IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Declare reader functions for the instances of struct tpm_buf. If the read
goes out of boundary, TPM_BUF_BOUNDARY_ERROR is set, and subsequent read
will do nothing.
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Tested-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Declare tpm_buf_init_sized() and tpm_buf_reset_sized() for creating TPM2B
formatted buffers. These buffers are also known as sized buffers in the
specifications and literature.
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Tested-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
TPM2B buffers, or sized buffers, have a two byte header, which contains the
length of the payload as a 16-bit big-endian number, without counting in
the space taken by the header. This differs from encoding in the TPM header
where the length includes also the bytes taken by the header.
Unbound the length of a tpm_buf from the value stored to the TPM command
header. A separate encoding and decoding step so that different buffer
types can be supported, with variant header format and length encoding.
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Tested-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Remove deprecated portions and document enum values.
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Tested-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
separate out the tpm_buf_... handling functions from static inlines in
tpm.h and move them to their own tpm-buf.c file. This is a precursor
to adding new functions for other TPM type handling because the amount
of code will grow from the current 70 lines in tpm.h to about 200
lines when the additions are done. 200 lines of inline functions is a
bit too much to keep in a header file.
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Tested-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Open code the last remaining call site for tpm_send().
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Tested-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
The helper function has no call sites. Thus, remove it.
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Tested-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
The recent change to handle HAS_IOPORT removed the TPM_INF_IO_PORT
define for the HAS_IOPORT=n case despite the define being used in
sections of code not covered by the same ifdef check. This was missed
because at the moment TCG_INFINEON indirectly depends on HAS_IOPORT via
PNP which depends on ACPI || ISA. As TCG_INFINEON does in principle
support MMIO only use add it for COMPILE_TEST to cover the HAS_IOPORT=n
case.
Link: https://lore.kernel.org/lkml/9d9fa267-067e-421b-9a39-aa178b913298@app.fastmail.com/
Fixes: dab56f80e7f9 ("char: tpm: handle HAS_IOPORT dependencies")
Signed-off-by: Niklas Schnelle <schnelle@linux.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Add the ST chip st33ktpm2xi2c to the supported compatible strings of the
TPM TIS I2C schema. The Chip is compliant with the TCG PC Client TPM
Profile specification.
For reference, a datasheet is available at:
https://www.st.com/resource/en/data_brief/st33ktpm2xi2c.pdf
Reviewed-by: Alexander Sverdlin <alexander.sverdlin@siemens.com>
Signed-off-by: Michael Haener <michael.haener@siemens.com>
Reviewed-by: Krzysztof Kozlowski <krzk@kernel.org>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Based recent discussions on LKML, provide preliminary bits of tpm_tis_core
dependent drivers. Includes only bare essentials but can be extended later
on case by case. This way some people may even want to read it later on.
Reviewed-by: Bagas Sanjaya <bagasdotme@gmail.com>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Variable ret is being assigned and error code that is never read, it is
either being re-assigned in an error exit path or never referenced again
on the non-error path. The assignment is redundant and can be removed.
Cleans up clang scan build warning:
drivers/char/tpm/eventlog/acpi.c:145:2: warning: Value stored to 'ret'
is never read [deadcode.DeadStores]
Signed-off-by: Colin Ian King <colin.i.king@gmail.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
In a future patch HAS_IOPORT=n will disable inb()/outb() and friends at
compile time. We thus need to add this dependency and ifdef sections of
code using inb()/outb() as alternative access methods.
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Co-developed-by: Arnd Bergmann <arnd@kernel.org>
Signed-off-by: Arnd Bergmann <arnd@kernel.org>
Signed-off-by: Niklas Schnelle <schnelle@linux.ibm.com>
Acked-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Similarly to how polling first is supported for receive, it makes sense
to provide the same for accept. An accept operation does a lot of
expensive setup, like allocating an fd, a socket/inode, etc. If no
connection request is already pending, this is wasted and will just be
cleaned up and freed, only to retry via the usual poll trigger.
Add IORING_ACCEPT_POLL_FIRST, which tells accept to only initiate the
accept request if poll says we have something to accept.
Signed-off-by: Jens Axboe <axboe@kernel.dk>
This allows the caller to perform a non-blocking attempt, similarly to
how recvmsg has MSG_DONTWAIT. If set, and we get -EAGAIN on a connection
attempt, propagate the result to userspace rather than arm poll and
wait for a retry.
Suggested-by: Norman Maurer <norman_maurer@apple.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
- nvme target fixes (Sagi, Dan, Maurizo)
- new vendor quirk for broken MSI (Sean)
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEE3Fbyvv+648XNRdHTPe3zGtjzRgkFAmY9DAoACgkQPe3zGtjz
Rgm5fRAAnHWt/juXTgXquz145nVYO6rEBXbmLPa+vB/8/VoXZNEI48dDr9NwOlaN
voNmDdaMkSOMbbVKEG4pYhHpqgJoC3VV13SEUKmCk874zqrQnDdIITV2bLTY6+hH
j2ZxytKurntwFONMILfPiHxq7+40W1tvJ2jjywreLWOgD/UxVJ3wtgeBv/mm/mWY
X2QNTwBg/C57pCpa7B0i4HFALU77Xstrr9ibaRkQ1FQ5gVBnRFcDEqSLw+W+qjs6
8irxW8bsdIcHdiug0CcrVbrPFR5YBongZW7A+NCHvMSWmneJeXGQWV0+HojB755B
h1ZORM1XVtFfUoCywsewxuXIbfLdXIU4e3Ne5q1K5P6BiEDVVm0Y+F8hygF+QIT9
Zp5GIL4TOJ/c6JbuOKHFmA1u2+dTNfL4XwAEp1SQghzuhj9896QUT0zgkhac18Np
J6rd/nhyGkSK9lEsh1MWiKz96ZG2+Bj1pnvWILu75S2WU+IUDpFVK/oHdiptpspf
+NzkpKdbM1ZKHk166FMI/qVnoB2yj4rBESMKxVWzgliDL3I5G5EU5JlBPdSqZ+H2
JWV+XrLjuQ0X/ln6Z8gUtHvnc+WLKH1WWiX9NYVO/sUffG5lleFmQbTOhPq1OlHF
wrs/pMiRH5maB0ZfP7tSXyJ15Krxx6pH678mfv/aZyVKO+OU5FE=
=5gq/
-----END PGP SIGNATURE-----
Merge tag 'nvme-6.9-2024-05-09' of git://git.infradead.org/nvme into block-6.9
Pull NVMe fixes from Keith:
"nvme fixes for Linux 6.9
- nvme target fixes (Sagi, Dan, Maurizo)
- new vendor quirk for broken MSI (Sean)"
* tag 'nvme-6.9-2024-05-09' of git://git.infradead.org/nvme:
nvmet-rdma: fix possible bad dereference when freeing rsps
nvmet: prevent sprintf() overflow in nvmet_subsys_nsid_exists()
nvmet: make nvmet_wq unbound
nvmet-auth: return the error code to the nvmet_auth_ctrl_hash() callers
nvme-pci: Add quirk for broken MSIs
- pmbus/ucd9000: Increase chip access delay to avoid random access
errors
- corsair-cpro: Protect kernel code against parallel hidraw access
from userspace
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEiHPvMQj9QTOCiqgVyx8mb86fmYEFAmY8/IQACgkQyx8mb86f
mYF5YxAAjdKo6Ch/0LaGvUVsOj7fZaKNWX2YW91nCcJCjO0LsliuXZqRj/v1EDxr
S63ropzUdC+oX8JnYaEpmzK3+KdmrvGQjrwz4zSsD9QIrKDEj2kqZvy6/cnLUvTF
2X5JX1DjDZNiSiR3tQNJR1NIO0JTtMJ6S2qxZgVp77k6CKfxPpG4NYfBw+7bw2w1
l+rV4RaquIeZSQzMfZYoRQfNTIneG1nt4JyjD/RN9zmiFikypRrN9PoQs6MzMj/F
+OjKeXCz11a8rIaJRqKPiRf8uE086qX7TFd7eLKDeP16cCg22CBitIeP95+k8fIZ
grmA/RtCuNicJlpX5fCysYosYtG6kCdbor6VXpOoY5/bmZNjhrirRiIsa6ueYeNr
eGA1PEqUfUR6Ot4ZtdWjkKMLo81WtaJDYtYPusRyOcHSXC/PH6xYLuEIFt5nSA/k
Wvi1yYv/uY9ki3eMSMKI4X59DEnb390lho8OXpk6yHh166AlWmWXVXUw7kVNGvuw
gIjMlMZ4VDvk9sdqhn6ToW5AZKqaRzgti4VmEzjjr8u3GkD9SwO9klN9EuX4IRj7
Rgk7JfH+XkSVZCcp01bb7gHK3PwMEtoOvxO/8aq3j7h144blk5gP22c32eT/uTCx
rIDxF7gtcdQWr6BYz5d1EcZW89kZW8zMtLExAlHGB/dVEHuXWS8=
=sjbz
-----END PGP SIGNATURE-----
Merge tag 'hwmon-for-v6.9-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging
Pull hwmon fixes from Guenter Roeck:
- pmbus/ucd9000: Increase chip access delay to avoid random access
errors
- corsair-cpro: Protect kernel code against parallel hidraw access from
userspace
* tag 'hwmon-for-v6.9-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging:
hwmon: (pmbus/ucd9000) Increase delay from 250 to 500us
hwmon: (corsair-cpro) Protect ccp->wait_input_report with a spinlock
hwmon: (corsair-cpro) Use complete_all() instead of complete() in ccp_raw_event()
hwmon: (corsair-cpro) Use a separate buffer for sending commands
This includes zswpin, zswpout and zswpwb.
Signed-off-by: Usama Arif <usamaarif642@gmail.com>
Acked-by: Nhat Pham <nphamcs@gmail.com>
Acked-by: Johannes Weiner <hannes@cmpxchg.org>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Message-ID: <20240502185307.3942173-2-usamaarif642@gmail.com>
Following the failure observed with a delay of 250us, experiments were
conducted with various delays. It was found that a delay of 350us
effectively mitigated the issue.
To provide a more optimal solution while still allowing a margin for
stability, the delay is being adjusted to 500us.
Signed-off-by: Lakshmi Yadlapati <lakshmiy@us.ibm.com>
Link: https://lore.kernel.org/r/20240507194603.1305750-1-lakshmiy@us.ibm.com
Fixes: 8d655e6523 ("hwmon: (ucd90320) Add minimum delay between bus accesses")
Reviewed-by: Eddie James <eajames@linux.ibm.com>
Cc: stable@vger.kernel.org
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
The bridge patch is actually a follow-up to a recent fix in the same
area. We have a pending v6.8 AF_UNIX regression; it should be solved
soon, but not in time for this PR.
Current release - regressions:
- eth: ks8851: Queue RX packets in IRQ handler instead of disabling BHs
- net: bridge: fix corrupted ethernet header on multicast-to-unicast
Current release - new code bugs:
- xfrm: fix possible bad pointer derferencing in error path
Previous releases - regressionis:
- core: fix out-of-bounds access in ops_init
- ipv6:
- fix potential uninit-value access in __ip6_make_skb()
- fib6_rules: avoid possible NULL dereference in fib6_rule_action()
- tcp: use refcount_inc_not_zero() in tcp_twsk_unique().
- rtnetlink: correct nested IFLA_VF_VLAN_LIST attribute validation
- rxrpc: fix congestion control algorithm
- bluetooth:
- l2cap: fix slab-use-after-free in l2cap_connect()
- msft: fix slab-use-after-free in msft_do_close()
- eth: hns3: fix kernel crash when devlink reload during initialization
- eth: dsa: mv88e6xxx: add phylink_get_caps for the mv88e6320/21 family
Previous releases - always broken:
- xfrm: preserve vlan tags for transport mode software GRO
- tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets
- eth: hns3: keep using user config after hardware reset
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
-----BEGIN PGP SIGNATURE-----
iQJGBAABCAAwFiEEg1AjqC77wbdLX2LbKSR5jcyPE6QFAmY8uHASHHBhYmVuaUBy
ZWRoYXQuY29tAAoJECkkeY3MjxOkedQQAJ4qDwzqUvo+4Ixnn8xQOEeoaqDAfLGR
TBVFgpG72Hd8sT6C92AO2FPOiBkn5D6VL6QsCsOHmoCBmx9opxdM6K+WIuAldlju
0IZ/Z2tML5xE7hdrtpI54iqU4OCbf8M9mJrabHaNetWRwLZruLagvyvpdNNtEoup
nhoVetUYBYmxb3MQ0ez6/zTxvbO1ry7H1xVwbe21hOJszoxuYhLQRx7GBMBm2xn3
g6m0T7H8EhPKaY/eGoPONcRQ3v29PEuqgVWg0imNy3P4KkTOhshW0jg11mXfaZQA
32zwLKecdv1gU8Q3Si0ALMtzL3ZC1Iqo4GOEfpr6Bj5Gu+Jd+enPsRDA2hEtMggD
uh6d9FU4XULZzX5CFEXCoZs0f9N/FNjkDIWUFdHG+0I8pybw+Fbifub76uN1YC5Y
/02WrtlieOy38UG2FW/zTDRqXMwdwY+VhnVVjK42VnVVFCOM3ucXI/wj5uvytk0B
iZIWLKtKrVKuUdSdcFvh+Y4z1rK3SFqT5qJEsjzHkLsoap9sbyJrS+MEDeCxv8c4
RDycwqWdlf1csZFDJ/sIxU9+DvpYY+Zh/ZQgTaU86etWYN7GngSYKFgHSD5F+81X
kQJgmYInUafzButoL3Kc6JYzfjXYVX9MKAWAjtGdhr7wHOzQHF2U4BUTS4TopjYV
BQx1t4dZ4n1F
=qYKQ
-----END PGP SIGNATURE-----
Merge tag 'net-6.9-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
Pull networking fixes from Paolo Abeni:
"Including fixes from bluetooth and IPsec.
The bridge patch is actually a follow-up to a recent fix in the same
area. We have a pending v6.8 AF_UNIX regression; it should be solved
soon, but not in time for this PR.
Current release - regressions:
- eth: ks8851: Queue RX packets in IRQ handler instead of disabling
BHs
- net: bridge: fix corrupted ethernet header on multicast-to-unicast
Current release - new code bugs:
- xfrm: fix possible bad pointer derferencing in error path
Previous releases - regressionis:
- core: fix out-of-bounds access in ops_init
- ipv6:
- fix potential uninit-value access in __ip6_make_skb()
- fib6_rules: avoid possible NULL dereference in fib6_rule_action()
- tcp: use refcount_inc_not_zero() in tcp_twsk_unique().
- rtnetlink: correct nested IFLA_VF_VLAN_LIST attribute validation
- rxrpc: fix congestion control algorithm
- bluetooth:
- l2cap: fix slab-use-after-free in l2cap_connect()
- msft: fix slab-use-after-free in msft_do_close()
- eth: hns3: fix kernel crash when devlink reload during
initialization
- eth: dsa: mv88e6xxx: add phylink_get_caps for the mv88e6320/21
family
Previous releases - always broken:
- xfrm: preserve vlan tags for transport mode software GRO
- tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets
- eth: hns3: keep using user config after hardware reset"
* tag 'net-6.9-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (47 commits)
net: dsa: mv88e6xxx: read cmode on mv88e6320/21 serdes only ports
net: dsa: mv88e6xxx: add phylink_get_caps for the mv88e6320/21 family
net: hns3: fix kernel crash when devlink reload during initialization
net: hns3: fix port vlan filter not disabled issue
net: hns3: use appropriate barrier function after setting a bit value
net: hns3: release PTP resources if pf initialization failed
net: hns3: change type of numa_node_mask as nodemask_t
net: hns3: direct return when receive a unknown mailbox message
net: hns3: using user configure after hardware reset
net/smc: fix neighbour and rtable leak in smc_ib_find_route()
ipv6: prevent NULL dereference in ip6_output()
hsr: Simplify code for announcing HSR nodes timer setup
ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action()
dt-bindings: net: mediatek: remove wrongly added clocks and SerDes
rxrpc: Only transmit one ACK per jumbo packet received
rxrpc: Fix congestion control algorithm
selftests: test_bridge_neigh_suppress.sh: Fix failures due to duplicate MAC
ipv6: Fix potential uninit-value access in __ip6_make_skb()
net: phy: marvell-88q2xxx: add support for Rev B1 and B2
appletalk: Improve handling of broadcast packets
...
Currently, the DesignWare SPI controller driver supports only host mode.
However, spi2 on the Kendryte K210 SoC supports only target mode,
triggering an error message on e.g. SiPEED MAiXBiT since commit
98d75b9ef2 ("spi: dw: Drop default number of CS setting"):
dw_spi_mmio 50240000.spi: error -22: problem registering spi host
dw_spi_mmio 50240000.spi: probe with driver dw_spi_mmio failed with error -22
As spi2 rightfully has no "num-cs" property, num_chipselect is now zero,
causing spi_alloc_host() to fail to register the controller. Before,
the driver silently registered an SPI host controller with 4 chip
selects.
Reject target mode early on and warn the user, getting rid of the
error message.
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Reviewed-by: Damien Le Moal <dlemoal@kernel.org>
Link: https://lore.kernel.org/r/7ae28d83bff7351f34782658ae1bb69cc731693e.1715163113.git.geert+renesas@glider.be
Signed-off-by: Mark Brown <broonie@kernel.org>
Other cgroup policy like bfq, iocost are lazy-initialized when they are
configured for the first time for the device, but blk-throttle is
initialized unconditionally from blkcg_init_disk().
Delay initialization of blk-throttle as well, to save some cpu and
memory overhead if it's not configured.
Noted that once it's initialized, it can't be destroyed until disk
removal, even if it's disabled.
Signed-off-by: Yu Kuai <yukuai3@huawei.com>
Link: https://lore.kernel.org/r/20240509121107.3195568-3-yukuai1@huaweicloud.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
One the one hand, it's marked EXPERIMENTAL since 2017, and looks like
there are no users since then, and no testers and no developers, it's
just not active at all.
On the other hand, even if the config is disabled, there are still many
fields in throtl_grp and throtl_data and many functions that are only
used for throtl low.
At last, currently blk-throtl is initialized during disk initialization,
and destroyed during disk removal, and it exposes many functions to be
called directly from block layer.
Remove throtl low to make code much more cleaner and follow up work much
easier.
Signed-off-by: Yu Kuai <yukuai3@huawei.com>
Acked-by: Tejun Heo <tj@kernel.org>
Link: https://lore.kernel.org/r/20240509121107.3195568-2-yukuai1@huaweicloud.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
- clear stale KASan stack poison when a CPU resumes
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEuNNh8scc2k/wOAE+9OeQG+StrGQFAmY8tf8ACgkQ9OeQG+St
rGRBZg//eI5Nn6PnWQVAJrIDr0/PTiJ7xrE8QlSSn/a2u6fXXUWla3MwGKCj5k51
R6zMdANFwTFHAa8HecPGCganGgjbdY6FgqCOOCka7Ia+Y5nQXhTEQ0cRgMXf40Hc
LT/ylnPAlMhd9zNWn9pgdA8AXm8KfQhQsNIewel9rGRE2E2RU9795ldVMwp3/yqH
3HWXsiQ4bR/EiHD7SewRMPnDaGl+zGdlFEd9eiWtsla+a26/GVMIdikgd/Bjs/Ef
VjndtgnmHw42BuouWEMx9Fqx21EP3aqegkJhlr6fjZ++/0h7sjgc+kXwyWlxbp7e
3WW+Nz+V1YgJ3+UIVcyZj2cxNh3AoSxXdstUq86wOaBp647qA4IBI8PD0j7yqIeT
qYlHaQG7IKOsZhRwSBaV60h3ZISPL9q4rmtN/thBOHXb+xduVc2irfcPIlmg9VKI
j/+E3DNpwME8j3TWD1lk6fTueQhamkn0HV6F9DHSY0PpFtVSpYn0X5M+7AwVMUfz
BFBuU7IuP5wR8fr5jin4gX/L1i9kAaflO80B8dm3deQ6JAgD6mU/+tn+fjxqLgFX
HkPePFUbimQIpDnOShhrqtBtI3+ndxVRiBZkrOhYK3ia6utPqq5Q3i+hIH6acMb9
jr0s5gn2AZB+KcwGPFanj9aeOlIoz3iKvufZ2eiu/RbtkgxeInI=
=qmWM
-----END PGP SIGNATURE-----
Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rmk/linux
Pull ARM fix from Russell King:
- clear stale KASan stack poison when a CPU resumes
* tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rmk/linux:
ARM: 9381/1: kasan: clear stale stack poison
D1 contains two pairs of LDOs, "analog" LDOs and "system" LDOs. They are
similar and can share a driver, but only the system LDOs have a DT
binding defined so far.
The system LDOs have a single linear range. The voltage step is not an
integer, so a custom .list_voltage is needed to get the rounding right.
Signed-off-by: Samuel Holland <samuel@sholland.org>
Reviewed-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Jernej Skrabec <jernej.skrabec@gmail.com>
Signed-off-by: Chen-Yu Tsai <wens@csie.org>
Link: https://lore.kernel.org/r/20240509153107.438220-3-wens@kernel.org
Signed-off-by: Mark Brown <broonie@kernel.org>
The Allwinner D1 SoC contains two pairs of in-package LDOs. The pair of
"system" LDOs is for general purpose use. LDOA generally powers the
board's 1.8 V rail. LDOB powers the in-package DRAM, where applicable.
Reviewed-by: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org>
Signed-off-by: Samuel Holland <samuel@sholland.org>
Signed-off-by: Chen-Yu Tsai <wens@csie.org>
Link: https://lore.kernel.org/r/20240509153107.438220-2-wens@kernel.org
Signed-off-by: Mark Brown <broonie@kernel.org>
regulator_get() may sometimes be called more than once for the same
consumer device, something which before commit dbe954d8f1 ("regulator:
core: Avoid debugfs: Directory ... already present! error") resulted in
errors being logged.
A couple of recent commits broke the handling of such cases so that
attributes are now erroneously created in the debugfs root directory the
second time a regulator is requested and the log is filled with errors
like:
debugfs: File 'uA_load' in directory '/' already present!
debugfs: File 'min_uV' in directory '/' already present!
debugfs: File 'max_uV' in directory '/' already present!
debugfs: File 'constraint_flags' in directory '/' already present!
on any further calls.
Fixes: 2715bb11cf ("regulator: core: Fix more error checking for debugfs_create_dir()")
Fixes: 08880713ce ("regulator: core: Streamline debugfs operations")
Cc: stable@vger.kernel.org
Cc: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Johan Hovold <johan+linaro@kernel.org>
Link: https://lore.kernel.org/r/20240509133304.8883-1-johan+linaro@kernel.org
Signed-off-by: Mark Brown <broonie@kernel.org>
-----BEGIN PGP SIGNATURE-----
iHUEABYIAB0WIQQqUNBr3gm4hGXdBJlZ7Krx/gZQ6wUCZjwicQAKCRBZ7Krx/gZQ
67WgAP4iDssAVApazVvOUecQBtOd6xBvQUf1k3acMKa03hcdwAEAmM8qN0MpYUkz
MyVA6oRvC8selaWh62eXamWBgjc1Rwo=
=jLRy
-----END PGP SIGNATURE-----
Merge tag 'pull-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
Pull dentry leak fix from Al Viro:
"Dentry leak fix in the qibfs driver that I forgot to send a pull
request for ;-/
My apologies - it actually sat in vfs.git#fixes for more than two
months..."
* tag 'pull-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
qibfs: fix dentry leak
Update the documentation for trusted and encrypted KEYS with DCP as new
trust source:
- Describe security properties of DCP trust source
- Describe key usage
- Document blob format
Co-developed-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
Co-developed-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: David Gstir <david@sigma-star.at>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Reviewed-by: Bagas Sanjaya <bagasdotme@gmail.com>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Document the kernel parameters trusted.dcp_use_otp_key
and trusted.dcp_skip_zk_test for DCP-backed trusted keys.
Co-developed-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
Co-developed-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: David Gstir <david@sigma-star.at>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
This covers trusted keys backed by NXP's DCP (Data Co-Processor) chip
found in smaller i.MX SoCs.
Signed-off-by: David Gstir <david@sigma-star.at>
Acked-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
DCP (Data Co-Processor) is the little brother of NXP's CAAM IP.
Beside of accelerated crypto operations, it also offers support for
hardware-bound keys. Using this feature it is possible to implement a blob
mechanism similar to what CAAM offers. Unlike on CAAM, constructing and
parsing the blob has to happen in software (i.e. the kernel).
The software-based blob format used by DCP trusted keys encrypts
the payload using AES-128-GCM with a freshly generated random key and nonce.
The random key itself is AES-128-ECB encrypted using the DCP unique
or OTP key.
The DCP trusted key blob format is:
/*
* struct dcp_blob_fmt - DCP BLOB format.
*
* @fmt_version: Format version, currently being %1
* @blob_key: Random AES 128 key which is used to encrypt @payload,
* @blob_key itself is encrypted with OTP or UNIQUE device key in
* AES-128-ECB mode by DCP.
* @nonce: Random nonce used for @payload encryption.
* @payload_len: Length of the plain text @payload.
* @payload: The payload itself, encrypted using AES-128-GCM and @blob_key,
* GCM auth tag of size AES_BLOCK_SIZE is attached at the end of it.
*
* The total size of a DCP BLOB is sizeof(struct dcp_blob_fmt) + @payload_len +
* AES_BLOCK_SIZE.
*/
struct dcp_blob_fmt {
__u8 fmt_version;
__u8 blob_key[AES_KEYSIZE_128];
__u8 nonce[AES_KEYSIZE_128];
__le32 payload_len;
__u8 payload[];
} __packed;
By default the unique key is used. It is also possible to use the
OTP key. While the unique key should be unique it is not documented how
this key is derived. Therefore selection the OTP key is supported as
well via the use_otp_key module parameter.
Co-developed-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
Co-developed-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: David Gstir <david@sigma-star.at>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Enabling trusted keys requires at least one trust source implementation
(currently TPM, TEE or CAAM) to be enabled. Currently, this is
done by checking each trust source's config option individually.
This does not scale when more trust sources like the one for DCP
are added, because the condition will get long and hard to read.
Add config HAVE_TRUSTED_KEYS which is set to true by each trust source
once its enabled and adapt the check for having at least one active trust
source to use this option. Whenever a new trust source is added, it now
needs to select HAVE_TRUSTED_KEYS.
Signed-off-by: David Gstir <david@sigma-star.at>
Tested-by: Jarkko Sakkinen <jarkko@kernel.org> # for TRUSTED_KEYS_TPM
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
DCP (Data Co-Processor) is able to derive private keys for a fused
random seed, which can be referenced by handle but not accessed by
the CPU. Similarly, DCP is able to store arbitrary keys in four
dedicated key slots located in its secure memory area (internal SRAM).
These keys can be used to perform AES encryption.
Expose these derived keys and key slots through the crypto API via their
handle. The main purpose is to add DCP-backed trusted keys. Other
use cases are possible too (see similar existing paes implementations),
but these should carefully be evaluated as e.g. enabling AF_ALG will
give userspace full access to use keys. In scenarios with untrustworthy
userspace, this will enable en-/decryption oracles.
Co-developed-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
Co-developed-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: David Gstir <david@sigma-star.at>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
* for-next/misc:
arm64: simplify arch_static_branch/_jump function
arm64: Add the arm64.no32bit_el0 command line option
arm64: defer clearing DAIF.D
arm64: assembler: update stale comment for disable_step_tsk
arm64/sysreg: Update PIE permission encodings
arm64: Add Neoverse-V2 part
arm64: Remove unnecessary irqflags alternative.h include
The recent change to use pud_valid() as part of the implementation of
pud_user_accessible_page() fails to build when PGTABLE_LEVELS <= 2
because pud_valid() is not defined in that case.
Fix this by defining pud_valid() to false for this case. This means that
pud_user_accessible_page() will correctly always return false for this
config.
Fixes: f0f5863a0f ("arm64/mm: Remove PTE_PROT_NONE bit")
Reported-by: kernel test robot <lkp@intel.com>
Closes: https://lore.kernel.org/oe-kbuild-all/202405082221.43rfWxz5-lkp@intel.com/
Signed-off-by: Ryan Roberts <ryan.roberts@arm.com>
Link: https://lore.kernel.org/r/20240509122844.563320-1-ryan.roberts@arm.com
Signed-off-by: Will Deacon <will@kernel.org>
System work queues are shared, use a dedicated work queue for G2H
processing to avoid G2H processing getting block behind system tasks.
Fixes: dd08ebf6c3 ("drm/xe: Introduce a new DRM driver for Intel GPUs")
Cc: <stable@vger.kernel.org>
Signed-off-by: Matthew Brost <matthew.brost@intel.com>
Reviewed-by: Francois Dugast <francois.dugast@intel.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20240506034758.3697397-1-matthew.brost@intel.com
(cherry picked from commit 50aec9665e)
Signed-off-by: Lucas De Marchi <lucas.demarchi@intel.com>
The initialization via drmm_mutex_init can fail, so we need to check the
return code and escalate the failure.
The mutex initialization has been moved after all the other init steps
that can't fail, so we're always guaranteed to have those done and don't
have to check in the cleanup code.
Signed-off-by: Daniele Ceraolo Spurio <daniele.ceraolospurio@intel.com>
Reviewed-by: Vinay Belgaumkar <vinay.belgaumkar@intel.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20240321195512.274210-1-daniele.ceraolospurio@intel.com
(cherry picked from commit b4abeb5545)
Signed-off-by: Lucas De Marchi <lucas.demarchi@intel.com>
The use-after-free issue occurs as follows: when the GPIO chip device file
is being closed by invoking gpio_chrdev_release(), watched_lines is freed
by bitmap_free(), but the unregistration of lineinfo_changed_nb notifier
chain failed due to waiting write rwsem. Additionally, one of the GPIO
chip's lines is also in the release process and holds the notifier chain's
read rwsem. Consequently, a race condition leads to the use-after-free of
watched_lines.
Here is the typical stack when issue happened:
[free]
gpio_chrdev_release()
--> bitmap_free(cdev->watched_lines) <-- freed
--> blocking_notifier_chain_unregister()
--> down_write(&nh->rwsem) <-- waiting rwsem
--> __down_write_common()
--> rwsem_down_write_slowpath()
--> schedule_preempt_disabled()
--> schedule()
[use]
st54spi_gpio_dev_release()
--> gpio_free()
--> gpiod_free()
--> gpiod_free_commit()
--> gpiod_line_state_notify()
--> blocking_notifier_call_chain()
--> down_read(&nh->rwsem); <-- held rwsem
--> notifier_call_chain()
--> lineinfo_changed_notify()
--> test_bit(xxxx, cdev->watched_lines) <-- use after free
The side effect of the use-after-free issue is that a GPIO line event is
being generated for userspace where it shouldn't. However, since the chrdev
is being closed, userspace won't have the chance to read that event anyway.
To fix the issue, call the bitmap_free() function after the unregistration
of lineinfo_changed_nb notifier chain.
Fixes: 51c1064e82 ("gpiolib: add new ioctl() for monitoring changes in line info")
Signed-off-by: Zhongqiu Han <quic_zhonhan@quicinc.com>
Link: https://lore.kernel.org/r/20240505141156.2944912-1-quic_zhonhan@quicinc.com
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org>
util means the percentage that disk has IO, and theoretically it should
not be greater than 100%. However, there is a gap for rq-based disk:
io_ticks will be updated when rq is allocated, however, before such rq
dispatch to driver, it will not be account as inflight from
blk_mq_start_request() hence diskstats_show()/part_stat_show() will not
update io_ticks. For example:
1) at t0, issue a new IO, rq is allocated, and blk_account_io_start()
update io_ticks;
2) something is wrong with drivers, and the rq can't be dispatched;
3) at t0 + 10s, drivers recovers and rq is dispatched and done, io_ticks
is updated;
Then if user is using "iostat 1" to monitor "util", between t0 - t0+9s,
util will be zero, and between t0+9s - t0+10s, util will be 1000%.
Fix this problem by updating io_ticks from diskstats_show() and
part_stat_show() if there are rq allocated.
Signed-off-by: Yu Kuai <yukuai3@huawei.com>
Link: https://lore.kernel.org/r/20240509123717.3223892-3-yukuai1@huaweicloud.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Currently, io_ticks is accounted based on sampling, specifically
update_io_ticks() will always account io_ticks by 1 jiffies from
bdev_start_io_acct()/blk_account_io_start(), and the result can be
inaccurate, for example(HZ is 250):
Test script:
fio -filename=/dev/sda -bs=4k -rw=write -direct=1 -name=test -thinktime=4ms
Test result: util is about 90%, while the disk is really idle.
This behaviour is introduced by commit 5b18b5a737 ("block: delete
part_round_stats and switch to less precise counting"), however, there
was a key point that is missed that this patch also improve performance
a lot:
Before the commit:
part_round_stats:
if (part->stamp != now)
stats |= 1;
part_in_flight()
-> there can be lots of task here in 1 jiffies.
part_round_stats_single()
__part_stat_add()
part->stamp = now;
After the commit:
update_io_ticks:
stamp = part->bd_stamp;
if (time_after(now, stamp))
if (try_cmpxchg())
__part_stat_add()
-> only one task can reach here in 1 jiffies.
Hence in order to account io_ticks precisely, we only need to know if
there are IO inflight at most once in one jiffies. Noted that for
rq-based device, iterating tags should not be used here because
'tags->lock' is grabbed in blk_mq_find_and_get_req(), hence
part_stat_lock_inc/dec() and part_in_flight() is used to trace inflight.
The additional overhead is quite little:
- per cpu add/dec for each IO for rq-based device;
- per cpu sum for each jiffies;
And it's verified by null-blk that there are no performance degration
under heavy IO pressure.
Fixes: 5b18b5a737 ("block: delete part_round_stats and switch to less precise counting")
Signed-off-by: Yu Kuai <yukuai3@huawei.com>
Link: https://lore.kernel.org/r/20240509123717.3223892-2-yukuai1@huaweicloud.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
So that if caller didn't use plug, for example, __blkdev_direct_IO_simple()
and __blkdev_direct_IO_async(), block layer can still benefit from caching
nsec time in the plug.
Signed-off-by: Yu Kuai <yukuai3@huawei.com>
Link: https://lore.kernel.org/r/20240509123825.3225207-1-yukuai1@huaweicloud.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
The expiry time of a key is unconditionally overwritten during
instantiation, defaulting to turn it permanent. This causes a problem
for DNS resolution as the expiration set by user-space is overwritten to
TIME64_MAX, disabling further DNS updates. Fix this by restoring the
condition that key_set_expiry is only called when the pre-parser sets a
specific expiry.
Fixes: 39299bdd25 ("keys, dns: Allow key types (eg. DNS) to be reclaimed immediately on expiry")
Signed-off-by: Silvio Gissi <sifonsec@amazon.com>
cc: David Howells <dhowells@redhat.com>
cc: Hazem Mohamed Abuelfotoh <abuehaze@amazon.com>
cc: linux-afs@lists.infradead.org
cc: linux-cifs@vger.kernel.org
cc: keyrings@vger.kernel.org
cc: netdev@vger.kernel.org
cc: stable@vger.kernel.org
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Delaying key quotas update when key's refcount reaches 0 in key_put() has
been causing some issues in fscrypt testing, specifically in fstest
generic/581. This commit fixes this test flakiness by dealing with the
quotas immediately, and leaving all the other clean-ups to the key garbage
collector.
This is done by moving the updates to the qnkeys and qnbytes fields in
struct key_user from key_gc_unused_keys() into key_put(). Unfortunately,
this also means that we need to switch to the irq-version of the spinlock
that protects these fields and use spin_lock_{irqsave,irqrestore} in all
the code that touches these fields.
Signed-off-by: Luis Henriques <lhenriques@suse.de>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Acked-by: David Howells <dhowells@redhat.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@kernel.org>
