[PATCH] ARC fix for 4.13-final

Hi Linus, Could you please add this ARC fixlet - which is a regression from pull req of last week - but only shows up in our out of tree platform (slated for next window). Thx, -Vineet Alexey Brodkin (1): ARCv2: SMP: Mask only private-per-core IRQ lines on boot at core intc

[PATCH] ARC fix for 4.13-final

Hi Linus, Could you please add this ARC fixlet - which is a regression from pull req of last week - but only shows up in our out of tree platform (slated for next window). Thx, -Vineet Alexey Brodkin (1): ARCv2: SMP: Mask only private-per-core IRQ lines on boot at core intc

Re: [PATCH v2 15/30] xfs: Define usercopy region in xfs_inode slab cache

On Mon, Aug 28, 2017 at 2:49 PM, Darrick J. Wong wrote: > On Mon, Aug 28, 2017 at 02:34:56PM -0700, Kees Cook wrote: >> From: David Windsor >> >> The XFS inline inode data, stored in struct xfs_inode_t field >> i_df.if_u2.if_inline_data and therefore

Re: [PATCH v2 15/30] xfs: Define usercopy region in xfs_inode slab cache

On Mon, Aug 28, 2017 at 2:49 PM, Darrick J. Wong wrote: > On Mon, Aug 28, 2017 at 02:34:56PM -0700, Kees Cook wrote: >> From: David Windsor >> >> The XFS inline inode data, stored in struct xfs_inode_t field >> i_df.if_u2.if_inline_data and therefore contained in the xfs_inode slab >> cache,

Re: [PATCH] lsm_audit: use get_task_comm

On Mon, Aug 28, 2017 at 9:58 AM, Geliang Tang wrote: > get_task_comm() copys the task's comm under the task_lock, it's safer > than directly using memcpy(). > > Signed-off-by: Geliang Tang > --- > security/lsm_audit.c | 4 ++-- > 1 file changed, 2

Re: [PATCH] lsm_audit: use get_task_comm

On Mon, Aug 28, 2017 at 9:58 AM, Geliang Tang wrote: > get_task_comm() copys the task's comm under the task_lock, it's safer > than directly using memcpy(). > > Signed-off-by: Geliang Tang > --- > security/lsm_audit.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git

Re: [PATCH 1/2] mtd: spi-nor: add an option to force 3byte adressing mode

Hi Geert, >> +- spi-3byte-addressing - Empty property indicating device access to be done >> + only in 3byte addressing mode. > > spi-force-3byte-addressing? I can change it, no problem. I thought of this, but was affraid if the property wouldn't be too long. > >> Some SPI

Re: [PATCH 1/2] mtd: spi-nor: add an option to force 3byte adressing mode

Hi Geert, >> +- spi-3byte-addressing - Empty property indicating device access to be done >> + only in 3byte addressing mode. > > spi-force-3byte-addressing? I can change it, no problem. I thought of this, but was affraid if the property wouldn't be too long. > >> Some SPI

[PATCH v2 27/30] x86: Implement thread_struct whitelist for hardened usercopy

This whitelists the FPU register state portion of the thread_struct for copying to userspace, instead of the default entire struct. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: x...@kernel.org Cc: Borislav Petkov

[PATCH v2 18/30] net: Define usercopy region in struct proto slab cache

From: David Windsor In support of usercopy hardening, this patch defines a region in the struct proto slab cache in which userspace copy operations are allowed. Some protocols need to copy objects to/from userspace, and they can declare the region via their proto structure

[PATCH v2 27/30] x86: Implement thread_struct whitelist for hardened usercopy

This whitelists the FPU register state portion of the thread_struct for copying to userspace, instead of the default entire struct. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: x...@kernel.org Cc: Borislav Petkov Cc: Andy Lutomirski Cc: Mathias Krause Signed-off-by: Kees

[PATCH v2 18/30] net: Define usercopy region in struct proto slab cache

From: David Windsor In support of usercopy hardening, this patch defines a region in the struct proto slab cache in which userspace copy operations are allowed. Some protocols need to copy objects to/from userspace, and they can declare the region via their proto structure with the new usersize

Re: [PATCH v8 0/3] PCI: iproc: SOC specific fixes

On Thu, Aug 24, 2017 at 10:34:23AM +0530, Oza Pawandeep wrote: > PCI: iproc: Retry request when CRS returned from EP Above patch adds > support for CRS in PCI RC driver, otherwise if not handled at lower > level, the user space PMD (poll mode drivers) can timeout. > > PCI: iproc: add device

Re: [PATCH v8 0/3] PCI: iproc: SOC specific fixes

On Thu, Aug 24, 2017 at 10:34:23AM +0530, Oza Pawandeep wrote: > PCI: iproc: Retry request when CRS returned from EP Above patch adds > support for CRS in PCI RC driver, otherwise if not handled at lower > level, the user space PMD (poll mode drivers) can timeout. > > PCI: iproc: add device

Re: [PATCH v2 17/30] scsi: Define usercopy region in scsi_sense_cache slab cache

On Mon, Aug 28, 2017 at 2:42 PM, Bart Van Assche wrote: > On Mon, 2017-08-28 at 14:34 -0700, Kees Cook wrote: >> diff --git a/drivers/scsi/scsi_lib.c b/drivers/scsi/scsi_lib.c >> index f6097b89d5d3..f1c6bd56dd5b 100644 >> --- a/drivers/scsi/scsi_lib.c >> +++

Re: [PATCH v2 17/30] scsi: Define usercopy region in scsi_sense_cache slab cache

On Mon, Aug 28, 2017 at 2:42 PM, Bart Van Assche wrote: > On Mon, 2017-08-28 at 14:34 -0700, Kees Cook wrote: >> diff --git a/drivers/scsi/scsi_lib.c b/drivers/scsi/scsi_lib.c >> index f6097b89d5d3..f1c6bd56dd5b 100644 >> --- a/drivers/scsi/scsi_lib.c >> +++ b/drivers/scsi/scsi_lib.c >> @@ -77,14

Re: [GIT PULL] workqueue fixes for v4.13-rc3

On Mon, Aug 28, 2017 at 11:07:28AM +0200, Geert Uytterhoeven wrote: > Hi Tejun, > > On Thu, Aug 24, 2017 at 4:33 PM, Tejun Heo wrote: > > On Thu, Aug 24, 2017 at 03:32:04PM +0200, Geert Uytterhoeven wrote: > >> > Ah, okay, so it has multiple nodes but not NUMA. The generic numa

Re: [GIT PULL] workqueue fixes for v4.13-rc3

On Mon, Aug 28, 2017 at 11:07:28AM +0200, Geert Uytterhoeven wrote: > Hi Tejun, > > On Thu, Aug 24, 2017 at 4:33 PM, Tejun Heo wrote: > > On Thu, Aug 24, 2017 at 03:32:04PM +0200, Geert Uytterhoeven wrote: > >> > Ah, okay, so it has multiple nodes but not NUMA. The generic numa > >> > topology

Re: [PATCH v2 11/20] rpmsg: glink: Fix idr_lock from mutex to spinlock

Hi Sricharan, Minor bug in this patch. On 8/24/2017 12:21 AM, Sricharan R wrote: [..] @@ -829,11 +839,14 @@ static int qcom_glink_rx_open(struct qcom_glink *glink, unsigned int rcid, struct device_node *node; int lcid; int ret; + unsigned long flags; +

Re: [PATCH v2 11/20] rpmsg: glink: Fix idr_lock from mutex to spinlock

Hi Sricharan, Minor bug in this patch. On 8/24/2017 12:21 AM, Sricharan R wrote: [..] @@ -829,11 +839,14 @@ static int qcom_glink_rx_open(struct qcom_glink *glink, unsigned int rcid, struct device_node *node; int lcid; int ret; + unsigned long flags; +

[PATCH] cpumask: fix spurious cpumask_of_node() on non-NUMA multi-node configs

When !CONFIG_NUMA, cpumask_of_node(@node) equals cpu_online_mask regardless of @node. The assumption seems that if !NUMA, there shouldn't be more than one node and thus reporting cpu_online_mask regardless of @node is correct. However, that assumption was broken years ago to support

[PATCH] cpumask: fix spurious cpumask_of_node() on non-NUMA multi-node configs

When !CONFIG_NUMA, cpumask_of_node(@node) equals cpu_online_mask regardless of @node. The assumption seems that if !NUMA, there shouldn't be more than one node and thus reporting cpu_online_mask regardless of @node is correct. However, that assumption was broken years ago to support

Re: [PATCH v2 15/30] xfs: Define usercopy region in xfs_inode slab cache

On Mon, Aug 28, 2017 at 02:34:56PM -0700, Kees Cook wrote: > From: David Windsor > > The XFS inline inode data, stored in struct xfs_inode_t field > i_df.if_u2.if_inline_data and therefore contained in the xfs_inode slab > cache, needs to be copied to/from userspace. > >

Re: [PATCH v2 15/30] xfs: Define usercopy region in xfs_inode slab cache

On Mon, Aug 28, 2017 at 02:34:56PM -0700, Kees Cook wrote: > From: David Windsor > > The XFS inline inode data, stored in struct xfs_inode_t field > i_df.if_u2.if_inline_data and therefore contained in the xfs_inode slab > cache, needs to be copied to/from userspace. > > cache object

Re: [PATCH v8 2/3] PCI: iproc: retry request when CRS returned from EP

On Thu, Aug 24, 2017 at 10:34:25AM +0530, Oza Pawandeep wrote: > PCIe spec r3.1, sec 2.3.2 > If CRS software visibility is not enabled, the RC must reissue the > config request as a new request. > > - If CRS software visibility is enabled, > - for a config read of Vendor ID, the RC must return

Re: [PATCH v8 2/3] PCI: iproc: retry request when CRS returned from EP

On Thu, Aug 24, 2017 at 10:34:25AM +0530, Oza Pawandeep wrote: > PCIe spec r3.1, sec 2.3.2 > If CRS software visibility is not enabled, the RC must reissue the > config request as a new request. > > - If CRS software visibility is enabled, > - for a config read of Vendor ID, the RC must return

[PATCH v2 23/30] net: Restrict unwhitelisted proto caches to size 0

Now that protocols have been annotated (the copy of icsk_ca_ops->name is of an ops field from outside the slab cache): $ git grep 'copy_.*_user.*sk.*->' caif/caif_socket.c: copy_from_user(_sk->conn_req.param.data, ov, ol)) { ipv4/raw.c: if (copy_from_user(_sk(sk)->filter, optval, optlen))

[PATCH v2 23/30] net: Restrict unwhitelisted proto caches to size 0

Now that protocols have been annotated (the copy of icsk_ca_ops->name is of an ops field from outside the slab cache): $ git grep 'copy_.*_user.*sk.*->' caif/caif_socket.c: copy_from_user(_sk->conn_req.param.data, ov, ol)) { ipv4/raw.c: if (copy_from_user(_sk(sk)->filter, optval, optlen))

[PATCH v2 14/30] vxfs: Define usercopy region in vxfs_inode slab cache

From: David Windsor vxfs symlink pathnames, stored in struct vxfs_inode_info field vii_immed.vi_immed and therefore contained in the vxfs_inode slab cache, need to be copied to/from userspace. cache object allocation: fs/freevxfs/vxfs_super.c:

[PATCH v2 14/30] vxfs: Define usercopy region in vxfs_inode slab cache

From: David Windsor vxfs symlink pathnames, stored in struct vxfs_inode_info field vii_immed.vi_immed and therefore contained in the vxfs_inode slab cache, need to be copied to/from userspace. cache object allocation: fs/freevxfs/vxfs_super.c: vxfs_alloc_inode(...): ...

[PATCH v2 30/30] usercopy: Restrict non-usercopy caches to size 0

With all known usercopied cache whitelists now defined in the kernel, switch the default usercopy region of kmem_cache_create() to size 0. Any new caches with usercopy regions will now need to use kmem_cache_create_usercopy() instead of kmem_cache_create(). This patch is modified from Brad

[PATCH v2 30/30] usercopy: Restrict non-usercopy caches to size 0

With all known usercopied cache whitelists now defined in the kernel, switch the default usercopy region of kmem_cache_create() to size 0. Any new caches with usercopy regions will now need to use kmem_cache_create_usercopy() instead of kmem_cache_create(). This patch is modified from Brad

[PATCH v2 26/30] fork: Provide usercopy whitelisting for task_struct

While the blocked and saved_sigmask fields of task_struct are copied to userspace (via sigmask_to_save() and setup_rt_frame()), it is always copied with a static length (i.e. sizeof(sigset_t)). The only portion of task_struct that is potentially dynamically sized and may be copied to userspace is

[PATCH v2 26/30] fork: Provide usercopy whitelisting for task_struct

While the blocked and saved_sigmask fields of task_struct are copied to userspace (via sigmask_to_save() and setup_rt_frame()), it is always copied with a static length (i.e. sizeof(sigset_t)). The only portion of task_struct that is potentially dynamically sized and may be copied to userspace is

[PATCH v2 29/30] arm: Implement thread_struct whitelist for hardened usercopy

ARM does not carry FPU state in the thread structure, so it can declare no usercopy whitelist at all. Cc: Russell King Cc: Ingo Molnar Cc: Christian Borntraeger Cc: "Peter Zijlstra (Intel)" Cc:

[PATCH v2 29/30] arm: Implement thread_struct whitelist for hardened usercopy

ARM does not carry FPU state in the thread structure, so it can declare no usercopy whitelist at all. Cc: Russell King Cc: Ingo Molnar Cc: Christian Borntraeger Cc: "Peter Zijlstra (Intel)" Cc: linux-arm-ker...@lists.infradead.org Signed-off-by: Kees Cook --- arch/arm/Kconfig

[PATCH v2 24/30] fork: Define usercopy region in mm_struct slab caches

From: David Windsor In support of usercopy hardening, this patch defines a region in the mm_struct slab caches in which userspace copy operations are allowed. Only the auxv field is copied to userspace. cache object allocation: kernel/fork.c: #define allocate_mm()

[PATCH v2 24/30] fork: Define usercopy region in mm_struct slab caches

From: David Windsor In support of usercopy hardening, this patch defines a region in the mm_struct slab caches in which userspace copy operations are allowed. Only the auxv field is copied to userspace. cache object allocation: kernel/fork.c: #define allocate_mm()

[PATCH v2 19/30] ip: Define usercopy region in IP proto slab cache

From: David Windsor The ICMP filters for IPv4 and IPv6 raw sockets need to be copied to/from userspace. In support of usercopy hardening, this patch defines a region in the struct proto slab cache in which userspace copy operations are allowed. example usage trace:

[PATCH v2 19/30] ip: Define usercopy region in IP proto slab cache

From: David Windsor The ICMP filters for IPv4 and IPv6 raw sockets need to be copied to/from userspace. In support of usercopy hardening, this patch defines a region in the struct proto slab cache in which userspace copy operations are allowed. example usage trace: net/ipv4/raw.c:

[PATCH v2 25/30] fork: Define usercopy region in thread_stack slab caches

From: David Windsor In support of usercopy hardening, this patch defines a region in the thread_stack slab caches in which userspace copy operations are allowed. Since the entire thread_stack needs to be available to userspace, the entire slab contents are whitelisted. Note

[PATCH v2 25/30] fork: Define usercopy region in thread_stack slab caches

From: David Windsor In support of usercopy hardening, this patch defines a region in the thread_stack slab caches in which userspace copy operations are allowed. Since the entire thread_stack needs to be available to userspace, the entire slab contents are whitelisted. Note that the slab-based

[PATCH v2 22/30] sctp: Copy struct sctp_sock.autoclose to userspace using put_user()

From: David Windsor The autoclose field can be copied with put_user(), so there is no need to use copy_to_user(). In both cases, hardened usercopy is being bypassed since the size is constant, and not open to runtime manipulation. This patch is verbatim from Brad Spengler/PaX

[PATCH v2 22/30] sctp: Copy struct sctp_sock.autoclose to userspace using put_user()

From: David Windsor The autoclose field can be copied with put_user(), so there is no need to use copy_to_user(). In both cases, hardened usercopy is being bypassed since the size is constant, and not open to runtime manipulation. This patch is verbatim from Brad Spengler/PaX Team's

[PATCH v2 21/30] sctp: Define usercopy region in SCTP proto slab cache

From: David Windsor The SCTP socket event notification subscription information need to be copied to/from userspace. In support of usercopy hardening, this patch defines a region in the struct proto slab cache in which userspace copy operations are allowed. Additionally moves

[PATCH v2 21/30] sctp: Define usercopy region in SCTP proto slab cache

From: David Windsor The SCTP socket event notification subscription information need to be copied to/from userspace. In support of usercopy hardening, this patch defines a region in the struct proto slab cache in which userspace copy operations are allowed. Additionally moves the usercopy fields

[PATCH v2 28/30] arm64: Implement thread_struct whitelist for hardened usercopy

This whitelists the FPU register state portion of the thread_struct for copying to userspace, instead of the default entire structure. Cc: Catalin Marinas Cc: Will Deacon Cc: Christian Borntraeger Cc: Ingo Molnar

[PATCH v2 28/30] arm64: Implement thread_struct whitelist for hardened usercopy

This whitelists the FPU register state portion of the thread_struct for copying to userspace, instead of the default entire structure. Cc: Catalin Marinas Cc: Will Deacon Cc: Christian Borntraeger Cc: Ingo Molnar Cc: James Morse Cc: "Peter Zijlstra (Intel)" Cc: Dave Martin Cc: zijun_hu

Re: [PATCH v2 17/30] scsi: Define usercopy region in scsi_sense_cache slab cache

On Mon, 2017-08-28 at 14:34 -0700, Kees Cook wrote: > diff --git a/drivers/scsi/scsi_lib.c b/drivers/scsi/scsi_lib.c > index f6097b89d5d3..f1c6bd56dd5b 100644 > --- a/drivers/scsi/scsi_lib.c > +++ b/drivers/scsi/scsi_lib.c > @@ -77,14 +77,15 @@ int scsi_init_sense_cache(struct Scsi_Host *shost) >

Re: [PATCH v2 17/30] scsi: Define usercopy region in scsi_sense_cache slab cache

On Mon, 2017-08-28 at 14:34 -0700, Kees Cook wrote: > diff --git a/drivers/scsi/scsi_lib.c b/drivers/scsi/scsi_lib.c > index f6097b89d5d3..f1c6bd56dd5b 100644 > --- a/drivers/scsi/scsi_lib.c > +++ b/drivers/scsi/scsi_lib.c > @@ -77,14 +77,15 @@ int scsi_init_sense_cache(struct Scsi_Host *shost) >

[PATCH v2 03/30] usercopy: Mark kmalloc caches as usercopy caches

From: David Windsor Mark the kmalloc slab caches as entirely whitelisted. These caches are frequently used to fulfill kernel allocations that contain data to be copied to/from userspace. Internal-only uses are also common, but are scattered in the kernel. For now, mark all the

[PATCH v2 03/30] usercopy: Mark kmalloc caches as usercopy caches

From: David Windsor Mark the kmalloc slab caches as entirely whitelisted. These caches are frequently used to fulfill kernel allocations that contain data to be copied to/from userspace. Internal-only uses are also common, but are scattered in the kernel. For now, mark all the kmalloc caches as

[PATCH v2 01/30] usercopy: Prepare for usercopy whitelisting

From: David Windsor This patch prepares the slab allocator to handle caches having annotations (useroffset and usersize) defining usercopy regions. This patch is modified from Brad Spengler/PaX Team's PAX_USERCOPY whitelisting code in the last public patch of grsecurity/PaX

[PATCH v2 01/30] usercopy: Prepare for usercopy whitelisting

From: David Windsor This patch prepares the slab allocator to handle caches having annotations (useroffset and usersize) defining usercopy regions. This patch is modified from Brad Spengler/PaX Team's PAX_USERCOPY whitelisting code in the last public patch of grsecurity/PaX based on my

[PATCH v2 05/30] vfs: Define usercopy region in names_cache slab caches

From: David Windsor VFS pathnames are stored in the names_cache slab cache, either inline or across an entire allocation entry (when approaching PATH_MAX). These are copied to/from userspace, so they must be entirely whitelisted. cache object allocation:

[PATCH v2 05/30] vfs: Define usercopy region in names_cache slab caches

From: David Windsor VFS pathnames are stored in the names_cache slab cache, either inline or across an entire allocation entry (when approaching PATH_MAX). These are copied to/from userspace, so they must be entirely whitelisted. cache object allocation: include/linux/fs.h: #define

[PATCH v2 02/30] usercopy: Enforce slab cache usercopy region boundaries

From: David Windsor This patch adds the enforcement component of usercopy cache whitelisting, and is modified from Brad Spengler/PaX Team's PAX_USERCOPY whitelisting code in the last public patch of grsecurity/PaX based on my understanding of the code. Changes or omissions

[PATCH v2 02/30] usercopy: Enforce slab cache usercopy region boundaries

From: David Windsor This patch adds the enforcement component of usercopy cache whitelisting, and is modified from Brad Spengler/PaX Team's PAX_USERCOPY whitelisting code in the last public patch of grsecurity/PaX based on my understanding of the code. Changes or omissions from the original code

[PATCH v2 06/30] vfs: Copy struct mount.mnt_id to userspace using put_user()

From: David Windsor The mnt_id field can be copied with put_user(), so there is no need to use copy_to_user(). In both cases, hardened usercopy is being bypassed since the size is constant, and not open to runtime manipulation. This patch is verbatim from Brad Spengler/PaX

[PATCH v2 06/30] vfs: Copy struct mount.mnt_id to userspace using put_user()

From: David Windsor The mnt_id field can be copied with put_user(), so there is no need to use copy_to_user(). In both cases, hardened usercopy is being bypassed since the size is constant, and not open to runtime manipulation. This patch is verbatim from Brad Spengler/PaX Team's PAX_USERCOPY

[PATCH v2 10/30] befs: Define usercopy region in befs_inode_cache slab cache

From: David Windsor befs symlink pathnames, stored in struct befs_inode_info.i_data.symlink and therefore contained in the befs_inode_cache slab cache, need to be copied to/from userspace. cache object allocation: fs/befs/linuxvfs.c: befs_alloc_inode(...):

[PATCH v2 10/30] befs: Define usercopy region in befs_inode_cache slab cache

From: David Windsor befs symlink pathnames, stored in struct befs_inode_info.i_data.symlink and therefore contained in the befs_inode_cache slab cache, need to be copied to/from userspace. cache object allocation: fs/befs/linuxvfs.c: befs_alloc_inode(...): ...

[PATCH v2 04/30] dcache: Define usercopy region in dentry_cache slab cache

From: David Windsor When a dentry name is short enough, it can be stored directly in the dentry itself (instead in a separate kmalloc allocation). These dentry short names, stored in struct dentry.d_iname and therefore contained in the dentry_cache slab cache, need to be coped

[PATCH v2 04/30] dcache: Define usercopy region in dentry_cache slab cache

From: David Windsor When a dentry name is short enough, it can be stored directly in the dentry itself (instead in a separate kmalloc allocation). These dentry short names, stored in struct dentry.d_iname and therefore contained in the dentry_cache slab cache, need to be coped to userspace.

[PATCH v2 09/30] jfs: Define usercopy region in jfs_ip slab cache

From: David Windsor The jfs symlink pathnames, stored in struct jfs_inode_info.i_inline and therefore contained in the jfs_ip slab cache, need to be copied to/from userspace. cache object allocation: fs/jfs/super.c: jfs_alloc_inode(...): ...

[PATCH v2 09/30] jfs: Define usercopy region in jfs_ip slab cache

From: David Windsor The jfs symlink pathnames, stored in struct jfs_inode_info.i_inline and therefore contained in the jfs_ip slab cache, need to be copied to/from userspace. cache object allocation: fs/jfs/super.c: jfs_alloc_inode(...): ... jfs_inode =

[PATCH v2 11/30] exofs: Define usercopy region in exofs_inode_cache slab cache

From: David Windsor The exofs short symlink names, stored in struct exofs_i_info.i_data and therefore contained in the exofs_inode_cache slab cache, need to be copied to/from userspace. cache object allocation: fs/exofs/super.c: exofs_alloc_inode(...):

[PATCH v2 12/30] orangefs: Define usercopy region in orangefs_inode_cache slab cache

From: David Windsor orangefs symlink pathnames, stored in struct orangefs_inode_s.link_target and therefore contained in the orangefs_inode_cache, need to be copied to/from userspace. cache object allocation: fs/orangefs/super.c: orangefs_alloc_inode(...):

[PATCH v2 11/30] exofs: Define usercopy region in exofs_inode_cache slab cache

From: David Windsor The exofs short symlink names, stored in struct exofs_i_info.i_data and therefore contained in the exofs_inode_cache slab cache, need to be copied to/from userspace. cache object allocation: fs/exofs/super.c: exofs_alloc_inode(...): ... oi

[PATCH v2 12/30] orangefs: Define usercopy region in orangefs_inode_cache slab cache

From: David Windsor orangefs symlink pathnames, stored in struct orangefs_inode_s.link_target and therefore contained in the orangefs_inode_cache, need to be copied to/from userspace. cache object allocation: fs/orangefs/super.c: orangefs_alloc_inode(...): ...

[PATCH v2 16/30] cifs: Define usercopy region in cifs_request slab cache

From: David Windsor CIFS request buffers, stored in the cifs_request slab cache, need to be copied to/from userspace. cache object allocation: fs/cifs/cifsfs.c: cifs_init_request_bufs(): ... cifs_req_poolp =

[PATCH v2 16/30] cifs: Define usercopy region in cifs_request slab cache

From: David Windsor CIFS request buffers, stored in the cifs_request slab cache, need to be copied to/from userspace. cache object allocation: fs/cifs/cifsfs.c: cifs_init_request_bufs(): ... cifs_req_poolp = mempool_create_slab_pool(cifs_min_rcv,

[PATCH v2 15/30] xfs: Define usercopy region in xfs_inode slab cache

From: David Windsor The XFS inline inode data, stored in struct xfs_inode_t field i_df.if_u2.if_inline_data and therefore contained in the xfs_inode slab cache, needs to be copied to/from userspace. cache object allocation: fs/xfs/xfs_icache.c:

[PATCH v2 15/30] xfs: Define usercopy region in xfs_inode slab cache

From: David Windsor The XFS inline inode data, stored in struct xfs_inode_t field i_df.if_u2.if_inline_data and therefore contained in the xfs_inode slab cache, needs to be copied to/from userspace. cache object allocation: fs/xfs/xfs_icache.c: xfs_inode_alloc(...): ...

[PATCH v2 13/30] ufs: Define usercopy region in ufs_inode_cache slab cache

From: David Windsor The ufs symlink pathnames, stored in struct ufs_inode_info.i_u1.i_symlink and therefore contained in the ufs_inode_cache slab cache, need to be copied to/from userspace. cache object allocation: fs/ufs/super.c: ufs_alloc_inode(...):

[PATCH v2 13/30] ufs: Define usercopy region in ufs_inode_cache slab cache

From: David Windsor The ufs symlink pathnames, stored in struct ufs_inode_info.i_u1.i_symlink and therefore contained in the ufs_inode_cache slab cache, need to be copied to/from userspace. cache object allocation: fs/ufs/super.c: ufs_alloc_inode(...): ... ei

[PATCH v2 08/30] ext2: Define usercopy region in ext2_inode_cache slab cache

From: David Windsor The ext2 symlink pathnames, stored in struct ext2_inode_info.i_data and therefore contained in the ext2_inode_cache slab cache, need to be copied to/from userspace. cache object allocation: fs/ext2/super.c: ext2_alloc_inode(...):

[PATCH v2 08/30] ext2: Define usercopy region in ext2_inode_cache slab cache

From: David Windsor The ext2 symlink pathnames, stored in struct ext2_inode_info.i_data and therefore contained in the ext2_inode_cache slab cache, need to be copied to/from userspace. cache object allocation: fs/ext2/super.c: ext2_alloc_inode(...): struct

[PATCH v2 20/30] caif: Define usercopy region in caif proto slab cache

From: David Windsor The CAIF channel connection request parameters need to be copied to/from userspace. In support of usercopy hardening, this patch defines a region in the struct proto slab cache in which userspace copy operations are allowed. example usage trace:

[PATCH v2 20/30] caif: Define usercopy region in caif proto slab cache

From: David Windsor The CAIF channel connection request parameters need to be copied to/from userspace. In support of usercopy hardening, this patch defines a region in the struct proto slab cache in which userspace copy operations are allowed. example usage trace: net/caif/caif_socket.c:

[PATCH v2 07/30] ext4: Define usercopy region in ext4_inode_cache slab cache

From: David Windsor The ext4 symlink pathnames, stored in struct ext4_inode_info.i_data and therefore contained in the ext4_inode_cache slab cache, need to be copied to/from userspace. cache object allocation: fs/ext4/super.c: ext4_alloc_inode(...):

[PATCH v2 07/30] ext4: Define usercopy region in ext4_inode_cache slab cache

From: David Windsor The ext4 symlink pathnames, stored in struct ext4_inode_info.i_data and therefore contained in the ext4_inode_cache slab cache, need to be copied to/from userspace. cache object allocation: fs/ext4/super.c: ext4_alloc_inode(...): struct

[PATCH v2 17/30] scsi: Define usercopy region in scsi_sense_cache slab cache

From: David Windsor SCSI sense buffers, stored in struct scsi_cmnd.sense and therefore contained in the scsi_sense_cache slab cache, need to be copied to/from userspace. cache object allocation: drivers/scsi/scsi_lib.c: scsi_select_sense_cache(...):

[PATCH v2 00/30] Hardened usercopy whitelisting

This series is modified from Brad Spengler/PaX Team's PAX_USERCOPY code in the last public patch of grsecurity/PaX based on our understanding of the code. Changes or omissions from the original code are ours and don't reflect the original grsecurity/PaX code. David Windsor did the bulk of the

[PATCH v2 17/30] scsi: Define usercopy region in scsi_sense_cache slab cache

From: David Windsor SCSI sense buffers, stored in struct scsi_cmnd.sense and therefore contained in the scsi_sense_cache slab cache, need to be copied to/from userspace. cache object allocation: drivers/scsi/scsi_lib.c: scsi_select_sense_cache(...): return ... ?

[PATCH v2 00/30] Hardened usercopy whitelisting

This series is modified from Brad Spengler/PaX Team's PAX_USERCOPY code in the last public patch of grsecurity/PaX based on our understanding of the code. Changes or omissions from the original code are ours and don't reflect the original grsecurity/PaX code. David Windsor did the bulk of the

Re: [PATCH] selinux: constify nf_hook_ops

On Sat, Aug 26, 2017 at 6:47 AM, Arvind Yadav wrote: > nf_hook_ops are not supposed to change at runtime. nf_register_net_hooks > and nf_unregister_net_hooks are working with const nf_hook_ops. > So mark the non-const nf_hook_ops structs as const. > > Signed-off-by:

Re: [PATCH] selinux: constify nf_hook_ops

On Sat, Aug 26, 2017 at 6:47 AM, Arvind Yadav wrote: > nf_hook_ops are not supposed to change at runtime. nf_register_net_hooks > and nf_unregister_net_hooks are working with const nf_hook_ops. > So mark the non-const nf_hook_ops structs as const. > > Signed-off-by: Arvind Yadav > --- >

Re: [PATCH v4 3/4] dt-bindings: PCI: rockchip: Add support for pcie wake irq

On Fri, Aug 25, 2017 at 1:20 PM, Brian Norris wrote: > On Fri, Aug 25, 2017 at 01:14:39PM -0500, Rob Herring wrote: >> On Tue, Aug 22, 2017 at 11:19:33AM +0800, Jeffy Chen wrote: >> > Add an optional interrupt for PCIE_WAKE pin. >> > >> > Signed-off-by: Jeffy Chen

Re: [PATCH v4 3/4] dt-bindings: PCI: rockchip: Add support for pcie wake irq

On Fri, Aug 25, 2017 at 1:20 PM, Brian Norris wrote: > On Fri, Aug 25, 2017 at 01:14:39PM -0500, Rob Herring wrote: >> On Tue, Aug 22, 2017 at 11:19:33AM +0800, Jeffy Chen wrote: >> > Add an optional interrupt for PCIE_WAKE pin. >> > >> > Signed-off-by: Jeffy Chen >> > --- >> > >> > Changes in

Re: [PATCH] cpufreq: ti: Fix 'of_node_put' being called twice in error handling path

On Sunday, August 20, 2017 3:21:06 PM CEST Viresh Kumar wrote: > On 19-08-17, 22:22, Christophe JAILLET wrote: > > If 'dev_pm_opp_set_supported_hw()' fails, 'opp_data->opp_node' refcount > > will be decremented 2 times. > > One, just a few lines above, and another one in the error handling path. >

Re: [PATCH] cpufreq: ti: Fix 'of_node_put' being called twice in error handling path

On Sunday, August 20, 2017 3:21:06 PM CEST Viresh Kumar wrote: > On 19-08-17, 22:22, Christophe JAILLET wrote: > > If 'dev_pm_opp_set_supported_hw()' fails, 'opp_data->opp_node' refcount > > will be decremented 2 times. > > One, just a few lines above, and another one in the error handling path. >

Re: [PATCH v2] PM / AVS: rockchip-io: add io selectors and supplies for RV1108

On Tuesday, August 22, 2017 12:00:02 AM CEST Heiko Stuebner wrote: > Am Montag, 21. August 2017, 18:58:33 CEST schrieb David Wu: > > This adds the necessary data for handling io voltage domains on the RV1108. > > > > Signed-off-by: David Wu > > Reviewed-by: Heiko

Re: [PATCH v2] PM / AVS: rockchip-io: add io selectors and supplies for RV1108

On Tuesday, August 22, 2017 12:00:02 AM CEST Heiko Stuebner wrote: > Am Montag, 21. August 2017, 18:58:33 CEST schrieb David Wu: > > This adds the necessary data for handling io voltage domains on the RV1108. > > > > Signed-off-by: David Wu > > Reviewed-by: Heiko Stuebner > Patch applied,

Re: [PATCH v4 1/5] ACPI / blacklist: add acpi_match_platform_list()

On Monday, August 28, 2017 11:21:52 PM CEST Borislav Petkov wrote: > On Mon, Aug 28, 2017 at 10:55:07PM +0200, Rafael J. Wysocki wrote: > > So what about the [3-5/5] in this series? > > > > My current plan is to apply them too and expose a branch with them, can I > > go ahead with that? > > No,

Re: [PATCH v4 1/5] ACPI / blacklist: add acpi_match_platform_list()

On Monday, August 28, 2017 11:21:52 PM CEST Borislav Petkov wrote: > On Mon, Aug 28, 2017 at 10:55:07PM +0200, Rafael J. Wysocki wrote: > > So what about the [3-5/5] in this series? > > > > My current plan is to apply them too and expose a branch with them, can I > > go ahead with that? > > No,

Re: [PATCH 0/3] cpuidle: Rework the handling of the poll state

On Thursday, August 24, 2017 11:48:19 AM CEST Sudeep Holla wrote: > > On 23/08/17 22:18, Rafael J. Wysocki wrote: > > Hi, > > > > On x86 the fist idle state is a polling one, but the way it is set up is far > > from straightforward and then it is avoided by governors in rather somewhat > >

Re: [PATCH 0/3] cpuidle: Rework the handling of the poll state

On Thursday, August 24, 2017 11:48:19 AM CEST Sudeep Holla wrote: > > On 23/08/17 22:18, Rafael J. Wysocki wrote: > > Hi, > > > > On x86 the fist idle state is a polling one, but the way it is set up is far > > from straightforward and then it is avoided by governors in rather somewhat > >

Re: [PATCH v2 1/2] PM: docs: Describe high-level PM strategies and sleep states

On Monday, August 21, 2017 3:14:56 PM CEST Rafael J. Wysocki wrote: > From: Rafael J. Wysocki > > Reorganize the power management part of admin-guide by adding a > description of major power management strategies supported by the > kernel (system-wide and

Re: [PATCH v2 1/2] PM: docs: Describe high-level PM strategies and sleep states

On Monday, August 21, 2017 3:14:56 PM CEST Rafael J. Wysocki wrote: > From: Rafael J. Wysocki > > Reorganize the power management part of admin-guide by adding a > description of major power management strategies supported by the > kernel (system-wide and working-state power management) to it

<    1   2   3   4   5   6   7   8   9   10   >