2501 commits
Author | SHA1 | Message | Date | |
---|---|---|---|---|
Matthias Maennich
|
9790f49ad8 |
ANDROID: Add OWNERS files referring to the respective android-mainline OWNERS
This was generated with $ build/synchronize_owners common-mainline/ android-mainline common-4.19-stable Bug: 184248201 Signed-off-by: Matthias Maennich <maennich@google.com> Change-Id: I5e56eb34fcbb5a2a013dd03bc9dcc4f159fb90de |
||
Greg Kroah-Hartman
|
4266b7dc92 |
This is the 4.19.179 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmBEtr4ACgkQONu9yGCS aT4XKBAAsMHn1gRHESusKj1zToyBDJL5fQW6nWbUuwZKh+q7KLPF45dWgRbTShKl 5HAEN+wTGTx0MkQ1yMs6zr49Ck0z63WRQ5rk48dznPDlJMMWu5oK+hpHU5n/z82v /y6n2+d2xzpxWIVQYFC6pryjbeNJ2NcnAyrIimput86MK7vz1GZWsjAq+SP92kaZ xzK4mUlZg6gLr+IMuuNnkHxbmWku32Ucw1qQ24/dAv7OF+BzfaoD2SpKp3yac6jM OOZgEnlO+kB8m0G+iYM+yslpvxrs8jlLlJKGdf3fQA5Q9JKNNaNmZezjp3FWYXBR u+t4JDOjjyBt7/s83AJ8+zGLxniQBLmF1BRgbxcFCIv/AN2DeSIFA4xaK6xLGzKL rDm4PMhVWjCMN5heB644OOT0tx0k/h2Y/hO8gMRoMcycFhoRp10a0Vw2bQRKBVak k3iXRIUv9Ypkpe5zLIN+icnt8ztgo2IJ3MR2VyMpENiBnRfLvAammwCXRC9pB/nR 225uMlCzwYAJfnVJ40FUbw/jTqyB9XhmAl3l2alYS6eiEVNmp9c4Vv4B6f2Uylk1 oYdF+ABtFlWZSsbB7vqIJW8Wrew/FPkJrQnTW8hVhkV46Ry4FRiN2y/+1B6WrZ9j 1UvSEwyYVITSB0wWsZRTrwxXjAivY57yCknCR7uHkJHTsXgPkyw= =7KpC -----END PGP SIGNATURE----- Merge 4.19.179 into android-4.19-stable Changes in 4.19.179 net: usb: qmi_wwan: support ZTE P685M modem hugetlb: fix update_and_free_page contig page struct assumption drm/virtio: use kvmalloc for large allocations virtio/s390: implement virtio-ccw revision 2 correctly arm64 module: set plt* section addresses to 0x0 arm64: Avoid redundant type conversions in xchg() and cmpxchg() arm64: cmpxchg: Use "K" instead of "L" for ll/sc immediate constraint arm64: Use correct ll/sc atomic constraints MIPS: VDSO: Use CLANG_FLAGS instead of filtering out '--target=' JFS: more checks for invalid superblock udlfb: Fix memory leak in dlfb_usb_probe media: mceusb: sanity check for prescaler value xfs: Fix assert failure in xfs_setattr_size() smackfs: restrict bytes count in smackfs write functions net: fix up truesize of cloned skb in skb_prepare_for_shift() mm/hugetlb.c: fix unnecessary address expansion of pmd sharing net: bridge: use switchdev for port flags set through sysfs too dt-bindings: net: btusb: DT fix s/interrupt-name/interrupt-names/ rsi: Fix TX EAPOL packet handling against iwlwifi AP rsi: Move card interrupt handling to RX thread staging: fwserial: Fix error handling in fwserial_create x86/reboot: Add Zotac ZBOX CI327 nano PCI reboot quirk vt/consolemap: do font sum unsigned wlcore: Fix command execute failure 19 for wl12xx Bluetooth: hci_h5: Set HCI_QUIRK_SIMULTANEOUS_DISCOVERY for btrtl pktgen: fix misuse of BUG_ON() in pktgen_thread_worker() ath10k: fix wmi mgmt tx queue full due to race condition x86/build: Treat R_386_PLT32 relocation as R_386_PC32 Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data staging: most: sound: add sanity check for function argument crypto: tcrypt - avoid signed overflow in byte count PCI: Add a REBAR size quirk for Sapphire RX 5600 XT Pulse drm/amd/display: Guard against NULL pointer deref when get_i2c_info fails media: uvcvideo: Allow entities with no pads f2fs: handle unallocated section and zone on pinned/atgc f2fs: fix to set/clear I_LINKABLE under i_lock btrfs: fix error handling in commit_fs_roots parisc: Bump 64-bit IRQ stack size to 64 KB ASoC: Intel: bytcr_rt5640: Add quirk for the Estar Beauty HD MID 7316R tablet ASoC: Intel: bytcr_rt5640: Add quirk for the Voyo Winpad A15 tablet ASoC: Intel: bytcr_rt5640: Add quirk for the Acer One S1002 tablet scsi: iscsi: Restrict sessions and handles to admin capabilities sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE scsi: iscsi: Verify lengths on passthrough PDUs Xen/gnttab: handle p2m update errors on a per-slot basis xen-netback: respect gnttab_map_refs()'s return value zsmalloc: account the number of compacted pages correctly swap: fix swapfile read/write offset media: v4l: ioctl: Fix memory leak in video_usercopy ALSA: hda/realtek: Add quirk for Clevo NH55RZQ ALSA: hda/realtek: Apply dual codec quirks for MSI Godlike X570 board Linux 4.19.179 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I3a22f45d69254beca09db0f33bc3cab3a0cadf80 |
||
Ard Biesheuvel
|
2fd58d8bb0 |
crypto: tcrypt - avoid signed overflow in byte count
[ Upstream commit 303fd3e1c771077e32e96e5788817f025f0067e2 ] The signed long type used for printing the number of bytes processed in tcrypt benchmarks limits the range to -/+ 2 GiB, which is not sufficient to cover the performance of common accelerated ciphers such as AES-NI when benchmarked with sec=1. So switch to u64 instead. While at it, fix up a missing printk->pr_cont conversion in the AEAD benchmark. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Greg Kroah-Hartman
|
6455a150fa |
Merge 4.19.178 into android-4.19-stable
Changes in 4.19.178 HID: make arrays usage and value to be the same USB: quirks: sort quirk entries usb: quirks: add quirk to start video capture on ELMO L-12F document camera reliable ntfs: check for valid standard information attribute arm64: tegra: Add power-domain for Tegra210 HDA scripts: use pkg-config to locate libcrypto scripts: set proper OpenSSL include dir also for sign-file block: add helper for checking if queue is registered block: split .sysfs_lock into two locks block: fix race between switching elevator and removing queues block: don't release queue's sysfs lock during switching elevator NET: usb: qmi_wwan: Adding support for Cinterion MV31 cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath. scripts/recordmcount.pl: support big endian for ARCH sh jump_label/lockdep: Assert we hold the hotplug lock for _cpuslocked() operations locking/static_key: Fix false positive warnings on concurrent dec/inc vmlinux.lds.h: add DWARF v5 sections kdb: Make memory allocations more robust PCI: qcom: Use PHY_REFCLK_USE_PAD only for ipq8064 bfq: Avoid false bfq queue merging ALSA: usb-audio: Fix PCM buffer allocation in non-vmalloc mode MIPS: vmlinux.lds.S: add missing PAGE_ALIGNED_DATA() section random: fix the RNDRESEEDCRNG ioctl ath10k: Fix error handling in case of CE pipe init failure Bluetooth: btqcomsmd: Fix a resource leak in error handling paths in the probe function Bluetooth: Fix initializing response id after clearing struct ARM: dts: exynos: correct PMIC interrupt trigger level on Artik 5 ARM: dts: exynos: correct PMIC interrupt trigger level on Monk ARM: dts: exynos: correct PMIC interrupt trigger level on Rinato ARM: dts: exynos: correct PMIC interrupt trigger level on Spring ARM: dts: exynos: correct PMIC interrupt trigger level on Arndale Octa ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid XU3 family arm64: dts: exynos: correct PMIC interrupt trigger level on TM2 arm64: dts: exynos: correct PMIC interrupt trigger level on Espresso bpf: Avoid warning when re-casting __bpf_call_base into __bpf_call_base_args arm64: dts: allwinner: A64: properly connect USB PHY to port 0 arm64: dts: allwinner: Drop non-removable from SoPine/LTS SD card arm64: dts: allwinner: A64: Limit MMC2 bus frequency to 150 MHz cpufreq: brcmstb-avs-cpufreq: Free resources in error path cpufreq: brcmstb-avs-cpufreq: Fix resource leaks in ->remove() ACPICA: Fix exception code class checks usb: gadget: u_audio: Free requests only after callback Bluetooth: drop HCI device reference before return Bluetooth: Put HCI device if inquiry procedure interrupts memory: ti-aemif: Drop child node when jumping out loop ARM: dts: Configure missing thermal interrupt for 4430 usb: dwc2: Do not update data length if it is 0 on inbound transfers usb: dwc2: Abort transaction after errors with unknown reason usb: dwc2: Make "trimming xfer length" a debug message staging: rtl8723bs: wifi_regd.c: Fix incorrect number of regulatory rules ARM: dts: armada388-helios4: assign pinctrl to LEDs ARM: dts: armada388-helios4: assign pinctrl to each fan arm64: dts: msm8916: Fix reserved and rfsa nodes unit address ARM: s3c: fix fiq for clang IAS soc: aspeed: snoop: Add clock control logic bpf_lru_list: Read double-checked variable once without lock ath9k: fix data bus crash when setting nf_override via debugfs ibmvnic: Set to CLOSED state even on error bnxt_en: reverse order of TX disable and carrier off xen/netback: fix spurious event detection for common event case mac80211: fix potential overflow when multiplying to u32 integers bpf: Fix bpf_fib_lookup helper MTU check for SKB ctx tcp: fix SO_RCVLOWAT related hangs under mem pressure cxgb4/chtls/cxgbit: Keeping the max ofld immediate data size same in cxgb4 and ulds b43: N-PHY: Fix the update of coef for the PHY revision >= 3case ibmvnic: add memory barrier to protect long term buffer ibmvnic: skip send_request_unmap for timeout reset net: amd-xgbe: Reset the PHY rx data path when mailbox command timeout net: amd-xgbe: Fix NETDEV WATCHDOG transmit queue timeout warning net: amd-xgbe: Reset link when the link never comes back net: amd-xgbe: Fix network fluctuations when using 1G BELFUSE SFP net: mvneta: Remove per-cpu queue mapping for Armada 3700 fbdev: aty: SPARC64 requires FB_ATY_CT drm/gma500: Fix error return code in psb_driver_load() gma500: clean up error handling in init crypto: sun4i-ss - fix kmap usage drm/amdgpu: Fix macro name _AMDGPU_TRACE_H_ in preprocessor if condition MIPS: c-r4k: Fix section mismatch for loongson2_sc_init MIPS: lantiq: Explicitly compare LTQ_EBU_PCC_ISTAT against 0 media: i2c: ov5670: Fix PIXEL_RATE minimum value media: camss: missing error code in msm_video_register() media: vsp1: Fix an error handling path in the probe function media: em28xx: Fix use-after-free in em28xx_alloc_urbs media: media/pci: Fix memleak in empress_init media: tm6000: Fix memleak in tm6000_start_stream ASoC: cs42l56: fix up error handling in probe crypto: bcm - Rename struct device_private to bcm_device_private drm/amd/display: Fix 10/12 bpc setup in DCE output bit depth reduction. media: lmedm04: Fix misuse of comma media: qm1d1c0042: fix error return code in qm1d1c0042_init() media: cx25821: Fix a bug when reallocating some dma memory media: pxa_camera: declare variable when DEBUG is defined media: uvcvideo: Accept invalid bFormatIndex and bFrameIndex values crypto: talitos - Work around SEC6 ERRATA (AES-CTR mode data size error) ata: ahci_brcm: Add back regulators management ASoC: cpcap: fix microphone timeslot mask f2fs: fix to avoid inconsistent quota data drm/amdgpu: Prevent shift wrapping in amdgpu_read_mask() Drivers: hv: vmbus: Avoid use-after-free in vmbus_onoffer_rescind() btrfs: clarify error returns values in __load_free_space_cache hwrng: timeriomem - Fix cooldown period calculation crypto: ecdh_helper - Ensure 'len >= secret.len' in decode_key() ima: Free IMA measurement buffer on error ima: Free IMA measurement buffer after kexec syscall fs/jfs: fix potential integer overflow on shift of a int jffs2: fix use after free in jffs2_sum_write_data() capabilities: Don't allow writing ambiguous v3 file capabilities clk: meson: clk-pll: fix initializing the old rate (fallback) for a PLL quota: Fix memory leak when handling corrupted quota file spi: cadence-quadspi: Abort read if dummy cycles required are too many clk: sunxi-ng: h6: Fix CEC clock HID: core: detect and skip invalid inputs to snto32() dmaengine: fsldma: Fix a resource leak in the remove function dmaengine: fsldma: Fix a resource leak in an error handling path of the probe function dmaengine: owl-dma: Fix a resource leak in the remove function dmaengine: hsu: disable spurious interrupt mfd: bd9571mwv: Use devm_mfd_add_devices() fdt: Properly handle "no-map" field in the memory region of/fdt: Make sure no-map does not remove already reserved regions power: reset: at91-sama5d2_shdwc: fix wkupdbc mask rtc: s5m: select REGMAP_I2C clocksource/drivers/mxs_timer: Add missing semicolon when DEBUG is defined RDMA/mlx5: Use the correct obj_id upon DEVX TIR creation clk: sunxi-ng: h6: Fix clock divider range on some clocks regulator: axp20x: Fix reference cout leak certs: Fix blacklist flag type confusion spi: atmel: Put allocated master before return regulator: s5m8767: Drop regulators OF node reference isofs: release buffer head before return auxdisplay: ht16k33: Fix refresh rate handling IB/umad: Return EIO in case of when device disassociated IB/umad: Return EPOLLERR in case of when device disassociated KVM: PPC: Make the VMX instruction emulation routines static powerpc/47x: Disable 256k page size mmc: usdhi6rol0: Fix a resource leak in the error handling path of the probe mmc: renesas_sdhi_internal_dmac: Fix DMA buffer alignment from 8 to 128-bytes ARM: 9046/1: decompressor: Do not clear SCTLR.nTLSMD for ARMv7+ cores amba: Fix resource leak for drivers without .remove tracepoint: Do not fail unregistering a probe due to memory failure perf tools: Fix DSO filtering when not finding a map for a sampled address RDMA/rxe: Fix coding error in rxe_recv.c RDMA/rxe: Correct skb on loopback path spi: stm32: properly handle 0 byte transfer mfd: wm831x-auxadc: Prevent use after free in wm831x_auxadc_read_irq() powerpc/pseries/dlpar: handle ibm, configure-connector delay status powerpc/8xx: Fix software emulation interrupt clk: qcom: gcc-msm8998: Fix Alpha PLL type for all GPLLs spi: pxa2xx: Fix the controller numbering for Wildcat Point Input: sur40 - fix an error code in sur40_probe() perf intel-pt: Fix missing CYC processing in PSB perf test: Fix unaligned access in sample parsing test Input: elo - fix an error code in elo_connect() sparc64: only select COMPAT_BINFMT_ELF if BINFMT_ELF is set misc: eeprom_93xx46: Fix module alias to enable module autoprobe misc: eeprom_93xx46: Add module alias to avoid breaking support for non device tree users pwm: rockchip: rockchip_pwm_probe(): Remove superfluous clk_unprepare() VMCI: Use set_page_dirty_lock() when unregistering guest memory PCI: Align checking of syscall user config accessors drm/msm/dsi: Correct io_start for MSM8994 (20nm PHY) ext4: fix potential htree index checksum corruption regmap: sdw: use _no_pm functions in regmap_read/write i40e: Fix flow for IPv6 next header (extension header) i40e: Add zero-initialization of AQ command structures i40e: Fix overwriting flow control settings during driver loading i40e: Fix VFs not created i40e: Fix add TC filter for IPv6 net/mlx4_core: Add missed mlx4_free_cmd_mailbox() vxlan: move debug check after netdev unregister ocfs2: fix a use after free on error mm/memory.c: fix potential pte_unmap_unlock pte error mm/hugetlb: fix potential double free in hugetlb_register_node() error path r8169: fix jumbo packet handling on RTL8168e arm64: Add missing ISB after invalidating TLB in __primary_switch i2c: brcmstb: Fix brcmstd_send_i2c_cmd condition mm/rmap: fix potential pte_unmap on an not mapped pte scsi: bnx2fc: Fix Kconfig warning & CNIC build errors blk-settings: align max_sectors on "logical_block_size" boundary ACPI: property: Fix fwnode string properties matching ACPI: configfs: add missing check after configfs_register_default_group() HID: wacom: Ignore attempts to overwrite the touch_max value from HID Input: raydium_ts_i2c - do not send zero length Input: xpad - add support for PowerA Enhanced Wired Controller for Xbox Series X|S Input: joydev - prevent potential read overflow in ioctl Input: i8042 - add ASUS Zenbook Flip to noselftest list USB: serial: option: update interface mapping for ZTE P685M usb: musb: Fix runtime PM race in musb_queue_resume_work usb: dwc3: gadget: Fix setting of DEPCFG.bInterval_m1 usb: dwc3: gadget: Fix dep->interval for fullspeed interrupt USB: serial: ftdi_sio: fix FTX sub-integer prescaler USB: serial: mos7840: fix error code in mos7840_write() USB: serial: mos7720: fix error code in mos7720_write() ALSA: hda/realtek: modify EAPD in the ALC886 tpm_tis: Fix check_locality for correct locality acquisition tpm_tis: Clean up locality release KEYS: trusted: Fix migratable=1 failing btrfs: abort the transaction if we fail to inc ref in btrfs_copy_root btrfs: fix reloc root leak with 0 ref reloc roots on recovery btrfs: fix extent buffer leak on failure to copy root crypto: arm64/sha - add missing module aliases crypto: sun4i-ss - checking sg length is not sufficient crypto: sun4i-ss - handle BigEndian for cipher seccomp: Add missing return in non-void function misc: rtsx: init of rts522a add OCP power off when no card is present drivers/misc/vmw_vmci: restrict too big queue size in qp_host_alloc_queue pstore: Fix typo in compression option name dts64: mt7622: fix slow sd card access staging/mt7621-dma: mtk-hsdma.c->hsdma-mt7621.c staging: gdm724x: Fix DMA from stack staging: rtl8188eu: Add Edimax EW-7811UN V2 to device table media: ipu3-cio2: Fix mbus_code processing in cio2_subdev_set_fmt() x86/reboot: Force all cpus to exit VMX root if VMX is supported floppy: reintroduce O_NDELAY fix arm64: uprobe: Return EOPNOTSUPP for AARCH32 instruction probing watchdog: mei_wdt: request stop on unregister mtd: spi-nor: hisi-sfc: Put child node np on error path fs/affs: release old buffer head on error path seq_file: document how per-entry resources are managed. x86: fix seq_file iteration for pat/memtype.c hugetlb: fix copy_huge_page_from_user contig page struct assumption libnvdimm/dimm: Avoid race between probe and available_slots_show() arm64: Extend workaround for erratum 1024718 to all versions of Cortex-A55 module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols mmc: sdhci-esdhc-imx: fix kernel panic when remove module gpio: pcf857x: Fix missing first interrupt printk: fix deadlock when kernel panic cpufreq: intel_pstate: Get per-CPU max freq via MSR_HWP_CAPABILITIES if available f2fs: fix out-of-repair __setattr_copy() sparc32: fix a user-triggerable oops in clear_user() gfs2: Don't skip dlm unlock if glock has an lvb dm: fix deadlock when swapping to encrypted device dm era: Recover committed writeset after crash dm era: Verify the data block size hasn't changed dm era: Fix bitset memory leaks dm era: Use correct value size in equality function of writeset tree dm era: Reinitialize bitset cache before digesting a new writeset dm era: only resize metadata in preresume icmp: introduce helper for nat'd source address in network device context icmp: allow icmpv6_ndo_send to work with CONFIG_IPV6=n gtp: use icmp_ndo_send helper sunvnet: use icmp_ndo_send helper xfrm: interface: use icmp_ndo_send helper ipv6: icmp6: avoid indirect call for icmpv6_send() ipv6: silence compilation warning for non-IPV6 builds net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending dm era: Update in-core bitset after committing the metadata net: qrtr: Fix memory leak in qrtr_tun_open ARM: dts: aspeed: Add LCLK to lpc-snoop Linux 4.19.178 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I8c07c10dd29a1233f238b533622d7b32bd22bdb0 |
||
Daniele Alessandrelli
|
1d14389723 |
crypto: ecdh_helper - Ensure 'len >= secret.len' in decode_key()
[ Upstream commit a53ab94eb6850c3657392e2d2ce9b38c387a2633 ]
The length ('len' parameter) passed to crypto_ecdh_decode_key() is never
checked against the length encoded in the passed buffer ('buf'
parameter). This could lead to an out-of-bounds access when the passed
length is less than the encoded length.
Add a check to prevent that.
Fixes:
|
||
Greg Kroah-Hartman
|
8ca2f0230e |
Merge 4.19.167 into android-4.19-stable
Changes in 4.19.167 kbuild: don't hardcode depmod path workqueue: Kick a worker based on the actual activation of delayed works scsi: ufs: Fix wrong print message in dev_err() scsi: ufs-pci: Ensure UFS device is in PowerDown mode for suspend-to-disk ->poweroff() scsi: ide: Do not set the RQF_PREEMPT flag for sense requests scsi: scsi_transport_spi: Set RQF_PM for domain validation commands lib/genalloc: fix the overflow when size is too big depmod: handle the case of /sbin/depmod without /sbin in PATH proc: change ->nlink under proc_subdir_lock proc: fix lookup in /proc/net subdirectories after setns(2) i40e: Fix Error I40E_AQ_RC_EINVAL when removing VFs net: mvpp2: Add TCAM entry to drop flow control pause frames net: mvpp2: prs: fix PPPoE with ipv6 packet parse ethernet: ucc_geth: fix use-after-free in ucc_geth_remove() ethernet: ucc_geth: set dev->max_mtu to 1518 atm: idt77252: call pci_disable_device() on error path net: mvpp2: Fix GoP port 3 Networking Complex Control configurations qede: fix offload for IPIP tunnel packets virtio_net: Fix recursive call to cpus_read_lock() net/ncsi: Use real net-device for response handler net: ethernet: Fix memleak in ethoc_probe net-sysfs: take the rtnl lock when storing xps_cpus net-sysfs: take the rtnl lock when accessing xps_cpus_map and num_tc net: ethernet: ti: cpts: fix ethtool output when no ptp_clock registered tun: fix return value when the number of iovs exceeds MAX_SKB_FRAGS ipv4: Ignore ECN bits for fib lookups in fib_compute_spec_dst() net: hns: fix return value check in __lb_other_process() erspan: fix version 1 check in gre_parse_header() net: hdlc_ppp: Fix issues when mod_timer is called while timer is running CDC-NCM: remove "connected" log message net: usb: qmi_wwan: add Quectel EM160R-GL r8169: work around power-saving bug on some chip versions vhost_net: fix ubuf refcount incorrectly when sendmsg fails net: sched: prevent invalid Scell_log shift count net-sysfs: take the rtnl lock when storing xps_rxqs net-sysfs: take the rtnl lock when accessing xps_rxqs_map and num_tc net: systemport: set dev->max_mtu to UMAC_MAX_MTU_SIZE Bluetooth: revert: hci_h5: close serdev device and free hu in h5_close video: hyperv_fb: Fix the mmap() regression for v5.4.y and older crypto: ecdh - avoid buffer overflow in ecdh_set_secret() staging: mt7621-dma: Fix a resource leak in an error handling path usb: gadget: enable super speed plus USB: cdc-acm: blacklist another IR Droid device USB: cdc-wdm: Fix use after free in service_outstanding_interrupt(). usb: dwc3: ulpi: Use VStsDone to detect PHY regs access completion usb: chipidea: ci_hdrc_imx: add missing put_device() call in usbmisc_get_init_data() USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set usb: usbip: vhci_hcd: protect shift size usb: uas: Add PNY USB Portable SSD to unusual_uas USB: serial: iuu_phoenix: fix DMA from stack USB: serial: option: add LongSung M5710 module support USB: serial: option: add Quectel EM160R-GL USB: yurex: fix control-URB timeout handling USB: usblp: fix DMA to stack ALSA: usb-audio: Fix UBSAN warnings for MIDI jacks usb: gadget: select CONFIG_CRC32 usb: gadget: f_uac2: reset wMaxPacketSize usb: gadget: function: printer: Fix a memory leak for interface descriptor usb: gadget: u_ether: Fix MTU size mismatch with RX packet size USB: gadget: legacy: fix return error code in acm_ms_bind() usb: gadget: Fix spinlock lockup on usb_function_deactivate usb: gadget: configfs: Preserve function ordering after bind failure usb: gadget: configfs: Fix use-after-free issue with udc_name USB: serial: keyspan_pda: remove unused variable x86/mm: Fix leak of pmd ptlock ALSA: hda/via: Fix runtime PM for Clevo W35xSS ALSA: hda/conexant: add a new hda codec CX11970 ALSA: hda/realtek - Fix speaker volume control on Lenovo C940 btrfs: send: fix wrong file path when there is an inode with a pending rmdir Revert "device property: Keep secondary firmware node secondary by type" xen/pvh: correctly setup the PV EFI interface for dom0 netfilter: x_tables: Update remaining dereference to RCU netfilter: ipset: fix shift-out-of-bounds in htable_bits() netfilter: xt_RATEEST: reject non-null terminated string from userspace x86/mtrr: Correct the range check before performing MTRR type lookups KVM: x86: fix shift out of bounds reported by UBSAN scsi: target: Fix XCOPY NAA identifier lookup Linux 4.19.167 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Id204bcc705c98d3344f33de84431cc7ca0868246 |
||
Ard Biesheuvel
|
457b67797c |
crypto: ecdh - avoid buffer overflow in ecdh_set_secret()
commit 0aa171e9b267ce7c52d3a3df7bc9c1fc0203dec5 upstream. Pavel reports that commit 17858b140bf4 ("crypto: ecdh - avoid unaligned accesses in ecdh_set_secret()") fixes one problem but introduces another: the unconditional memcpy() introduced by that commit may overflow the target buffer if the source data is invalid, which could be the result of intentional tampering. So check params.key_size explicitly against the size of the target buffer before validating the key further. Fixes: 17858b140bf4 ("crypto: ecdh - avoid unaligned accesses in ecdh_set_secret()") Reported-by: Pavel Machek <pavel@denx.de> Cc: <stable@vger.kernel.org> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Greg Kroah-Hartman
|
07ce88e9de |
This is the 4.19.164 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl/sVdwACgkQONu9yGCS aT581g/+KZ4lFcY/lAEY6/n6RjFenerl5O2a4tqO+j7eivOA8aNOzXQpvwcPXFKZ uCCwab3shrp0MdOJ4Ub1qLF5rZoJ/QvLNkI+8GVRztnchkWHwNlYbheZqHRows9E LM5w/+SUh+I7wymfjsjxr8ohSOxkvygNL9PLLTkuQMwbs/jjdizmcgqeYo54Plih IdtHrp/ZjxKMOu+fkp1dpTy2RUfbxxWS4RnVjSI+g3s8vaxWh90jMCwLP3fyUwpX a8eNCFkIV0lBCj+dYF+ry5x7wGd9mvCVAG70DmRkHd4nyc1WGnp+yz3lQlQnIzeq Hc7k3ts3FXmXBSRTzkqM9pmaOuyrKwqu3DoiplXxHgjeJYegP9k0jh33eohXmc/u qSz9XB3FhBxy7uRf8tqGLKiUsARnQUYfqzR8qgGFndvWRpIBr9egSzDKVNSF5uWu bPt3UQpM8O714NcnB2PGs4OUPqxSikT3BrnfurZOzEddkSveXfkItYnt3mc300bx MSHYY/iuLpsBeDd0U6POgf5J5RigmOWvayZrMkPSxlnm7v9diefpKo7xB7+l3AqD DZ5BSZMNtgKHwzck6d3RXX+GCILreL16Lj299NM1SJPm+j5SEkna7luikgi2pqrk r2cD31L9JHiq36L3uP5u30JoxEG6+W2Px+dqc+uyB3RXHJzRwy4= =TKv4 -----END PGP SIGNATURE----- Merge 4.19.164 into android-4.19-stable Changes in 4.19.164 Kbuild: do not emit debug info for assembly with LLVM_IAS=1 x86/lib: Change .weak to SYM_FUNC_START_WEAK for arch/x86/lib/mem*_64.S spi: bcm2835aux: Fix use-after-free on unbind spi: bcm2835aux: Restore err assignment in bcm2835aux_spi_probe iwlwifi: pcie: limit memory read spin time arm64: dts: rockchip: Assign a fixed index to mmc devices on rk3399 boards. iwlwifi: mvm: fix kernel panic in case of assert during CSA powerpc: Drop -me200 addition to build flags ARC: stack unwinding: don't assume non-current task is sleeping scsi: ufs: Make sure clk scaling happens only when HBA is runtime ACTIVE irqchip/gic-v3-its: Unconditionally save/restore the ITS state on suspend soc: fsl: dpio: Get the cpumask through cpumask_of(cpu) platform/x86: thinkpad_acpi: Do not report SW_TABLET_MODE on Yoga 11e platform/x86: thinkpad_acpi: Add BAT1 is primary battery quirk for Thinkpad Yoga 11e 4th gen platform/x86: acer-wmi: add automatic keyboard background light toggle key as KEY_LIGHTS_TOGGLE platform/x86: intel-vbtn: Support for tablet mode on HP Pavilion 13 x360 PC Input: cm109 - do not stomp on control URB Input: i8042 - add Acer laptops to the i8042 reset list pinctrl: amd: remove debounce filter setting in IRQ type setting mmc: block: Fixup condition for CMD13 polling for RPMB requests kbuild: avoid static_assert for genksyms scsi: be2iscsi: Revert "Fix a theoretical leak in beiscsi_create_eqs()" x86/mm/mem_encrypt: Fix definition of PMD_FLAGS_DEC_WP x86/membarrier: Get rid of a dubious optimization x86/apic/vector: Fix ordering in vector assignment compiler.h: fix barrier_data() on clang PCI: qcom: Add missing reset for ipq806x mac80211: mesh: fix mesh_pathtbl_init() error path net: stmmac: free tx skb buffer in stmmac_resume() tcp: select sane initial rcvq_space.space for big MSS tcp: fix cwnd-limited bug for TSO deferral where we send nothing net/mlx4_en: Avoid scheduling restart task if it is already running lan743x: fix for potential NULL pointer dereference with bare card net/mlx4_en: Handle TX error CQE net: stmmac: delete the eee_ctrl_timer after napi disabled net: stmmac: dwmac-meson8b: fix mask definition of the m250_sel mux net: bridge: vlan: fix error return code in __vlan_add() ktest.pl: If size of log is too big to email, email error message USB: dummy-hcd: Fix uninitialized array use in init() USB: add RESET_RESUME quirk for Snapscan 1212 ALSA: usb-audio: Fix potential out-of-bounds shift ALSA: usb-audio: Fix control 'access overflow' errors from chmap xhci: Give USB2 ports time to enter U3 in bus suspend USB: UAS: introduce a quirk to set no_write_same USB: sisusbvga: Make console support depend on BROKEN ALSA: pcm: oss: Fix potential out-of-bounds shift serial: 8250_omap: Avoid FIFO corruption caused by MDR1 access drm/xen-front: Fix misused IS_ERR_OR_NULL checks drm: fix drm_dp_mst_port refcount leaks in drm_dp_mst_allocate_vcpi arm64: lse: fix LSE atomics with LLVM's integrated assembler arm64: lse: Fix LSE atomics with LLVM arm64: Change .weak to SYM_FUNC_START_WEAK_PI for arch/arm64/lib/mem*.S x86/resctrl: Remove unused struct mbm_state::chunks_bw x86/resctrl: Fix incorrect local bandwidth when mba_sc is enabled pinctrl: merrifield: Set default bias in case no particular value given pinctrl: baytrail: Avoid clearing debounce value when turning it off ARM: dts: sun8i: v3s: fix GIC node memory range gpio: mvebu: fix potential user-after-free on probe scsi: bnx2i: Requires MMU xsk: Fix xsk_poll()'s return type can: softing: softing_netdev_open(): fix error handling clk: renesas: r9a06g032: Drop __packed for portability block: factor out requeue handling from dispatch code netfilter: x_tables: Switch synchronization to RCU gpio: eic-sprd: break loop when getting NULL device resource selftests/bpf/test_offload.py: Reset ethtool features after failed setting RDMA/cm: Fix an attempt to use non-valid pointer when cleaning timewait ixgbe: avoid premature Rx buffer reuse drm/tegra: replace idr_init() by idr_init_base() kernel/cpu: add arch override for clear_tasks_mm_cpumask() mm handling drm/tegra: sor: Disable clocks on error in tegra_sor_init() arm64: syscall: exit userspace before unmasking exceptions vxlan: Add needed_headroom for lower device vxlan: Copy needed_tailroom from lowerdev scsi: mpt3sas: Increase IOCInit request timeout to 30s dm table: Remove BUG_ON(in_interrupt()) soc/tegra: fuse: Fix index bug in get_process_id USB: serial: option: add interface-number sanity check to flag handling USB: gadget: f_acm: add support for SuperSpeed Plus USB: gadget: f_midi: setup SuperSpeed Plus descriptors usb: gadget: f_fs: Re-use SS descriptors for SuperSpeedPlus USB: gadget: f_rndis: fix bitrate for SuperSpeed and above usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag to imx6ul ARM: dts: exynos: fix roles of USB 3.0 ports on Odroid XU ARM: dts: exynos: fix USB 3.0 VBUS control and over-current pins on Exynos5410 ARM: dts: exynos: fix USB 3.0 pins supply being turned off on Odroid XU coresight: tmc-etr: Check if page is valid before dma_map_page() scsi: megaraid_sas: Check user-provided offsets HID: i2c-hid: add Vero K147 to descriptor override serial_core: Check for port state when tty is in error state Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt() quota: Sanity-check quota file headers on load media: msi2500: assign SPI bus number dynamically crypto: af_alg - avoid undefined behavior accessing salg_name md: fix a warning caused by a race between concurrent md_ioctl()s perf cs-etm: Change tuple from traceID-CPU# to traceID-metadata perf cs-etm: Move definition of 'traceid_list' global variable from header file drm/gma500: fix double free of gma_connector drm/tve200: Fix handling of platform_get_irq() error soc: renesas: rmobile-sysc: Fix some leaks in rmobile_init_pm_domains() soc: mediatek: Check if power domains can be powered on at boot time soc: qcom: geni: More properly switch to DMA mode RDMA/bnxt_re: Set queue pair state when being queried selinux: fix error initialization in inode_doinit_with_dentry() ARM: dts: aspeed: s2600wf: Fix VGA memory region location RDMA/rxe: Compute PSN windows correctly x86/mm/ident_map: Check for errors from ident_pud_init() ARM: p2v: fix handling of LPAE translation in BE mode x86/apic: Fix x2apic enablement without interrupt remapping sched/deadline: Fix sched_dl_global_validate() sched: Reenable interrupts in do_sched_yield() crypto: talitos - Endianess in current_desc_hdr() crypto: talitos - Fix return type of current_desc_hdr() crypto: inside-secure - Fix sizeof() mismatch powerpc/64: Set up a kernel stack for secondaries before cpu_restore() spi: img-spfi: fix reference leak in img_spfi_resume drm/msm/dsi_pll_10nm: restore VCO rate during restore_state ASoC: pcm: DRAIN support reactivation selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handling arm64: dts: exynos: Include common syscon restart/poweroff for Exynos7 arm64: dts: exynos: Correct psci compatible used on Exynos7 Bluetooth: Fix null pointer dereference in hci_event_packet() Bluetooth: hci_h5: fix memory leak in h5_close spi: spi-ti-qspi: fix reference leak in ti_qspi_setup spi: tegra20-slink: fix reference leak in slink ops of tegra20 spi: tegra20-sflash: fix reference leak in tegra_sflash_resume spi: tegra114: fix reference leak in tegra spi ops spi: bcm63xx-hsspi: fix missing clk_disable_unprepare() on error in bcm63xx_hsspi_resume mwifiex: fix mwifiex_shutdown_sw() causing sw reset failure ASoC: wm8998: Fix PM disable depth imbalance on error ASoC: arizona: Fix a wrong free in wm8997_probe RDMa/mthca: Work around -Wenum-conversion warning MIPS: BCM47XX: fix kconfig dependency bug for BCM47XX_BCMA crypto: qat - fix status check in qat_hal_put_rel_rd_xfer() staging: greybus: codecs: Fix reference counter leak in error handling staging: gasket: interrupt: fix the missed eventfd_ctx_put() in gasket_interrupt.c media: tm6000: Fix sizeof() mismatches media: mtk-vcodec: add missing put_device() call in mtk_vcodec_release_dec_pm() ASoC: meson: fix COMPILE_TEST error scsi: core: Fix VPD LUN ID designator priorities media: solo6x10: fix missing snd_card_free in error handling case video: fbdev: atmel_lcdfb: fix return error code in atmel_lcdfb_of_init() drm/omap: dmm_tiler: fix return error code in omap_dmm_probe() Input: ads7846 - fix race that causes missing releases Input: ads7846 - fix integer overflow on Rt calculation Input: ads7846 - fix unaligned access on 7845 usb/max3421: fix return error code in max3421_probe() spi: mxs: fix reference leak in mxs_spi_probe powerpc/feature: Fix CPU_FTRS_ALWAYS by removing CPU_FTRS_GENERIC_32 crypto: crypto4xx - Replace bitwise OR with logical OR in crypto4xx_build_pd crypto: omap-aes - Fix PM disable depth imbalance in omap_aes_probe spi: fix resource leak for drivers without .remove callback soc: ti: knav_qmss: fix reference leak in knav_queue_probe soc: ti: Fix reference imbalance in knav_dma_probe drivers: soc: ti: knav_qmss_queue: Fix error return code in knav_queue_probe Input: omap4-keypad - fix runtime PM error handling RDMA/cxgb4: Validate the number of CQEs memstick: fix a double-free bug in memstick_check ARM: dts: at91: sama5d4_xplained: add pincontrol for USB Host ARM: dts: at91: sama5d3_xplained: add pincontrol for USB Host orinoco: Move context allocation after processing the skb cw1200: fix missing destroy_workqueue() on error in cw1200_init_common dmaengine: mv_xor_v2: Fix error return code in mv_xor_v2_probe() media: siano: fix memory leak of debugfs members in smsdvb_hotplug platform/x86: mlx-platform: Remove PSU EEPROM from default platform configuration platform/x86: mlx-platform: Remove PSU EEPROM from MSN274x platform configuration samples: bpf: Fix lwt_len_hist reusing previous BPF map mips: cdmm: fix use-after-free in mips_cdmm_bus_discover media: max2175: fix max2175_set_csm_mode() error code slimbus: qcom-ngd-ctrl: Avoid sending power requests without QMI HSI: omap_ssi: Don't jump to free ID in ssi_add_controller() ARM: dts: Remove non-existent i2c1 from 98dx3236 arm64: dts: rockchip: Set dr_mode to "host" for OTG on rk3328-roc-cc power: supply: axp288_charger: Fix HP Pavilion x2 10 DMI matching power: supply: bq24190_charger: fix reference leak genirq/irqdomain: Don't try to free an interrupt that has no mapping PCI: Bounds-check command-line resource alignment requests PCI: Fix overflow in command-line resource alignment requests PCI: iproc: Fix out-of-bound array accesses arm64: dts: meson: fix spi-max-frequency on Khadas VIM2 ARM: dts: at91: at91sam9rl: fix ADC triggers platform/x86: dell-smbios-base: Fix error return code in dell_smbios_init ath10k: Fix the parsing error in service available event ath10k: Fix an error handling path ath10k: Release some resources in an error handling path NFSv4.2: condition READDIR's mask for security label based on LSM state SUNRPC: xprt_load_transport() needs to support the netid "rdma6" lockd: don't use interval-based rebinding over TCP NFS: switch nfsiod to be an UNBOUND workqueue. vfio-pci: Use io_remap_pfn_range() for PCI IO memory media: saa7146: fix array overflow in vidioc_s_audio() clocksource/drivers/cadence_ttc: Fix memory leak in ttc_setup_clockevent() ARM: dts: at91: sama5d2: map securam as device pinctrl: falcon: add missing put_device() call in pinctrl_falcon_probe() arm64: dts: rockchip: Fix UART pull-ups on rk3328 memstick: r592: Fix error return in r592_probe() net/mlx5: Properly convey driver version to firmware ASoC: jz4740-i2s: add missed checks for clk_get() dm ioctl: fix error return code in target_message clocksource/drivers/arm_arch_timer: Correct fault programming of CNTKCTL_EL1.EVNTI cpufreq: highbank: Add missing MODULE_DEVICE_TABLE cpufreq: mediatek: Add missing MODULE_DEVICE_TABLE cpufreq: st: Add missing MODULE_DEVICE_TABLE cpufreq: loongson1: Add missing MODULE_ALIAS cpufreq: scpi: Add missing MODULE_ALIAS scsi: qedi: Fix missing destroy_workqueue() on error in __qedi_probe scsi: pm80xx: Fix error return in pm8001_pci_probe() seq_buf: Avoid type mismatch for seq_buf_init scsi: fnic: Fix error return code in fnic_probe() platform/x86: mlx-platform: Fix item counter assignment for MSN2700, MSN24xx systems powerpc/pseries/hibernation: drop pseries_suspend_begin() from suspend ops powerpc/pseries/hibernation: remove redundant cacheinfo update usb: ehci-omap: Fix PM disable depth umbalance in ehci_hcd_omap_probe usb: oxu210hp-hcd: Fix memory leak in oxu_create speakup: fix uninitialized flush_lock nfsd: Fix message level for normal termination nfs_common: need lock during iterate through the list x86/kprobes: Restore BTF if the single-stepping is cancelled bus: fsl-mc: fix error return code in fsl_mc_object_allocate() clk: tegra: Fix duplicated SE clock entry extcon: max77693: Fix modalias string mac80211: don't set set TDLS STA bandwidth wider than possible ASoC: wm_adsp: remove "ctl" from list on error in wm_adsp_create_control() irqchip/alpine-msi: Fix freeing of interrupts on allocation error path watchdog: sirfsoc: Add missing dependency on HAS_IOMEM watchdog: sprd: remove watchdog disable from resume fail path watchdog: sprd: check busy bit before new loading rather than after that watchdog: Fix potential dereferencing of null pointer um: Monitor error events in IRQ controller um: tty: Fix handling of close in tty lines um: chan_xterm: Fix fd leak nfc: s3fwrn5: Release the nfc firmware powerpc/ps3: use dma_mapping_error() checkpatch: fix unescaped left brace net: bcmgenet: Fix a resource leak in an error handling path in the probe functin net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function net: korina: fix return value libnvdimm/label: Return -ENXIO for no slot in __blk_label_update watchdog: qcom: Avoid context switch in restart handler watchdog: coh901327: add COMMON_CLK dependency clk: ti: Fix memleak in ti_fapll_synth_setup pwm: zx: Add missing cleanup in error path pwm: lp3943: Dynamically allocate PWM chip base perf record: Fix memory leak when using '--user-regs=?' to list registers qlcnic: Fix error code in probe clk: s2mps11: Fix a resource leak in error handling paths in the probe function clk: sunxi-ng: Make sure divider tables have sentinel kconfig: fix return value of do_error_if() ARM: sunxi: Add machine match for the Allwinner V3 SoC cfg80211: initialize rekey_data fix namespaced fscaps when !CONFIG_SECURITY lwt: Disable BH too in run_lwt_bpf() Input: cros_ec_keyb - send 'scancodes' in addition to key events Input: goodix - add upside-down quirk for Teclast X98 Pro tablet media: gspca: Fix memory leak in probe media: sunxi-cir: ensure IR is handled when it is continuous media: netup_unidvb: Don't leak SPI master in probe error path media: ipu3-cio2: Remove traces of returned buffers media: ipu3-cio2: Return actual subdev format media: ipu3-cio2: Serialise access to pad format media: ipu3-cio2: Validate mbus format in setting subdev format media: ipu3-cio2: Make the field on subdev format V4L2_FIELD_NONE Input: cyapa_gen6 - fix out-of-bounds stack access ALSA: hda/ca0132 - Change Input Source enum strings. PM: ACPI: PCI: Drop acpi_pm_set_bridge_wakeup() Revert "ACPI / resources: Use AE_CTRL_TERMINATE to terminate resources walks" ACPI: PNP: compare the string length in the matching_id() ALSA: hda: Fix regressions on clear and reconfig sysfs ALSA: hda/realtek - Enable headset mic of ASUS X430UN with ALC256 ALSA: hda/realtek - Enable headset mic of ASUS Q524UQK with ALC255 ALSA: pcm: oss: Fix a few more UBSAN fixes ALSA: hda/realtek: Add quirk for MSI-GP73 ALSA: hda/realtek: Apply jack fixup for Quanta NL3 ALSA: usb-audio: Add VID to support native DSD reproduction on FiiO devices ALSA: usb-audio: Disable sample read check if firmware doesn't give back s390/smp: perform initial CPU reset also for SMT siblings s390/kexec_file: fix diag308 subcode when loading crash kernel s390/dasd: fix hanging device offline processing s390/dasd: prevent inconsistent LCU device data s390/dasd: fix list corruption of pavgroup group list s390/dasd: fix list corruption of lcu list staging: comedi: mf6x4: Fix AI end-of-conversion detection powerpc/perf: Exclude kernel samples while counting events in user space. crypto: ecdh - avoid unaligned accesses in ecdh_set_secret() EDAC/amd64: Fix PCI component registration USB: serial: mos7720: fix parallel-port state restore USB: serial: digi_acceleport: fix write-wakeup deadlocks USB: serial: keyspan_pda: fix dropped unthrottle interrupts USB: serial: keyspan_pda: fix write deadlock USB: serial: keyspan_pda: fix stalled writes USB: serial: keyspan_pda: fix write-wakeup use-after-free USB: serial: keyspan_pda: fix tx-unthrottle use-after-free USB: serial: keyspan_pda: fix write unthrottling ext4: fix a memory leak of ext4_free_data ext4: fix deadlock with fs freezing and EA inodes KVM: arm64: Introduce handling of AArch32 TTBCR2 traps ARM: dts: pandaboard: fix pinmux for gpio user button of Pandaboard ES ARM: dts: at91: sama5d2: fix CAN message ram offset and size powerpc: Fix incorrect stw{, ux, u, x} instructions in __set_pte_at powerpc/rtas: Fix typo of ibm,open-errinjct in RTAS filter powerpc/xmon: Change printk() to pr_cont() powerpc/powernv/memtrace: Don't leak kernel memory to user space powerpc/powernv/memtrace: Fix crashing the kernel when enabling concurrently ima: Don't modify file descriptor mode on the fly ceph: fix race in concurrent __ceph_remove_cap invocations SMB3: avoid confusing warning message on mount to Azure SMB3.1.1: do not log warning message if server doesn't populate salt ubifs: wbuf: Don't leak kernel memory to flash jffs2: Fix GC exit abnormally jfs: Fix array index bounds check in dbAdjTree drm/dp_aux_dev: check aux_dev before use in drm_dp_aux_dev_get_by_minor() spi: spi-sh: Fix use-after-free on unbind spi: davinci: Fix use-after-free on unbind spi: pic32: Don't leak DMA channels in probe error path spi: rb4xx: Don't leak SPI master in probe error path spi: sc18is602: Don't leak SPI master in probe error path spi: st-ssc4: Fix unbalanced pm_runtime_disable() in probe error path spi: mt7621: fix missing clk_disable_unprepare() on error in mt7621_spi_probe soc: qcom: smp2p: Safely acquire spinlock without IRQs mtd: spinand: Fix OOB read mtd: parser: cmdline: Fix parsing of part-names with colons mtd: rawnand: qcom: Fix DMA sync on FLASH_STATUS register read scsi: lpfc: Fix invalid sleeping context in lpfc_sli4_nvmet_alloc() scsi: lpfc: Re-fix use after free in lpfc_rq_buf_free() iio: buffer: Fix demux update iio: adc: rockchip_saradc: fix missing clk_disable_unprepare() on error in rockchip_saradc_resume iio:light:rpr0521: Fix timestamp alignment and prevent data leak. iio:light:st_uvis25: Fix timestamp alignment and prevent data leak. iio:pressure:mpl3115: Force alignment of buffer iio:imu:bmi160: Fix too large a buffer. md/cluster: block reshape with remote resync job md/cluster: fix deadlock when node is doing resync job pinctrl: sunxi: Always call chained_irq_{enter, exit} in sunxi_pinctrl_irq_handler clk: mvebu: a3700: fix the XTAL MODE pin to MPP1_9 xen-blkback: set ring->xenblkd to NULL after kthread_stop() xen/xenbus: Allow watches discard events before queueing xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path() xen/xenbus/xen_bus_type: Support will_handle watch callback xen/xenbus: Count pending messages for each watch xenbus/xenbus_backend: Disallow pending watch messages libnvdimm/namespace: Fix reaping of invalidated block-window-namespace labels platform/x86: intel-vbtn: Allow switch events on Acer Switch Alpha 12 PCI: Fix pci_slot_release() NULL pointer dereference platform/x86: mlx-platform: remove an unused variable Linux 4.19.164 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I8e2d24b45393ee2360186893d4e578e20156c7f1 |
||
Ard Biesheuvel
|
85637bc064 |
crypto: ecdh - avoid unaligned accesses in ecdh_set_secret()
commit 17858b140bf49961b71d4e73f1c3ea9bc8e7dda0 upstream. ecdh_set_secret() casts a void* pointer to a const u64* in order to feed it into ecc_is_key_valid(). This is not generally permitted by the C standard, and leads to actual misalignment faults on ARMv6 cores. In some cases, these are fixed up in software, but this still leads to performance hits that are entirely avoidable. So let's copy the key into the ctx buffer first, which we will do anyway in the common case, and which guarantees correct alignment. Cc: <stable@vger.kernel.org> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Eric Biggers
|
268a84d36e |
crypto: af_alg - avoid undefined behavior accessing salg_name
commit 92eb6c3060ebe3adf381fd9899451c5b047bb14d upstream. Commit |
||
Eric Biggers
|
b5f2b9e204 |
UPSTREAM: crypto: chacha-generic - fix use as arm64 no-NEON fallback
The arm64 implementations of ChaCha and XChaCha are failing the extra crypto self-tests following my patches to test the !may_use_simd() code paths, which previously were untested. The problem is as follows: When !may_use_simd(), the arm64 NEON implementations fall back to the generic implementation, which uses the skcipher_walk API to iterate through the src/dst scatterlists. Due to how the skcipher_walk API works, walk.stride is set from the skcipher_alg actually being used, which in this case is the arm64 NEON algorithm. Thus walk.stride is 5*CHACHA_BLOCK_SIZE, not CHACHA_BLOCK_SIZE. This unnecessarily large stride shouldn't cause an actual problem. However, the generic implementation computes round_down(nbytes, walk.stride). round_down() assumes the round amount is a power of 2, which 5*CHACHA_BLOCK_SIZE is not, so it gives the wrong result. This causes the following case in skcipher_walk_done() to be hit, causing a WARN() and failing the encryption operation: if (WARN_ON(err)) { /* unexpected case; didn't process all bytes */ err = -EINVAL; goto finish; } Fix it by rounding down to CHACHA_BLOCK_SIZE instead of walk.stride. (Or we could replace round_down() with rounddown(), but that would add a slow division operation every time, which I think we should avoid.) Fixes: 2fe55987b262 ("crypto: arm64/chacha - use combined SIMD/ALU routine for more speed") Cc: <stable@vger.kernel.org> # v5.0+ Signed-off-by: Eric Biggers <ebiggers@google.com> Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 7aceaaef04eaaf6019ca159bc354d800559bba1d) Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Idb028928e0a9ea82a6329aa9148fc2d82d1c037d |
||
Greg Kroah-Hartman
|
b9a942466b |
This is the 4.19.153 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl+ag5UACgkQONu9yGCS aT5O3w//RaOcwQdi47/UJz8zyja1ZG8MSSCGibpwvaDwrsXu9es1QtqLAC38H10o ygxNLBZQHxhScsRpicNc+Dy87+lcSj8cF1ed7sd1LU8rvmQ18uIeFUZxfzYth8jW i6erzas0Ojw8IMy566GDxkfAC6n5GhJuJTVFQWUQpoEbsb5rXcGCLx3u+S3Ew+5t Xb9qE6r5cImYymvMkMy7RQ4Db2qgOwjkaCj+Ol+4BSR0bF4OweMQLPJs9gN8pJpr o2nxHg7wdO8SKJZCBVw8ZmfO4zF6czcKy+KzFajn+4LA2oT5mgiV8y21cd9CWYeQ JQK1jZGwwl/xljrM1yLd+crG8i11DhCStY90+4bxD68r8H+g1kwZ8jELmCwuuyx6 dk1s7jOxyKl9qAnMt6r2HqrjgxGD+2hL+2S84jPGRBow5IYjrdD0REXZjyk1R7Rp 8k00lRk1ATEy7H2lj4JW34tcsTEEDcn8PqUFx7MRKtCUI2uo4Gr5HXqf6wTJDp6S BsDe8mm77jd81vtw/AZ8Fv7Fg42QIPt7G1QV9wBbFvDmKmDa7Gj6SuQqTeu75oU9 M++aWSwyOb08wZEE0y94wsm6r4raN3A8o70Df9FltNFTALowuIcR+CVtOnQfHEuL BUBJcWg3SDsIxkXYgvQ9jO5h38i6dhAIVGAcU4VB0rgP/ePKMQs= =GiLo -----END PGP SIGNATURE----- Merge 4.19.153 into android-4.19-stable Changes in 4.19.153 ibmveth: Switch order of ibmveth_helper calls. ibmveth: Identify ingress large send packets. ipv4: Restore flowi4_oif update before call to xfrm_lookup_route mlx4: handle non-napi callers to napi_poll net: fec: Fix phy_device lookup for phy_reset_after_clk_enable() net: fec: Fix PHY init after phy_reset_after_clk_enable() net: fix pos incrementment in ipv6_route_seq_next net/smc: fix valid DMBE buffer sizes net: usb: qmi_wwan: add Cellient MPL200 card tipc: fix the skb_unshare() in tipc_buf_append() net/ipv4: always honour route mtu during forwarding r8169: fix data corruption issue on RTL8402 net/tls: sendfile fails with ktls offload binder: fix UAF when releasing todo list ALSA: bebob: potential info leak in hwdep_read() chelsio/chtls: fix socket lock chelsio/chtls: correct netdevice for vlan interface chelsio/chtls: correct function return and return type net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling ether_setup net/sched: act_tunnel_key: fix OOB write in case of IPv6 ERSPAN tunnels nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download() tcp: fix to update snd_wl1 in bulk receiver fast path r8169: fix operation under forced interrupt threading icmp: randomize the global rate limiter ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887 cifs: remove bogus debug code cifs: Return the error from crypt_message when enc/dec key not found. KVM: x86/mmu: Commit zap of remaining invalid pages when recovering lpages KVM: SVM: Initialize prev_ga_tag before use ima: Don't ignore errors from crypto_shash_update() crypto: algif_aead - Do not set MAY_BACKLOG on the async path EDAC/i5100: Fix error handling order in i5100_init_one() EDAC/ti: Fix handling of platform_get_irq() error x86/fpu: Allow multiple bits in clearcpuid= parameter drivers/perf: xgene_pmu: Fix uninitialized resource struct x86/nmi: Fix nmi_handle() duration miscalculation x86/events/amd/iommu: Fix sizeof mismatch crypto: algif_skcipher - EBUSY on aio should be an error crypto: mediatek - Fix wrong return value in mtk_desc_ring_alloc() crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call crypto: picoxcell - Fix potential race condition bug media: tuner-simple: fix regression in simple_set_radio_freq media: Revert "media: exynos4-is: Add missed check for pinctrl_lookup_state()" media: m5mols: Check function pointer in m5mols_sensor_power media: uvcvideo: Set media controller entity functions media: uvcvideo: Silence shift-out-of-bounds warning media: omap3isp: Fix memleak in isp_probe crypto: omap-sham - fix digcnt register handling with export/import hwmon: (pmbus/max34440) Fix status register reads for MAX344{51,60,61} cypto: mediatek - fix leaks in mtk_desc_ring_alloc media: mx2_emmaprp: Fix memleak in emmaprp_probe media: tc358743: initialize variable media: tc358743: cleanup tc358743_cec_isr media: rcar-vin: Fix a reference count leak. media: rockchip/rga: Fix a reference count leak. media: platform: fcp: Fix a reference count leak. media: camss: Fix a reference count leak. media: s5p-mfc: Fix a reference count leak media: stm32-dcmi: Fix a reference count leak media: ti-vpe: Fix a missing check and reference count leak regulator: resolve supply after creating regulator pinctrl: bcm: fix kconfig dependency warning when !GPIOLIB spi: spi-s3c64xx: swap s3c64xx_spi_set_cs() and s3c64xx_enable_datapath() spi: spi-s3c64xx: Check return values ath10k: provide survey info as accumulated data Bluetooth: hci_uart: Cancel init work before unregistering ath6kl: prevent potential array overflow in ath6kl_add_new_sta() ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb() ath10k: Fix the size used in a 'dma_free_coherent()' call in an error handling path wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680 ASoC: qcom: lpass-platform: fix memory leak ASoC: qcom: lpass-cpu: fix concurrency issue brcmfmac: check ndev pointer mwifiex: Do not use GFP_KERNEL in atomic context staging: rtl8192u: Do not use GFP_KERNEL in atomic context drm/gma500: fix error check scsi: qla4xxx: Fix an error handling path in 'qla4xxx_get_host_stats()' scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba() scsi: csiostor: Fix wrong return value in csio_hw_prep_fw() backlight: sky81452-backlight: Fix refcount imbalance on error VMCI: check return value of get_user_pages_fast() for errors tty: serial: earlycon dependency tty: hvcs: Don't NULL tty->driver_data until hvcs_cleanup() pty: do tty_flip_buffer_push without port->lock in pty_write pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare() pwm: lpss: Add range limit check for the base_unit register value drivers/virt/fsl_hypervisor: Fix error handling path video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error video: fbdev: sis: fix null ptr dereference video: fbdev: radeon: Fix memleak in radeonfb_pci_register HID: roccat: add bounds checking in kone_sysfs_write_settings() pinctrl: mcp23s08: Fix mcp23x17_regmap initialiser pinctrl: mcp23s08: Fix mcp23x17 precious range net/mlx5: Don't call timecounter cyc2time directly from 1PPS flow net: stmmac: use netif_tx_start|stop_all_queues() function cpufreq: armada-37xx: Add missing MODULE_DEVICE_TABLE net: dsa: rtl8366: Check validity of passed VLANs net: dsa: rtl8366: Refactor VLAN/PVID init net: dsa: rtl8366: Skip PVID setting if not requested net: dsa: rtl8366rb: Support all 4096 VLANs ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd() misc: mic: scif: Fix error handling path ALSA: seq: oss: Avoid mutex lock for a long-time ioctl usb: dwc2: Fix parameter type in function pointer prototype quota: clear padding in v2r1_mem2diskdqb() slimbus: core: check get_addr before removing laddr ida slimbus: core: do not enter to clock pause mode in core slimbus: qcom-ngd-ctrl: disable ngd in qmi server down callback HID: hid-input: fix stylus battery reporting qtnfmac: fix resource leaks on unsupported iftype error return path net: enic: Cure the enic api locking trainwreck mfd: sm501: Fix leaks in probe() iwlwifi: mvm: split a print to avoid a WARNING in ROC usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above. usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well nl80211: fix non-split wiphy information usb: dwc2: Fix INTR OUT transfers in DDMA mode. scsi: target: tcmu: Fix warning: 'page' may be used uninitialized scsi: be2iscsi: Fix a theoretical leak in beiscsi_create_eqs() platform/x86: mlx-platform: Remove PSU EEPROM configuration mwifiex: fix double free ipvs: clear skb->tstamp in forwarding path net: korina: fix kfree of rx/tx descriptor array netfilter: nf_log: missing vlan offload tag and proto mm/memcg: fix device private memcg accounting mm, oom_adj: don't loop through tasks in __set_oom_adj when not necessary IB/mlx4: Fix starvation in paravirt mux/demux IB/mlx4: Adjust delayed work when a dup is observed powerpc/pseries: Fix missing of_node_put() in rng_init() powerpc/icp-hv: Fix missing of_node_put() in success path RDMA/ucma: Fix locking for ctx->events_reported RDMA/ucma: Add missing locking around rdma_leave_multicast() mtd: lpddr: fix excessive stack usage with clang powerpc/pseries: explicitly reschedule during drmem_lmb list traversal mtd: mtdoops: Don't write panic data twice ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT values arc: plat-hsdk: fix kconfig dependency warning when !RESET_CONTROLLER xfs: limit entries returned when counting fsmap records xfs: fix high key handling in the rt allocator's query_range function RDMA/qedr: Fix use of uninitialized field RDMA/qedr: Fix inline size returned for iWARP powerpc/tau: Use appropriate temperature sample interval powerpc/tau: Convert from timer to workqueue powerpc/tau: Remove duplicated set_thresholds() call Linux 4.19.153 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I9e85e8ca67ab8e28d04a77339f80fdbf3c568956 |
||
Herbert Xu
|
b0112ecef7 |
crypto: algif_skcipher - EBUSY on aio should be an error
[ Upstream commit 2a05b029c1ee045b886ebf9efef9985ca23450de ]
I removed the MAY_BACKLOG flag on the aio path a while ago but
the error check still incorrectly interpreted EBUSY as success.
This may cause the submitter to wait for a request that will never
complete.
Fixes:
|
||
Herbert Xu
|
1ba6c54278 |
crypto: algif_aead - Do not set MAY_BACKLOG on the async path
commit cbdad1f246dd98e6c9c32a6e5212337f542aa7e0 upstream.
The async path cannot use MAY_BACKLOG because it is not meant to
block, which is what MAY_BACKLOG does. On the other hand, both
the sync and async paths can make use of MAY_SLEEP.
Fixes:
|
||
Jason A. Donenfeld
|
fd987ccbde |
UPSTREAM: crypto: Kconfig - allow tests to be disabled when manager is disabled
The library code uses CRYPTO_MANAGER_DISABLE_TESTS to conditionalize its tests, but the library code can also exist without CRYPTO_MANAGER. That means on minimal configs, the test code winds up being built with no way to disable it. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 2343d1529aff8b552589f622c23932035ed7a05d) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I0bacc9cc4473439801f272b50018e9533b0884e2 |
||
Jason A. Donenfeld
|
1ff35ded67 |
UPSTREAM: crypto: poly1305 - add new 32 and 64-bit generic versions
These two C implementations from Zinc -- a 32x32 one and a 64x64 one, depending on the platform -- come from Andrew Moon's public domain poly1305-donna portable code, modified for usage in the kernel. The precomputation in the 32-bit version and the use of 64x64 multiplies in the 64-bit version make these perform better than the code it replaces. Moon's code is also very widespread and has received many eyeballs of scrutiny. There's a bit of interference between the x86 implementation, which relies on internal details of the old scalar implementation. In the next commit, the x86 implementation will be replaced with a faster one that doesn't rely on this, so none of this matters much. But for now, to keep this passing the tests, we inline the bits of the old implementation that the x86 implementation relied on. Also, since we now support a slightly larger key space, via the union, some offsets had to be fixed up. Nonce calculation was folded in with the emit function, to take advantage of 64x64 arithmetic. However, Adiantum appeared to rely on no nonce handling in emit, so this path was conditionalized. We also introduced a new struct, poly1305_core_key, to represent the precise amount of space that particular implementation uses. Testing with kbench9000, depending on the CPU, the update function for the 32x32 version has been improved by 4%-7%, and for the 64x64 by 19%-30%. The 32x32 gains are small, but I think there's great value in having a parallel implementation to the 64x64 one so that the two can be compared side-by-side as nice stand-alone units. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 1c08a104360f3e18f4ee6346c21cc3923efb952e) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ie53f7e47335863df3d82dbc268c6d8323ae5f559 |
||
Eric Biggers
|
77073bba3e |
UPSTREAM: crypto: chacha_generic - remove unnecessary setkey() functions
Use chacha20_setkey() and chacha12_setkey() from <crypto/internal/chacha.h> instead of defining them again in chacha_generic.c. Signed-off-by: Eric Biggers <ebiggers@google.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 2043323a799a660bc84bbee404cf7a2617ec6157) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I2a585793ef6dbf5529d65f0c985ffa6f4072fda3 |
||
Jason A. Donenfeld
|
f9f4dfd312 |
UPSTREAM: crypto: curve25519 - x86_64 library and KPP implementations
This implementation is the fastest available x86_64 implementation, and unlike Sandy2x, it doesn't requie use of the floating point registers at all. Instead it makes use of BMI2 and ADX, available on recent microarchitectures. The implementation was written by Armando Faz-Hernández with contributions (upstream) from Samuel Neves and me, in addition to further changes in the kernel implementation from us. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Samuel Neves <sneves@dei.uc.pt> Co-developed-by: Samuel Neves <sneves@dei.uc.pt> [ardb: - move to arch/x86/crypto - wire into lib/crypto framework - implement crypto API KPP hooks ] Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit bb611bdfd6be34d9f822c73305fcc83720499d38) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I4c8f006da5fc8eaafbe2902e5b82d885fce1e5a5 |
||
Ard Biesheuvel
|
fe7ebbd471 |
UPSTREAM: crypto: curve25519 - implement generic KPP driver
Expose the generic Curve25519 library via the crypto API KPP interface. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit ee772cb641135739c1530647391d5a04c39db192) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ic832d2b6900a4fbe8db11348c9dcada87892c317 |
||
Ard Biesheuvel
|
40175d26ba |
UPSTREAM: crypto: curve25519 - add kpp selftest
In preparation of introducing KPP implementations of Curve25519, import the set of test cases proposed by the Zinc patch set, but converted to the KPP format. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit f613457a7af085728297bef71233c37faf3c01b1) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Icba92206a4ae5e131bf28ff3d52977ae1ffa3c66 |
||
Jason A. Donenfeld
|
db2e6ec625 |
UPSTREAM: crypto: blake2s - x86_64 SIMD implementation
These implementations from Samuel Neves support AVX and AVX-512VL. Originally this used AVX-512F, but Skylake thermal throttling made AVX-512VL more attractive and possible to do with negligable difference. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Samuel Neves <sneves@dei.uc.pt> Co-developed-by: Samuel Neves <sneves@dei.uc.pt> [ardb: move to arch/x86/crypto, wire into lib/crypto framework] Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit ed0356eda153f6a95649e11feb7b07083caf9e20) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I26150abb48c1508d922727d7b9d788e0251f411c |
||
Ard Biesheuvel
|
537dbe51f3 |
UPSTREAM: crypto: blake2s - implement generic shash driver
Wire up our newly added Blake2s implementation via the shash API. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 7f9b0880925f1f9d7d59504ea0892d2ae9cfc233) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I2cc105bb4fd251cfea616323f352730832f07aaa |
||
Ard Biesheuvel
|
8e4def702e |
UPSTREAM: crypto: testmgr - add test cases for Blake2s
As suggested by Eric for the Blake2b implementation contributed by David, introduce a set of test vectors for Blake2s covering different digest and key sizes. blake2s-128 blake2s-160 blake2s-224 blake2s-256 --------------------------------------------------- len=0 | klen=0 klen=1 klen=16 klen=32 len=1 | klen=16 klen=32 klen=0 klen=1 len=7 | klen=32 klen=0 klen=1 klen=16 len=15 | klen=1 klen=16 klen=32 klen=0 len=64 | klen=0 klen=1 klen=16 klen=32 len=247 | klen=16 klen=32 klen=0 klen=1 len=256 | klen=32 klen=0 klen=1 klen=16 Cc: David Sterba <dsterba@suse.com> Cc: Eric Biggers <ebiggers@google.com> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 17e1df67023a5c9ccaeb5de8bf5b88f63127ecf7) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: If7b4154623ead41346837eefacbcee5354ff7765 |
||
Ard Biesheuvel
|
688b66e083 |
UPSTREAM: crypto: mips/poly1305 - incorporate OpenSSL/CRYPTOGAMS optimized implementation
This is a straight import of the OpenSSL/CRYPTOGAMS Poly1305 implementation for MIPS authored by Andy Polyakov, a prior 64-bit only version of which has been contributed by him to the OpenSSL project. The file 'poly1305-mips.pl' is taken straight from this upstream GitHub repository [0] at commit d22ade312a7af958ec955620b0d241cf42c37feb, and already contains all the changes required to build it as part of a Linux kernel module. [0] https://github.com/dot-asm/cryptogams Co-developed-by: Andy Polyakov <appro@cryptogams.org> Signed-off-by: Andy Polyakov <appro@cryptogams.org> Co-developed-by: René van Dorst <opensource@vdorst.com> Signed-off-by: René van Dorst <opensource@vdorst.com> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit a11d055e7a64ac34a5e99b6fe731299449cbcd58) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I3f970f4d675b2a2f3e30ee6f28f32824e125e6e8 |
||
Ard Biesheuvel
|
4e42c8cac2 |
UPSTREAM: crypto: x86/poly1305 - expose existing driver as poly1305 library
Implement the arch init/update/final Poly1305 library routines in the accelerated SIMD driver for x86 so they are accessible to users of the Poly1305 library interface as well. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit f0e89bcfbb894e5844cd1bbf6b3cf7c63cb0f5ac) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ib675528205383a4816e2a01f68e89eba2b0abb4d |
||
Ard Biesheuvel
|
48c9cbd789 |
UPSTREAM: crypto: x86/poly1305 - depend on generic library not generic shash
Remove the dependency on the generic Poly1305 driver. Instead, depend on the generic library so that we only reuse code without pulling in the generic skcipher implementation as well. While at it, remove the logic that prefers the non-SIMD path for short inputs - this is no longer necessary after recent FPU handling changes on x86. Since this removes the last remaining user of the routines exported by the generic shash driver, unexport them and make them static. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 1b2c6a5120489d41c8ea3b8dacd0b4586289b158) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I1003433816e6f3f458d7ccbcd0d4790666cdf8d1 |
||
Ard Biesheuvel
|
d1fa3dd17d |
UPSTREAM: crypto: poly1305 - expose init/update/final library interface
Expose the existing generic Poly1305 code via a init/update/final library interface so that callers are not required to go through the crypto API's shash abstraction to access it. At the same time, make some preparations so that the library implementation can be superseded by an accelerated arch-specific version in the future. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit a1d93064094cc5e24d64e35cf093e7191d0c9344) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ibd2539acddd9b8de1100d9fab832e58006736607 |
||
Ard Biesheuvel
|
c99c627218 |
UPSTREAM: crypto: x86/poly1305 - unify Poly1305 state struct with generic code
In preparation of exposing a Poly1305 library interface directly from the accelerated x86 driver, align the state descriptor of the x86 code with the one used by the generic driver. This is needed to make the library interface unified between all implementations. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit ad8f5b88383ea685f2b8df2a12ee3e08089a1287) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I4425d0b514eec8e1d3e88e9972f270cc17bf8064 |
||
Ard Biesheuvel
|
4afb116cc1 |
UPSTREAM: crypto: poly1305 - move core routines into a separate library
Move the core Poly1305 routines shared between the generic Poly1305 shash driver and the Adiantum and NHPoly1305 drivers into a separate library so that using just this pieces does not pull in the crypto API pieces of the generic Poly1305 routine. In a subsequent patch, we will augment this generic library with init/update/final routines so that Poyl1305 algorithm can be used directly without the need for using the crypto API's shash abstraction. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 48ea8c6ebc96bc0990e12ee1c43d0832c23576bb) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I1d1ebae722acdb3a908822b8a5b126689e2147c3 |
||
Ard Biesheuvel
|
aff2622b02 |
UPSTREAM: crypto: chacha - unexport chacha_generic routines
Now that all users of generic ChaCha code have moved to the core library, there is no longer a need for the generic ChaCha skcpiher driver to export parts of it implementation for reuse by other drivers. So drop the exports, and make the symbols static. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 22cf705360707ced15f9fe5423938f313c7df536) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ie7a711756d34f1578c32c59cd5e1e8e3ef82368f |
||
Ard Biesheuvel
|
b449e889ac |
UPSTREAM: crypto: mips/chacha - wire up accelerated 32r2 code from Zinc
This integrates the accelerated MIPS 32r2 implementation of ChaCha into both the API and library interfaces of the kernel crypto stack. The significance of this is that, in addition to becoming available as an accelerated library implementation, it can also be used by existing crypto API code such as Adiantum (for block encryption on ultra low performance cores) or IPsec using chacha20poly1305. These are use cases that have already opted into using the abstract crypto API. In order to support Adiantum, the core assembler routine has been adapted to take the round count as a function argument rather than hardcoding it to 20. Co-developed-by: René van Dorst <opensource@vdorst.com> Signed-off-by: René van Dorst <opensource@vdorst.com> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 3a2f58f3ba4f6f44e33d1a48240d5eadb882cb59) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I2ae4452b68026e40d3fe637e9ae28c65ada08501 |
||
Ard Biesheuvel
|
0a524ae566 |
UPSTREAM: crypto: x86/chacha - expose SIMD ChaCha routine as library function
Wire the existing x86 SIMD ChaCha code into the new ChaCha library interface, so that users of the library interface will get the accelerated version when available. Given that calls into the library API will always go through the routines in this module if it is enabled, switch to static keys to select the optimal implementation available (which may be none at all, in which case we defer to the generic implementation for all invocations). Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 84e03fa39fbe95a5567d43bff458c6d3b3a23ad1) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I888d7c807c2c1227195a924895ec68c0377b1771 |
||
Ard Biesheuvel
|
c2674ee0d9 |
UPSTREAM: crypto: x86/chacha - depend on generic chacha library instead of crypto driver
In preparation of extending the x86 ChaCha driver to also expose the ChaCha library interface, drop the dependency on the chacha_generic crypto driver as a non-SIMD fallback, and depend on the generic ChaCha library directly. This way, we only pull in the code we actually need, without registering a set of ChaCha skciphers that we will never use. Since turning the FPU on and off is cheap these days, simplify the SIMD routine by dropping the per-page yield, which makes for a cleaner switch to the library API as well. This also allows use to invoke the skcipher walk routines in non-atomic mode. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 28e8d89b1ce8d2e7badfb5f69971dd635acb8863) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I404df79078972b7623230d3afceaf1f34bafc048 |
||
Ard Biesheuvel
|
2aa92dfe28 |
UPSTREAM: crypto: chacha - move existing library code into lib/crypto
Currently, our generic ChaCha implementation consists of a permute function in lib/chacha.c that operates on the 64-byte ChaCha state directly [and which is always included into the core kernel since it is used by the /dev/random driver], and the crypto API plumbing to expose it as a skcipher. In order to support in-kernel users that need the ChaCha streamcipher but have no need [or tolerance] for going through the abstractions of the crypto API, let's expose the streamcipher bits via a library API as well, in a way that permits the implementation to be superseded by an architecture specific one if provided. So move the streamcipher code into a separate module in lib/crypto, and expose the init() and crypt() routines to users of the library. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 5fb8ef25803ef33e2eb60b626435828b937bed75) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I7fe321d1fcbaea1dc3f9f65dec74a6f40da2d489 |
||
Ard Biesheuvel
|
c099f33354 |
UPSTREAM: crypto: lib - tidy up lib/crypto Kconfig and Makefile
In preparation of introducing a set of crypto library interfaces, tidy up the Makefile and split off the Kconfig symbols into a separate file. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> [Jason: fold in parts of dc51f257] (cherry picked from commit 746b2e024c67aa605ac12d135cd7085a49cf9dc4) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I6b877d863ba62199745d9d573dda35caee42cc79 |
||
Eric Biggers
|
f383e974de |
UPSTREAM: crypto: chacha - constify ctx and iv arguments
Constify the ctx and iv arguments to crypto_chacha_init() and the various chacha*_stream_xor() functions. This makes it clear that they are not modified. Signed-off-by: Eric Biggers <ebiggers@google.com> Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 860ab2e50204c41e713c54c752617d2da57f0fd7) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I6dcb54a381e0867979e13558217c0ca74cf5da9e |
||
Eric Biggers
|
2be733e152 |
UPSTREAM: crypto: xchacha20 - fix comments for test vectors
The kernel's ChaCha20 uses the RFC7539 convention of the nonce being 12 bytes rather than 8, so actually I only appended 12 random bytes (not 16) to its test vectors to form 24-byte nonces for the XChaCha20 test vectors. The other 4 bytes were just from zero-padding the stream position to 8 bytes. Fix the comments above the test vectors. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 282c14852d00d6d1b8fadf3e01e4180f02ddda84) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I1037d3e19792fd7dbf0d9623fe530ce711a0e8ad |
||
Eric Biggers
|
b6685e597a |
UPSTREAM: crypto: xchacha - add test vector from XChaCha20 draft RFC
There is a draft specification for XChaCha20 being worked on. Add the XChaCha20 test vector from the appendix so that we can be extra sure the kernel's implementation is compatible. I also recomputed the ciphertext with XChaCha12 and added it there too, to keep the tests for XChaCha20 and XChaCha12 in sync. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 5569e8c07447344cdc3771378ba4e0da0b94c2a4) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ib086679152e2499b0d99ffb2caa90a9ea83b359d |
||
Eric Biggers
|
c4d866c3ae |
UPSTREAM: crypto: x86/chacha - add XChaCha12 support
Now that the x86_64 SIMD implementations of ChaCha20 and XChaCha20 have been refactored to support varying the number of rounds, add support for XChaCha12. This is identical to XChaCha20 except for the number of rounds, which is 12 instead of 20. This can be used by Adiantum. Reviewed-by: Martin Willi <martin@strongswan.org> Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 7a507d62258afd514583fadf1482451079fa0e4d) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ic146122b11b8bf5a0962a914aa8c8f631f3d047a |
||
Eric Biggers
|
75fe50acb0 |
UPSTREAM: crypto: x86/chacha20 - add XChaCha20 support
Add an XChaCha20 implementation that is hooked up to the x86_64 SIMD implementations of ChaCha20. This can be used by Adiantum. An SSSE3 implementation of single-block HChaCha20 is also added so that XChaCha20 can use it rather than the generic implementation. This required refactoring the ChaCha permutation into its own function. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 4af78261870a7d36dd222af8dad9688b705e365e) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I7118fd7438c63813e07d345655a72c42ef9e89b2 |
||
Greg Kroah-Hartman
|
a6c20c0442 |
This is the 4.19.132 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl8GySkACgkQONu9yGCS aT5AJxAAhkThJ1JxpJ/Ci5KASCkyXxqghdD+EQ/dwVp9fWjFcUZT4Pp+PZzGk02d 6DW9F8sNsCJOepeXmzJnFDf2rIuFCCGWgkX/wD+zTHDzY+ThmaOBy9hW2k2tM98B ii40ui4YYUYHKh0nPF1uPWsAGEdipqv2QWCaDszKtpH/mjcodWJmlJpXTl1Lh6+H dWT1CEYhLJBG5Z6A9NVeKn7PMtX7hMoYEF8DRyUg59a2oNKc2ys8FsjeRfJ9EvYN Qd1ZKWUvkzxQmL14RIvkA3bcU7bdIAB5Qm9lV0WKs/kVD2+zMOZb3j4HR2+0ey6U ieyX6iM07la1cMEEHxtHtIZoghgId7XgB2UJu7oFGH/4Y98ocwKa/8iA+qtXEDVj 7mHa3dnC/gKMISydKsLN8AswVJXTy+RrcOnOf4qNfRUe0hhRZhfniusio5Hp8s/x vV+k+/PH8kPvVOhM7Jw3wGgms4wMzgKR8zcZm4wf9qnZMyLn/e902w04d+xkEs3Z ShSZtd/9CWed7FENKEb0mCCJrE2c6kHCAExNfP6Xx2NSdB7Nr1vFNqYhXIynGRko Hpf746FaQ2J4jr1IHDaGvfxeD64EJqpH8M2Ti3/jkQG45FrYRGirX4cry0Kx655r SmSENRH4H5alnGL/1m/8xYHBDsA3u2hY7+7ZfKBgK3B0ikxPia8= =NI9a -----END PGP SIGNATURE----- Merge 4.19.132 into android-4.19-stable Changes in 4.19.132 btrfs: fix a block group ref counter leak after failure to remove block group mm: fix swap cache node allocation mask EDAC/amd64: Read back the scrub rate PCI register on F15h usbnet: smsc95xx: Fix use-after-free after removal mm/slub.c: fix corrupted freechain in deactivate_slab() mm/slub: fix stack overruns with SLUB_STATS usb: usbtest: fix missing kfree(dev->buf) in usbtest_disconnect s390/debug: avoid kernel warning on too large number of pages nvme-multipath: set bdi capabilities once nvme-multipath: fix deadlock between ana_work and scan_work kgdb: Avoid suspicious RCU usage warning crypto: af_alg - fix use-after-free in af_alg_accept() due to bh_lock_sock() drm/msm/dpu: fix error return code in dpu_encoder_init cxgb4: use unaligned conversion for fetching timestamp cxgb4: parse TC-U32 key values and masks natively cxgb4: use correct type for all-mask IP address comparison cxgb4: fix SGE queue dump destination buffer context hwmon: (max6697) Make sure the OVERT mask is set correctly hwmon: (acpi_power_meter) Fix potential memory leak in acpi_power_meter_add() drm: sun4i: hdmi: Remove extra HPD polling virtio-blk: free vblk-vqs in error path of virtblk_probe() SMB3: Honor 'posix' flag for multiuser mounts nvme: fix a crash in nvme_mpath_add_disk i2c: algo-pca: Add 0x78 as SCL stuck low status for PCA9665 i2c: mlxcpld: check correct size of maximum RECV_LEN packet nfsd: apply umask on fs without ACL support Revert "ALSA: usb-audio: Improve frames size computation" SMB3: Honor 'seal' flag for multiuser mounts SMB3: Honor persistent/resilient handle flags for multiuser mounts SMB3: Honor lease disabling for multiuser mounts cifs: Fix the target file was deleted when rename failed. MIPS: Add missing EHB in mtc0 -> mfc0 sequence for DSPen irqchip/gic: Atomically update affinity dm zoned: assign max_io_len correctly efi: Make it possible to disable efivar_ssdt entirely Linux 4.19.132 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I394bc3ee947bdf92bad83297e7bd579e92fed8a9 |
||
Herbert Xu
|
9a8ecc6a3e |
crypto: af_alg - fix use-after-free in af_alg_accept() due to bh_lock_sock()
commit 34c86f4c4a7be3b3e35aa48bd18299d4c756064d upstream. The locking in af_alg_release_parent is broken as the BH socket lock can only be taken if there is a code-path to handle the case where the lock is owned by process-context. Instead of adding such handling, we can fix this by changing the ref counts to atomic_t. This patch also modifies the main refcnt to include both normal and nokey sockets. This way we don't have to fudge the nokey ref count when a socket changes from nokey to normal. Credits go to Mauricio Faria de Oliveira who diagnosed this bug and sent a patch for it: https://lore.kernel.org/linux-crypto/20200605161657.535043-1-mfo@canonical.com/ Reported-by: Brian Moyles <bmoyles@netflix.com> Reported-by: Mauricio Faria de Oliveira <mfo@canonical.com> Fixes: 37f96694cf73 ("crypto: af_alg - Use bh_lock_sock in...") Cc: <stable@vger.kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Greg Kroah-Hartman
|
b96549a28b |
This is the 4.19.130 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl70p5sACgkQONu9yGCS aT4nRg/9HAG5FdyJgH3OnUY5LtrjtlVpRsD+AgdUnnftpDprZ0m4dZsUuUSF4fJJ hzEr98/vX41yYqi2ne9mZcPnm4uOw21dEJK9X/2Z5+654i4qOwcv9FfVQSAdSpXC KEN0rRlZw0MdXwISmU9UbBTwSRqxi0qJNWfSR3rS9DZRiSPhhxElMwbdcYXjpgKR GZ7Wd/pDb0q371mR2Ar7+13PVxsvBzoEwYUngbeTr3EXtCiWiavBqBzABpJQYH9L xm5ZfFLwLMsnQSd/gdW7DZGq+6JdLgf6HaY4FOcpkoDo5gSSDc2RNTg8jbzu8dM0 o2Wge54q9aTbuu+sc6k9x5HAaTPdv7uFnORdBvNhYGZWfXv69SZjCFgqwjsmPiww +wg6D4uYWeh+faIz4tNBHk/bjIIMACnSJifsd131aXUed1cm4GeeQEQgimT8ea99 uOZrKPSTd+tbY3tZJrX2TyixYKgtaegdYTh3GWLx0AmYS8dOTHKfezUMMtFj4F7F XTbZ3IWyVTSynO/7LRLdEGwAZjA/vWCK3YQS95qVCY1ni7h2vZw4FQb2C9CHyHAq BIqiu2rOvxAsmIgh6GFcLLYN6cAa+lgIifmOMn2DPYrfF2gcrrGt6iOm1fc0gr5t QbNYK7OQ/1L70BgvnI1lDAl4qG6lhSKV28SB6Csbzrz5WYzbfnE= =iU+4 -----END PGP SIGNATURE----- Merge 4.19.130 into android-4.19-stable Changes in 4.19.130 power: supply: bq24257_charger: Replace depends on REGMAP_I2C with select clk: sunxi: Fix incorrect usage of round_down() ASoC: tegra: tegra_wm8903: Support nvidia, headset property i2c: piix4: Detect secondary SMBus controller on AMD AM4 chipsets iio: pressure: bmp280: Tolerate IRQ before registering remoteproc: Fix IDR initialisation in rproc_alloc() clk: qcom: msm8916: Fix the address location of pll->config_reg backlight: lp855x: Ensure regulators are disabled on probe failure ASoC: davinci-mcasp: Fix dma_chan refcnt leak when getting dma type ARM: integrator: Add some Kconfig selections scsi: qedi: Check for buffer overflow in qedi_set_path() ALSA: hda/realtek - Introduce polarity for micmute LED GPIO ALSA: isa/wavefront: prevent out of bounds write in ioctl PCI: Allow pci_resize_resource() for devices on root bus scsi: qla2xxx: Fix issue with adapter's stopping state iio: bmp280: fix compensation of humidity f2fs: report delalloc reserve as non-free in statfs for project quota i2c: pxa: clear all master action bits in i2c_pxa_stop_message() clk: samsung: Mark top ISP and CAM clocks on Exynos542x as critical usblp: poison URBs upon disconnect serial: 8250: Fix max baud limit in generic 8250 port dm mpath: switch paths in dm_blk_ioctl() code path PCI: aardvark: Don't blindly enable ASPM L0s and don't write to read-only register ps3disk: use the default segment boundary vfio/pci: fix memory leaks in alloc_perm_bits() RDMA/mlx5: Add init2init as a modify command m68k/PCI: Fix a memory leak in an error handling path gpio: dwapb: Call acpi_gpiochip_free_interrupts() on GPIO chip de-registration mfd: wm8994: Fix driver operation if loaded as modules scsi: lpfc: Fix lpfc_nodelist leak when processing unsolicited event clk: clk-flexgen: fix clock-critical handling powerpc/perf/hv-24x7: Fix inconsistent output values incase multiple hv-24x7 events run nfsd: Fix svc_xprt refcnt leak when setup callback client failed PCI: vmd: Filter resource type bits from shadow register powerpc/crashkernel: Take "mem=" option into account pwm: img: Call pm_runtime_put() in pm_runtime_get_sync() failed case yam: fix possible memory leak in yam_init_driver NTB: ntb_pingpong: Choose doorbells based on port number NTB: Fix the default port and peer numbers for legacy drivers mksysmap: Fix the mismatch of '.L' symbols in System.map apparmor: fix introspection of of task mode for unconfined tasks apparmor: check/put label on apparmor_sk_clone_security() ASoC: meson: add missing free_irq() in error path scsi: sr: Fix sr_probe() missing deallocate of device minor scsi: ibmvscsi: Don't send host info in adapter info MAD after LPM apparmor: fix nnp subset test for unconfined x86/purgatory: Disable various profiling and sanitizing options staging: greybus: fix a missing-check bug in gb_lights_light_config() arm64: dts: mt8173: fix unit name warnings scsi: qedi: Do not flush offload work if ARP not resolved ARM: dts: sun8i-h2-plus-bananapi-m2-zero: Fix led polarity gpio: dwapb: Append MODULE_ALIAS for platform driver scsi: qedf: Fix crash when MFW calls for protocol stats while function is still probing pinctrl: rza1: Fix wrong array assignment of rza1l_swio_entries firmware: qcom_scm: fix bogous abuse of dma-direct internals staging: gasket: Fix mapping refcnt leak when put attribute fails staging: gasket: Fix mapping refcnt leak when register/store fails ALSA: usb-audio: Improve frames size computation ALSA: usb-audio: Fix racy list management in output queue s390/qdio: put thinint indicator after early error tty: hvc: Fix data abort due to race in hvc_open slimbus: ngd: get drvdata from correct device thermal/drivers/ti-soc-thermal: Avoid dereferencing ERR_PTR usb: dwc3: gadget: Properly handle failed kick_transfer staging: sm750fb: add missing case while setting FB_VISUAL PCI: v3-semi: Fix a memory leak in v3_pci_probe() error handling paths i2c: pxa: fix i2c_pxa_scream_blue_murder() debug output serial: amba-pl011: Make sure we initialize the port.lock spinlock drivers: base: Fix NULL pointer exception in __platform_driver_probe() if a driver developer is foolish PCI: rcar: Fix incorrect programming of OB windows PCI/ASPM: Allow ASPM on links to PCIe-to-PCI/PCI-X Bridges scsi: qla2xxx: Fix warning after FC target reset power: supply: lp8788: Fix an error handling path in 'lp8788_charger_probe()' power: supply: smb347-charger: IRQSTAT_D is volatile scsi: mpt3sas: Fix double free warnings pinctrl: rockchip: fix memleak in rockchip_dt_node_to_map dlm: remove BUG() before panic() clk: ti: composite: fix memory leak PCI: Fix pci_register_host_bridge() device_register() error handling powerpc/64: Don't initialise init_task->thread.regs tty: n_gsm: Fix SOF skipping tty: n_gsm: Fix waking up upper tty layer when room available HID: Add quirks for Trust Panora Graphic Tablet ipmi: use vzalloc instead of kmalloc for user creation powerpc/pseries/ras: Fix FWNMI_VALID off by one powerpc/ps3: Fix kexec shutdown hang vfio-pci: Mask cap zero usb/ohci-platform: Fix a warning when hibernating drm/msm/mdp5: Fix mdp5_init error path for failed mdp5_kms allocation ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT8-A tablet USB: host: ehci-mxc: Add error handling in ehci_mxc_drv_probe() tty: n_gsm: Fix bogus i++ in gsm_data_kick fpga: dfl: afu: Corrected error handling levels clk: samsung: exynos5433: Add IGNORE_UNUSED flag to sclk_i2s1 scsi: target: tcmu: Userspace must not complete queued commands arm64: tegra: Fix ethernet phy-mode for Jetson Xavier powerpc/64s/pgtable: fix an undefined behaviour dm zoned: return NULL if dmz_get_zone_for_reclaim() fails to find a zone PCI/PTM: Inherit Switch Downstream Port PTM settings from Upstream Port PCI: dwc: Fix inner MSI IRQ domain registration IB/cma: Fix ports memory leak in cma_configfs watchdog: da9062: No need to ping manually before setting timeout usb: dwc2: gadget: move gadget resume after the core is in L0 state USB: gadget: udc: s3c2410_udc: Remove pointless NULL check in s3c2410_udc_nuke usb: gadget: lpc32xx_udc: don't dereference ep pointer before null check usb: gadget: fix potential double-free in m66592_probe. usb: gadget: Fix issue with config_ep_by_speed function RDMA/iw_cxgb4: cleanup device debugfs entries on ULD remove x86/apic: Make TSC deadline timer detection message visible ASoC: fix incomplete error-handling in img_i2s_in_probe. scsi: target: tcmu: Fix a use after free in tcmu_check_expired_queue_cmd() clk: bcm2835: Fix return type of bcm2835_register_gate scsi: ufs-qcom: Fix scheduling while atomic issue KVM: PPC: Book3S HV: Ignore kmemleak false positives clk: sprd: return correct type of value for _sprd_pll_recalc_rate net: sunrpc: Fix off-by-one issues in 'rpc_ntop6' NFSv4.1 fix rpc_call_done assignment for BIND_CONN_TO_SESSION of: Fix a refcounting bug in __of_attach_node_sysfs() powerpc/4xx: Don't unmap NULL mbase extcon: adc-jack: Fix an error handling path in 'adc_jack_probe()' ASoC: fsl_asrc_dma: Fix dma_chan leak when config DMA channel failed vfio/mdev: Fix reference count leak in add_mdev_supported_type rxrpc: Adjust /proc/net/rxrpc/calls to display call->debug_id not user_ID openrisc: Fix issue with argument clobbering for clone/fork gfs2: Allow lock_nolock mount to specify jid=X scsi: iscsi: Fix reference count leak in iscsi_boot_create_kobj scsi: ufs: Don't update urgent bkops level when toggling auto bkops pinctrl: imxl: Fix an error handling path in 'imx1_pinctrl_core_probe()' pinctrl: freescale: imx: Fix an error handling path in 'imx_pinctrl_probe()' crypto: omap-sham - add proper load balancing support for multicore geneve: change from tx_error to tx_dropped on missing metadata lib/zlib: remove outdated and incorrect pre-increment optimization include/linux/bitops.h: avoid clang shift-count-overflow warnings elfnote: mark all .note sections SHF_ALLOC selftests/vm/pkeys: fix alloc_random_pkey() to make it really random blktrace: use errno instead of bi_status blktrace: fix endianness in get_pdu_int() blktrace: fix endianness for blk_log_remap() gfs2: fix use-after-free on transaction ail lists ntb_perf: pass correct struct device to dma_alloc_coherent ntb_tool: pass correct struct device to dma_alloc_coherent NTB: ntb_tool: reading the link file should not end in a NULL byte NTB: Revert the change to use the NTB device dev for DMA allocations NTB: perf: Don't require one more memory window than number of peers NTB: perf: Fix support for hardware that doesn't have port numbers NTB: perf: Fix race condition when run with ntb_test NTB: ntb_test: Fix bug when counting remote files drivers/perf: hisi: Fix wrong value for all counters enable selftests/net: in timestamping, strncpy needs to preserve null byte afs: Fix memory leak in afs_put_sysnames() ASoC: core: only convert non DPCM link to DPCM link ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT10-A tablet ASoC: rt5645: Add platform-data for Asus T101HA drm/sun4i: hdmi ddc clk: Fix size of m divider scsi: acornscsi: Fix an error handling path in acornscsi_probe() x86/idt: Keep spurious entries unset in system_vectors net/filter: Permit reading NET in load_bytes_relative when MAC not set xdp: Fix xsk_generic_xmit errno usb/xhci-plat: Set PM runtime as active on resume usb: host: ehci-platform: add a quirk to avoid stuck usb/ehci-platform: Set PM runtime as active on resume perf report: Fix NULL pointer dereference in hists__fprintf_nr_sample_events() ext4: stop overwrite the errcode in ext4_setup_super bcache: fix potential deadlock problem in btree_gc_coalesce afs: Fix non-setting of mtime when writing into mmap afs: afs_write_end() should change i_size under the right lock block: Fix use-after-free in blkdev_get() arm64: hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints libata: Use per port sync for detach drm: encoder_slave: fix refcouting error for modules drm/dp_mst: Reformat drm_dp_check_act_status() a bit drm/qxl: Use correct notify port address when creating cursor ring drm/amdgpu: Replace invalid device ID with a valid device ID selinux: fix double free ext4: fix partial cluster initialization when splitting extent ext4: avoid race conditions when remounting with options that change dax drm/dp_mst: Increase ACT retry timeout to 3s x86/boot/compressed: Relax sed symbol type regex for LLVM ld.lld block: nr_sects_write(): Disable preemption on seqcount write mtd: rawnand: Pass a nand_chip object to nand_scan() mtd: rawnand: Pass a nand_chip object to nand_release() mtd: rawnand: diskonchip: Fix the probe error path mtd: rawnand: sharpsl: Fix the probe error path mtd: rawnand: xway: Fix the probe error path mtd: rawnand: orion: Fix the probe error path mtd: rawnand: oxnas: Add of_node_put() mtd: rawnand: oxnas: Fix the probe error path mtd: rawnand: socrates: Fix the probe error path mtd: rawnand: plat_nand: Fix the probe error path mtd: rawnand: mtk: Fix the probe error path mtd: rawnand: tmio: Fix the probe error path s390: fix syscall_get_error for compat processes drm/i915: Whitelist context-local timestamp in the gen9 cmdparser drm/i915/icl+: Fix hotplug interrupt disabling after storm detection crypto: algif_skcipher - Cap recv SG list at ctx->used crypto: algboss - don't wait during notifier callback kprobes: Fix to protect kick_kprobe_optimizer() by kprobe_mutex e1000e: Do not wake up the system via WOL if device wakeup is disabled net: octeon: mgmt: Repair filling of RX ring kretprobe: Prevent triggering kretprobe from within kprobe_flush_task sched/rt, net: Use CONFIG_PREEMPTION.patch net: core: device_rename: Use rwsem instead of a seqcount Revert "dpaa_eth: fix usage as DSA master, try 3" md: add feature flag MD_FEATURE_RAID0_LAYOUT kvm: x86: Move kvm_set_mmio_spte_mask() from x86.c to mmu.c kvm: x86: Fix reserved bits related calculation errors caused by MKTME KVM: x86/mmu: Set mmio_value to '0' if reserved #PF can't be generated Linux 4.19.130 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I8fff23470852b747c3d75461b45f9d77460062d3 |
||
Eric Biggers
|
c0ef44cbed |
crypto: algboss - don't wait during notifier callback
commit 77251e41f89a813b4090f5199442f217bbf11297 upstream.
When a crypto template needs to be instantiated, CRYPTO_MSG_ALG_REQUEST
is sent to crypto_chain. cryptomgr_schedule_probe() handles this by
starting a thread to instantiate the template, then waiting for this
thread to complete via crypto_larval::completion.
This can deadlock because instantiating the template may require loading
modules, and this (apparently depending on userspace) may need to wait
for the crc-t10dif module (lib/crc-t10dif.c) to be loaded. But
crc-t10dif's module_init function uses crypto_register_notifier() and
therefore takes crypto_chain.rwsem for write. That can't proceed until
the notifier callback has finished, as it holds this semaphore for read.
Fix this by removing the wait on crypto_larval::completion from within
cryptomgr_schedule_probe(). It's actually unnecessary because
crypto_alg_mod_lookup() calls crypto_larval_wait() itself after sending
CRYPTO_MSG_ALG_REQUEST.
This only actually became a problem in v4.20 due to commit b76377543b73
("crc-t10dif: Pick better transform if one becomes available"), but the
unnecessary wait was much older.
BugLink: https://bugzilla.kernel.org/show_bug.cgi?id=207159
Reported-by: Mike Gerow <gerow@google.com>
Fixes:
|
||
Herbert Xu
|
b3ad0cdbdc |
crypto: algif_skcipher - Cap recv SG list at ctx->used
commit 7cf81954705b7e5b057f7dc39a7ded54422ab6e1 upstream.
Somewhere along the line the cap on the SG list length for receive
was lost. This patch restores it and removes the subsequent test
which is now redundant.
Fixes:
|
||
Greg Kroah-Hartman
|
91d4544b24 |
This is the 4.19.124 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl7Ey84ACgkQONu9yGCS aT4enA/+JsigMJOLeEtEZ4Gf97S0HnxOIqvuz7759s07vTzwPV1BfQm2eafcS8Cl 8//BO73tDe+m5shH0mFCeFsy0p1qC4+ewIyLPnjulxls1BCZ86xK44/WD6N0DgX9 Fi0HACcObuNZD7814yIyrWaI9QHZO+OwJlmjCXBiZGC4gZwAnGcgY2+ffYf/hRv2 wgEyJF2Td0rORCOM3qp8Ipdt1S8inm2yZodGC5htSPajfBLPe8narmkOXxcN+tuB BvOwdTJoplmhNwpimWacytL+jQJYKHS/izPX0JYkFDfQ/bgOYXz3CWwa2DMOVsGd CQOHp4rK/Rl/caAANe3nD87jstRbaRKp7HZELCJ+KZrHpGfefAZs6g5j+LNC7KQt 6YloSnTQsnRC6nqu+b2ieI5KoZAfwWoyHrQf7obJi6PJF4Ge4XUbaLEDH9TuxZTN tZX5ZOGZ8/i32VgYqBA4mDAbV+n5TyEYl722XxXzgim73VUDl67F7JqtDxMMb4Ic KW98luDDXgoq+kM2FqWgXtjxoP4TpjRREjwCpNDEa03ydKW+dwM21D7IoQNtXUgT uE6aFPVuhRt5MAhOdSHtkSsbOjiJZjKuPKvYyUFvAQT5JMaYZg9pabnH89E6URQ9 x7M2JOvR/GMOmPRykQoewqV0027K37TYxBfRAzLbNFv8Iol/a7I= =pHmd -----END PGP SIGNATURE----- Merge 4.19.124 into android-4.19-stable Changes in 4.19.124 net: dsa: Do not make user port errors fatal shmem: fix possible deadlocks on shmlock_user_lock net/sonic: Fix a resource leak in an error handling path in 'jazz_sonic_probe()' net: moxa: Fix a potential double 'free_irq()' drop_monitor: work around gcc-10 stringop-overflow warning virtio-blk: handle block_device_operations callbacks after hot unplug scsi: sg: add sg_remove_request in sg_write mmc: sdhci-acpi: Add SDHCI_QUIRK2_BROKEN_64_BIT_DMA for AMDI0040 net: fix a potential recursive NETDEV_FEAT_CHANGE netlabel: cope with NULL catmap net: phy: fix aneg restart in phy_ethtool_set_eee pppoe: only process PADT targeted at local interfaces Revert "ipv6: add mtu lock check in __ip6_rt_update_pmtu" tcp: fix error recovery in tcp_zerocopy_receive() virtio_net: fix lockdep warning on 32 bit hinic: fix a bug of ndo_stop net: dsa: loop: Add module soft dependency net: ipv4: really enforce backoff for redirects netprio_cgroup: Fix unlimited memory leak of v2 cgroups net: tcp: fix rx timestamp behavior for tcp_recvmsg tcp: fix SO_RCVLOWAT hangs with fat skbs riscv: fix vdso build with lld dmaengine: pch_dma.c: Avoid data race between probe and irq handler dmaengine: mmp_tdma: Reset channel error on release cpufreq: intel_pstate: Only mention the BIOS disabling turbo mode once ALSA: hda/hdmi: fix race in monitor detection during probe drm/qxl: lost qxl_bo_kunmap_atomic_page in qxl_image_init_helper() ipc/util.c: sysvipc_find_ipc() incorrectly updates position index ALSA: hda/realtek - Fix S3 pop noise on Dell Wyse gfs2: Another gfs2_walk_metadata fix pinctrl: baytrail: Enable pin configuration setting for GPIO chip pinctrl: cherryview: Add missing spinlock usage in chv_gpio_irq_handler i40iw: Fix error handling in i40iw_manage_arp_cache() mmc: core: Check request type before completing the request mmc: block: Fix request completion in the CQE timeout path NFS: Fix fscache super_cookie index_key from changing after umount nfs: fscache: use timespec64 in inode auxdata NFSv4: Fix fscache cookie aux_data to ensure change_attr is included netfilter: conntrack: avoid gcc-10 zero-length-bounds warning arm64: fix the flush_icache_range arguments in machine_kexec netfilter: nft_set_rbtree: Introduce and use nft_rbtree_interval_start() IB/mlx4: Test return value of calls to ib_get_cached_pkey hwmon: (da9052) Synchronize access with mfd pnp: Use list_for_each_entry() instead of open coding gcc-10 warnings: fix low-hanging fruit kbuild: compute false-positive -Wmaybe-uninitialized cases in Kconfig Stop the ad-hoc games with -Wno-maybe-initialized gcc-10: disable 'zero-length-bounds' warning for now gcc-10: disable 'array-bounds' warning for now gcc-10: disable 'stringop-overflow' warning for now gcc-10: disable 'restrict' warning for now gcc-10: avoid shadowing standard library 'free()' in crypto ALSA: hda/realtek - Limit int mic boost for Thinkpad T530 ALSA: rawmidi: Fix racy buffer resize under concurrent accesses ALSA: usb-audio: Add control message quirk delay for Kingston HyperX headset usb: core: hub: limit HUB_QUIRK_DISABLE_AUTOSUSPEND to USB5534B usb: host: xhci-plat: keep runtime active when removing host USB: gadget: fix illegal array access in binding with UDC usb: xhci: Fix NULL pointer dereference when enqueuing trbs from urb sg list ARM: dts: dra7: Fix bus_dma_limit for PCIe ARM: dts: imx27-phytec-phycard-s-rdk: Fix the I2C1 pinctrl entries cifs: fix leaked reference on requeued write x86: Fix early boot crash on gcc-10, third try x86/unwind/orc: Fix error handling in __unwind_start() exec: Move would_dump into flush_old_exec clk: rockchip: fix incorrect configuration of rk3228 aclk_gpu* clocks dwc3: Remove check for HWO flag in dwc3_gadget_ep_reclaim_trb_sg() usb: gadget: net2272: Fix a memory leak in an error handling path in 'net2272_plat_probe()' usb: gadget: audio: Fix a missing error return value in audio_bind() usb: gadget: legacy: fix error return code in gncm_bind() usb: gadget: legacy: fix error return code in cdc_bind() Revert "ALSA: hda/realtek: Fix pop noise on ALC225" clk: Unlink clock if failed to prepare or enable arm64: dts: rockchip: Replace RK805 PMIC node name with "pmic" on rk3328 boards arm64: dts: rockchip: Rename dwc3 device nodes on rk3399 to make dtc happy ARM: dts: r8a73a4: Add missing CMT1 interrupts arm64: dts: renesas: r8a77980: Fix IPMMU VIP[01] nodes ARM: dts: r8a7740: Add missing extal2 to CPG node KVM: x86: Fix off-by-one error in kvm_vcpu_ioctl_x86_setup_mce Makefile: disallow data races on gcc-10 as well Linux 4.19.124 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I3d253f677cc08337e64d316005a0ec0c33717940 |
||
Linus Torvalds
|
f81c4cc9b0 |
gcc-10: avoid shadowing standard library 'free()' in crypto
commit 1a263ae60b04de959d9ce9caea4889385eefcc7b upstream. gcc-10 has started warning about conflicting types for a few new built-in functions, particularly 'free()'. This results in warnings like: crypto/xts.c:325:13: warning: conflicting types for built-in function ‘free’; expected ‘void(void *)’ [-Wbuiltin-declaration-mismatch] because the crypto layer had its local freeing functions called 'free()'. Gcc-10 is in the wrong here, since that function is marked 'static', and thus there is no chance of confusion with any standard library function namespace. But the simplest thing to do is to just use a different name here, and avoid this gcc mis-feature. [ Side note: gcc knowing about 'free()' is in itself not the mis-feature: the semantics of 'free()' are special enough that a compiler can validly do special things when seeing it. So the mis-feature here is that gcc thinks that 'free()' is some restricted name, and you can't shadow it as a local static function. Making the special 'free()' semantics be a function attribute rather than tied to the name would be the much better model ] Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Kees Cook
|
892b1f54ca |
UPSTREAM: crypto: skcipher - Introduce crypto_sync_skcipher
In preparation for removal of VLAs due to skcipher requests on the stack via SKCIPHER_REQUEST_ON_STACK() usage, this introduces the infrastructure for the "sync skcipher" tfm, which is for handling the on-stack cases of skcipher, which are always non-ASYNC and have a known limited request size. The crypto API additions: struct crypto_sync_skcipher (wrapper for struct crypto_skcipher) crypto_alloc_sync_skcipher() crypto_free_sync_skcipher() crypto_sync_skcipher_setkey() crypto_sync_skcipher_get_flags() crypto_sync_skcipher_set_flags() crypto_sync_skcipher_clear_flags() crypto_sync_skcipher_blocksize() crypto_sync_skcipher_ivsize() crypto_sync_skcipher_reqtfm() skcipher_request_set_sync_tfm() SYNC_SKCIPHER_REQUEST_ON_STACK() (with tfm type check) Signed-off-by: Kees Cook <keescook@chromium.org> Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Bug: 150811495 Test: make Change-Id: I5d002a7af64509a293cd4d685b97d2cd2c4d10e1 (cherry picked from commit b350bee5ea0f4db75d4c6191a2e95db16f40c278) Signed-off-by: Hridya Valsaraju <hridya@google.com> |
||
Greg Kroah-Hartman
|
3389e56d31 |
This is the 4.19.103 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl5Cn0wACgkQONu9yGCS aT584xAAtePSlzTxst/jukREoyrpAfTM1BeovMdsZEBpKh+/F3n1udqHeo+iNAAN qSOig012aW2qP7b5/4CrEU9ZRTvd0AM4fog7ABLJVahMYMqoJgod8TRaE4v0nVut eRans6w3NbZJCZwdw2aiu5gwFfjwJLSUckBNmj4XVYdyfh7q0BgnZV5OY0V+zhuG 1MWXaylbRqjguR/ZFk0UPAmRaqNKHbwfCJ1V0ygL9xQkJM0cUn7hX9/CqM4aYnm6 m1oux4ektLAmF1XK4NiQEuRBMeFO74XlKcsZqQHf/b4FZfcPergcPwIj8ugtCHzJ kx2QgURDjgH4Tnu+Q0ScPrjj2kjU8rWmjqlcv1PcUyOWm+MR0OK9bW7TLEntMSF8 HOEe9j6SsjQNIOoYh1YcMnuGjKNIZjl2L3VbDzpVN2GxZxwAutY6G68tV7sbA2pu wtsrAVOqdcjoo0ruRmwognBqQAdNdsbiBx7bgcNjVEXWL0N3Ddiv6CNYwnehA5Hq cvQwVQpFGP9ZGYUcCMbdwR+7kJzVy6V2S615M8GkE9FouOwTfV60zM/sZ1rFVt1J 70zxfRX5ys19aTAVkbi6pHHCUJ0ZAiTgWujp5Hp4kPt7gEz01Ur0s1kI3b7b6iWh cuycRFULvqeXCApQacs//lOVDoUV20uFcL/zqOFM33v/+YzkyjA= =3D8z -----END PGP SIGNATURE----- Merge 4.19.103 into android-4.19 Changes in 4.19.103 Revert "drm/sun4i: dsi: Change the start delay calculation" ovl: fix lseek overflow on 32bit kernel/module: Fix memleak in module_add_modinfo_attrs() media: iguanair: fix endpoint sanity check ocfs2: fix oops when writing cloned file x86/cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR udf: Allow writing to 'Rewritable' partitions printk: fix exclusive_console replaying iwlwifi: mvm: fix NVM check for 3168 devices sparc32: fix struct ipc64_perm type definition cls_rsvp: fix rsvp_policy gtp: use __GFP_NOWARN to avoid memalloc warning l2tp: Allow duplicate session creation with UDP net: hsr: fix possible NULL deref in hsr_handle_frame() net_sched: fix an OOB access in cls_tcindex net: stmmac: Delete txtimer in suspend() bnxt_en: Fix TC queue mapping. tcp: clear tp->total_retrans in tcp_disconnect() tcp: clear tp->delivered in tcp_disconnect() tcp: clear tp->data_segs{in|out} in tcp_disconnect() tcp: clear tp->segs_{in|out} in tcp_disconnect() rxrpc: Fix use-after-free in rxrpc_put_local() rxrpc: Fix insufficient receive notification generation rxrpc: Fix missing active use pinning of rxrpc_local object rxrpc: Fix NULL pointer deref due to call->conn being cleared on disconnect media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors mfd: dln2: More sanity checking for endpoints ipc/msg.c: consolidate all xxxctl_down() functions tracing: Fix sched switch start/stop refcount racy updates rcu: Avoid data-race in rcu_gp_fqs_check_wake() brcmfmac: Fix memory leak in brcmf_usbdev_qinit usb: typec: tcpci: mask event interrupts when remove driver usb: gadget: legacy: set max_speed to super-speed usb: gadget: f_ncm: Use atomic_t to track in-flight request usb: gadget: f_ecm: Use atomic_t to track in-flight request ALSA: usb-audio: Fix endianess in descriptor validation ALSA: dummy: Fix PCM format loop in proc output mm/memory_hotplug: fix remove_memory() lockdep splat mm: move_pages: report the number of non-attempted pages media/v4l2-core: set pages dirty upon releasing DMA buffers media: v4l2-core: compat: ignore native command codes media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left adjustments lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more() irqdomain: Fix a memory leak in irq_domain_push_irq() platform/x86: intel_scu_ipc: Fix interrupt support ALSA: hda: Add Clevo W65_67SB the power_save blacklist KVM: arm64: Correct PSTATE on exception entry KVM: arm/arm64: Correct CPSR on exception entry KVM: arm/arm64: Correct AArch32 SPSR on exception entry KVM: arm64: Only sign-extend MMIO up to register width MIPS: fix indentation of the 'RELOCS' message MIPS: boot: fix typo in 'vmlinux.lzma.its' target s390/mm: fix dynamic pagetable upgrade for hugetlbfs powerpc/xmon: don't access ASDR in VMs powerpc/pseries: Advance pfn if section is not present in lmb_is_removable() smb3: fix signing verification of large reads PCI: tegra: Fix return value check of pm_runtime_get_sync() mmc: spi: Toggle SPI polarity, do not hardcode it ACPI: video: Do not export a non working backlight interface on MSI MS-7721 boards ACPI / battery: Deal with design or full capacity being reported as -1 ACPI / battery: Use design-cap for capacity calculations if full-cap is not available ACPI / battery: Deal better with neither design nor full capacity not being reported alarmtimer: Unregister wakeup source when module get fails ubifs: Reject unsupported ioctl flags explicitly ubifs: don't trigger assertion on invalid no-key filename ubifs: Fix FS_IOC_SETFLAGS unexpectedly clearing encrypt flag ubifs: Fix deadlock in concurrent bulk-read and writepage crypto: geode-aes - convert to skcipher API and make thread-safe PCI: keystone: Fix link training retries initiation mmc: sdhci-of-at91: fix memleak on clk_get failure hv_balloon: Balloon up according to request page number mfd: axp20x: Mark AXP20X_VBUS_IPSOUT_MGMT as volatile crypto: api - Check spawn->alg under lock in crypto_drop_spawn crypto: ccree - fix backlog memory leak crypto: ccree - fix pm wrongful error reporting crypto: ccree - fix PM race condition scripts/find-unused-docs: Fix massive false positives scsi: qla2xxx: Fix mtcp dump collection failure power: supply: ltc2941-battery-gauge: fix use-after-free ovl: fix wrong WARN_ON() in ovl_cache_update_ino() f2fs: choose hardlimit when softlimit is larger than hardlimit in f2fs_statfs_project() f2fs: fix miscounted block limit in f2fs_statfs_project() f2fs: code cleanup for f2fs_statfs_project() PM: core: Fix handling of devices deleted during system-wide resume of: Add OF_DMA_DEFAULT_COHERENT & select it on powerpc dm zoned: support zone sizes smaller than 128MiB dm space map common: fix to ensure new block isn't already in use dm crypt: fix benbi IV constructor crash if used in authenticated mode dm: fix potential for q->make_request_fn NULL pointer dm writecache: fix incorrect flush sequence when doing SSD mode commit padata: Remove broken queue flushing tracing: Annotate ftrace_graph_hash pointer with __rcu tracing: Annotate ftrace_graph_notrace_hash pointer with __rcu ftrace: Add comment to why rcu_dereference_sched() is open coded ftrace: Protect ftrace_graph_hash with ftrace_sync samples/bpf: Don't try to remove user's homedir on clean crypto: ccp - set max RSA modulus size for v3 platform devices as well crypto: pcrypt - Do not clear MAY_SLEEP flag in original request crypto: atmel-aes - Fix counter overflow in CTR mode crypto: api - Fix race condition in crypto_spawn_alg crypto: picoxcell - adjust the position of tasklet_init and fix missed tasklet_kill scsi: qla2xxx: Fix unbound NVME response length NFS: Fix memory leaks and corruption in readdir NFS: Directory page cache pages need to be locked when read jbd2_seq_info_next should increase position index Btrfs: fix missing hole after hole punching and fsync when using NO_HOLES btrfs: set trans->drity in btrfs_commit_transaction Btrfs: fix race between adding and putting tree mod seq elements and nodes ARM: tegra: Enable PLLP bypass during Tegra124 LP1 iwlwifi: don't throw error when trying to remove IGTK mwifiex: fix unbalanced locking in mwifiex_process_country_ie() sunrpc: expiry_time should be seconds not timeval gfs2: move setting current->backing_dev_info gfs2: fix O_SYNC write handling drm/rect: Avoid division by zero media: rc: ensure lirc is initialized before registering input device tools/kvm_stat: Fix kvm_exit filter name xen/balloon: Support xend-based toolstack take two watchdog: fix UAF in reboot notifier handling in watchdog core code bcache: add readahead cache policy options via sysfs interface eventfd: track eventfd_signal() recursion depth aio: prevent potential eventfd recursion on poll KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks KVM: x86: Protect DR-based index computations from Spectre-v1/L1TF attacks KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF attacks KVM: x86: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks KVM: x86: Protect MSR-based index computations in pmu.h from Spectre-v1/L1TF attacks KVM: x86: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks KVM: x86: Protect MSR-based index computations in fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks KVM: x86: Fix potential put_fpu() w/o load_fpu() on MPX platform KVM: PPC: Book3S HV: Uninit vCPU if vcore creation fails KVM: PPC: Book3S PR: Free shared page if mmu initialization fails x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit KVM: x86: Don't let userspace set host-reserved cr4 bits KVM: x86: Free wbinvd_dirty_mask if vCPU creation fails KVM: s390: do not clobber registers during guest reset/store status clk: tegra: Mark fuse clock as critical drm/amd/dm/mst: Ignore payload update failures percpu: Separate decrypted varaibles anytime encryption can be enabled scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return type scsi: csiostor: Adjust indentation in csio_device_reset scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free scsi: ufs: Recheck bkops level if bkops is disabled phy: qualcomm: Adjust indentation in read_poll_timeout ext2: Adjust indentation in ext2_fill_super powerpc/44x: Adjust indentation in ibm4xx_denali_fixup_memsize drm: msm: mdp4: Adjust indentation in mdp4_dsi_encoder_enable NFC: pn544: Adjust indentation in pn544_hci_check_presence ppp: Adjust indentation into ppp_async_input net: smc911x: Adjust indentation in smc911x_phy_configure net: tulip: Adjust indentation in {dmfe, uli526x}_init_module IB/mlx5: Fix outstanding_pi index for GSI qps IB/core: Fix ODP get user pages flow nfsd: fix delay timer on 32-bit architectures nfsd: fix jiffies/time_t mixup in LRU list nfsd: Return the correct number of bytes written to the file ubi: fastmap: Fix inverted logic in seen selfcheck ubi: Fix an error pointer dereference in error handling code mfd: da9062: Fix watchdog compatible string mfd: rn5t618: Mark ADC control register volatile bonding/alb: properly access headers in bond_alb_xmit() net: dsa: bcm_sf2: Only 7278 supports 2Gb/sec IMP port net: mvneta: move rx_dropped and rx_errors in per-cpu stats net_sched: fix a resource leak in tcindex_set_parms() net: systemport: Avoid RBUF stuck in Wake-on-LAN mode net/mlx5: IPsec, Fix esp modify function attribute net/mlx5: IPsec, fix memory leak at mlx5_fpga_ipsec_delete_sa_ctx net: macb: Remove unnecessary alignment check for TSO net: macb: Limit maximum GEM TX length in TSO net: dsa: b53: Always use dev->vlan_enabled in b53_configure_vlan() ext4: fix deadlock allocating crypto bounce page from mempool btrfs: use bool argument in free_root_pointers() btrfs: free block groups after free'ing fs trees drm: atmel-hlcdc: enable clock before configuring timing engine drm/dp_mst: Remove VCPI while disabling topology mgr btrfs: flush write bio if we loop in extent_write_cache_pages KVM: x86/mmu: Apply max PA check for MMIO sptes to 32-bit KVM KVM: x86: Use gpa_t for cr2/gpa to fix TDP support on 32-bit KVM KVM: VMX: Add non-canonical check on writes to RTIT address MSRs KVM: nVMX: vmread should not set rflags to specify success in case of #PF KVM: Use vcpu-specific gva->hva translation when querying host page size KVM: Play nice with read-only memslots when querying host page size mm: zero remaining unavailable struct pages mm: return zero_resv_unavail optimization mm/page_alloc.c: fix uninitialized memmaps on a partially populated last section cifs: fail i/o on soft mounts if sessionsetup errors out x86/apic/msi: Plug non-maskable MSI affinity race clocksource: Prevent double add_timer_on() for watchdog_timer perf/core: Fix mlock accounting in perf_mmap() rxrpc: Fix service call disconnection Linux 4.19.103 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I0d7f09085c3541373e0fd6b2e3ffacc5e34f7d55 |
||
Herbert Xu
|
8b0a3e013c |
crypto: api - Fix race condition in crypto_spawn_alg
commit 73669cc556462f4e50376538d77ee312142e8a8a upstream.
The function crypto_spawn_alg is racy because it drops the lock
before shooting the dying algorithm. The algorithm could disappear
altogether before we shoot it.
This patch fixes it by moving the shooting into the locked section.
Fixes:
|