Hi Jia-Ju,
Thank you for the patch! Yet something to improve:
[auto build test ERROR on net-next/master]
[also build test ERROR on v4.16 next-20180411]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system]
url:
https://github.com/0day-ci/linux
On Thu, Apr 5, 2018 at 4:02 AM, syzbot
wrote:
> Hello,
>
> syzbot hit the following crash on upstream commit
> 3e968c9f1401088abc9a19ae6ff571644d37a355 (Wed Apr 4 21:19:24 2018 +)
> Merge tag 'ext4_for_linus' of
> git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4
> syzbot dashboard link
Hello,
syzbot hit the following crash on upstream commit
b284d4d5a6785f8cd07eda2646a95782373cd01e (Tue Apr 10 19:25:30 2018 +)
Merge tag 'ceph-for-4.17-rc1' of git://github.com/ceph/ceph-client
syzbot dashboard link:
https://syzkaller.appspot.com/bug?extid=aa245f26d42b8305d157
So far this
On Tue, Apr 10, 2018 at 06:03:52PM -0700, Laura Abbott wrote:
> --- a/drivers/gpio/gpiolib.c
> +++ b/drivers/gpio/gpiolib.c
> @@ -61,6 +61,11 @@ static struct bus_type gpio_bus_type = {
> .name = "gpio",
> };
>
> +/*
> + * Number of GPIOs to use for the fast path in set array
> + */
> +#de
On 11 April 2018 at 04:46, Jia-Ju Bai wrote:
> wbsd_init() is never called in atomic context.
>
> The call chains ending up at wbsd_init() are:
> [1] wbsd_init() <- wbsd_probe()
> [2] wbsd_init() <- wbsd_pnp_probe()
>
> wbsd_probe() is set as ".probe" in struct platform_driver.
> wbsd_pnp_probe()
On Thu, Apr 5, 2018 at 4:23 PM, Greg KH wrote:
>> >> On 05/04/18 09:52, Dmitry Vyukov wrote:
>> >> > On Thu, Apr 5, 2018 at 10:36 AM, Steven Whitehouse
>> >> > wrote:
>> >> > > Hi,
>> >> > >
>> >> > >
>> >> > >
>> >> > > On 05/04/18 09:19, Dmitry Vyukov wrote:
>> >> > > > On Thu, Apr 5, 2018 at
On Wed, Apr 11, 2018 at 4:58 PM, Steven Rostedt wrote:
> On Wed, 11 Apr 2018 16:51:02 +0200
> Dmitry Vyukov wrote:
>
>> Hi Steve,
>>
>> Instructions for asking syzbot to test a patch are here:
>>
>> https://github.com/google/syzkaller/blob/master/docs/syzbot.md#communication-with-syzbot
>
> I'll
We have several files on sparc that include linux/compat.h and expect
asm/compat.h not to be included, otherwise we get a build failure.
Since we need to include asm/compat.h for compat time_t handling
on all 32-bit architectures now, this hides some portions of
asm/compat.h in order to let the re
This patch adds basic support for Analog Devices I2C programmable linear
battery charger.
With this driver, some parameters can be read and configured such as:
* trickle charge current level (PRECHARGE_CURRENT)
* trickle charge voltage threshold (VOLTAGE_MIN)
* weak charge threshold (VOLTAGE_AVG)
Document adi,adp5061 properties.
Signed-off-by: Stefan Popa
---
Changes in v3:
- Split devicetree bindings into a separate patch.
.../devicetree/bindings/power/supply/adp5061.txt| 17 +
MAINTAINERS | 1 +
2 files chang
This patch adds the option to enable/disable battery charging. This
option is not configurable via the power_supply properties, therefore,
access via sysfs was provided to examine and modify this attribute on the
fly.
Signed-off-by: Stefan Popa
---
Changes in v2:
- Fixed kbuild test error
On 2018-04-11 16:59, Boris Brezillon wrote:
> On Wed, 11 Apr 2018 16:44:10 +0200
> Peter Rosin wrote:
>
>> Hi Nicolas,
>>
>> Boris asked for your input on this (the datasheet difference appears to
>> have no bearing on the issue) elsewhere in the tree of messages. It's
>> now been a week or so an
This patch adds the option to activate/deactivate the charging voltage
limit. If activated, the charger prevents charging until the battery
voltage drops below the VCHG_VLIM threshold.
This option is not configurable via the power_supply properties,
therefore, access via sysfs was provided to exam
Hi. Any comments on this patch?
On 03/26/2018 09:12 AM, thor.tha...@linux.intel.com wrote:
From: Thor Thayer
The current Cadence QSPI driver caused a kernel panic when loading
a Root Filesystem from QSPI. The problem was caused by reading more
bytes than needed because the QSPI operated on 4 b
On 11/04/18 15:44, Pierre-Yves MORDRET wrote:
Both buffer Transfer Length (TLEN if any) and transfer size have to be
aligned on burst size (burst beats*bus width).
Signed-off-by: Pierre-Yves MORDRET
---
Version history:
v1:
* Initial
v2:
---
---
drivers/dma/stm32-mdma.c |
On Tue, Apr 10, 2018 at 12:04:12PM +0100, Patrick Bellasi wrote:
> On 09-Apr 10:51, Vincent Guittot wrote:
> > Peter,
> > what was your goal with adding the condition "if
> > (rq->cfs.h_nr_running)" for the aggragation of CFS utilization
>
> The original intent was to get rid of sched class flags
Hello,
syzbot hit the following crash on upstream commit
10b84daddbec72c6b440216a69de9a9605127f7a (Sat Mar 31 17:59:00 2018 +)
Merge branch 'perf-urgent-for-linus' of
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
syzbot dashboard link:
https://syzkaller.appspot.com/bug?extid=de733
Hi. Any comments on this patch?
On 03/26/2018 02:50 PM, thor.tha...@linux.intel.com wrote:
From: Thor Thayer
Remove QSPI Sector 4K size force which is causing QSPI boot
problems with the JFFS2 root filesystem.
Fixes the following error:
"Magic bitmask 0x1985 not found at ..."
Signed-of
Script in_netns.sh isn't installed.
running psock_fanout test
./run_afpackettests: line 12: ./in_netns.sh: No such file or directory
[FAIL]
running psock_tpacket test
./run_afpackettests: line 22: ./in_netns.sh: No
On Wed, Apr 11, 2018 at 5:15 PM, syzbot
wrote:
> Hello,
>
> syzbot hit the following crash on upstream commit
> 10b84daddbec72c6b440216a69de9a9605127f7a (Sat Mar 31 17:59:00 2018 +)
> Merge branch 'perf-urgent-for-linus' of
> git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
> syzbot dashb
The following changes since commit 38c23685b273cfb4ccf31a199feccce3bdcb5d83:
Merge tag 'armsoc-drivers' of
git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc (2018-04-05
21:29:35 -0700)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc.g
Hi Waiman,
On Mon, Apr 09, 2018 at 02:08:52PM -0400, Waiman Long wrote:
> @@ -311,13 +320,19 @@ void queued_spin_lock_slowpath(struct qspinlock *lock,
> u32 val)
> return;
>
> /*
> - * wait for in-progress pending->locked hand-overs
> + * wait for in-progress pendi
This WARNING proved to be noisy. The function still returns an error
and callers should handle it. That's how most of kernel code works.
Downgrade the WARNING to pr_err() and leave WARNINGs for kernel bugs.
Signed-off-by: Dmitry Vyukov
Reported-by: syzbot+209c0f67f99fec8eb...@syzkaller.appspotmai
On 04/11/2018 05:17 PM, Thor Thayer wrote:
> Hi. Any comments on this patch?
None other than
Reviewed-by: Marek Vasut
sorry for the delay.
btw stop top-posting please.
> On 03/26/2018 09:12 AM, thor.tha...@linux.intel.com wrote:
>> From: Thor Thayer
>>
>> The current Cadence QSPI driver caus
Hi Ingo, Thomas,
below patch is an update to this series and I plan to include it in the
next post. David H. Gutteridge (CC'ed) was so kind to do additional
testing of these patches and found that a BUG_ON was triggered in
vmalloc_sync_one() when PTI is enabled.
My debugging showed that the bug w
On Wed, Apr 11, 2018 at 5:04 PM, Dmitry Vyukov wrote:
> On Thu, Apr 5, 2018 at 4:23 PM, Greg KH wrote:
>>> >> On 05/04/18 09:52, Dmitry Vyukov wrote:
>>> >> > On Thu, Apr 5, 2018 at 10:36 AM, Steven Whitehouse
>>> >> > wrote:
>>> >> > > Hi,
>>> >> > >
>>> >> > >
>>> >> > >
>>> >> > > On 05/04/1
Quoting Lina Iyer (2018-04-09 09:08:00)
> On Fri, Apr 06 2018 at 19:14 -0600, Stephen Boyd wrote:
> >Quoting Lina Iyer (2018-04-05 09:18:26)
> >> diff --git a/Documentation/devicetree/bindings/soc/qcom/rpmh-rsc.txt
> >> b/Documentation/devicetree/bindings/soc/qcom/rpmh-rsc.txt
> >> new file mode 1
On 11 April 2018 at 17:14, Peter Zijlstra wrote:
> On Tue, Apr 10, 2018 at 12:04:12PM +0100, Patrick Bellasi wrote:
>> On 09-Apr 10:51, Vincent Guittot wrote:
>
>> > Peter,
>> > what was your goal with adding the condition "if
>> > (rq->cfs.h_nr_running)" for the aggragation of CFS utilization
>>
On 2018-04-10 09:02 PM, Laura Abbott wrote:
> There's an ongoing effort to remove VLAs[1] from the kernel to eventually
> turn on -Wvla. Switch to a constant value that covers all hardware.
>
> [1] https://lkml.org/lkml/2018/3/7/621
>
> Signed-off-by: Laura Abbott
> ---
> v2: Switch to a larger si
On 11/04/18 15:33, Sinan Kaya wrote:
On 4/11/2018 8:03 AM, Robin Murphy wrote:
On 10/04/18 21:59, Sinan Kaya wrote:
Code is expecing to observe the same number of buffers returned
from dma_map_sg() function compared to
sg_alloc_table_from_pages(). This doesn't hold true universally
especially f
On Wed, 11 Apr 2018 17:10:43 +0200
Peter Rosin wrote:
> On 2018-04-11 16:59, Boris Brezillon wrote:
> > On Wed, 11 Apr 2018 16:44:10 +0200
> > Peter Rosin wrote:
> >
> >> Hi Nicolas,
> >>
> >> Boris asked for your input on this (the datasheet difference appears to
> >> have no bearing on the
On 11/04/2018 at 16:44, Peter Rosin wrote:
Hi Nicolas,
Boris asked for your input on this (the datasheet difference appears to
have no bearing on the issue) elsewhere in the tree of messages. It's
now been a week or so and I'm starting to wonder if you missed this
altogether or if you are simply
On 04/11/2018 09:15 AM, Peter Rosin wrote:
> Hi!
>
> I'm now following up with one more binding for the unit-converter.
> This time with a real IC, namely LT6106 from Analog Devices.
This makes more sense to me, I wasn't thinking about more complex ICs
like this when I made my "resistor being par
On Wed, Apr 11, 2018 at 05:29:01PM +0200, Vincent Guittot wrote:
> On 11 April 2018 at 17:14, Peter Zijlstra wrote:
> > On Tue, Apr 10, 2018 at 12:04:12PM +0100, Patrick Bellasi wrote:
> >> On 09-Apr 10:51, Vincent Guittot wrote:
> >
> >> > Peter,
> >> > what was your goal with adding the conditio
Hi,
On 4/11/2018 12:02 AM, Stephen Boyd wrote:
> Quoting Doug Anderson (2018-04-10 08:05:27)
>> On Mon, Apr 9, 2018 at 11:36 PM, Manu Gautam wrote:
>>> On 3/30/2018 2:24 AM, Doug Anderson wrote:
Oh! This is what you did in the previous version of the patch, then you
said:
"
On Wed, Apr 11, 2018 at 2:04 PM, wrote:
> From: Michal Hocko
>
> 4.17+ kernels offer a new MAP_FIXED_NOREPLACE flag which allows the caller to
> atomicaly probe for a given address range.
>
> [wording heavily updated by John Hubbard ]
> Signed-off-by: Michal Hocko
> ---
> Hi,
> Andrew's sent th
On Wed, Apr 11, 2018 at 11:20:04AM +0100, Catalin Marinas wrote:
> On Fri, Apr 06, 2018 at 03:22:49PM +0200, Andrea Parri wrote:
> > On Thu, Apr 05, 2018 at 05:58:57PM +0100, Will Deacon wrote:
> > > I've been kicking the tyres further on qspinlock and with this set of
> > > patches
> > > I'm happ
The following changes since commit 0adb32858b0bddf4ada5f364a84ed60b196dbcda:
Linux 4.16 (2018-04-01 14:20:27 -0700)
are available in the git repository at:
git+ssh://gitol...@ra.kernel.org/pub/scm/linux/kernel/git/arnd/asm-generic.git
tags/asm-generic
for you to fetch changes up to a71e7c44
de4x5_hw_init() is never called in atomic context.
de4x5_hw_init() is only called by de4x5_pci_probe(), which is only
set as ".probe" in struct pci_driver.
Despite never getting called from atomic context, de4x5_hw_init()
calls mdelay() to busily wait.
This is not necessary and can be replaced
On 11 April 2018 at 17:37, Peter Zijlstra wrote:
> On Wed, Apr 11, 2018 at 05:29:01PM +0200, Vincent Guittot wrote:
>> On 11 April 2018 at 17:14, Peter Zijlstra wrote:
>> > On Tue, Apr 10, 2018 at 12:04:12PM +0100, Patrick Bellasi wrote:
>> >> On 09-Apr 10:51, Vincent Guittot wrote:
>> >
>> >> >
> -Original Message-
> From: Alex Williamson [mailto:alex.william...@redhat.com]
> Sent: Tuesday, April 10, 2018 11:19 PM
> To: Zhang, Yulei
> Cc: k...@vger.kernel.org; linux-kernel@vger.kernel.org; Tian, Kevin
> ; joonas.lahti...@linux.intel.com;
> zhen...@linux.intel.com; Wang, Zhi A ;
On 04/11/2018 09:15 AM, Peter Rosin wrote:
> This is a current sense amplifier from Analog Devices.
>
> Signed-off-by: Peter Rosin
> ---
> drivers/iio/afe/Kconfig | 3 +-
> drivers/iio/afe/iio-unit-converter.c | 54
>
> 2 files changed, 56 inse
On 04/08/2018 01:20 AM, Baoquan He wrote:
> On 04/06/18 at 07:50am, Dave Hansen wrote:
>> The code looks fine to me. It's a bit of a shame that there's no
>> verification to ensure that idx_present never goes beyond the shiny new
>> nr_present_sections.
>
> This is a good point. Do you think it'
On Wed, Apr 11, 2018 at 04:17:11PM +0200, Petr Mladek wrote:
> > I still agree with my original conclusion that enforcing stack order no
> > longer makes sense though.
>
> The question is what we will get if we remove the stack. Will it
> really make the code easier and livepatching more safe?
>
Hi Linus,
The following changes since commit 3eb2ce825ea1ad89d20f7a3b5780df850e4be274:
Linux 4.16-rc7 (2018-03-25 12:44:30 -1000)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu.git
tags/iommu-updates-v4.17
for you to fetch changes up to d4
Hi Jia-Ju,
Thank you for the patch! Yet something to improve:
[auto build test ERROR on net-next/master]
[also build test ERROR on v4.16 next-20180411]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system]
url:
https://github.com/0day-ci/linux
sxgbe_sw_reset() is never called in atomic context.
sxgbe_sw_reset() is only called by sxgbe_drv_probe(), which is
only called by sxgbe_platform_probe().
sxgbe_platform_probe() is set as ".probe" in struct platform_driver.
This function is not called in atomic context.
Despite never getting call
On 04/11/2018 05:43 PM, Andrew F. Davis wrote:
> On 04/11/2018 09:15 AM, Peter Rosin wrote:
>> This is a current sense amplifier from Analog Devices.
>>
>> Signed-off-by: Peter Rosin
>> ---
>> drivers/iio/afe/Kconfig | 3 +-
>> drivers/iio/afe/iio-unit-converter.c | 54
>> +
Hi Jia-Ju,
Thank you for the patch! Yet something to improve:
[auto build test ERROR on net-next/master]
[also build test ERROR on v4.16 next-20180411]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system]
url:
https://github.com/0day-ci/linux
On Wed, 2018-04-11 at 16:28 +0200, Alexandru Moise wrote:
> [0.76] BUG: unable to handle kernel NULL pointer dereference at
> 01b4
> [0.763350] Kernel panic - not syncing: Attempted to kill init!
> exitcode=0x0009
> [0.763350]
> [0.76] PGD 0 P4D 0
> [0.
2018-03-28 20:44 GMT+09:00 Kees Cook :
> On Mon, Mar 26, 2018 at 10:29 PM, Masahiro Yamada
> wrote:
>> Run scripts/gcc-plugin.sh from Kconfig. Users can enable GCC_PLUGINS
>> only when it is supported.
>>
>> Signed-off-by: Masahiro Yamada
>> ---
>>
>> Changes in v2: None
>>
>> arch/Kconfig
On Wed, 2018-04-11 at 16:09 +0200, Lukasz Majewski wrote:
> From: Sascha Hauer
>
> The mc34708 has an improved adc. The older variants will always convert
> a fixed order of channels. The mc34708 can do up to eight conversions
> in arbitrary channel order. Currently this extended feature is not
>
On Wed, Apr 11, 2018 at 03:10:16PM +0100, David Howells wrote:
> Colin Ian King wrote:
>
> > >> -mask = (1 << nr_slots) - 1;
> > >> +mask = (1ULL << nr_slots) - 1;
> > >
> > > nr_slots cannot be larger than 9, so what I wrote is actually fine and is
> > > more efficient on a 32-b
On Wed, Apr 11, 2018 at 05:41:24PM +0200, Vincent Guittot wrote:
> Yes. and to be honest I don't have any clues of the root cause :-(
> Heiner mentioned that it's much better in latest linux-next but I
> haven't seen any changes related to the code of those patches
Yeah, it's a bit of a puzzle. No
On Wed, 2018-04-11 at 16:13 +0200, Lukasz Majewski wrote:
> From: Sascha Hauer
>
> The mc34708 has a different bit to enable pen detection. This
> adds the driver data and devtype necessary to probe the device
> and to distinguish between the mc13783 and the mc34708.
style trivia:
> diff --git
Matheus Castello writes:
> Added generic pin configuration and multiplexing support,
> and should be preferred than brcm legacy one.
>
> Signed-off-by: Matheus Castello
> ---
> .../devicetree/bindings/pinctrl/brcm,bcm2835-gpio.txt | 18
> ++
> 1 file changed, 18 insertions(+)
Dan Carpenter wrote:
> Ideally static analyzers should know that nr_slots is 0-9, but right now
> that seems pretty tricky to figure out...
1-9, actually, but, yeah. Maybe the addition of "assertions" that aren't
actually evaluated at runtime?
David
On Tue, 10 Apr 2018, David Howells wrote:
Randy Dunlap wrote:
Since this header is in "include/uapi/linux/", apparently people
want to use it in userspace programs -- even in C++ ones.
However, the header uses a C++ reserved keyword ("private"),
so change that to "dh_private" instead to allo
This is v5 of the Theobroma Systems CAN/USB "UCAN" adapter driver
upstreaming effort.
v4 -> v5 changes:
* describe bus-off handling in rst documentation
* fix inverted if in tx_complete
* try to fit overlong strings in 80 chars
* use early returns instead of goto where possible
* add spinlock arou
The UCAN driver supports the microcontroller-based USB/CAN
adapters from Theobroma Systems. There are two form-factors
that run essentially the same firmware:
* Seal: standalone USB stick ( https://www.theobroma-systems.com/seal )
* Mule: integrated on the PCB of various System-on-Modules from
Mikulas Patocka writes:
> On Thu, 22 Mar 2018, Greg Kroah-Hartman wrote:
>
>> On Fri, Mar 23, 2018 at 12:48:06AM +1100, Daniel Axtens wrote:
>> > Hi,
>> >
>> > >> This patch works, I've had no tty crashes since applying it.
>> > >>
>> > >> I've seen that you haven't sent this patch yet to Linux-
On Wed, Apr 11, 2018 at 8:55 AM, Masahiro Yamada
wrote:
> No.
> There is no problem to use a compiler without plugin support.
>
> If a user does not want to use plugin in the first place,
> why does he/she need to be bothered by such information in stderr?
So, I don't think it's needed for the fi
On 11 April 2018 at 18:00, Peter Zijlstra wrote:
> On Wed, Apr 11, 2018 at 05:41:24PM +0200, Vincent Guittot wrote:
>> Yes. and to be honest I don't have any clues of the root cause :-(
>> Heiner mentioned that it's much better in latest linux-next but I
>> haven't seen any changes related to the
Arnd,
I am looking at the siginfo si_utime and si_stime fields of type clock_t
on 32bit architectures except for x32 these are 32bit fields. For y2038
do we want to extend these fields to 64bit like x32 does? Or is it not
a problem for these fields to be 32bit?
I care right now because I am tr
On 04/11/2018 10:51 AM, Lars-Peter Clausen wrote:
> On 04/11/2018 05:43 PM, Andrew F. Davis wrote:
>> On 04/11/2018 09:15 AM, Peter Rosin wrote:
>>> This is a current sense amplifier from Analog Devices.
>>>
>>> Signed-off-by: Peter Rosin
>>> ---
>>> drivers/iio/afe/Kconfig | 3 +-
>
On Wed, Apr 11, 2018 at 10:13:11AM -0400, Sinan Kaya wrote:
> On 4/11/2018 10:08 AM, Greg Kroah-Hartman wrote:
> >>> So I added these stable tags:
> >>>
> >>> CC: sta...@vger.kernel.org # v4.11: 62ce94a7a5a5 PCI: Mark
> >>> Broadcom HT2100 Root Port Extended Tags as broken
> >>> CC: sta..
On Wed, Apr 11, 2018 at 06:10:47PM +0200, Vincent Guittot wrote:
> > Could is be that for some reason the nohz balancer now takes a very long
> > time to run?
>
> Heiner mentions that is was a relatively slow celeron and he uses
> ondemand governor. So I was about to ask him to use performance
> g
On Wed, 2018-04-11 at 23:39 +0800, Jia-Ju Bai wrote:
> de4x5_hw_init() is never called in atomic context.
>
> de4x5_hw_init() is only called by de4x5_pci_probe(), which is only
> set as ".probe" in struct pci_driver.
>
> Despite never getting called from atomic context, de4x5_hw_init()
> calls
On Wed, Apr 11, 2018 at 01:15:58PM +0200, Paolo Bonzini wrote:
> On 10/04/2018 23:34, Paul E. McKenney wrote:
> > Glad it helps, and I have queued it for the next merge window. Of course,
> > if a further improvement comes to mind, please do not keep it a secret. ;-)
>
> Yes, there are several c
On 04/11/2018 12:14 AM, Jia-Ju Bai wrote:
>
>
> On 2018/4/11 13:30, Phil Reid wrote:
>> On 11/04/2018 09:51, Jia-Ju Bai wrote:
>>> b53_switch_reset_gpio() is never called in atomic context.
>>>
>>> The call chain ending up at b53_switch_reset_gpio() is:
>>> [1] b53_switch_reset_gpio() <- b53_swit
From: Salvatore Mesoraca
> Sent: 09 April 2018 17:38
...
> > You can also do much better than allocating MAX_BLOCKSIZE + MAX_ALIGNMASK
> > bytes by requesting 'long' aligned on-stack memory.
> > The easiest way is to define a union like:
> >
> > union crypto_tmp {
> > u8 buf[CRYPTO_MAX_TMP_
On 4/11/2018 10:19 AM, Greg Kroah-Hartman wrote:
> Next time explicitly ask the question, don't expect someone to rummage
> through an email to determine what you are thinking. You are being lazy
> by just adding someone else to an email thread like this, be considerate
> and take the time to expl
Provide a single call to allow kernel code to determine whether the system
should be locked down, thereby disallowing various accesses that might
allow the running kernel image to be changed, including:
- /dev/mem and similar
- Loading of unauthorised modules
- Fiddling with MSR registers
- Su
Hi Linus,
I've modified my lockdown mode patches to remove the EFI/secure-boot
interaction and to ignore kexec. Would you be willing to accept this?
David
---
Here's a set of patches to institute a "locked-down mode" in the kernel.
If enabled, the lockdown can be triggered either by configurat
From: Kyle McMartin
Make an option to provide a sysrq key that will lift the kernel lockdown,
thereby allowing the running kernel image to be accessed and modified.
On x86 this is triggered with SysRq+x, but this key may not be available on
all arches, so it is set by setting LOCKDOWN_LIFT_KEY i
If the kernel is locked down, require that all modules have valid
signatures that we can verify or that IMA can validate the file.
I have adjusted the errors generated:
(1) If there's no signature (ENODATA) or we can't check it (ENOPKG,
ENOKEY), then:
(a) If signatures are enforced th
From: Mimi Zohar
Require the "secure_boot" rules, whether or not it is specified
on the boot command line, for both the builtin and custom policies
in secure boot lockdown mode.
Signed-off-by: Mimi Zohar
Signed-off-by: David Howells
---
security/integrity/ima/ima_policy.c | 39
From: Matthew Garrett
Allowing users to read and write to core kernel memory makes it possible
for the kernel to be subverted, avoiding module loading restrictions, and
also to steal cryptographic information.
Disallow /dev/mem and /dev/kmem from being opened this when the kernel has
been locked
From: Matthew Garrett
uswsusp allows a user process to dump and then restore kernel state, which
makes it possible to modify the running kernel. Disable this if the kernel
is locked down.
Signed-off-by: Matthew Garrett
Signed-off-by: David Howells
Reviewed-by: "Lee, Chun-Yi"
Reviewed-by: Jam
From: Matthew Garrett
custom_method effectively allows arbitrary access to system memory, making
it possible for an attacker to circumvent restrictions on module loading.
Disable it if the kernel is locked down.
Signed-off-by: Matthew Garrett
Signed-off-by: David Howells
Reviewed-by: "Lee, Chu
From: Matthew Garrett
Writing to MSRs should not be allowed if the kernel is locked down, since
it could lead to execution of arbitrary code in kernel mode. Based on a
patch by Kees Cook.
MSR accesses are logged for the purposes of building up a whitelist as per
Alan Cox's suggestion.
Signed-o
From: Linn Crosetto
>From the kernel documentation (initrd_table_override.txt):
If the ACPI_INITRD_TABLE_OVERRIDE compile option is true, it is possible
to override nearly any ACPI table provided by the BIOS with an
instrumented, modified one.
When securelevel is set, the kernel should di
From: Matthew Garrett
IO port access would permit users to gain access to PCI configuration
registers, which in turn (on a lot of hardware) give access to MMIO
register space. This would potentially permit root to trigger arbitrary
DMA, so lock it down by default.
This also implicitly locks down
From: Matthew Garrett
The kexec_load() syscall permits the loading and execution of arbitrary
code in ring 0, which is something that lock-down is meant to prevent. It
makes sense to disable kexec_load() in this situation.
This does not affect kexec_file_load() syscall which can check for a
sign
From: Josh Boyer
This option allows userspace to pass the RSDP address to the kernel, which
makes it possible for a user to modify the workings of hardware . Reject
the option when the kernel is locked down.
Signed-off-by: Josh Boyer
Signed-off-by: David Howells
Reviewed-by: "Lee, Chun-Yi"
c
From: Josh Boyer
There is currently no way to verify the resume image when returning
from hibernate. This might compromise the signed modules trust model,
so until we can work with signed hibernate images we disable it when the
kernel is locked down.
Signed-off-by: Josh Boyer
Signed-off-by: Da
From: Matthew Garrett
Any hardware that can potentially generate DMA has to be locked down in
order to avoid it being possible for an attacker to modify kernel code,
allowing them to circumvent disabled module loading or module signing.
Default to paranoid - in future we can potentially relax thi
Prohibit replacement of the PCMCIA Card Information Structure when the
kernel is locked down.
Suggested-by: Dominik Brodowski
Signed-off-by: David Howells
cc: linux-pcm...@lists.infradead.org
---
drivers/pcmcia/cistpl.c |3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/pcmcia/c
Provided an annotation for module parameters that specify hardware
parameters (such as io ports, iomem addresses, irqs, dma channels, fixed
dma buffers and other types).
Suggested-by: Alan Cox
Signed-off-by: David Howells
---
kernel/params.c | 26 +-
1 file changed, 2
The testmmiotrace module shouldn't be permitted when the kernel is locked
down as it can be used to arbitrarily read and write MMIO space.
Suggested-by: Thomas Gleixner
Signed-off-by: David Howells
cc: Steven Rostedt
cc: Ingo Molnar
cc: "H. Peter Anvin"
cc: x...@kernel.org
---
arch/x86/mm/t
Lock down TIOCSSERIAL as that can be used to change the ioport and irq
settings on a serial port. This only appears to be an issue for the serial
drivers that use the core serial code. All other drivers seem to either
ignore attempts to change port/irq or give an error.
Reported-by: Greg Kroah-H
From: Linn Crosetto
ACPI provides an error injection mechanism, EINJ, for debugging and testing
the ACPI Platform Error Interface (APEI) and other RAS features. If
supported by the firmware, ACPI specification 5.0 and later provide for a
way to specify a physical memory address to which to injec
Disallow the use of certain perf facilities that might allow userspace to
access kernel data.
Signed-off-by: David Howells
---
kernel/events/core.c |5 +
1 file changed, 5 insertions(+)
diff --git a/kernel/events/core.c b/kernel/events/core.c
index fc1c330c6bd6..1922f2e0980a 100644
---
Disallow access to /proc/kcore when the kernel is locked down to prevent
access to cryptographic data.
Signed-off-by: David Howells
Reviewed-by: James Morris
---
fs/proc/kcore.c |2 ++
1 file changed, 2 insertions(+)
diff --git a/fs/proc/kcore.c b/fs/proc/kcore.c
index d1e82761de81..cdebd
There are some bpf functions can be used to read kernel memory:
bpf_probe_read, bpf_probe_write_user and bpf_trace_printk. These allow
private keys in kernel memory (e.g. the hibernation image signing key) to
be read by an eBPF program.
Completely prohibit the use of BPF when the kernel is locked
Disallow the creation of kprobes when the kernel is locked down by
preventing their registration. This prevents kprobes from being used to
access kernel memory, either to make modifications or to steal crypto data.
Reported-by: Alexei Starovoitov
Signed-off-by: David Howells
---
kernel/kprobe
Disallow opening of debugfs files that might be used to muck around when
the kernel is locked down as various drivers give raw access to hardware
through debugfs. Given the effort of auditing all 2000 or so files and
manually fixing each one as necessary, I've chosen to apply a heuristic
instead.
On Wed, 11 Apr 2018 10:15:02 +0200 Peter Zijlstra wrote:
> On Tue, Apr 10, 2018 at 03:00:11PM -0700, Andrew Morton wrote:
> > On Tue, 10 Apr 2018 14:53:51 -0700 Joe Perches wrote:
> >
> > > On Tue, 2018-04-10 at 14:39 -0700, Andrew Morton wrote:
> > > > On Tue, 10 Apr 2018 11:19:54 -0700 Joe Pe
On Wed, Apr 11, 2018 at 09:19:56AM -0700, Paul E. McKenney wrote:
> >
> >Prior Operation Subsequent Operation
> >--- -
> >R W RMW SV R W DR DW
On Tue, Apr 10 2018 at 18:31 -0600, Bjorn Andersson wrote:
On Thu 05 Apr 09:18 PDT 2018, Lina Iyer wrote:
diff --git a/drivers/soc/qcom/rpmh-internal.h b/drivers/soc/qcom/rpmh-internal.h
[..]
@@ -439,6 +445,107 @@ int rpmh_rsc_send_data(struct rsc_drv *drv, const struct
tcs_request *msg)
}
401 - 500 of 1466 matches
Mail list logo
