Hi all,
Today's linux-next merge of the kvm tree got a conflict in:
arch/powerpc/kernel/Makefile
between commit:
27d114966735 ("powerpc/32: Remove RELOCATABLE_PPC32")
from the powerpc tree and commit:
fd7bacbca47a ("KVM: PPC: Book3S HV: Fix TB corruption in guest exit path on
HMI
From: Benjamin Herrenschmidt
There is little enough differences now.
mpe: Add a/p/k/setup.h to contain the prototypes and empty versions of
functions we need, rather than using weak functions. Add a few other
empty versions to avoid as many #ifdefs as possible in the
Michael Ellerman writes:
> From: Benjamin Herrenschmidt
>
> There is little enough differences now.
>
> Signed-off-by: Benjamin Herrenschmidt
> [mpe: Add empty versions using #ifdef in setup.h rather than weak functions]
From: Wei Yongjun
Date: Tue, 19 Jul 2016 11:25:03 +
> From: Wei Yongjun
>
> Remove .owner field if calls are used which set it automatically.
>
> Generated by: scripts/coccinelle/api/platform_no_drv_owner.cocci
>
> Signed-off-by: Wei
From: Wei Yongjun
Date: Tue, 19 Jul 2016 11:25:16 +
> From: Wei Yongjun
>
> module_platform_driver() makes the code simpler by eliminating
> boilerplate code.
>
> Signed-off-by: Wei Yongjun
Applied.
Enables CONFIG_HARDENED_USERCOPY checks on s390.
Signed-off-by: Kees Cook
---
arch/s390/Kconfig | 1 +
arch/s390/lib/uaccess.c | 2 ++
2 files changed, 3 insertions(+)
diff --git a/arch/s390/Kconfig b/arch/s390/Kconfig
index a8c259059adf..9f694311c9ed 100644
---
On Wednesday, July 20, 2016 1:31:48 PM CEST Scott Wood wrote:
> On Wed, 2016-07-20 at 13:24 +0200, Arnd Bergmann wrote:
> > On Saturday, July 16, 2016 9:50:21 PM CEST Scott Wood wrote:
> > >
> > > From: yangbo lu
> > >
> > > Move mpc85xx.h to include/linux/fsl and rename it
Enables CONFIG_HARDENED_USERCOPY checks on sparc.
Based on code from PaX and grsecurity.
Signed-off-by: Kees Cook
---
arch/sparc/Kconfig | 1 +
arch/sparc/include/asm/uaccess_32.h | 14 ++
arch/sparc/include/asm/uaccess_64.h | 11 +--
Under CONFIG_HARDENED_USERCOPY, this adds object size checking to the
SLUB allocator to catch any copies that may span objects. Includes a
redzone handling fix discovered by Michael Ellerman.
Based on code from PaX and grsecurity.
Signed-off-by: Kees Cook
Tested-by:
Under CONFIG_HARDENED_USERCOPY, this adds object size checking to the
SLAB allocator to catch any copies that may span objects.
Based on code from PaX and grsecurity.
Signed-off-by: Kees Cook
Tested-by: Valdis Kletnieks
---
init/Kconfig | 1 +
This is the start of porting PAX_USERCOPY into the mainline kernel. This
is the first set of features, controlled by CONFIG_HARDENED_USERCOPY. The
work is based on code by PaX Team and Brad Spengler, and an earlier port
from Casey Schaufler. Additional non-slab page tests are from Rik van Riel.
Enables CONFIG_HARDENED_USERCOPY checks on powerpc.
Based on code from PaX and grsecurity.
Signed-off-by: Kees Cook
Tested-by: Michael Ellerman
---
arch/powerpc/Kconfig | 1 +
arch/powerpc/include/asm/uaccess.h | 21
Enables CONFIG_HARDENED_USERCOPY checks on ia64.
Based on code from PaX and grsecurity.
Signed-off-by: Kees Cook
---
arch/ia64/Kconfig | 1 +
arch/ia64/include/asm/uaccess.h | 18 +++---
2 files changed, 16 insertions(+), 3 deletions(-)
diff
Enables CONFIG_HARDENED_USERCOPY checks on arm64. As done by KASAN in -next,
renames the low-level functions to __arch_copy_*_user() so a static inline
can do additional work before the copy.
Signed-off-by: Kees Cook
---
arch/arm64/Kconfig | 1 +
Enables CONFIG_HARDENED_USERCOPY checks on arm.
Based on code from PaX and grsecurity.
Signed-off-by: Kees Cook
---
arch/arm/Kconfig | 1 +
arch/arm/include/asm/uaccess.h | 11 +--
2 files changed, 10 insertions(+), 2 deletions(-)
diff --git
Enables CONFIG_HARDENED_USERCOPY checks on x86. This is done both in
copy_*_user() and __copy_*_user() because copy_*_user() actually calls
down to _copy_*_user() and not __copy_*_user().
Based on code from PaX and grsecurity.
Signed-off-by: Kees Cook
Tested-by: Valdis
From: Laura Abbott
Code such as hardened user copy[1] needs a way to tell if a
page is CMA or not. Add is_migrate_cma_page in a similar way
to is_migrate_isolate_page.
[1]http://article.gmane.org/gmane.linux.kernel.mm/155238
Signed-off-by: Laura Abbott
Hi,
[This is now in my kspp -next tree, though I'd really love to add some
additional explicit Tested-bys, Reviewed-bys, or Acked-bys. If you've
looked through any part of this or have done any testing, please consider
sending an email with your "*-by:" line. :)]
This is a start of the mainline
This creates per-architecture function arch_within_stack_frames() that
should validate if a given object is contained by a kernel stack frame.
Initial implementation is on x86.
This is based on code from PaX.
Signed-off-by: Kees Cook
---
arch/Kconfig
On Wed, 2016-07-20 at 13:24 +0200, Arnd Bergmann wrote:
> On Saturday, July 16, 2016 9:50:21 PM CEST Scott Wood wrote:
> >
> > From: yangbo lu
> >
> > Move mpc85xx.h to include/linux/fsl and rename it to svr.h as a common
> > header file. This SVR numberspace is used on some
On Wed, Jul 20, 2016 at 9:02 AM, David Laight wrote:
> From: Kees Cook
>> Sent: 20 July 2016 16:32
> ...
>> Yup: that's exactly what it's doing: walking up the stack. :)
>
> Remind me to make sure all our customers run kernels with it disabled.
What's your concern with
On Wed, 2016-07-20 at 16:02 +, David Laight wrote:
> From: Kees Cook
> > Sent: 20 July 2016 16:32
> ...
> > Yup: that's exactly what it's doing: walking up the stack. :)
>
> Remind me to make sure all our customers run kernels with it
> disabled.
You want a single copy_from_user to write to
From: Kees Cook
> Sent: 20 July 2016 16:32
...
> Yup: that's exactly what it's doing: walking up the stack. :)
Remind me to make sure all our customers run kernels with it disabled.
David
___
Linuxppc-dev mailing list
Am Mittwoch, 20 Juli 2016, 13:12:20 schrieb Arnd Bergmann:
> On Wednesday, July 20, 2016 8:47:45 PM CEST Michael Ellerman wrote:
> > At least for stdout-path, I can't really see how that would
> > significantly help an attacker, but I'm all ears if anyone has ideas.
>
> That's actually an easy
On 07/20/2016 03:24 AM, Balbir Singh wrote:
On Tue, 2016-07-19 at 11:48 -0700, Kees Cook wrote:
On Mon, Jul 18, 2016 at 6:06 PM, Laura Abbott wrote:
On 07/15/2016 02:44 PM, Kees Cook wrote:
This doesn't work when copying CMA allocated memory since CMA purposely
allocates
On Wed, Jul 20, 2016 at 2:52 AM, David Laight wrote:
> From: Kees Cook
>> Sent: 15 July 2016 22:44
>> This is a start of the mainline port of PAX_USERCOPY[1].
> ...
>> - if address range is in the current process stack, it must be within the
>> current stack frame (if
On Tue, Jul 19, 2016 at 10:36:26AM -0300, Paulo Flabiano Smorigo wrote:
> Ignore assembly files generated by the perl script.
>
> Signed-off-by: Paulo Flabiano Smorigo
Patch applied. Thanks.
--
Email: Herbert Xu
Home Page:
On Wed, 20 Jul 2016, SF Markus Elfring wrote:
> From: Markus Elfring
> Date: Wed, 20 Jul 2016 15:10:32 +0200
>
> The of_node_put() function tests whether its argument is NULL
> and then returns immediately.
> Thus the test around the call is not needed.
>
> This
From: Markus Elfring
Date: Wed, 20 Jul 2016 15:10:32 +0200
The of_node_put() function tests whether its argument is NULL
and then returns immediately.
Thus the test around the call is not needed.
This issue was detected by using the Coccinelle software.
From: Paulo Flabiano Smorigo
> Sent: 19 July 2016 14:36
> Ignore assembly files generated by the perl script.
...
> diff --git a/drivers/crypto/vmx/.gitignore b/drivers/crypto/vmx/.gitignore
> new file mode 100644
> index 000..af4a7ce
> --- /dev/null
> +++ b/drivers/crypto/vmx/.gitignore
> @@
On Wed, Jul 20, 2016 at 09:35:30AM +0100, Russell King - ARM Linux wrote:
> On Wed, Jul 20, 2016 at 01:45:42PM +1000, Balbir Singh wrote:
> > > IOW, if your kernel forced signature verification, you should not be
> > > able to do sig_enforce=0. If you kernel did not have
> > >
On Wed, Jul 20, 2016 at 01:45:42PM +1000, Balbir Singh wrote:
> >
> > Command line options are not signed. I thought idea behind secureboot
> > was to execute only trusted code and command line options don't enforce
> > you to execute unsigned code.
> >
> >>
> >> You can
From: Dave Young
> On 07/15/16 at 02:19pm, Mark Rutland wrote:
> > On Fri, Jul 15, 2016 at 09:09:55AM -0400, Vivek Goyal wrote:
> > > On Tue, Jul 12, 2016 at 10:42:01AM +0900, AKASHI Takahiro wrote:
> > >
> > > [..]
> > > > -SYSCALL_DEFINE5(kexec_file_load, int, kernel_fd, int, initrd_fd,
> > > >
PING.
Regards,
Yuantian
> -Original Message-
> From: Scott Wood [mailto:o...@buserror.net]
> Sent: Saturday, July 09, 2016 5:07 AM
> To: Michael Turquette ; Russell King
> ; Stephen Boyd ; Viresh
> Kumar
On Saturday, July 16, 2016 9:50:21 PM CEST Scott Wood wrote:
> From: yangbo lu
>
> Move mpc85xx.h to include/linux/fsl and rename it to svr.h as a common
> header file. This SVR numberspace is used on some ARM chips as well as
> PPC, and even to check for a PPC SVR multi-arch
On Wednesday, July 20, 2016 8:47:45 PM CEST Michael Ellerman wrote:
> At least for stdout-path, I can't really see how that would significantly help
> an attacker, but I'm all ears if anyone has ideas.
That's actually an easy one that came up before: If an attacker controls
a tty device (e.g.
Russell King - ARM Linux writes:
> On Wed, Jul 20, 2016 at 01:45:42PM +1000, Balbir Singh wrote:
>> > IOW, if your kernel forced signature verification, you should not be
>> > able to do sig_enforce=0. If you kernel did not have
>> > CONFIG_MODULE_SIG_FORCE=y, then
On Tue, 2016-07-19 at 11:48 -0700, Kees Cook wrote:
> On Mon, Jul 18, 2016 at 6:06 PM, Laura Abbott wrote:
> >
> > On 07/15/2016 02:44 PM, Kees Cook wrote:
> >
> > This doesn't work when copying CMA allocated memory since CMA purposely
> > allocates larger than a page block
Paolo Bonzini writes:
> On 20/07/2016 07:46, Michael Ellerman wrote:
>> Thanks.
>>
>> Acked-by: Michael Ellerman
>>
>> Or do you want me to merge this before Paul gets back?
>
> No, this should be merged through the KVM tree. Please Cc the KVM
>
From: Kees Cook
> Sent: 15 July 2016 22:44
> This is a start of the mainline port of PAX_USERCOPY[1].
...
> - if address range is in the current process stack, it must be within the
> current stack frame (if such checking is possible) or at least entirely
> within the current process's stack.
On Mon, 2016-11-07 at 22:16:27 UTC, Tyrel Datwyler wrote:
> PowerVM seems to only ever provide a single hotplug slot per PHB.
> The under lying slot hotplug registration code assumed multiple slots,
> but the actual implementation is broken for multiple slots. This went
> unnoticed for years due
On Tue, 2016-19-07 at 02:33:35 UTC, Ian Munsie wrote:
> From: Ian Munsie
>
> pnv_cxl_enable_phb_kernel_api() grabs a reference to the cxl module to
> prevent it from being unloaded after the PHB has been switched to CX4 mode.
> This breaks the build when CONFIG_MODULES=n as
On Mon, 2016-18-07 at 04:52:57 UTC, Andrew Donnellan wrote:
> Remove the CXL_KERNEL_API and CXL_EEH Kconfig options, as they were only
> needed to coordinate the merging of the cxlflash driver. Also remove the
> stub implementation of cxl_perst_reloads_same_image() in cxlflash which is
> only used
On Fri, 2016-15-07 at 07:20:36 UTC, Andrew Donnellan wrote:
> If kzalloc() fails when allocating adapter->guest in
> cxl_guest_init_adapter(), we call free_adapter() before erroring out.
> free_adapter() in turn attempts to dereference adapter->guest, which in
> this case is NULL.
>
> In
On Fri, 2016-15-07 at 11:04:26 UTC, Michael Ellerman wrote:
> From: "Aneesh Kumar K.V"
>
> This makes it easy to verify we are not overloading the bits.
> No functionality change by this patch.
>
> mpe: Cleanup more. Completely fixup whitespace, convert all UL
On Wed, 2016-13-07 at 01:14:38 UTC, Kevin Hao wrote:
> In the current code, the RELOCATABLE will be forcedly enabled when
> enabling CRASH_DUMP. But for ppc32, the RELOCABLE also depend on
> ADVANCED_OPTIONS and select NONSTATIC_KERNEL. This will cause the
> following build error when CRASH_DUMP=y
On Thu, 2016-07-07 at 15:00:34 UTC, John Allen wrote:
> In support of PAPR changes to add a new hotplug interrupt, introduce a
> hotplug workqueue to avoid processing hotplug events in interrupt context.
> We will also take advantage of the queue on PowerVM to ensure hotplug
> events initiated
On Mon, Jul 18, 2016 at 11:28:30AM +1000, Cyril Bur wrote:
> On Sun, 17 Jul 2016 11:25:43 +0800
>
> The aim of this patch is to ensure that pt_regs, fp_state and vr_state always
> hold a threads 'live' registers. So, after a recheckpoint fp_state is where
> the
> the state should be.
On Wed, Jul 20, 2016 at 01:41:36PM +1000, Sam Bobroff wrote:
> Introduce a new KVM capability, KVM_CAP_PPC_HTM, that can be queried to
> determine if a PowerPC KVM guest should use HTM (Hardware Transactional
> Memory).
>
> This will be used by QEMU to populate the pa-features bits in the
>
On Wed, Jul 20, 2016 at 02:26:51PM +1000, Alexey Kardashevskiy wrote:
> The iommu_table_ops::exchange() callback writes new TCE to the table
> and returns old value and permission mask. The old TCE value is
> correctly converted from BE to CPU endian; however permission mask
> was calculated from
From: Benjamin Herrenschmidt
There is little enough differences now.
Signed-off-by: Benjamin Herrenschmidt
[mpe: Add empty versions using #ifdef in setup.h rather than weak functions]
Signed-off-by: Michael Ellerman
---
On Wed, Jul 20, 2016 at 01:45:42PM +1000, Balbir Singh wrote:
> > IOW, if your kernel forced signature verification, you should not be
> > able to do sig_enforce=0. If you kernel did not have
> > CONFIG_MODULE_SIG_FORCE=y, then sig_enforce should be 0 by default anyway
> > and you are not making
On 20/07/2016 07:46, Michael Ellerman wrote:
> Thanks.
>
> Acked-by: Michael Ellerman
>
> Or do you want me to merge this before Paul gets back?
No, this should be merged through the KVM tree. Please Cc the KVM
maintainers before offering to apply a patch that formally
On Fri, Jun 24, 2016 at 10:38 PM, Rob Herring wrote:
> On Fri, Jun 17, 2016 at 2:51 AM, Mathieu Malaterre
> wrote:
>> v3 tested here multiple times ! memleak is now gone.
>>
>> Tested-by: Mathieu Malaterre
>>
>>
54 matches
Mail list logo