1. 11 Jan, 2019 1 commit
  2. 10 Jan, 2019 2 commits
    • Jens Axboe's avatar
      Merge branch 'nvme-5.0' of git://git.infradead.org/nvme into for-linus · a39c330d
      Jens Axboe authored
      Pull NVMe fixes from Christoph.
      * 'nvme-5.0' of git://git.infradead.org/nvme:
        nvme: don't initlialize ctrl->cntlid twice
        nvme: introduce NVME_QUIRK_IGNORE_DEV_SUBNQN
        nvme: pad fake subsys NQN vid and ssvid with zeros
        nvme-multipath: zero out ANA log buffer
        nvme-fabrics: unset write/poll queues for discovery controllers
        nvme-tcp: don't ask if controller is fabrics
        nvme-tcp: remove dead code
        nvme-pci: fix out of bounds access in nvme_cqe_pending
        nvme-pci: rerun irq setup on IO queue init errors
        nvme-pci: use the same attributes when freeing host_mem_desc_bufs.
        nvme-pci: fix the wrong setting of nr_maps
    • Jaegeuk Kim's avatar
      loop: drop caches if offset or block_size are changed · 5db470e2
      Jaegeuk Kim authored
      If we don't drop caches used in old offset or block_size, we can get old data
      from new offset/block_size, which gives unexpected data to user.
      For example, Martijn found a loopback bug in the below scenario.
      1) LOOP_SET_FD loads first two pages on loop file
      2) LOOP_SET_STATUS64 changes the offset on the loop file
      3) mount is failed due to the cached pages having wrong superblock
      Cc: Jens Axboe <axboe@kernel.dk>
      Cc: linux-block@vger.kernel.org
      Reported-by: default avatarMartijn Coenen <maco@google.com>
      Reviewed-by: default avatarBart Van Assche <bvanassche@acm.org>
      Signed-off-by: default avatarJaegeuk Kim <jaegeuk@kernel.org>
      Signed-off-by: default avatarJens Axboe <axboe@kernel.dk>
  3. 09 Jan, 2019 14 commits
  4. 06 Jan, 2019 1 commit
  5. 05 Jan, 2019 1 commit
  6. 04 Jan, 2019 1 commit
  7. 03 Jan, 2019 13 commits
    • Ming Lei's avatar
      block: sunvdc: don't run hw queue synchronously from irq context · 43bfeb45
      Ming Lei authored
      vdc_blk_queue_start() may be called from irq context, so we can't run
      queue via blk_mq_start_hw_queues() since we never allow to run queue
      from irq context. Use blk_mq_start_stopped_hw_queues(q, true) to fix
      this issue.
      Fixes: fa182a1f ("sunvdc: convert to blk-mq")
      Reported-by: default avatarAnatoly Pugachev <matorola@gmail.com>
      Tested-by: default avatarAnatoly Pugachev <matorola@gmail.com>
      Cc: Anatoly Pugachev <matorola@gmail.com>
      Cc: sparclinux@vger.kernel.org
      Acked-by: default avatarDavid S. Miller <davem@davemloft.net>
      Signed-off-by: default avatarMing Lei <ming.lei@redhat.com>
      Signed-off-by: default avatarJens Axboe <axboe@kernel.dk>
    • Jens Axboe's avatar
      Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/shli/md into for-linus · dc629c21
      Jens Axboe authored
      Pull the pending 4.21 changes for md from Shaohua.
      * 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/shli/md:
        md: fix raid10 hang issue caused by barrier
        raid10: refactor common wait code from regular read/write request
        md: remvoe redundant condition check
        lib/raid6: add option to skip algo benchmarking
        lib/raid6: sort algos in rough performance order
        lib/raid6: check for assembler SSSE3 support
        lib/raid6: avoid __attribute_const__ redefinition
        lib/raid6: add missing include for raid6test
        md: remove set but not used variable 'bi_rdev'
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input · 645ff1e8
      Linus Torvalds authored
      Pull input updates from Dmitry Torokhov:
       "A tiny pull request this merge window unfortunately, should get more
        material in for the next release:
         - new driver for Raspberry Pi's touchscreen (firmware interface)
         - miscellaneous input driver fixes"
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input:
        Input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G
        Input: atmel_mxt_ts - don't try to free unallocated kernel memory
        Input: drv2667 - fix indentation issues
        Input: touchscreen - fix coding style issue
        Input: add official Raspberry Pi's touchscreen driver
        Input: nomadik-ske-keypad - fix a loop timeout test
        Input: rotary-encoder - don't log EPROBE_DEFER to kernel log
        Input: olpc_apsp - remove set but not used variable 'np'
        Input: olpc_apsp - enable the SP clock
        Input: olpc_apsp - check FIFO status on open(), not probe()
        Input: olpc_apsp - drop CONFIG_OLPC dependency
        clk: mmp2: add SP clock
        dt-bindings: marvell,mmp2: Add clock id for the SP clock
        Input: ad7879 - drop platform data support
    • Linus Torvalds's avatar
      Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost · d548e659
      Linus Torvalds authored
      Pull virtio/vhost updates from Michael Tsirkin:
      "Features, fixes, cleanups:
         - discard in virtio blk
         - misc fixes and cleanups"
      * tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost:
        vhost: correct the related warning message
        vhost: split structs into a separate header file
        virtio: remove deprecated VIRTIO_PCI_CONFIG()
        vhost/vsock: switch to a mutex for vhost_vsock_hash
        virtio_blk: add discard and write zeroes support
    • Linus Torvalds's avatar
      Merge tag 'for-4.21/block-20190102' of git://git.kernel.dk/linux-block · 77d0b194
      Linus Torvalds authored
      Pull more block updates from Jens Axboe:
       - Dead code removal for loop/sunvdc (Chengguang)
       - Mark BIDI support for bsg as deprecated, logging a single dmesg
         warning if anyone is actually using it (Christoph)
       - blkcg cleanup, killing a dead function and making the tryget_closest
         variant easier to read (Dennis)
       - Floppy fixes, one fixing a regression in swim3 (Finn)
       - lightnvm use-after-free fix (Gustavo)
       - gdrom leak fix (Wenwen)
       - a set of drbd updates (Lars, Luc, Nathan, Roland)
      * tag 'for-4.21/block-20190102' of git://git.kernel.dk/linux-block: (28 commits)
        block/swim3: Fix regression on PowerBook G3
        block/swim3: Fix -EBUSY error when re-opening device after unmount
        block/swim3: Remove dead return statement
        block/amiflop: Don't log error message on invalid ioctl
        gdrom: fix a memory leak bug
        lightnvm: pblk: fix use-after-free bug
        block: sunvdc: remove redundant code
        block: loop: remove redundant code
        bsg: deprecate BIDI support in bsg
        blkcg: remove unused __blkg_release_rcu()
        blkcg: clean up blkg_tryget_closest()
        drbd: Change drbd_request_detach_interruptible's return type to int
        drbd: Avoid Clang warning about pointless switch statment
        drbd: introduce P_ZEROES (REQ_OP_WRITE_ZEROES on the "wire")
        drbd: skip spurious timeout (ping-timeo) when failing promote
        drbd: don't retry connection if peers do not agree on "authentication" settings
        drbd: fix print_st_err()'s prototype to match the definition
        drbd: avoid spurious self-outdating with concurrent disconnect / down
        drbd: do not block when adjusting "disk-options" while IO is frozen
        drbd: fix comment typos
    • Linus Torvalds's avatar
      Merge tag 'for-4.21/libata-20190102' of git://git.kernel.dk/linux-block · b79f9f93
      Linus Torvalds authored
      Pull libata fix from Jens Axboe:
       "This libata change missed the original libata pull request.
        Just a single fix in here, fixing a missed reference drop"
      * tag 'for-4.21/libata-20190102' of git://git.kernel.dk/linux-block:
        ata: pata_macio: add of_node_put()
    • Linus Torvalds's avatar
      Merge tag 'clk-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux · 0f2107da
      Linus Torvalds authored
      Pull more clk updates from Stephen Boyd:
       "One more patch to generalize a set of DT binding defines now before
        -rc1 comes out.
        This way the SoC DTS files can use the proper defines from a stable
      * tag 'clk-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux:
        clk: imx8qxp: make the name of clock ID generic
    • Linus Torvalds's avatar
      Merge tag 'devprop-4.21-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm · 01766d27
      Linus Torvalds authored
      Pull device properties framework fixes from Rafael Wysocki:
       "Fix two potential NULL pointer dereferences found by Coverity in the
        software nodes code introduced recently (Colin Ian King)"
      * tag 'devprop-4.21-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
        drivers: base: swnode: check if swnode is NULL before dereferencing it
        drivers: base: swnode: check if pointer p is NULL before dereferencing it
    • Linus Torvalds's avatar
      Merge tag 'mailbox-v4.21' of git://git.linaro.org/landing-teams/working/fujitsu/integration · 35ddb06a
      Linus Torvalds authored
      Pull mailbox updates from Jassi Brar:
       - Introduce device-managed registration
         devm_mbox_controller_un/register and convert drivers to use it
       - Introduce flush api to support clients that must busy-wait in atomic
       - Support multiple controllers per device
       - Hi3660: a bugfix and constify ops structure
       - TI-MsgMgr: off by one bugfix.
       - BCM: switch to spdx license
       - Tegra-HSP: support for shared mailboxes and suspend/resume.
      * tag 'mailbox-v4.21' of git://git.linaro.org/landing-teams/working/fujitsu/integration: (30 commits)
        mailbox: tegra-hsp: Use device-managed registration API
        mailbox: tegra-hsp: use devm_kstrdup_const()
        mailbox: tegra-hsp: Add suspend/resume support
        mailbox: tegra-hsp: Add support for shared mailboxes
        dt-bindings: tegra186-hsp: Add shared mailboxes
        mailbox: Allow multiple controllers per device
        mailbox: Support blocking transfers in atomic context
        mailbox: ti-msgmgr: Use device-managed registration API
        mailbox: stm32-ipcc: Use device-managed registration API
        mailbox: rockchip: Use device-managed registration API
        mailbox: qcom-apcs: Use device-managed registration API
        mailbox: platform-mhu: Use device-managed registration API
        mailbox: omap: Use device-managed registration API
        mailbox: mtk-cmdq: Remove needless devm_kfree() calls
        mailbox: mtk-cmdq: Use device-managed registration API
        mailbox: xgene-slimpro: Use device-managed registration API
        mailbox: sti: Use device-managed registration API
        mailbox: altera: Use device-managed registration API
        mailbox: imx: Use device-managed registration API
        mailbox: hi6220: Use device-managed registration API
    • Linus Torvalds's avatar
      Merge branch 'for-linus-4.21-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rw/uml · 6aa293d8
      Linus Torvalds authored
      Pull UML updates from Richard Weinberger:
       - DISCARD support for our block device driver
       - Many TLB flush optimizations
       - Various smaller fixes
       - And most important, Anton agreed to help me maintaining UML
      * 'for-linus-4.21-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rw/uml:
        um: Remove obsolete reenable_XX calls
        um: writev needs <sys/uio.h>
        Add Anton Ivanov to UML maintainers
        um: remove redundant generic-y
        um: Optimize Flush TLB for force/fork case
        um: Avoid marking pages with "changed protection"
        um: Skip TLB flushing where not needed
        um: Optimize TLB operations v2
        um: Remove unnecessary faulted check in uaccess.c
        um: Add support for DISCARD in the UBD Driver
        um: Remove unsafe printks from the io thread
        um: Clean-up command processing in UML UBD driver
        um: Switch to block-mq constants in the UML UBD driver
        um: Make GCOV depend on !KCOV
        um: Include sys/uio.h to have writev()
        um: Update maintainers file entry
    • Linus Torvalds's avatar
      Merge tag 's390-4.21-1' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux · 04a17ede
      Linus Torvalds authored
      Pull s390 updates from Martin Schwidefsky:
       - A larger update for the zcrypt / AP bus code:
          + Update two inline assemblies in the zcrypt driver to make gcc happy
          + Add a missing reply code for invalid special commands for zcrypt
          + Allow AP device reset to be triggered from user space
          + Split the AP scan function into smaller, more readable functions
       - Updates for vfio-ccw and vfio-ap
          + Add maintainers and reviewer for vfio-ccw
          + Include facility.h in vfio_ap_drv.c to avoid fragile include chain
          + Simplicy vfio-ccw state machine
       - Use the common code version of bust_spinlocks
       - Make use of the DEFINE_SHOW_ATTRIBUTE
       - Fix three incorrect file permissions in the DASD driver
       - Remove bit spin-lock from the PCI interrupt handler
       - Fix GFP_ATOMIC vs GFP_KERNEL in the PCI code
      * tag 's390-4.21-1' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux:
        s390/zcrypt: rework ap scan bus code
        s390/zcrypt: make sysfs reset attribute trigger queue reset
        s390/pci: fix sleeping in atomic during hotplug
        s390/pci: remove bit_lock usage in interrupt handler
        s390/drivers: fix proc/debugfs file permissions
        s390: convert to DEFINE_SHOW_ATTRIBUTE
        MAINTAINERS/vfio-ccw: add Farhan and Eric, make Halil Reviewer
        vfio: ccw: Merge BUSY and BOXED states
        s390: use common bust_spinlocks()
        s390/zcrypt: improve special ap message cmd handling
        s390/ap: rework assembler functions to use unions for in/out register variables
        s390: vfio-ap: include <asm/facility> for test_facility()
    • Linus Torvalds's avatar
      Merge tag 'nfs-for-4.21-1' of git://git.linux-nfs.org/projects/anna/linux-nfs · e6b92572
      Linus Torvalds authored
      Pull NFS client updates from Anna Schumaker:
       "Stable bugfixes:
         - xprtrdma: Yet another double DMA-unmap # v4.20
         - Allow some /proc/sys/sunrpc entries without CONFIG_SUNRPC_DEBUG
         - Per-xprt rdma receive workqueues
         - Drop support for FMR memory registration
         - Make port= mount option optional for RDMA mounts
        Other bugfixes and cleanups:
         - Remove unused nfs4_xdev_fs_type declaration
         - Fix comments for behavior that has changed
         - Remove generic RPC credentials by switching to 'struct cred'
         - Fix crossing mountpoints with different auth flavors
         - Various xprtrdma fixes from testing and auditing the close code
         - Fixes for disconnect issues when using xprtrdma with krb5
         - Clean up and improve xprtrdma trace points
         - Fix NFS v4.2 async copy reboot recovery"
      * tag 'nfs-for-4.21-1' of git://git.linux-nfs.org/projects/anna/linux-nfs: (63 commits)
        sunrpc: convert to DEFINE_SHOW_ATTRIBUTE
        sunrpc: Add xprt after nfs4_test_session_trunk()
        sunrpc: convert unnecessary GFP_ATOMIC to GFP_NOFS
        sunrpc: handle ENOMEM in rpcb_getport_async
        NFS: remove unnecessary test for IS_ERR(cred)
        xprtrdma: Prevent leak of rpcrdma_rep objects
        NFSv4.2 fix async copy reboot recovery
        xprtrdma: Don't leak freed MRs
        xprtrdma: Add documenting comment for rpcrdma_buffer_destroy
        xprtrdma: Replace outdated comment for rpcrdma_ep_post
        xprtrdma: Update comments in frwr_op_send
        SUNRPC: Fix some kernel doc complaints
        SUNRPC: Simplify defining common RPC trace events
        NFS: Fix NFSv4 symbolic trace point output
        xprtrdma: Trace mapping, alloc, and dereg failures
        xprtrdma: Add trace points for calls to transport switch methods
        xprtrdma: Relocate the xprtrdma_mr_map trace points
        xprtrdma: Clean up of xprtrdma chunk trace points
        xprtrdma: Remove unused fields from rpcrdma_ia
        xprtrdma: Cull dprintk() call sites
    • Linus Torvalds's avatar
      Merge tag 'nfsd-4.21' of git://linux-nfs.org/~bfields/linux · e45428a4
      Linus Torvalds authored
      Pull nfsd updates from Bruce Fields:
       "Thanks to Vasily Averin for fixing a use-after-free in the
        containerized NFSv4.2 client, and cleaning up some convoluted
        backchannel server code in the process.
        Otherwise, miscellaneous smaller bugfixes and cleanup"
      * tag 'nfsd-4.21' of git://linux-nfs.org/~bfields/linux: (25 commits)
        nfs: fixed broken compilation in nfs_callback_up_net()
        nfs: minor typo in nfs4_callback_up_net()
        sunrpc: fix debug message in svc_create_xprt()
        sunrpc: make visible processing error in bc_svc_process()
        sunrpc: remove unused xpo_prep_reply_hdr callback
        sunrpc: remove svc_rdma_bc_class
        sunrpc: remove svc_tcp_bc_class
        sunrpc: remove unused bc_up operation from rpc_xprt_ops
        sunrpc: replace svc_serv->sv_bc_xprt by boolean flag
        sunrpc: use-after-free in svc_process_common()
        sunrpc: use SVC_NET() in svcauth_gss_* functions
        nfsd: drop useless LIST_HEAD
        lockd: Show pid of lockd for remote locks
        NFSD remove OP_CACHEME from 4.2 op_flags
        nfsd: Return EPERM, not EACCES, in some SETATTR cases
        sunrpc: fix cache_head leak due to queued request
        nfsd: clean up indentation, increase indentation in switch statement
        svcrdma: Optimize the logic that selects the R_key to invalidate
        nfsd: fix a warning in __cld_pipe_upcall()
        nfsd4: fix crash on writing v4_end_grace before nfsd startup
  8. 02 Jan, 2019 7 commits
    • Linus Torvalds's avatar
      Merge tag '9p-for-4.21' of git://github.com/martinetd/linux · 85f78456
      Linus Torvalds authored
      Pull 9p updates from Dominique Martinet:
       "Missing prototype warning fix and a syzkaller fix when a 9p server
        advertises a too small msize"
      * tag '9p-for-4.21' of git://github.com/martinetd/linux:
        9p/net: put a lower bound on msize
        net/9p: include trans_common.h to fix missing prototype warning.
    • Linus Torvalds's avatar
      Merge tag '4.21-smb3-fixes' of git://git.samba.org/sfrench/cifs-2.6 · cacf02df
      Linus Torvalds authored
      Pull cifs updates from Steve French:
       - four fixes for stable
       - improvements to DFS including allowing failover to alternate targets
       - some small performance improvements
      * tag '4.21-smb3-fixes' of git://git.samba.org/sfrench/cifs-2.6: (39 commits)
        cifs: update internal module version number
        cifs: we can not use small padding iovs together with encryption
        cifs: Minor Kconfig clarification
        cifs: Always resolve hostname before reconnecting
        cifs: Add support for failover in cifs_reconnect_tcon()
        cifs: Add support for failover in smb2_reconnect()
        cifs: Only free DFS target list if we actually got one
        cifs: start DFS cache refresher in cifs_mount()
        cifs: Use GFP_ATOMIC when a lock is held in cifs_mount()
        cifs: Add support for failover in cifs_reconnect()
        cifs: Add support for failover in cifs_mount()
        cifs: remove set but not used variable 'sep'
        cifs: Make use of DFS cache to get new DFS referrals
        cifs: minor updates to documentation
        cifs: check kzalloc return
        cifs: remove set but not used variable 'server'
        cifs: Use kzfree() to free password
        cifs: Fix to use kmem_cache_free() instead of kfree()
        cifs: update for current_kernel_time64() removal
        cifs: Add DFS cache routines
    • Linus Torvalds's avatar
      Merge branch 'next-tpm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security · 74673fc5
      Linus Torvalds authored
      Pull TPM updates from James Morris:
       - Support for partial reads of /dev/tpm0.
       - Clean up for TPM 1.x code: move the commands to tpm1-cmd.c and make
         everything to use the same data structure for building TPM commands
         i.e. struct tpm_buf.
      * 'next-tpm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (25 commits)
        tpm: add support for partial reads
        tpm: tpm_ibmvtpm: fix kdoc warnings
        tpm: fix kdoc for tpm2_flush_context_cmd()
        tpm: tpm_try_transmit() refactor error flow.
        tpm: use u32 instead of int for PCR index
        tpm1: reimplement tpm1_continue_selftest() using tpm_buf
        tpm1: reimplement SAVESTATE using tpm_buf
        tpm1: rename tpm1_pcr_read_dev to tpm1_pcr_read()
        tpm1: implement tpm1_pcr_read_dev() using tpm_buf structure
        tpm: tpm1: rewrite tpm1_get_random() using tpm_buf structure
        tpm: tpm-space.c remove unneeded semicolon
        tpm: tpm-interface.c drop unused macros
        tpm: add tpm_auto_startup() into tpm-interface.c
        tpm: factor out tpm_startup function
        tpm: factor out tpm 1.x pm suspend flow into tpm1-cmd.c
        tpm: move tpm 1.x selftest code from tpm-interface.c tpm1-cmd.c
        tpm: factor out tpm1_get_random into tpm1-cmd.c
        tpm: move tpm_getcap to tpm1-cmd.c
        tpm: move tpm1_pcr_extend to tpm1-cmd.c
        tpm: factor out tpm_get_timeouts()
    • Linus Torvalds's avatar
      Merge branch 'next-smack' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security · 19f2e267
      Linus Torvalds authored
      Pull smack updates from James Morris:
       "Two Smack patches for 4.21.
        Jose's patch adds missing documentation and Zoran's fleshes out the
        access checks on keyrings"
      * 'next-smack' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
        Smack: Improve Documentation
        smack: fix access permissions for keyring
    • Linus Torvalds's avatar
      block: don't use un-ordered __set_current_state(TASK_UNINTERRUPTIBLE) · 1ac5cd49
      Linus Torvalds authored
      This mostly reverts commit 849a3700 ("block: avoid ordered task
      state change for polled IO").  It was wrongly claiming that the ordering
      wasn't necessary.  The memory barrier _is_ necessary.
      If something is truly polling and not going to sleep, it's the whole
      state setting that is unnecessary, not the memory barrier.  Whenever you
      set your state to a sleeping state, you absolutely need the memory
      Note that sometimes the memory barrier can be elsewhere.  For example,
      the ordering might be provided by an external lock, or by setting the
      process state to sleeping before adding yourself to the wait queue list
      that is used for waking up (where the wait queue lock itself will
      guarantee that any wakeup will correctly see the sleeping state).
      But none of those cases were true here.
      NOTE! Some of the polling paths may indeed be able to drop the state
      setting entirely, at which point the memory barrier also goes away.
      (Also note that this doesn't revert the TASK_RUNNING cases: there is no
      race between a wakeup and setting the process state to TASK_RUNNING,
      since the end result doesn't depend on ordering).
      Cc: Jens Axboe <axboe@kernel.dk>
      Cc: Christoph Hellwig <hch@lst.de>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    • Linus Torvalds's avatar
      Merge branch 'next-seccomp' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security · d9a7fa67
      Linus Torvalds authored
      Pull seccomp updates from James Morris:
       - seccomp fixes for sparse warnings and s390 build (Tycho)
      * 'next-seccomp' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
        seccomp, s390: fix build for syscall type change
        seccomp: fix poor type promotion
        samples: add an example of seccomp user trap
        seccomp: add a return code to trap to userspace
        seccomp: switch system call argument type to void *
        seccomp: hoist struct seccomp_data recalculation higher
    • Linus Torvalds's avatar
      Merge branch 'next-integrity' of... · f218a29c
      Linus Torvalds authored
      Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
      Pull integrity updates from James Morris:
       "In Linux 4.19, a new LSM hook named security_kernel_load_data was
        upstreamed, allowing LSMs and IMA to prevent the kexec_load syscall.
        Different signature verification methods exist for verifying the
        kexec'ed kernel image. This adds additional support in IMA to prevent
        loading unsigned kernel images via the kexec_load syscall,
        independently of the IMA policy rules, based on the runtime "secure
        boot" flag. An initial IMA kselftest is included.
        In addition, this pull request defines a new, separate keyring named
        ".platform" for storing the preboot/firmware keys needed for verifying
        the kexec'ed kernel image's signature and includes the associated IMA
        kexec usage of the ".platform" keyring.
        (David Howell's and Josh Boyer's patches for reading the
        preboot/firmware keys, which were previously posted for a different
        use case scenario, are included here)"
      * 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
        integrity: Remove references to module keyring
        ima: Use inode_is_open_for_write
        ima: Support platform keyring for kernel appraisal
        efi: Allow the "db" UEFI variable to be suppressed
        efi: Import certificates from UEFI Secure Boot
        efi: Add an EFI signature blob parser
        efi: Add EFI signature data types
        integrity: Load certs to the platform keyring
        integrity: Define a trusted platform keyring
        selftests/ima: kexec_load syscall test
        ima: don't measure/appraise files on efivarfs
        x86/ima: retry detecting secure boot mode
        docs: Extend trusted keys documentation for TPM 2.0
        x86/ima: define arch_get_ima_policy() for x86
        ima: add support for arch specific policies
        ima: refactor ima_init_policy()
        ima: prevent kexec_load syscall based on runtime secureboot flag
        x86/ima: define arch_ima_get_secureboot
        integrity: support new struct public_key_signature encoding field