summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2014-07-09pefile: Digest the PE binary and compare to the PKCS#7 dataDavid Howells1-0/+197
Digest the signed parts of the PE binary, canonicalising the section table before we need it, and then compare the the resulting digest to the one in the PKCS#7 signed content. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org>
2014-07-09pefile: Handle pesign using the wrong OIDVivek Goyal1-1/+7
The pesign utility had a bug where it was using OID_msIndividualSPKeyPurpose instead of OID_msPeImageDataObjId - so allow both OIDs. Signed-off-by: Vivek Goyal <vgoyal@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com>
2014-07-09pefile: Parse the "Microsoft individual code signing" data blobDavid Howells6-2/+174
The PKCS#7 certificate should contain a "Microsoft individual code signing" data blob as its signed content. This blob contains a digest of the signed content of the PE binary and the OID of the digest algorithm used (typically SHA256). Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org>
2014-07-09pefile: Parse the presumed PKCS#7 content of the certificate blobDavid Howells1-1/+20
Parse the content of the certificate blob, presuming it to be PKCS#7 format. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org>
2014-07-09pefile: Strip the wrapper off of the cert data blockDavid Howells1-0/+71
The certificate data block in a PE binary has a wrapper around the PKCS#7 signature we actually want to get at. Strip this off and check that we've got something that appears to be a PKCS#7 signature. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org>
2014-07-09pefile: Parse a PE binary to find a key and a signature contained thereinDavid Howells5-0/+235
Parse a PE binary to find a key and a signature contained therein. Later patches will check the signature and add the key if the signature checks out. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org>
2014-07-09Provide PE binary definitionsDavid Howells1-0/+448
Provide some PE binary structural and constant definitions as taken from the pesign package sources. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org>
2014-07-08KEYS: X.509: Fix a spelling mistakeDavid Howells1-1/+1
Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com>
2014-07-08PKCS#7: Provide a key type for testing PKCS#7David Howells3-0/+117
Provide a key type for testing the PKCS#7 parser. It is given a non-detached PKCS#7 message as payload: keyctl padd pkcs7_test a @s <stuff.pkcs7 The PKCS#7 wrapper is validated against the trusted certificates available and then stripped off. If successful, the key can be read, which will give the data content of the PKCS#7 message. A suitable message can be created by running make on the attached Makefile. This will produce a file called stuff.pkcs7 for test loading. The key3.x509 file should be put into the kernel source tree before it is built and converted to DER form: openssl x509 -in .../pkcs7/key3.x509 -outform DER -out key3.x509 ############################################################################### # # Create a pkcs7 message and sign it twice # # openssl x509 -text -inform PEM -noout -in key2.x509 # ############################################################################### stuff.pkcs7: stuff.txt key2.priv key2.x509 key4.priv key4.x509 certs $(RM) $@ openssl smime -sign \ -signer key2.x509 \ -inkey key2.priv \ -signer key4.x509 \ -inkey key4.priv \ -in stuff.txt \ -certfile certs \ -out $@ -binary -outform DER -nodetach openssl pkcs7 -inform DER -in stuff.pkcs7 -print_certs -noout openssl asn1parse -inform DER -in stuff.pkcs7 -i >out stuff.txt: echo "The quick red fox jumped over the lazy brown dog" >stuff.txt certs: key1.x509 key2.x509 key3.x509 key4.x509 cat key{1,3}.x509 >$@ ############################################################################### # # Generate a signed key # # openssl x509 -text -inform PEM -noout -in key2.x509 # ############################################################################### key2.x509: key2.x509_unsigned key1.priv key1.x509 openssl x509 \ -req -in key2.x509_unsigned \ -out key2.x509 \ -extfile key2.genkey -extensions myexts \ -CA key1.x509 \ -CAkey key1.priv \ -CAcreateserial key2.priv key2.x509_unsigned: key2.genkey openssl req -new -nodes -utf8 -sha1 -days 36500 \ -batch -outform PEM \ -config key2.genkey \ -keyout key2.priv \ -out key2.x509_unsigned key2.genkey: @echo Generating X.509 key generation config @echo >$@ "[ req ]" @echo >>$@ "default_bits = 4096" @echo >>$@ "distinguished_name = req_distinguished_name" @echo >>$@ "prompt = no" @echo >>$@ "string_mask = utf8only" @echo >>$@ "x509_extensions = myexts" @echo >>$@ @echo >>$@ "[ req_distinguished_name ]" @echo >>$@ "O = Magrathea" @echo >>$@ "CN = PKCS7 key 2" @echo >>$@ "emailAddress = slartibartfast@magrathea.h2g2" @echo >>$@ @echo >>$@ "[ myexts ]" @echo >>$@ "basicConstraints=critical,CA:FALSE" @echo >>$@ "keyUsage=digitalSignature" @echo >>$@ "subjectKeyIdentifier=hash" @echo >>$@ "authorityKeyIdentifier=keyid" ############################################################################### # # Generate a couple of signing keys # # openssl x509 -text -inform PEM -noout -in key1.x509 # ############################################################################### key1.x509: key1.x509_unsigned key4.priv key4.x509 openssl x509 \ -req -in key1.x509_unsigned \ -out key1.x509 \ -extfile key1.genkey -extensions myexts \ -CA key4.x509 \ -CAkey key4.priv \ -CAcreateserial key1.priv key1.x509_unsigned: key1.genkey openssl req -new -nodes -utf8 -sha1 -days 36500 \ -batch -outform PEM \ -config key1.genkey \ -keyout key1.priv \ -out key1.x509_unsigned key1.genkey: @echo Generating X.509 key generation config @echo >$@ "[ req ]" @echo >>$@ "default_bits = 4096" @echo >>$@ "distinguished_name = req_distinguished_name" @echo >>$@ "prompt = no" @echo >>$@ "string_mask = utf8only" @echo >>$@ "x509_extensions = myexts" @echo >>$@ @echo >>$@ "[ req_distinguished_name ]" @echo >>$@ "O = Magrathea" @echo >>$@ "CN = PKCS7 key 1" @echo >>$@ "emailAddress = slartibartfast@magrathea.h2g2" @echo >>$@ @echo >>$@ "[ myexts ]" @echo >>$@ "basicConstraints=critical,CA:TRUE" @echo >>$@ "keyUsage=digitalSignature,keyCertSign" @echo >>$@ "subjectKeyIdentifier=hash" @echo >>$@ "authorityKeyIdentifier=keyid" ############################################################################### # # Generate a signed key # # openssl x509 -text -inform PEM -noout -in key4.x509 # ############################################################################### key4.x509: key4.x509_unsigned key3.priv key3.x509 openssl x509 \ -req -in key4.x509_unsigned \ -out key4.x509 \ -extfile key4.genkey -extensions myexts \ -CA key3.x509 \ -CAkey key3.priv \ -CAcreateserial key4.priv key4.x509_unsigned: key4.genkey openssl req -new -nodes -utf8 -sha1 -days 36500 \ -batch -outform PEM \ -config key4.genkey \ -keyout key4.priv \ -out key4.x509_unsigned key4.genkey: @echo Generating X.509 key generation config @echo >$@ "[ req ]" @echo >>$@ "default_bits = 4096" @echo >>$@ "distinguished_name = req_distinguished_name" @echo >>$@ "prompt = no" @echo >>$@ "string_mask = utf8only" @echo >>$@ "x509_extensions = myexts" @echo >>$@ @echo >>$@ "[ req_distinguished_name ]" @echo >>$@ "O = Magrathea" @echo >>$@ "CN = PKCS7 key 4" @echo >>$@ "emailAddress = slartibartfast@magrathea.h2g2" @echo >>$@ @echo >>$@ "[ myexts ]" @echo >>$@ "basicConstraints=critical,CA:TRUE" @echo >>$@ "keyUsage=digitalSignature,keyCertSign" @echo >>$@ "subjectKeyIdentifier=hash" @echo >>$@ "authorityKeyIdentifier=keyid" ############################################################################### # # Generate a couple of signing keys # # openssl x509 -text -inform PEM -noout -in key3.x509 # ############################################################################### key3.priv key3.x509: key3.genkey openssl req -new -nodes -utf8 -sha1 -days 36500 \ -batch -x509 -outform PEM \ -config key3.genkey \ -keyout key3.priv \ -out key3.x509 key3.genkey: @echo Generating X.509 key generation config @echo >$@ "[ req ]" @echo >>$@ "default_bits = 4096" @echo >>$@ "distinguished_name = req_distinguished_name" @echo >>$@ "prompt = no" @echo >>$@ "string_mask = utf8only" @echo >>$@ "x509_extensions = myexts" @echo >>$@ @echo >>$@ "[ req_distinguished_name ]" @echo >>$@ "O = Magrathea" @echo >>$@ "CN = PKCS7 key 3" @echo >>$@ "emailAddress = slartibartfast@magrathea.h2g2" @echo >>$@ @echo >>$@ "[ myexts ]" @echo >>$@ "basicConstraints=critical,CA:TRUE" @echo >>$@ "keyUsage=digitalSignature,keyCertSign" @echo >>$@ "subjectKeyIdentifier=hash" @echo >>$@ "authorityKeyIdentifier=keyid" clean: $(RM) *~ $(RM) key1.* key2.* key3.* key4.* stuff.* out certs Signed-off-by: David Howells <dhowells@redhat.com>
2014-07-08PKCS#7: Find intersection between PKCS#7 message and known, trusted keysDavid Howells3-0/+228
Find the intersection between the X.509 certificate chain contained in a PKCS#7 message and a set of keys that we already know and trust. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org>
2014-07-08PKCS#7: Verify internal certificate chainDavid Howells1-1/+87
Verify certificate chain in the X.509 certificates contained within the PKCS#7 message as far as possible. If any signature that we should be able to verify fails, we reject the whole lot. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org>
2014-07-08PKCS#7: Find the right key in the PKCS#7 key list and verify the signatureDavid Howells2-0/+69
Find the appropriate key in the PKCS#7 key list and verify the signature with it. There may be several keys in there forming a chain. Any link in that chain or the root of that chain may be in our keyrings. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org>
2014-07-08PKCS#7: Digest the data in a signed-data messageDavid Howells2-1/+175
Digest the data in a PKCS#7 signed-data message and attach to the public_key_signature struct contained in the pkcs7_message struct. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org>
2014-07-08PKCS#7: Implement a parser [RFC 2315]David Howells7-0/+630
Implement a parser for a PKCS#7 signed-data message as described in part of RFC 2315. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org>
2014-07-02X.509: Export certificate parse and free functionsDavid Howells1-0/+3
Export certificate parse and free functions for use by modules. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org> Reviewed-by: Josh Boyer <jwboyer@redhat.com>
2014-07-01X.509: Add bits needed for PKCS#7David Howells3-2/+30
PKCS#7 validation requires access to the serial number and the raw names in an X.509 certificate. Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org> Reviewed-by: Josh Boyer <jwboyer@redhat.com>
2014-06-29Merge tag 'ext4_for_linus_stable' of ↵Linus Torvalds5-6/+68
git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4 Pull ext4 bugfixes from Ted Ts'o: "Fix a regression when trying to compile ext4 on older versions gcc. Fix a number of miscellaneous bugs for punch hole as well as a long-standing potential double buffer head release when failing a block allocation for an indirect-mapped file" * tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4: ext4: Fix hole punching for files with indirect blocks ext4: Fix block zeroing when punching holes in indirect block files ext4: decrement free clusters/inodes counters when block group declared bad fs/mbcache: replace __builtin_log2() with ilog2() ext4: Fix buffer double free in ext4_alloc_branch()
2014-06-29Linux 3.16-rc3v3.16-rc3Linus Torvalds1-1/+1
2014-06-29Merge branch 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-armLinus Torvalds6-6/+45
Pull ARM fixes from Russell King: "Another round of ARM fixes. The largest change here is the L2 changes to work around problems for the Armada 37x/380 devices, where most of the size comes down to comments rather than code. The other significant fix here is for the ptrace code, to ensure that rewritten syscalls work as intended. This was pointed out by Kees Cook, but Will Deacon reworked the patch to be more elegant. The remainder are fairly trivial changes" * 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-arm: ARM: 8087/1: ptrace: reload syscall number after secure_computing() check ARM: 8086/1: Set memblock limit for nommu ARM: 8085/1: sa1100: collie: add top boot mtd partition ARM: 8084/1: sa1100: collie: revert back to cfi_probe ARM: 8080/1: mcpm.h: remove unused variable declaration ARM: 8076/1: mm: add support for HW coherent systems in PL310 cache
2014-06-29MAINTAINERS: exceptions for Documentation maintainerRandy Dunlap1-0/+3
Note that I don't maintain Documentation/ABI/, Documentation/devicetree/, or the language translation files. Signed-off-by: Randy Dunlap <rdunlap@infradead.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2014-06-29Documentation: add section about git to email-clients.txtDan Carpenter1-0/+11
These days most people use git to send patches so I have added a section about that. Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Randy Dunlap <rdunlap@infradead.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2014-06-29ARM: 8087/1: ptrace: reload syscall number after secure_computing() checkWill Deacon1-3/+4
On the syscall tracing path, we call out to secure_computing() to allow seccomp to check the syscall number being attempted. As part of this, a SIGTRAP may be sent to the tracer and the syscall could be re-written by a subsequent SET_SYSCALL ptrace request. Unfortunately, this new syscall is ignored by the current code unless TIF_SYSCALL_TRACE is also set on the current thread. This patch slightly reworks the enter path of the syscall tracing code so that we always reload the syscall number from current_thread_info()->syscall after the potential ptrace traps. Acked-by: Kees Cook <keescook@chromium.org> Tested-by: Kees Cook <keescook@chromium.org> Signed-off-by: Will Deacon <will.deacon@arm.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2014-06-29ARM: 8086/1: Set memblock limit for nommuLaura Abbott1-0/+1
Commit 1c2f87c (ARM: 8025/1: Get rid of meminfo) changed find_limits to use memblock_get_current_limit for calculating the max_low pfn. nommu targets never actually set a limit on memblock though which means memblock_get_current_limit will just return the default value. Set the memblock_limit to be the end of DDR to make sure bounds are calculated correctly. Signed-off-by: Laura Abbott <lauraa@codeaurora.org> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2014-06-29ARM: 8085/1: sa1100: collie: add top boot mtd partitionAndrea Adami1-0/+5
The CFI mapping is now perfect so we can expose the top block, read only. There isn't much to read, though, just the sharpsl_params values. Signed-off-by: Andrea Adami <andrea.adami@gmail.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2014-06-29ARM: 8084/1: sa1100: collie: revert back to cfi_probeAndrea Adami1-1/+1
Reverts commit d26b17edafc45187c30cae134a5e5429d58ad676 ARM: sa1100: collie.c: fall back to jedec_probe flash detection Unfortunately the detection was challenged on the defective unit used for tests: one of the NOR chips did not respond to the CFI query. Moreover that bad device needed extra delays on erase-suspend/resume cycles. Tested personally on 3 different units and with feedback of two other users. Signed-off-by: Andrea Adami <andrea.adami@gmail.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2014-06-29ARM: 8080/1: mcpm.h: remove unused variable declarationNicolas Pitre1-2/+0
The sync_phys variable has been replaced by link time computation in mcpm_head.S before the code was submitted upstream. Signed-off-by: Nicolas Pitre <nico@linaro.org> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2014-06-29ARM: 8076/1: mm: add support for HW coherent systems in PL310 cacheThomas Petazzoni2-0/+34
When a PL310 cache is used on a system that provides hardware coherency, the outer cache sync operation is useless, and can be skipped. Moreover, on some systems, it is harmful as it causes deadlocks between the Marvell coherency mechanism, the Marvell PCIe controller and the Cortex-A9. To avoid this, this commit introduces a new Device Tree property 'arm,io-coherent' for the L2 cache controller node, valid only for the PL310 cache. It identifies the usage of the PL310 cache in an I/O coherent configuration. Internally, it makes the driver disable the outer cache sync operation. Note that technically speaking, a fully coherent system wouldn't require any of the other .outer_cache operations. However, in practice, when booting secondary CPUs, these are not yet coherent, and therefore a set of cache maintenance operations are necessary at this point. This explains why we keep the other .outer_cache operations and only ->sync is disabled. While in theory any write to a PL310 register could cause the deadlock, in practice, disabling ->sync is sufficient to workaround the deadlock, since the other cache maintenance operations are only used in very specific situations. Contrary to previous versions of this patch, this new version does not simply NULL-ify the ->sync member, because the l2c_init_data structures are now 'const' and therefore cannot be modified, which is a good thing. Therefore, this patch introduces a separate l2c_init_data instance, called of_l2c310_coherent_data. Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2014-06-28Merge tag 'spi-v3.16-rc2' of ↵Linus Torvalds4-35/+27
git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi Pull spi fixes from Mark Brown: "A few driver specific fixes, the biggest one being a fix for the newly added Qualcomm SPI controller driver to make it not use its internal chip select due to hardware bugs, replacing it with GPIOs" * tag 'spi-v3.16-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi: spi: qup: Remove chip select function spi: qup: Fix order of spi_register_master spi: sh-sci: fix use-after-free in sh_sci_spi_remove() spi/pxa2xx: fix incorrect SW mode chipselect setting for BayTrail LPSS SPI
2014-06-28Merge tag 'regulator-v3.16-rc2' of ↵Linus Torvalds3-1/+19
git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator Pull regulator fixes from Mark Brown: "Several driver specific fixes here, the palmas fixes being especially important for a range of boards - the recent updates to support new devices have introduced several regressions" * tag 'regulator-v3.16-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator: regulator: tps65218: Correct the the config register for LDO1 regulator: tps65218: Add the missing of_node assignment in probe regulator: palmas: fix typo in enable_reg calculation regulator: bcm590xx: fix vbus name regulator: palmas: Fix SMPS enable/disable/is_enabled
2014-06-28Merge git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pendingLinus Torvalds10-70/+82
Pull SCSI target fixes from Nicholas Bellinger: "Mostly minor fixes this time around. The highlights include: - iscsi-target CHAP authentication fixes to enforce explicit key values (Tejas Vaykole + rahul.rane) - fix a long-standing OOPs in target-core when a alua configfs attribute is accessed after port symlink has been removed. (Sebastian Herbszt) - fix a v3.10.y iscsi-target regression causing the login reject status class/detail to be ignored (Christoph Vu-Brugier) - fix a v3.10.y iscsi-target regression to avoid rejecting an existing ITT during Data-Out when data-direction is wrong (Santosh Kulkarni + Arshad Hussain) - fix a iscsi-target related shutdown deadlock on UP kernels (Mikulas Patocka) - fix a v3.16-rc1 build issue with vhost-scsi + !CONFIG_NET (MST)" * git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending: iscsi-target: fix iscsit_del_np deadlock on unload iovec: move memcpy_from/toiovecend to lib/iovec.c iscsi-target: Avoid rejecting incorrect ITT for Data-Out tcm_loop: Fix memory leak in tcm_loop_submission_work error path iscsi-target: Explicily clear login response PDU in exception path target: Fix left-over se_lun->lun_sep pointer OOPs iscsi-target; Enforce 1024 byte maximum for CHAP_C key value iscsi-target: Convert chap_server_compute_md5 to use kstrtoul
2014-06-28Merge remote-tracking branches 'spi/fix/pxa2xx', 'spi/fix/qup' and ↵Mark Brown4-35/+27
'spi/fix/sh-sci' into spi-linus
2014-06-28Merge remote-tracking branches 'regulator/fix/bcm590xx', ↵Mark Brown3-1/+19
'regulator/fix/palmas' and 'regulator/fix/tps65218' into regulator-linus
2014-06-27iscsi-target: fix iscsit_del_np deadlock on unloadMikulas Patocka1-6/+7
On uniprocessor preemptible kernel, target core deadlocks on unload. The following events happen: * iscsit_del_np is called * it calls send_sig(SIGINT, np->np_thread, 1); * the scheduler switches to the np_thread * the np_thread is woken up, it sees that kthread_should_stop() returns false, so it doesn't terminate * the np_thread clears signals with flush_signals(current); and goes back to sleep in iscsit_accept_np * the scheduler switches back to iscsit_del_np * iscsit_del_np calls kthread_stop(np->np_thread); * the np_thread is waiting in iscsit_accept_np and it doesn't respond to kthread_stop The deadlock could be resolved if the administrator sends SIGINT signal to the np_thread with killall -INT iscsi_np The reproducible deadlock was introduced in commit db6077fd0b7dd41dc6ff18329cec979379071f87, but the thread-stopping code was racy even before. This patch fixes the problem. Using kthread_should_stop to stop the np_thread is unreliable, so we test np_thread_state instead. If np_thread_state equals ISCSI_NP_THREAD_SHUTDOWN, the thread exits. Signed-off-by: Mikulas Patocka <mpatocka@redhat.com> Cc: stable@vger.kernel.org Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2014-06-27Merge tag 'iommu-fixes-v3.16-rc1' of ↵Linus Torvalds2-11/+16
git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu Pull IOMMU fixes from Joerg Roedel: - fix VT-d regression with handling multiple RMRR entries per device - fix a small race that was left in the mmu_notifier handling in the AMD IOMMUv2 driver * tag 'iommu-fixes-v3.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu: iommu/amd: Fix small race between invalidate_range_end/start iommu/vt-d: fix bug in handling multiple RMRRs for the same PCI device
2014-06-27Merge branch 'x86/urgent' of ↵Linus Torvalds14-129/+302
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 fixes from Peter Anvin: "A pile of fixes related to the VDSO, EFI and 32-bit badsys handling. It turns out that removing the section headers from the VDSO breaks gdb, so this puts back most of them. A very simple typo broke rt_sigreturn on some versions of glibc, with obviously disastrous results. The rest is pretty much fixes for the corresponding fallout. The EFI fixes fixes an arithmetic overflow on 32-bit systems and quiets some build warnings. Finally, when invoking an invalid system call number on x86-32, we bypass a bunch of handling, which can make the audit code oops" * 'x86/urgent' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: efi-pstore: Fix an overflow on 32-bit builds x86/vdso: Error out in vdso2c if DT_RELA is present x86/vdso: Move DISABLE_BRANCH_PROFILING into the vdso makefile x86_32, signal: Fix vdso rt_sigreturn x86_32, entry: Do syscall exit work on badsys (CVE-2014-4508) x86/vdso: Create .build-id links for unstripped vdso files x86/vdso: Remove some redundant in-memory section headers x86/vdso: Improve the fake section headers x86/vdso2c: Use better macros for ELF bitness x86/vdso: Discard the __bug_table section efi: Fix compiler warnings (unused, const, type)
2014-06-27Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linusLinus Torvalds19-499/+211
Pull MIPS fixes from Ralf Baechle: "This is dominated by a large number of changes necessary for the MIPS BPF code. code. Aside of that there are - a fix for the MSC system controller support code. - a Turbochannel fix. - a recordmcount fix that's MIPS-specific. - barrier fixes to smp-cps / pm-cps after unrelated changes elsewhere in the kernel. - revert support for MSA registers in the signal frames. The reverted patch did modify the signal stack frame which of course is inacceptable. - fix math-emu build breakage with older compilers. - some related cleanup. - fix Lasat build error if CONFIG_CRC32 isn't set to y by the user" * 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus: (27 commits) MIPS: Lasat: Fix build error if CRC32 is not enabled. TC: Handle device_register() errors. MIPS: MSC: Prevent out-of-bounds writes to MIPS SC ioremap'd region MIPS: bpf: Fix stack space allocation for BPF memwords on MIPS64 MIPS: BPF: Use 32 or 64-bit load instruction to load an address to register MIPS: bpf: Fix PKT_TYPE case for big-endian cores MIPS: BPF: Prevent kernel fall over for >=32bit shifts MIPS: bpf: Drop update_on_xread and always initialize the X register MIPS: bpf: Fix is_range() semantics MIPS: bpf: Use pr_debug instead of pr_warn for unhandled opcodes MIPS: bpf: Fix return values for VLAN_TAG_PRESENT case MIPS: bpf: Use correct mask for VLAN_TAG case MIPS: bpf: Fix branch conditional for BPF_J{GT/GE} cases MIPS: bpf: Add SEEN_SKB to flags when looking for the PKT_TYPE MIPS: bpf: Use 'andi' instead of 'and' for the VLAN cases MIPS: bpf: Return error code if the offset is a negative number MIPS: bpf: Use the LO register to get division's quotient MIPS: mm: uasm: Fix lh micro-assembler instruction MIPS: uasm: Add SLT uasm instruction MIPS: uasm: Add s3s1s2 instruction builder ...
2014-06-27Merge tag 'arc-fixes-for-3.16' of ↵Linus Torvalds9-16/+46
git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc Pull ARC fixes from Vineet Gupta: "Some SMP changes, a ptrace request for NPTL debugging, bunch of build breakages/warnings" * tag 'arc-fixes-for-3.16' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc: ARC: [SMP] Enable icache coherency ARC: [SMP] Fix IPI IRQ registration ARC: Implement ptrace(PTRACE_GET_THREAD_AREA) ARC: optimize kernel bss clearing in early boot code ARC: Fix build breakage for !CONFIG_ARC_DW2_UNWIND ARC: fix build warning in devtree ARC: remove checks for CONFIG_ARC_MMU_V4
2014-06-27Merge tag 'compress-3.16-rc3' of ↵Linus Torvalds1-1/+3
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core Pull compress bugfix from Greg KH: "Here is another lz4 bugfix for 3.16-rc3 that resolves a reported issue with that compression algorithm" * tag 'compress-3.16-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core: lz4: fix another possible overrun
2014-06-27Merge tag 'stable/for-linus-3.16-rc1-tag' of ↵Linus Torvalds1-10/+18
git://git.kernel.org/pub/scm/linux/kernel/git/konrad/swiotlb Pull swiotlb bugfix from Konrad Rzeszutek Wilk: "One bug-fix that had been in tree for quite some time. We had assumed that the physical address zero was invalid and would fail it. But that is not true and on some architectures it is not reserved and valid. This fixes it" * tag 'stable/for-linus-3.16-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/swiotlb: swiotlb: don't assume PA 0 is invalid
2014-06-27Merge tag 'sound-3.16-rc3' of ↵Linus Torvalds12-335/+365
git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound Pull sound fixes from Takashi Iwai: "Here includes a few patchset for fixing mostly HD-audio issues in addition to a patch assuring the compress API bytes alignment and a fix for the die-hard existing race condition at USB-audio disconnection. The volume looks big in Realtek HD-audio code, but it's just a translation of the fixup tables, and the actual changes are rather trivial" * tag 'sound-3.16-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound: ALSA: hda - restore BCLK M/N values when resuming HSW/BDW display controller ALSA: usb-audio: Fix races at disconnection and PCM closing ALSA: hda - Adjust speaker HPF and add LED support for HP Spectre 13 ALSA: hda - Make the pin quirk tables use the SND_HDA_PIN_QUIRK macro ALSA: hda - Make a SND_HDA_PIN_QUIRK macro ALSA: hda - Add pin quirk for Dell XPS 15 ALSA: hda - hdmi: call overridden init on resume ALSA: hda - Fix usage of "model" module parameter ALSA: compress: fix the struct alignment to 4 bytes
2014-06-27Merge tag 'mfd-fixes-3.16' of ↵Linus Torvalds2-3/+4
git://git.kernel.org/pub/scm/linux/kernel/git/lee/mfd Pull MFD fixes from Lee Jones: "Couple of simple fixes due for the v3.16 -rcs" * tag 'mfd-fixes-3.16' of git://git.kernel.org/pub/scm/linux/kernel/git/lee/mfd: mfd: ab8500: Fix dt irq mapping mfd: davinci: Voicecodec needs regmap_mmio mfd: STw481x: Allow modular build mfd: UCB1x00: Enable modular build
2014-06-27Merge branch 'drm-fixes' of git://people.freedesktop.org/~airlied/linuxLinus Torvalds26-70/+169
Pull drm fixes from Dave Airlie: "Exynos, i915 and msm fixes and one core fix. exynos: hdmi power off and mixer issues msm: iommu, build fixes, i915: regression races and warning fixes" * 'drm-fixes' of git://people.freedesktop.org/~airlied/linux: (22 commits) drm/i915: vlv_prepare_pll is only needed in case of non DSI interfaces drm: fix NULL pointer access by wrong ioctl drm/exynos: enable vsync interrupt while waiting for vblank drm/exynos: soft reset mixer before reconfigure after power-on drm/exynos: allow multiple layer updates per vsync for mixer drm/i915: Hold the table lock whilst walking the file's idr and counting the objects in debugfs drm/i915: BDW: Adding Reserved PCI IDs. drm/i915: Only mark the ctx as initialised after a SET_CONTEXT operation drm/exynos: stop mixer before gating clocks during poweroff drm/exynos: set power state variable after enabling clocks and power drm/exynos: disable unused windows on apply drm/exynos: Fix de-registration ordering drm/exynos: change zero to NULL for sparse drm/exynos: dpi: Fix NULL pointer dereference with legacy bindings drm/exynos: hdmi: fix power order issue drm/i915: default to having backlight if VBT not available drm/i915: cache hw power well enabled state drm/msm: fix IOMMU cleanup for -EPROBE_DEFER drm/msm: use PAGE_ALIGNED instead of IS_ALIGNED(PAGE_SIZE) drm/msm/hdmi: set hdp clock rate before prepare_enable ...
2014-06-27iovec: move memcpy_from/toiovecend to lib/iovec.cMichael S. Tsirkin4-60/+59
ERROR: "memcpy_fromiovecend" [drivers/vhost/vhost_scsi.ko] undefined! commit 9f977ef7b671f6169eca78bf40f230fe84b7c7e5 vhost-scsi: Include prot_bytes into expected data transfer length in target-pending makes drivers/vhost/scsi.c call memcpy_fromiovecend(). This function is not available when CONFIG_NET is not enabled. socket.h already includes uio.h, so no callers need updating. Reported-by: Randy Dunlap <rdunlap@infradead.org> Cc: Stephen Rothwell <sfr@canb.auug.org.au> Cc: "David S. Miller" <davem@davemloft.net> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2014-06-27iscsi-target: Avoid rejecting incorrect ITT for Data-OutNicholas Bellinger1-1/+1
This patch changes iscsit_check_dataout_hdr() to dump the incoming Data-Out payload when the received ITT is not associated with a WRITE, instead of calling iscsit_reject_cmd() for the non WRITE ITT descriptor. This addresses a bug where an initiator sending an Data-Out for an ITT associated with a READ would end up generating a reject for the READ, eventually resulting in list corruption. Reported-by: Santosh Kulkarni <santosh.kulkarni@calsoftinc.com> Reported-by: Arshad Hussain <arshad.hussain@calsoftinc.com> Cc: stable@vger.kernel.org # 3.10+ Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2014-06-27lz4: fix another possible overrunGreg Kroah-Hartman1-1/+3
There is one other possible overrun in the lz4 code as implemented by Linux at this point in time (which differs from the upstream lz4 codebase, but will get synced at in a future kernel release.) As pointed out by Don, we also need to check the overflow in the data itself. While we are at it, replace the odd error return value with just a "simple" -1 value as the return value is never used for anything other than a basic "did this work or not" check. Reported-by: "Don A. Bailey" <donb@securitymouse.com> Reported-by: Willy Tarreau <w@1wt.eu> Cc: stable <stable@vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-06-27Merge tag 'efi-urgent' into x86/urgentH. Peter Anvin3-5/+5
* Fix a few compiler warnings (one being a real bug) in the arm64 EFI code that lots of people are running into and reporting - Catalin Marinas * Use a cast to avoid a 32-bit overflow issue when generating pstore filenames - Andrzej Zaborowski Signed-off-by: H. Peter Anvin <hpa@zytor.com>
2014-06-27efi-pstore: Fix an overflow on 32-bit buildsAndrzej Zaborowski1-1/+1
In generic_id the long int timestamp is multiplied by 100000 and needs an explicit cast to u64. Without that the id in the resulting pstore filename is wrong and userspace may have problems parsing it, but more importantly files in pstore can never be deleted and may fill the EFI flash (brick device?). This happens because when generic pstore code wants to delete a file, it passes the id to the EFI backend which reinterpretes it and a wrong variable name is attempted to be deleted. There's no error message but after remounting pstore, deleted files would reappear. Signed-off-by: Andrew Zaborowski <andrew.zaborowski@intel.com> Acked-by: David Rientjes <rientjes@google.com> Cc: <stable@vger.kernel.org> Signed-off-by: Matt Fleming <matt.fleming@intel.com>
2014-06-27Merge tag 'drm-intel-fixes-2014-06-26' of ↵Dave Airlie8-38/+46
git://anongit.freedesktop.org/drm-intel into drm-fixes Fixes for 3.16-rc2; regressions, races, and warns; Broadwell PCI IDs. * tag 'drm-intel-fixes-2014-06-26' of git://anongit.freedesktop.org/drm-intel: drm/i915: vlv_prepare_pll is only needed in case of non DSI interfaces drm/i915: Hold the table lock whilst walking the file's idr and counting the objects in debugfs drm/i915: BDW: Adding Reserved PCI IDs. drm/i915: Only mark the ctx as initialised after a SET_CONTEXT operation drm/i915: default to having backlight if VBT not available drm/i915: cache hw power well enabled state
2014-06-26tcm_loop: Fix memory leak in tcm_loop_submission_work error pathNicholas Bellinger1-0/+1
This patch fixes a tcm_loop_cmd descriptor memory leak in the tcm_loop_submission_work() error path, and would result in warnings about leaked tcm_loop_cmd_cache objects at module unload time. Go ahead and invoke kmem_cache_free() to release tl_cmd back to tcm_loop_cmd_cache before calling sc->scsi_done(). Reported-by: Sebastian Herbszt <herbszt@gmx.de> Tested-by: Sebastian Herbszt <herbszt@gmx.de> Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2014-06-26iscsi-target: Explicily clear login response PDU in exception pathNicholas Bellinger1-0/+2
This patch adds a explicit memset to the login response PDU exception path in iscsit_tx_login_rsp(). This addresses a regression bug introduced in commit baa4d64b where the initiator would end up not receiving the login response and associated status class + detail, before closing the login connection. Reported-by: Christophe Vu-Brugier <cvubrugier@yahoo.fr> Tested-by: Christophe Vu-Brugier <cvubrugier@yahoo.fr> Cc: stable@vger.kernel.org # 3.10+ Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>