Commit Graph

634638 Commits

Author SHA1 Message Date
Jarkko Sakkinen
cd9b7631a8 tpm: replace dynamically allocated bios_dir with a static array
This commit is based on a commit by Nayna Jain. Replaced dynamically
allocated bios_dir with a static array as the size is always constant.

Suggested-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
2016-11-28 01:31:31 +02:00
Nayna Jain
b1a9b7b602 tpm: replace symbolic permission with octal for securityfs files
checkpatch.pl flags warning for symbolic permissions and suggests
to replace with octal value.

This patch changes securityfs pseudo files permission
to octal values in tpm_bios_log_setup().

Signed-off-by: Nayna Jain <nayna@linux.vnet.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
2016-11-28 01:31:31 +02:00
Baruch Siach
cbef69a9e1 char: tpm: fix kerneldoc tpm2_unseal_trusted name typo
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
2016-11-28 01:31:31 +02:00
Jason Gunthorpe
420d439849 tpm_tis: Allow tpm_tis to be bound using DT
This provides an open firwmare driver binding for tpm_tis. OF
is useful on arches where ACPI/PNP is not used.

The tcg,tpm-tis-mmio register map interface is specified by the TCG.

Reviewed-by: Rob Herring <robh@kernel.org>
Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
2016-11-28 01:31:31 +02:00
Jarkko Sakkinen
7ea7861c8c tpm, tpm_vtpm_proxy: add kdoc comments for VTPM_PROXY_IOC_NEW_DEV
Added kdoc comments for VTPM_PROXY_IOC_NEW_DEV so that these can be
imported to the kernel documentation written with rst markup and
generated with Sphinx.

Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2016-11-28 01:31:31 +02:00
Stefan Berger
6804f6bba0 tpm: Only call pm_runtime_get_sync if device has a parent
Only call pm_runtime_get_sync if the device has a parent. This
change fixes a crash in the tpm_vtpm_proxy driver since that
driver does not have a parent device.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
2016-11-28 01:31:31 +02:00
Nayna Jain
2528a64664 tpm: define a generic open() method for ascii & bios measurements
open() method for event log ascii and binary bios measurements file
operations are very similar. This patch refactors the code into a
single open() call by passing seq_operations as i_node->private data.

Suggested-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Signed-off-by: Nayna Jain <nayna@linux.vnet.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
2016-11-28 01:31:31 +02:00
Nayna Jain
f45aac38c8 Documentation: tpm: add the Physical TPM device tree binding documentation
Newly added support of TPM 2.0 eventlog securityfs pseudo files in tpm
device driver consumes device tree bindings representing I2C based
Physical TPM. This patch adds the documentation for corresponding device
tree bindings of I2C based Physical TPM. These bindings are similar to
vtpm device tree bindings being used on IBM Power7+ and Power8 Systems
running PowerVM.

Suggested-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Signed-off-by: Nayna Jain <nayna@linux.vnet.ibm.com>
Acked-by: Rob Herring <robh@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
2016-11-28 01:31:31 +02:00
Nayna Jain
82003e0487 Documentation: tpm: add the IBM Virtual TPM device tree binding documentation
Virtual TPM, which is being used on IBM POWER7+ and POWER8 systems running
POWERVM, is currently supported by tpm device driver but lacks the
documentation. This patch adds the missing documentation for the existing
support.

Suggested-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Signed-off-by: Nayna Jain <nayna@linux.vnet.ibm.com>
Acked-by: Rob Herring <robh@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
2016-11-28 01:31:31 +02:00
Jason Gunthorpe
1a277e674b tpm: Get rid of TPM_CHIP_FLAG_REGISTERED
This is no longer necessary, all calls to tpm_chip_unregister happen
in remove() callbacks.

Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Reviewed-by: Tomas Winkler <tomas.winkler@intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
2016-11-28 01:31:31 +02:00
Jason Gunthorpe
1f0f30e404 tpm xen: Remove bogus tpm_chip_unregister
tpm_chip_unregister can only be called after tpm_chip_register.
devm manages the allocation so no unwind is needed here.

Cc: stable@vger.kernel.org
Fixes: afb5abc262 ("tpm: two-phase chip management functions")
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
2016-11-28 01:31:30 +02:00
Jason Gunthorpe
d1d253cff7 tpm tis: Do not print timeout messages twice
The tis driver does a tpm_get_timeouts out side of tpm_chip_register,
and tpm_get_timeouts can print a message, resulting in two prints, eg:

 tpm tpm0: [Hardware Error]: Adjusting reported timeouts: A 10000->750000us B 10000->2000000us C 10000->750000us D 10000->750000us

Keep track and prevent tpm_get_timeouts from running a second time, and
clarify the purpose of the call in tpm_tis_core to only be connected to
irq testing.

Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
2016-11-28 01:31:30 +02:00
Josh Zimmerman
26a137e31f tpm_tis: Check return values from get_burstcount.
If the TPM we're connecting to uses a static burst count, it will report
a burst count of zero throughout the response read. However, get_burstcount
assumes that a response of zero indicates that the TPM is not ready to
receive more data. In this case, it returns a negative error code, which
is passed on to tpm_tis_{write,read}_bytes as a u16, causing
them to read/write far too many bytes.

This patch checks for negative return codes and bails out from recv_data
and tpm_tis_send_data.

Cc: stable@vger.kernel.org
Fixes: 1107d065fd (tpm_tis: Introduce intermediate layer for TPM access)
Signed-off-by: Josh Zimmerman <joshz@google.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
2016-11-28 01:31:30 +02:00
Winkler, Tomas
ca6d458022 tpm: place kdoc just above tpm_pcr_extend
Place kdoc just above tpm_pcr_extend so it can be parsed correctly.

Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
2016-11-28 01:31:30 +02:00
Jarkko Sakkinen
84fda15286 tpm: sanitize constant expressions
Use cpu_to_b32 at the time it is needed in enum tpm_capabilities and
enum tpm_sub_capabilities in order to be consistent with the other
enums in drivats/char/tpm/tpm.h.

Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
2016-11-28 01:31:30 +02:00
Ed Swierk
aaa6f7f6c8 tpm: Clean up reading of timeout and duration capabilities
Call tpm_getcap() from tpm_get_timeouts() to eliminate redundant
code. Return all errors to the caller rather than swallowing them
(e.g. when tpm_transmit_cmd() returns nonzero).

Signed-off-by: Ed Swierk <eswierk@skyportsystems.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
2016-11-28 01:31:30 +02:00
Peter Huewe
2c97f6f20c char/tpm: Check return code of wait_for_tpm_stat
In some weird cases it might be possible that the TPM does not set
STS.VALID within the given timeout time (or ever) but sets STS.EXPECT
(STS=0x0C) In this case the driver gets stuck in the while loop of
tpm_tis_send_data and loops endlessly.

Checking the return value of wait_for_tpm_stat fixes this and the driver
bails out correctly.  While at it fixing all other users since if the
TPM does not manage to set STS.VALID within the reasonable timeframe
something is definitely wrong and the driver should react correctly.

Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
2016-11-28 01:31:30 +02:00
Winkler, Tomas
e74f2f76c1 tmp/tpm_crb: implement runtime pm for tpm_crb
Utilize runtime_pm for driving tpm crb idle states.
The framework calls cmd_ready from the pm_runtime_resume handler
and go idle from the pm_runtime_suspend handler.
The TPM framework should wake the device before transmit and receive.
In case the runtime_pm framework is not compiled in or enabled, the device
will be in the permanent ready state.

Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
2016-11-28 01:31:30 +02:00
Winkler, Tomas
c58bd34cec tpm/tpm_crb: open code the crb_init into acpi_add
This is preparation step for implementing tpm crb
runtime pm. We need to have tpm chip allocated
and populated before we access the runtime handlers.

Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
2016-11-28 01:31:30 +02:00
Winkler, Tomas
bc33c5df71 tmp/tpm_crb: fix Intel PTT hw bug during idle state
There is a HW bug in Skylake, and Broxton PCH Intel PTT device, where
most of the registers in the control area except START, REQUEST, CANCEL,
and LOC_CTRL lost retention when the device is in the idle state. Hence
we need to bring the device to ready state before accessing the other
registers. The fix brings device to ready state before trying to read
command and response buffer addresses in order to remap the for access.

Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinn@linux.intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinn@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
2016-11-28 01:31:29 +02:00
Winkler, Tomas
ba5287b6ef tpm/tpm_crb: implement tpm crb idle state
The register TPM_CRB_CTRL_REQ_x contains bits goIdle and cmdReady for
SW to indicate that the device can enter or should exit the idle state.

The legacy ACPI-start (SMI + DMA) based devices do not support these
bits and the idle state management is not exposed to the host SW.
Thus, this functionality only is enabled only for a CRB start (MMIO)
based devices.

Based on Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
original patch:
'tpm_crb: implement power tpm crb power management'

To keep the implementation local to the hw we don't use wait_for_tpm_stat
for polling the TPM_CRB_CTRL_REQ.

[jarkko.sakkinen@linux.intel.com: removed cmdReady debug trace on a
 success case due the heavy amount of log traffic it causes.]

Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
2016-11-28 01:31:29 +02:00
James Morris
0821e30cd2 Merge branch 'stable-4.10' of git://git.infradead.org/users/pcmoore/selinux into next 2016-11-24 11:21:25 +11:00
James Morris
b075361e91 Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity into next 2016-11-23 09:52:11 +11:00
Andreas Gruenbacher
9287aed2ad selinux: Convert isec->lock into a spinlock
Convert isec->lock from a mutex into a spinlock.  Instead of holding
the lock while sleeping in inode_doinit_with_dentry, set
isec->initialized to LABEL_PENDING and release the lock.  Then, when
the sid has been determined, re-acquire the lock.  If isec->initialized
is still set to LABEL_PENDING, set isec->sid; otherwise, the sid has
been set by another task (LABEL_INITIALIZED) or invalidated
(LABEL_INVALID) in the meantime.

This fixes a deadlock on gfs2 where

 * one task is in inode_doinit_with_dentry -> gfs2_getxattr, holds
   isec->lock, and tries to acquire the inode's glock, and

 * another task is in do_xmote -> inode_go_inval ->
   selinux_inode_invalidate_secctx, holds the inode's glock, and
   tries to acquire isec->lock.

Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
[PM: minor tweaks to keep checkpatch.pl happy]
Signed-off-by: Paul Moore <paul@paul-moore.com>
2016-11-22 17:44:02 -05:00
James Morris
636e4625ad Merge remote branch 'smack/smack-for-4.10' into next 2016-11-22 22:15:30 +11:00
Stephen Smalley
3322d0d64f selinux: keep SELinux in sync with new capability definitions
When a new capability is defined, SELinux needs to be updated.
Trigger a build error if a new capability is defined without
corresponding update to security/selinux/include/classmap.h's
COMMON_CAP2_PERMS.  This is similar to BUILD_BUG_ON() guards
in the SELinux nlmsgtab code to ensure that SELinux tracks
new netlink message types as needed.

Note that there is already a similar build guard in
security/selinux/hooks.c to detect when more than 64
capabilities are defined, since that will require adding
a third capability class to SELinux.

A nicer way to do this would be to extend scripts/selinux/genheaders
or a similar tool to auto-generate the necessary definitions and code
for SELinux capability checking from include/uapi/linux/capability.h.
AppArmor does something similar in its Makefile, although it only
needs to generate a single table of names.  That is left as future
work.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
[PM: reformat the description to keep checkpatch.pl happy]
Signed-off-by: Paul Moore <paul@paul-moore.com>
2016-11-21 15:37:24 -05:00
Stephen Smalley
ea49d10eee selinux: normalize input to /sys/fs/selinux/enforce
At present, one can write any signed integer value to
/sys/fs/selinux/enforce and it will be stored,
e.g. echo -1 > /sys/fs/selinux/enforce or echo 2 >
/sys/fs/selinux/enforce. This makes no real difference
to the kernel, since it only ever cares if it is zero or non-zero,
but some userspace code compares it with 1 to decide if SELinux
is enforcing, and this could confuse it. Only a process that is
already root and is allowed the setenforce permission in SELinux
policy can write to /sys/fs/selinux/enforce, so this is not considered
to be a security issue, but it should be fixed.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <paul@paul-moore.com>
2016-11-20 17:13:19 -05:00
Casey Schaufler
152f91d4d1 Smack: Remove unnecessary smack_known_invalid
The invalid Smack label ("") and the Huh ("?") Smack label
serve the same purpose and having both is unnecessary.
While pulling out the invalid label it became clear that
the use of smack_from_secid() was inconsistent, so that
is repaired. The setting of inode labels to the invalid
label could never happen in a functional system, has
never been observed in the wild and is not what you'd
really want for a failure behavior in any case. That is
removed.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
2016-11-15 09:34:39 -08:00
Tetsuo Handa
8c15d66e42 Smack: Use GFP_KERNEL for smack_parse_opts_str().
Since smack_parse_opts_str() is calling match_strdup() which uses
GFP_KERNEL, it is safe to use GFP_KERNEL from kcalloc() which is
called by smack_parse_opts_str().

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
2016-11-14 12:55:11 -08:00
Andreas Gruenbacher
13457d073c selinux: Clean up initialization of isec->sclass
Now that isec->initialized == LABEL_INITIALIZED implies that
isec->sclass is valid, skip such inodes immediately in
inode_doinit_with_dentry.

For the remaining inodes, initialize isec->sclass at the beginning of
inode_doinit_with_dentry to simplify the code.

Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
2016-11-14 15:53:04 -05:00
Andreas Gruenbacher
db978da8fa proc: Pass file mode to proc_pid_make_inode
Pass the file mode of the proc inode to be created to
proc_pid_make_inode.  In proc_pid_make_inode, initialize inode->i_mode
before calling security_task_to_inode.  This allows selinux to set
isec->sclass right away without introducing "half-initialized" inode
security structs.

Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
2016-11-14 15:39:48 -05:00
Andreas Gruenbacher
420591128c selinux: Minor cleanups
Fix the comment for function __inode_security_revalidate, which returns
an integer.

Use the LABEL_* constants consistently for isec->initialized.

Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
2016-11-14 15:25:07 -05:00
Tetsuo Handa
8931c3bdb3 SELinux: Use GFP_KERNEL for selinux_parse_opts_str().
Since selinux_parse_opts_str() is calling match_strdup() which uses
GFP_KERNEL, it is safe to use GFP_KERNEL from kcalloc() which is
called by selinux_parse_opts_str().

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Paul Moore <paul@paul-moore.com>
2016-11-14 15:03:38 -05:00
Seth Forshee
b4bfec7f4a security/integrity: Harden against malformed xattrs
In general the handling of IMA/EVM xattrs is good, but I found
a few locations where either the xattr size or the value of the
type field in the xattr are not checked. Add a few simple checks
to these locations to prevent malformed or malicious xattrs from
causing problems.

Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
2016-11-13 22:50:11 -05:00
Baruch Siach
5465d02a49 Doc: security: keys-trusted: drop duplicate blobauth entry
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
2016-11-13 22:50:10 -05:00
Mimi Zohar
064be15c52 ima: include the reason for TPM-bypass mode
This patch includes the reason for going into TPM-bypass mode
and not using the TPM.

Signed-off-by: Mimi Zohar (zohar@linux.vnet.ibm>
2016-11-13 22:50:09 -05:00
Mimi Zohar
f5acb3dcba Revert "ima: limit file hash setting by user to fix and log modes"
Userspace applications have been modified to write security xattrs,
but they are not context aware.  In the case of security.ima, the
security xattr can be either a file hash or a file signature.
Permitting writing one, but not the other requires the application to
be context aware.

In addition, userspace applications might write files to a staging
area, which might not be in policy, and then change some file metadata
(eg. owner) making it in policy.  As a result, these files are not
labeled properly.

This reverts commit c68ed80c97, which
prevents writing file hashes as security.ima xattrs.

Requested-by: Patrick Ohly <patrick.ohly@intel.com>
Cc: Dmitry Kasatkin <dmitry.kasatkin@gmail.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
2016-11-13 22:50:09 -05:00
Eric Richter
9a11a18902 ima: fix memory leak in ima_release_policy
When the "policy" securityfs file is opened for read, it is opened as a
sequential file. However, when it is eventually released, there is no
cleanup for the sequential file, therefore some memory is leaked.

This patch adds a call to seq_release() in ima_release_policy() to clean up
the memory when the file is opened for read.

Fixes: 80eae209d6 IMA: allow reading back the current policy
Reported-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Eric Richter <erichte@linux.vnet.ibm.com>
Tested-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
2016-11-13 22:50:08 -05:00
James Morris
185c0f26c0 Merge commit 'v4.9-rc5' into next 2016-11-14 09:34:01 +11:00
Linus Torvalds
a25f0944ba Linux 4.9-rc5 2016-11-13 10:32:32 -08:00
Linus Torvalds
e234832afb ARM fixes. There are a couple pending x86 patches but they'll have to
wait for next week.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQExBAABCAAbBQJYJvAXFBxwYm9uemluaUByZWRoYXQuY29tAAoJEL/70l94x66D
 ztUH/3DZVYkVYUea+Sk1mBnLaK5cbEJMGtxV/NsAqwz8rYB981cB5Iqw0+f2HX2G
 LWLc0cf/kyUH+6TrFxQFyXLsBvV7xku2YwJdoiRutpR50767qPFPaPUBHcxCYPYR
 MI4VSXb1hW0c4rd8409HesKv5qc5BiYjdWKPMu+f1LUF2CED+Xq4SWHVg+CwSE8i
 UInvFUlj/ejQlSdxN2piv87SRcMuO+4nzP+JbtyN7onvtLIah6JfvHhlOO6em+0c
 KX1G3qQ6fth6jewTdOPUB1Tx8CoEAZ+YLieRQA19vGHVI4eIhofDgtSaPZJmu9G7
 0kjbrlqAuViTEsRl7Dx8zT8OpBM=
 =N6w9
 -----END PGP SIGNATURE-----

Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm

Pull KVM fixes from Paolo Bonzini:
 "ARM fixes.  There are a couple pending x86 patches but they'll have to
  wait for next week"

* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
  KVM: arm/arm64: vgic: Kick VCPUs when queueing already pending IRQs
  KVM: arm/arm64: vgic: Prevent access to invalid SPIs
  arm/arm64: KVM: Perform local TLB invalidation when multiplexing vcpus on a single CPU
2016-11-13 10:28:53 -08:00
Linus Torvalds
e861d890c0 Merge branch 'media-fixes' (patches from Mauro)
Merge media fixes from Mauro Carvalho Chehab:
 "This contains two patches fixing problems with my patch series meant
  to make USB drivers to work again after the DMA on stack changes.

  The last patch on this series is actually not related to DMA on stack.
  It solves a longstanding bug affecting module unload, causing
  module_put() to be called twice. It was reported by the user who
  reported and tested the issues with the gp8psk driver with the DMA
  fixup patches. As we're late at -rc cycle, maybe you prefer to not
  apply it right now. If this is the case, I'll add to the pile of
  patches for 4.10.

  Exceptionally this time, I'm sending the patches via e-mail, because
  I'm on another trip, and won't be able to use the usual procedure
  until Monday. Also, it is only three patches, and you followed already
  the discussions about the first one"

* emailed patches from Mauro Carvalho Chehab <mchehab@osg.samsung.com>:
  gp8psk: Fix DVB frontend attach
  gp8psk: fix gp8psk_usb_in_op() logic
  dvb-usb: move data_mutex to struct dvb_usb_device
2016-11-13 10:26:05 -08:00
Linus Torvalds
acb57b7548 char/misc fixes for 4.9-rc5
Here are three small driver fixes for some reported issues for 4.9-rc5.
 One for the hyper-v subsystem, fixing up a naming issue that showed up
 in 4.9-rc1, one mei driver fix, and one fix for parallel ports,
 resolving a reported regression.
 
 All have been in linux-next with no reported issues.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 
 iFYEABECABYFAlgoKqEPHGdyZWdAa3JvYWguY29tAAoJEDFH1A3bLfspfrQAn1Iu
 P/DG1uz25y0AXp9GiOC93ONmAJwPMbzE0HYqDiq6Ldb0btP2KeFQKQ==
 =rLdD
 -----END PGP SIGNATURE-----

Merge tag 'char-misc-4.9-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc

Pull char/misc fixes from Greg KH:
 "Here are three small driver fixes for some reported issues for
  4.9-rc5.

  One for the hyper-v subsystem, fixing up a naming issue that showed up
  in 4.9-rc1, one mei driver fix, and one fix for parallel ports,
  resolving a reported regression.

  All have been in linux-next with no reported issues"

* tag 'char-misc-4.9-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc:
  ppdev: fix double-free of pp->pdev->name
  vmbus: make sysfs names consistent with PCI
  mei: bus: fix received data size check in NFC fixup
2016-11-13 10:24:08 -08:00
Linus Torvalds
cf2b191cba driver core fixes for 4.9-rc5
Here are two driver core fixes for 4.9-rc5.
 
 The first resolves an issue with some drivers not liking to be unbound
 and bound again (if CONFIG_DEBUG_TEST_DRIVER_REMOVE is enabled), which
 solves some reported problems with graphics and storage drivers.  The
 other resolves a smatch error with the 4.9-rc1 driver core changes
 around this feature.
 
 Both have been in linux-next with no reported issues.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 
 iFYEABECABYFAlgoLEcPHGdyZWdAa3JvYWguY29tAAoJEDFH1A3bLfspP1EAn1Du
 ApNAA8R5xV4dwjlXrPkUy6bbAKCBo8o29mnUw4/SN75ipl+ACoDC4g==
 =MM3q
 -----END PGP SIGNATURE-----

Merge tag 'driver-core-4.9-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core

Pull driver core fixes from Greg KH:
 "Here are two driver core fixes for 4.9-rc5.

  The first resolves an issue with some drivers not liking to be unbound
  and bound again (if CONFIG_DEBUG_TEST_DRIVER_REMOVE is enabled), which
  solves some reported problems with graphics and storage drivers. The
  other resolves a smatch error with the 4.9-rc1 driver core changes
  around this feature.

  Both have been in linux-next with no reported issues"

* tag 'driver-core-4.9-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core:
  driver core: fix smatch warning on dev->bus check
  driver core: skip removal test for non-removable drivers
2016-11-13 10:22:07 -08:00
Linus Torvalds
85b9df7aa5 Staging/IIO fixes for 4.9-rc5
Here are a few small staging and iio driver fixes for reported issues.
 The last one was cherry-picked from my -next branch to resolve a build
 warning that Arnd fixed, in his quest to be able to turn
 -Wmaybe-uninitialized back on again.  That patch, and all of the others,
 have been in linux-next for a while with no reported issues.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 
 iFYEABECABYFAlgoPA4PHGdyZWdAa3JvYWguY29tAAoJEDFH1A3bLfspzgIAn0/6
 6/P+FYstL3zexr0+xGqcHU/XAJ4p8HJjH9CX8SBHWaMa+KCyPQs6wQ==
 =L1Nv
 -----END PGP SIGNATURE-----

Merge tag 'staging-4.9-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging

Pull staging/IIO fixes from Grek KH:
 "Here are a few small staging and iio driver fixes for reported issues.

  The last one was cherry-picked from my -next branch to resolve a build
  warning that Arnd fixed, in his quest to be able to turn
  -Wmaybe-uninitialized back on again. That patch, and all of the
  others, have been in linux-next for a while with no reported issues"

* tag 'staging-4.9-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging:
  iio: maxim_thermocouple: detect invalid storage size in read()
  staging: nvec: remove managed resource from PS2 driver
  Revert "staging: nvec: ps2: change serio type to passthrough"
  drivers: staging: nvec: remove bogus reset command for PS/2 interface
  staging: greybus: arche-platform: fix device reference leak
  staging: comedi: ni_tio: fix buggy ni_tio_clock_period_ps() return value
  staging: sm750fb: Fix bugs introduced by early commits
  iio: hid-sensors: Increase the precision of scale to fix wrong reading interpretation.
  iio: orientation: hid-sensor-rotation: Add PM function (fix non working driver)
  iio: st_sensors: fix scale configuration for h3lis331dl
  staging: iio: ad5933: avoid uninitialized variable in error case
2016-11-13 10:13:33 -08:00
Linus Torvalds
befdfffdbd USB / PHY fixes for 4.9-rc5
Here are a number of small USB and PHY driver fixes for 4.9-rc5
 
 Nothing major, just small fixes for reported issues, all of these have
 been in linux-next for a while with no reported issues.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 
 iFYEABECABYFAlgoPRQPHGdyZWdAa3JvYWguY29tAAoJEDFH1A3bLfsp+dQAn282
 ftF8+1ZsZ4uyGdKNO101cSayAKCYezCi0MB+/aPIdgzBt0Z7EnA/wg==
 =aW8R
 -----END PGP SIGNATURE-----

Merge tag 'usb-4.9-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb

Pull USB / PHY fixes from Greg KH:
 "Here are a number of small USB and PHY driver fixes for 4.9-rc5

  Nothing major, just small fixes for reported issues, all of these have
  been in linux-next for a while with no reported issues"

* tag 'usb-4.9-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb:
  USB: cdc-acm: fix TIOCMIWAIT
  cdc-acm: fix uninitialized variable
  drivers/usb: Skip auto handoff for TI and RENESAS usb controllers
  usb: musb: remove duplicated actions
  usb: musb: da8xx: Don't print phy error on -EPROBE_DEFER
  phy: sun4i: check PMU presence when poking unknown bit of pmu
  phy-rockchip-pcie: remove deassert of phy_rst from exit callback
  phy: da8xx-usb: rename the ohci device to ohci-da8xx
  phy: Add reset callback for not generic phy
  uwb: fix device reference leaks
  usb: gadget: u_ether: remove interrupt throttling
  usb: dwc3: st: add missing <linux/pinctrl/consumer.h> include
  usb: dwc3: Fix error handling for core init
2016-11-13 10:10:46 -08:00
Linus Torvalds
348ce85b0a Merge branch 'for-linus' of git://git.kernel.dk/linux-block
Pull more block fixes from Jens Axboe:
 "Since I mistakenly left out the lightnvm regression fix yesterday and
  the aoeblk seems adequately tested at this point, might as well send
  out another pull to make -rc5"

* 'for-linus' of git://git.kernel.dk/linux-block:
  aoe: fix crash in page count manipulation
  lightnvm: invalid offset calculation for lba_shift
2016-11-13 10:09:04 -08:00
Linus Torvalds
980221d14c SCSI fixes on 20161111
The megaraid_sas patch in here fixes a major regression in the last
 fix set that made all megaraid_sas cards unusable.  It turns out
 no-one had actually tested such an "obvious" fix, sigh.  The fix for
 the fix has been tested ...
 
 The next most serious is the vmw_pvscsi abort problem which basically
 means that aborts don't work on the vmware paravirt devices and error
 handling always escalates to reset.
 
 The rest are an assortment of missed reference counting in certain
 paths and corner case bugs that show up on some architectures.
 
 Signed-off-by: James E.J. Bottomley <jejb@linux.vnet.ibm.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQIcBAABAgAGBQJYJnGsAAoJEAVr7HOZEZN4eqsP/2wZN2CQuq8yu6JRxNRHd3l/
 EInmPDMrU78huf8MaOZlX1V8cq+nHO5lmxP+ggmyAA7mD82hCv2fGnHe5RMLYrOt
 WidH8GXxEZd6FkyZE+nSlPmoosB/Ru6ckW5Mbg37RJ9VtwXdua/DB+CrINDzZ6gB
 LaIyvfDbby9eQ5S8SEmBMsPa23oKuLfbEd3sofI9/h3cSn1vwGY6/mZUeQ++aws5
 QFsNPbSimjetX73IeJXnix5WQEF8/r9HDq13GmttTcqbJIpToHFNsm9/DTKAjLfS
 +0dIqHJ9No0GqV4w+x9F8GPUo4NCKmxdTZS/SPH3+0YHqWs+k6Lyt+6E6mPptgaF
 NsimYm2JDiVxVFaguwobxPtEfJopVP1VH8Zk/JVPK1hoCBeTjKwgziXIEbiOmhu5
 fkyiZJM11HW1Ix2funD9hyTOyzrE+g4tqCuCZ+zhOiKu87czKM6XZpieBNsMoXOj
 pI3dSC2tGHo1QZtHiFkpmNBi0kZZl6sNPQxd8o8UDl2HsQFNDq8s1pn5WCMa6Ze9
 URUxa484H9J2O6HhoOPeN3FFMpZpUIAQA33XQRZkK5QL6dbSNFqZ3FHC6ubqqHJL
 Au4NAww3F8lG+vLlkeMPB0qOspyVWSg3i4lxUHQ0RdYeDIUdq/J7yla7Wqw5Bf9H
 B3uk7cUz+5tWZq73kl/c
 =pp9Y
 -----END PGP SIGNATURE-----

Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi

Pull SCSI fixes from James Bottomley:
 "The megaraid_sas patch in here fixes a major regression in the last
  fix set that made all megaraid_sas cards unusable. It turns out no-one
  had actually tested such an "obvious" fix, sigh. The fix for the fix
  has been tested ...

  The next most serious is the vmw_pvscsi abort problem which basically
  means that aborts don't work on the vmware paravirt devices and error
  handling always escalates to reset.

  The rest are an assortment of missed reference counting in certain
  paths and corner case bugs that show up on some architectures"

* tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
  scsi: megaraid_sas: fix macro MEGASAS_IS_LOGICAL to avoid regression
  scsi: qla2xxx: fix invalid DMA access after command aborts in PCI device remove
  scsi: qla2xxx: do not queue commands when unloading
  scsi: libcxgbi: fix incorrect DDP resource cleanup
  scsi: qla2xxx: Fix scsi scan hang triggered if adapter fails during init
  scsi: scsi_dh_alua: Fix a reference counting bug
  scsi: vmw_pvscsi: return SUCCESS for successful command aborts
  scsi: mpt3sas: Fix for block device of raid exists even after deleting raid disk
  scsi: scsi_dh_alua: fix missing kref_put() in alua_rtpg_work()
2016-11-13 10:07:08 -08:00
Linus Torvalds
d41bd8f335 The typical collection of minor bug fixes in clk drivers. We don't have
anything in the core framework here, just driver fixes. There's a boot fix for
 Samsung devices and a safety measure for qoriq to prevent CPUs from running too
 fast. There's also a fix for i.MX6Q to properly handle audio clock rates. We
 also have some "that's obviously wrong" fixes like bad NULL pointer checks in
 the MPP driver and a poor usage of __pa in the xgene clk driver that are fixed
 here.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABCAAGBQJYJmG5AAoJEK0CiJfG5JUl9i0P+we00IC5EqnmS0Fq5gxEWO41
 pRqoWL2BrjX4bS7E/UQYbB4DFBNkPy0w4HByRxhBFp7SfFbtQaWvFvkbPLUm1z0c
 RwuM1ywVklvK/pAm7Nr48hTKXv0ZJdgqYn+N3omKls9X8ofSdJyl8DZdWd+f8fhA
 9x7y9G6MwdybkDlhsOJb1TmsjayR2kdM8d1iRLcTg1L0WSmPN8ugwjamhj7XF3Nw
 XFWpYqu6CgAIp60/QCbYFCpQvfhR+2SB9N+C8Vad4rRChr1gOTxqDGIr41WhRXue
 Jne4Rq5cxDO8VdnZel2qojXIRngQS1afa2uDDDVnxM5QnHCtM8IQ//LxHpwCSe5P
 mRzY+hRPWs3PPufOj8LiWOyPIf+DQtBN1dAApmGys+Ep1WzREmdK4Sys6UskihWV
 dr6uolLxtQpvO+yLkuaOjzKffckxlLhQ833UuD9RfQPkAFpBY2q39rwz9mCuQo/V
 YafcJJUiKJxLT8d98RwMKul49YYFZGPLGcr0w22AflHxlDF0M/3gYlkcKJGP9oN3
 4r5sAQXOmrVxW8kV64vZXUuQwdG7spuoeK5UOJeFuyGwCpZNf2hQzpAkHoBtlyK3
 1fzTnFePvFqSN++R3WSVJMx5Bqql3JPAvAO4iWvQpxSkexTII6kexc/qWFrc7XoA
 j6eS8kJf1OBU3XYrP6N2
 =vic+
 -----END PGP SIGNATURE-----

Merge tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux

Pull clk fixes from Stephen Boyd:
 "The typical collection of minor bug fixes in clk drivers. We don't
  have anything in the core framework here, just driver fixes.

  There's a boot fix for Samsung devices and a safety measure for qoriq
  to prevent CPUs from running too fast. There's also a fix for i.MX6Q
  to properly handle audio clock rates. We also have some "that's
  obviously wrong" fixes like bad NULL pointer checks in the MPP driver
  and a poor usage of __pa in the xgene clk driver that are fixed here"

* tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux:
  clk: mmp: pxa910: fix return value check in pxa910_clk_init()
  clk: mmp: pxa168: fix return value check in pxa168_clk_init()
  clk: mmp: mmp2: fix return value check in mmp2_clk_init()
  clk: qoriq: Don't allow CPU clocks higher than starting value
  clk: imx: fix integer overflow in AV PLL round rate
  clk: xgene: Don't call __pa on ioremaped address
  clk/samsung: Use CLK_OF_DECLARE_DRIVER initialization method for CLKOUT
  clk: rockchip: don't return NULL when failing to register ddrclk branch
2016-11-13 10:04:55 -08:00
Mauro Carvalho Chehab
7a0786c19d gp8psk: Fix DVB frontend attach
The DVB binding schema at the DVB core assumes that the frontend is a
separate driver.  Faling to do that causes OOPS when the module is
removed, as it tries to do a symbol_put_addr on an internal symbol,
causing craches like:

    WARNING: CPU: 1 PID: 28102 at kernel/module.c:1108 module_put+0x57/0x70
    Modules linked in: dvb_usb_gp8psk(-) dvb_usb dvb_core nvidia_drm(PO) nvidia_modeset(PO) snd_hda_codec_hdmi snd_hda_intel snd_hda_codec snd_hwdep snd_hda_core snd_pcm snd_timer snd soundcore nvidia(PO) [last unloaded: rc_core]
    CPU: 1 PID: 28102 Comm: rmmod Tainted: P        WC O 4.8.4-build.1 #1
    Hardware name: MSI MS-7309/MS-7309, BIOS V1.12 02/23/2009
    Call Trace:
       dump_stack+0x44/0x64
       __warn+0xfa/0x120
       module_put+0x57/0x70
       module_put+0x57/0x70
       warn_slowpath_null+0x23/0x30
       module_put+0x57/0x70
       gp8psk_fe_set_frontend+0x460/0x460 [dvb_usb_gp8psk]
       symbol_put_addr+0x27/0x50
       dvb_usb_adapter_frontend_exit+0x3a/0x70 [dvb_usb]

From Derek's tests:
    "Attach bug is fixed, tuning works, module unloads without
     crashing. Everything seems ok!"

Reported-by: Derek <user.vdr@gmail.com>
Tested-by: Derek <user.vdr@gmail.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-11-13 10:02:22 -08:00