4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Eric Anholt
commit 43523eba79bda8f5b4c27f8ffe20ea078d20113a upstream.
Without this, polling on the dma-buf (and presumably other devices
synchronizing against our rendering) would return
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Nicholas Bellinger
commit 4ff83daa0200affe1894bd33d17bac404e3d78d4 upstream.
During v4.3 when the overflow/underflow check was relaxed by
commit c72c525022:
commit
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Marcin Niestroj
commit 4eecbe81885180c9f6217ecfd679b1f285967218 upstream.
In case oldtrig == trig == NULL (which happens when we set none
trigger, when there is
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Marcin Niestroj
commit 4eecbe81885180c9f6217ecfd679b1f285967218 upstream.
In case oldtrig == trig == NULL (which happens when we set none
trigger, when there is already none set) there is a
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: David Sterba
commit cc2b702c52094b637a351d7491ac5200331d0445 upstream.
Variables start_idx and end_idx are supposed to hold a page index
derived from the file offsets. The
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: David Sterba
commit cc2b702c52094b637a351d7491ac5200331d0445 upstream.
Variables start_idx and end_idx are supposed to hold a page index
derived from the file offsets. The int type is not the
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Michael Bringmann
commit dc421b200f91930c9c6a9586810ff8c232cf10fc upstream.
When adding or removing memory, the aa_index (affinity value) for the
memblock must also
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Michael Bringmann
commit dc421b200f91930c9c6a9586810ff8c232cf10fc upstream.
When adding or removing memory, the aa_index (affinity value) for the
memblock must also be converted to match the
On 06/12/2017 11:14 AM, Tejun Heo wrote:
> Hello,
>
> On Mon, Jun 12, 2017 at 09:47:31AM -0500, Michael Bringmann wrote:
>>> I'm not sure because it doesn't make any logical sense and it's not
>>> right in terms of correctness. The above would be able to enable CPUs
>>> which are explicitly
On 06/12/2017 11:14 AM, Tejun Heo wrote:
> Hello,
>
> On Mon, Jun 12, 2017 at 09:47:31AM -0500, Michael Bringmann wrote:
>>> I'm not sure because it doesn't make any logical sense and it's not
>>> right in terms of correctness. The above would be able to enable CPUs
>>> which are explicitly
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Breno Leitao
commit 1195892c091a15cc862f4e202482a36adc924e12 upstream.
Currently tsk->thread->load_vec and load_fp are not initialized during
task creation, which can lead
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Breno Leitao
commit 1195892c091a15cc862f4e202482a36adc924e12 upstream.
Currently tsk->thread->load_vec and load_fp are not initialized during
task creation, which can lead to garbage values
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Breno Leitao
commit 7f22ced4377628074e2ac25f41a88f98eb3b03f1 upstream.
Currently tsk->thread.load_tm is not initialized in the task creation
and can contain garbage on a
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Breno Leitao
commit 7f22ced4377628074e2ac25f41a88f98eb3b03f1 upstream.
Currently tsk->thread.load_tm is not initialized in the task creation
and can contain garbage on a new task.
This is an
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Paolo Bonzini
commit 1123a6041654e8f889014659593bad4168e542c2 upstream.
Linu Cherian reported a WARN in cleanup_srcu_struct() when shutting
down a guest running iperf on
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Paolo Bonzini
commit 1123a6041654e8f889014659593bad4168e542c2 upstream.
Linu Cherian reported a WARN in cleanup_srcu_struct() when shutting
down a guest running iperf on a VFIO assigned
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Sinclair Yeh
commit 07678eca2cf9c9a18584e546c2b2a0d0c9a3150c upstream.
When vmw_gb_surface_define_ioctl() is called with an existing buffer,
we end up returning an
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Sinclair Yeh
commit 07678eca2cf9c9a18584e546c2b2a0d0c9a3150c upstream.
When vmw_gb_surface_define_ioctl() is called with an existing buffer,
we end up returning an uninitialized variable in
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Timur Tabi
commit 246096690be0742d9bb5f3456d2cb95b68f7b46d upstream.
Use software polling (PHY_POLL) to check for link state changes instead
of relying on the EMAC's
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Dan Carpenter
commit f0c62e9878024300319ba2438adc7b06c6b9c448 upstream.
If vmalloc() fails then we need to a bit of cleanup before returning.
Fixes: fb1d9738ca05
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Timur Tabi
commit 246096690be0742d9bb5f3456d2cb95b68f7b46d upstream.
Use software polling (PHY_POLL) to check for link state changes instead
of relying on the EMAC's hardware polling feature.
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Dan Carpenter
commit f0c62e9878024300319ba2438adc7b06c6b9c448 upstream.
If vmalloc() fails then we need to a bit of cleanup before returning.
Fixes: fb1d9738ca05 ("drm/vmwgfx: Add DRM driver
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Ben Skeggs
commit b4e382ca7586a63b6c1e5221ce0863ff867c2df6 upstream.
Reusing the list_head for both is a bad idea. Callback execution is done
with the lock dropped so
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: himanshu.madh...@cavium.com
commit cb590700e04d4f59179c44f360217f5ad04ae262 upstream.
Following messages are seen into system logs
qla2xxx [:09:00.0]-00af:9:
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Julius Werner
commit 32829da54d9368103a2f03269a5120aa9ee4d5da upstream.
A recent fix to /dev/mem prevents mappings from wrapping around the end
of physical address
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Julius Werner
commit 32829da54d9368103a2f03269a5120aa9ee4d5da upstream.
A recent fix to /dev/mem prevents mappings from wrapping around the end
of physical address space. However, the check
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Ben Skeggs
commit b4e382ca7586a63b6c1e5221ce0863ff867c2df6 upstream.
Reusing the list_head for both is a bad idea. Callback execution is done
with the lock dropped so that alarms can be
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: himanshu.madh...@cavium.com
commit cb590700e04d4f59179c44f360217f5ad04ae262 upstream.
Following messages are seen into system logs
qla2xxx [:09:00.0]-00af:9: Performing ISP error
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Takashi Iwai
commit ba3021b2c79b2fa9114f92790a99deb27a65b728 upstream.
snd_timer_user_tselect() reallocates the queue buffer dynamically, but
it forgot to reset its indices.
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Takashi Iwai
commit ba3021b2c79b2fa9114f92790a99deb27a65b728 upstream.
snd_timer_user_tselect() reallocates the queue buffer dynamically, but
it forgot to reset its indices. Since the read
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Takashi Iwai
commit 4efda5f2130da033aeedc5b3205569893b910de2 upstream.
soc_cleanup_card_resources() call snd_card_free() at the last of its
procedure. This turned out to lead
Commit-ID: 57de72125d34f83bfd39615fcc3cc25ca3b9c0ec
Gitweb: http://git.kernel.org/tip/57de72125d34f83bfd39615fcc3cc25ca3b9c0ec
Author: Arnd Bergmann
AuthorDate: Thu, 8 Jun 2017 10:55:33 +0200
Committer: Thomas Gleixner
CommitDate: Mon, 12 Jun 2017
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Takashi Iwai
commit 4efda5f2130da033aeedc5b3205569893b910de2 upstream.
soc_cleanup_card_resources() call snd_card_free() at the last of its
procedure. This turned out to lead to a
Commit-ID: 57de72125d34f83bfd39615fcc3cc25ca3b9c0ec
Gitweb: http://git.kernel.org/tip/57de72125d34f83bfd39615fcc3cc25ca3b9c0ec
Author: Arnd Bergmann
AuthorDate: Thu, 8 Jun 2017 10:55:33 +0200
Committer: Thomas Gleixner
CommitDate: Mon, 12 Jun 2017 19:00:55 +0200
cpu/hotplug: Remove
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Joe Carnuccio
commit ce6c668b146cc4f4442111e2bcee4c3af94e1ddf upstream.
Firmware dump allows for debugging customer issues. This patch fixes
start/end pointer
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Joe Carnuccio
commit 1d63496516c61e2e1351f10e6becbfc9ee511395 upstream.
Set bit (BIT_15) to send right ECHO payload information for Diagnostic
Echo Test command.
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Joe Carnuccio
commit ce6c668b146cc4f4442111e2bcee4c3af94e1ddf upstream.
Firmware dump allows for debugging customer issues. This patch fixes
start/end pointer calculation to capture T262
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Joe Carnuccio
commit 1d63496516c61e2e1351f10e6becbfc9ee511395 upstream.
Set bit (BIT_15) to send right ECHO payload information for Diagnostic
Echo Test command.
Signed-off-by: Joe Carnuccio
On Mon, Jun 12, 2017 at 11:58:23AM -0500, Yazen Ghannam wrote:
> From: Yazen Ghannam
>
> Fix typo in "poison consumption" error description.
>
> Signed-off-by: Yazen Ghannam
> ---
> drivers/edac/mce_amd.c | 2 +-
> 1 file changed, 1 insertion(+),
On Mon, Jun 12, 2017 at 11:58:23AM -0500, Yazen Ghannam wrote:
> From: Yazen Ghannam
>
> Fix typo in "poison consumption" error description.
>
> Signed-off-by: Yazen Ghannam
> ---
> drivers/edac/mce_amd.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
Applied, thanks.
--
Linus recently broke the printk without KERN_CONT behavior.
Fix it for uvesafb.
While there, convert printk(KERN_ to pr_.
Add pr_fmt and remove the embedded prefixes.
Miscellanea:
o Coalesce formats and realign arguments
o Add a missing space to a format when coalescing.
Signed-off-by: Joe
Linus recently broke the printk without KERN_CONT behavior.
Fix it for uvesafb.
While there, convert printk(KERN_ to pr_.
Add pr_fmt and remove the embedded prefixes.
Miscellanea:
o Coalesce formats and realign arguments
o Add a missing space to a format when coalescing.
Signed-off-by: Joe
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Wei Yongjun
commit a9de080bbcd5c4e213a3d7bbb1e314d60980e943 upstream.
Make sure dmi_system_id tables are NULL terminated.
Fixes: 703650278372 ("pinctrl: cherryview:
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Tejun Heo
commit 310b4816a5d8082416b4ab83e5a7b3cb92883a4d upstream.
a590b90d472f ("cgroup: fix spurious warnings on cgroup_is_dead() from
cgroup_sk_alloc()") converted most
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Michael Ellerman
commit ba4a648f12f4cd0a8003dd229b6ca8a53348ee4b upstream.
In commit 8c272261194d ("powerpc/numa: Enable USE_PERCPU_NUMA_NODE_ID"), we
switched to the
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Wei Yongjun
commit a9de080bbcd5c4e213a3d7bbb1e314d60980e943 upstream.
Make sure dmi_system_id tables are NULL terminated.
Fixes: 703650278372 ("pinctrl: cherryview: Add a quirk to make Acer
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Tejun Heo
commit 310b4816a5d8082416b4ab83e5a7b3cb92883a4d upstream.
a590b90d472f ("cgroup: fix spurious warnings on cgroup_is_dead() from
cgroup_sk_alloc()") converted most cgroup_get()
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Michael Ellerman
commit ba4a648f12f4cd0a8003dd229b6ca8a53348ee4b upstream.
In commit 8c272261194d ("powerpc/numa: Enable USE_PERCPU_NUMA_NODE_ID"), we
switched to the generic implementation
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Quinn Tran
commit 0ea88662b5c6404a8f7af6b040b3cf1f0e8c3a66 upstream.
Remove redundant fc_host_port_name calls to prevent early access of
scsi_host->shost_data buffer.
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Marc Zyngier
commit d6dbdd3c8558cad3b6d74cc357b408622d122331 upstream.
Under memory pressure, we start ageing pages, which amounts to parsing
the page tables. Since we
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Quinn Tran
commit 0ea88662b5c6404a8f7af6b040b3cf1f0e8c3a66 upstream.
Remove redundant fc_host_port_name calls to prevent early access of
scsi_host->shost_data buffer. This prevent null
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Marc Zyngier
commit d6dbdd3c8558cad3b6d74cc357b408622d122331 upstream.
Under memory pressure, we start ageing pages, which amounts to parsing
the page tables. Since we don't want to allocate
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Chandan Rajendra
commit a008c31c7ef9a4106dbadf21b3bcb7e89826a5d7 upstream.
On a ppc64 machine executing overlayfs/019 with xfs as the lower and
upper filesystem
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 90b4f30b6d15222a509dacf47f29efef2b22571e upstream.
The recent conversion to the hotplug state machine missed that the original
hotplug notifiers did
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Chandan Rajendra
commit a008c31c7ef9a4106dbadf21b3bcb7e89826a5d7 upstream.
On a ppc64 machine executing overlayfs/019 with xfs as the lower and
upper filesystem causes the following call
4.11-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 90b4f30b6d15222a509dacf47f29efef2b22571e upstream.
The recent conversion to the hotplug state machine missed that the original
hotplug notifiers did not execute in the
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: "Mintz, Yuval"
[ Upstream commit 3968d38917eb9bd0cd391265f6c9c538d9b33ffa ]
Apparently multi-cos isn't working for bnx2x quite some time -
driver implements
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: "Mintz, Yuval"
[ Upstream commit 3968d38917eb9bd0cd391265f6c9c538d9b33ffa ]
Apparently multi-cos isn't working for bnx2x quite some time -
driver implements ndo_select_queue() to allow
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Max Filippov
[ Upstream commit d220b942a4b6a0640aee78841608f4aa5e8e185e ]
ethoc_reset enables device interrupts, ethoc_interrupt may schedule a
NAPI poll before NAPI is
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Max Filippov
[ Upstream commit d220b942a4b6a0640aee78841608f4aa5e8e185e ]
ethoc_reset enables device interrupts, ethoc_interrupt may schedule a
NAPI poll before NAPI is enabled in the
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Niklas Cassel
[ Upstream commit 426849e6611f2092553f8d53372ae310818a6292 ]
stmmac_tso_allocator can fail to set the Last Descriptor bit
on a descriptor that actually
On Sat, Jun 10, 2017 at 12:36:40PM +0200, Pali Rohár wrote:
> On Saturday 10 June 2017 02:46:41 Darren Hart wrote:
> > On Fri, Jun 09, 2017 at 08:41:51AM +0200, Greg Kroah-Hartman wrote:
> > > On Sat, Jun 03, 2017 at 12:50:58PM -0700, Darren Hart wrote:
> > > > On Wed, May 10, 2017 at 07:13:41AM
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Niklas Cassel
[ Upstream commit 426849e6611f2092553f8d53372ae310818a6292 ]
stmmac_tso_allocator can fail to set the Last Descriptor bit
on a descriptor that actually was the last descriptor.
On Sat, Jun 10, 2017 at 12:36:40PM +0200, Pali Rohár wrote:
> On Saturday 10 June 2017 02:46:41 Darren Hart wrote:
> > On Fri, Jun 09, 2017 at 08:41:51AM +0200, Greg Kroah-Hartman wrote:
> > > On Sat, Jun 03, 2017 at 12:50:58PM -0700, Darren Hart wrote:
> > > > On Wed, May 10, 2017 at 07:13:41AM
Hi Grygorii,
> Am 12.06.2017 um 18:24 schrieb Grygorii Strashko :
>
>
>
> On 06/09/2017 11:59 PM, H. Nikolaus Schaller wrote:
>> Hi Grygorii,
>>
>>> Am 09.06.2017 um 18:25 schrieb Grygorii Strashko :
>>>
>>>
So please advise how
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: "David S. Miller"
[ Upstream commit 1b4af13ff2cc6897557bb0b8d9e2fad4fa4d67aa ]
Reported-by: Waldemar Brodkorb
Signed-off-by: David S. Miller
Hi Grygorii,
> Am 12.06.2017 um 18:24 schrieb Grygorii Strashko :
>
>
>
> On 06/09/2017 11:59 PM, H. Nikolaus Schaller wrote:
>> Hi Grygorii,
>>
>>> Am 09.06.2017 um 18:25 schrieb Grygorii Strashko :
>>>
>>>
So please advise how to proceed.
>>>
>>> You should request irq
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: "David S. Miller"
[ Upstream commit 1b4af13ff2cc6897557bb0b8d9e2fad4fa4d67aa ]
Reported-by: Waldemar Brodkorb
Signed-off-by: David S. Miller
Signed-off-by: Greg Kroah-Hartman
---
Commit-ID: 94114c367553f3301747e47f6947cabde947575f
Gitweb: http://git.kernel.org/tip/94114c367553f3301747e47f6947cabde947575f
Author: Stephen Boyd
AuthorDate: Wed, 7 Jun 2017 23:36:03 -0700
Committer: Thomas Gleixner
CommitDate: Mon, 12 Jun
Commit-ID: 94114c367553f3301747e47f6947cabde947575f
Gitweb: http://git.kernel.org/tip/94114c367553f3301747e47f6947cabde947575f
Author: Stephen Boyd
AuthorDate: Wed, 7 Jun 2017 23:36:03 -0700
Committer: Thomas Gleixner
CommitDate: Mon, 12 Jun 2017 18:56:01 +0200
tick/broadcast: Make
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Pavel Tatashin
[ Upstream commit 588974857359861891f478a070b1dc7ae04a3880 ]
After a wrap (getting a new context version) a process must get a new
context id, which
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Pavel Tatashin
[ Upstream commit 588974857359861891f478a070b1dc7ae04a3880 ]
After a wrap (getting a new context version) a process must get a new
context id, which means that we would need to
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Pavel Tatashin
[ Upstream commit c4415235b2be0cc791572e8e7f7466ab8f73a2bf ]
CTX_FIRST_VERSION defines the first context version, but also it defines
first context.
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Pavel Tatashin
[ Upstream commit c4415235b2be0cc791572e8e7f7466ab8f73a2bf ]
CTX_FIRST_VERSION defines the first context version, but also it defines
first context. This patch redefines it to
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Pavel Tatashin
[ Upstream commit a0582f26ec9dfd5360ea2f35dd9a1b026f8adda0 ]
The current wrap implementation has a race issue: it is called outside of
the
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Pavel Tatashin
[ Upstream commit a0582f26ec9dfd5360ea2f35dd9a1b026f8adda0 ]
The current wrap implementation has a race issue: it is called outside of
the ctx_alloc_lock, and also does not
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Mike Kravetz
[ Upstream commit 654f4807624a657f364417c2a7454f0df9961734 ]
When a TSB grows beyond its current capacity, a new TSB is allocated
and copy_tsb is called
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Mike Kravetz
[ Upstream commit 654f4807624a657f364417c2a7454f0df9961734 ]
When a TSB grows beyond its current capacity, a new TSB is allocated
and copy_tsb is called to copy entries from the
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Pavel Tatashin
[ Upstream commit 14d0334c6748ff2aedb3f2f7fdc51ee90a9b54e7 ]
The only difference between these two functions is that in activate_mm we
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Pavel Tatashin
[ Upstream commit 14d0334c6748ff2aedb3f2f7fdc51ee90a9b54e7 ]
The only difference between these two functions is that in activate_mm we
unconditionally flush context. However,
Initial S.A.R.A. framework setup.
Creation of a simplified interface to securityfs API to store and retrieve
configurations and flags from user-space.
Creation of some generic functions and macros to handle concurrent access
to configurations, memory allocation and path resolution.
Signed-off-by:
Initial S.A.R.A. framework setup.
Creation of a simplified interface to securityfs API to store and retrieve
configurations and flags from user-space.
Creation of some generic functions and macros to handle concurrent access
to configurations, memory allocation and path resolution.
Signed-off-by:
Creation of the S.A.R.A. cred blob management "API".
In order to allow S.A.R.A. to be stackable with other LSMs, it doesn't use
the "security" field of struct cred, instead it uses an ad hoc field named
security_sara.
This solution is probably not acceptable for upstream, so this part will
be
Creation of the S.A.R.A. cred blob management "API".
In order to allow S.A.R.A. to be stackable with other LSMs, it doesn't use
the "security" field of struct cred, instead it uses an ad hoc field named
security_sara.
This solution is probably not acceptable for upstream, so this part will
be
This allow S.A.R.A. to use the procattr interface without interfering
with other LSMs.
This part should be reimplemented as soon as upstream procattr stacking
support is available.
Signed-off-by: Salvatore Mesoraca
---
fs/proc/base.c | 38
This allow S.A.R.A. to use the procattr interface without interfering
with other LSMs.
This part should be reimplemented as soon as upstream procattr stacking
support is available.
Signed-off-by: Salvatore Mesoraca
---
fs/proc/base.c | 38 ++
From: Yazen Ghannam
Fix typo in "poison consumption" error description.
Signed-off-by: Yazen Ghannam
---
drivers/edac/mce_amd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/edac/mce_amd.c b/drivers/edac/mce_amd.c
From: Yazen Ghannam
Fix typo in "poison consumption" error description.
Signed-off-by: Yazen Ghannam
---
drivers/edac/mce_amd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/edac/mce_amd.c b/drivers/edac/mce_amd.c
index ba35b7e..9a2658a 100644
---
This allow processes to get current WX Protection flags for themselves or
for other processes of the same user.
It also allow a process to set itself flags to a stricter set of rules than
the current one.
Via a new wxprot flag (SARA_WXP_FORCE_WXORX) is it possible to ask the
kernel to rescan the
Introduction of S.A.R.A. WX Protection.
It aims to improve user-space programs security by applying:
- W^X enforcement
- W!->X (once writable never executable) mprotect restriction
- Executable MMAP prevention
All of the above features can be enabled or disabled both system wide
or on a per
This allow processes to get current WX Protection flags for themselves or
for other processes of the same user.
It also allow a process to set itself flags to a stricter set of rules than
the current one.
Via a new wxprot flag (SARA_WXP_FORCE_WXORX) is it possible to ask the
kernel to rescan the
Introduction of S.A.R.A. WX Protection.
It aims to improve user-space programs security by applying:
- W^X enforcement
- W!->X (once writable never executable) mprotect restriction
- Executable MMAP prevention
All of the above features can be enabled or disabled both system wide
or on a per
Creation of a new LSM hook that can be used to authorize or deauthorize
new USB devices via the usb authorization interface.
The same hook can also prevent the authorization of a USB device via
"/sys/bus/usb/devices/DEVICE/authorized".
Using this hook an LSM could provide an higher level of
Introduction of S.A.R.A. USB Filtering.
It uses the "usb_device_auth" LSM hook to provide a mechanism to decide
which USB devices should be authorized to connect to the system and
which shouldn't.
The main goal is to narrow the attack surface for custom USB devices
designed to exploit
Creation of a new LSM hook that can be used to authorize or deauthorize
new USB devices via the usb authorization interface.
The same hook can also prevent the authorization of a USB device via
"/sys/bus/usb/devices/DEVICE/authorized".
Using this hook an LSM could provide an higher level of
Introduction of S.A.R.A. USB Filtering.
It uses the "usb_device_auth" LSM hook to provide a mechanism to decide
which USB devices should be authorized to connect to the system and
which shouldn't.
The main goal is to narrow the attack surface for custom USB devices
designed to exploit
Creation of a new hook to let LSM modules handle user-space pagefaults on
x86.
It can be used to avoid segfaulting the originating process.
If it's the case it can modify process registers before returning.
Signed-off-by: Salvatore Mesoraca
Cc: x...@kernel.org
Cc: Ingo
Creation of a new LSM hook to check if a given configuration of vmflags,
for a new memory allocation request, should be allowed or not.
It's placed in "do_mmap", "do_brk_flags" and "__install_special_mapping".
Signed-off-by: Salvatore Mesoraca
Cc: linux...@kvack.org
---
Adding documentation for S.A.R.A. LSM.
Signed-off-by: Salvatore Mesoraca
---
Documentation/admin-guide/kernel-parameters.txt | 40 +
Documentation/security/00-INDEX | 2 +
Documentation/security/SARA.rst | 192
Creation of a new hook to let LSM modules handle user-space pagefaults on
x86.
It can be used to avoid segfaulting the originating process.
If it's the case it can modify process registers before returning.
Signed-off-by: Salvatore Mesoraca
Cc: x...@kernel.org
Cc: Ingo Molnar
---
901 - 1000 of 2522 matches
Mail list logo