Add a secondary system keyring that can be added to by root whilst the
system is running - provided the key being added is vouched for by a key
built into the kernel or already added to the secondary keyring.
Rename .system_keyring to .builtin_trusted_keys to distinguish it more
obviously from the new keyring (called .secondary_trusted_keys).
The new keyring needs to be enabled with CONFIG_SECONDARY_TRUSTED_KEYRING.
If the secondary keyring is enabled, a link is created from that to
.builtin_trusted_keys so that the the latter will automatically be searched
too if the secondary keyring is searched.
Signed-off-by: David Howells <dhowells@redhat.com>
Remove KEY_FLAG_TRUSTED and KEY_ALLOC_TRUSTED as they're no longer
meaningful. Also we can drop the trusted flag from the preparse structure.
Given this, we no longer need to pass the key flags through to
restrict_link().
Further, we can now get rid of keyring_restrict_trusted_only() also.
Signed-off-by: David Howells <dhowells@redhat.com>
Move the point at which a key is determined to be trustworthy to
__key_link() so that we use the contents of the keyring being linked in to
to determine whether the key being linked in is trusted or not.
What is 'trusted' then becomes a matter of what's in the keyring.
Currently, the test is done when the key is parsed, but given that at that
point we can only sensibly refer to the contents of the system trusted
keyring, we can only use that as the basis for working out the
trustworthiness of a new key.
With this change, a trusted keyring is a set of keys that once the
trusted-only flag is set cannot be added to except by verification through
one of the contained keys.
Further, adding a key into a trusted keyring, whilst it might grant
trustworthiness in the context of that keyring, does not automatically
grant trustworthiness in the context of a second keyring to which it could
be secondarily linked.
To accomplish this, the authentication data associated with the key source
must now be retained. For an X.509 cert, this means the contents of the
AuthorityKeyIdentifier and the signature data.
If system keyrings are disabled then restrict_link_by_builtin_trusted()
resolves to restrict_link_reject(). The integrity digital signature code
still works correctly with this as it was previously using
KEY_FLAG_TRUSTED_ONLY, which doesn't permit anything to be added if there
is no system keyring against which trust can be determined.
Signed-off-by: David Howells <dhowells@redhat.com>
Make the system trusted keyring depend on the asymmetric key type as
there's not a lot of point having it if you can't then load asymmetric keys
onto it.
This requires the ASYMMETRIC_KEY_TYPE to be made a bool, not a tristate, as
the Kconfig language doesn't then correctly force ASYMMETRIC_KEY_TYPE to
'y' rather than 'm' if SYSTEM_TRUSTED_KEYRING is 'y'.
Making SYSTEM_TRUSTED_KEYRING *select* ASYMMETRIC_KEY_TYPE instead doesn't
work as the Kconfig interpreter then wrongly complains about dependency
loops.
Signed-off-by: David Howells <dhowells@redhat.com>
We should call verify_signature() rather than directly calling
public_key_verify_signature() if we have a struct key to use as we
shouldn't be poking around in the private data of the key struct as that's
subtype dependent.
Signed-off-by: David Howells <dhowells@redhat.com>
Generalise x509_request_asymmetric_key(). It doesn't really have any
dependencies on X.509 features as it uses generalised IDs and the
public_key structs that contain data extracted from X.509.
Signed-off-by: David Howells <dhowells@redhat.com>
Add a facility whereby proposed new links to be added to a keyring can be
vetted, permitting them to be rejected if necessary. This can be used to
block public keys from which the signature cannot be verified or for which
the signature verification fails. It could also be used to provide
blacklisting.
This affects operations like add_key(), KEYCTL_LINK and KEYCTL_INSTANTIATE.
To this end:
(1) A function pointer is added to the key struct that, if set, points to
the vetting function. This is called as:
int (*restrict_link)(struct key *keyring,
const struct key_type *key_type,
unsigned long key_flags,
const union key_payload *key_payload),
where 'keyring' will be the keyring being added to, key_type and
key_payload will describe the key being added and key_flags[*] can be
AND'ed with KEY_FLAG_TRUSTED.
[*] This parameter will be removed in a later patch when
KEY_FLAG_TRUSTED is removed.
The function should return 0 to allow the link to take place or an
error (typically -ENOKEY, -ENOPKG or -EKEYREJECTED) to reject the
link.
The pointer should not be set directly, but rather should be set
through keyring_alloc().
Note that if called during add_key(), preparse is called before this
method, but a key isn't actually allocated until after this function
is called.
(2) KEY_ALLOC_BYPASS_RESTRICTION is added. This can be passed to
key_create_or_update() or key_instantiate_and_link() to bypass the
restriction check.
(3) KEY_FLAG_TRUSTED_ONLY is removed. The entire contents of a keyring
with this restriction emplaced can be considered 'trustworthy' by
virtue of being in the keyring when that keyring is consulted.
(4) key_alloc() and keyring_alloc() take an extra argument that will be
used to set restrict_link in the new key. This ensures that the
pointer is set before the key is published, thus preventing a window
of unrestrictedness. Normally this argument will be NULL.
(5) As a temporary affair, keyring_restrict_trusted_only() is added. It
should be passed to keyring_alloc() as the extra argument instead of
setting KEY_FLAG_TRUSTED_ONLY on a keyring. This will be replaced in
a later patch with functions that look in the appropriate places for
authoritative keys.
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Make the determination of the trustworthiness of a key dependent on whether
a key that can verify it is present in the supplied ring of trusted keys
rather than whether or not the verifying key has KEY_FLAG_TRUSTED set.
verify_pkcs7_signature() will return -ENOKEY if the PKCS#7 message trust
chain cannot be verified.
Signed-off-by: David Howells <dhowells@redhat.com>
Generalise system_verify_data() to provide access to internal content
through a callback. This allows all the PKCS#7 stuff to be hidden inside
this function and removed from the PE file parser and the PKCS#7 test key.
If external content is not required, NULL should be passed as data to the
function. If the callback is not required, that can be set to NULL.
The function is now called verify_pkcs7_signature() to contrast with
verify_pefile_signature() and the definitions of both have been moved into
linux/verification.h along with the key_being_used_for enum.
Signed-off-by: David Howells <dhowells@redhat.com>
There's a bug in the code determining whether a certificate is self-signed
or not: if they have neither AKID nor SKID then we just assume that the
cert is self-signed, which may not be true.
Fix this by checking that the raw subject name matches the raw issuer name
and that the public key algorithm for the key and signature are both the
same in addition to requiring that the AKID bits match.
Signed-off-by: David Howells <dhowells@redhat.com>
Extract the signature digest for an X.509 certificate earlier, at the end
of x509_cert_parse() rather than leaving it to the callers thereof since it
has to be called anyway.
Further, immediately after that, check the signature on self-signed
certificates, also rather in the callers of x509_cert_parse().
We note in the x509_certificate struct the following bits of information:
(1) Whether the signature is self-signed (even if we can't check the
signature due to missing crypto).
(2) Whether the key held in the certificate needs unsupported crypto to be
used. We may get a PKCS#7 message with X.509 certs that we can't make
use of - we just ignore them and give ENOPKG at the end it we couldn't
verify anything if at least one of these unusable certs are in the
chain of trust.
(3) Whether the signature held in the certificate needs unsupported crypto
to be checked. We can still use the key held in this certificate,
even if we can't check the signature on it - if it is held in the
system trusted keyring, for instance. We just can't add it to a ring
of trusted keys or follow it further up the chain of trust.
Making these checks earlier allows x509_check_signature() to be removed and
replaced with direct calls to public_key_verify_signature().
Signed-off-by: David Howells <dhowells@redhat.com>
Point to the public_key_signature struct from the pkcs7_signed_info struct
rather than embedding it. This makes the code consistent with the X.509
signature handling and makes it possible to have a common cleanup function.
We also save a copy of the digest in the signature without sharing the
memory with the crypto layer metadata.
Signed-off-by: David Howells <dhowells@redhat.com>
Retain the key verification data (ie. the struct public_key_signature)
including the digest and the key identifiers.
Note that this means that we need to take a separate copy of the digest in
x509_get_sig_params() rather than lumping it in with the crypto layer data.
Signed-off-by: David Howells <dhowells@redhat.com>
Add key identifier pointers to public_key_signature struct so that they can
be used to retain the identifier of the key to be used to verify the
signature in both PKCS#7 and X.509.
Signed-off-by: David Howells <dhowells@redhat.com>
Allow authentication data to be stored in an asymmetric key in the 4th
element of the key payload and provide a way for it to be destroyed.
For the public key subtype, this will be a public_key_signature struct.
Signed-off-by: David Howells <dhowells@redhat.com>
Pull core kernel fixes from Ingo Molnar:
"This contains the nohz/atomic cleanup/fix for the fetch_or() ugliness
you noted during the original nohz pull request, plus there's also
misc fixes:
- fix liblockdep build bug
- fix uapi header build bug
- print more lockdep hash collision info to help debug recent reports
of hash collisions
- update MAINTAINERS email address"
* 'core-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
MAINTAINERS: Update my email address
locking/lockdep: Print chain_key collision information
uapi/linux/stddef.h: Provide __always_inline to userspace headers
tools/lib/lockdep: Fix unsupported 'basename -s' in run_tests.sh
locking/atomic, sched: Unexport fetch_or()
timers/nohz: Convert tick dependency mask to atomic_t
locking/atomic: Introduce atomic_fetch_or()
Commit 840f5b0572 ("media: au0828 disable tuner to demod link in
au0828_media_device_register()") removed all uses of the 'dtv_demod',
but left the variable itself around.
Remove it.
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Pull x86 fixes from Thomas Gleixner:
"This lot contains:
- Some fixups for the fallout of the topology consolidation which
unearthed AMD/Intel inconsistencies
- Documentation for the x86 topology management
- Support for AMD advanced power management bits
- Two simple cleanups removing duplicated code"
* 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
x86/cpu: Add advanced power management bits
x86/thread_info: Merge two !__ASSEMBLY__ sections
x86/cpufreq: Remove duplicated TDP MSR macro definitions
x86/Documentation: Start documenting x86 topology
x86/cpu: Get rid of compute_unit_id
perf/x86/amd: Cleanup Fam10h NB event constraints
x86/topology: Fix AMD core count
Fix incorrect error check in the ST remoteproc driver and advertise the newly
created linux-remoteproc mailing list.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJXAFHsAAoJEAsfOT8Nma3Fbr4QAIBXGiXbYL2E3VY8ZB9xa//u
0AzFUwqSQlnwyDhEWqpd6xye7rHOd4aJMqKaJ3kuXIYVpcOPqfHffkRe9jCs3Y3Q
TE2m4EZlOgTpHzlpS7F0cuM6hANErNNXVrBdRwcv1qzhO4IBYB9BOYhsXjK26e4r
qhhez4/bk5lyTDdf73HjbxELs/Oxlaxyxbu+SEoYMf6qxGc/l7W0VI84KXqrddX5
S7KerDOHcIGuP4tw0eFuzBYNqMSW/LLPLLuRaiQYzqkz2h2Wtu8DBUNWHgFZ7zJI
69yuHOioMI6P+wqkwLbWG0eCcfxBM1cQH0PDrygDRZGbamNGcgX6OAjaC4eS1AIW
FftTaIMt34jVrxNAzaUQeVgKPCd7gAXxoUdgRuH4yubW4jNrb7U4oKUBUbW4B9T9
7+OT5MB7OhaskXrO7OmjJT8npdwA527hRQEJ7NYiGMZqaEqoG1MVBLFFhwpGnHp6
QRFRQ2s8pbg/Njdw72wfWFZECZUwgy37IdkQ55GBpAqsFoKX7AgaEiK7X1oBGANO
gFHD9a0GkjuPV1EXaQQQJ55hBY0bzyKKFfMgczRqHb1oBIA2fVIQ7cdDHJlVwVBT
o8eE6q0pW/Bs5IIaEoTbLUsU2DJe2Vyw+apsKrsAq1pnsGsQRR/PwtCvK2A0DuWT
Kr03h1y3ygsXvrEFQkDU
=kilF
-----END PGP SIGNATURE-----
Merge tag 'rproc-v4.6-rc1' of git://github.com/andersson/remoteproc
Pull remoteproc fix from Bjorn Andersson:
"Fix incorrect error check in the ST remoteproc driver and advertise
the newly created linux-remoteproc mailing list"
* tag 'rproc-v4.6-rc1' of git://github.com/andersson/remoteproc:
MAINTAINERS: Add mailing list for remote processor subsystems
remoteproc: st: fix check of syscon_regmap_lookup_by_phandle() return value
Pull SCSI target fixes from Nicholas Bellinger:
"This includes fixes from HCH for -rc1 configfs default_groups
conversion changes that ended up breaking some iscsi-target
default_groups, along with Sagi's ib_drain_qp() conversion for
iser-target to use the common caller now available to RDMA kernel
consumers in v4.6+ code"
* git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending:
target: add a new add_wwn_groups fabrics method
target: initialize the nacl base CIT begfore init_nodeacl
target: remove ->fabric_cleanup_nodeacl
iser-target: Use ib_drain_qp
Commit d4edcf0d56 ("mm/gup: Switch all callers of get_user_pages() to
not pass tsk/mm") switched get_user_pages() callers to the simpler model
where they no longer pass in the thread and mm pointer. But since then
we've merged changes to a few drivers that re-introduce use of the old
interface. Let's fix them up.
They continued to work fine (thanks to the truly disgusting macros
introduced in commit cde70140fe: "mm/gup: Overload get_user_pages()
functions"), but cause unnecessary build noise.
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Pull networking fixes from David Miller:
1) Missing device reference in IPSEC input path results in crashes
during device unregistration. From Subash Abhinov Kasiviswanathan.
2) Per-queue ISR register writes not being done properly in macb
driver, from Cyrille Pitchen.
3) Stats accounting bugs in bcmgenet, from Patri Gynther.
4) Lightweight tunnel's TTL and TOS were swapped in netlink dumps, from
Quentin Armitage.
5) SXGBE driver has off-by-one in probe error paths, from Rasmus
Villemoes.
6) Fix race in save/swap/delete options in netfilter ipset, from
Vishwanath Pai.
7) Ageing time of bridge not set properly when not operating over a
switchdev device. Fix from Haishuang Yan.
8) Fix GRO regression wrt nested FOU/GUE based tunnels, from Alexander
Duyck.
9) IPV6 UDP code bumps wrong stats, from Eric Dumazet.
10) FEC driver should only access registers that actually exist on the
given chipset, fix from Fabio Estevam.
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (73 commits)
net: mvneta: fix changing MTU when using per-cpu processing
stmmac: fix MDIO settings
Revert "stmmac: Fix 'eth0: No PHY found' regression"
stmmac: fix TX normal DESC
net: mvneta: use cache_line_size() to get cacheline size
net: mvpp2: use cache_line_size() to get cacheline size
net: mvpp2: fix maybe-uninitialized warning
tun, bpf: fix suspicious RCU usage in tun_{attach, detach}_filter
net: usb: cdc_ncm: adding Telit LE910 V2 mobile broadband card
rtnl: fix msg size calculation in if_nlmsg_size()
fec: Do not access unexisting register in Coldfire
net: mvneta: replace MVNETA_CPU_D_CACHE_LINE_SIZE with L1_CACHE_BYTES
net: mvpp2: replace MVPP2_CPU_D_CACHE_LINE_SIZE with L1_CACHE_BYTES
net: dsa: mv88e6xxx: Clear the PDOWN bit on setup
net: dsa: mv88e6xxx: Introduce _mv88e6xxx_phy_page_{read, write}
bpf: make padding in bpf_tunnel_key explicit
ipv6: udp: fix UDP_MIB_IGNOREDMULTI updates
bnxt_en: Fix ethtool -a reporting.
bnxt_en: Fix typo in bnxt_hwrm_set_pause_common().
bnxt_en: Implement proper firmware message padding.
...
newly introduced IPQ4019 clock driver.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABCAAGBQJW/woXAAoJENidgRMleOc9MvQQAIBR1DcVMG0fjvHDq1sF3VEp
JZOcNz7yjecC83qk46OAlOhrLH/dp86vmdkgB6tdVac9LSt1r2TmkD99bDYajoYd
aUM651gPZSqRk7C9pR+sZRmCVTAtCZymrN+ZspecqnII+f0UyQ1xwRTqgbm7KFlE
SHuKwFmjY8IIoK0hLYzvBrN5avZmyuGq4OYoSdbs48+kKLqpsTGCpQaRdODvtn84
6WsC3fH23E9ZTbhPCfXJGKDPgkPqj4M09BhkMMoSn0D/pwlxGfxqQN/KouDtmqz7
0xrVDfroqwR6lmspsfpvKf62odW1dpiDAtJHsKhbgF7oHuT2daOlKDHYOBckb5tI
8qZctFQ6tKvuN3jv+cicnrcNaNrP2rXDpi7BgNx0nwiKAcNrdExChXj3PTBe7+zD
OWDKHApfBMqDneMaRYoXGzIzeHAiK7a/fjIqqzMk1fEC8dpNrbZM5AlOzr1eMgK+
wInGb0oo2737S/ygqyQT6Z8VjDzBORYP9P7p4uTegLEjopCI/GsgfcWlnHswiG6W
GwY1hiEq8KEZTK7kgvzMGrRHcihP2ccOPgm32jdl+QIc04hpJo6Xwnqq9P0QBYAS
1FULHuByzaLeGzQ5ZQFEqEO2DPjNYUYu6Lrm9PUS2wN4qUZUPX+Lz+FUz6NYM18c
Y+aE68U+pit0/IkYtpEV
=Lyci
-----END PGP SIGNATURE-----
Merge tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux
Pull clk fixes from Stephen Boyd:
"A handful of const updates for reset ops and a couple fixes to the
newly introduced IPQ4019 clock driver"
* tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux:
clk: qcom: ipq4019: add some fixed clocks for ddrppl and fepll
clk: qcom: ipq4019: switch remaining defines to enums
clk: qcom: Make reset_control_ops const
clk: tegra: Make reset_control_ops const
clk: sunxi: Make reset_control_ops const
clk: atlas7: Make reset_control_ops const
clk: rockchip: Make reset_control_ops const
clk: mmp: Make reset_control_ops const
clk: mediatek: Make reset_control_ops const
Just one fix for a nasty boot failure on some systems based on
Intel Skylake that shipped with broken firmware where enabling
hardware-coordinated P-states management (HWP) causes a faulty
interrupt handler in SMM to be invoked and crash the system
(Srinivas Pandruvada).
/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAABCAAGBQJW/wSwAAoJEILEb/54YlRxuicP/1OiPWqo8VQYfMPOe/6iwyQT
Z0viPKf6iIreu8B9xtdN3T605t/oNPozHHqOPZEQsa8aUGCK2HS7rPI3NbopQXjC
q0G9RI0sZ5IcKR17taHvUOD9/vcVnFl8vKNWQebMjvOY6hVw7TZHNYNjTaxq8rW9
B5qHGTQ+AF/fjWcI3pYLxcRIFEpF3ri7tCiCZgPhQB8p3Qew34ivGMYzYDS+pTcs
gnkoEpPcn8nnzolGb9lnVQupFBsPLR4I3mExpg3pUD3CiEEMaxyGRiKxpw13CMqJ
PdLOB1/NZ+/X7kmSmrOMs0x/aKblGIxPypS2MEPMgcMPG2nB9H0qdT6Mp4XHq0Qp
t9Vp9663gY4XgBqBhAmfd9VlCGHFgBayLAvT4qpmTobKjjQ5f/P2jB6epW/hRsXr
vVD+rv5Jd65XaK4s4CEYFBqHsI+FzbAeWiSMNCZoToDoDT4pP8oGHV9hZeRjFMEB
jKkZXLomWt/cOXgWuYM2yNqDuERgZeE3dnu6ZLE5NFbQDTAcI6apy4IMWfu53L+x
b3Fnlo445853ws5noDJJCR+HXpPLjhV3gMgnOABqyW5PXhn/NiMA+toX4fZcKEkC
8gYL6HKj7yTl9uoKgBRir+Ra6cGWXd30zf5LWwSZBjlcQNdh7gQB3zSyBGsCI7gZ
90zlZA2j+sdrMJKJfywh
=GJ34
-----END PGP SIGNATURE-----
Merge tag 'pm+acpi-4.6-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
Pull power management and ACPI fix from Rafael J. Wysocki:
"Just one fix for a nasty boot failure on some systems based on Intel
Skylake that shipped with broken firmware where enabling
hardware-coordinated P-states management (HWP) causes a faulty
interrupt handler in SMM to be invoked and crash the system (Srinivas
Pandruvada)"
* tag 'pm+acpi-4.6-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
ACPI / processor: Request native thermal interrupt handling via _OSC
Merge fixes from Andrew Morton:
"11 fixes"
* emailed patches from Andrew Morton <akpm@linux-foundation.org>:
.mailmap: add Christophe Ricard
Make CONFIG_FHANDLE default y
mm/page_isolation.c: fix the function comments
oom, oom_reaper: do not enqueue task if it is on the oom_reaper_list head
mm/page_isolation: fix tracepoint to mirror check function behavior
mm/rmap: batched invalidations should use existing api
x86/mm: TLB_REMOTE_SEND_IPI should count pages
mm: fix invalid node in alloc_migrate_target()
include/linux/huge_mm.h: return NULL instead of false for pmd_trans_huge_lock()
mm, kasan: fix compilation for CONFIG_SLAB
MAINTAINERS: orangefs mailing list is subscribers-only
Pull btrfs fixes from Chris Mason:
"This has a few fixes Dave Sterba had queued up. These are all pretty
small, but since they were tested I decided against waiting for more"
* 'for-linus-4.6' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs:
btrfs: transaction_kthread() is not freezable
btrfs: cleaner_kthread() doesn't need explicit freeze
btrfs: do not write corrupted metadata blocks to disk
btrfs: csum_tree_block: return proper errno value
One is a reference counting bug and the other is a typo in client
minimum version.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJW/s+dAAoJEMyISHmv95KnmvwQALUnkjCgbe8d4621VfqX4yhS
EEG6UtjaIw1C/lH0KS9dyw5yJwJmzEh5HBaLwxN48Gw75s+MznhCEy6ocBdqfblj
3DGfIv2/gmlsAxn/wdmlAmjRu/UdQj4m/QrmjrE430XScieo+onaTAFojFa2z/a3
Ux0mxSozog1b+XzTrXKu+64QNpasttlPYvpqV8nq/WBTsJBZgG8JjNnorhbZ0QH1
PpgA3iJcOYtHiCtjwKLbWk//iGvdDJaiUvSR/GWLUPiesM4JkZ3eUUtpfHCaMEC7
jZe5WeVMHXN8Vz/KBeE1TCU9n7MHtCSjri7CIjz/UzaXgnt+6JaUORfEzHr/1a5M
Rtgp88VlIC23jUDgSQd6ncXr6DECCNUdQu63xeZB1aZg5GmkxhXRIzfj8if990hh
o8J42X/D1q4iqMf85aPoie0mCIa0TcnEU8xJcDPSnkKMCrzRiu++xuLiNTfE4k0E
FxQYylvBhNDoiwOREqw4SYcLYqxUhpAtN/qVLVtHwyXYwjIiHcl3ZJOD3EuKtk2D
qwoNAzlCtgHDECbbr520en/kVdgI4zhKs5a3ufSwQm/wMVi02tw+HT+HeJyfJVjV
e3WfwLsEM1f0fUizAJjosaXMwiE3bM7xor1kDAZYt1MQE+IdTE0LorC0ONVPTts+
9kXoy9L/lvOhAJnpR4+Z
=MLba
-----END PGP SIGNATURE-----
Merge tag 'for-linus' of git://github.com/martinbrandenburg/linux
Pull OrangeFS fixes from Martin Brandenburg:
"Two bugfixes for OrangeFS.
One is a reference counting bug and the other is a typo in client
minimum version"
* tag 'for-linus' of git://github.com/martinbrandenburg/linux:
orangefs: minimum userspace version is 2.9.3
orangefs: don't put readdir slot twice
- Fix oops when patching in alternative sequences on big-endian CPUs
- Reconcile asm/perf_event.h after merge window fallout with KVM ARM
- Defconfig updates
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAABCgAGBQJW/jkCAAoJELescNyEwWM0xyAH+wdmjlc5WqtgjF68AYRgbWk/
5GufYlxeMvST7eyT65dZKAyDpJpOBnTXMB7u8KkoGgSEmrdDV0bAjn5CJX41rfxf
dlc9QDisuCAmxuIkQYGK2IJhnk69ehKhqw0w8dstVW2CSOBYtHnSSNtV8WyrKj+D
QEM2Z86HCqM8BaSYhxv8Cte8W5fBegCqciJAVQoihAwioiuZ3cgsrLrT2QHaDhin
gfCTNk/snHG3PAvuy+Kx1PICMH+ur4Enk8bft8xO6HzqSSDsWv/TD35VzcX5pY9V
PRlC4D5TCEzwQQmFHpUj4PeQytIQge/Y3Ux/OUk1caq0Yei13RhOhR9q2+gTwKI=
=gJNY
-----END PGP SIGNATURE-----
Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux
Pull arm64 fixes from Will Deacon:
- fix oops when patching in alternative sequences on big-endian CPUs
- reconcile asm/perf_event.h after merge window fallout with KVM ARM
- defconfig updates
* tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
arm64: defconfig: updates for 4.6
arm64: perf: Move PMU register related defines to asm/perf_event.h
arm64: opcodes.h: Add arm big-endian config options before including arm header
A collection of small fixes:
- A fix in ALSA timer core to avoid possible BUG() trigger
- A fix in ALSA timer core 32bit compat layer
- A few HD-audio quirks for ASUS and HP machines
- AMD HD-audio HDMI controller quirks
- Fixes of USB-audio double-free at some error paths
- A fix for memory leak in DICE driver at hotunplug
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABCAAGBQJW/omKAAoJEGwxgFQ9KSmkvD4P/i5yGOZtoTy9Q+GM6B1CyJNo
LOvAdeaIMl4dNjSNAo/7TWsvzq+sh9KCtMzr2jhUKvDGAhsJ5wUblvs+Ve11J8uI
hqJIDqiWKpQiY1bf3+Gxm0NrX2aML19kXdZlWUnHWGcLMyeoL977R/X/EfP5oIB+
p8zWhIDFt0lWo2GHe6JKqIgOV0OJOle1xd6OccTd5Xyv8KY0LzybG6gpOd6x6HnZ
2Esq45yS5YHdMcEfyRyClJAQtt6FxESAutUc30H66tm97KaQypany5ZhmmnK5pjx
qu8x3FSN/m1cRzB5oOFKhW95gkXjBXGX4xXygk0Il1Fv7xq4LucyXXaNExN52U2Q
s8UcM6QAS9H8DxxteKqEsC9WjSYtlcrR7bBvLf6ri5E890gZsRGx8nh8L2XP7vFX
Rh1G7VGhM8wIE8KzPpCxkwHAMMcQkLTnCC6gBGD+ixboIpJw2uE71EB0NtlwGIcu
ecUAZoLu/HS0w6K60hyoQ3950e3f9OBcTLIqgZmZHK9dwJnxhtFq+Twdaz5hXPqV
7CME1y2AAopFL4cr6Sylb2FyHzcnnBddxONH2sSzgjhIV4/YKE3lVX1WTJS9timM
09sNpAJhJYVTuicS3gITpDtvg1Y09wDdAOa90NtAaepsTJw15zDcJrX0XxeE00hB
Ktr2fFJ97N8LfNbRHQjo
=9ORd
-----END PGP SIGNATURE-----
Merge tag 'sound-4.6-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound
Pull sound fixes from Takashi Iwai:
"A collection of small fixes:
- a fix in ALSA timer core to avoid possible BUG() trigger
- a fix in ALSA timer core 32bit compat layer
- a few HD-audio quirks for ASUS and HP machines
- AMD HD-audio HDMI controller quirks
- fixes of USB-audio double-free at some error paths
- a fix for memory leak in DICE driver at hotunplug"
* tag 'sound-4.6-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
ALSA: timer: Use mod_timer() for rearming the system timer
ALSA: hda - fix front mic problem for a HP desktop
ALSA: usb-audio: Fix double-free in error paths after snd_usb_add_audio_stream() call
ALSA: hda: add AMD Polaris-10/11 AZ PCI IDs with proper driver caps
ALSA: dice: fix memory leak when unplugging
ALSA: hda - Apply fix for white noise on Asus N550JV, too
ALSA: hda - Fix white noise on Asus N750JV headphone
ALSA: hda - Asus N750JV external subwoofer fixup
ALSA: timer: fix gparams ioctl compatibility for different architectures
Different computers had different settings in the mail client. Some
contributions appear as Christophe Ricard, others as Christophe RICARD.
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Newer Fedora and OpenSUSE didn't boot with my standard configuration.
It took me some time to figure out why, in fact I had to write a script
to try different config options systematically.
The problem is that something (systemd) in dracut depends on
CONFIG_FHANDLE, which adds open by file handle syscalls.
While it is set in defconfigs it is very easy to miss when updating
older configs because it is not default y.
Make it default y and also depend on EXPERT, as dracut use is likely
widespread.
Signed-off-by: Andi Kleen <ak@linux.intel.com>
Cc: Richard Weinberger <richard.weinberger@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Commit fea85cff11 ("mm/page_isolation.c: return last tested pfn rather
than failure indicator") changed the meaning of the return value. Let's
change the function comments as well.
Signed-off-by: Neil Zhang <neilzhang1123@hotmail.com>
Cc: Joonsoo Kim <js1304@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Commit bb29902a75 ("oom, oom_reaper: protect oom_reaper_list using
simpler way") has simplified the check for tasks already enqueued for
the oom reaper by checking tsk->oom_reaper_list != NULL. This check is
not sufficient because the tsk might be the head of the queue without
any other tasks queued and then we would simply lockup looping on the
same task. Fix the condition by checking for the head as well.
Fixes: bb29902a75 ("oom, oom_reaper: protect oom_reaper_list using simpler way")
Signed-off-by: Michal Hocko <mhocko@suse.com>
Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Page isolation has not failed if the fin pfn extends beyond the end pfn
and test_pages_isolated checks this correctly. Fix the tracepoint to
report the same result as the actual check function.
Signed-off-by: Lucas Stach <l.stach@pengutronix.de>
Acked-by: Vlastimil Babka <vbabka@suse.cz>
Cc: Joonsoo Kim <js1304@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
The recently introduced batched invalidations mechanism uses its own
mechanism for shootdown. However, it does wrong accounting of
interrupts (e.g., inc_irq_stat is called for local invalidations),
trace-points (e.g., TLB_REMOTE_SHOOTDOWN for local invalidations) and
may break some platforms as it bypasses the invalidation mechanisms of
Xen and SGI UV.
This patch reuses the existing TLB flushing mechnaisms instead. We use
NULL as mm to indicate a global invalidation is required.
Fixes 72b252aed5 ("mm: send one IPI per CPU to TLB flush all entries after unmapping pages")
Signed-off-by: Nadav Amit <namit@vmware.com>
Cc: Mel Gorman <mgorman@suse.de>
Cc: Rik van Riel <riel@redhat.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
TLB_REMOTE_SEND_IPI was recently introduced, but it counts bytes instead
of pages. In addition, it does not report correctly the case in which
flush_tlb_page flushes a page. Fix it to be consistent with other TLB
counters.
Fixes: 5b74283ab2 ("x86, mm: trace when an IPI is about to be sent")
Signed-off-by: Nadav Amit <namit@vmware.com>
Cc: Mel Gorman <mgorman@suse.de>
Cc: Rik van Riel <riel@redhat.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
It is incorrect to use next_node to find a target node, it will return
MAX_NUMNODES or invalid node. This will lead to crash in buddy system
allocation.
Fixes: c8721bbbdd ("mm: memory-hotplug: enable memory hotplug to handle hugepage")
Signed-off-by: Xishi Qiu <qiuxishi@huawei.com>
Acked-by: Vlastimil Babka <vbabka@suse.cz>
Acked-by: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
Cc: Joonsoo Kim <js1304@gmail.com>
Cc: David Rientjes <rientjes@google.com>
Cc: "Laura Abbott" <lauraa@codeaurora.org>
Cc: Hui Zhu <zhuhui@xiaomi.com>
Cc: Wang Xiaoqiang <wangxq10@lzu.edu.cn>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
The return value of pmd_trans_huge_lock() is a pointer, not a boolean
value, so use NULL instead of false as the return value.
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Acked-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
So update MAINTAINERS to say so.
Signed-off-by: Joe Perches <joe@perches.com>
Cc: Mike Marshall <hubcap@omnibond.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
After enabling per-cpu processing it appeared that under heavy load
changing MTU can result in blocking all port's interrupts and
transmitting data is not possible after the change.
This commit fixes above issue by disabling percpu interrupts for the
time, when TXQs and RXQs are reconfigured.
Signed-off-by: Marcin Wojtas <mw@semihalf.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Giuseppe Cavallaro says:
====================
stmmac MDIO and normal descr fixes
This patch series is to fix the problems below and recently debugged
in this mailing list:
o to fix a problem for the HW where the normal descriptor
o to fix the mdio registration according to the different
platform configurations
I am resending all the patches again: built on top of net.git repo.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Initially the phy_bus_name was added to manipulate the
driver name but it was recently just used to manage the
fixed-link and then to take some decision at run-time.
So the patch uses the is_pseudo_fixed_link and removes
the phy_bus_name variable not necessary anymore.
The driver can manage the mdio registration by using phy-handle,
dwmac-mdio and own parameter e.g. snps,phy-addr.
This patch takes care about all these possible configurations
and fixes the mdio registration in case of there is a real
transceiver or a switch (that needs to be managed by using
fixed-link).
Signed-off-by: Giuseppe Cavallaro <peppe.cavallaro@st.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Tested-by: Frank Schäfer <fschaefer.oss@googlemail.com>
Cc: Gabriel Fernandez <gabriel.fernandez@linaro.org>
Cc: Dinh Nguyen <dinh.linux@gmail.com>
Cc: David S. Miller <davem@davemloft.net>
Cc: Phil Reid <preid@electromag.com.au>
Signed-off-by: David S. Miller <davem@davemloft.net>