On Fri, Jun 21, 2019 at 09:35:11AM +0800, Wanpeng Li wrote:
> From: Wanpeng Li
>
> In real product setup, there will be houseeking cpus in each nodes, it
> is prefer to do housekeeping from local node, fallback to global online
> cpumask if failed to find houseeking cpu from local node.
>
> Cc
On Fri, Jun 21, 2019 at 11:41:26AM +0530, Kishon Vijay Abraham I wrote:
> Hi Greg,
>
> On 12/06/19 3:57 PM, Kishon Vijay Abraham I wrote:
> > Hi Greg,
> >
> > Please find the updated pull request for 5.2 -rc cycle. Here I dropped
> > the patch that added "static" for a function to fix sparse warn
From: Aliasgar Surti
checkpatch reported "WARNING: line over 80 characters".
This patch fixes the warning for file soc_camera/soc_ov5642.c
Signed-off-by: Aliasgar Surti
---
drivers/staging/media/soc_camera/soc_ov5642.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/d
On Thu, Jun 20, 2019 at 01:29:47PM -0700, Nick Desaulniers wrote:
> On Thu, Jun 20, 2019 at 1:15 PM Nathan Chancellor
> wrote:
> >
> > On Thu, Jun 20, 2019 at 12:56:58PM -0700, Nick Desaulniers wrote:
> > > Should there be a fixes by tag?
> >
> > Normally, I would have added one but this issue has
On Thu, Jun 20, 2019 at 09:14:07PM -0400, Martin K. Petersen wrote:
>
> James,
>
> > There's two problems. One is simple terminology: the
> > Documentation/process/licence-rules.rst say:
> >
> > GPL-2.0 means GPL 2 only
> > GPL-2.0+ means GPL 2 or later
> >
> > I believe RMS made a fuss about th
(Added Lars Persson, Guennadi Liakhovetski)
On Fri, Jun 21, 2019 at 3:06 PM Masahiro Yamada
wrote:
This needs Ack from Renesas.
But, I do not know if TMIO folks are sure about this driver, though.
(If they had been sure about it, they should not have duplicated the driver
in the first place.)
-
On Fri, Jun 21, 2019 at 09:25:54AM +0530, Naresh Kamboju wrote:
> On Thu, 20 Jun 2019 at 23:44, Greg Kroah-Hartman
> wrote:
> >
> > This is the start of the stable review cycle for the 5.1.13 release.
> > There are 98 patches in this series, all will be posted as a response
> > to this one. If an
On Thu, Jun 20, 2019 at 06:48:40PM -0500, Jiunn Chang wrote:
> On Thu, Jun 20, 2019 at 07:56:27PM +0200, Greg Kroah-Hartman wrote:
> > This is the start of the stable review cycle for the 5.1.13 release.
> > There are 98 patches in this series, all will be posted as a response
> > to this one. If
For Spreadtrum SD host controller, we can not use standard SD registers
to change and detect the I/O voltage signals, since our voltage regulator
for I/O is fixed in hardware, and no signals were connected to the SD
controller. Thus add Spreadtrum specific voltage switch ops to change
voltage inste
When changing SD card voltage signal for Spreadtrum SD host controller,
it also need to switch related pin's state. Thus add pinctrl properties'
description in documentation.
Signed-off-by: Baolin Wang
---
.../devicetree/bindings/mmc/sdhci-sprd.txt |7 +++
1 file changed, 7 inser
This patch set is used to optimize voltage switch for the
Spreadtrum SD host controller.
Any comments are welcome. Thanks.
Baolin Wang (3):
mmc: sdhci-sprd: Add start_signal_voltage_switch ops
dt-bindings: mmc: sprd: Add pinctrl support
mmc: sdhci-sprd: Add pin control support for voltage s
Hi Greg,
On 12/06/19 3:57 PM, Kishon Vijay Abraham I wrote:
> Hi Greg,
>
> Please find the updated pull request for 5.2 -rc cycle. Here I dropped
> the patch that added "static" for a function to fix sparse warning.
>
> I'm also sending the patches along with this pull request in case you'd
> li
For Spreadtrum SD card voltage switching, besides regulator setting,
it also need switch related pin's state to output corresponding voltage.
This patch adds pin control operation to support voltage switch.
Signed-off-by: Baolin Wang
---
drivers/mmc/host/sdhci-sprd.c | 54
This patch-set is based on 'riscv-for-v5.2/fixes-rc6' tag of
git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git
Tested on HiFive Unleashed board with additional patches required for
testing can be found at dev/yashs/ethernet_dt branch of:
https://github.com/yashshah7/riscv-linux.git
Ya
Intel document says: "When a thread wakes from a sleep state, the store
buffer is repartitioned again. This causes the store buffer to transfer
store buffer entries from the thread that was already active to the one
which just woke up."
To avoid data leak from sibling thread to the woken thread, f
DT node for SiFive FU540-C000 GEMGXL Ethernet controller driver added
Signed-off-by: Yash Shah
---
arch/riscv/boot/dts/sifive/fu540-c000.dtsi | 20
1 file changed, 20 insertions(+)
diff --git a/arch/riscv/boot/dts/sifive/fu540-c000.dtsi
b/arch/riscv/boot/dts/sifive/fu540-c
On Thu, 20 Jun 2019 at 23:37, Waibel Georg
wrote:
>
> In case the requested gpio property is not found in the device tree, some
> callers of gpiod_get_from_of_node() expect a return value of NULL, others
> expect -ENOENT.
> In particular devm_fwnode_get_index_gpiod_from_child() expects -ENOENT.
>
Renesas upstreamed two different drivers for (almost) the same hardware.
usdhi6rol0.c is (what we call) "TMIO MMC", which I am 100% sure from the
the register macros in usdhi6rol0.c.
As commit b6147490e6aa ("mmc: tmio: split core functionality, DMA and
MFD glue") said, the MMC controllers called t
Hello Paul,
On Thu, Jun 20, 2019 at 05:40:04PM +, Paul Burton wrote:
> Hi Serge,
>
> On Fri, Jun 14, 2019 at 09:33:42AM +0300, Serge Semin wrote:
> > There are some generic drivers in the kernel, which make use of the
> > q-accessors or their derivatives. While at current asm/io.h the accesso
Hi,
On 17/06/19 8:48 PM, Sagar Kadam wrote:
> Hello Vignesh,
>
> Thanks for your review comments.
>
> On Sun, Jun 16, 2019 at 6:14 PM Vignesh Raghavendra wrote:
>>
>> Hi,
>>
>> On 12-Jun-19 4:17 PM, Sagar Shrikant Kadam wrote:
>> [...]
>>
>>> @@ -4129,7 +4137,7 @@ int spi_nor_scan(struct spi_no
UMONITOR, UMWAIT and TPAUSE are a set of user wait instructions.
This patch adds support for user wait instructions in KVM. Availability
of the user wait instructions is indicated by the presence of the CPUID
feature flag WAITPKG CPUID.0x07.0x0:ECX[5]. User wait instructions may
be executed at any
As the latest Intel 64 and IA-32 Architectures Software Developer's
Manual, UMWAIT and TPAUSE instructions cause a VM exit if the
RDTSC exiting and enable user wait and pause VM-execution
controls are both 1.
This patch is to handle the vm-exit for UMWAIT and TPAUSE as this
should never happen.
C
UMWAIT and TPAUSE instructions use IA32_UMWAIT_CONTROL at MSR index E1H
to determines the maximum time in TSC-quanta that the processor can reside
in either C0.1 or C0.2.
This patch emulates MSR IA32_UMWAIT_CONTROL in guest and differentiate
IA32_UMWAIT_CONTROL between host and guest. The variable
UMONITOR, UMWAIT and TPAUSE are a set of user wait instructions.
UMONITOR arms address monitoring hardware using an address. A store
to an address within the specified address range triggers the
monitoring hardware to wake up the processor waiting in umwait.
UMWAIT instructs the processor to ente
Mike notes that Sphinx needs a newline before the start of a bulleted
list, and v10 of the subsection patch set changed the subsection size
from an arch-variable 'PMD_SIZE' to a constant 2MB.
Cc: Jonathan Corbet
Reported-by: Mike Rapoport
Signed-off-by: Dan Williams
---
Hi Andrew,
Another smal
Hi all,
Today's linux-next merge of the kvms390 tree got a conflict in:
tools/testing/selftests/kvm/Makefile
between commit:
61cfcd545e42 ("kvm: tests: Sort tests in the Makefile alphabetically")
from Linus' tree and commits:
ee1563f42856 ("KVM: selftests: Add the sync_regs test for s39
On Thu, 2019-06-20 at 17:09 -0400, Al Cooper wrote:
> Initialization order is important for the USB PHY and the PHY clients.
> The init order is based on the build order of the drivers in the
> makefiles and the PHY drivers are built early to help with
> dependencies, but the new SCMI based clock s
Remove the separate KERN_ from each pe_level_printk and
instead add the KERN_ to the format.
pfix in pe_level_printk could also be used uninitialized so
add a new else and set pfx to the hex value of pe->flags.
Rename pe_level_printk to pe_printk and update the pe_
macros.
Signed-off-by: Joe Per
Hello Chris,
On Fri, 21 Jun 2019 04:03:27 +
Chris Packham wrote:
> I'm in the process of updating the kernel version used on our products
> from 4.4 -> 5.1.
>
> We have one product that uses a Kirkwood CPU, IDT PCI bridge and Marvell
> Switch ASIC. The Switch ASIC presents as multiple PCI
On 6/20/2019 10:22 PM, Lorenzo Pieralisi wrote:
On Wed, Jun 19, 2019 at 10:41:26AM +0530, Kishon Vijay Abraham I wrote:
Hi Lorenzo,
On 18/06/19 7:58 PM, Lorenzo Pieralisi wrote:
On Tue, Jun 18, 2019 at 04:21:17PM +0530, Vidya Sagar wrote:
[...]
2) It is not related to this patch but I fail
On Thu, 2019-06-20 at 17:09 -0400, Al Cooper wrote:
> - Fix driver to defer on clk_get defer
>
> Signed-off-by: Al Cooper
> ---
> drivers/usb/gadget/udc/bdc/bdc_core.c | 15 +--
> 1 file changed, 9 insertions(+), 6 deletions(-)
>
> diff --git a/drivers/usb/gadget/udc/bdc/bdc_core.c
On Thu, Jun 20, 2019 at 6:22 PM Matthew Garrett
wrote:
>
> The lockdown module is intended to allow for kernels to be locked down
> early in boot - sufficiently early that we don't have the ability to
> kmalloc() yet. Add support for early initialisation of some LSMs, and
> then add them to the li
On Thu, Jun 20, 2019 at 6:21 PM Matthew Garrett
wrote:
>
> From: David Howells
>
> There are some bpf functions can be used to read kernel memory:
> bpf_probe_read, bpf_probe_write_user and bpf_trace_printk. These allow
> private keys in kernel memory (e.g. the hibernation image signing key) to
On Thu, Jun 20, 2019 at 1:08 AM Naresh Kamboju
wrote:
>
> selftests: bpf test_libbpf.sh failed running Linux -next kernel
> 20190618 and 20190619.
>
> Here is the log from x86_64,
> # selftests bpf test_libbpf.sh
> bpf: test_libbpf.sh_ #
> # [0] libbpf BTF is required, but is missing or corrupted.
On Wed, Jun 19, 2019 at 9:28 AM Colin King wrote:
>
> From: Colin Ian King
>
> There are several spelling mistakes in pr_warning messages. Fix these.
>
> Signed-off-by: Colin Ian King
> ---
Oh, the beauty of copy/pasting same typo 4 times :)
Thanks for fixing! Can you please re-submit with [PA
From: Anson Huang
Enable CONFIG_KEYBOARD_SNVS_PWRKEY as module to support i.MX8M
series SoCs' power key.
Signed-off-by: Anson Huang
---
arch/arm64/configs/defconfig | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/arm64/configs/defconfig b/arch/arm64/configs/defconfig
index 29f7768..3c
Hi Nicolas,
On Sun, Apr 28, 2019 at 8:55 PM Nicolas Boichat wrote:
>
> Before suspending, mtk-eint would set the interrupt mask to the
> one in wake_mask. However, some of these interrupts may not have a
> corresponding interrupt handler, or the interrupt may be disabled.
>
> On resume, the eint
On 20-06-19, 21:12, Christian Lamparter wrote:
> On Thursday, June 20, 2019 7:03:58 PM CEST Vinod Koul wrote:
> > On 20-06-19, 14:19, Greg Kroah-Hartman wrote:
> > > On Thu, Jun 20, 2019 at 03:51:50PM +0530, Vinod Koul wrote:
> > > > From: Christian Lamparter
> > > >
> > > > This patch adds a fir
Hi Jeffrey,
On Thu, Jun 20, 2019 at 7:33 AM Jeffrey Hugo wrote:
> #ifdef CONFIG_OF
> -static const struct of_device_id elan_of_match[] = {
> - { .compatible = "elan,ekth3000" },
> - { /* sentinel */ }
> -};
I think OF IDs should stay in this file since we agreed HID will not
be chec
From: Aliasgar Surti
checkpatch reported "WARNING: line over 80 characters".
This patch fixes the warning for file davinci_vpfe/dm365_isif.c
Signed-off-by: Aliasgar Surti
---
Changes in v2:
- Fixed styling as per suggestion in comments
drivers/staging/media/davinci_vpfe/dm365_isif.c
Hello,
Compliment of the day to you.
I am Mrs felicia william; I am sending this brief letter to solicit
your partnership to transfer $19.5 million US Dollars. I shall send
you more information and procedures when I receive positive response
from you. please send me a message in my Email box and
Hi, Nicolas
On Sun, Apr 28, 2019 at 8:55 PM Nicolas Boichat wrote:
>
> During suspend/resume, mtk_eint_mask may be called while
> wake_mask is active. For example, this happens if a wake-source
> with an active interrupt handler wakes the system:
> irq/pm.c:irq_pm_check_wakeup would disable the i
--
Schönen Tag.
Benötigen Sie einen dringenden Kredit?
Wir bieten Unternehmen Darlehensdienstleistungen für
Geschäftserweiterungen, Investitionen und Projekte an. Darüber hinaus
bieten wir Privatkredite mit einem Zinssatz von 1,3% an. Wenn Sie sich
jetzt bewerben, können Sie Ihre Transaktio
On Thu, Jun 20, 2019 at 06:19:38PM -0700, Matthew Garrett wrote:
> Print the content of current->comm in messages generated by lockdown to
> indicate a restriction that was hit. This makes it a bit easier to find
> out what caused the message.
>
> The message now patterned something like:
>
>
Hi All,
I'm in the process of updating the kernel version used on our products
from 4.4 -> 5.1.
We have one product that uses a Kirkwood CPU, IDT PCI bridge and Marvell
Switch ASIC. The Switch ASIC presents as multiple PCI devices.
The hardware setup looks like this
-
kernel: 4.4.183-rc1
git repo: https://git.linaro.org/lkft/arm64-stable-rc.git
git branch: 4.4.183-rc1-hikey-20190620-466
git commit: 3e8bd9046c869be462eabbeff74037861c7b2c22
git describe: 4.4.183-rc1-hikey-20190620-466
Test details:
https://qa-reports.linaro.org/lkft
G")
I have used the block tree from next-20190620 for today.
--
Cheers,
Stephen Rothwell
pgp1Pqmsac90w.pgp
Description: OpenPGP digital signature
On Thu, 20 Jun 2019 at 23:44, Greg Kroah-Hartman
wrote:
>
> This is the start of the stable review cycle for the 5.1.13 release.
> There are 98 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Resp
On Thu, 20 Jun 2019 at 23:40, Greg Kroah-Hartman
wrote:
>
> This is the start of the stable review cycle for the 4.19.54 release.
> There are 61 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Res
Hi Puranjay,
Thank you for the patch! Yet something to improve:
[auto build test ERROR on net/master]
[also build test ERROR on v5.2-rc5 next-20190620]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system]
url:
https://github.com/0day-ci/linux
As commit b6147490e6aa ("mmc: tmio: split core functionality, DMA and
MFD glue") said, these MMC controllers use the IP from Panasonic.
TMIO (Toshiba Mobile IO) MMC was the first upstreamed user of this IP.
The common driver code was split and expanded as 'tmio-mmc-core', then
it become historical
On Thu, 20 Jun 2019 at 23:39, Greg Kroah-Hartman
wrote:
>
> This is the start of the stable review cycle for the 4.14.129 release.
> There are 45 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Re
On Thu, Jun 20, 2019 at 06:19:15PM -0700, Matthew Garrett wrote:
> From: David Howells
>
> If the kernel is locked down, require that all modules have valid
> signatures that we can verify.
>
> I have adjusted the errors generated:
>
> (1) If there's no signature (ENODATA) or we can't check it
On Thu, Jun 20, 2019 at 06:19:14PM -0700, Matthew Garrett wrote:
> While existing LSMs can be extended to handle lockdown policy,
> distributions generally want to be able to apply a straightforward
> static policy. This patch adds a simple LSM that can be configured to
> reject either integrity or
On Fri, Jun 21, 2019 at 10:35:04AM +0800, kbuild test robot wrote:
> Hi Puranjay,
>
> Thank you for the patch! Yet something to improve:
>
> [auto build test ERROR on net/master]
> [also build test ERROR on v5.2-rc5 next-20190620]
> [if your patch is applied to the wrong git
when CRYPTO is m and KS7010 is y, building fails:
drivers/staging/ks7010/ks_hostif.o: In function `michael_mic.constprop.13':
ks_hostif.c:(.text+0x560): undefined reference to `crypto_alloc_shash'
ks_hostif.c:(.text+0x580): undefined reference to `crypto_shash_setkey'
ks_hostif.c:(.text+0x5e0): un
On 6/20/19 4:57 PM, YueHaibing wrote:
Remove duplicated include.
Signed-off-by: YueHaibing
Acked-by: Pierre-Louis Bossart
---
sound/soc/sof/intel/hda.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/sound/soc/sof/intel/hda.c b/sound/soc/sof/intel/hda.c
index 51c1c1787de7..7f66539261
On Thu, Jun 20, 2019 at 06:19:13PM -0700, Matthew Garrett wrote:
> Add a mechanism to allow LSMs to make a policy decision around whether
> kernel functionality that would allow tampering with or examining the
> runtime state of the kernel should be permitted.
>
> Signed-off-by: Matthew Garrett
>
On Thu, Jun 20, 2019 at 06:19:12PM -0700, Matthew Garrett wrote:
> The lockdown module is intended to allow for kernels to be locked down
> early in boot - sufficiently early that we don't have the ability to
> kmalloc() yet. Add support for early initialisation of some LSMs, and
> then add them to
On 6/20/2019 10:13 PM, Jon Hunter wrote:
On 20/06/2019 17:15, Sameer Pujar wrote:
From Tegra186 onwards OUTSTANDING_REQUESTS field is added in channel
configuration register (bits 7:4). ADMA allows a maximum of 8 reads
to source and that many writes to target memory be outstanding at any
give
On 6/20/2019 10:07 PM, Jon Hunter wrote:
On 20/06/2019 17:15, Sameer Pujar wrote:
From Tegra186 onwards OUTSTANDING_REQUESTS field is added in channel
configuration register (bits 7:4). ADMA allows a maximum of 8 reads
to source and that many writes to target memory be outstanding at any
give
To allow cros_ec iio core library to be used with legacy device, add a
vector to rotate sensor data if necessary: legacy devices are not
reporting data in HTML5/Android sensor referential.
On veyron minnie, check chrome detect tablet mode and rotate
screen in tablet mode.
Signed-off-by: Gwendal G
Add support to ARM based devices, that lack LPC access code.
Allow cros-ec-accel-legacy to use cros-ec-sensors-core, add specific
command to capture sensor data.
On veyron minnie, check chrome detect tablet mode and rotate
screen in tablet mode.
Check only a subset of the attributes are presented.
veyron_minnie - ASUS Chromebook Flip C100PA - embedded controller
controls two accelerometers, one in the lid, one in the base.
However, the EC firmware does not follow the new interface that
cros_ec_accel driver use.
Extend the legacy driver used on glimmer - Lenovo ThinkPad 11e
Chromebook - to ve
Hi Puranjay,
Thank you for the patch! Yet something to improve:
[auto build test ERROR on net/master]
[also build test ERROR on v5.2-rc5 next-20190620]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system]
url:
https://github.com/0day-ci/linux
On Thu, Jun 20, 2019 at 2:35 PM Roman Gushchin wrote:
>
> As a result of reparenting a kmem_cache might belong to the root
> memory cgroup. It happens when a top-level memory cgroup is removed,
> and all associated kmem_caches are reparented to the root memory
> cgroup.
>
> The root memory cgroup
On Thu, Jun 20, 2019 at 2:46 PM Doug Anderson wrote:
>
> Hi,
>
> On Thu, Jun 20, 2019 at 11:53 AM Gwendal Grignou wrote:
> >
> > To allow cros_ec iio core library to be used with legacy device, add a
> > vector to rotate sensor data if necessary: legacy devices are not
> > reporting data in HTML5
On Thu, 20 Jun 2019 at 23:33, Greg Kroah-Hartman
wrote:
>
> This is the start of the stable review cycle for the 4.9.183 release.
> There are 117 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Re
On Thu, 20 Jun 2019, Paul Burton wrote:
> Maciej, David, if you'd be happy to provide an Ack so that I can take
> this through the mips-next branch that would be great; that'll let me
> apply it prior to the asm/io.h change.
Acked-by: Maciej W. Rozycki
Sure, thanks for doing this work.
Maci
Some machines store local time in the Real Time Clock. The hard-coded
"UTC" string is wrong on those machines so just omit that string.
Update the log parser so it doesn't require the string "UTC".
Signed-off-by: Finn Thain
---
drivers/rtc/hctosys.c | 2 +-
tools/power/pm-graph/bootg
Please pull the following changes since commit
d1fdb6d8f6a4109a4263176c84b899076a5f8008:
Linux 5.2-rc4 (2019-06-08 20:24:46 -0700)
are available in the Git repository at:
git://git.samba.org/sfrench/cifs-2.6.git tags/5.2-rc5-smb3-fixes
for you to fetch changes up to 61cabc7b0a5cf0d3c532cfa9
On Thu, 20 Jun 2019, at 18:47, Joel Stanley wrote:
> gcc warns that a mising "flash" phandle node leads to undefined
> behavior later:
>
> drivers/soc/aspeed/aspeed-lpc-ctrl.c: In function
> 'aspeed_lpc_ctrl_probe':
> drivers/soc/aspeed/aspeed-lpc-ctrl.c:201:18: error: '*((void
> *)&resm+8)'
On Wed, 19 Jun 2019 00:36:01 PDT (-0700), mark.rutl...@arm.com wrote:
On Fri, Jun 07, 2019 at 03:22:22PM -0700, Palmer Dabbelt wrote:
The comment describes why in detail. This was found because QEMU never
gives up load reservations, the issue is unlikely to manifest on real
hardware.
Thanks to
On Thu, May 23, 2019 at 5:51 PM Christoph Hellwig wrote:
>
> These have been unused ever since they've been added to the kernel.
>
> Signed-off-by: Christoph Hellwig
> ---
> arch/powerpc/include/asm/pnv-pci.h| 4 --
> arch/powerpc/platforms/powernv/pci-ioda.c | 4 +-
> arch/powerpc/pla
In pipe mode, session->header.env.arch is not populated until the events
are processed. Therefore, the following command crashes:
perf record -o - | perf script
(gdb) bt
It fails when we try to compare env.arch against uts.machine:
if (!strcmp(uts.machine, session->header.env.arch) |
From: Wanpeng Li
In real product setup, there will be houseeking cpus in each nodes, it
is prefer to do housekeeping from local node, fallback to global online
cpumask if failed to find houseeking cpu from local node.
Cc: Ingo Molnar
Cc: Peter Zijlstra
Cc: Frederic Weisbecker
Signed-off-by
On Thu, 20 Jun 2019 at 05:04, Marcelo Tosatti wrote:
>
> Hi Li,
>
> On Wed, Jun 19, 2019 at 08:36:06AM +0800, Wanpeng Li wrote:
> > On Tue, 18 Jun 2019 at 21:36, Marcelo Tosatti wrote:
> > >
> > > On Mon, Jun 17, 2019 at 07:24:44PM +0800, Wanpeng Li wrote:
> > > > From: Wanpeng Li
> > > >
> > >
On Thu, 20 Jun 2019 at 20:38, Peter Zijlstra wrote:
>
> On Thu, Jun 20, 2019 at 07:36:54PM +0800, Wanpeng Li wrote:
> > From: Wanpeng Li
> >
> > In real product setup, there will be houseeking cpus in each nodes, it
> > is prefer to do housekeeping from local node, fallback to global online
> > c
On Thu, May 23, 2019 at 5:56 PM Christoph Hellwig wrote:
>
> These two function have never been used since they were added to the
> kernel.
>
> Signed-off-by: Christoph Hellwig
> ---
> arch/powerpc/include/asm/vas.h | 10 --
> arch/powerpc/platforms/powernv/vas-window.c | 19
The lockdown module is intended to allow for kernels to be locked down
early in boot - sufficiently early that we don't have the ability to
kmalloc() yet. Add support for early initialisation of some LSMs, and
then add them to the list of names when we do full initialisation later.
Signed-off-by:
From: Matthew Garrett
Allowing users to read and write to core kernel memory makes it possible
for the kernel to be subverted, avoiding module loading restrictions, and
also to steal cryptographic information.
Disallow /dev/mem and /dev/kmem from being opened this when the kernel has
been locked
From: David Howells
If the kernel is locked down, require that all modules have valid
signatures that we can verify.
I have adjusted the errors generated:
(1) If there's no signature (ENODATA) or we can't check it (ENOPKG,
ENOKEY), then:
(a) If signatures are enforced then EKEYREJEC
From: Jiri Bohac
When KEXEC_SIG is not enabled, kernel should not load images through
kexec_file systemcall if the kernel is locked down.
[Modified by David Howells to fit with modifications to the previous patch
and to return -EPERM if the kernel is locked down for consistency with
other lock
From: Matthew Garrett
custom_method effectively allows arbitrary access to system memory, making
it possible for an attacker to circumvent restrictions on module loading.
Disable it if the kernel is locked down.
Signed-off-by: Matthew Garrett
Signed-off-by: David Howells
cc: linux-a...@vger.ke
From: Linn Crosetto
>From the kernel documentation (initrd_table_override.txt):
If the ACPI_INITRD_TABLE_OVERRIDE compile option is true, it is possible
to override nearly any ACPI table provided by the BIOS with an
instrumented, modified one.
When lockdown is enabled, the kernel should d
From: David Howells
Disallow access to /proc/kcore when the kernel is locked down to prevent
access to cryptographic data. This is limited to lockdown
confidentiality mode and is still permitted in integrity mode.
Signed-off-by: David Howells
Signed-off-by: Matthew Garrett
---
fs/proc/kcore.c
From: David Howells
Provided an annotation for module parameters that specify hardware
parameters (such as io ports, iomem addresses, irqs, dma channels, fixed
dma buffers and other types).
Suggested-by: Alan Cox
Signed-off-by: David Howells
Signed-off-by: Matthew Garrett
---
include/linux/s
From: David Howells
Prohibit replacement of the PCMCIA Card Information Structure when the
kernel is locked down.
Suggested-by: Dominik Brodowski
Signed-off-by: David Howells
Signed-off-by: Matthew Garrett
---
drivers/pcmcia/cistpl.c | 4
include/linux/security.h | 1 +
securit
From: David Howells
The testmmiotrace module shouldn't be permitted when the kernel is locked
down as it can be used to arbitrarily read and write MMIO space. This is
a runtime check rather than buildtime in order to allow configurations
where the same kernel may be run in both locked down or per
From: David Howells
Disallow the use of certain perf facilities that might allow userspace to
access kernel data.
Signed-off-by: David Howells
Signed-off-by: Matthew Garrett
Cc: Peter Zijlstra
Cc: Ingo Molnar
Cc: Arnaldo Carvalho de Melo
---
include/linux/security.h | 1 +
kernel/event
Systems in lockdown mode should block the kexec of untrusted kernels.
For x86 and ARM we can ensure that a kernel is trustworthy by validating
a PE signature, but this isn't possible on other architectures. On those
platforms we can use IMA digital signatures instead. Add a function to
determine wh
From: David Howells
Disallow the creation of perf and ftrace kprobes when the kernel is
locked down in confidentiality mode by preventing their registration.
This prevents kprobes from being used to access kernel memory to steal
crypto data, but continues to allow the use of kprobes from signed
m
From: Matthew Garrett
Any hardware that can potentially generate DMA has to be locked down in
order to avoid it being possible for an attacker to modify kernel code,
allowing them to circumvent disabled module loading or module signing.
Default to paranoid - in future we can potentially relax thi
From: David Howells
Disallow opening of debugfs files that might be used to muck around when
the kernel is locked down as various drivers give raw access to hardware
through debugfs. Given the effort of auditing all 2000 or so files and
manually fixing each one as necessary, I've chosen to apply
efivar_ssdt_load allows the kernel to import arbitrary ACPI code from an
EFI variable, which gives arbitrary code execution in ring 0. Prevent
that when the kernel is locked down.
Signed-off-by: Matthew Garrett
Cc: Ard Biesheuvel
Cc: linux-...@vger.kernel.org
---
drivers/firmware/efi/efi.c | 4
Tracefs may release more information about the kernel than desirable, so
restrict it when the kernel is locked down in confidentiality mode by
preventing open().
Signed-off-by: Matthew Garrett
Cc: Steven Rostedt
---
fs/tracefs/inode.c | 41 +++-
include
Print the content of current->comm in messages generated by lockdown to
indicate a restriction that was hit. This makes it a bit easier to find
out what caused the message.
The message now patterned something like:
Lockdown: : is restricted; see man kernel_lockdown.7
Signed-off-by: Dav
From: David Howells
There are some bpf functions can be used to read kernel memory:
bpf_probe_read, bpf_probe_write_user and bpf_trace_printk. These allow
private keys in kernel memory (e.g. the hibernation image signing key) to
be read by an eBPF program and kernel memory to be altered without
From: Matthew Garrett
Writing to MSRs should not be allowed if the kernel is locked down, since
it could lead to execution of arbitrary code in kernel mode. Based on a
patch by Kees Cook.
Signed-off-by: Matthew Garrett
Signed-off-by: David Howells
Acked-by: Kees Cook
Reviewed-by: Thomas Glei
From: David Howells
Lock down TIOCSSERIAL as that can be used to change the ioport and irq
settings on a serial port. This only appears to be an issue for the serial
drivers that use the core serial code. All other drivers seem to either
ignore attempts to change port/irq or give an error.
Rep
1 - 100 of 1283 matches
Mail list logo
