_attr_show(struct module_attribute *mattr,
|
||||
@@ -556,6 +564,12 @@ static ssize_t param_attr_show(struct module_attribute *mattr,
|
||||
return count;
|
||||
}
|
||||
|
||||
|
@ -66,7 +65,7 @@ index a6d6149c0fe6..04185c5aa929 100644
|
|||
/* sysfs always hands a nul-terminated string in buf. We rely on that. */
|
||||
static ssize_t param_attr_store(struct module_attribute *mattr,
|
||||
struct module_kobject *mk,
|
||||
@@ -620,8 +635,10 @@ static ssize_t param_attr_store(struct module_attribute *mattr,
|
||||
@@ -568,8 +582,10 @@ static ssize_t param_attr_store(struct module_attribute *mattr,
|
||||
return -EPERM;
|
||||
|
||||
kernel_param_lock(mk->mod);
|
33
debian/patches/features/all/lockdown/0023-x86-mmiotrace-Lock-down-the-testmmiotrace-module.patch
vendored
Normal file
33
debian/patches/features/all/lockdown/0023-x86-mmiotrace-Lock-down-the-testmmiotrace-module.patch
vendored
Normal file
|
@ -0,0 +1,33 @@
|
|||
From: David Howells <dhowells@redhat.com>
|
||||
Date: Wed, 8 Nov 2017 15:11:36 +0000
|
||||
Subject: [23/29] x86/mmiotrace: Lock down the testmmiotrace module
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=20af3be0bcf6a78e3632770561fba6531dd3b444
|
||||
|
||||
The testmmiotrace module shouldn't be permitted when the kernel is locked
|
||||
down as it can be used to arbitrarily read and write MMIO space.
|
||||
|
||||
Suggested-by: Thomas Gleixner <tglx@linutronix.de>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com
|
||||
cc: Thomas Gleixner <tglx@linutronix.de>
|
||||
cc: Steven Rostedt <rostedt@goodmis.org>
|
||||
cc: Ingo Molnar <mingo@kernel.org>
|
||||
cc: "H. Peter Anvin" <hpa@zytor.com>
|
||||
cc: x86@kernel.org
|
||||
---
|
||||
arch/x86/mm/testmmiotrace.c | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/arch/x86/mm/testmmiotrace.c b/arch/x86/mm/testmmiotrace.c
|
||||
index f6ae6830b341..bbaad357f5d7 100644
|
||||
--- a/arch/x86/mm/testmmiotrace.c
|
||||
+++ b/arch/x86/mm/testmmiotrace.c
|
||||
@@ -115,6 +115,9 @@ static int __init init(void)
|
||||
{
|
||||
unsigned long size = (read_far) ? (8 << 20) : (16 << 10);
|
||||
|
||||
+ if (kernel_is_locked_down("MMIO trace testing"))
|
||||
+ return -EPERM;
|
||||
+
|
||||
if (mmio_address == 0) {
|
||||
pr_err("you have to use the module argument mmio_address.\n");
|
||||
pr_err("DO NOT LOAD THIS MODULE UNLESS YOU REALLY KNOW WHAT YOU ARE DOING!\n");
|
|
@ -0,0 +1,51 @@
|
|||
From: David Howells <dhowells@redhat.com>
|
||||
Date: Wed, 8 Nov 2017 15:11:36 +0000
|
||||
Subject: [24/29] debugfs: Disallow use of debugfs files when the kernel is
|
||||
locked down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=118cc5e1c27e1a75640cf2379c1299e12791063e
|
||||
|
||||
Disallow opening of debugfs files when the kernel is locked down as various
|
||||
drivers give raw access to hardware through debugfs.
|
||||
|
||||
Accesses to tracefs should use /sys/kernel/tracing/ rather than
|
||||
/sys/kernel/debug/tracing/. Possibly a symlink should be emplaced.
|
||||
|
||||
Normal device interaction should be done through configfs or a miscdev, not
|
||||
debugfs.
|
||||
|
||||
Note that this makes it unnecessary to specifically lock down show_dsts(),
|
||||
show_devs() and show_call() in the asus-wmi driver.
|
||||
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
cc: Andy Shevchenko <andy.shevchenko@gmail.com>
|
||||
cc: acpi4asus-user@lists.sourceforge.net
|
||||
cc: platform-driver-x86@vger.kernel.org
|
||||
cc: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
cc: Thomas Gleixner <tglx@linutronix.de>
|
||||
[bwh: Forward-ported to 4.15]
|
||||
---
|
||||
fs/debugfs/file.c | 6 ++++++
|
||||
1 file changed, 6 insertions(+)
|
||||
|
||||
--- a/fs/debugfs/file.c
|
||||
+++ b/fs/debugfs/file.c
|
||||
@@ -142,6 +142,9 @@ static int open_proxy_open(struct inode
|
||||
const struct file_operations *real_fops = NULL;
|
||||
int r;
|
||||
|
||||
+ if (kernel_is_locked_down("debugfs"))
|
||||
+ return -EPERM;
|
||||
+
|
||||
r = debugfs_file_get(dentry);
|
||||
if (r)
|
||||
return r == -EIO ? -ENOENT : r;
|
||||
@@ -267,6 +270,9 @@ static int full_proxy_open(struct inode
|
||||
struct file_operations *proxy_fops = NULL;
|
||||
int r;
|
||||
|
||||
+ if (kernel_is_locked_down("debugfs"))
|
||||
+ return -EPERM;
|
||||
+
|
||||
r = debugfs_file_get(dentry);
|
||||
if (r)
|
||||
return r == -EIO ? -ENOENT : r;
|
|
@ -0,0 +1,27 @@
|
|||
From: David Howells <dhowells@redhat.com>
|
||||
Date: Wed, 8 Nov 2017 15:11:37 +0000
|
||||
Subject: [25/29] Lock down /proc/kcore
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=797378dc4498207c3abc1101cfdc9ef2581d8c71
|
||||
|
||||
Disallow access to /proc/kcore when the kernel is locked down to prevent
|
||||
access to cryptographic data.
|
||||
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
Reviewed-by: James Morris <james.l.morris@oracle.com>
|
||||
---
|
||||
fs/proc/kcore.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/fs/proc/kcore.c b/fs/proc/kcore.c
|
||||
index 45629f4b5402..176cf749e650 100644
|
||||
--- a/fs/proc/kcore.c
|
||||
+++ b/fs/proc/kcore.c
|
||||
@@ -549,6 +549,8 @@ read_kcore(struct file *file, char __user *buffer, size_t buflen, loff_t *fpos)
|
||||
|
||||
static int open_kcore(struct inode *inode, struct file *filp)
|
||||
{
|
||||
+ if (kernel_is_locked_down("/proc/kcore"))
|
||||
+ return -EPERM;
|
||||
if (!capable(CAP_SYS_RAWIO))
|
||||
return -EPERM;
|
||||
|
|
@ -0,0 +1,29 @@
|
|||
From: David Howells <dhowells@redhat.com>
|
||||
Date: Wed, 8 Nov 2017 16:14:12 +0000
|
||||
Subject: [26/29] Lock down kprobes
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=cfacbbe6ef95336d99817fb8063c19bd36dfaa3d
|
||||
|
||||
Disallow the creation of kprobes when the kernel is locked down by
|
||||
preventing their registration. This prevents kprobes from being used to
|
||||
access kernel memory, either to make modifications or to steal crypto data.
|
||||
|
||||
Reported-by: Alexei Starovoitov <alexei.starovoitov@gmail.com>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
---
|
||||
kernel/kprobes.c | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/kernel/kprobes.c b/kernel/kprobes.c
|
||||
index a1606a4224e1..f06023b0936c 100644
|
||||
--- a/kernel/kprobes.c
|
||||
+++ b/kernel/kprobes.c
|
||||
@@ -1530,6 +1530,9 @@ int register_kprobe(struct kprobe *p)
|
||||
struct module *probed_mod;
|
||||
kprobe_opcode_t *addr;
|
||||
|
||||
+ if (kernel_is_locked_down("Use of kprobes"))
|
||||
+ return -EPERM;
|
||||
+
|
||||
/* Adjust probe address from symbol */
|
||||
addr = kprobe_addr(p);
|
||||
if (IS_ERR(addr))
|
|
@ -0,0 +1,37 @@
|
|||
From: David Howells <dhowells@redhat.com>
|
||||
Date: Wed, 24 May 2017 14:56:05 +0100
|
||||
Subject: [27/29] bpf: Restrict kernel image access functions when the kernel
|
||||
is locked down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=a13e9f58894129d9fd02fdb81b56ac7590704155
|
||||
|
||||
There are some bpf functions can be used to read kernel memory:
|
||||
bpf_probe_read, bpf_probe_write_user and bpf_trace_printk. These allow
|
||||
private keys in kernel memory (e.g. the hibernation image signing key) to
|
||||
be read by an eBPF program and kernel memory to be altered without
|
||||
restriction.
|
||||
|
||||
Completely prohibit the use of BPF when the kernel is locked down.
|
||||
|
||||
Suggested-by: Alexei Starovoitov <alexei.starovoitov@gmail.com>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
cc: netdev@vger.kernel.org
|
||||
cc: Chun-Yi Lee <jlee@suse.com>
|
||||
cc: Alexei Starovoitov <alexei.starovoitov@gmail.com>
|
||||
---
|
||||
kernel/bpf/syscall.c | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
|
||||
index 25d074920a00..fa58ad74cde6 100644
|
||||
--- a/kernel/bpf/syscall.c
|
||||
+++ b/kernel/bpf/syscall.c
|
||||
@@ -1458,6 +1458,9 @@ SYSCALL_DEFINE3(bpf, int, cmd, union bpf_attr __user *, uattr, unsigned int, siz
|
||||
if (!capable(CAP_SYS_ADMIN) && sysctl_unprivileged_bpf_disabled)
|
||||
return -EPERM;
|
||||
|
||||
+ if (kernel_is_locked_down("BPF"))
|
||||
+ return -EPERM;
|
||||
+
|
||||
err = check_uarg_tail_zero(uattr, sizeof(attr), size);
|
||||
if (err)
|
||||
return err;
|
153
debian/patches/features/all/lockdown/0028-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-b.patch
vendored
Normal file
153
debian/patches/features/all/lockdown/0028-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-b.patch
vendored
Normal file
|
@ -0,0 +1,153 @@
|
|||
From: David Howells <dhowells@redhat.com>
|
||||
Date: Wed, 8 Nov 2017 15:11:37 +0000
|
||||
Subject: [28/29] efi: Add an EFI_SECURE_BOOT flag to indicate secure boot mode
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=eb4a8603eb727afaeb9c6123eda2eda4b2757bf3
|
||||
|
||||
UEFI machines can be booted in Secure Boot mode. Add an EFI_SECURE_BOOT
|
||||
flag that can be passed to efi_enabled() to find out whether secure boot is
|
||||
enabled.
|
||||
|
||||
Move the switch-statement in x86's setup_arch() that inteprets the
|
||||
secure_boot boot parameter to generic code and set the bit there.
|
||||
|
||||
Suggested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
|
||||
cc: linux-efi@vger.kernel.org
|
||||
---
|
||||
arch/x86/kernel/setup.c | 14 +-------------
|
||||
drivers/firmware/efi/Makefile | 1 +
|
||||
drivers/firmware/efi/secureboot.c | 38 ++++++++++++++++++++++++++++++++++++++
|
||||
include/linux/efi.h | 16 ++++++++++------
|
||||
4 files changed, 50 insertions(+), 19 deletions(-)
|
||||
create mode 100644 drivers/firmware/efi/secureboot.c
|
||||
|
||||
diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
|
||||
index 0957dd73d127..7c2162f9e769 100644
|
||||
--- a/arch/x86/kernel/setup.c
|
||||
+++ b/arch/x86/kernel/setup.c
|
||||
@@ -1197,19 +1197,7 @@ void __init setup_arch(char **cmdline_p)
|
||||
/* Allocate bigger log buffer */
|
||||
setup_log_buf(1);
|
||||
|
||||
- if (efi_enabled(EFI_BOOT)) {
|
||||
- switch (boot_params.secure_boot) {
|
||||
- case efi_secureboot_mode_disabled:
|
||||
- pr_info("Secure boot disabled\n");
|
||||
- break;
|
||||
- case efi_secureboot_mode_enabled:
|
||||
- pr_info("Secure boot enabled\n");
|
||||
- break;
|
||||
- default:
|
||||
- pr_info("Secure boot could not be determined\n");
|
||||
- break;
|
||||
- }
|
||||
- }
|
||||
+ efi_set_secure_boot(boot_params.secure_boot);
|
||||
|
||||
reserve_initrd();
|
||||
|
||||
diff --git a/drivers/firmware/efi/Makefile b/drivers/firmware/efi/Makefile
|
||||
index 0329d319d89a..883f9f7eefc6 100644
|
||||
--- a/drivers/firmware/efi/Makefile
|
||||
+++ b/drivers/firmware/efi/Makefile
|
||||
@@ -23,6 +23,7 @@ obj-$(CONFIG_EFI_FAKE_MEMMAP) += fake_mem.o
|
||||
obj-$(CONFIG_EFI_BOOTLOADER_CONTROL) += efibc.o
|
||||
obj-$(CONFIG_EFI_TEST) += test/
|
||||
obj-$(CONFIG_EFI_DEV_PATH_PARSER) += dev-path-parser.o
|
||||
+obj-$(CONFIG_EFI) += secureboot.o
|
||||
obj-$(CONFIG_APPLE_PROPERTIES) += apple-properties.o
|
||||
|
||||
arm-obj-$(CONFIG_EFI) := arm-init.o arm-runtime.o
|
||||
diff --git a/drivers/firmware/efi/secureboot.c b/drivers/firmware/efi/secureboot.c
|
||||
new file mode 100644
|
||||
index 000000000000..9070055de0a1
|
||||
--- /dev/null
|
||||
+++ b/drivers/firmware/efi/secureboot.c
|
||||
@@ -0,0 +1,38 @@
|
||||
+/* Core kernel secure boot support.
|
||||
+ *
|
||||
+ * Copyright (C) 2017 Red Hat, Inc. All Rights Reserved.
|
||||
+ * Written by David Howells (dhowells@redhat.com)
|
||||
+ *
|
||||
+ * This program is free software; you can redistribute it and/or
|
||||
+ * modify it under the terms of the GNU General Public Licence
|
||||
+ * as published by the Free Software Foundation; either version
|
||||
+ * 2 of the Licence, or (at your option) any later version.
|
||||
+ */
|
||||
+
|
||||
+#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
|
||||
+
|
||||
+#include <linux/efi.h>
|
||||
+#include <linux/kernel.h>
|
||||
+#include <linux/printk.h>
|
||||
+
|
||||
+/*
|
||||
+ * Decide what to do when UEFI secure boot mode is enabled.
|
||||
+ */
|
||||
+void __init efi_set_secure_boot(enum efi_secureboot_mode mode)
|
||||
+{
|
||||
+ if (efi_enabled(EFI_BOOT)) {
|
||||
+ switch (mode) {
|
||||
+ case efi_secureboot_mode_disabled:
|
||||
+ pr_info("Secure boot disabled\n");
|
||||
+ break;
|
||||
+ case efi_secureboot_mode_enabled:
|
||||
+ set_bit(EFI_SECURE_BOOT, &efi.flags);
|
||||
+ pr_info("Secure boot enabled\n");
|
||||
+ break;
|
||||
+ default:
|
||||
+ pr_warning("Secure boot could not be determined (mode %u)\n",
|
||||
+ mode);
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
+}
|
||||
diff --git a/include/linux/efi.h b/include/linux/efi.h
|
||||
index 66f4a4e79f4b..7c7a7e33e4d1 100644
|
||||
--- a/include/linux/efi.h
|
||||
+++ b/include/linux/efi.h
|
||||
@@ -1103,6 +1103,14 @@ extern int __init efi_setup_pcdp_console(char *);
|
||||
#define EFI_DBG 8 /* Print additional debug info at runtime */
|
||||
#define EFI_NX_PE_DATA 9 /* Can runtime data regions be mapped non-executable? */
|
||||
#define EFI_MEM_ATTR 10 /* Did firmware publish an EFI_MEMORY_ATTRIBUTES table? */
|
||||
+#define EFI_SECURE_BOOT 11 /* Are we in Secure Boot mode? */
|
||||
+
|
||||
+enum efi_secureboot_mode {
|
||||
+ efi_secureboot_mode_unset,
|
||||
+ efi_secureboot_mode_unknown,
|
||||
+ efi_secureboot_mode_disabled,
|
||||
+ efi_secureboot_mode_enabled,
|
||||
+};
|
||||
|
||||
#ifdef CONFIG_EFI
|
||||
/*
|
||||
@@ -1115,6 +1123,7 @@ static inline bool efi_enabled(int feature)
|
||||
extern void efi_reboot(enum reboot_mode reboot_mode, const char *__unused);
|
||||
|
||||
extern bool efi_is_table_address(unsigned long phys_addr);
|
||||
+extern void __init efi_set_secure_boot(enum efi_secureboot_mode mode);
|
||||
#else
|
||||
static inline bool efi_enabled(int feature)
|
||||
{
|
||||
@@ -1133,6 +1142,7 @@ static inline bool efi_is_table_address(unsigned long phys_addr)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
+static inline void efi_set_secure_boot(enum efi_secureboot_mode mode) {}
|
||||
#endif
|
||||
|
||||
extern int efi_status_to_err(efi_status_t status);
|
||||
@@ -1518,12 +1528,6 @@ efi_status_t efi_setup_gop(efi_system_table_t *sys_table_arg,
|
||||
bool efi_runtime_disabled(void);
|
||||
extern void efi_call_virt_check_flags(unsigned long flags, const char *call);
|
||||
|
||||
-enum efi_secureboot_mode {
|
||||
- efi_secureboot_mode_unset,
|
||||
- efi_secureboot_mode_unknown,
|
||||
- efi_secureboot_mode_disabled,
|
||||
- efi_secureboot_mode_enabled,
|
||||
-};
|
||||
enum efi_secureboot_mode efi_get_secureboot(efi_system_table_t *sys_table);
|
||||
|
||||
#ifdef CONFIG_RESET_ATTACK_MITIGATION
|
|
@ -0,0 +1,88 @@
|
|||
From: David Howells <dhowells@redhat.com>
|
||||
Date: Wed, 8 Nov 2017 15:11:37 +0000
|
||||
Subject: [29/29] efi: Lock down the kernel if booted in secure boot mode
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=a364bd945ffc141a7b17cb331bda0d8ad68f7e72
|
||||
|
||||
UEFI Secure Boot provides a mechanism for ensuring that the firmware will
|
||||
only load signed bootloaders and kernels. Certain use cases may also
|
||||
require that all kernel modules also be signed. Add a configuration option
|
||||
that to lock down the kernel - which includes requiring validly signed
|
||||
modules - if the kernel is secure-booted.
|
||||
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
|
||||
cc: linux-efi@vger.kernel.org
|
||||
---
|
||||
arch/x86/kernel/setup.c | 6 ++++--
|
||||
security/Kconfig | 14 ++++++++++++++
|
||||
security/lock_down.c | 1 +
|
||||
3 files changed, 19 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
|
||||
index 7c2162f9e769..4e38327efb2e 100644
|
||||
--- a/arch/x86/kernel/setup.c
|
||||
+++ b/arch/x86/kernel/setup.c
|
||||
@@ -64,6 +64,7 @@
|
||||
#include <linux/dma-mapping.h>
|
||||
#include <linux/ctype.h>
|
||||
#include <linux/uaccess.h>
|
||||
+#include <linux/security.h>
|
||||
|
||||
#include <linux/percpu.h>
|
||||
#include <linux/crash_dump.h>
|
||||
@@ -1039,6 +1040,9 @@ void __init setup_arch(char **cmdline_p)
|
||||
if (efi_enabled(EFI_BOOT))
|
||||
efi_init();
|
||||
|
||||
+ efi_set_secure_boot(boot_params.secure_boot);
|
||||
+ init_lockdown();
|
||||
+
|
||||
dmi_scan_machine();
|
||||
dmi_memdev_walk();
|
||||
dmi_set_dump_stack_arch_desc();
|
||||
@@ -1197,8 +1201,6 @@ void __init setup_arch(char **cmdline_p)
|
||||
/* Allocate bigger log buffer */
|
||||
setup_log_buf(1);
|
||||
|
||||
- efi_set_secure_boot(boot_params.secure_boot);
|
||||
-
|
||||
reserve_initrd();
|
||||
|
||||
acpi_table_upgrade();
|
||||
diff --git a/security/Kconfig b/security/Kconfig
|
||||
index 1e997be94ba2..a4fa8b826039 100644
|
||||
--- a/security/Kconfig
|
||||
+++ b/security/Kconfig
|
||||
@@ -222,6 +222,20 @@ config ALLOW_LOCKDOWN_LIFT_BY_SYSRQ
|
||||
Allow the lockdown on a kernel to be lifted, by pressing a SysRq key
|
||||
combination on a wired keyboard.
|
||||
|
||||
+config LOCK_DOWN_IN_EFI_SECURE_BOOT
|
||||
+ bool "Lock down the kernel in EFI Secure Boot mode"
|
||||
+ default n
|
||||
+ select LOCK_DOWN_KERNEL
|
||||
+ depends on EFI
|
||||
+ help
|
||||
+ UEFI Secure Boot provides a mechanism for ensuring that the firmware
|
||||
+ will only load signed bootloaders and kernels. Secure boot mode may
|
||||
+ be determined from EFI variables provided by the system firmware if
|
||||
+ not indicated by the boot parameters.
|
||||
+
|
||||
+ Enabling this option turns on results in kernel lockdown being
|
||||
+ triggered if EFI Secure Boot is set.
|
||||
+
|
||||
|
||||
source security/selinux/Kconfig
|
||||
source security/smack/Kconfig
|
||||
diff --git a/security/lock_down.c b/security/lock_down.c
|
||||
index 2c6b00f0c229..527f7e51dc8d 100644
|
||||
--- a/security/lock_down.c
|
||||
+++ b/security/lock_down.c
|
||||
@@ -12,6 +12,7 @@
|
||||
#include <linux/security.h>
|
||||
#include <linux/export.h>
|
||||
#include <linux/sysrq.h>
|
||||
+#include <linux/efi.h>
|
||||
#include <asm/setup.h>
|
||||
|
||||
#ifdef CONFIG_ALLOW_LOCKDOWN_LIFT_BY_SYSRQ
|
|
@ -1,43 +0,0 @@
|
|||
From: Josh Boyer <jwboyer@fedoraproject.org>
|
||||
Date: Wed, 5 Apr 2017 17:40:29 +0100
|
||||
Subject: [38/61] efi: Add EFI_SECURE_BOOT bit
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=7c121e1d97d6af4d25fb49bffb10571964f37ab1
|
||||
|
||||
UEFI machines can be booted in Secure Boot mode. Add a EFI_SECURE_BOOT bit
|
||||
that can be passed to efi_enabled() to find out whether secure boot is
|
||||
enabled.
|
||||
|
||||
This will be used by the SysRq+x handler, registered by the x86 arch, to find
|
||||
out whether secure boot mode is enabled so that it can be disabled.
|
||||
|
||||
Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
---
|
||||
arch/x86/kernel/setup.c | 1 +
|
||||
include/linux/efi.h | 1 +
|
||||
2 files changed, 2 insertions(+)
|
||||
|
||||
diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
|
||||
index 4bf0c8926a1c..396285bddb93 100644
|
||||
--- a/arch/x86/kernel/setup.c
|
||||
+++ b/arch/x86/kernel/setup.c
|
||||
@@ -1184,6 +1184,7 @@ void __init setup_arch(char **cmdline_p)
|
||||
pr_info("Secure boot disabled\n");
|
||||
break;
|
||||
case efi_secureboot_mode_enabled:
|
||||
+ set_bit(EFI_SECURE_BOOT, &efi.flags);
|
||||
pr_info("Secure boot enabled\n");
|
||||
break;
|
||||
default:
|
||||
diff --git a/include/linux/efi.h b/include/linux/efi.h
|
||||
index 94d34e0be24f..6049600e5475 100644
|
||||
--- a/include/linux/efi.h
|
||||
+++ b/include/linux/efi.h
|
||||
@@ -1069,6 +1069,7 @@ extern int __init efi_setup_pcdp_console(char *);
|
||||
#define EFI_DBG 8 /* Print additional debug info at runtime */
|
||||
#define EFI_NX_PE_DATA 9 /* Can runtime data regions be mapped non-executable? */
|
||||
#define EFI_MEM_ATTR 10 /* Did firmware publish an EFI_MEMORY_ATTRIBUTES table? */
|
||||
+#define EFI_SECURE_BOOT 11 /* Are we in Secure Boot mode? */
|
||||
|
||||
#ifdef CONFIG_EFI
|
||||
/*
|
|
@ -1,135 +0,0 @@
|
|||
From: David Howells <dhowells@redhat.com>
|
||||
Date: Wed, 5 Apr 2017 17:40:29 +0100
|
||||
Subject: [39/61] Add the ability to lock down access to the running kernel
|
||||
image
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=4e038dfc742f11bcd02e5a3fba5718cefbf06d70
|
||||
|
||||
Provide a single call to allow kernel code to determine whether the system
|
||||
should be locked down, thereby disallowing various accesses that might
|
||||
allow the running kernel image to be changed including the loading of
|
||||
modules that aren't validly signed with a key we recognise, fiddling with
|
||||
MSR registers and disallowing hibernation,
|
||||
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
---
|
||||
include/linux/kernel.h | 9 +++++++++
|
||||
include/linux/security.h | 11 +++++++++++
|
||||
security/Kconfig | 15 +++++++++++++++
|
||||
security/Makefile | 3 +++
|
||||
security/lock_down.c | 40 ++++++++++++++++++++++++++++++++++++++++
|
||||
5 files changed, 78 insertions(+)
|
||||
create mode 100644 security/lock_down.c
|
||||
|
||||
--- a/include/linux/kernel.h
|
||||
+++ b/include/linux/kernel.h
|
||||
@@ -287,6 +287,15 @@ static inline void refcount_error_report
|
||||
{ }
|
||||
#endif
|
||||
|
||||
+#ifdef CONFIG_LOCK_DOWN_KERNEL
|
||||
+extern bool kernel_is_locked_down(void);
|
||||
+#else
|
||||
+static inline bool kernel_is_locked_down(void)
|
||||
+{
|
||||
+ return false;
|
||||
+}
|
||||
+#endif
|
||||
+
|
||||
/* Internal, do not use. */
|
||||
int __must_check _kstrtoul(const char *s, unsigned int base, unsigned long *res);
|
||||
int __must_check _kstrtol(const char *s, unsigned int base, long *res);
|
||||
--- a/include/linux/security.h
|
||||
+++ b/include/linux/security.h
|
||||
@@ -1753,5 +1753,16 @@ static inline void free_secdata(void *se
|
||||
{ }
|
||||
#endif /* CONFIG_SECURITY */
|
||||
|
||||
+#ifdef CONFIG_LOCK_DOWN_KERNEL
|
||||
+extern void lock_kernel_down(void);
|
||||
+#ifdef CONFIG_ALLOW_LOCKDOWN_LIFT
|
||||
+extern void lift_kernel_lockdown(void);
|
||||
+#endif
|
||||
+#else
|
||||
+static inline void lock_kernel_down(void)
|
||||
+{
|
||||
+}
|
||||
+#endif
|
||||
+
|
||||
#endif /* ! __LINUX_SECURITY_H */
|
||||
|
||||
--- a/security/Kconfig
|
||||
+++ b/security/Kconfig
|
||||
@@ -214,6 +214,21 @@ config STATIC_USERMODEHELPER_PATH
|
||||
If you wish for all usermode helper programs to be disabled,
|
||||
specify an empty string here (i.e. "").
|
||||
|
||||
+config LOCK_DOWN_KERNEL
|
||||
+ bool "Allow the kernel to be 'locked down'"
|
||||
+ help
|
||||
+ Allow the kernel to be locked down under certain circumstances, for
|
||||
+ instance if UEFI secure boot is enabled. Locking down the kernel
|
||||
+ turns off various features that might otherwise allow access to the
|
||||
+ kernel image (eg. setting MSR registers).
|
||||
+
|
||||
+config ALLOW_LOCKDOWN_LIFT
|
||||
+ bool
|
||||
+ help
|
||||
+ Allow the lockdown on a kernel to be lifted, thereby restoring the
|
||||
+ ability of userspace to access the kernel image (eg. by SysRq+x under
|
||||
+ x86).
|
||||
+
|
||||
source security/selinux/Kconfig
|
||||
source security/smack/Kconfig
|
||||
source security/tomoyo/Kconfig
|
||||
--- a/security/Makefile
|
||||
+++ b/security/Makefile
|
||||
@@ -29,3 +29,6 @@ obj-$(CONFIG_CGROUP_DEVICE) += device_c
|
||||
# Object integrity file lists
|
||||
subdir-$(CONFIG_INTEGRITY) += integrity
|
||||
obj-$(CONFIG_INTEGRITY) += integrity/
|
||||
+
|
||||
+# Allow the kernel to be locked down
|
||||
+obj-$(CONFIG_LOCK_DOWN_KERNEL) += lock_down.o
|
||||
--- /dev/null
|
||||
+++ b/security/lock_down.c
|
||||
@@ -0,0 +1,40 @@
|
||||
+/* Lock down the kernel
|
||||
+ *
|
||||
+ * Copyright (C) 2016 Red Hat, Inc. All Rights Reserved.
|
||||
+ * Written by David Howells (dhowells@redhat.com)
|
||||
+ *
|
||||
+ * This program is free software; you can redistribute it and/or
|
||||
+ * modify it under the terms of the GNU General Public Licence
|
||||
+ * as published by the Free Software Foundation; either version
|
||||
+ * 2 of the Licence, or (at your option) any later version.
|
||||
+ */
|
||||
+
|
||||
+#include <linux/security.h>
|
||||
+#include <linux/export.h>
|
||||
+
|
||||
+static __read_mostly bool kernel_locked_down;
|
||||
+
|
||||
+/*
|
||||
+ * Put the kernel into lock-down mode.
|
||||
+ */
|
||||
+void lock_kernel_down(void)
|
||||
+{
|
||||
+ kernel_locked_down = true;
|
||||
+}
|
||||
+
|
||||
+/*
|
||||
+ * Take the kernel out of lockdown mode.
|
||||
+ */
|
||||
+void lift_kernel_lockdown(void)
|
||||
+{
|
||||
+ kernel_locked_down = false;
|
||||
+}
|
||||
+
|
||||
+/**
|
||||
+ * kernel_is_locked_down - Find out if the kernel is locked down
|
||||
+ */
|
||||
+bool kernel_is_locked_down(void)
|
||||
+{
|
||||
+ return kernel_locked_down;
|
||||
+}
|
||||
+EXPORT_SYMBOL(kernel_is_locked_down);
|
|
@ -1,62 +0,0 @@
|
|||
From: David Howells <dhowells@redhat.com>
|
||||
Date: Wed, 5 Apr 2017 17:40:29 +0100
|
||||
Subject: [40/61] efi: Lock down the kernel if booted in secure boot mode
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=48f943a855fa850977db9071250db2b9e12287ce
|
||||
|
||||
UEFI Secure Boot provides a mechanism for ensuring that the firmware will
|
||||
only load signed bootloaders and kernels. Certain use cases may also
|
||||
require that all kernel modules also be signed. Add a configuration option
|
||||
that to lock down the kernel - which includes requiring validly signed
|
||||
modules - if the kernel is secure-booted.
|
||||
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
---
|
||||
arch/x86/Kconfig | 12 ++++++++++++
|
||||
arch/x86/kernel/setup.c | 8 +++++++-
|
||||
2 files changed, 19 insertions(+), 1 deletion(-)
|
||||
|
||||
--- a/arch/x86/Kconfig
|
||||
+++ b/arch/x86/Kconfig
|
||||
@@ -1886,6 +1886,18 @@ config EFI_MIXED
|
||||
|
||||
If unsure, say N.
|
||||
|
||||
+config EFI_SECURE_BOOT_LOCK_DOWN
|
||||
+ def_bool n
|
||||
+ depends on EFI
|
||||
+ prompt "Lock down the kernel when UEFI Secure Boot is enabled"
|
||||
+ ---help---
|
||||
+ UEFI Secure Boot provides a mechanism for ensuring that the firmware
|
||||
+ will only load signed bootloaders and kernels. Certain use cases may
|
||||
+ also require that all kernel modules also be signed and that
|
||||
+ userspace is prevented from directly changing the running kernel
|
||||
+ image. Say Y here to automatically lock down the kernel when a
|
||||
+ system boots with UEFI Secure Boot enabled.
|
||||
+
|
||||
config SECCOMP
|
||||
def_bool y
|
||||
prompt "Enable seccomp to safely compute untrusted bytecode"
|
||||
--- a/arch/x86/kernel/setup.c
|
||||
+++ b/arch/x86/kernel/setup.c
|
||||
@@ -70,6 +70,7 @@
|
||||
#include <linux/tboot.h>
|
||||
#include <linux/jiffies.h>
|
||||
#include <linux/mem_encrypt.h>
|
||||
+#include <linux/security.h>
|
||||
|
||||
#include <linux/usb/xhci-dbgp.h>
|
||||
#include <video/edid.h>
|
||||
@@ -1204,7 +1205,12 @@ void __init setup_arch(char **cmdline_p)
|
||||
break;
|
||||
case efi_secureboot_mode_enabled:
|
||||
set_bit(EFI_SECURE_BOOT, &efi.flags);
|
||||
- pr_info("Secure boot enabled\n");
|
||||
+ if (IS_ENABLED(CONFIG_EFI_SECURE_BOOT_LOCK_DOWN)) {
|
||||
+ lock_kernel_down();
|
||||
+ pr_info("Secure boot enabled and kernel locked down\n");
|
||||
+ } else {
|
||||
+ pr_info("Secure boot enabled\n");
|
||||
+ }
|
||||
break;
|
||||
default:
|
||||
pr_info("Secure boot could not be determined\n");
|
|
@ -1,26 +0,0 @@
|
|||
From: David Howells <dhowells@redhat.com>
|
||||
Date: Wed, 5 Apr 2017 17:40:30 +0100
|
||||
Subject: [41/61] Enforce module signatures if the kernel is locked down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=a9643aef5a6c576f32a97053b4024638943044ca
|
||||
|
||||
If the kernel is locked down, require that all modules have valid
|
||||
signatures that we can verify.
|
||||
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
---
|
||||
kernel/module.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/kernel/module.c b/kernel/module.c
|
||||
index 7eba6dea4f41..3331f2eb9b93 100644
|
||||
--- a/kernel/module.c
|
||||
+++ b/kernel/module.c
|
||||
@@ -2756,7 +2756,7 @@ static int module_sig_check(struct load_info *info, int flags)
|
||||
}
|
||||
|
||||
/* Not having a signature is only an error if we're strict. */
|
||||
- if (err == -ENOKEY && !sig_enforce)
|
||||
+ if (err == -ENOKEY && !sig_enforce && !kernel_is_locked_down())
|
||||
err = 0;
|
||||
|
||||
return err;
|
|
@ -1,38 +0,0 @@
|
|||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Wed, 5 Apr 2017 17:40:30 +0100
|
||||
Subject: [42/61] Restrict /dev/mem and /dev/kmem when the kernel is locked
|
||||
down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=104cff827b18e35874153bd8df14eba59e5b411a
|
||||
|
||||
Allowing users to write to address space makes it possible for the kernel to
|
||||
be subverted, avoiding module loading restrictions. Prevent this when the
|
||||
kernel has been locked down.
|
||||
|
||||
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
---
|
||||
drivers/char/mem.c | 6 ++++++
|
||||
1 file changed, 6 insertions(+)
|
||||
|
||||
--- a/drivers/char/mem.c
|
||||
+++ b/drivers/char/mem.c
|
||||
@@ -179,6 +179,9 @@ static ssize_t write_mem(struct file *fi
|
||||
if (p != *ppos)
|
||||
return -EFBIG;
|
||||
|
||||
+ if (kernel_is_locked_down())
|
||||
+ return -EPERM;
|
||||
+
|
||||
if (!valid_phys_addr_range(p, count))
|
||||
return -EFAULT;
|
||||
|
||||
@@ -540,6 +543,9 @@ static ssize_t write_kmem(struct file *f
|
||||
char *kbuf; /* k-addr because vwrite() takes vmlist_lock rwlock */
|
||||
int err = 0;
|
||||
|
||||
+ if (kernel_is_locked_down())
|
||||
+ return -EPERM;
|
||||
+
|
||||
if (p < (unsigned long) high_memory) {
|
||||
unsigned long to_write = min_t(unsigned long, count,
|
||||
(unsigned long)high_memory - p);
|
|
@ -1,35 +0,0 @@
|
|||
From: "Lee, Chun-Yi" <joeyli.kernel@gmail.com>
|
||||
Date: Wed, 5 Apr 2017 17:40:30 +0100
|
||||
Subject: [46/61] kexec_file: Disable at runtime if securelevel has been set
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=74cab6ae2c310633ce0148e58d326ee5a5121a89
|
||||
|
||||
When KEXEC_VERIFY_SIG is not enabled, kernel should not loads image
|
||||
through kexec_file systemcall if securelevel has been set.
|
||||
|
||||
This code was showed in Matthew's patch but not in git:
|
||||
https://lkml.org/lkml/2015/3/13/778
|
||||
|
||||
Cc: Matthew Garrett <mjg59@srcf.ucam.org>
|
||||
Signed-off-by: Lee, Chun-Yi <jlee@suse.com>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
---
|
||||
kernel/kexec_file.c | 6 ++++++
|
||||
1 file changed, 6 insertions(+)
|
||||
|
||||
diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c
|
||||
index b118735fea9d..f6937eecd1eb 100644
|
||||
--- a/kernel/kexec_file.c
|
||||
+++ b/kernel/kexec_file.c
|
||||
@@ -268,6 +268,12 @@ SYSCALL_DEFINE5(kexec_file_load, int, kernel_fd, int, initrd_fd,
|
||||
if (!capable(CAP_SYS_BOOT) || kexec_load_disabled)
|
||||
return -EPERM;
|
||||
|
||||
+ /* Don't permit images to be loaded into trusted kernels if we're not
|
||||
+ * going to verify the signature on them
|
||||
+ */
|
||||
+ if (!IS_ENABLED(CONFIG_KEXEC_VERIFY_SIG) && kernel_is_locked_down())
|
||||
+ return -EPERM;
|
||||
+
|
||||
/* Make sure we have a legal set of flags */
|
||||
if (flags != (flags & KEXEC_FILE_FLAGS))
|
||||
return -EINVAL;
|
|
@ -1,41 +0,0 @@
|
|||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Wed, 5 Apr 2017 17:40:30 +0100
|
||||
Subject: [51/61] x86: Restrict MSR access when the kernel is locked down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=e20ab2be2f77e6c0da7cd8fe0953a367c5012ecf
|
||||
|
||||
Writing to MSRs should not be allowed if the kernel is locked down, since
|
||||
it could lead to execution of arbitrary code in kernel mode. Based on a
|
||||
patch by Kees Cook.
|
||||
|
||||
Cc: Kees Cook <keescook@chromium.org>
|
||||
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
---
|
||||
arch/x86/kernel/msr.c | 7 +++++++
|
||||
1 file changed, 7 insertions(+)
|
||||
|
||||
diff --git a/arch/x86/kernel/msr.c b/arch/x86/kernel/msr.c
|
||||
index ef688804f80d..fbcce028e502 100644
|
||||
--- a/arch/x86/kernel/msr.c
|
||||
+++ b/arch/x86/kernel/msr.c
|
||||
@@ -84,6 +84,9 @@ static ssize_t msr_write(struct file *file, const char __user *buf,
|
||||
int err = 0;
|
||||
ssize_t bytes = 0;
|
||||
|
||||
+ if (kernel_is_locked_down())
|
||||
+ return -EPERM;
|
||||
+
|
||||
if (count % 8)
|
||||
return -EINVAL; /* Invalid chunk size */
|
||||
|
||||
@@ -131,6 +134,10 @@ static long msr_ioctl(struct file *file, unsigned int ioc, unsigned long arg)
|
||||
err = -EBADF;
|
||||
break;
|
||||
}
|
||||
+ if (kernel_is_locked_down()) {
|
||||
+ err = -EPERM;
|
||||
+ break;
|
||||
+ }
|
||||
if (copy_from_user(®s, uregs, sizeof regs)) {
|
||||
err = -EFAULT;
|
||||
break;
|
|
@ -1,54 +0,0 @@
|
|||
From: "Lee, Chun-Yi" <jlee@suse.com>
|
||||
Date: Wed, 5 Apr 2017 17:40:31 +0100
|
||||
Subject: [57/61] bpf: Restrict kernel image access functions when the kernel
|
||||
is locked down
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=12c6b01166d3a94a49cf78a8bfe37fb280dd7cb6
|
||||
|
||||
There are some bpf functions can be used to read kernel memory:
|
||||
bpf_probe_read, bpf_probe_write_user and bpf_trace_printk. These allow
|
||||
private keys in kernel memory (e.g. the hibernation image signing key) to
|
||||
be read by an eBPF program. Prohibit those functions when the kernel is
|
||||
locked down.
|
||||
|
||||
Signed-off-by: Lee, Chun-Yi <jlee@suse.com>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
---
|
||||
kernel/trace/bpf_trace.c | 11 +++++++++++
|
||||
1 file changed, 11 insertions(+)
|
||||
|
||||
diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
|
||||
index cee9802cf3e0..7fde851f207b 100644
|
||||
--- a/kernel/trace/bpf_trace.c
|
||||
+++ b/kernel/trace/bpf_trace.c
|
||||
@@ -65,6 +65,11 @@ BPF_CALL_3(bpf_probe_read, void *, dst, u32, size, const void *, unsafe_ptr)
|
||||
{
|
||||
int ret;
|
||||
|
||||
+ if (kernel_is_locked_down()) {
|
||||
+ memset(dst, 0, size);
|
||||
+ return -EPERM;
|
||||
+ }
|
||||
+
|
||||
ret = probe_kernel_read(dst, unsafe_ptr, size);
|
||||
if (unlikely(ret < 0))
|
||||
memset(dst, 0, size);
|
||||
@@ -84,6 +89,9 @@ static const struct bpf_func_proto bpf_probe_read_proto = {
|
||||
BPF_CALL_3(bpf_probe_write_user, void *, unsafe_ptr, const void *, src,
|
||||
u32, size)
|
||||
{
|
||||
+ if (kernel_is_locked_down())
|
||||
+ return -EPERM;
|
||||
+
|
||||
/*
|
||||
* Ensure we're in user context which is safe for the helper to
|
||||
* run. This helper has no business in a kthread.
|
||||
@@ -143,6 +151,9 @@ BPF_CALL_5(bpf_trace_printk, char *, fmt, u32, fmt_size, u64, arg1,
|
||||
if (fmt[--fmt_size] != 0)
|
||||
return -EINVAL;
|
||||
|
||||
+ if (kernel_is_locked_down())
|
||||
+ return __trace_printk(1, fmt, 0, 0, 0);
|
||||
+
|
||||
/* check format string for allowed specifiers */
|
||||
for (i = 0; i < fmt_size; i++) {
|
||||
if ((!isprint(fmt[i]) && !isspace(fmt[i])) || !isascii(fmt[i]))
|
|
@ -1,514 +0,0 @@
|
|||
From 448f67943d21773cea5a594df2f8dc5a68211519 Mon Sep 17 00:00:00 2001
|
||||
From: Corentin Labbe <clabbe.montjoie@gmail.com>
|
||||
Date: Tue, 24 Oct 2017 19:57:13 +0200
|
||||
Subject: [PATCH 1/8] net: stmmac: dwmac-sun8i: Handle integrated/external
|
||||
MDIOs
|
||||
|
||||
The Allwinner H3 SoC have two distinct MDIO bus, only one could be
|
||||
active at the same time.
|
||||
The selection of the active MDIO bus are done via some bits in the EMAC
|
||||
register of the system controller.
|
||||
|
||||
This patch implement this MDIO switch via a custom MDIO-mux.
|
||||
|
||||
Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com>
|
||||
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
|
||||
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||||
---
|
||||
drivers/net/ethernet/stmicro/stmmac/Kconfig | 1 +
|
||||
drivers/net/ethernet/stmicro/stmmac/dwmac-sun8i.c | 353 ++++++++++++++--------
|
||||
2 files changed, 224 insertions(+), 130 deletions(-)
|
||||
|
||||
diff --git a/drivers/net/ethernet/stmicro/stmmac/Kconfig b/drivers/net/ethernet/stmicro/stmmac/Kconfig
|
||||
index 97035766c291..e28c0d2c58e9 100644
|
||||
--- a/drivers/net/ethernet/stmicro/stmmac/Kconfig
|
||||
+++ b/drivers/net/ethernet/stmicro/stmmac/Kconfig
|
||||
@@ -159,6 +159,7 @@ config DWMAC_SUN8I
|
||||
tristate "Allwinner sun8i GMAC support"
|
||||
default ARCH_SUNXI
|
||||
depends on OF && (ARCH_SUNXI || COMPILE_TEST)
|
||||
+ select MDIO_BUS_MUX
|
||||
---help---
|
||||
Support for Allwinner H3 A83T A64 EMAC ethernet controllers.
|
||||
|
||||
diff --git a/drivers/net/ethernet/stmicro/stmmac/dwmac-sun8i.c b/drivers/net/ethernet/stmicro/stmmac/dwmac-sun8i.c
|
||||
index 39c2122a4f26..b3eb344bb158 100644
|
||||
--- a/drivers/net/ethernet/stmicro/stmmac/dwmac-sun8i.c
|
||||
+++ b/drivers/net/ethernet/stmicro/stmmac/dwmac-sun8i.c
|
||||
@@ -17,6 +17,7 @@
|
||||
#include <linux/clk.h>
|
||||
#include <linux/io.h>
|
||||
#include <linux/iopoll.h>
|
||||
+#include <linux/mdio-mux.h>
|
||||
#include <linux/mfd/syscon.h>
|
||||
#include <linux/module.h>
|
||||
#include <linux/of_device.h>
|
||||
@@ -41,14 +42,14 @@
|
||||
* This value is used for disabling properly EMAC
|
||||
* and used as a good starting value in case of the
|
||||
* boot process(uboot) leave some stuff.
|
||||
- * @internal_phy: Does the MAC embed an internal PHY
|
||||
+ * @soc_has_internal_phy: Does the MAC embed an internal PHY
|
||||
* @support_mii: Does the MAC handle MII
|
||||
* @support_rmii: Does the MAC handle RMII
|
||||
* @support_rgmii: Does the MAC handle RGMII
|
||||
*/
|
||||
struct emac_variant {
|
||||
u32 default_syscon_value;
|
||||
- int internal_phy;
|
||||
+ bool soc_has_internal_phy;
|
||||
bool support_mii;
|
||||
bool support_rmii;
|
||||
bool support_rgmii;
|
||||
@@ -61,7 +62,8 @@ struct emac_variant {
|
||||
* @rst_ephy: reference to the optional EPHY reset for the internal PHY
|
||||
* @variant: reference to the current board variant
|
||||
* @regmap: regmap for using the syscon
|
||||
- * @use_internal_phy: Does the current PHY choice imply using the internal PHY
|
||||
+ * @internal_phy_powered: Does the internal PHY is enabled
|
||||
+ * @mux_handle: Internal pointer used by mdio-mux lib
|
||||
*/
|
||||
struct sunxi_priv_data {
|
||||
struct clk *tx_clk;
|
||||
@@ -70,12 +72,13 @@ struct sunxi_priv_data {
|
||||
struct reset_control *rst_ephy;
|
||||
const struct emac_variant *variant;
|
||||
struct regmap *regmap;
|
||||
- bool use_internal_phy;
|
||||
+ bool internal_phy_powered;
|
||||
+ void *mux_handle;
|
||||
};
|
||||
|
||||
static const struct emac_variant emac_variant_h3 = {
|
||||
.default_syscon_value = 0x58000,
|
||||
- .internal_phy = PHY_INTERFACE_MODE_MII,
|
||||
+ .soc_has_internal_phy = true,
|
||||
.support_mii = true,
|
||||
.support_rmii = true,
|
||||
.support_rgmii = true
|
||||
@@ -83,20 +86,20 @@ static const struct emac_variant emac_variant_h3 = {
|
||||
|
||||
static const struct emac_variant emac_variant_v3s = {
|
||||
.default_syscon_value = 0x38000,
|
||||
- .internal_phy = PHY_INTERFACE_MODE_MII,
|
||||
+ .soc_has_internal_phy = true,
|
||||
.support_mii = true
|
||||
};
|
||||
|
||||
static const struct emac_variant emac_variant_a83t = {
|
||||
.default_syscon_value = 0,
|
||||
- .internal_phy = 0,
|
||||
+ .soc_has_internal_phy = false,
|
||||
.support_mii = true,
|
||||
.support_rgmii = true
|
||||
};
|
||||
|
||||
static const struct emac_variant emac_variant_a64 = {
|
||||
.default_syscon_value = 0,
|
||||
- .internal_phy = 0,
|
||||
+ .soc_has_internal_phy = false,
|
||||
.support_mii = true,
|
||||
.support_rmii = true,
|
||||
.support_rgmii = true
|
||||
@@ -195,6 +198,9 @@ static const struct emac_variant emac_variant_a64 = {
|
||||
#define H3_EPHY_LED_POL BIT(17) /* 1: active low, 0: active high */
|
||||
#define H3_EPHY_SHUTDOWN BIT(16) /* 1: shutdown, 0: power up */
|
||||
#define H3_EPHY_SELECT BIT(15) /* 1: internal PHY, 0: external PHY */
|
||||
+#define H3_EPHY_MUX_MASK (H3_EPHY_SHUTDOWN | H3_EPHY_SELECT)
|
||||
+#define DWMAC_SUN8I_MDIO_MUX_INTERNAL_ID 1
|
||||
+#define DWMAC_SUN8I_MDIO_MUX_EXTERNAL_ID 2
|
||||
|
||||
/* H3/A64 specific bits */
|
||||
#define SYSCON_RMII_EN BIT(13) /* 1: enable RMII (overrides EPIT) */
|
||||
@@ -634,6 +640,159 @@ static int sun8i_dwmac_reset(struct stmmac_priv *priv)
|
||||
return 0;
|
||||
}
|
||||
|
||||
+/* Search in mdio-mux node for internal PHY node and get its clk/reset */
|
||||
+static int get_ephy_nodes(struct stmmac_priv *priv)
|
||||
+{
|
||||
+ struct sunxi_priv_data *gmac = priv->plat->bsp_priv;
|
||||
+ struct device_node *mdio_mux, *iphynode;
|
||||
+ struct device_node *mdio_internal;
|
||||
+ int ret;
|
||||
+
|
||||
+ mdio_mux = of_get_child_by_name(priv->device->of_node, "mdio-mux");
|
||||
+ if (!mdio_mux) {
|
||||
+ dev_err(priv->device, "Cannot get mdio-mux node\n");
|
||||
+ return -ENODEV;
|
||||
+ }
|
||||
+
|
||||
+ mdio_internal = of_find_compatible_node(mdio_mux, NULL,
|
||||
+ "allwinner,sun8i-h3-mdio-internal");
|
||||
+ if (!mdio_internal) {
|
||||
+ dev_err(priv->device, "Cannot get internal_mdio node\n");
|
||||
+ return -ENODEV;
|
||||
+ }
|
||||
+
|
||||
+ /* Seek for internal PHY */
|
||||
+ for_each_child_of_node(mdio_internal, iphynode) {
|
||||
+ gmac->ephy_clk = of_clk_get(iphynode, 0);
|
||||
+ if (IS_ERR(gmac->ephy_clk))
|
||||
+ continue;
|
||||
+ gmac->rst_ephy = of_reset_control_get_exclusive(iphynode, NULL);
|
||||
+ if (IS_ERR(gmac->rst_ephy)) {
|
||||
+ ret = PTR_ERR(gmac->rst_ephy);
|
||||
+ if (ret == -EPROBE_DEFER)
|
||||
+ return ret;
|
||||
+ continue;
|
||||
+ }
|
||||
+ dev_info(priv->device, "Found internal PHY node\n");
|
||||
+ return 0;
|
||||
+ }
|
||||
+ return -ENODEV;
|
||||
+}
|
||||
+
|
||||
+static int sun8i_dwmac_power_internal_phy(struct stmmac_priv *priv)
|
||||
+{
|
||||
+ struct sunxi_priv_data *gmac = priv->plat->bsp_priv;
|
||||
+ int ret;
|
||||
+
|
||||
+ if (gmac->internal_phy_powered) {
|
||||
+ dev_warn(priv->device, "Internal PHY already powered\n");
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
+ dev_info(priv->device, "Powering internal PHY\n");
|
||||
+ ret = clk_prepare_enable(gmac->ephy_clk);
|
||||
+ if (ret) {
|
||||
+ dev_err(priv->device, "Cannot enable internal PHY\n");
|
||||
+ return ret;
|
||||
+ }
|
||||
+
|
||||
+ /* Make sure the EPHY is properly reseted, as U-Boot may leave
|
||||
+ * it at deasserted state, and thus it may fail to reset EMAC.
|
||||
+ */
|
||||
+ reset_control_assert(gmac->rst_ephy);
|
||||
+
|
||||
+ ret = reset_control_deassert(gmac->rst_ephy);
|
||||
+ if (ret) {
|
||||
+ dev_err(priv->device, "Cannot deassert internal phy\n");
|
||||
+ clk_disable_unprepare(gmac->ephy_clk);
|
||||
+ return ret;
|
||||
+ }
|
||||
+
|
||||
+ gmac->internal_phy_powered = true;
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+static int sun8i_dwmac_unpower_internal_phy(struct sunxi_priv_data *gmac)
|
||||
+{
|
||||
+ if (!gmac->internal_phy_powered)
|
||||
+ return 0;
|
||||
+
|
||||
+ clk_disable_unprepare(gmac->ephy_clk);
|
||||
+ reset_control_assert(gmac->rst_ephy);
|
||||
+ gmac->internal_phy_powered = false;
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+/* MDIO multiplexing switch function
|
||||
+ * This function is called by the mdio-mux layer when it thinks the mdio bus
|
||||
+ * multiplexer needs to switch.
|
||||
+ * 'current_child' is the current value of the mux register
|
||||
+ * 'desired_child' is the value of the 'reg' property of the target child MDIO
|
||||
+ * node.
|
||||
+ * The first time this function is called, current_child == -1.
|
||||
+ * If current_child == desired_child, then the mux is already set to the
|
||||
+ * correct bus.
|
||||
+ */
|
||||
+static int mdio_mux_syscon_switch_fn(int current_child, int desired_child,
|
||||
+ void *data)
|
||||
+{
|
||||
+ struct stmmac_priv *priv = data;
|
||||
+ struct sunxi_priv_data *gmac = priv->plat->bsp_priv;
|
||||
+ u32 reg, val;
|
||||
+ int ret = 0;
|
||||
+ bool need_power_ephy = false;
|
||||
+
|
||||
+ if (current_child ^ desired_child) {
|
||||
+ regmap_read(gmac->regmap, SYSCON_EMAC_REG, ®);
|
||||
+ switch (desired_child) {
|
||||
+ case DWMAC_SUN8I_MDIO_MUX_INTERNAL_ID:
|
||||
+ dev_info(priv->device, "Switch mux to internal PHY");
|
||||
+ val = (reg & ~H3_EPHY_MUX_MASK) | H3_EPHY_SELECT;
|
||||
+
|
||||
+ need_power_ephy = true;
|
||||
+ break;
|
||||
+ case DWMAC_SUN8I_MDIO_MUX_EXTERNAL_ID:
|
||||
+ dev_info(priv->device, "Switch mux to external PHY");
|
||||
+ val = (reg & ~H3_EPHY_MUX_MASK) | H3_EPHY_SHUTDOWN;
|
||||
+ need_power_ephy = false;
|
||||
+ break;
|
||||
+ default:
|
||||
+ dev_err(priv->device, "Invalid child ID %x\n",
|
||||
+ desired_child);
|
||||
+ return -EINVAL;
|
||||
+ }
|
||||
+ regmap_write(gmac->regmap, SYSCON_EMAC_REG, val);
|
||||
+ if (need_power_ephy) {
|
||||
+ ret = sun8i_dwmac_power_internal_phy(priv);
|
||||
+ if (ret)
|
||||
+ return ret;
|
||||
+ } else {
|
||||
+ sun8i_dwmac_unpower_internal_phy(gmac);
|
||||
+ }
|
||||
+ /* After changing syscon value, the MAC need reset or it will
|
||||
+ * use the last value (and so the last PHY set).
|
||||
+ */
|
||||
+ ret = sun8i_dwmac_reset(priv);
|
||||
+ }
|
||||
+ return ret;
|
||||
+}
|
||||
+
|
||||
+static int sun8i_dwmac_register_mdio_mux(struct stmmac_priv *priv)
|
||||
+{
|
||||
+ int ret;
|
||||
+ struct device_node *mdio_mux;
|
||||
+ struct sunxi_priv_data *gmac = priv->plat->bsp_priv;
|
||||
+
|
||||
+ mdio_mux = of_get_child_by_name(priv->device->of_node, "mdio-mux");
|
||||
+ if (!mdio_mux)
|
||||
+ return -ENODEV;
|
||||
+
|
||||
+ ret = mdio_mux_init(priv->device, mdio_mux, mdio_mux_syscon_switch_fn,
|
||||
+ &gmac->mux_handle, priv, priv->mii);
|
||||
+ return ret;
|
||||
+}
|
||||
+
|
||||
static int sun8i_dwmac_set_syscon(struct stmmac_priv *priv)
|
||||
{
|
||||
struct sunxi_priv_data *gmac = priv->plat->bsp_priv;
|
||||
@@ -648,35 +807,25 @@ static int sun8i_dwmac_set_syscon(struct stmmac_priv *priv)
|
||||
"Current syscon value is not the default %x (expect %x)\n",
|
||||
val, reg);
|
||||
|
||||
- if (gmac->variant->internal_phy) {
|
||||
- if (!gmac->use_internal_phy) {
|
||||
- /* switch to external PHY interface */
|
||||
- reg &= ~H3_EPHY_SELECT;
|
||||
- } else {
|
||||
- reg |= H3_EPHY_SELECT;
|
||||
- reg &= ~H3_EPHY_SHUTDOWN;
|
||||
- dev_dbg(priv->device, "Select internal_phy %x\n", reg);
|
||||
-
|
||||
- if (of_property_read_bool(priv->plat->phy_node,
|
||||
- "allwinner,leds-active-low"))
|
||||
- reg |= H3_EPHY_LED_POL;
|
||||
- else
|
||||
- reg &= ~H3_EPHY_LED_POL;
|
||||
-
|
||||
- /* Force EPHY xtal frequency to 24MHz. */
|
||||
- reg |= H3_EPHY_CLK_SEL;
|
||||
-
|
||||
- ret = of_mdio_parse_addr(priv->device,
|
||||
- priv->plat->phy_node);
|
||||
- if (ret < 0) {
|
||||
- dev_err(priv->device, "Could not parse MDIO addr\n");
|
||||
- return ret;
|
||||
- }
|
||||
- /* of_mdio_parse_addr returns a valid (0 ~ 31) PHY
|
||||
- * address. No need to mask it again.
|
||||
- */
|
||||
- reg |= ret << H3_EPHY_ADDR_SHIFT;
|
||||
+ if (gmac->variant->soc_has_internal_phy) {
|
||||
+ if (of_property_read_bool(priv->plat->phy_node,
|
||||
+ "allwinner,leds-active-low"))
|
||||
+ reg |= H3_EPHY_LED_POL;
|
||||
+ else
|
||||
+ reg &= ~H3_EPHY_LED_POL;
|
||||
+
|
||||
+ /* Force EPHY xtal frequency to 24MHz. */
|
||||
+ reg |= H3_EPHY_CLK_SEL;
|
||||
+
|
||||
+ ret = of_mdio_parse_addr(priv->device, priv->plat->phy_node);
|
||||
+ if (ret < 0) {
|
||||
+ dev_err(priv->device, "Could not parse MDIO addr\n");
|
||||
+ return ret;
|
||||
}
|
||||
+ /* of_mdio_parse_addr returns a valid (0 ~ 31) PHY
|
||||
+ * address. No need to mask it again.
|
||||
+ */
|
||||
+ reg |= 1 << H3_EPHY_ADDR_SHIFT;
|
||||
}
|
||||
|
||||
if (!of_property_read_u32(node, "allwinner,tx-delay-ps", &val)) {
|
||||
@@ -746,81 +895,21 @@ static void sun8i_dwmac_unset_syscon(struct sunxi_priv_data *gmac)
|
||||
regmap_write(gmac->regmap, SYSCON_EMAC_REG, reg);
|
||||
}
|
||||
|
||||
-static int sun8i_dwmac_power_internal_phy(struct stmmac_priv *priv)
|
||||
+static void sun8i_dwmac_exit(struct platform_device *pdev, void *priv)
|
||||
{
|
||||
- struct sunxi_priv_data *gmac = priv->plat->bsp_priv;
|
||||
- int ret;
|
||||
-
|
||||
- if (!gmac->use_internal_phy)
|
||||
- return 0;
|
||||
-
|
||||
- ret = clk_prepare_enable(gmac->ephy_clk);
|
||||
- if (ret) {
|
||||
- dev_err(priv->device, "Cannot enable ephy\n");
|
||||
- return ret;
|
||||
- }
|
||||
-
|
||||
- /* Make sure the EPHY is properly reseted, as U-Boot may leave
|
||||
- * it at deasserted state, and thus it may fail to reset EMAC.
|
||||
- */
|
||||
- reset_control_assert(gmac->rst_ephy);
|
||||
+ struct sunxi_priv_data *gmac = priv;
|
||||
|
||||
- ret = reset_control_deassert(gmac->rst_ephy);
|
||||
- if (ret) {
|
||||
- dev_err(priv->device, "Cannot deassert ephy\n");
|
||||
- clk_disable_unprepare(gmac->ephy_clk);
|
||||
- return ret;
|
||||
+ if (gmac->variant->soc_has_internal_phy) {
|
||||
+ /* sun8i_dwmac_exit could be called with mdiomux uninit */
|
||||
+ if (gmac->mux_handle)
|
||||
+ mdio_mux_uninit(gmac->mux_handle);
|
||||
+ if (gmac->internal_phy_powered)
|
||||
+ sun8i_dwmac_unpower_internal_phy(gmac);
|
||||
}
|
||||
|
||||
- return 0;
|
||||
-}
|
||||
-
|
||||
-static int sun8i_dwmac_unpower_internal_phy(struct sunxi_priv_data *gmac)
|
||||
-{
|
||||
- if (!gmac->use_internal_phy)
|
||||
- return 0;
|
||||
-
|
||||
- clk_disable_unprepare(gmac->ephy_clk);
|
||||
- reset_control_assert(gmac->rst_ephy);
|
||||
- return 0;
|
||||
-}
|
||||
-
|
||||
-/* sun8i_power_phy() - Activate the PHY:
|
||||
- * In case of error, no need to call sun8i_unpower_phy(),
|
||||
- * it will be called anyway by sun8i_dwmac_exit()
|
||||
- */
|
||||
-static int sun8i_power_phy(struct stmmac_priv *priv)
|
||||
-{
|
||||
- int ret;
|
||||
-
|
||||
- ret = sun8i_dwmac_power_internal_phy(priv);
|
||||
- if (ret)
|
||||
- return ret;
|
||||
-
|
||||
- ret = sun8i_dwmac_set_syscon(priv);
|
||||
- if (ret)
|
||||
- return ret;
|
||||
-
|
||||
- /* After changing syscon value, the MAC need reset or it will use
|
||||
- * the last value (and so the last PHY set.
|
||||
- */
|
||||
- ret = sun8i_dwmac_reset(priv);
|
||||
- if (ret)
|
||||
- return ret;
|
||||
- return 0;
|
||||
-}
|
||||
-
|
||||
-static void sun8i_unpower_phy(struct sunxi_priv_data *gmac)
|
||||
-{
|
||||
sun8i_dwmac_unset_syscon(gmac);
|
||||
- sun8i_dwmac_unpower_internal_phy(gmac);
|
||||
-}
|
||||
-
|
||||
-static void sun8i_dwmac_exit(struct platform_device *pdev, void *priv)
|
||||
-{
|
||||
- struct sunxi_priv_data *gmac = priv;
|
||||
|
||||
- sun8i_unpower_phy(gmac);
|
||||
+ reset_control_put(gmac->rst_ephy);
|
||||
|
||||
clk_disable_unprepare(gmac->tx_clk);
|
||||
|
||||
@@ -849,7 +938,7 @@ static struct mac_device_info *sun8i_dwmac_setup(void *ppriv)
|
||||
if (!mac)
|
||||
return NULL;
|
||||
|
||||
- ret = sun8i_power_phy(priv);
|
||||
+ ret = sun8i_dwmac_set_syscon(priv);
|
||||
if (ret)
|
||||
return NULL;
|
||||
|
||||
@@ -889,6 +978,8 @@ static int sun8i_dwmac_probe(struct platform_device *pdev)
|
||||
struct sunxi_priv_data *gmac;
|
||||
struct device *dev = &pdev->dev;
|
||||
int ret;
|
||||
+ struct stmmac_priv *priv;
|
||||
+ struct net_device *ndev;
|
||||
|
||||
ret = stmmac_get_platform_resources(pdev, &stmmac_res);
|
||||
if (ret)
|
||||
@@ -932,29 +1023,6 @@ static int sun8i_dwmac_probe(struct platform_device *pdev)
|
||||
}
|
||||
|
||||
plat_dat->interface = of_get_phy_mode(dev->of_node);
|
||||
- if (plat_dat->interface == gmac->variant->internal_phy) {
|
||||
- dev_info(&pdev->dev, "Will use internal PHY\n");
|
||||
- gmac->use_internal_phy = true;
|
||||
- gmac->ephy_clk = of_clk_get(plat_dat->phy_node, 0);
|
||||
- if (IS_ERR(gmac->ephy_clk)) {
|
||||
- ret = PTR_ERR(gmac->ephy_clk);
|
||||
- dev_err(&pdev->dev, "Cannot get EPHY clock: %d\n", ret);
|
||||
- return -EINVAL;
|
||||
- }
|
||||
-
|
||||
- gmac->rst_ephy = of_reset_control_get(plat_dat->phy_node, NULL);
|
||||
- if (IS_ERR(gmac->rst_ephy)) {
|
||||
- ret = PTR_ERR(gmac->rst_ephy);
|
||||
- if (ret == -EPROBE_DEFER)
|
||||
- return ret;
|
||||
- dev_err(&pdev->dev, "No EPHY reset control found %d\n",
|
||||
- ret);
|
||||
- return -EINVAL;
|
||||
- }
|
||||
- } else {
|
||||
- dev_info(&pdev->dev, "Will use external PHY\n");
|
||||
- gmac->use_internal_phy = false;
|
||||
- }
|
||||
|
||||
/* platform data specifying hardware features and callbacks.
|
||||
* hardware features were copied from Allwinner drivers.
|
||||
@@ -973,9 +1041,34 @@ static int sun8i_dwmac_probe(struct platform_device *pdev)
|
||||
|
||||
ret = stmmac_dvr_probe(&pdev->dev, plat_dat, &stmmac_res);
|
||||
if (ret)
|
||||
- sun8i_dwmac_exit(pdev, plat_dat->bsp_priv);
|
||||
+ goto dwmac_exit;
|
||||
+
|
||||
+ ndev = dev_get_drvdata(&pdev->dev);
|
||||
+ priv = netdev_priv(ndev);
|
||||
+ /* The mux must be registered after parent MDIO
|
||||
+ * so after stmmac_dvr_probe()
|
||||
+ */
|
||||
+ if (gmac->variant->soc_has_internal_phy) {
|
||||
+ ret = get_ephy_nodes(priv);
|
||||
+ if (ret)
|
||||
+ goto dwmac_exit;
|
||||
+ ret = sun8i_dwmac_register_mdio_mux(priv);
|
||||
+ if (ret) {
|
||||
+ dev_err(&pdev->dev, "Failed to register mux\n");
|
||||
+ goto dwmac_mux;
|
||||
+ }
|
||||
+ } else {
|
||||
+ ret = sun8i_dwmac_reset(priv);
|
||||
+ if (ret)
|
||||
+ goto dwmac_exit;
|
||||
+ }
|
||||
|
||||
return ret;
|
||||
+dwmac_mux:
|
||||
+ sun8i_dwmac_unset_syscon(gmac);
|
||||
+dwmac_exit:
|
||||
+ sun8i_dwmac_exit(pdev, plat_dat->bsp_priv);
|
||||
+return ret;
|
||||
}
|
||||
|
||||
static const struct of_device_id sun8i_dwmac_match[] = {
|
||||
--
|
||||
2.11.0
|
||||
|
|
@ -1,40 +0,0 @@
|
|||
From 6d3c2402242a910aed42081148737b1d93640362 Mon Sep 17 00:00:00 2001
|
||||
From: Corentin Labbe <clabbe.montjoie@gmail.com>
|
||||
Date: Tue, 24 Oct 2017 19:57:14 +0200
|
||||
Subject: [PATCH 2/8] net: stmmac: sun8i: Restore the compatibles
|
||||
|
||||
The original dwmac-sun8i DT bindings have some issue on how to handle
|
||||
integrated PHY and was reverted in last RC of 4.13.
|
||||
But now we have a solution so we need to get back that was reverted.
|
||||
|
||||
This patch restore compatibles about dwmac-sun8i
|
||||
This reverts commit ad4540cc5aa3 ("net: stmmac: sun8i: Remove the compatibles")
|
||||
|
||||
Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com>
|
||||
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||||
---
|
||||
drivers/net/ethernet/stmicro/stmmac/dwmac-sun8i.c | 8 ++++++++
|
||||
1 file changed, 8 insertions(+)
|
||||
|
||||
diff --git a/drivers/net/ethernet/stmicro/stmmac/dwmac-sun8i.c b/drivers/net/ethernet/stmicro/stmmac/dwmac-sun8i.c
|
||||
index b3eb344bb158..e5ff734d4f9b 100644
|
||||
--- a/drivers/net/ethernet/stmicro/stmmac/dwmac-sun8i.c
|
||||
+++ b/drivers/net/ethernet/stmicro/stmmac/dwmac-sun8i.c
|
||||
@@ -1072,6 +1072,14 @@ return ret;
|
||||
}
|
||||
|
||||
static const struct of_device_id sun8i_dwmac_match[] = {
|
||||
+ { .compatible = "allwinner,sun8i-h3-emac",
|
||||
+ .data = &emac_variant_h3 },
|
||||
+ { .compatible = "allwinner,sun8i-v3s-emac",
|
||||
+ .data = &emac_variant_v3s },
|
||||
+ { .compatible = "allwinner,sun8i-a83t-emac",
|
||||
+ .data = &emac_variant_a83t },
|
||||
+ { .compatible = "allwinner,sun50i-a64-emac",
|
||||
+ .data = &emac_variant_a64 },
|
||||
{ }
|
||||
};
|
||||
MODULE_DEVICE_TABLE(of, sun8i_dwmac_match);
|
||||
--
|
||||
2.11.0
|
||||
|
|
@ -1,197 +0,0 @@
|
|||
From f807989778297b06ec2be652c637bcc073bdeaa0 Mon Sep 17 00:00:00 2001
|
||||
From: Corentin Labbe <clabbe.montjoie@gmail.com>
|
||||
Date: Tue, 31 Oct 2017 09:19:13 +0100
|
||||
Subject: [PATCH 3/8] arm64: dts: allwinner: A64: Restore EMAC changes
|
||||
|
||||
The original dwmac-sun8i DT bindings have some issue on how to handle
|
||||
integrated PHY and was reverted in last RC of 4.13.
|
||||
But now we have a solution so we need to get back that was reverted.
|
||||
|
||||
This patch restore arm64 DT about dwmac-sun8i for A64
|
||||
This reverts commit 87e1f5e8bb4b ("arm64: dts: allwinner: Revert EMAC changes")
|
||||
|
||||
Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com>
|
||||
Acked-by: Florian Fainelli <f.fainelli@gmail.com>
|
||||
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
|
||||
---
|
||||
.../boot/dts/allwinner/sun50i-a64-bananapi-m64.dts | 16 ++++++++++++++++
|
||||
.../boot/dts/allwinner/sun50i-a64-pine64-plus.dts | 15 +++++++++++++++
|
||||
arch/arm64/boot/dts/allwinner/sun50i-a64-pine64.dts | 17 +++++++++++++++++
|
||||
.../dts/allwinner/sun50i-a64-sopine-baseboard.dts | 16 ++++++++++++++++
|
||||
arch/arm64/boot/dts/allwinner/sun50i-a64.dtsi | 20 ++++++++++++++++++++
|
||||
5 files changed, 84 insertions(+)
|
||||
|
||||
diff --git a/arch/arm64/boot/dts/allwinner/sun50i-a64-bananapi-m64.dts b/arch/arm64/boot/dts/allwinner/sun50i-a64-bananapi-m64.dts
|
||||
index d347f52e27f6..45bdbfb96126 100644
|
||||
--- a/arch/arm64/boot/dts/allwinner/sun50i-a64-bananapi-m64.dts
|
||||
+++ b/arch/arm64/boot/dts/allwinner/sun50i-a64-bananapi-m64.dts
|
||||
@@ -51,6 +51,7 @@
|
||||
compatible = "sinovoip,bananapi-m64", "allwinner,sun50i-a64";
|
||||
|
||||
aliases {
|
||||
+ ethernet0 = &emac;
|
||||
serial0 = &uart0;
|
||||
serial1 = &uart1;
|
||||
};
|
||||
@@ -69,6 +70,14 @@
|
||||
status = "okay";
|
||||
};
|
||||
|
||||
+&emac {
|
||||
+ pinctrl-names = "default";
|
||||
+ pinctrl-0 = <&rgmii_pins>;
|
||||
+ phy-mode = "rgmii";
|
||||
+ phy-handle = <&ext_rgmii_phy>;
|
||||
+ status = "okay";
|
||||
+};
|
||||
+
|
||||
&i2c1 {
|
||||
pinctrl-names = "default";
|
||||
pinctrl-0 = <&i2c1_pins>;
|
||||
@@ -79,6 +88,13 @@
|
||||
bias-pull-up;
|
||||
};
|
||||
|
||||
+&mdio {
|
||||
+ ext_rgmii_phy: ethernet-phy@1 {
|
||||
+ compatible = "ethernet-phy-ieee802.3-c22";
|
||||
+ reg = <1>;
|
||||
+ };
|
||||
+};
|
||||
+
|
||||
&mmc0 {
|
||||
pinctrl-names = "default";
|
||||
pinctrl-0 = <&mmc0_pins>;
|
||||
diff --git a/arch/arm64/boot/dts/allwinner/sun50i-a64-pine64-plus.dts b/arch/arm64/boot/dts/allwinner/sun50i-a64-pine64-plus.dts
|
||||
index f82ccf332c0f..24f1aac366d6 100644
|
||||
--- a/arch/arm64/boot/dts/allwinner/sun50i-a64-pine64-plus.dts
|
||||
+++ b/arch/arm64/boot/dts/allwinner/sun50i-a64-pine64-plus.dts
|
||||
@@ -48,3 +48,18 @@
|
||||
|
||||
/* TODO: Camera, touchscreen, etc. */
|
||||
};
|
||||
+
|
||||
+&emac {
|
||||
+ pinctrl-names = "default";
|
||||
+ pinctrl-0 = <&rgmii_pins>;
|
||||
+ phy-mode = "rgmii";
|
||||
+ phy-handle = <&ext_rgmii_phy>;
|
||||
+ status = "okay";
|
||||
+};
|
||||
+
|
||||
+&mdio {
|
||||
+ ext_rgmii_phy: ethernet-phy@1 {
|
||||
+ compatible = "ethernet-phy-ieee802.3-c22";
|
||||
+ reg = <1>;
|
||||
+ };
|
||||
+};
|
||||
diff --git a/arch/arm64/boot/dts/allwinner/sun50i-a64-pine64.dts b/arch/arm64/boot/dts/allwinner/sun50i-a64-pine64.dts
|
||||
index d06e34b5d192..806442d3e846 100644
|
||||
--- a/arch/arm64/boot/dts/allwinner/sun50i-a64-pine64.dts
|
||||
+++ b/arch/arm64/boot/dts/allwinner/sun50i-a64-pine64.dts
|
||||
@@ -51,6 +51,7 @@
|
||||
compatible = "pine64,pine64", "allwinner,sun50i-a64";
|
||||
|
||||
aliases {
|
||||
+ ethernet0 = &emac;
|
||||
serial0 = &uart0;
|
||||
serial1 = &uart1;
|
||||
serial2 = &uart2;
|
||||
@@ -71,6 +72,15 @@
|
||||
status = "okay";
|
||||
};
|
||||
|
||||
+&emac {
|
||||
+ pinctrl-names = "default";
|
||||
+ pinctrl-0 = <&rmii_pins>;
|
||||
+ phy-mode = "rmii";
|
||||
+ phy-handle = <&ext_rmii_phy1>;
|
||||
+ status = "okay";
|
||||
+
|
||||
+};
|
||||
+
|
||||
&i2c1 {
|
||||
pinctrl-names = "default";
|
||||
pinctrl-0 = <&i2c1_pins>;
|
||||
@@ -81,6 +91,13 @@
|
||||
bias-pull-up;
|
||||
};
|
||||
|
||||
+&mdio {
|
||||
+ ext_rmii_phy1: ethernet-phy@1 {
|
||||
+ compatible = "ethernet-phy-ieee802.3-c22";
|
||||
+ reg = <1>;
|
||||
+ };
|
||||
+};
|
||||
+
|
||||
&mmc0 {
|
||||
pinctrl-names = "default";
|
||||
pinctrl-0 = <&mmc0_pins>;
|
||||
diff --git a/arch/arm64/boot/dts/allwinner/sun50i-a64-sopine-baseboard.dts b/arch/arm64/boot/dts/allwinner/sun50i-a64-sopine-baseboard.dts
|
||||
index 17ccc12b58df..0eb2acedf8c3 100644
|
||||
--- a/arch/arm64/boot/dts/allwinner/sun50i-a64-sopine-baseboard.dts
|
||||
+++ b/arch/arm64/boot/dts/allwinner/sun50i-a64-sopine-baseboard.dts
|
||||
@@ -53,6 +53,7 @@
|
||||
"allwinner,sun50i-a64";
|
||||
|
||||
aliases {
|
||||
+ ethernet0 = &emac;
|
||||
serial0 = &uart0;
|
||||
};
|
||||
|
||||
@@ -76,6 +77,21 @@
|
||||
status = "okay";
|
||||
};
|
||||
|
||||
+&emac {
|
||||
+ pinctrl-names = "default";
|
||||
+ pinctrl-0 = <&rgmii_pins>;
|
||||
+ phy-mode = "rgmii";
|
||||
+ phy-handle = <&ext_rgmii_phy>;
|
||||
+ status = "okay";
|
||||
+};
|
||||
+
|
||||
+&mdio {
|
||||
+ ext_rgmii_phy: ethernet-phy@1 {
|
||||
+ compatible = "ethernet-phy-ieee802.3-c22";
|
||||
+ reg = <1>;
|
||||
+ };
|
||||
+};
|
||||
+
|
||||
&mmc2 {
|
||||
pinctrl-names = "default";
|
||||
pinctrl-0 = <&mmc2_pins>;
|
||||
diff --git a/arch/arm64/boot/dts/allwinner/sun50i-a64.dtsi b/arch/arm64/boot/dts/allwinner/sun50i-a64.dtsi
|
||||
index 8c8db1b057df..50f17bab0c07 100644
|
||||
--- a/arch/arm64/boot/dts/allwinner/sun50i-a64.dtsi
|
||||
+++ b/arch/arm64/boot/dts/allwinner/sun50i-a64.dtsi
|
||||
@@ -449,6 +449,26 @@
|
||||
#size-cells = <0>;
|
||||
};
|
||||
|
||||
+ emac: ethernet@1c30000 {
|
||||
+ compatible = "allwinner,sun50i-a64-emac";
|
||||
+ syscon = <&syscon>;
|
||||
+ reg = <0x01c30000 0x10000>;
|
||||
+ interrupts = <GIC_SPI 82 IRQ_TYPE_LEVEL_HIGH>;
|
||||
+ interrupt-names = "macirq";
|
||||
+ resets = <&ccu RST_BUS_EMAC>;
|
||||
+ reset-names = "stmmaceth";
|
||||
+ clocks = <&ccu CLK_BUS_EMAC>;
|
||||
+ clock-names = "stmmaceth";
|
||||
+ status = "disabled";
|
||||
+ #address-cells = <1>;
|
||||
+ #size-cells = <0>;
|
||||
+
|
||||
+ mdio: mdio {
|
||||
+ #address-cells = <1>;
|
||||
+ #size-cells = <0>;
|
||||
+ };
|
||||
+ };
|
||||
+
|
||||
gic: interrupt-controller@1c81000 {
|
||||
compatible = "arm,gic-400";
|
||||
reg = <0x01c81000 0x1000>,
|
||||
--
|
||||
2.11.0
|
||||
|
|
@ -1,33 +0,0 @@
|
|||
From 7122a4938175ed3a1b99db6dbd3f43dc288187b7 Mon Sep 17 00:00:00 2001
|
||||
From: Corentin Labbe <clabbe.montjoie@gmail.com>
|
||||
Date: Tue, 31 Oct 2017 09:19:15 +0100
|
||||
Subject: [PATCH 4/8] arm64: dts: allwinner: add snps,dwmac-mdio compatible to
|
||||
emac/mdio
|
||||
|
||||
stmmac bindings docs said that its mdio node must have
|
||||
compatible = "snps,dwmac-mdio";
|
||||
Since dwmac-sun8i does not have any good reasons to not doing it, all
|
||||
their MDIO node must have it.
|
||||
|
||||
Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com>
|
||||
Acked-by: Florian Fainelli <f.fainelli@gmail.com>
|
||||
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
|
||||
---
|
||||
arch/arm64/boot/dts/allwinner/sun50i-a64.dtsi | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/arch/arm64/boot/dts/allwinner/sun50i-a64.dtsi b/arch/arm64/boot/dts/allwinner/sun50i-a64.dtsi
|
||||
index 50f17bab0c07..8fd75c95937a 100644
|
||||
--- a/arch/arm64/boot/dts/allwinner/sun50i-a64.dtsi
|
||||
+++ b/arch/arm64/boot/dts/allwinner/sun50i-a64.dtsi
|
||||
@@ -464,6 +464,7 @@
|
||||
#size-cells = <0>;
|
||||
|
||||
mdio: mdio {
|
||||
+ compatible = "snps,dwmac-mdio";
|
||||
#address-cells = <1>;
|
||||
#size-cells = <0>;
|
||||
};
|
||||
--
|
||||
2.11.0
|
||||
|
|
@ -1,129 +0,0 @@
|
|||
From 295acb9e2b20c9f5dc8dbf6bbc452dd94f45fb58 Mon Sep 17 00:00:00 2001
|
||||
From: Corentin Labbe <clabbe.montjoie@gmail.com>
|
||||
Date: Tue, 31 Oct 2017 09:19:14 +0100
|
||||
Subject: [PATCH 5/8] arm64: dts: allwinner: H5: Restore EMAC changes
|
||||
|
||||
The original dwmac-sun8i DT bindings have some issue on how to handle
|
||||
integrated PHY and was reverted in last RC of 4.13.
|
||||
But now we have a solution so we need to get back that was reverted.
|
||||
|
||||
This patch restore arm64 DT about dwmac-sun8i for H5
|
||||
This reverts a part of commit 87e1f5e8bb4b ("arm64: dts: allwinner: Revert EMAC changes")
|
||||
|
||||
Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com>
|
||||
Acked-by: Florian Fainelli <f.fainelli@gmail.com>
|
||||
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
|
||||
---
|
||||
arch/arm64/boot/dts/allwinner/sun50i-h5-nanopi-neo2.dts | 17 +++++++++++++++++
|
||||
.../arm64/boot/dts/allwinner/sun50i-h5-orangepi-pc2.dts | 17 +++++++++++++++++
|
||||
.../boot/dts/allwinner/sun50i-h5-orangepi-prime.dts | 17 +++++++++++++++++
|
||||
3 files changed, 51 insertions(+)
|
||||
|
||||
diff --git a/arch/arm64/boot/dts/allwinner/sun50i-h5-nanopi-neo2.dts b/arch/arm64/boot/dts/allwinner/sun50i-h5-nanopi-neo2.dts
|
||||
index 1c2387bd5df6..6eb8092d8e57 100644
|
||||
--- a/arch/arm64/boot/dts/allwinner/sun50i-h5-nanopi-neo2.dts
|
||||
+++ b/arch/arm64/boot/dts/allwinner/sun50i-h5-nanopi-neo2.dts
|
||||
@@ -50,6 +50,7 @@
|
||||
compatible = "friendlyarm,nanopi-neo2", "allwinner,sun50i-h5";
|
||||
|
||||
aliases {
|
||||
+ ethernet0 = &emac;
|
||||
serial0 = &uart0;
|
||||
};
|
||||
|
||||
@@ -108,6 +109,22 @@
|
||||
status = "okay";
|
||||
};
|
||||
|
||||
+&emac {
|
||||
+ pinctrl-names = "default";
|
||||
+ pinctrl-0 = <&emac_rgmii_pins>;
|
||||
+ phy-supply = <®_gmac_3v3>;
|
||||
+ phy-handle = <&ext_rgmii_phy>;
|
||||
+ phy-mode = "rgmii";
|
||||
+ status = "okay";
|
||||
+};
|
||||
+
|
||||
+&external_mdio {
|
||||
+ ext_rgmii_phy: ethernet-phy@7 {
|
||||
+ compatible = "ethernet-phy-ieee802.3-c22";
|
||||
+ reg = <7>;
|
||||
+ };
|
||||
+};
|
||||
+
|
||||
&mmc0 {
|
||||
pinctrl-names = "default";
|
||||
pinctrl-0 = <&mmc0_pins_a>, <&mmc0_cd_pin>;
|
||||
diff --git a/arch/arm64/boot/dts/allwinner/sun50i-h5-orangepi-pc2.dts b/arch/arm64/boot/dts/allwinner/sun50i-h5-orangepi-pc2.dts
|
||||
index 4f77c8470f6c..a0ca925175aa 100644
|
||||
--- a/arch/arm64/boot/dts/allwinner/sun50i-h5-orangepi-pc2.dts
|
||||
+++ b/arch/arm64/boot/dts/allwinner/sun50i-h5-orangepi-pc2.dts
|
||||
@@ -59,6 +59,7 @@
|
||||
};
|
||||
|
||||
aliases {
|
||||
+ ethernet0 = &emac;
|
||||
serial0 = &uart0;
|
||||
};
|
||||
|
||||
@@ -136,6 +137,22 @@
|
||||
status = "okay";
|
||||
};
|
||||
|
||||
+&emac {
|
||||
+ pinctrl-names = "default";
|
||||
+ pinctrl-0 = <&emac_rgmii_pins>;
|
||||
+ phy-supply = <®_gmac_3v3>;
|
||||
+ phy-handle = <&ext_rgmii_phy>;
|
||||
+ phy-mode = "rgmii";
|
||||
+ status = "okay";
|
||||
+};
|
||||
+
|
||||
+&external_mdio {
|
||||
+ ext_rgmii_phy: ethernet-phy@1 {
|
||||
+ compatible = "ethernet-phy-ieee802.3-c22";
|
||||
+ reg = <1>;
|
||||
+ };
|
||||
+};
|
||||
+
|
||||
&ir {
|
||||
pinctrl-names = "default";
|
||||
pinctrl-0 = <&ir_pins_a>;
|
||||
diff --git a/arch/arm64/boot/dts/allwinner/sun50i-h5-orangepi-prime.dts b/arch/arm64/boot/dts/allwinner/sun50i-h5-orangepi-prime.dts
|
||||
index 6be06873e5af..b47790650144 100644
|
||||
--- a/arch/arm64/boot/dts/allwinner/sun50i-h5-orangepi-prime.dts
|
||||
+++ b/arch/arm64/boot/dts/allwinner/sun50i-h5-orangepi-prime.dts
|
||||
@@ -54,6 +54,7 @@
|
||||
compatible = "xunlong,orangepi-prime", "allwinner,sun50i-h5";
|
||||
|
||||
aliases {
|
||||
+ ethernet0 = &emac;
|
||||
serial0 = &uart0;
|
||||
};
|
||||
|
||||
@@ -143,6 +144,22 @@
|
||||
status = "okay";
|
||||
};
|
||||
|
||||
+&emac {
|
||||
+ pinctrl-names = "default";
|
||||
+ pinctrl-0 = <&emac_rgmii_pins>;
|
||||
+ phy-supply = <®_gmac_3v3>;
|
||||
+ phy-handle = <&ext_rgmii_phy>;
|
||||
+ phy-mode = "rgmii";
|
||||
+ status = "okay";
|
||||
+};
|
||||
+
|
||||
+&external_mdio {
|
||||
+ ext_rgmii_phy: ethernet-phy@1 {
|
||||
+ compatible = "ethernet-phy-ieee802.3-c22";
|
||||
+ reg = <1>;
|
||||
+ };
|
||||
+};
|
||||
+
|
||||
&ir {
|
||||
pinctrl-names = "default";
|
||||
pinctrl-0 = <&ir_pins_a>;
|
||||
--
|
||||
2.11.0
|
||||
|
|
@ -1,267 +0,0 @@
|
|||
From 67ac8e63d64c418162b2d8e7902777caeb4d6d32 Mon Sep 17 00:00:00 2001
|
||||
From: Corentin Labbe <clabbe.montjoie@gmail.com>
|
||||
Date: Tue, 31 Oct 2017 09:19:12 +0100
|
||||
Subject: [PATCH 6/8] ARM: dts: sunxi: Restore EMAC changes (boards)
|
||||
|
||||
The original dwmac-sun8i DT bindings have some issue on how to handle
|
||||
integrated PHY and was reverted in last RC of 4.13.
|
||||
But now we have a solution so we need to get back that was reverted.
|
||||
|
||||
This patch restore all boards DT about dwmac-sun8i
|
||||
This reverts partially commit fe45174b72ae ("arm: dts: sunxi: Revert EMAC changes")
|
||||
|
||||
Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com>
|
||||
Acked-by: Florian Fainelli <f.fainelli@gmail.com>
|
||||
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
|
||||
---
|
||||
arch/arm/boot/dts/sun8i-h2-plus-orangepi-zero.dts | 9 +++++++++
|
||||
arch/arm/boot/dts/sun8i-h3-bananapi-m2-plus.dts | 19 +++++++++++++++++++
|
||||
arch/arm/boot/dts/sun8i-h3-nanopi-neo.dts | 7 +++++++
|
||||
arch/arm/boot/dts/sun8i-h3-orangepi-2.dts | 8 ++++++++
|
||||
arch/arm/boot/dts/sun8i-h3-orangepi-one.dts | 8 ++++++++
|
||||
arch/arm/boot/dts/sun8i-h3-orangepi-pc-plus.dts | 5 +++++
|
||||
arch/arm/boot/dts/sun8i-h3-orangepi-pc.dts | 8 ++++++++
|
||||
arch/arm/boot/dts/sun8i-h3-orangepi-plus.dts | 22 ++++++++++++++++++++++
|
||||
arch/arm/boot/dts/sun8i-h3-orangepi-plus2e.dts | 16 ++++++++++++++++
|
||||
9 files changed, 102 insertions(+)
|
||||
|
||||
diff --git a/arch/arm/boot/dts/sun8i-h2-plus-orangepi-zero.dts b/arch/arm/boot/dts/sun8i-h2-plus-orangepi-zero.dts
|
||||
index b1502df7b509..6713d0f2b3f4 100644
|
||||
--- a/arch/arm/boot/dts/sun8i-h2-plus-orangepi-zero.dts
|
||||
+++ b/arch/arm/boot/dts/sun8i-h2-plus-orangepi-zero.dts
|
||||
@@ -56,6 +56,8 @@
|
||||
|
||||
aliases {
|
||||
serial0 = &uart0;
|
||||
+ /* ethernet0 is the H3 emac, defined in sun8i-h3.dtsi */
|
||||
+ ethernet0 = &emac;
|
||||
ethernet1 = &xr819;
|
||||
};
|
||||
|
||||
@@ -102,6 +104,13 @@
|
||||
status = "okay";
|
||||
};
|
||||
|
||||
+&emac {
|
||||
+ phy-handle = <&int_mii_phy>;
|
||||
+ phy-mode = "mii";
|
||||
+ allwinner,leds-active-low;
|
||||
+ status = "okay";
|
||||
+};
|
||||
+
|
||||
&mmc0 {
|
||||
pinctrl-names = "default";
|
||||
pinctrl-0 = <&mmc0_pins_a>;
|
||||
diff --git a/arch/arm/boot/dts/sun8i-h3-bananapi-m2-plus.dts b/arch/arm/boot/dts/sun8i-h3-bananapi-m2-plus.dts
|
||||
index a337af1de322..3f95d806355b 100644
|
||||
--- a/arch/arm/boot/dts/sun8i-h3-bananapi-m2-plus.dts
|
||||
+++ b/arch/arm/boot/dts/sun8i-h3-bananapi-m2-plus.dts
|
||||
@@ -52,6 +52,7 @@
|
||||
compatible = "sinovoip,bpi-m2-plus", "allwinner,sun8i-h3";
|
||||
|
||||
aliases {
|
||||
+ ethernet0 = &emac;
|
||||
serial0 = &uart0;
|
||||
serial1 = &uart1;
|
||||
};
|
||||
@@ -114,6 +115,24 @@
|
||||
status = "okay";
|
||||
};
|
||||
|
||||
+&emac {
|
||||
+ pinctrl-names = "default";
|
||||
+ pinctrl-0 = <&emac_rgmii_pins>;
|
||||
+ phy-supply = <®_gmac_3v3>;
|
||||
+ phy-handle = <&ext_rgmii_phy>;
|
||||
+ phy-mode = "rgmii";
|
||||
+
|
||||
+ allwinner,leds-active-low;
|
||||
+ status = "okay";
|
||||
+};
|
||||
+
|
||||
+&external_mdio {
|
||||
+ ext_rgmii_phy: ethernet-phy@1 {
|
||||
+ compatible = "ethernet-phy-ieee802.3-c22";
|
||||
+ reg = <0>;
|
||||
+ };
|
||||
+};
|
||||
+
|
||||
&ir {
|
||||
pinctrl-names = "default";
|
||||
pinctrl-0 = <&ir_pins_a>;
|
||||
diff --git a/arch/arm/boot/dts/sun8i-h3-nanopi-neo.dts b/arch/arm/boot/dts/sun8i-h3-nanopi-neo.dts
|
||||
index 8d2cc6e9a03f..78f6c24952dd 100644
|
||||
--- a/arch/arm/boot/dts/sun8i-h3-nanopi-neo.dts
|
||||
+++ b/arch/arm/boot/dts/sun8i-h3-nanopi-neo.dts
|
||||
@@ -46,3 +46,10 @@
|
||||
model = "FriendlyARM NanoPi NEO";
|
||||
compatible = "friendlyarm,nanopi-neo", "allwinner,sun8i-h3";
|
||||
};
|
||||
+
|
||||
+&emac {
|
||||
+ phy-handle = <&int_mii_phy>;
|
||||
+ phy-mode = "mii";
|
||||
+ allwinner,leds-active-low;
|
||||
+ status = "okay";
|
||||
+};
|
||||
diff --git a/arch/arm/boot/dts/sun8i-h3-orangepi-2.dts b/arch/arm/boot/dts/sun8i-h3-orangepi-2.dts
|
||||
index 8ff71b1bb45b..17cdeae19c6f 100644
|
||||
--- a/arch/arm/boot/dts/sun8i-h3-orangepi-2.dts
|
||||
+++ b/arch/arm/boot/dts/sun8i-h3-orangepi-2.dts
|
||||
@@ -54,6 +54,7 @@
|
||||
aliases {
|
||||
serial0 = &uart0;
|
||||
/* ethernet0 is the H3 emac, defined in sun8i-h3.dtsi */
|
||||
+ ethernet0 = &emac;
|
||||
ethernet1 = &rtl8189;
|
||||
};
|
||||
|
||||
@@ -117,6 +118,13 @@
|
||||
status = "okay";
|
||||
};
|
||||
|
||||
+&emac {
|
||||
+ phy-handle = <&int_mii_phy>;
|
||||
+ phy-mode = "mii";
|
||||
+ allwinner,leds-active-low;
|
||||
+ status = "okay";
|
||||
+};
|
||||
+
|
||||
&ir {
|
||||
pinctrl-names = "default";
|
||||
pinctrl-0 = <&ir_pins_a>;
|
||||
diff --git a/arch/arm/boot/dts/sun8i-h3-orangepi-one.dts b/arch/arm/boot/dts/sun8i-h3-orangepi-one.dts
|
||||
index 5fea430e0eb1..6880268e8b87 100644
|
||||
--- a/arch/arm/boot/dts/sun8i-h3-orangepi-one.dts
|
||||
+++ b/arch/arm/boot/dts/sun8i-h3-orangepi-one.dts
|
||||
@@ -52,6 +52,7 @@
|
||||
compatible = "xunlong,orangepi-one", "allwinner,sun8i-h3";
|
||||
|
||||
aliases {
|
||||
+ ethernet0 = &emac;
|
||||
serial0 = &uart0;
|
||||
};
|
||||
|
||||
@@ -97,6 +98,13 @@
|
||||
status = "okay";
|
||||
};
|
||||
|
||||
+&emac {
|
||||
+ phy-handle = <&int_mii_phy>;
|
||||
+ phy-mode = "mii";
|
||||
+ allwinner,leds-active-low;
|
||||
+ status = "okay";
|
||||
+};
|
||||
+
|
||||
&mmc0 {
|
||||
pinctrl-names = "default";
|
||||
pinctrl-0 = <&mmc0_pins_a>, <&mmc0_cd_pin>;
|
||||
diff --git a/arch/arm/boot/dts/sun8i-h3-orangepi-pc-plus.dts b/arch/arm/boot/dts/sun8i-h3-orangepi-pc-plus.dts
|
||||
index 8b93f5c781a7..a10281b455f5 100644
|
||||
--- a/arch/arm/boot/dts/sun8i-h3-orangepi-pc-plus.dts
|
||||
+++ b/arch/arm/boot/dts/sun8i-h3-orangepi-pc-plus.dts
|
||||
@@ -53,6 +53,11 @@
|
||||
};
|
||||
};
|
||||
|
||||
+&emac {
|
||||
+ /* LEDs changed to active high on the plus */
|
||||
+ /delete-property/ allwinner,leds-active-low;
|
||||
+};
|
||||
+
|
||||
&mmc1 {
|
||||
pinctrl-names = "default";
|
||||
pinctrl-0 = <&mmc1_pins_a>;
|
||||
diff --git a/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dts b/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dts
|
||||
index 1a044b17d6c6..998b60f8d295 100644
|
||||
--- a/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dts
|
||||
+++ b/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dts
|
||||
@@ -52,6 +52,7 @@
|
||||
compatible = "xunlong,orangepi-pc", "allwinner,sun8i-h3";
|
||||
|
||||
aliases {
|
||||
+ ethernet0 = &emac;
|
||||
serial0 = &uart0;
|
||||
};
|
||||
|
||||
@@ -113,6 +114,13 @@
|
||||
status = "okay";
|
||||
};
|
||||
|
||||
+&emac {
|
||||
+ phy-handle = <&int_mii_phy>;
|
||||
+ phy-mode = "mii";
|
||||
+ allwinner,leds-active-low;
|
||||
+ status = "okay";
|
||||
+};
|
||||
+
|
||||
&ir {
|
||||
pinctrl-names = "default";
|
||||
pinctrl-0 = <&ir_pins_a>;
|
||||
diff --git a/arch/arm/boot/dts/sun8i-h3-orangepi-plus.dts b/arch/arm/boot/dts/sun8i-h3-orangepi-plus.dts
|
||||
index 828ae7a526d9..3002c025e187 100644
|
||||
--- a/arch/arm/boot/dts/sun8i-h3-orangepi-plus.dts
|
||||
+++ b/arch/arm/boot/dts/sun8i-h3-orangepi-plus.dts
|
||||
@@ -47,6 +47,10 @@
|
||||
model = "Xunlong Orange Pi Plus / Plus 2";
|
||||
compatible = "xunlong,orangepi-plus", "allwinner,sun8i-h3";
|
||||
|
||||
+ aliases {
|
||||
+ ethernet0 = &emac;
|
||||
+ };
|
||||
+
|
||||
reg_gmac_3v3: gmac-3v3 {
|
||||
compatible = "regulator-fixed";
|
||||
regulator-name = "gmac-3v3";
|
||||
@@ -74,6 +78,24 @@
|
||||
status = "okay";
|
||||
};
|
||||
|
||||
+&emac {
|
||||
+ pinctrl-names = "default";
|
||||
+ pinctrl-0 = <&emac_rgmii_pins>;
|
||||
+ phy-supply = <®_gmac_3v3>;
|
||||
+ phy-handle = <&ext_rgmii_phy>;
|
||||
+ phy-mode = "rgmii";
|
||||
+
|
||||
+ allwinner,leds-active-low;
|
||||
+ status = "okay";
|
||||
+};
|
||||
+
|
||||
+&external_mdio {
|
||||
+ ext_rgmii_phy: ethernet-phy@1 {
|
||||
+ compatible = "ethernet-phy-ieee802.3-c22";
|
||||
+ reg = <0>;
|
||||
+ };
|
||||
+};
|
||||
+
|
||||
&mmc2 {
|
||||
pinctrl-names = "default";
|
||||
pinctrl-0 = <&mmc2_8bit_pins>;
|
||||
diff --git a/arch/arm/boot/dts/sun8i-h3-orangepi-plus2e.dts b/arch/arm/boot/dts/sun8i-h3-orangepi-plus2e.dts
|
||||
index 97920b12a944..6dbf7b2e0c13 100644
|
||||
--- a/arch/arm/boot/dts/sun8i-h3-orangepi-plus2e.dts
|
||||
+++ b/arch/arm/boot/dts/sun8i-h3-orangepi-plus2e.dts
|
||||
@@ -61,3 +61,19 @@
|
||||
gpio = <&pio 3 6 GPIO_ACTIVE_HIGH>; /* PD6 */
|
||||
};
|
||||
};
|
||||
+
|
||||
+&emac {
|
||||
+ pinctrl-names = "default";
|
||||
+ pinctrl-0 = <&emac_rgmii_pins>;
|
||||
+ phy-supply = <®_gmac_3v3>;
|
||||
+ phy-handle = <&ext_rgmii_phy>;
|
||||
+ phy-mode = "rgmii";
|
||||
+ status = "okay";
|
||||
+};
|
||||
+
|
||||
+&external_mdio {
|
||||
+ ext_rgmii_phy: ethernet-phy@1 {
|
||||
+ compatible = "ethernet-phy-ieee802.3-c22";
|
||||
+ reg = <1>;
|
||||
+ };
|
||||
+};
|
||||
--
|
||||
2.11.0
|
||||
|
|
@ -1,61 +0,0 @@
|
|||
From 303b9462705deb7f35fef42497f6153a9477d3da Mon Sep 17 00:00:00 2001
|
||||
From: Corentin Labbe <clabbe.montjoie@gmail.com>
|
||||
Date: Tue, 31 Oct 2017 09:19:10 +0100
|
||||
Subject: [PATCH 7/8] arm: dts: sunxi: h3/h5: Restore EMAC changes
|
||||
|
||||
The original dwmac-sun8i DT bindings have some issue on how to handle
|
||||
integrated PHY and was reverted in last RC of 4.13.
|
||||
But now we have a solution so we need to get back that was reverted.
|
||||
|
||||
This patch restore sunxi-h3-h5.dtsi
|
||||
This reverts partially commit fe45174b72ae ("arm: dts: sunxi: Revert EMAC changes")
|
||||
|
||||
Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com>
|
||||
Acked-by: Florian Fainelli <f.fainelli@gmail.com>
|
||||
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
|
||||
---
|
||||
arch/arm/boot/dts/sunxi-h3-h5.dtsi | 28 +++++++++++++++++++++++++++-
|
||||
1 file changed, 27 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/arch/arm/boot/dts/sunxi-h3-h5.dtsi b/arch/arm/boot/dts/sunxi-h3-h5.dtsi
|
||||
index 11240a8313c2..eb200622afac 100644
|
||||
--- a/arch/arm/boot/dts/sunxi-h3-h5.dtsi
|
||||
+++ b/arch/arm/boot/dts/sunxi-h3-h5.dtsi
|
||||
@@ -391,7 +391,33 @@
|
||||
clocks = <&osc24M>;
|
||||
};
|
||||
|
||||
- spi0: spi@01c68000 {
|
||||
+ emac: ethernet@1c30000 {
|
||||
+ compatible = "allwinner,sun8i-h3-emac";
|
||||
+ syscon = <&syscon>;
|
||||
+ reg = <0x01c30000 0x10000>;
|
||||
+ interrupts = <GIC_SPI 82 IRQ_TYPE_LEVEL_HIGH>;
|
||||
+ interrupt-names = "macirq";
|
||||
+ resets = <&ccu RST_BUS_EMAC>;
|
||||
+ reset-names = "stmmaceth";
|
||||
+ clocks = <&ccu CLK_BUS_EMAC>;
|
||||
+ clock-names = "stmmaceth";
|
||||
+ #address-cells = <1>;
|
||||
+ #size-cells = <0>;
|
||||
+ status = "disabled";
|
||||
+
|
||||
+ mdio: mdio {
|
||||
+ #address-cells = <1>;
|
||||
+ #size-cells = <0>;
|
||||
+ int_mii_phy: ethernet-phy@1 {
|
||||
+ compatible = "ethernet-phy-ieee802.3-c22";
|
||||
+ reg = <1>;
|
||||
+ clocks = <&ccu CLK_BUS_EPHY>;
|
||||
+ resets = <&ccu RST_BUS_EPHY>;
|
||||
+ };
|
||||
+ };
|
||||
+ };
|
||||
+
|
||||
+ spi0: spi@1c68000 {
|
||||
compatible = "allwinner,sun8i-h3-spi";
|
||||
reg = <0x01c68000 0x1000>;
|
||||
interrupts = <GIC_SPI 65 IRQ_TYPE_LEVEL_HIGH>;
|
||||
--
|
||||
2.11.0
|
||||
|
|
@ -1,64 +0,0 @@
|
|||
From 8069b501d43784d45c8e89bb75083397281b90aa Mon Sep 17 00:00:00 2001
|
||||
From: Corentin Labbe <clabbe.montjoie@gmail.com>
|
||||
Date: Tue, 31 Oct 2017 09:19:11 +0100
|
||||
Subject: [PATCH 8/8] ARM: dts: sunxi: h3/h5: represent the mdio switch used by
|
||||
sun8i-h3-emac
|
||||
|
||||
Since dwmac-sun8i could use either an integrated PHY or an external PHY
|
||||
(which could be at same MDIO address), we need to represent this selection
|
||||
by a MDIO switch.
|
||||
|
||||
Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com>
|
||||
Acked-by: Florian Fainelli <f.fainelli@gmail.com>
|
||||
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
|
||||
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
|
||||
---
|
||||
arch/arm/boot/dts/sunxi-h3-h5.dtsi | 31 +++++++++++++++++++++++++++----
|
||||
1 file changed, 27 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/arch/arm/boot/dts/sunxi-h3-h5.dtsi b/arch/arm/boot/dts/sunxi-h3-h5.dtsi
|
||||
index eb200622afac..6919a0544fe7 100644
|
||||
--- a/arch/arm/boot/dts/sunxi-h3-h5.dtsi
|
||||
+++ b/arch/arm/boot/dts/sunxi-h3-h5.dtsi
|
||||
@@ -408,11 +408,34 @@
|
||||
mdio: mdio {
|
||||
#address-cells = <1>;
|
||||
#size-cells = <0>;
|
||||
- int_mii_phy: ethernet-phy@1 {
|
||||
- compatible = "ethernet-phy-ieee802.3-c22";
|
||||
+ compatible = "snps,dwmac-mdio";
|
||||
+ };
|
||||
+
|
||||
+ mdio-mux {
|
||||
+ compatible = "allwinner,sun8i-h3-mdio-mux";
|
||||
+ #address-cells = <1>;
|
||||
+ #size-cells = <0>;
|
||||
+
|
||||
+ mdio-parent-bus = <&mdio>;
|
||||
+ /* Only one MDIO is usable at the time */
|
||||
+ internal_mdio: mdio@1 {
|
||||
+ compatible = "allwinner,sun8i-h3-mdio-internal";
|
||||
reg = <1>;
|
||||
- clocks = <&ccu CLK_BUS_EPHY>;
|
||||
- resets = <&ccu RST_BUS_EPHY>;
|
||||
+ #address-cells = <1>;
|
||||
+ #size-cells = <0>;
|
||||
+
|
||||
+ int_mii_phy: ethernet-phy@1 {
|
||||
+ compatible = "ethernet-phy-ieee802.3-c22";
|
||||
+ reg = <1>;
|
||||
+ clocks = <&ccu CLK_BUS_EPHY>;
|
||||
+ resets = <&ccu RST_BUS_EPHY>;
|
||||
+ };
|
||||
+ };
|
||||
+
|
||||
+ external_mdio: mdio@2 {
|
||||
+ reg = <2>;
|
||||
+ #address-cells = <1>;
|
||||
+ #size-cells = <0>;
|
||||
};
|
||||
};
|
||||
};
|
||||
--
|
||||
2.11.0
|
||||
|
|
@ -30,7 +30,7 @@ Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
|
|||
|
||||
--- a/Documentation/admin-guide/kernel-parameters.txt
|
||||
+++ b/Documentation/admin-guide/kernel-parameters.txt
|
||||
@@ -3829,6 +3829,10 @@
|
||||
@@ -4048,6 +4048,10 @@
|
||||
|
||||
switches= [HW,M68k]
|
||||
|
||||
|
@ -43,7 +43,7 @@ Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
|
|||
on older distributions. When this option is enabled
|
||||
--- a/arch/x86/Kconfig
|
||||
+++ b/arch/x86/Kconfig
|
||||
@@ -2757,6 +2757,14 @@ config COMPAT_32
|
||||
@@ -2850,6 +2850,14 @@ config COMPAT_32
|
||||
select HAVE_UID16
|
||||
select OLD_SIGSUSPEND3
|
||||
|
||||
|
@ -60,7 +60,7 @@ Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
|
|||
depends on IA32_EMULATION || X86_X32
|
||||
--- a/arch/x86/include/asm/elf.h
|
||||
+++ b/arch/x86/include/asm/elf.h
|
||||
@@ -9,6 +9,7 @@
|
||||
@@ -10,6 +10,7 @@
|
||||
#include <asm/ptrace.h>
|
||||
#include <asm/user.h>
|
||||
#include <asm/auxvec.h>
|
||||
|
@ -68,7 +68,7 @@ Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
|
|||
|
||||
typedef unsigned long elf_greg_t;
|
||||
|
||||
@@ -162,7 +163,7 @@ do { \
|
||||
@@ -163,7 +164,7 @@ do { \
|
||||
|
||||
#define compat_elf_check_arch(x) \
|
||||
(elf_check_arch_ia32(x) || \
|
||||
|
@ -79,7 +79,7 @@ Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
|
|||
# error "The following code assumes __USER32_DS == __USER_DS"
|
||||
--- a/arch/x86/entry/entry_64.S
|
||||
+++ b/arch/x86/entry/entry_64.S
|
||||
@@ -190,8 +190,12 @@ entry_SYSCALL_64_fastpath:
|
||||
@@ -251,8 +251,12 @@ entry_SYSCALL_64_fastpath:
|
||||
#if __SYSCALL_MASK == ~0
|
||||
cmpq $__NR_syscall_max, %rax
|
||||
#else
|
||||
|
@ -94,8 +94,8 @@ Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
|
|||
#endif
|
||||
ja 1f /* return -ENOSYS (already in pt_regs->ax) */
|
||||
movq %r10, %rcx
|
||||
@@ -326,6 +330,16 @@ opportunistic_sysret_failed:
|
||||
jmp restore_c_regs_and_iret
|
||||
@@ -409,6 +413,16 @@ syscall_return_via_sysret:
|
||||
USERGS_SYSRET64
|
||||
END(entry_SYSCALL_64)
|
||||
|
||||
+#if __SYSCALL_MASK != ~0
|
||||
|
@ -113,7 +113,7 @@ Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
|
|||
* Syscalls marked as needing ptregs land here.
|
||||
--- a/arch/x86/entry/syscall_64.c
|
||||
+++ b/arch/x86/entry/syscall_64.c
|
||||
@@ -3,8 +3,14 @@
|
||||
@@ -4,8 +4,14 @@
|
||||
#include <linux/linkage.h>
|
||||
#include <linux/sys.h>
|
||||
#include <linux/cache.h>
|
||||
|
@ -128,7 +128,7 @@ Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
|
|||
|
||||
#define __SYSCALL_64_QUAL_(sym) sym
|
||||
#define __SYSCALL_64_QUAL_ptregs(sym) ptregs_##sym
|
||||
@@ -25,3 +31,36 @@ asmlinkage const sys_call_ptr_t sys_call
|
||||
@@ -26,3 +32,36 @@ asmlinkage const sys_call_ptr_t sys_call
|
||||
[0 ... __NR_syscall_max] = &sys_ni_syscall,
|
||||
#include <asm/syscalls_64.h>
|
||||
};
|
||||
|
@ -167,7 +167,7 @@ Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
|
|||
+#endif
|
||||
--- a/arch/x86/entry/common.c
|
||||
+++ b/arch/x86/entry/common.c
|
||||
@@ -264,6 +264,7 @@ __visible void do_syscall_64(struct pt_r
|
||||
@@ -269,6 +269,7 @@ __visible void do_syscall_64(struct pt_r
|
||||
{
|
||||
struct thread_info *ti = current_thread_info();
|
||||
unsigned long nr = regs->orig_ax;
|
||||
|
@ -175,7 +175,7 @@ Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
|
|||
|
||||
enter_from_user_mode();
|
||||
local_irq_enable();
|
||||
@@ -276,8 +277,19 @@ __visible void do_syscall_64(struct pt_r
|
||||
@@ -281,8 +282,19 @@ __visible void do_syscall_64(struct pt_r
|
||||
* table. The only functional difference is the x32 bit in
|
||||
* regs->orig_ax, which changes the behavior of some syscalls.
|
||||
*/
|
||||
|
|
|
@ -62,7 +62,6 @@ bugfix/x86/platform-x86-ideapad-laptop-add-several-models-to-no.patch
|
|||
debian/revert-gpu-host1x-add-iommu-support.patch
|
||||
bugfix/x86/perf-tools-fix-unwind-build-on-i386.patch
|
||||
bugfix/sh/sh-boot-do-not-use-hyphen-in-exported-variable-name.patch
|
||||
bugfix/arm/arm-dts-exynos-add-dwc3-susphy-quirk.patch
|
||||
bugfix/x86/mmap-remember-the-map_fixed-flag-as-vm_fixed.patch
|
||||
bugfix/x86/mmap-add-an-exception-to-the-stack-gap-for-hotspot-jvm.patch
|
||||
|
||||
|
@ -78,37 +77,39 @@ bugfix/all/disable-some-marvell-phys.patch
|
|||
bugfix/all/fs-add-module_softdep-declarations-for-hard-coded-cr.patch
|
||||
bugfix/all/partially-revert-usb-kconfig-using-select-for-usb_co.patch
|
||||
bugfix/all/kbuild-include-addtree-remove-quotes-before-matching-path.patch
|
||||
bugfix/all/i40e-i40evf-organize-and-re-number-feature-flags.patch
|
||||
bugfix/all/i40e-fix-flags-declaration.patch
|
||||
bugfix/all/xen-time-do-not-decrease-steal-time-after-live-migra.patch
|
||||
|
||||
# Miscellaneous features
|
||||
|
||||
# Lockdown (formerly 'securelevel') patchset
|
||||
features/all/lockdown/0038-efi-Add-EFI_SECURE_BOOT-bit.patch
|
||||
features/all/lockdown/0039-Add-the-ability-to-lock-down-access-to-the-running-k.patch
|
||||
features/all/lockdown/0040-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mo.patch
|
||||
features/all/lockdown/0041-Enforce-module-signatures-if-the-kernel-is-locked-do.patch
|
||||
features/all/lockdown/0042-Restrict-dev-mem-and-dev-kmem-when-the-kernel-is-loc.patch
|
||||
features/all/lockdown/0043-Add-a-sysrq-option-to-exit-secure-boot-mode.patch
|
||||
features/all/lockdown/0044-kexec-Disable-at-runtime-if-the-kernel-is-locked-dow.patch
|
||||
features/all/lockdown/0045-Copy-secure_boot-flag-in-boot-params-across-kexec-re.patch
|
||||
features/all/lockdown/0046-kexec_file-Disable-at-runtime-if-securelevel-has-bee.patch
|
||||
features/all/lockdown/0047-hibernate-Disable-when-the-kernel-is-locked-down.patch
|
||||
features/all/lockdown/0048-uswsusp-Disable-when-the-kernel-is-locked-down.patch
|
||||
features/all/lockdown/0049-PCI-Lock-down-BAR-access-when-the-kernel-is-locked-d.patch
|
||||
features/all/lockdown/0050-x86-Lock-down-IO-port-access-when-the-kernel-is-lock.patch
|
||||
features/all/lockdown/0051-x86-Restrict-MSR-access-when-the-kernel-is-locked-do.patch
|
||||
features/all/lockdown/0052-asus-wmi-Restrict-debugfs-interface-when-the-kernel-.patch
|
||||
features/all/lockdown/0053-ACPI-Limit-access-to-custom_method-when-the-kernel-i.patch
|
||||
features/all/lockdown/0054-acpi-Ignore-acpi_rsdp-kernel-param-when-the-kernel-h.patch
|
||||
features/all/lockdown/0055-acpi-Disable-ACPI-table-override-if-the-kernel-is-lo.patch
|
||||
features/all/lockdown/0056-acpi-Disable-APEI-error-injection-if-the-kernel-is-l.patch
|
||||
features/all/lockdown/0057-bpf-Restrict-kernel-image-access-functions-when-the-.patch
|
||||
features/all/lockdown/0058-scsi-Lock-down-the-eata-driver.patch
|
||||
features/all/lockdown/0059-Prohibit-PCMCIA-CIS-storage-when-the-kernel-is-locke.patch
|
||||
features/all/lockdown/0060-Lock-down-TIOCSSERIAL.patch
|
||||
features/all/lockdown/0061-Lock-down-module-params-that-specify-hardware-parame.patch
|
||||
features/all/lockdown/0001-Add-the-ability-to-lock-down-access-to-the-running-k.patch
|
||||
features/all/lockdown/0002-Add-a-SysRq-option-to-lift-kernel-lockdown.patch
|
||||
features/all/lockdown/0003-ima-require-secure_boot-rules-in-lockdown-mode.patch
|
||||
features/all/lockdown/0004-Enforce-module-signatures-if-the-kernel-is-locked-do.patch
|
||||
features/all/lockdown/0005-Restrict-dev-mem-kmem-port-when-the-kernel-is-locked.patch
|
||||
features/all/lockdown/0006-kexec-Disable-at-runtime-if-the-kernel-is-locked-dow.patch
|
||||
features/all/lockdown/0007-Copy-secure_boot-flag-in-boot-params-across-kexec-re.patch
|
||||
features/all/lockdown/0008-kexec_file-Restrict-at-runtime-if-the-kernel-is-lock.patch
|
||||
features/all/lockdown/0009-hibernate-Disable-when-the-kernel-is-locked-down.patch
|
||||
features/all/lockdown/0010-uswsusp-Disable-when-the-kernel-is-locked-down.patch
|
||||
features/all/lockdown/0011-PCI-Lock-down-BAR-access-when-the-kernel-is-locked-d.patch
|
||||
features/all/lockdown/0012-x86-Lock-down-IO-port-access-when-the-kernel-is-lock.patch
|
||||
features/all/lockdown/0013-x86-msr-Restrict-MSR-access-when-the-kernel-is-locke.patch
|
||||
features/all/lockdown/0014-asus-wmi-Restrict-debugfs-interface-when-the-kernel-.patch
|
||||
features/all/lockdown/0015-ACPI-Limit-access-to-custom_method-when-the-kernel-i.patch
|
||||
features/all/lockdown/0016-acpi-Ignore-acpi_rsdp-kernel-param-when-the-kernel-h.patch
|
||||
features/all/lockdown/0017-acpi-Disable-ACPI-table-override-if-the-kernel-is-lo.patch
|
||||
features/all/lockdown/0018-acpi-Disable-APEI-error-injection-if-the-kernel-is-l.patch
|
||||
features/all/lockdown/0019-scsi-Lock-down-the-eata-driver.patch
|
||||
features/all/lockdown/0020-Prohibit-PCMCIA-CIS-storage-when-the-kernel-is-locke.patch
|
||||
features/all/lockdown/0021-Lock-down-TIOCSSERIAL.patch
|
||||
features/all/lockdown/0022-Lock-down-module-params-that-specify-hardware-parame.patch
|
||||
features/all/lockdown/0023-x86-mmiotrace-Lock-down-the-testmmiotrace-module.patch
|
||||
features/all/lockdown/0024-debugfs-Disallow-use-of-debugfs-files-when-the-kerne.patch
|
||||
features/all/lockdown/0025-Lock-down-proc-kcore.patch
|
||||
features/all/lockdown/0026-Lock-down-kprobes.patch
|
||||
features/all/lockdown/0027-bpf-Restrict-kernel-image-access-functions-when-the-.patch
|
||||
features/all/lockdown/0028-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-b.patch
|
||||
features/all/lockdown/0029-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mo.patch
|
||||
# some missing pieces
|
||||
features/all/lockdown/enable-cold-boot-attack-mitigation.patch
|
||||
features/all/lockdown/mtd-disable-slram-and-phram-when-locked-down.patch
|
||||
|
@ -116,30 +117,10 @@ features/all/lockdown/arm64-add-kernel-config-option-to-lock-down-when.patch
|
|||
|
||||
# Security fixes
|
||||
debian/i386-686-pae-pci-set-pci-nobios-by-default.patch
|
||||
bugfix/all/dccp-cve-2017-8824-use-after-free-in-dccp-code.patch
|
||||
bugfix/all/netfilter-nfnetlink_cthelper-add-missing-permission-.patch
|
||||
bugfix/all/netlink-add-netns-check-on-taps.patch
|
||||
bugfix/all/netfilter-xt_osf-add-missing-permission-checks.patch
|
||||
bugfix/all/usb-core-prevent-malicious-bnuminterfaces-overflow.patch
|
||||
bugfix/all/net-ipv4-fix-for-a-race-condition-in-raw_sendmsg.patch
|
||||
bugfix/all/media-dvb-usb-v2-lmedm04-Improve-logic-checking-of-w.patch
|
||||
bugfix/all/media-dvb-usb-v2-lmedm04-move-ts2020-attach-to-dm04_.patch
|
||||
bugfix/all/media-hdpvr-fix-an-error-handling-path-in-hdpvr_prob.patch
|
||||
bugfix/all/kvm-fix-stack-out-of-bounds-read-in-write_mmio.patch
|
||||
bugfix/all/bluetooth-prevent-stack-info-leak-from-the-efs-element.patch
|
||||
bugfix/all/crypto-salsa20-fix-blkcipher_walk-API-usage.patch
|
||||
bugfix/all/crypto-hmac-require-that-the-underlying-hash-algorit.patch
|
||||
bugfix/all/bpf-encapsulate-verifier-log-state-into-a-structure.patch
|
||||
bugfix/all/bpf-move-global-verifier-log-into-verifier-environme.patch
|
||||
bugfix/all/bpf-fix-branch-pruning-logic.patch
|
||||
bugfix/all/bpf-verifier-fix-bounds-calculation-on-bpf_rsh.patch
|
||||
bugfix/all/bpf-fix-incorrect-sign-extension-in-check_alu_op.patch
|
||||
bugfix/all/bpf-fix-incorrect-tracking-of-register-size-truncati.patch
|
||||
bugfix/all/bpf-fix-32-bit-alu-op-verification.patch
|
||||
bugfix/all/bpf-fix-missing-error-return-in-check_stack_boundary.patch
|
||||
bugfix/all/bpf-force-strict-alignment-checks-for-stack-pointers.patch
|
||||
bugfix/all/bpf-don-t-prune-branches-when-a-scalar-is-replaced-w.patch
|
||||
bugfix/all/bpf-fix-integer-overflows.patch
|
||||
|
||||
# Fix exported symbol versions
|
||||
bugfix/all/module-disable-matching-missing-version-crc.patch
|
||||
|
@ -154,16 +135,5 @@ bugfix/x86/revert-perf-build-fix-libunwind-feature-detection-on.patch
|
|||
bugfix/all/tools-build-remove-bpf-run-time-check-at-build-time.patch
|
||||
bugfix/all/cpupower-bump-soname-version.patch
|
||||
bugfix/all/cpupower-fix-checks-for-cpu-existence.patch
|
||||
bugfix/all/tools-lib-lockdep-define-pr_cont.patch
|
||||
|
||||
# Backport patches from 4.15.x to support dwmac-sun8i
|
||||
features/arm/dwmac-sun8i/0001-net-stmmac-dwmac-sun8i-Handle-integrated-external-MD.patch
|
||||
features/arm/dwmac-sun8i/0002-net-stmmac-sun8i-Restore-the-compatibles.patch
|
||||
features/arm/dwmac-sun8i/0003-arm64-dts-allwinner-A64-Restore-EMAC-changes.patch
|
||||
features/arm/dwmac-sun8i/0004-arm64-dts-allwinner-add-snps-dwmac-mdio-compatible-t.patch
|
||||
features/arm/dwmac-sun8i/0005-arm64-dts-allwinner-H5-Restore-EMAC-changes.patch
|
||||
features/arm/dwmac-sun8i/0006-ARM-dts-sunxi-Restore-EMAC-changes-boards.patch
|
||||
features/arm/dwmac-sun8i/0007-arm-dts-sunxi-h3-h5-Restore-EMAC-changes.patch
|
||||
features/arm/dwmac-sun8i/0008-ARM-dts-sunxi-h3-h5-represent-the-mdio-switch-used-b.patch
|
||||
|
||||
# ABI maintenance
|
||||
|
|
Loading…
Reference in New Issue