diff --git a/0001-efifb-Skip-DMI-checks-if-the-bootloader-knows-what-i.patch b/0001-efifb-Skip-DMI-checks-if-the-bootloader-knows-what-i.patch new file mode 100644 index 000000000..efd0fa24c --- /dev/null +++ b/0001-efifb-Skip-DMI-checks-if-the-bootloader-knows-what-i.patch @@ -0,0 +1,69 @@ +From f462ed939de67c20528bc08f11d2fc4f2d59c0d5 Mon Sep 17 00:00:00 2001 +From: Matthew Garrett +Date: Fri, 27 Jul 2012 12:58:53 -0400 +Subject: [PATCH 1/2] efifb: Skip DMI checks if the bootloader knows what it's + doing + +The majority of the DMI checks in efifb are for cases where the bootloader +has provided invalid information. However, on some machines the overrides +may do more harm than good due to configuration differences between machines +with the same machine identifier. It turns out that it's possible for the +bootloader to get the correct information on GOP-based systems, but we +can't guarantee that the kernel's being booted with one that's been updated +to do so. Add support for a capabilities flag that can be set by the +bootloader, and skip the DMI checks in that case. Additionally, set this +flag in the UEFI stub code. + +Signed-off-by: Matthew Garrett +Acked-by: Peter Jones +Signed-off-by: Matt Fleming +--- + arch/x86/boot/compressed/eboot.c | 2 ++ + drivers/video/efifb.c | 4 +++- + include/linux/screen_info.h | 2 ++ + 3 files changed, 7 insertions(+), 1 deletion(-) + +diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c +index d5e4044..bbd83b9 100644 +--- a/arch/x86/boot/compressed/eboot.c ++++ b/arch/x86/boot/compressed/eboot.c +@@ -379,6 +379,8 @@ static efi_status_t setup_gop(struct screen_info *si, efi_guid_t *proto, + si->rsvd_pos = 0; + } + ++ si->capabilities |= VIDEO_CAPABILITY_SKIP_QUIRKS; ++ + free_handle: + efi_call_phys1(sys_table->boottime->free_pool, gop_handle); + return status; +diff --git a/drivers/video/efifb.c b/drivers/video/efifb.c +index b4a632a..932abaa 100644 +--- a/drivers/video/efifb.c ++++ b/drivers/video/efifb.c +@@ -553,7 +553,9 @@ static int __init efifb_init(void) + int ret; + char *option = NULL; + +- dmi_check_system(dmi_system_table); ++ if (screen_info.orig_video_isVGA != VIDEO_TYPE_EFI || ++ !(screen_info.capabilities & VIDEO_CAPABILITY_SKIP_QUIRKS)) ++ dmi_check_system(dmi_system_table); + + if (screen_info.orig_video_isVGA != VIDEO_TYPE_EFI) + return -ENODEV; +diff --git a/include/linux/screen_info.h b/include/linux/screen_info.h +index 899fbb4..fb3c5a8 100644 +--- a/include/linux/screen_info.h ++++ b/include/linux/screen_info.h +@@ -68,6 +68,8 @@ struct screen_info { + + #define VIDEO_FLAGS_NOCURSOR (1 << 0) /* The video mode has no cursor set */ + ++#define VIDEO_CAPABILITY_SKIP_QUIRKS (1 << 0) ++ + #ifdef __KERNEL__ + extern struct screen_info screen_info; + +-- +1.7.12.1 + diff --git a/0001-ip6_output-fragment-outgoing-reassembled-skb-properl.patch b/0001-ip6_output-fragment-outgoing-reassembled-skb-properl.patch new file mode 100644 index 000000000..a19217d12 --- /dev/null +++ b/0001-ip6_output-fragment-outgoing-reassembled-skb-properl.patch @@ -0,0 +1,39 @@ +Bugzilla: 1015905 +Upstream-status: 3.13 (should hit stable) + +From 90e4e23d52fd04f228eed2c3d341136c50058b37 Mon Sep 17 00:00:00 2001 +From: Jiri Pirko +Date: Wed, 6 Nov 2013 17:52:19 +0100 +Subject: [PATCH 1/2] ip6_output: fragment outgoing reassembled skb properly + +If reassembled packet would fit into outdev MTU, it is not fragmented +according the original frag size and it is send as single big packet. + +The second case is if skb is gso. In that case fragmentation does not happen +according to the original frag size. + +This patch fixes these. + +Signed-off-by: Jiri Pirko +Signed-off-by: David S. Miller +--- + net/ipv6/ip6_output.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c +index 5b25f85..f80f2fa 100644 +--- a/net/ipv6/ip6_output.c ++++ b/net/ipv6/ip6_output.c +@@ -150,7 +150,8 @@ static int ip6_finish_output2(struct sk_buff *skb) + static int ip6_finish_output(struct sk_buff *skb) + { + if ((skb->len > ip6_skb_dst_mtu(skb) && !skb_is_gso(skb)) || +- dst_allfrag(skb_dst(skb))) ++ dst_allfrag(skb_dst(skb)) || ++ (IP6CB(skb)->frag_max_size && skb->len > IP6CB(skb)->frag_max_size)) + return ip6_fragment(skb, ip6_finish_output2); + else + return ip6_finish_output2(skb); +-- +1.8.3.1 + diff --git a/0001-iwlwifi-don-t-WARN-on-host-commands-sent-when-firmwa.patch b/0001-iwlwifi-don-t-WARN-on-host-commands-sent-when-firmwa.patch new file mode 100644 index 000000000..241b7d750 --- /dev/null +++ b/0001-iwlwifi-don-t-WARN-on-host-commands-sent-when-firmwa.patch @@ -0,0 +1,35 @@ +From 8ca95995e64f5d270889badb3e449dca91106a2b Mon Sep 17 00:00:00 2001 +From: Emmanuel Grumbach +Date: Sun, 15 Sep 2013 11:37:17 +0300 +Subject: [PATCH] iwlwifi: don't WARN on host commands sent when firmware is dead + +This triggers automatic bug reports and add no valuable +information. Print a simple error instead and drop the +host command. + +Signed-off-by: Emmanuel Grumbach +Signed-off-by: Johannes Berg +--- + drivers/net/wireless/iwlwifi/iwl-trans.h | 6 ++++-- + 1 files changed, 4 insertions(+), 2 deletions(-) + +diff --git a/drivers/net/wireless/iwlwifi/iwl-trans.h b/drivers/net/wireless/iwlwifi/iwl-trans.h +index dd57a36..80b4750 100644 +--- a/drivers/net/wireless/iwlwifi/iwl-trans.h ++++ b/drivers/net/wireless/iwlwifi/iwl-trans.h +@@ -601,8 +601,10 @@ static inline int iwl_trans_send_cmd(struct iwl_trans *trans, + { + int ret; + +- WARN_ONCE(trans->state != IWL_TRANS_FW_ALIVE, +- "%s bad state = %d", __func__, trans->state); ++ if (trans->state != IWL_TRANS_FW_ALIVE) { ++ IWL_ERR(trans, "%s bad state = %d", __func__, trans->state); ++ return -EIO; ++ } + + if (!(cmd->flags & CMD_ASYNC)) + lock_map_acquire_read(&trans->sync_cmd_lockdep_map); +-- +1.7.1 + diff --git a/0002-iwlwifi-don-t-WARN-on-bad-firmware-state.patch b/0002-iwlwifi-don-t-WARN-on-bad-firmware-state.patch new file mode 100644 index 000000000..499c34a63 --- /dev/null +++ b/0002-iwlwifi-don-t-WARN-on-bad-firmware-state.patch @@ -0,0 +1,98 @@ +From 3efd689c41080b0d4a9cc263a51f2868e3d5a37b Mon Sep 17 00:00:00 2001 +From: Stanislaw Gruszka +Date: Wed, 9 Oct 2013 15:03:57 +0200 +Subject: [PATCH] iwlwifi: don't WARN on bad firmware state + +When we restart firmware is possible and hance firmware is marked as not +alive, we can still get calls from mac80211. Don't WARN on in this +situation as this triggers automatic bug reports with no valuable +information. + +This extend change from: + +commit 8ca95995e64f5d270889badb3e449dca91106a2b +Author: Emmanuel Grumbach +Date: Sun Sep 15 11:37:17 2013 +0300 + + iwlwifi: don't WARN on host commands sent when firmware is dead + +which remove WARN_ONCE from one place, but those warnings are also +triggered from other functions. + +Patch adds also unlikely() statement. + +Signed-off-by: Stanislaw Gruszka +--- + drivers/net/wireless/iwlwifi/iwl-trans.h | 22 +++++++++++----------- + 1 files changed, 11 insertions(+), 11 deletions(-) + +diff --git a/drivers/net/wireless/iwlwifi/iwl-trans.h b/drivers/net/wireless/iwlwifi/iwl-trans.h +index 80b4750..c6bac7c 100644 +--- a/drivers/net/wireless/iwlwifi/iwl-trans.h ++++ b/drivers/net/wireless/iwlwifi/iwl-trans.h +@@ -601,7 +601,7 @@ static inline int iwl_trans_send_cmd(struct iwl_trans *trans, + { + int ret; + +- if (trans->state != IWL_TRANS_FW_ALIVE) { ++ if (unlikely(trans->state != IWL_TRANS_FW_ALIVE)) { + IWL_ERR(trans, "%s bad state = %d", __func__, trans->state); + return -EIO; + } +@@ -640,8 +640,8 @@ static inline void iwl_trans_free_tx_cmd(struct iwl_trans *trans, + static inline int iwl_trans_tx(struct iwl_trans *trans, struct sk_buff *skb, + struct iwl_device_cmd *dev_cmd, int queue) + { +- WARN_ONCE(trans->state != IWL_TRANS_FW_ALIVE, +- "%s bad state = %d", __func__, trans->state); ++ if (unlikely(trans->state != IWL_TRANS_FW_ALIVE)) ++ IWL_ERR(trans, "%s bad state = %d", __func__, trans->state); + + return trans->ops->tx(trans, skb, dev_cmd, queue); + } +@@ -649,16 +649,16 @@ static inline int iwl_trans_tx(struct iwl_trans *trans, struct sk_buff *skb, + static inline void iwl_trans_reclaim(struct iwl_trans *trans, int queue, + int ssn, struct sk_buff_head *skbs) + { +- WARN_ONCE(trans->state != IWL_TRANS_FW_ALIVE, +- "%s bad state = %d", __func__, trans->state); ++ if (unlikely(trans->state != IWL_TRANS_FW_ALIVE)) ++ IWL_ERR(trans, "%s bad state = %d", __func__, trans->state); + + trans->ops->reclaim(trans, queue, ssn, skbs); + } + + static inline void iwl_trans_txq_disable(struct iwl_trans *trans, int queue) + { +- WARN_ONCE(trans->state != IWL_TRANS_FW_ALIVE, +- "%s bad state = %d", __func__, trans->state); ++ if (unlikely(trans->state != IWL_TRANS_FW_ALIVE)) ++ IWL_ERR(trans, "%s bad state = %d", __func__, trans->state); + + trans->ops->txq_disable(trans, queue); + } +@@ -669,8 +669,8 @@ static inline void iwl_trans_txq_enable(struct iwl_trans *trans, int queue, + { + might_sleep(); + +- WARN_ONCE(trans->state != IWL_TRANS_FW_ALIVE, +- "%s bad state = %d", __func__, trans->state); ++ if (unlikely((trans->state != IWL_TRANS_FW_ALIVE))) ++ IWL_ERR(trans, "%s bad state = %d", __func__, trans->state); + + trans->ops->txq_enable(trans, queue, fifo, sta_id, tid, + frame_limit, ssn); +@@ -685,8 +685,8 @@ static inline void iwl_trans_ac_txq_enable(struct iwl_trans *trans, int queue, + + static inline int iwl_trans_wait_tx_queue_empty(struct iwl_trans *trans) + { +- WARN_ONCE(trans->state != IWL_TRANS_FW_ALIVE, +- "%s bad state = %d", __func__, trans->state); ++ if (unlikely(trans->state != IWL_TRANS_FW_ALIVE)) ++ IWL_ERR(trans, "%s bad state = %d", __func__, trans->state); + + return trans->ops->wait_tx_queue_empty(trans); + } +-- +1.7.1 + diff --git a/0002-netfilter-push-reasm-skb-through-instead-of-original.patch b/0002-netfilter-push-reasm-skb-through-instead-of-original.patch new file mode 100644 index 000000000..27fee5173 --- /dev/null +++ b/0002-netfilter-push-reasm-skb-through-instead-of-original.patch @@ -0,0 +1,499 @@ +Bugzilla: 1015905 +Upstream-status: 3.13 (should hit stable) + +From 5c0df04613dd39fba5d2a43eaf90a2dc1dcd8899 Mon Sep 17 00:00:00 2001 +From: Jiri Pirko +Date: Wed, 6 Nov 2013 17:52:20 +0100 +Subject: [PATCH 2/2] netfilter: push reasm skb through instead of original + frag skbs + +Pushing original fragments through causes several problems. For example +for matching, frags may not be matched correctly. Take following +example: + + +On HOSTA do: +ip6tables -I INPUT -p icmpv6 -j DROP +ip6tables -I INPUT -p icmpv6 -m icmp6 --icmpv6-type 128 -j ACCEPT + +and on HOSTB you do: +ping6 HOSTA -s2000 (MTU is 1500) + +Incoming echo requests will be filtered out on HOSTA. This issue does +not occur with smaller packets than MTU (where fragmentation does not happen) + + +As was discussed previously, the only correct solution seems to be to use +reassembled skb instead of separete frags. Doing this has positive side +effects in reducing sk_buff by one pointer (nfct_reasm) and also the reams +dances in ipvs and conntrack can be removed. + +Future plan is to remove net/ipv6/netfilter/nf_conntrack_reasm.c +entirely and use code in net/ipv6/reassembly.c instead. + +Signed-off-by: Jiri Pirko +Acked-by: Julian Anastasov +Signed-off-by: Marcelo Ricardo Leitner +Signed-off-by: David S. Miller + +Conflicts: + include/net/netfilter/ipv6/nf_defrag_ipv6.h + net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c + net/ipv6/netfilter/nf_defrag_ipv6_hooks.c + net/netfilter/ipvs/ip_vs_core.c +--- + include/linux/skbuff.h | 32 --------------- + include/net/ip_vs.h | 32 +-------------- + include/net/netfilter/ipv6/nf_defrag_ipv6.h | 5 +-- + net/core/skbuff.c | 3 -- + net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c | 54 +------------------------ + net/ipv6/netfilter/nf_conntrack_reasm.c | 19 +-------- + net/ipv6/netfilter/nf_defrag_ipv6_hooks.c | 7 +++- + net/netfilter/ipvs/ip_vs_core.c | 55 +------------------------- + net/netfilter/ipvs/ip_vs_pe_sip.c | 8 +--- + 9 files changed, 13 insertions(+), 202 deletions(-) + +diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h +index 6bd165b..37b4517 100644 +--- a/include/linux/skbuff.h ++++ b/include/linux/skbuff.h +@@ -333,11 +333,6 @@ typedef unsigned int sk_buff_data_t; + typedef unsigned char *sk_buff_data_t; + #endif + +-#if defined(CONFIG_NF_DEFRAG_IPV4) || defined(CONFIG_NF_DEFRAG_IPV4_MODULE) || \ +- defined(CONFIG_NF_DEFRAG_IPV6) || defined(CONFIG_NF_DEFRAG_IPV6_MODULE) +-#define NET_SKBUFF_NF_DEFRAG_NEEDED 1 +-#endif +- + /** + * struct sk_buff - socket buffer + * @next: Next buffer in list +@@ -370,7 +365,6 @@ typedef unsigned char *sk_buff_data_t; + * @protocol: Packet protocol from driver + * @destructor: Destruct function + * @nfct: Associated connection, if any +- * @nfct_reasm: netfilter conntrack re-assembly pointer + * @nf_bridge: Saved data about a bridged frame - see br_netfilter.c + * @skb_iif: ifindex of device we arrived on + * @tc_index: Traffic control index +@@ -459,9 +453,6 @@ struct sk_buff { + #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) + struct nf_conntrack *nfct; + #endif +-#ifdef NET_SKBUFF_NF_DEFRAG_NEEDED +- struct sk_buff *nfct_reasm; +-#endif + #ifdef CONFIG_BRIDGE_NETFILTER + struct nf_bridge_info *nf_bridge; + #endif +@@ -2603,18 +2594,6 @@ static inline void nf_conntrack_get(struct nf_conntrack *nfct) + atomic_inc(&nfct->use); + } + #endif +-#ifdef NET_SKBUFF_NF_DEFRAG_NEEDED +-static inline void nf_conntrack_get_reasm(struct sk_buff *skb) +-{ +- if (skb) +- atomic_inc(&skb->users); +-} +-static inline void nf_conntrack_put_reasm(struct sk_buff *skb) +-{ +- if (skb) +- kfree_skb(skb); +-} +-#endif + #ifdef CONFIG_BRIDGE_NETFILTER + static inline void nf_bridge_put(struct nf_bridge_info *nf_bridge) + { +@@ -2633,10 +2612,6 @@ static inline void nf_reset(struct sk_buff *skb) + nf_conntrack_put(skb->nfct); + skb->nfct = NULL; + #endif +-#ifdef NET_SKBUFF_NF_DEFRAG_NEEDED +- nf_conntrack_put_reasm(skb->nfct_reasm); +- skb->nfct_reasm = NULL; +-#endif + #ifdef CONFIG_BRIDGE_NETFILTER + nf_bridge_put(skb->nf_bridge); + skb->nf_bridge = NULL; +@@ -2658,10 +2633,6 @@ static inline void __nf_copy(struct sk_buff *dst, const struct sk_buff *src) + nf_conntrack_get(src->nfct); + dst->nfctinfo = src->nfctinfo; + #endif +-#ifdef NET_SKBUFF_NF_DEFRAG_NEEDED +- dst->nfct_reasm = src->nfct_reasm; +- nf_conntrack_get_reasm(src->nfct_reasm); +-#endif + #ifdef CONFIG_BRIDGE_NETFILTER + dst->nf_bridge = src->nf_bridge; + nf_bridge_get(src->nf_bridge); +@@ -2673,9 +2644,6 @@ static inline void nf_copy(struct sk_buff *dst, const struct sk_buff *src) + #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) + nf_conntrack_put(dst->nfct); + #endif +-#ifdef NET_SKBUFF_NF_DEFRAG_NEEDED +- nf_conntrack_put_reasm(dst->nfct_reasm); +-#endif + #ifdef CONFIG_BRIDGE_NETFILTER + nf_bridge_put(dst->nf_bridge); + #endif +diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h +index f0d70f0..ff21521 100644 +--- a/include/net/ip_vs.h ++++ b/include/net/ip_vs.h +@@ -109,7 +109,6 @@ extern int ip_vs_conn_tab_size; + struct ip_vs_iphdr { + __u32 len; /* IPv4 simply where L4 starts + IPv6 where L4 Transport Header starts */ +- __u32 thoff_reasm; /* Transport Header Offset in nfct_reasm skb */ + __u16 fragoffs; /* IPv6 fragment offset, 0 if first frag (or not frag)*/ + __s16 protocol; + __s32 flags; +@@ -117,34 +116,12 @@ struct ip_vs_iphdr { + union nf_inet_addr daddr; + }; + +-/* Dependency to module: nf_defrag_ipv6 */ +-#if defined(CONFIG_NF_DEFRAG_IPV6) || defined(CONFIG_NF_DEFRAG_IPV6_MODULE) +-static inline struct sk_buff *skb_nfct_reasm(const struct sk_buff *skb) +-{ +- return skb->nfct_reasm; +-} +-static inline void *frag_safe_skb_hp(const struct sk_buff *skb, int offset, +- int len, void *buffer, +- const struct ip_vs_iphdr *ipvsh) +-{ +- if (unlikely(ipvsh->fragoffs && skb_nfct_reasm(skb))) +- return skb_header_pointer(skb_nfct_reasm(skb), +- ipvsh->thoff_reasm, len, buffer); +- +- return skb_header_pointer(skb, offset, len, buffer); +-} +-#else +-static inline struct sk_buff *skb_nfct_reasm(const struct sk_buff *skb) +-{ +- return NULL; +-} + static inline void *frag_safe_skb_hp(const struct sk_buff *skb, int offset, + int len, void *buffer, + const struct ip_vs_iphdr *ipvsh) + { + return skb_header_pointer(skb, offset, len, buffer); + } +-#endif + + static inline void + ip_vs_fill_ip4hdr(const void *nh, struct ip_vs_iphdr *iphdr) +@@ -171,19 +148,12 @@ ip_vs_fill_iph_skb(int af, const struct sk_buff *skb, struct ip_vs_iphdr *iphdr) + (struct ipv6hdr *)skb_network_header(skb); + iphdr->saddr.in6 = iph->saddr; + iphdr->daddr.in6 = iph->daddr; +- /* ipv6_find_hdr() updates len, flags, thoff_reasm */ +- iphdr->thoff_reasm = 0; ++ /* ipv6_find_hdr() updates len, flags */ + iphdr->len = 0; + iphdr->flags = 0; + iphdr->protocol = ipv6_find_hdr(skb, &iphdr->len, -1, + &iphdr->fragoffs, + &iphdr->flags); +- /* get proto from re-assembled packet and it's offset */ +- if (skb_nfct_reasm(skb)) +- iphdr->protocol = ipv6_find_hdr(skb_nfct_reasm(skb), +- &iphdr->thoff_reasm, +- -1, NULL, NULL); +- + } else + #endif + { +diff --git a/include/net/netfilter/ipv6/nf_defrag_ipv6.h b/include/net/netfilter/ipv6/nf_defrag_ipv6.h +index fd79c9a..17920d8 100644 +--- a/include/net/netfilter/ipv6/nf_defrag_ipv6.h ++++ b/include/net/netfilter/ipv6/nf_defrag_ipv6.h +@@ -6,10 +6,7 @@ extern void nf_defrag_ipv6_enable(void); + extern int nf_ct_frag6_init(void); + extern void nf_ct_frag6_cleanup(void); + extern struct sk_buff *nf_ct_frag6_gather(struct sk_buff *skb, u32 user); +-extern void nf_ct_frag6_output(unsigned int hooknum, struct sk_buff *skb, +- struct net_device *in, +- struct net_device *out, +- int (*okfn)(struct sk_buff *)); ++extern void nf_ct_frag6_consume_orig(struct sk_buff *skb); + + struct inet_frags_ctl; + +diff --git a/net/core/skbuff.c b/net/core/skbuff.c +index 2c3d0f5..a75022e 100644 +--- a/net/core/skbuff.c ++++ b/net/core/skbuff.c +@@ -580,9 +580,6 @@ static void skb_release_head_state(struct sk_buff *skb) + #if IS_ENABLED(CONFIG_NF_CONNTRACK) + nf_conntrack_put(skb->nfct); + #endif +-#ifdef NET_SKBUFF_NF_DEFRAG_NEEDED +- nf_conntrack_put_reasm(skb->nfct_reasm); +-#endif + #ifdef CONFIG_BRIDGE_NETFILTER + nf_bridge_put(skb->nf_bridge); + #endif +diff --git a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c +index c9b6a6e..97cd750 100644 +--- a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c ++++ b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c +@@ -172,63 +172,13 @@ out: + return nf_conntrack_confirm(skb); + } + +-static unsigned int __ipv6_conntrack_in(struct net *net, +- unsigned int hooknum, +- struct sk_buff *skb, +- const struct net_device *in, +- const struct net_device *out, +- int (*okfn)(struct sk_buff *)) +-{ +- struct sk_buff *reasm = skb->nfct_reasm; +- const struct nf_conn_help *help; +- struct nf_conn *ct; +- enum ip_conntrack_info ctinfo; +- +- /* This packet is fragmented and has reassembled packet. */ +- if (reasm) { +- /* Reassembled packet isn't parsed yet ? */ +- if (!reasm->nfct) { +- unsigned int ret; +- +- ret = nf_conntrack_in(net, PF_INET6, hooknum, reasm); +- if (ret != NF_ACCEPT) +- return ret; +- } +- +- /* Conntrack helpers need the entire reassembled packet in the +- * POST_ROUTING hook. In case of unconfirmed connections NAT +- * might reassign a helper, so the entire packet is also +- * required. +- */ +- ct = nf_ct_get(reasm, &ctinfo); +- if (ct != NULL && !nf_ct_is_untracked(ct)) { +- help = nfct_help(ct); +- if ((help && help->helper) || !nf_ct_is_confirmed(ct)) { +- nf_conntrack_get_reasm(reasm); +- NF_HOOK_THRESH(NFPROTO_IPV6, hooknum, reasm, +- (struct net_device *)in, +- (struct net_device *)out, +- okfn, NF_IP6_PRI_CONNTRACK + 1); +- return NF_DROP_ERR(-ECANCELED); +- } +- } +- +- nf_conntrack_get(reasm->nfct); +- skb->nfct = reasm->nfct; +- skb->nfctinfo = reasm->nfctinfo; +- return NF_ACCEPT; +- } +- +- return nf_conntrack_in(net, PF_INET6, hooknum, skb); +-} +- + static unsigned int ipv6_conntrack_in(unsigned int hooknum, + struct sk_buff *skb, + const struct net_device *in, + const struct net_device *out, + int (*okfn)(struct sk_buff *)) + { +- return __ipv6_conntrack_in(dev_net(in), hooknum, skb, in, out, okfn); ++ return nf_conntrack_in(dev_net(in), PF_INET6, hooknum, skb); + } + + static unsigned int ipv6_conntrack_local(unsigned int hooknum, +@@ -242,7 +192,7 @@ static unsigned int ipv6_conntrack_local(unsigned int hooknum, + net_notice_ratelimited("ipv6_conntrack_local: packet too short\n"); + return NF_ACCEPT; + } +- return __ipv6_conntrack_in(dev_net(out), hooknum, skb, in, out, okfn); ++ return nf_conntrack_in(dev_net(out), PF_INET6, hooknum, skb); + } + + static struct nf_hook_ops ipv6_conntrack_ops[] __read_mostly = { +diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c b/net/ipv6/netfilter/nf_conntrack_reasm.c +index dffdc1a..253566a 100644 +--- a/net/ipv6/netfilter/nf_conntrack_reasm.c ++++ b/net/ipv6/netfilter/nf_conntrack_reasm.c +@@ -621,31 +621,16 @@ ret_orig: + return skb; + } + +-void nf_ct_frag6_output(unsigned int hooknum, struct sk_buff *skb, +- struct net_device *in, struct net_device *out, +- int (*okfn)(struct sk_buff *)) ++void nf_ct_frag6_consume_orig(struct sk_buff *skb) + { + struct sk_buff *s, *s2; +- unsigned int ret = 0; + + for (s = NFCT_FRAG6_CB(skb)->orig; s;) { +- nf_conntrack_put_reasm(s->nfct_reasm); +- nf_conntrack_get_reasm(skb); +- s->nfct_reasm = skb; +- + s2 = s->next; + s->next = NULL; +- +- if (ret != -ECANCELED) +- ret = NF_HOOK_THRESH(NFPROTO_IPV6, hooknum, s, +- in, out, okfn, +- NF_IP6_PRI_CONNTRACK_DEFRAG + 1); +- else +- kfree_skb(s); +- ++ consume_skb(s); + s = s2; + } +- nf_conntrack_put_reasm(skb); + } + + static int nf_ct_net_init(struct net *net) +diff --git a/net/ipv6/netfilter/nf_defrag_ipv6_hooks.c b/net/ipv6/netfilter/nf_defrag_ipv6_hooks.c +index aacd121..581dd9e 100644 +--- a/net/ipv6/netfilter/nf_defrag_ipv6_hooks.c ++++ b/net/ipv6/netfilter/nf_defrag_ipv6_hooks.c +@@ -75,8 +75,11 @@ static unsigned int ipv6_defrag(unsigned int hooknum, + if (reasm == skb) + return NF_ACCEPT; + +- nf_ct_frag6_output(hooknum, reasm, (struct net_device *)in, +- (struct net_device *)out, okfn); ++ nf_ct_frag6_consume_orig(reasm); ++ ++ NF_HOOK_THRESH(NFPROTO_IPV6, hooknum, reasm, ++ (struct net_device *) in, (struct net_device *) out, ++ okfn, NF_IP6_PRI_CONNTRACK_DEFRAG + 1); + + return NF_STOLEN; + } +diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c +index 4f69e83..1517b50 100644 +--- a/net/netfilter/ipvs/ip_vs_core.c ++++ b/net/netfilter/ipvs/ip_vs_core.c +@@ -1131,12 +1131,6 @@ ip_vs_out(unsigned int hooknum, struct sk_buff *skb, int af) + ip_vs_fill_iph_skb(af, skb, &iph); + #ifdef CONFIG_IP_VS_IPV6 + if (af == AF_INET6) { +- if (!iph.fragoffs && skb_nfct_reasm(skb)) { +- struct sk_buff *reasm = skb_nfct_reasm(skb); +- /* Save fw mark for coming frags */ +- reasm->ipvs_property = 1; +- reasm->mark = skb->mark; +- } + if (unlikely(iph.protocol == IPPROTO_ICMPV6)) { + int related; + int verdict = ip_vs_out_icmp_v6(skb, &related, +@@ -1606,12 +1600,6 @@ ip_vs_in(unsigned int hooknum, struct sk_buff *skb, int af) + + #ifdef CONFIG_IP_VS_IPV6 + if (af == AF_INET6) { +- if (!iph.fragoffs && skb_nfct_reasm(skb)) { +- struct sk_buff *reasm = skb_nfct_reasm(skb); +- /* Save fw mark for coming frags. */ +- reasm->ipvs_property = 1; +- reasm->mark = skb->mark; +- } + if (unlikely(iph.protocol == IPPROTO_ICMPV6)) { + int related; + int verdict = ip_vs_in_icmp_v6(skb, &related, hooknum, +@@ -1663,9 +1651,8 @@ ip_vs_in(unsigned int hooknum, struct sk_buff *skb, int af) + /* sorry, all this trouble for a no-hit :) */ + IP_VS_DBG_PKT(12, af, pp, skb, 0, + "ip_vs_in: packet continues traversal as normal"); +- if (iph.fragoffs && !skb_nfct_reasm(skb)) { ++ if (iph.fragoffs) { + /* Fragment that couldn't be mapped to a conn entry +- * and don't have any pointer to a reasm skb + * is missing module nf_defrag_ipv6 + */ + IP_VS_DBG_RL("Unhandled frag, load nf_defrag_ipv6\n"); +@@ -1748,38 +1735,6 @@ ip_vs_local_request4(unsigned int hooknum, struct sk_buff *skb, + #ifdef CONFIG_IP_VS_IPV6 + + /* +- * AF_INET6 fragment handling +- * Copy info from first fragment, to the rest of them. +- */ +-static unsigned int +-ip_vs_preroute_frag6(unsigned int hooknum, struct sk_buff *skb, +- const struct net_device *in, +- const struct net_device *out, +- int (*okfn)(struct sk_buff *)) +-{ +- struct sk_buff *reasm = skb_nfct_reasm(skb); +- struct net *net; +- +- /* Skip if not a "replay" from nf_ct_frag6_output or first fragment. +- * ipvs_property is set when checking first fragment +- * in ip_vs_in() and ip_vs_out(). +- */ +- if (reasm) +- IP_VS_DBG(2, "Fragment recv prop:%d\n", reasm->ipvs_property); +- if (!reasm || !reasm->ipvs_property) +- return NF_ACCEPT; +- +- net = skb_net(skb); +- if (!net_ipvs(net)->enable) +- return NF_ACCEPT; +- +- /* Copy stored fw mark, saved in ip_vs_{in,out} */ +- skb->mark = reasm->mark; +- +- return NF_ACCEPT; +-} +- +-/* + * AF_INET6 handler in NF_INET_LOCAL_IN chain + * Schedule and forward packets from remote clients + */ +@@ -1916,14 +1871,6 @@ static struct nf_hook_ops ip_vs_ops[] __read_mostly = { + .priority = 100, + }, + #ifdef CONFIG_IP_VS_IPV6 +- /* After mangle & nat fetch 2:nd fragment and following */ +- { +- .hook = ip_vs_preroute_frag6, +- .owner = THIS_MODULE, +- .pf = NFPROTO_IPV6, +- .hooknum = NF_INET_PRE_ROUTING, +- .priority = NF_IP6_PRI_NAT_DST + 1, +- }, + /* After packet filtering, change source only for VS/NAT */ + { + .hook = ip_vs_reply6, +diff --git a/net/netfilter/ipvs/ip_vs_pe_sip.c b/net/netfilter/ipvs/ip_vs_pe_sip.c +index 9ef22bd..bed5f70 100644 +--- a/net/netfilter/ipvs/ip_vs_pe_sip.c ++++ b/net/netfilter/ipvs/ip_vs_pe_sip.c +@@ -65,7 +65,6 @@ static int get_callid(const char *dptr, unsigned int dataoff, + static int + ip_vs_sip_fill_param(struct ip_vs_conn_param *p, struct sk_buff *skb) + { +- struct sk_buff *reasm = skb_nfct_reasm(skb); + struct ip_vs_iphdr iph; + unsigned int dataoff, datalen, matchoff, matchlen; + const char *dptr; +@@ -79,15 +78,10 @@ ip_vs_sip_fill_param(struct ip_vs_conn_param *p, struct sk_buff *skb) + /* todo: IPv6 fragments: + * I think this only should be done for the first fragment. /HS + */ +- if (reasm) { +- skb = reasm; +- dataoff = iph.thoff_reasm + sizeof(struct udphdr); +- } else +- dataoff = iph.len + sizeof(struct udphdr); ++ dataoff = iph.len + sizeof(struct udphdr); + + if (dataoff >= skb->len) + return -EINVAL; +- /* todo: Check if this will mess-up the reasm skb !!! /HS */ + retc = skb_linearize(skb); + if (retc < 0) + return retc; +-- +1.8.3.1 + diff --git a/0002-x86-EFI-Calculate-the-EFI-framebuffer-size-instead-o.patch b/0002-x86-EFI-Calculate-the-EFI-framebuffer-size-instead-o.patch new file mode 100644 index 000000000..c7298d5e2 --- /dev/null +++ b/0002-x86-EFI-Calculate-the-EFI-framebuffer-size-instead-o.patch @@ -0,0 +1,43 @@ +From e9b10953edbccd3744e039ffc060ab2692f17856 Mon Sep 17 00:00:00 2001 +From: Matthew Garrett +Date: Fri, 27 Jul 2012 17:20:49 -0400 +Subject: [PATCH 2/2] x86, EFI: Calculate the EFI framebuffer size instead of + trusting the firmware + +Seth Forshee reported that his system was reporting that the EFI framebuffer +stretched from 0x90010000-0xb0010000 despite the GPU's BAR only covering +0x90000000-0x9ffffff. It's safer to calculate this value from the pixel +stride and screen height (values we already depend on) rather than face +potential problems with resource allocation later on. + +Signed-off-by: Matthew Garrett +Tested-by: Seth Forshee +Signed-off-by: Matt Fleming +--- + arch/x86/boot/compressed/eboot.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c +index bbd83b9..c760e07 100644 +--- a/arch/x86/boot/compressed/eboot.c ++++ b/arch/x86/boot/compressed/eboot.c +@@ -331,7 +331,6 @@ static efi_status_t setup_gop(struct screen_info *si, efi_guid_t *proto, + si->lfb_width = width; + si->lfb_height = height; + si->lfb_base = fb_base; +- si->lfb_size = fb_size; + si->pages = 1; + + if (pixel_format == PIXEL_RGB_RESERVED_8BIT_PER_COLOR) { +@@ -379,6 +378,8 @@ static efi_status_t setup_gop(struct screen_info *si, efi_guid_t *proto, + si->rsvd_pos = 0; + } + ++ si->lfb_size = si->lfb_linelength * si->lfb_height; ++ + si->capabilities |= VIDEO_CAPABILITY_SKIP_QUIRKS; + + free_handle: +-- +1.7.12.1 + diff --git a/Input-elantech-add-support-for-newer-August-2013-dev.patch b/Input-elantech-add-support-for-newer-August-2013-dev.patch new file mode 100644 index 000000000..e67f2800a --- /dev/null +++ b/Input-elantech-add-support-for-newer-August-2013-dev.patch @@ -0,0 +1,36 @@ +Bugzilla: 1030802 +Upstream-status: 3.13 + +From 9cb80b965eaf7af1369f6e16f48a05fbaaccc021 Mon Sep 17 00:00:00 2001 +From: Matt Walker +Date: Thu, 5 Dec 2013 12:39:02 -0800 +Subject: [PATCH] Input: elantech - add support for newer (August 2013) devices + +Added detection for newer Elantech touchpads, so that kernel doesn't +fall-back to default PS/2 driver. Supports touchpads released after +~August 2013. Fixes bug: +https://lists.launchpad.net/kernel-packages/msg18481.html + +Tested on an Acer Aspire S7-392-6302. + +Signed-off by: Matt Walker +Signed-off-by: Dmitry Torokhov +--- + drivers/input/mouse/elantech.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/drivers/input/mouse/elantech.c b/drivers/input/mouse/elantech.c +index 8551dca..597e9b8 100644 +--- a/drivers/input/mouse/elantech.c ++++ b/drivers/input/mouse/elantech.c +@@ -1313,6 +1313,7 @@ static int elantech_set_properties(struct elantech_data *etd) + break; + case 6: + case 7: ++ case 8: + etd->hw_version = 4; + break; + default: +-- +1.8.3.1 + diff --git a/Input-evdev-fall-back-to-vmalloc-for-client-event-buffer.patch b/Input-evdev-fall-back-to-vmalloc-for-client-event-buffer.patch new file mode 100644 index 000000000..da1b92ed8 --- /dev/null +++ b/Input-evdev-fall-back-to-vmalloc-for-client-event-buffer.patch @@ -0,0 +1,64 @@ +From 92eb77d0ffbaa71b501a0a8dabf09a351bf4267f Mon Sep 17 00:00:00 2001 +From: Daniel Stone +Date: Thu, 31 Oct 2013 07:25:34 +0000 +Subject: Input: evdev - fall back to vmalloc for client event buffer + +evdev always tries to allocate the event buffer for clients using +kzalloc rather than vmalloc, presumably to avoid mapping overhead where +possible. However, drivers like bcm5974, which claims support for +reporting 16 fingers simultaneously, can have an extraordinarily large +buffer. The resultant contiguous order-4 allocation attempt fails due +to fragmentation, and the device is thus unusable until reboot. + +Try kzalloc if we can to avoid the mapping overhead, but if that fails, +fall back to vzalloc. + +Signed-off-by: Daniel Stone +Signed-off-by: Dmitry Torokhov +--- +diff --git a/drivers/input/evdev.c b/drivers/input/evdev.c +index b6ded17..a06e125 100644 +--- a/drivers/input/evdev.c ++++ b/drivers/input/evdev.c +@@ -18,6 +18,8 @@ + #include + #include + #include ++#include ++#include + #include + #include + #include +@@ -369,7 +371,11 @@ static int evdev_release(struct inode *inode, struct file *file) + mutex_unlock(&evdev->mutex); + + evdev_detach_client(evdev, client); +- kfree(client); ++ ++ if (is_vmalloc_addr(client)) ++ vfree(client); ++ else ++ kfree(client); + + evdev_close_device(evdev); + +@@ -389,12 +395,14 @@ static int evdev_open(struct inode *inode, struct file *file) + { + struct evdev *evdev = container_of(inode->i_cdev, struct evdev, cdev); + unsigned int bufsize = evdev_compute_buffer_size(evdev->handle.dev); ++ unsigned int size = sizeof(struct evdev_client) + ++ bufsize * sizeof(struct input_event); + struct evdev_client *client; + int error; + +- client = kzalloc(sizeof(struct evdev_client) + +- bufsize * sizeof(struct input_event), +- GFP_KERNEL); ++ client = kzalloc(size, GFP_KERNEL | __GFP_NOWARN); ++ if (!client) ++ client = vzalloc(size); + if (!client) + return -ENOMEM; + +-- +cgit v0.9.2 diff --git a/Input-increase-struct-ps2dev-cmdbuf-to-8-bytes.patch b/Input-increase-struct-ps2dev-cmdbuf-to-8-bytes.patch new file mode 100644 index 000000000..c3548aa07 --- /dev/null +++ b/Input-increase-struct-ps2dev-cmdbuf-to-8-bytes.patch @@ -0,0 +1,30 @@ +From 80524f083e2c3e70057f5bb476db92baa14cb22b Mon Sep 17 00:00:00 2001 +From: Kamal Mostafa +Date: Tue, 20 Nov 2012 23:04:35 -0800 +Subject: [PATCH] Input: increase struct ps2dev cmdbuf[] to 8 bytes + +Cypress PS/2 Trackpad (drivers/input/mouse/cypress_ps2.c) needs +this larger cmdbuf[] to handle 8-byte packet responses. + +Signed-off-by: Kamal Mostafa +Signed-off-by: Dmitry Torokhov +--- + include/linux/libps2.h | 2 +- + 1 files changed, 1 insertions(+), 1 deletions(-) + +diff --git a/include/linux/libps2.h b/include/linux/libps2.h +index 79603a6..4ad06e8 100644 +--- a/include/linux/libps2.h ++++ b/include/linux/libps2.h +@@ -36,7 +36,7 @@ struct ps2dev { + wait_queue_head_t wait; + + unsigned long flags; +- unsigned char cmdbuf[6]; ++ unsigned char cmdbuf[8]; + unsigned char cmdcnt; + unsigned char nak; + }; +-- +1.7.7.6 + diff --git a/KVM-Improve-create-VCPU-parameter.patch b/KVM-Improve-create-VCPU-parameter.patch new file mode 100644 index 000000000..5c5746259 --- /dev/null +++ b/KVM-Improve-create-VCPU-parameter.patch @@ -0,0 +1,93 @@ +Bugzilla: 1042071 +Upstream-status: 3.13 and sent to stable +Delivered-To: jwboyer@gmail.com +Received: by 10.76.104.107 with SMTP id gd11csp361298oab; + Thu, 12 Dec 2013 12:41:21 -0800 (PST) +X-Received: by 10.50.109.132 with SMTP id hs4mr33803866igb.34.1386880880893; + Thu, 12 Dec 2013 12:41:20 -0800 (PST) +Return-Path: +Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) + by mx.google.com with ESMTP id q8si17378346pav.173.2013.12.12.12.40.57 + for ; + Thu, 12 Dec 2013 12:41:20 -0800 (PST) +Received-SPF: pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; +Authentication-Results: mx.google.com; + spf=pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mail=stable-owner@vger.kernel.org; + dkim=neutral (bad format) header.i=@gmail.com +Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand + id S1752041Ab3LLUhR (ORCPT + 64 others); + Thu, 12 Dec 2013 15:37:17 -0500 +Received: from mail-ea0-f179.google.com ([209.85.215.179]:43785 "EHLO + mail-ea0-f179.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org + with ESMTP id S1751761Ab3LLUhN (ORCPT + ); Thu, 12 Dec 2013 15:37:13 -0500 +Received: by mail-ea0-f179.google.com with SMTP id r15so485140ead.24 + for ; Thu, 12 Dec 2013 12:37:11 -0800 (PST) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; + d=gmail.com; s=20120113; + h=sender:from:to:cc:subject:date:message-id; + bh=3nLdta59rbActmGe9iq6aMqjNBfzfF7lqy0gb7EeI0I=; + b=fWKHZKszZQjXAVDzYAlwX8s4+UNEomYiCAX0zvDzW7A5Yiy28MUt0QbNu6288Pu+Qs + NJ38SpDcPLWzGknYOLggLa21nXsv4tX9vp4FFEY4i3H5iCVpXbvxIc+n9ZVOzWY2wkxK + HR1Xf24kJ9FPuV/LoIyu5RlHZUm95BoAe7TxRZWlkcxQ0vEOSAyZQwH4EIj6SS7fXI1d + PoqZKm7100ib0/wm6I49cF2b0EXRTSOYrgZneyniPVGpfTkpN2atNcEgdLSvAWQKEI+p + 79Dt0/BJd2CIuqgUbZBlA8pH6a119FtfrVqxVWJAmVvsv9lpkMIjJrFTj9yqpUFKeeYB + XTeA== +X-Received: by 10.14.6.136 with SMTP id 8mr9978716een.11.1386880631657; + Thu, 12 Dec 2013 12:37:11 -0800 (PST) +Received: from playground.com (net-2-35-202-54.cust.dsl.vodafone.it. [2.35.202.54]) + by mx.google.com with ESMTPSA id o47sm70323739eem.21.2013.12.12.12.37.00 + for + (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); + Thu, 12 Dec 2013 12:37:01 -0800 (PST) +From: Paolo Bonzini +To: linux-kernel@vger.kernel.org +Cc: gleb@redhat.com, kvm@vger.kernel.org, pmatouse@redhat.com, + Andy Honig , stable@vger.kernel.org +Subject: [PATCH] KVM: Improve create VCPU parameter +Date: Thu, 12 Dec 2013 21:36:51 +0100 +Message-Id: <1386880614-23300-1-git-send-email-pbonzini@redhat.com> +X-Mailer: git-send-email 1.8.3.1 +Sender: stable-owner@vger.kernel.org +Precedence: bulk +List-ID: +X-Mailing-List: stable@vger.kernel.org + +From: Andy Honig + +In multiple functions the vcpu_id is used as an offset into a bitfield. Ag +malicious user could specify a vcpu_id greater than 255 in order to set or +clear bits in kernel memory. This could be used to elevate priveges in the +kernel. This patch verifies that the vcpu_id provided is less than 255. +The api documentation already specifies that the vcpu_id must be less than +max_vcpus, but this is currently not checked. + +Reported-by: Andrew Honig +Cc: stable@vger.kernel.org +Signed-off-by: Andrew Honig +Signed-off-by: Paolo Bonzini +--- + virt/kvm/kvm_main.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c +index a0aa84b5941a..4f588bc94186 100644 +--- a/virt/kvm/kvm_main.c ++++ b/virt/kvm/kvm_main.c +@@ -1898,6 +1898,9 @@ static int kvm_vm_ioctl_create_vcpu(struct kvm *kvm, u32 id) + int r; + struct kvm_vcpu *vcpu, *v; + ++ if (id >= KVM_MAX_VCPUS) ++ return -EINVAL; ++ + vcpu = kvm_arch_vcpu_create(kvm, id); + if (IS_ERR(vcpu)) + return PTR_ERR(vcpu); +-- +1.8.3.1 + +-- +To unsubscribe from this list: send the line "unsubscribe stable" in +the body of a message to majordomo@vger.kernel.org +More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/KVM-x86-Convert-vapic-synchronization-to-_cached-functions.patch b/KVM-x86-Convert-vapic-synchronization-to-_cached-functions.patch new file mode 100644 index 000000000..a37d4cf29 --- /dev/null +++ b/KVM-x86-Convert-vapic-synchronization-to-_cached-functions.patch @@ -0,0 +1,247 @@ +Bugzilla: 1042090 +Upstream-status: 3.13 and sent for stable +Delivered-To: jwboyer@gmail.com +Received: by 10.76.104.107 with SMTP id gd11csp361293oab; + Thu, 12 Dec 2013 12:41:12 -0800 (PST) +X-Received: by 10.68.244.2 with SMTP id xc2mr15600217pbc.58.1386880872483; + Thu, 12 Dec 2013 12:41:12 -0800 (PST) +Return-Path: +Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) + by mx.google.com with ESMTP id 5si8126292pbj.245.2013.12.12.12.40.49 + for ; + Thu, 12 Dec 2013 12:41:12 -0800 (PST) +Received-SPF: pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; +Authentication-Results: mx.google.com; + spf=pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mail=stable-owner@vger.kernel.org; + dkim=neutral (bad format) header.i=@gmail.com +Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand + id S1751901Ab3LLUiK (ORCPT + 64 others); + Thu, 12 Dec 2013 15:38:10 -0500 +Received: from mail-ea0-f169.google.com ([209.85.215.169]:43997 "EHLO + mail-ea0-f169.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org + with ESMTP id S1751940Ab3LLUhR (ORCPT + ); Thu, 12 Dec 2013 15:37:17 -0500 +Received: by mail-ea0-f169.google.com with SMTP id l9so411843eaj.0 + for ; Thu, 12 Dec 2013 12:37:15 -0800 (PST) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; + d=gmail.com; s=20120113; + h=sender:from:to:cc:subject:date:message-id; + bh=2MLmYgVGbv9FpnyP90yrPKk21SJoXFj93yQcaRn4G8Y=; + b=ouBadI22VTf1UuezbySC80FWJYdpF/8Ks6I8f5rq1/7SDQPTpScjOYjZX0UtIf1ihj + aeQ7IHqpmIYGKWadUbH2l88ZP1+rP7T+f2dZQeCb3HLNsPum0Ix8dzm/koeDnuS3dx75 + 50E9ZcFXO13Hx24tM8p0SAuYZ1DvbCNnPRK0yxHOmCtCWe+mQLBIgig1rg8TzSAazWm7 + 8LhpztDlIzNyZcfzKQvtdqTOBdnhadx5x39fxOe54Yw4JbppDa7R+BY5Jz6GOd3U0Op1 + Nf97rU0pe/jeyOtjF0LVs/d9iyPPeRoSE+VAr91iT8qj9S2PFEN1QxxWL8sdvsDPZK6B + ZCmw== +X-Received: by 10.14.182.199 with SMTP id o47mr10030582eem.7.1386880635352; + Thu, 12 Dec 2013 12:37:15 -0800 (PST) +Received: from playground.com (net-2-35-202-54.cust.dsl.vodafone.it. [2.35.202.54]) + by mx.google.com with ESMTPSA id o47sm70323739eem.21.2013.12.12.12.37.13 + for + (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); + Thu, 12 Dec 2013 12:37:14 -0800 (PST) +From: Paolo Bonzini +To: linux-kernel@vger.kernel.org +Cc: gleb@redhat.com, kvm@vger.kernel.org, pmatouse@redhat.com, + Andy Honig , stable@vger.kernel.org +Subject: [PATCH] KVM: x86: Convert vapic synchronization to _cached functions (CVE-2013-6368) +Date: Thu, 12 Dec 2013 21:36:53 +0100 +Message-Id: <1386880614-23300-3-git-send-email-pbonzini@redhat.com> +X-Mailer: git-send-email 1.8.3.1 +Sender: stable-owner@vger.kernel.org +Precedence: bulk +List-ID: +X-Mailing-List: stable@vger.kernel.org + +From: Andy Honig + +In kvm_lapic_sync_from_vapic and kvm_lapic_sync_to_vapic there is the +potential to corrupt kernel memory if userspace provides an address that +is at the end of a page. This patches concerts those functions to use +kvm_write_guest_cached and kvm_read_guest_cached. It also checks the +vapic_address specified by userspace during ioctl processing and returns +an error to userspace if the address is not a valid GPA. + +This is generally not guest triggerable, because the required write is +done by firmware that runs before the guest. Also, it only affects AMD +processors and oldish Intel that do not have the FlexPriority feature +(unless you disable FlexPriority, of course; then newer processors are +also affected). + +Fixes: b93463aa59d6 ('KVM: Accelerated apic support') + +Reported-by: Andrew Honig +Cc: stable@vger.kernel.org +Signed-off-by: Andrew Honig +Signed-off-by: Paolo Bonzini +--- + arch/x86/kvm/lapic.c | 27 +++++++++++++++------------ + arch/x86/kvm/lapic.h | 4 ++-- + arch/x86/kvm/x86.c | 40 +--------------------------------------- + 3 files changed, 18 insertions(+), 53 deletions(-) + +diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c +index 89b52ec7d09c..b8bec45c1610 100644 +--- a/arch/x86/kvm/lapic.c ++++ b/arch/x86/kvm/lapic.c +@@ -1692,7 +1692,6 @@ static void apic_sync_pv_eoi_from_guest(struct kvm_vcpu *vcpu, + void kvm_lapic_sync_from_vapic(struct kvm_vcpu *vcpu) + { + u32 data; +- void *vapic; + + if (test_bit(KVM_APIC_PV_EOI_PENDING, &vcpu->arch.apic_attention)) + apic_sync_pv_eoi_from_guest(vcpu, vcpu->arch.apic); +@@ -1700,9 +1699,8 @@ void kvm_lapic_sync_from_vapic(struct kvm_vcpu *vcpu) + if (!test_bit(KVM_APIC_CHECK_VAPIC, &vcpu->arch.apic_attention)) + return; + +- vapic = kmap_atomic(vcpu->arch.apic->vapic_page); +- data = *(u32 *)(vapic + offset_in_page(vcpu->arch.apic->vapic_addr)); +- kunmap_atomic(vapic); ++ kvm_read_guest_cached(vcpu->kvm, &vcpu->arch.apic->vapic_cache, &data, ++ sizeof(u32)); + + apic_set_tpr(vcpu->arch.apic, data & 0xff); + } +@@ -1738,7 +1736,6 @@ void kvm_lapic_sync_to_vapic(struct kvm_vcpu *vcpu) + u32 data, tpr; + int max_irr, max_isr; + struct kvm_lapic *apic = vcpu->arch.apic; +- void *vapic; + + apic_sync_pv_eoi_to_guest(vcpu, apic); + +@@ -1754,18 +1751,24 @@ void kvm_lapic_sync_to_vapic(struct kvm_vcpu *vcpu) + max_isr = 0; + data = (tpr & 0xff) | ((max_isr & 0xf0) << 8) | (max_irr << 24); + +- vapic = kmap_atomic(vcpu->arch.apic->vapic_page); +- *(u32 *)(vapic + offset_in_page(vcpu->arch.apic->vapic_addr)) = data; +- kunmap_atomic(vapic); ++ kvm_write_guest_cached(vcpu->kvm, &vcpu->arch.apic->vapic_cache, &data, ++ sizeof(u32)); + } + +-void kvm_lapic_set_vapic_addr(struct kvm_vcpu *vcpu, gpa_t vapic_addr) ++int kvm_lapic_set_vapic_addr(struct kvm_vcpu *vcpu, gpa_t vapic_addr) + { +- vcpu->arch.apic->vapic_addr = vapic_addr; +- if (vapic_addr) ++ if (vapic_addr) { ++ if (kvm_gfn_to_hva_cache_init(vcpu->kvm, ++ &vcpu->arch.apic->vapic_cache, ++ vapic_addr, sizeof(u32))) ++ return -EINVAL; + __set_bit(KVM_APIC_CHECK_VAPIC, &vcpu->arch.apic_attention); +- else ++ } else { + __clear_bit(KVM_APIC_CHECK_VAPIC, &vcpu->arch.apic_attention); ++ } ++ ++ vcpu->arch.apic->vapic_addr = vapic_addr; ++ return 0; + } + + int kvm_x2apic_msr_write(struct kvm_vcpu *vcpu, u32 msr, u64 data) +diff --git a/arch/x86/kvm/lapic.h b/arch/x86/kvm/lapic.h +index c730ac9fe801..c8b0d0d2da5c 100644 +--- a/arch/x86/kvm/lapic.h ++++ b/arch/x86/kvm/lapic.h +@@ -34,7 +34,7 @@ struct kvm_lapic { + */ + void *regs; + gpa_t vapic_addr; +- struct page *vapic_page; ++ struct gfn_to_hva_cache vapic_cache; + unsigned long pending_events; + unsigned int sipi_vector; + }; +@@ -76,7 +76,7 @@ void kvm_set_lapic_tscdeadline_msr(struct kvm_vcpu *vcpu, u64 data); + void kvm_apic_write_nodecode(struct kvm_vcpu *vcpu, u32 offset); + void kvm_apic_set_eoi_accelerated(struct kvm_vcpu *vcpu, int vector); + +-void kvm_lapic_set_vapic_addr(struct kvm_vcpu *vcpu, gpa_t vapic_addr); ++int kvm_lapic_set_vapic_addr(struct kvm_vcpu *vcpu, gpa_t vapic_addr); + void kvm_lapic_sync_from_vapic(struct kvm_vcpu *vcpu); + void kvm_lapic_sync_to_vapic(struct kvm_vcpu *vcpu); + +diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c +index 21ef1ba184ae..5d004da1e35d 100644 +--- a/arch/x86/kvm/x86.c ++++ b/arch/x86/kvm/x86.c +@@ -3214,8 +3214,7 @@ long kvm_arch_vcpu_ioctl(struct file *filp, + r = -EFAULT; + if (copy_from_user(&va, argp, sizeof va)) + goto out; +- r = 0; +- kvm_lapic_set_vapic_addr(vcpu, va.vapic_addr); ++ r = kvm_lapic_set_vapic_addr(vcpu, va.vapic_addr); + break; + } + case KVM_X86_SETUP_MCE: { +@@ -5739,36 +5738,6 @@ static void post_kvm_run_save(struct kvm_vcpu *vcpu) + !kvm_event_needs_reinjection(vcpu); + } + +-static int vapic_enter(struct kvm_vcpu *vcpu) +-{ +- struct kvm_lapic *apic = vcpu->arch.apic; +- struct page *page; +- +- if (!apic || !apic->vapic_addr) +- return 0; +- +- page = gfn_to_page(vcpu->kvm, apic->vapic_addr >> PAGE_SHIFT); +- if (is_error_page(page)) +- return -EFAULT; +- +- vcpu->arch.apic->vapic_page = page; +- return 0; +-} +- +-static void vapic_exit(struct kvm_vcpu *vcpu) +-{ +- struct kvm_lapic *apic = vcpu->arch.apic; +- int idx; +- +- if (!apic || !apic->vapic_addr) +- return; +- +- idx = srcu_read_lock(&vcpu->kvm->srcu); +- kvm_release_page_dirty(apic->vapic_page); +- mark_page_dirty(vcpu->kvm, apic->vapic_addr >> PAGE_SHIFT); +- srcu_read_unlock(&vcpu->kvm->srcu, idx); +-} +- + static void update_cr8_intercept(struct kvm_vcpu *vcpu) + { + int max_irr, tpr; +@@ -6069,11 +6038,6 @@ static int __vcpu_run(struct kvm_vcpu *vcpu) + struct kvm *kvm = vcpu->kvm; + + vcpu->srcu_idx = srcu_read_lock(&kvm->srcu); +- r = vapic_enter(vcpu); +- if (r) { +- srcu_read_unlock(&kvm->srcu, vcpu->srcu_idx); +- return r; +- } + + r = 1; + while (r > 0) { +@@ -6132,8 +6096,6 @@ static int __vcpu_run(struct kvm_vcpu *vcpu) + + srcu_read_unlock(&kvm->srcu, vcpu->srcu_idx); + +- vapic_exit(vcpu); +- + return r; + } + +-- +1.8.3.1 + +-- +To unsubscribe from this list: send the line "unsubscribe stable" in +the body of a message to majordomo@vger.kernel.org +More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/KVM-x86-Fix-potential-divide-by-0-in-lapic.patch b/KVM-x86-Fix-potential-divide-by-0-in-lapic.patch new file mode 100644 index 000000000..8e144dff4 --- /dev/null +++ b/KVM-x86-Fix-potential-divide-by-0-in-lapic.patch @@ -0,0 +1,102 @@ +Bugzilla: 1042081 +Upstream-status: 3.13 and sent for stable +Delivered-To: jwboyer@gmail.com +Received: by 10.76.104.107 with SMTP id gd11csp361402oab; + Thu, 12 Dec 2013 12:43:43 -0800 (PST) +X-Received: by 10.68.241.134 with SMTP id wi6mr15423072pbc.44.1386881023599; + Thu, 12 Dec 2013 12:43:43 -0800 (PST) +Return-Path: +Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) + by mx.google.com with ESMTP id w3si17375457pbh.89.2013.12.12.12.43.07 + for ; + Thu, 12 Dec 2013 12:43:43 -0800 (PST) +Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; +Authentication-Results: mx.google.com; + spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mail=linux-kernel-owner@vger.kernel.org; + dkim=neutral (bad format) header.i=@gmail.com +Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand + id S1752145Ab3LLUiu (ORCPT + + 99 others); Thu, 12 Dec 2013 15:38:50 -0500 +Received: from mail-ee0-f45.google.com ([74.125.83.45]:47138 "EHLO + mail-ee0-f45.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org + with ESMTP id S1751902Ab3LLUhP (ORCPT + ); + Thu, 12 Dec 2013 15:37:15 -0500 +Received: by mail-ee0-f45.google.com with SMTP id d49so478739eek.32 + for ; Thu, 12 Dec 2013 12:37:13 -0800 (PST) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; + d=gmail.com; s=20120113; + h=sender:from:to:cc:subject:date:message-id; + bh=Fa9qXXe9oER+jgB6WXA5v2LyR8O2Vaag7ZsOsv67MLg=; + b=WbBUzKN8o3OzB75st3w60z/rVczWaaxrvWc2URlwJwZ0lgqObvbXvAb3ophFJxsr/O + P3rEj33CGt5vFAmZWsrST8I4pVb7IPZYqmPuBklMhDmvegy2um2xEDCyIuI0oybwgple + n1dYPBTNqBhiiLgIUeKgEf88yU5dsAgKOZSTnkMYhDSy9pnGxRda4WtErJ+SHjvcMaX3 + t2Vt97egJ2n+e+2BvnpS8xZ8biqp6/l3EzvdsL4W849fUUshAKva4Npu0T/D4E3JIp2O + 3uY+geb/txJL2rOCacT3RljUb3+zAy2zhqGSjKR3AHePFNIX9RxfMi/vlPmTjO0vfmCP + H86Q== +X-Received: by 10.14.2.73 with SMTP id 49mr10139590eee.15.1386880633625; + Thu, 12 Dec 2013 12:37:13 -0800 (PST) +Received: from playground.com (net-2-35-202-54.cust.dsl.vodafone.it. [2.35.202.54]) + by mx.google.com with ESMTPSA id o47sm70323739eem.21.2013.12.12.12.37.11 + for + (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); + Thu, 12 Dec 2013 12:37:12 -0800 (PST) +From: Paolo Bonzini +To: linux-kernel@vger.kernel.org +Cc: gleb@redhat.com, kvm@vger.kernel.org, pmatouse@redhat.com, + Andy Honig , stable@vger.kernel.org +Subject: [PATCH] KVM: x86: Fix potential divide by 0 in lapic (CVE-2013-6367) +Date: Thu, 12 Dec 2013 21:36:52 +0100 +Message-Id: <1386880614-23300-2-git-send-email-pbonzini@redhat.com> +X-Mailer: git-send-email 1.8.3.1 +Sender: linux-kernel-owner@vger.kernel.org +Precedence: bulk +List-ID: +X-Mailing-List: linux-kernel@vger.kernel.org + +From: Andy Honig + +Under guest controllable circumstances apic_get_tmcct will execute a +divide by zero and cause a crash. If the guest cpuid support +tsc deadline timers and performs the following sequence of requests +the host will crash. +- Set the mode to periodic +- Set the TMICT to 0 +- Set the mode bits to 11 (neither periodic, nor one shot, nor tsc deadline) +- Set the TMICT to non-zero. +Then the lapic_timer.period will be 0, but the TMICT will not be. If the +guest then reads from the TMCCT then the host will perform a divide by 0. + +This patch ensures that if the lapic_timer.period is 0, then the division +does not occur. + +Reported-by: Andrew Honig +Cc: stable@vger.kernel.org +Signed-off-by: Andrew Honig +Signed-off-by: Paolo Bonzini +--- + arch/x86/kvm/lapic.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c +index 5439117d5c4c..89b52ec7d09c 100644 +--- a/arch/x86/kvm/lapic.c ++++ b/arch/x86/kvm/lapic.c +@@ -841,7 +841,8 @@ static u32 apic_get_tmcct(struct kvm_lapic *apic) + ASSERT(apic != NULL); + + /* if initial count is 0, current count should also be 0 */ +- if (kvm_apic_get_reg(apic, APIC_TMICT) == 0) ++ if (kvm_apic_get_reg(apic, APIC_TMICT) == 0 || ++ apic->lapic_timer.period == 0) + return 0; + + remaining = hrtimer_get_remaining(&apic->lapic_timer.timer); +-- +1.8.3.1 + +-- +To unsubscribe from this list: send the line "unsubscribe linux-kernel" in +the body of a message to majordomo@vger.kernel.org +More majordomo info at http://vger.kernel.org/majordomo-info.html +Please read the FAQ at http://www.tux.org/lkml/ diff --git a/KVM-x86-fix-emulation-of-movzbl-bpl-eax.patch b/KVM-x86-fix-emulation-of-movzbl-bpl-eax.patch new file mode 100644 index 000000000..65a48c349 --- /dev/null +++ b/KVM-x86-fix-emulation-of-movzbl-bpl-eax.patch @@ -0,0 +1,53 @@ +Bugzilla: 967652 +Upstream-status: 3.13 (should hit stable) + +From daf727225b8abfdfe424716abac3d15a3ac5626a Mon Sep 17 00:00:00 2001 +From: Paolo Bonzini +Date: Thu, 31 Oct 2013 23:05:24 +0100 +Subject: [PATCH] KVM: x86: fix emulation of "movzbl %bpl, %eax" + +When I was looking at RHEL5.9's failure to start with +unrestricted_guest=0/emulate_invalid_guest_state=1, I got it working with a +slightly older tree than kvm.git. I now debugged the remaining failure, +which was introduced by commit 660696d1 (KVM: X86 emulator: fix +source operand decoding for 8bit mov[zs]x instructions, 2013-04-24) +introduced a similar mis-emulation to the one in commit 8acb4207 (KVM: +fix sil/dil/bpl/spl in the mod/rm fields, 2013-05-30). The incorrect +decoding occurs in 8-bit movzx/movsx instructions whose 8-bit operand +is sil/dil/bpl/spl. + +Needless to say, "movzbl %bpl, %eax" does occur in RHEL5.9's decompression +prolog, just a handful of instructions before finally giving control to +the decompressed vmlinux and getting out of the invalid guest state. + +Because OpMem8 bypasses decode_modrm, the same handling of the REX prefix +must be applied to OpMem8. + +Reported-by: Michele Baldessari +Cc: stable@vger.kernel.org +Cc: Gleb Natapov +Signed-off-by: Paolo Bonzini +Signed-off-by: Gleb Natapov +--- + arch/x86/kvm/emulate.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c +index 16c037e..282d28c 100644 +--- a/arch/x86/kvm/emulate.c ++++ b/arch/x86/kvm/emulate.c +@@ -4117,7 +4117,10 @@ static int decode_operand(struct x86_emulate_ctxt *ctxt, struct operand *op, + case OpMem8: + ctxt->memop.bytes = 1; + if (ctxt->memop.type == OP_REG) { +- ctxt->memop.addr.reg = decode_register(ctxt, ctxt->modrm_rm, 1); ++ int highbyte_regs = ctxt->rex_prefix == 0; ++ ++ ctxt->memop.addr.reg = decode_register(ctxt, ctxt->modrm_rm, ++ highbyte_regs); + fetch_register_operand(&ctxt->memop); + } + goto mem_common; +-- +1.8.3.1 + diff --git a/KVM-x86-fix-guest-initiated-crash-with-x2apic.patch b/KVM-x86-fix-guest-initiated-crash-with-x2apic.patch new file mode 100644 index 000000000..c84fc61b9 --- /dev/null +++ b/KVM-x86-fix-guest-initiated-crash-with-x2apic.patch @@ -0,0 +1,109 @@ +Bugzilla: 1042099 +Upstream-status: 3.13 and sent for stable +Delivered-To: jwboyer@gmail.com +Received: by 10.76.104.107 with SMTP id gd11csp361370oab; + Thu, 12 Dec 2013 12:42:56 -0800 (PST) +X-Received: by 10.43.172.4 with SMTP id nw4mr8453091icc.25.1386880976232; + Thu, 12 Dec 2013 12:42:56 -0800 (PST) +Return-Path: +Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) + by mx.google.com with ESMTP id 2si15667240pax.109.2013.12.12.12.42.31 + for ; + Thu, 12 Dec 2013 12:42:56 -0800 (PST) +Received-SPF: pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; +Authentication-Results: mx.google.com; + spf=pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mail=stable-owner@vger.kernel.org; + dkim=neutral (bad format) header.i=@gmail.com +Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand + id S1751853Ab3LLUiJ (ORCPT + 64 others); + Thu, 12 Dec 2013 15:38:09 -0500 +Received: from mail-ee0-f54.google.com ([74.125.83.54]:48290 "EHLO + mail-ee0-f54.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org + with ESMTP id S1751884Ab3LLUhS (ORCPT + ); Thu, 12 Dec 2013 15:37:18 -0500 +Received: by mail-ee0-f54.google.com with SMTP id e51so406857eek.13 + for ; Thu, 12 Dec 2013 12:37:17 -0800 (PST) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; + d=gmail.com; s=20120113; + h=sender:from:to:cc:subject:date:message-id; + bh=VG00enyRpNYeJLwAwqWOGuy3mCBmvpmEBgLPB1IiKNo=; + b=p0BlraPBMTIxTXGUuJyYTYRxuMKATenNpVX01fyzNpSYZsMruyMU/sJ8gdc2991eao + ZU+66Xlnbd+AyQiuq4P9sMv6Gvax6MvJg04SMZWnLWoZGonmIIwSPch1UKLSJzRN7K+N + +Ot3jLtNBYBoREljPkbscbMVOJ2y+S7N61oOZ7IHZNyXVFWDlW8aunduSgc3cytBEhkx + UMUUbHVLo+XrXtuggFrmn8oUfJ1hiHQSpOyx8bi0ztxlEjL4DEFpJsKbjRe4sGRgeUy6 + dRk+7dEcILKBTRVvXaJSriXG5bhZTbcZ5gZab27Ilm1H8Va5Z6R+9C1AwX2x5CQA7Mb1 + Edug== +X-Received: by 10.14.107.3 with SMTP id n3mr9951281eeg.67.1386880636981; + Thu, 12 Dec 2013 12:37:16 -0800 (PST) +Received: from playground.com (net-2-35-202-54.cust.dsl.vodafone.it. [2.35.202.54]) + by mx.google.com with ESMTPSA id o47sm70323739eem.21.2013.12.12.12.37.15 + for + (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); + Thu, 12 Dec 2013 12:37:16 -0800 (PST) +From: Paolo Bonzini +To: linux-kernel@vger.kernel.org +Cc: gleb@redhat.com, kvm@vger.kernel.org, pmatouse@redhat.com, + stable@vger.kernel.org +Subject: [PATCH] KVM: x86: fix guest-initiated crash with x2apic (CVE-2013-6376) +Date: Thu, 12 Dec 2013 21:36:54 +0100 +Message-Id: <1386880614-23300-4-git-send-email-pbonzini@redhat.com> +X-Mailer: git-send-email 1.8.3.1 +Sender: stable-owner@vger.kernel.org +Precedence: bulk +List-ID: +X-Mailing-List: stable@vger.kernel.org + +From: Gleb Natapov + +A guest can cause a BUG_ON() leading to a host kernel crash. +When the guest writes to the ICR to request an IPI, while in x2apic +mode the following things happen, the destination is read from +ICR2, which is a register that the guest can control. + +kvm_irq_delivery_to_apic_fast uses the high 16 bits of ICR2 as the +cluster id. A BUG_ON is triggered, which is a protection against +accessing map->logical_map with an out-of-bounds access and manages +to avoid that anything really unsafe occurs. + +The logic in the code is correct from real HW point of view. The problem +is that KVM supports only one cluster with ID 0 in clustered mode, but +the code that has the bug does not take this into account. + +Reported-by: Lars Bull +Cc: stable@vger.kernel.org +Signed-off-by: Gleb Natapov +Signed-off-by: Paolo Bonzini +--- + arch/x86/kvm/lapic.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c +index b8bec45c1610..801dc3fd66e1 100644 +--- a/arch/x86/kvm/lapic.c ++++ b/arch/x86/kvm/lapic.c +@@ -143,6 +143,8 @@ static inline int kvm_apic_id(struct kvm_lapic *apic) + return (kvm_apic_get_reg(apic, APIC_ID) >> 24) & 0xff; + } + ++#define KMV_X2APIC_CID_BITS 0 ++ + static void recalculate_apic_map(struct kvm *kvm) + { + struct kvm_apic_map *new, *old = NULL; +@@ -180,7 +182,8 @@ static void recalculate_apic_map(struct kvm *kvm) + if (apic_x2apic_mode(apic)) { + new->ldr_bits = 32; + new->cid_shift = 16; +- new->cid_mask = new->lid_mask = 0xffff; ++ new->cid_mask = (1 << KMV_X2APIC_CID_BITS) - 1; ++ new->lid_mask = 0xffff; + } else if (kvm_apic_sw_enabled(apic) && + !new->cid_mask /* flat mode */ && + kvm_apic_get_reg(apic, APIC_DFR) == APIC_DFR_CLUSTER) { +-- +1.8.3.1 + +-- +To unsubscribe from this list: send the line "unsubscribe stable" in +the body of a message to majordomo@vger.kernel.org +More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/Makefile.config b/Makefile.config index af6dd73f2..f8c0cc991 100644 --- a/Makefile.config +++ b/Makefile.config @@ -11,15 +11,10 @@ CONFIGFILES = \ $(CFG)-s390x.config \ $(CFG)-armv5tel-kirkwood.config \ $(CFG)-armv7l.config $(CFG)-armv7hl.config \ - $(CFG)-armv7l-imx.config $(CFG)-armv7hl-imx.config \ - $(CFG)-armv7l-omap.config $(CFG)-armv7hl-omap.config \ - $(CFG)-armv7l-tegra.config $(CFG)-armv7hl-tegra.config \ - $(CFG)-armv7l-highbank.config $(CFG)-armv7hl-highbank.config \ $(CFG)-ppc.config $(CFG)-ppc-smp.config \ - $(CFG)-sparc64.config \ $(CFG)-ppc64.config $(CFG)-ppc64p7.config $(CFG)-ppc64-debug.config -PLATFORMS = x86 x86_64 powerpc powerpc32 powerpc64 s390x sparc64 +PLATFORMS = x86 x86_64 powerpc powerpc32 powerpc64 s390x arm TEMPFILES = $(addprefix temp-, $(addsuffix -generic, $(PLATFORMS))) configs: $(CONFIGFILES) @@ -38,24 +33,15 @@ temp-debug-generic: config-generic cat config-generic config-debug > temp-debug-generic temp-arm-generic: config-arm-generic temp-generic + perl merge.pl $^ > $@ + +temp-armv7-generic: config-armv7-generic temp-arm-generic + perl merge.pl $^ > $@ + +temp-armv7: config-armv7 temp-armv7-generic perl merge.pl $^ > $@ -temp-armv7l-versatile: config-arm-versatile temp-arm-generic - perl merge.pl $^ > $@ - -temp-armv7l-omap: config-arm-omap temp-arm-generic - perl merge.pl $^ > $@ - -temp-armv7l-tegra: config-arm-tegra temp-arm-generic - perl merge.pl $^ > $@ - -temp-armv5tel-kirkwood: config-arm-kirkwood temp-arm-generic - perl merge.pl $^ > $@ - -temp-armv7l-imx: config-arm-imx temp-arm-generic - perl merge.pl $^ > $@ - -temp-armv7l-highbank: config-arm-highbank temp-arm-generic +temp-armv5tel-kirkwood: config-arm-kirkwood temp-generic perl merge.pl $^ > $@ temp-x86-32: config-x86-32-generic config-x86-generic @@ -76,9 +62,6 @@ temp-x86_64-generic: temp-x86-64 temp-generic temp-x86_64-debug-generic: temp-x86-64 temp-debug-generic perl merge.pl $^ > $@ -temp-sparc64-generic: config-sparc64-generic temp-generic - perl merge.pl $^ > $@ - temp-powerpc-generic: config-powerpc-generic temp-generic perl merge.pl $^ > $@ @@ -112,9 +95,6 @@ kernel-$(VERSION)-x86_64.config: /dev/null temp-x86_64-generic kernel-$(VERSION)-x86_64-debug.config: /dev/null temp-x86_64-debug-generic perl merge.pl $^ x86_64 > $@ -kernel-$(VERSION)-sparc64.config: /dev/null temp-sparc64-generic - perl merge.pl $^ sparc64 > $@ - kernel-$(VERSION)-ppc64.config: /dev/null temp-powerpc64-generic perl merge.pl $^ powerpc > $@ @@ -130,34 +110,10 @@ kernel-$(VERSION)-s390x.config: config-s390x temp-s390-generic kernel-$(VERSION)-armv5tel-kirkwood.config: /dev/null temp-armv5tel-kirkwood perl merge.pl $^ arm > $@ -kernel-$(VERSION)-armv7l.config: /dev/null temp-armv7l-versatile +kernel-$(VERSION)-armv7l.config: /dev/null temp-armv7 perl merge.pl $^ arm > $@ -kernel-$(VERSION)-armv7l-imx.config: /dev/null temp-armv7l-imx - perl merge.pl $^ arm > $@ - -kernel-$(VERSION)-armv7l-highbank.config: /dev/null temp-armv7l-highbank - perl merge.pl $^ arm > $@ - -kernel-$(VERSION)-armv7l-omap.config: /dev/null temp-armv7l-omap - perl merge.pl $^ arm > $@ - -kernel-$(VERSION)-armv7l-tegra.config: /dev/null temp-armv7l-tegra - perl merge.pl $^ arm > $@ - -kernel-$(VERSION)-armv7hl.config: /dev/null temp-armv7l-versatile - perl merge.pl $^ arm > $@ - -kernel-$(VERSION)-armv7hl-imx.config: /dev/null temp-armv7l-imx - perl merge.pl $^ arm > $@ - -kernel-$(VERSION)-armv7hl-highbank.config: /dev/null temp-armv7l-highbank - perl merge.pl $^ arm > $@ - -kernel-$(VERSION)-armv7hl-omap.config: /dev/null temp-armv7l-omap - perl merge.pl $^ arm > $@ - -kernel-$(VERSION)-armv7hl-tegra.config: /dev/null temp-armv7l-tegra +kernel-$(VERSION)-armv7hl.config: /dev/null temp-armv7 perl merge.pl $^ arm > $@ kernel-$(VERSION)-ppc.config: /dev/null temp-powerpc32-generic diff --git a/Revert-iwlwifi-fix-the-reclaimed-packet-tracking-upon.patch b/Revert-iwlwifi-fix-the-reclaimed-packet-tracking-upon.patch new file mode 100644 index 000000000..302774b45 --- /dev/null +++ b/Revert-iwlwifi-fix-the-reclaimed-packet-tracking-upon.patch @@ -0,0 +1,68 @@ +From ae023b2795d36f0f077e157428eb7eafa29ee412 Mon Sep 17 00:00:00 2001 +From: Emmanuel Grumbach +Date: Mon, 21 Jan 2013 13:12:57 +0200 +Subject: [PATCH] Revert "iwlwifi: fix the reclaimed packet tracking upon + flush queue" + +This reverts commit f590dcec944552f9a4a61155810f3abd17d6465d +which has been reported to cause issues. + +See https://lkml.org/lkml/2013/1/20/4 for further details. + +Cc: stable@vger.kernel.org [3.7] +Signed-off-by: Emmanuel Grumbach +Signed-off-by: Johannes Berg +--- + drivers/net/wireless/iwlwifi/dvm/tx.c | 24 +++++++----------------- + 1 files changed, 7 insertions(+), 17 deletions(-) + +diff --git a/drivers/net/wireless/iwlwifi/dvm/tx.c b/drivers/net/wireless/iwlwifi/dvm/tx.c +index 31534f7..2797964 100644 +--- a/drivers/net/wireless/iwlwifi/dvm/tx.c ++++ b/drivers/net/wireless/iwlwifi/dvm/tx.c +@@ -1153,6 +1153,13 @@ int iwlagn_rx_reply_tx(struct iwl_priv *priv, struct iwl_rx_cmd_buffer *rxb, + next_reclaimed = ssn; + } + ++ if (tid != IWL_TID_NON_QOS) { ++ priv->tid_data[sta_id][tid].next_reclaimed = ++ next_reclaimed; ++ IWL_DEBUG_TX_REPLY(priv, "Next reclaimed packet:%d\n", ++ next_reclaimed); ++ } ++ + iwl_trans_reclaim(priv->trans, txq_id, ssn, &skbs); + + iwlagn_check_ratid_empty(priv, sta_id, tid); +@@ -1203,28 +1210,11 @@ int iwlagn_rx_reply_tx(struct iwl_priv *priv, struct iwl_rx_cmd_buffer *rxb, + if (!is_agg) + iwlagn_non_agg_tx_status(priv, ctx, hdr->addr1); + +- /* +- * W/A for FW bug - the seq_ctl isn't updated when the +- * queues are flushed. Fetch it from the packet itself +- */ +- if (!is_agg && status == TX_STATUS_FAIL_FIFO_FLUSHED) { +- next_reclaimed = le16_to_cpu(hdr->seq_ctrl); +- next_reclaimed = +- SEQ_TO_SN(next_reclaimed + 0x10); +- } +- + is_offchannel_skb = + (info->flags & IEEE80211_TX_CTL_TX_OFFCHAN); + freed++; + } + +- if (tid != IWL_TID_NON_QOS) { +- priv->tid_data[sta_id][tid].next_reclaimed = +- next_reclaimed; +- IWL_DEBUG_TX_REPLY(priv, "Next reclaimed packet:%d\n", +- next_reclaimed); +- } +- + WARN_ON(!is_agg && freed != 1); + + /* +-- +1.7.6.5 + diff --git a/linux-2.6-acpi-debug-infinite-loop.patch b/acpi-debug-infinite-loop.patch similarity index 100% rename from linux-2.6-acpi-debug-infinite-loop.patch rename to acpi-debug-infinite-loop.patch diff --git a/acpi-sony-nonvs-blacklist.patch b/acpi-sony-nonvs-blacklist.patch deleted file mode 100644 index db500e8bf..000000000 --- a/acpi-sony-nonvs-blacklist.patch +++ /dev/null @@ -1,38 +0,0 @@ -diff --git a/drivers/acpi/sleep.c b/drivers/acpi/sleep.c -index 3ed80b2..17fc718 100644 ---- a/drivers/acpi/sleep.c -+++ b/drivers/acpi/sleep.c -@@ -390,6 +390,14 @@ static struct dmi_system_id __initdata acpisleep_dmi_table[] = { - }, - { - .callback = init_nvs_nosave, -+ .ident = "Sony Vaio VGN-FW21E", -+ .matches = { -+ DMI_MATCH(DMI_SYS_VENDOR, "Sony Corporation"), -+ DMI_MATCH(DMI_PRODUCT_NAME, "VGN-FW21E"), -+ }, -+ }, -+ { -+ .callback = init_nvs_nosave, - .ident = "Sony Vaio VGN-SR11M", - .matches = { - DMI_MATCH(DMI_SYS_VENDOR, "Sony Corporation"), -diff --git a/drivers/acpi/sleep.c b/drivers/acpi/sleep.c -index 0e46fae..6d9a3ab 100644 ---- a/drivers/acpi/sleep.c -+++ b/drivers/acpi/sleep.c -@@ -398,6 +398,14 @@ static struct dmi_system_id __initdata acpisleep_dmi_table[] = { - }, - { - .callback = init_nvs_nosave, -+ .ident = "Sony Vaio VPCEB17FX", -+ .matches = { -+ DMI_MATCH(DMI_SYS_VENDOR, "Sony Corporation"), -+ DMI_MATCH(DMI_PRODUCT_NAME, "VPCEB17FX"), -+ }, -+ }, -+ { -+ .callback = init_nvs_nosave, - .ident = "Sony Vaio VGN-SR11M", - .matches = { - DMI_MATCH(DMI_SYS_VENDOR, "Sony Corporation"), diff --git a/alps-Support-for-Dell-XT2-model.patch b/alps-Support-for-Dell-XT2-model.patch new file mode 100644 index 000000000..453a6983a --- /dev/null +++ b/alps-Support-for-Dell-XT2-model.patch @@ -0,0 +1,25 @@ +From 7673be51f16e978a438bca8ac1bf9e939b7ed7a6 Mon Sep 17 00:00:00 2001 +From: Yunkang Tang +Date: Thu, 24 Oct 2013 13:39:08 +0800 +Subject: [PATCH] Support for Dell XT2 model + +Signed-off-by: Yunkang Tang +--- + drivers/input/mouse/alps.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/drivers/input/mouse/alps.c b/drivers/input/mouse/alps.c +index ca7a26f..24b3626 100644 +--- a/drivers/input/mouse/alps.c ++++ b/drivers/input/mouse/alps.c +@@ -103,6 +103,7 @@ static const struct alps_model_info alps_model_data[] = { + /* Dell Latitude E5500, E6400, E6500, Precision M4400 */ + { { 0x62, 0x02, 0x14 }, 0x00, ALPS_PROTO_V2, 0xcf, 0xcf, + ALPS_PASS | ALPS_DUALPOINT | ALPS_PS2_INTERLEAVED }, ++ { { 0x73, 0x00, 0x14 }, 0x00, ALPS_PROTO_V2, 0xcf, 0xcf, ALPS_DUALPOINT }, /* Dell XT2 */ + { { 0x73, 0x02, 0x50 }, 0x00, ALPS_PROTO_V2, 0xcf, 0xcf, ALPS_FOUR_BUTTONS }, /* Dell Vostro 1400 */ + { { 0x52, 0x01, 0x14 }, 0x00, ALPS_PROTO_V2, 0xff, 0xff, + ALPS_PASS | ALPS_DUALPOINT | ALPS_PS2_INTERLEAVED }, /* Toshiba Tecra A11-11L */ +-- +1.8.1.2 + diff --git a/alx-Reset-phy-speed-after-resume.patch b/alx-Reset-phy-speed-after-resume.patch new file mode 100644 index 000000000..3af169f78 --- /dev/null +++ b/alx-Reset-phy-speed-after-resume.patch @@ -0,0 +1,33 @@ +Bugzilla: 1011362 +Upstream-status: queued for 3.13 + +From b54629e226d196e802abdd30c5e34f2a47cddcf2 Mon Sep 17 00:00:00 2001 +From: hahnjo +Date: Tue, 12 Nov 2013 17:19:24 +0000 +Subject: alx: Reset phy speed after resume + +This fixes bug 62491 (https://bugzilla.kernel.org/show_bug.cgi?id=62491). +After resuming some users got the following error flooding the kernel log: +alx 0000:02:00.0: invalid PHY speed/duplex: 0xffff + +Signed-off-by: Jonas Hahnfeld +Signed-off-by: David S. Miller +--- +(limited to 'drivers/net/ethernet/atheros/alx') + +diff --git a/drivers/net/ethernet/atheros/alx/main.c b/drivers/net/ethernet/atheros/alx/main.c +index 5aa5e81..c3c4c26 100644 +--- a/drivers/net/ethernet/atheros/alx/main.c ++++ b/drivers/net/ethernet/atheros/alx/main.c +@@ -1388,6 +1388,9 @@ static int alx_resume(struct device *dev) + { + struct pci_dev *pdev = to_pci_dev(dev); + struct alx_priv *alx = pci_get_drvdata(pdev); ++ struct alx_hw *hw = &alx->hw; ++ ++ alx_reset_phy(hw); + + if (!netif_running(alx->dev)) + return 0; +-- +cgit v0.9.2 diff --git a/arm-export-read_current_timer.patch b/arm-export-read_current_timer.patch new file mode 100644 index 000000000..5059d6862 --- /dev/null +++ b/arm-export-read_current_timer.patch @@ -0,0 +1,10 @@ +--- linux-3.7.0-0.rc2.git1.2.fc19.x86_64/arch/arm/kernel/armksyms.c.orig 2012-10-01 00:47:46.000000000 +0100 ++++ linux-3.7.0-0.rc2.git1.2.fc19.x86_64/arch/arm/kernel/armksyms.c 2012-10-24 09:06:46.570452677 +0100 +@@ -50,6 +50,7 @@ + + /* platform dependent support */ + EXPORT_SYMBOL(arm_delay_ops); ++EXPORT_SYMBOL(read_current_timer); + + /* networking */ + EXPORT_SYMBOL(csum_partial); diff --git a/arm-lpae-ax88796.patch b/arm-lpae-ax88796.patch new file mode 100644 index 000000000..b1bdc760c --- /dev/null +++ b/arm-lpae-ax88796.patch @@ -0,0 +1,21 @@ +X-Git-Url: http://git.linaro.org/gitweb?p=people%2Fahs3%2Farndale-acpi.git;a=blobdiff_plain;f=drivers%2Fnet%2Fethernet%2F8390%2Fax88796.c;fp=drivers%2Fnet%2Fethernet%2F8390%2Fax88796.c;h=763e575c82bc5d24e1927ad685dfbdd7a0eaa19e;hp=70dba5d01ad3cc8178318f9976a5922894a86859;hb=fe8e7c500d3d25234759351096d457b6e557ebd9;hpb=af28003b46fa7b2c5d7b52e0d4bc8f725a6305f1 + +diff --git a/drivers/net/ethernet/8390/ax88796.c b/drivers/net/ethernet/8390/ax88796.c +index 70dba5d..763e575 100644 +--- a/drivers/net/ethernet/8390/ax88796.c ++++ b/drivers/net/ethernet/8390/ax88796.c +@@ -828,7 +828,14 @@ static int ax_probe(struct platform_device *pdev) + struct ei_device *ei_local; + struct ax_device *ax; + struct resource *irq, *mem, *mem2; ++#ifndef CONFIG_ARM_LPAE ++ /* LPAE breaks this code as __aeabi_uldivmod for 64-bit ++ * is not supported in lib1funcs.s yet ++ */ + unsigned long mem_size, mem2_size = 0; ++#else ++ u32 mem_size, mem2_size = 0; ++#endif + int ret = 0; + + dev = ax__alloc_ei_netdev(sizeof(struct ax_device)); diff --git a/arm-omap-load-tfp410.patch b/arm-omap-load-tfp410.patch new file mode 100644 index 000000000..0f2ba5457 --- /dev/null +++ b/arm-omap-load-tfp410.patch @@ -0,0 +1,14 @@ +diff -urNp linux-3.9.4-300.fc19.armv7hl_orig/drivers/video/omap2/dss/core.c linux-3.9.4-300.fc19.armv7hl/drivers/video/omap2/dss/core.c +--- linux-3.9.4-300.fc19.armv7hl_orig/drivers/video/omap2/dss/core.c 2013-04-28 20:36:01.000000000 -0400 ++++ linux-3.9.4-300.fc19.armv7hl/drivers/video/omap2/dss/core.c 2013-05-31 12:24:07.711334359 -0400 +@@ -596,6 +596,9 @@ static int __init omap_dss_init(void) + { + int r; + ++ /* hack to load panel-tfp410 driver */ ++ request_module("panel-tfp410"); ++ + r = omap_dss_bus_register(); + if (r) + return r; +Binary files linux-3.9.4-300.fc19.armv7hl_orig/drivers/video/omap2/dss/.Makefile.swp and linux-3.9.4-300.fc19.armv7hl/drivers/video/omap2/dss/.Makefile.swp differ diff --git a/arm-tegra-nvec-kconfig.patch b/arm-tegra-nvec-kconfig.patch deleted file mode 100644 index a3f568cd5..000000000 --- a/arm-tegra-nvec-kconfig.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- linux-2.6.42.noarch/drivers/staging/nvec/Kconfig.orig 2012-02-02 08:16:12.512727480 -0600 -+++ linux-2.6.42.noarch/drivers/staging/nvec/Kconfig 2012-02-01 18:44:56.674990109 -0600 -@@ -1,6 +1,6 @@ - config MFD_NVEC - bool "NV Tegra Embedded Controller SMBus Interface" -- depends on I2C && GPIOLIB && ARCH_TEGRA -+ depends on I2C && GPIOLIB && ARCH_TEGRA && MFD_CORE=y - help - Say Y here to enable support for a nVidia compliant embedded - controller. diff --git a/arm-tegra-sdhci-module-fix.patch b/arm-tegra-sdhci-module-fix.patch deleted file mode 100644 index 24ba278ed..000000000 --- a/arm-tegra-sdhci-module-fix.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- linux-3.5.0-0.rc0.git3.1.fc18.armv7hl/drivers/mmc/host/sdhci-tegra.c.orig 2012-05-23 06:59:19.797302757 -0500 -+++ linux-3.5.0-0.rc0.git3.1.fc18.armv7hl/drivers/mmc/host/sdhci-tegra.c 2012-05-22 15:26:07.154823359 -0500 -@@ -190,7 +190,7 @@ - #endif - {} - }; --MODULE_DEVICE_TABLE(of, sdhci_dt_ids); -+MODULE_DEVICE_TABLE(of, sdhci_tegra_dt_match); - - static struct tegra_sdhci_platform_data * __devinit sdhci_tegra_dt_parse_pdata( - struct platform_device *pdev) diff --git a/ath9k_rx_dma_stop_check.patch b/ath9k_rx_dma_stop_check.patch new file mode 100644 index 000000000..606eb1c63 --- /dev/null +++ b/ath9k_rx_dma_stop_check.patch @@ -0,0 +1,28 @@ +--- a/drivers/net/wireless/ath/ath9k/mac.c ++++ b/drivers/net/wireless/ath/ath9k/mac.c +@@ -689,7 +689,7 @@ bool ath9k_hw_stopdmarecv(struct ath_hw + { + #define AH_RX_STOP_DMA_TIMEOUT 10000 /* usec */ + struct ath_common *common = ath9k_hw_common(ah); +- u32 mac_status, last_mac_status = 0; ++ u32 mac_status = 0, last_mac_status = 0; + int i; + + /* Enable access to the DMA observation bus */ +@@ -719,6 +719,16 @@ bool ath9k_hw_stopdmarecv(struct ath_hw + } + + if (i == 0) { ++ if (!AR_SREV_9300_20_OR_LATER(ah) && ++ (mac_status & 0x700) == 0) { ++ /* ++ * DMA is idle but the MAC is still stuck ++ * processing events ++ */ ++ *reset = true; ++ return true; ++ } ++ + ath_err(common, + "DMA failed to stop in %d ms AR_CR=0x%08x AR_DIAG_SW=0x%08x DMADBG_7=0x%08x\n", + AH_RX_STOP_DMA_TIMEOUT / 1000, diff --git a/bonding-driver-alb-learning.patch b/bonding-driver-alb-learning.patch new file mode 100644 index 000000000..c7f8e8f6b --- /dev/null +++ b/bonding-driver-alb-learning.patch @@ -0,0 +1,155 @@ +commit 7eacd03810960823393521063734fc8188446bca +Author: Neil Horman +Date: Fri Sep 13 11:05:33 2013 -0400 + + bonding: Make alb learning packet interval configurable + + running bonding in ALB mode requires that learning packets be sent periodically, + so that the switch knows where to send responding traffic. However, depending + on switch configuration, there may not be any need to send traffic at the + default rate of 3 packets per second, which represents little more than wasted + data. Allow the ALB learning packet interval to be made configurable via sysfs + + Signed-off-by: Neil Horman + Acked-by: Acked-by: Veaceslav Falico + CC: Jay Vosburgh + CC: Andy Gospodarek + CC: "David S. Miller" + Signed-off-by: Andy Gospodarek + Signed-off-by: David S. Miller + +diff --git a/Documentation/networking/bonding.txt b/Documentation/networking/bonding.txt +index 87bbcfe..9b28e71 100644 +--- a/Documentation/networking/bonding.txt ++++ b/Documentation/networking/bonding.txt +@@ -1362,6 +1362,12 @@ To add ARP targets: + To remove an ARP target: + # echo -192.168.0.100 > /sys/class/net/bond0/bonding/arp_ip_target + ++To configure the interval between learning packet transmits: ++# echo 12 > /sys/class/net/bond0/bonding/lp_interval ++ NOTE: the lp_inteval is the number of seconds between instances where ++the bonding driver sends learning packets to each slaves peer switch. The ++default interval is 1 second. ++ + Example Configuration + --------------------- + We begin with the same example that is shown in section 3.3, +diff --git a/drivers/net/bonding/bond_alb.c b/drivers/net/bonding/bond_alb.c +index 91f179d..f428ef57 100644 +--- a/drivers/net/bonding/bond_alb.c ++++ b/drivers/net/bonding/bond_alb.c +@@ -1472,7 +1472,7 @@ void bond_alb_monitor(struct work_struct *work) + bond_info->lp_counter++; + + /* send learning packets */ +- if (bond_info->lp_counter >= BOND_ALB_LP_TICKS) { ++ if (bond_info->lp_counter >= BOND_ALB_LP_TICKS(bond)) { + /* change of curr_active_slave involves swapping of mac addresses. + * in order to avoid this swapping from happening while + * sending the learning packets, the curr_slave_lock must be held for +diff --git a/drivers/net/bonding/bond_alb.h b/drivers/net/bonding/bond_alb.h +index 28d8e4c..c5eff5d 100644 +--- a/drivers/net/bonding/bond_alb.h ++++ b/drivers/net/bonding/bond_alb.h +@@ -36,14 +36,15 @@ struct slave; + * Used for division - never set + * to zero !!! + */ +-#define BOND_ALB_LP_INTERVAL 1 /* In seconds, periodic send of +- * learning packets to the switch +- */ ++#define BOND_ALB_DEFAULT_LP_INTERVAL 1 ++#define BOND_ALB_LP_INTERVAL(bond) (bond->params.lp_interval) /* In seconds, periodic send of ++ * learning packets to the switch ++ */ + + #define BOND_TLB_REBALANCE_TICKS (BOND_TLB_REBALANCE_INTERVAL \ + * ALB_TIMER_TICKS_PER_SEC) + +-#define BOND_ALB_LP_TICKS (BOND_ALB_LP_INTERVAL \ ++#define BOND_ALB_LP_TICKS(bond) (BOND_ALB_LP_INTERVAL(bond) \ + * ALB_TIMER_TICKS_PER_SEC) + + #define TLB_HASH_TABLE_SIZE 256 /* The size of the clients hash table. +diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c +index 72df399..55bbb8b 100644 +--- a/drivers/net/bonding/bond_main.c ++++ b/drivers/net/bonding/bond_main.c +@@ -4416,6 +4416,7 @@ static int bond_check_params(struct bond_params *params) + params->all_slaves_active = all_slaves_active; + params->resend_igmp = resend_igmp; + params->min_links = min_links; ++ params->lp_interval = BOND_ALB_DEFAULT_LP_INTERVAL; + + if (primary) { + strncpy(params->primary, primary, IFNAMSIZ); +diff --git a/drivers/net/bonding/bond_sysfs.c b/drivers/net/bonding/bond_sysfs.c +index eeab40b..c29b836 100644 +--- a/drivers/net/bonding/bond_sysfs.c ++++ b/drivers/net/bonding/bond_sysfs.c +@@ -1699,6 +1699,44 @@ out: + static DEVICE_ATTR(resend_igmp, S_IRUGO | S_IWUSR, + bonding_show_resend_igmp, bonding_store_resend_igmp); + ++ ++static ssize_t bonding_show_lp_interval(struct device *d, ++ struct device_attribute *attr, ++ char *buf) ++{ ++ struct bonding *bond = to_bond(d); ++ return sprintf(buf, "%d\n", bond->params.lp_interval); ++} ++ ++static ssize_t bonding_store_lp_interval(struct device *d, ++ struct device_attribute *attr, ++ const char *buf, size_t count) ++{ ++ struct bonding *bond = to_bond(d); ++ int new_value, ret = count; ++ ++ if (sscanf(buf, "%d", &new_value) != 1) { ++ pr_err("%s: no lp interval value specified.\n", ++ bond->dev->name); ++ ret = -EINVAL; ++ goto out; ++ } ++ ++ if (new_value <= 0) { ++ pr_err ("%s: lp_interval must be between 1 and %d\n", ++ bond->dev->name, INT_MAX); ++ ret = -EINVAL; ++ goto out; ++ } ++ ++ bond->params.lp_interval = new_value; ++out: ++ return ret; ++} ++ ++static DEVICE_ATTR(lp_interval, S_IRUGO | S_IWUSR, ++ bonding_show_lp_interval, bonding_store_lp_interval); ++ + static struct attribute *per_bond_attrs[] = { + &dev_attr_slaves.attr, + &dev_attr_mode.attr, +@@ -1729,6 +1767,7 @@ static struct attribute *per_bond_attrs[] = { + &dev_attr_all_slaves_active.attr, + &dev_attr_resend_igmp.attr, + &dev_attr_min_links.attr, ++ &dev_attr_lp_interval.attr, + NULL, + }; + +diff --git a/drivers/net/bonding/bonding.h b/drivers/net/bonding/bonding.h +index 7ad8bd5..03cf3fd 100644 +--- a/drivers/net/bonding/bonding.h ++++ b/drivers/net/bonding/bonding.h +@@ -176,6 +176,7 @@ struct bond_params { + int tx_queues; + int all_slaves_active; + int resend_igmp; ++ int lp_interval; + }; + + struct bond_parm_tbl { diff --git a/br-fix-use-of-rx_handler_data-in-code-executed-on-no.patch b/br-fix-use-of-rx_handler_data-in-code-executed-on-no.patch new file mode 100644 index 000000000..21e749291 --- /dev/null +++ b/br-fix-use-of-rx_handler_data-in-code-executed-on-no.patch @@ -0,0 +1,83 @@ +Bugzilla: 1025770 +Upstream-status: 3.13 (commit 859828c0ea476b42f3a) + +From 1a62121ead27a218d4b02b7130a6f5f6ca9c247e Mon Sep 17 00:00:00 2001 +From: Jiri Pirko +Date: Thu, 5 Dec 2013 16:27:37 +0100 +Subject: [PATCH] br: fix use of ->rx_handler_data in code executed on + non-rx_handler path + +br_stp_rcv() is reached by non-rx_handler path. That means there is no +guarantee that dev is bridge port and therefore simple NULL check of +->rx_handler_data is not enough. There is need to check if dev is really +bridge port and since only rcu read lock is held here, do it by checking +->rx_handler pointer. + +Note that synchronize_net() in netdev_rx_handler_unregister() ensures +this approach as valid. + +Introduced originally by: +commit f350a0a87374418635689471606454abc7beaa3a + "bridge: use rx_handler_data pointer to store net_bridge_port pointer" + +Fixed but not in the best way by: +commit b5ed54e94d324f17c97852296d61a143f01b227a + "bridge: fix RCU races with bridge port" + +Reintroduced by: +commit 716ec052d2280d511e10e90ad54a86f5b5d4dcc2 + "bridge: fix NULL pointer deref of br_port_get_rcu" + +Please apply to stable trees as well. Thanks. + +RH bugzilla reference: https://bugzilla.redhat.com/show_bug.cgi?id=1025770 + +Reported-by: Laine Stump +Debugged-by: Michael S. Tsirkin +Signed-off-by: Michael S. Tsirkin +Signed-off-by: Jiri Pirko +Acked-by: Michael S. Tsirkin +Acked-by: Eric Dumazet +Signed-off-by: David S. Miller +--- + net/bridge/br_private.h | 10 ++++++++++ + net/bridge/br_stp_bpdu.c | 2 +- + 2 files changed, 11 insertions(+), 1 deletion(-) + +diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h +index e14c33b..9a63c42 100644 +--- a/net/bridge/br_private.h ++++ b/net/bridge/br_private.h +@@ -442,6 +442,16 @@ extern netdev_features_t br_features_recompute(struct net_bridge *br, + extern int br_handle_frame_finish(struct sk_buff *skb); + extern rx_handler_result_t br_handle_frame(struct sk_buff **pskb); + ++static inline bool br_rx_handler_check_rcu(const struct net_device *dev) ++{ ++ return rcu_dereference(dev->rx_handler) == br_handle_frame; ++} ++ ++static inline struct net_bridge_port *br_port_get_check_rcu(const struct net_device *dev) ++{ ++ return br_rx_handler_check_rcu(dev) ? br_port_get_rcu(dev) : NULL; ++} ++ + /* br_ioctl.c */ + extern int br_dev_ioctl(struct net_device *dev, struct ifreq *rq, int cmd); + extern int br_ioctl_deviceless_stub(struct net *net, unsigned int cmd, void __user *arg); +diff --git a/net/bridge/br_stp_bpdu.c b/net/bridge/br_stp_bpdu.c +index 8660ea3..bdb459d 100644 +--- a/net/bridge/br_stp_bpdu.c ++++ b/net/bridge/br_stp_bpdu.c +@@ -153,7 +153,7 @@ void br_stp_rcv(const struct stp_proto *proto, struct sk_buff *skb, + if (buf[0] != 0 || buf[1] != 0 || buf[2] != 0) + goto err; + +- p = br_port_get_rcu(dev); ++ p = br_port_get_check_rcu(dev); + if (!p) + goto err; + +-- +1.8.3.1 + diff --git a/cifs-Allow-LANMAN-auth-for-unencapsulated-auth-methods.patch b/cifs-Allow-LANMAN-auth-for-unencapsulated-auth-methods.patch new file mode 100644 index 000000000..51ce50f87 --- /dev/null +++ b/cifs-Allow-LANMAN-auth-for-unencapsulated-auth-methods.patch @@ -0,0 +1,39 @@ +From dde2356c8466298bd77fa699e0ea296372eed47b Mon Sep 17 00:00:00 2001 +From: Sachin Prabhu +Date: Fri, 27 Sep 2013 17:35:42 +0000 +Subject: cifs: Allow LANMAN auth method for servers supporting unencapsulated authentication methods + +This allows users to use LANMAN authentication on servers which support +unencapsulated authentication. + +The patch fixes a regression where users using plaintext authentication +were no longer able to do so because of changed bought in by patch +3f618223dc0bdcbc8d510350e78ee2195ff93768 + +https://bugzilla.redhat.com/show_bug.cgi?id=1011621 + +Reported-by: Panos Kavalagios +Reviewed-by: Jeff Layton +Signed-off-by: Sachin Prabhu +Signed-off-by: Steve French +--- +(limited to 'fs/cifs') + +diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c +index 352358d..e87387d 100644 +--- a/fs/cifs/sess.c ++++ b/fs/cifs/sess.c +@@ -500,9 +500,9 @@ select_sectype(struct TCP_Server_Info *server, enum securityEnum requested) + return NTLMv2; + if (global_secflags & CIFSSEC_MAY_NTLM) + return NTLM; +- /* Fallthrough */ + default: +- return Unspecified; ++ /* Fallthrough to attempt LANMAN authentication next */ ++ break; + } + case CIFS_NEGFLAVOR_LANMAN: + switch (requested) { +-- +cgit v0.9.2 diff --git a/linux-2.6-compile-fixes.patch b/compile-fixes.patch similarity index 100% rename from linux-2.6-compile-fixes.patch rename to compile-fixes.patch diff --git a/config-arm-generic b/config-arm-generic index 31ebd9bfe..5000b5b5a 100644 --- a/config-arm-generic +++ b/config-arm-generic @@ -1,231 +1,103 @@ -# Generic ARM config. This is common config options that should be -# enabled on all ARM kernels and hence should be added here -# -# FIXME - we need to add debug/nodebug generic build options -# CONFIG_DEBUG_PER_CPU_MAPS is not set - -# Generic ARM processor options -CONFIG_ARM=y - -CONFIG_ARM_THUMB=y -CONFIG_AEABI=y -CONFIG_OABI_COMPAT=y -CONFIG_VFP=y -CONFIG_ARM_UNWIND=y - -CONFIG_SMP=y -CONFIG_NR_CPUS=4 -CONFIG_SMP_ON_UP=y - +CONFIG_KUSER_HELPERS=y +# CONFIG_ASYMMETRIC_KEY_TYPE is not set +# CONFIG_COMMON_CLK_DEBUG is not set +CONFIG_COMMON_CLK=y +CONFIG_EARLY_PRINTK=y +CONFIG_FB_SSD1307=m +CONFIG_HW_PERF_EVENTS=y +CONFIG_MMC=y +CONFIG_NFS_FS=y +# CONFIG_PID_IN_CONTEXTIDR is not set +CONFIG_PWM=y +CONFIG_RCU_FANOUT_LEAF=16 +# CONFIG_RTC_DRV_SNVS is not set +CONFIG_BACKLIGHT_PWM=m +CONFIG_INPUT_PWM_BEEPER=m +CONFIG_ARM_SP805_WATCHDOG=m CONFIG_ARM_ARCH_TIMER=y +# CONFIG_ARM_DT_BL_CPUFREQ is not set +CONFIG_NR_CPUS=8 +CONFIG_ARM_DMA_USE_IOMMU=y -# CONFIG_FPE_NWFPE is not set -CONFIG_FPE_FASTFPE=y +# ARM AMBA generic HW +CONFIG_ARM_AMBA=y +CONFIG_ARM_GIC=y +CONFIG_MMC_ARMMMCI=y +CONFIG_SERIAL_AMBA_PL011_CONSOLE=y +CONFIG_SERIAL_AMBA_PL011=y +CONFIG_SERIO_AMBAKMI=y +CONFIG_OC_ETM=y -# Generic ARM Errata -CONFIG_ARM_ERRATA_720789=y -CONFIG_ARM_ERRATA_751472=y +# ARM VExpress +CONFIG_ARCH_VEXPRESS=y +CONFIG_VEXPRESS_CONFIG=y +CONFIG_COMMON_CLK_VERSATILE=y +CONFIG_I2C_VERSATILE=m +CONFIG_POWER_RESET_VEXPRESS=y +CONFIG_REGULATOR_VEXPRESS=m +CONFIG_SENSORS_VEXPRESS=m -# Generic ARM config options -CONFIG_ZBOOT_ROM_TEXT=0 -CONFIG_ZBOOT_ROM_BSS=0 - -CONFIG_ATAGS_PROC=y - -# DeviceTree -CONFIG_USE_OF=y -# CONFIG_OF_SELFTEST is not set +# Device tree +CONFIG_DTC=y +CONFIG_DMA_OF=y CONFIG_PROC_DEVICETREE=y -CONFIG_ARM_APPENDED_DTB=y +CONFIG_OF=y +CONFIG_OF_ADDRESS=y +CONFIG_OF_DEVICE=y +CONFIG_OF_EARLY_FLATTREE=y +CONFIG_OF_FLATTREE=y +CONFIG_OF_GPIO=y +CONFIG_OF_I2C=m +CONFIG_OF_IRQ=y +CONFIG_OF_MDIO=m +CONFIG_OF_MTD=y +CONFIG_OF_NET=y +CONFIG_OF_PCI_IRQ=m +CONFIG_OF_PCI=m +# CONFIG_OF_SELFTEST is not set +CONFIG_SERIAL_OF_PLATFORM=y -# Generic options we want for ARM that aren't defualt -CONFIG_HIGHMEM=y -CONFIG_CC_OPTIMIZE_FOR_SIZE=y - -CONFIG_SCHED_MC=y -CONFIG_SCHED_SMT=y - -CONFIG_RCU_FANOUT=32 - -CONFIG_CPU_IDLE=y -# CONFIG_CPU_IDLE_GOV_LADDER is not set -CONFIG_CPU_IDLE_GOV_MENU=y - -CONFIG_NO_HZ=y -CONFIG_HIGH_RES_TIMERS=y - -CONFIG_PM=y -CONFIG_PM_STD_PARTITION="" -CONFIG_SUSPEND=y -CONFIG_ARM_CPU_SUSPEND=y -CONFIG_ARM_CPU_TOPOLOGY=y - -CONFIG_THERMAL=y - -CONFIG_PERF_EVENTS=y -CONFIG_PERF_COUNTERS=y - -CONFIG_CC_STACKPROTECTOR=y - -CONFIG_AUTO_ZRELADDR=y - -CONFIG_SECCOMP=y -CONFIG_STRICT_DEVMEM=y - -CONFIG_SPARSE_IRQ=y - -CONFIG_DEFAULT_MMAP_MIN_ADDR=32768 -CONFIG_LSM_MMAP_MIN_ADDR=32768 - -# Generic HW for all ARM platforms -CONFIG_LEDS=y -CONFIG_LEDS_CPU=y -CONFIG_LEDS_GPIO=m - -CONFIG_LBDAF=y - -CONFIG_RFKILL_GPIO=m -CONFIG_ARCH_WANT_OPTIONAL_GPIOLIB=y -CONFIG_GPIO_GENERIC_PLATFORM=m - -CONFIG_SND_ARM=y -CONFIG_SND_ARMAACI=m -CONFIG_SND_SOC=m -# CONFIG_SND_SOC_CACHE_LZO is not set -CONFIG_SND_SOC_ALL_CODECS=m - -CONFIG_AX88796=m -CONFIG_AX88796_93CX6=y -CONFIG_SMC91X=m -CONFIG_DM9000=m -CONFIG_DM9000_DEBUGLEVEL=4 -# CONFIG_DM9000_FORCE_SIMPLE_PHY_POLL is not set -CONFIG_SMC911X=m -CONFIG_SMSC911X=m - -CONFIG_MMC_SDHCI_PLTFM=m - -# Generic GPIO options -CONFIG_GENERIC_GPIO=y - -CONFIG_MTD=m -CONFIG_MTD_TESTS=m -CONFIG_MTD_CMDLINE_PARTS=y -# CONFIG_MTD_AFS_PARTS is not set -CONFIG_MTD_CHAR=m +# MTD CONFIG_MTD_BLKDEVS=m CONFIG_MTD_BLOCK=m -# CONFIG_MTD_TESTS is not set -# CONFIG_MTD_BLOCK_RO is not set -# CONFIG_MTD_AR7_PARTS is not set +CONFIG_MTD_CHAR=m CONFIG_MTD_CFI=m +CONFIG_MTD_CFI_INTELEXT=m CONFIG_MTD_CFI_AMDSTD=m -CONFIG_MTD_CFI_ADV_OPTIONS=y -CONFIG_MTD_CFI_NOSWAP=y -CONFIG_MTD_CFI_GEOMETRY=y -CONFIG_MTD_CFI_I1=y -CONFIG_MTD_CFI_I2=y -CONFIG_MTD_CFI_INTELEXT=y -CONFIG_MTD_CFI_STAA=y -CONFIG_MTD_CFI_UTIL=y -CONFIG_MTD_DOC2000=m -CONFIG_MTD_DOC2001=m -CONFIG_MTD_DOC2001PLUS=m -# CONFIG_MTD_DOCPROBE_ADVANCED is not set -CONFIG_MTD_ALAUDA=m -# CONFIG_MTD_ONENAND is not set -CONFIG_MTD_JEDECPROBE=m -CONFIG_MTD_GEN_PROBE=y -CONFIG_MTD_MAP_BANK_WIDTH_1=y -CONFIG_MTD_MAP_BANK_WIDTH_2=y -# CONFIG_MTD_MAP_BANK_WIDTH_4 is not set -# CONFIG_MTD_MAP_BANK_WIDTH_8 is not set -# CONFIG_MTD_MAP_BANK_WIDTH_16 is not set -# CONFIG_MTD_MAP_BANK_WIDTH_32 is not set -# CONFIG_MTD_CFI_I4 is not set -# CONFIG_MTD_CFI_I8 is not set +CONFIG_MTD_CFI_STAA=m +CONFIG_MTD_OF_PARTS=m +# CONFIG_MTD_CFI_ADV_OPTIONS is not set CONFIG_MTD_PHYSMAP=m +CONFIG_MTD_PHYSMAP_OF=m # CONFIG_MTD_PHYSMAP_COMPAT is not set -CONFIG_MTD_M25P80=m -CONFIG_M25PXX_USE_FAST_READ=y -CONFIG_MTD_NAND=m -CONFIG_MTD_NAND_ECC=m -CONFIG_MTD_NAND_IDS=m -# CONFIG_MTD_NAND_CAFE is not set -# CONFIG_MTD_NAND_ECC_SMC is not set -# CONFIG_MTD_NAND_DENALI is not set -# CONFIG_MTD_NAND_DOCG4 is not set -CONFIG_MTD_NAND_GPIO=m -# CONFIG_MTD_INTEL_VR_NOR is not set -# CONFIG_MTD_NAND_NANDSIM is not set -CONFIG_MTD_NAND_ORION=m -# CONFIG_MTD_NAND_RICOH is not set -# CONFIG_MTD_NAND_PLATFORM is not set -# CONFIG_MTD_OTP is not set -# CONFIG_MTD_PMC551 is not set -# CONFIG_MTD_PLATRAM is not set -# CONFIG_MTD_PHRAM is not set -# CONFIG_MTD_SLRAM is not set -CONFIG_MTD_UBI=m -CONFIG_MTD_UBI_WL_THRESHOLD=4096 -CONFIG_MTD_UBI_BEB_RESERVE=1 -# CONFIG_MTD_UBI_GLUEBI is not set -# CONFIG_MTD_UBI_DEBUG is not set +CONFIG_OF_MTD=y -# CONFIG_SM_FTL is not set +# GPIO +CONFIG_GENERIC_GPIO=y +CONFIG_GPIOLIB=y +CONFIG_ARCH_WANT_OPTIONAL_GPIOLIB=y +CONFIG_MDIO_GPIO=m +CONFIG_POWER_RESET_GPIO=y +CONFIG_RFKILL_GPIO=m -CONFIG_JFFS2_FS=m -CONFIG_JFFS2_FS_DEBUG=0 -CONFIG_JFFS2_FS_WRITEBUFFER=y -# CONFIG_JFFS2_FS_WBUF_VERIFY is not set -# CONFIG_JFFS2_SUMMARY is not set -# CONFIG_JFFS2_FS_XATTR is not set -# CONFIG_JFFS2_COMPRESSION_OPTIONS is not set -CONFIG_JFFS2_ZLIB=y -# CONFIG_JFFS2_LZO is not set -CONFIG_JFFS2_RTIME=y -# CONFIG_JFFS2_RUBIN is not set +# MFD +CONFIG_MFD_CORE=m -CONFIG_UBIFS_FS=m -CONFIG_UBIFS_FS_XATTR=y -CONFIG_UBIFS_FS_ADVANCED_COMPR=y -CONFIG_UBIFS_FS_LZO=y -CONFIG_UBIFS_FS_ZLIB=y -# CONFIG_UBIFS_FS_DEBUG is not set +CONFIG_SMC91X=m +CONFIG_SMC911X=m -# HW Disabled because it causes issues on ARM platforms - -# disable TPM on arm at least on the trimslices it causes havoc -# CONFIG_TCG_TPM is not set -# CONFIG_IMA is not set - -# ERROR: "__bswapsi2" [drivers/staging/crystalhd/crystalhd.ko] undefined! -# CONFIG_CRYSTALHD is not set - -# these modules all fail with missing __bad_udelay -# http://www.spinics.net/lists/arm/msg15615.html provides some background -# CONFIG_SUNGEM is not set -# CONFIG_FB_SAVAGE is not set -# CONFIG_FB_RADEON is not set -# CONFIG_DRM_RADEON is not set -# CONFIG_ATM_HE is not set -# CONFIG_SCSI_ACARD is not set -# CONFIG_SFC is not set - -# these all currently fail due to missing symbols __bad_udelay or -# error: implicit declaration of function ‘iowrite32be’ -# CONFIG_SND_ALI5451 is not set -# CONFIG_DRM_NOUVEAU is not set -# CONFIG_MLX4_EN is not set - -# drivers/input/touchscreen/eeti_ts.c:65:2: error: implicit declaration of function 'irq_to_gpio' [-Werror=implicit-function-declaration] -# CONFIG_TOUCHSCREEN_EETI is not set -# CONFIG_TOUCHSCREEN_EGALAX is not set -# CONFIG_TOUCHSCREEN_AUO_PIXCIR is not set -# -# CONFIG_FB_MX3 is not set -# CONFIG_MX3_IPU is not set -# CONFIG_MX3_IPU_IRQS is not set - -# CONFIG_NET_VENDOR_CIRRUS is not set -# CONFIG_CS89x0 is not set +# CONFIG_CRYPTO_TEST is not set +# CONFIG_TRANSPARENT_HUGEPAGE is not set +# CONFIG_XEN is not set +# CONFIG_DRM_RCAR_DU is not set +# CONFIG_DRM_SHMOBILE is not set +# CONFIG_MMC_DW_SOCFPGA is not set +# CONFIG_ARM_SMMU is not set +# CONFIG_I2C_NOMADIK is not set +# CONFIG_IRQ_DOMAIN_DEBUG is not set +# CONFIG_LEDS_RENESAS_TPU is not set +# CONFIG_MMC_SDHCI_PXAV2 is not set +# CONFIG_MMC_SDHCI_PXAV3 is not set +# CONFIG_COMMON_CLK_SI5351 is not set +# CONFIG_LOCK_STAT is not set +# CONFIG_PCIEPORTBUS is not set diff --git a/config-arm-highbank b/config-arm-highbank deleted file mode 100644 index 6fe9262bd..000000000 --- a/config-arm-highbank +++ /dev/null @@ -1,57 +0,0 @@ -CONFIG_ARCH_HIGHBANK=y -# CONFIG_ARM_LPAE is not set -# CONFIG_ARM_THUMBEE is not set -CONFIG_SWP_EMULATE=y -# CONFIG_CPU_BPREDICT_DISABLE is not set -# CONFIG_ARM_ERRATA_430973 is not set -# CONFIG_ARM_ERRATA_458693 is not set -# CONFIG_ARM_ERRATA_460075 is not set -# CONFIG_PL310_ERRATA_588369 is not set -# CONFIG_PL310_ERRATA_727915 is not set -# CONFIG_ARM_ERRATA_743622 is not set -# CONFIG_PL310_ERRATA_753970 is not set -# CONFIG_ARM_ERRATA_754322 is not set -# CONFIG_PL310_ERRATA_769419 is not set - -# CONFIG_THUMB2_KERNEL is not set - -CONFIG_ARM_TIMER_SP804=y - -CONFIG_VFP=y -CONFIG_VFPv3=y -CONFIG_NEON=y - -CONFIG_SATA_AHCI_PLATFORM=y -CONFIG_ATA_SFF=y - -CONFIG_NET_CALXEDA_XGMAC=y - -CONFIG_GPIO_PL061=y - -CONFIG_SERIAL_AMBA_PL010=y -CONFIG_SERIAL_AMBA_PL010_CONSOLE=y -CONFIG_SERIAL_AMBA_PL011=y -CONFIG_SERIAL_AMBA_PL011_CONSOLE=y - -CONFIG_RTC_DRV_PL030=y -CONFIG_RTC_DRV_PL031=y - -# CONFIG_DVB_TDA1004X is not set -# CONFIG_DVB_PLL is not set - -# these were all requested to be disabled on highbank kernels by calxeda -# CONFIG_HAMRADIO is not set -# CONFIG_IRDA is not set -# CONFIG_WIMAX is not set -# CONFIG_RFKILL is not set -# CONFIG_CAIF is not set -# CONFIG_NFC is not set -# CONFIG_MTD is not set -# CONFIG_PARPORT is not set -# CONFIG_ATM_DRIVERS is not set -# CONFIG_WAN is not set -# CONFIG_ISDN is not set -# CONFIG_MEDIA_SUPPORT is not set -# CONFIG_DRM is not set -# CONFIG_SND is not set -# end of list of requested disabled options diff --git a/config-arm-imx b/config-arm-imx deleted file mode 100644 index 88dd42b5f..000000000 --- a/config-arm-imx +++ /dev/null @@ -1,88 +0,0 @@ -CONFIG_ARCH_MXC=y -CONFIG_ARCH_MX51=y -CONFIG_MACH_MX51_BABBAGE=y -CONFIG_MACH_MX51_3DS=y -CONFIG_MACH_EUKREA_CPUIMX51=y -CONFIG_VFP=y -CONFIG_NEON=y - -CONFIG_MACH_EUKREA_CPUIMX51SD=y -CONFIG_MACH_MX51_EFIKAMX=y -CONFIG_MACH_MX51_EFIKASB=y -# CONFIG_SWP_EMULATE is not set -# CONFIG_THUMB2_KERNEL is not set -CONFIG_CPU_FREQ_IMX=y -CONFIG_W1_MASTER_MXC=m -CONFIG_IMX_DMA=y -CONFIG_IMX_SDMA=y -CONFIG_MACH_MX31ADS=y -CONFIG_MACH_MX31LILLY=y -CONFIG_MACH_MX31LITE=y -CONFIG_MACH_PCM037=y -CONFIG_MACH_MX31_3DS=y -CONFIG_MACH_MX31MOBOARD=y -CONFIG_MACH_QONG=y -CONFIG_MACH_ARMADILLO5X0=y -CONFIG_MACH_KZM_ARM11_01=y -CONFIG_MACH_BUG=y -CONFIG_MACH_PCM043=y -CONFIG_MACH_MX35_3DS=y -CONFIG_MACH_EUKREA_CPUIMX35=y -CONFIG_MACH_VPR200=y -CONFIG_SOC_IMX6Q=y -CONFIG_MXC_IRQ_PRIOR=y -CONFIG_MXC_PWM=m -CONFIG_MXC_DEBUG_BOARD=y -# CONFIG_CPU_BPREDICT_DISABLE is not set -CONFIG_CACHE_L2X0=y -CONFIG_ARM_DMA_MEM_BUFFERABLE=y -CONFIG_ARM_ERRATA_411920=y -CONFIG_PL310_ERRATA_588369=y -CONFIG_PL310_ERRATA_727915=y -CONFIG_ARM_ERRATA_364296=y -CONFIG_PATA_IMX=m -CONFIG_NET_VENDOR_FREESCALE=y -CONFIG_FEC=y -CONFIG_KEYBOARD_IMX=m -CONFIG_SERIAL_IMX=y -CONFIG_HW_RANDOM_MXC_RNGA=m -CONFIG_I2C_IMX=m -CONFIG_GPIO_GENERIC_PLATFORM=y -CONFIG_GPIO_MCP23S08=m -# CONFIG_GPIO_MC9S08DZ60 is not set -CONFIG_DVB_TDA1004X=m -CONFIG_DVB_PLL=m -CONFIG_SND_IMX_SOC=m -CONFIG_USB_EHCI_MXC=y -# CONFIG_USB_IMX21_HCD is not set -CONFIG_MMC_SDHCI_ESDHC_IMX=m -CONFIG_MMC_MXC=m -CONFIG_RTC_MXC=y - -CONFIG_BACKLIGHT_PWM=m -CONFIG_LEDS_PWM=m - -CONFIG_MACH_PCM037_EET=y -# CONFIG_MACH_MX31_3DS_MXC_NAND_USE_BBT is not set -CONFIG_MXC_USE_EPIT=y -CONFIG_HAVE_EPIT=y -CONFIG_ARM_THUMBEE=y -CONFIG_ARM_ERRATA_430973=y -CONFIG_ARM_ERRATA_458693=y -CONFIG_ARM_ERRATA_460075=y -CONFIG_ARM_ERRATA_743622=y -CONFIG_ARM_ERRATA_754322=y -CONFIG_CAN_FLEXCAN=m -CONFIG_MTD_NAND_MXC=m -CONFIG_INPUT_PWM_BEEPER=m -CONFIG_SERIAL_IMX_CONSOLE=y -CONFIG_IMX2_WDT=m -CONFIG_SND_SOC_PHYCORE_AC97=m -CONFIG_SND_SOC_EUKREA_TLV320=m - -CONFIG_PL310_ERRATA_769419=y -CONFIG_LEDS_RENESAS_TPU=y - -# CONFIG_ARM_LPAE is not set -# CONFIG_INPUT_GP2A is not set -# CONFIG_INPUT_GPIO_TILT_POLLED is not set diff --git a/config-arm-kirkwood b/config-arm-kirkwood index 4d6dbf8c9..143f647f5 100644 --- a/config-arm-kirkwood +++ b/config-arm-kirkwood @@ -1,30 +1,556 @@ -CONFIG_ARCH_KIRKWOOD=y -CONFIG_ARCH_KIRKWOOD_DT=y +# Generic ARM config. This is common config options that should be +# enabled on all ARM kernels and hence should be added here +# +# FIXME - we need to add debug/nodebug generic build options +# CONFIG_DEBUG_PER_CPU_MAPS is not set + +# Generic ARM processor options +CONFIG_ARM=y + +CONFIG_ARM_THUMB=y +CONFIG_AEABI=y +CONFIG_ARM_UNWIND=y +# CONFIG_ARCH_MULTI_V7 is not set +# CONFIG_OABI_COMPAT is not set # CONFIG_SMP is not set # CONFIG_VFP is not set + +CONFIG_SMP=y +CONFIG_NR_CPUS=4 +CONFIG_SMP_ON_UP=y + +CONFIG_ARM_ARCH_TIMER=y + +CONFIG_CMDLINE="" + +# CONFIG_ARM_LPAE is not set +# CONFIG_FPE_NWFPE is not set +CONFIG_FPE_FASTFPE=y +CONFIG_HIGHPTE=y +CONFIG_HW_PERF_EVENTS=y +CONFIG_UACCESS_WITH_MEMCPY=y +# CONFIG_GENERIC_CPUFREQ_CPU0 is not set + +# Generic ARM Errata +CONFIG_ARM_ERRATA_720789=y +CONFIG_ARM_ERRATA_751472=y +CONFIG_ARM_ERRATA_742230=y +CONFIG_ARM_ERRATA_742231=y +CONFIG_ARM_ERRATA_754327=y +CONFIG_ARM_ERRATA_764369=y +CONFIG_ARM_ERRATA_775420=y +CONFIG_PL310_ERRATA_753970=y + +# Generic ARM config options +CONFIG_ZBOOT_ROM_TEXT=0 +CONFIG_ZBOOT_ROM_BSS=0 +CONFIG_LOCAL_TIMERS=y + +CONFIG_ATAGS=y +CONFIG_ATAGS_PROC=y + +CONFIG_PL330_DMA=y +CONFIG_AMBA_PL08X=y +CONFIG_PL330_DMA=y +# CONFIG_XIP_KERNEL is not set +# CONFIG_PID_IN_CONTEXTIDR is not set + +# Generic options we want for ARM that aren't defualt +CONFIG_EARLY_PRINTK=y + +CONFIG_HIGHMEM=y +CONFIG_CC_OPTIMIZE_FOR_SIZE=y + +CONFIG_SCHED_MC=y +CONFIG_SCHED_SMT=y + +CONFIG_RCU_FANOUT=32 + +CONFIG_CPU_IDLE=y +# CONFIG_CPU_IDLE_MULTIPLE_DRIVERS is not set +# CONFIG_CPU_IDLE_GOV_LADDER is not set +CONFIG_CPU_IDLE_GOV_MENU=y + +CONFIG_NO_HZ=y +CONFIG_HIGH_RES_TIMERS=y + +CONFIG_PM=y +CONFIG_PM_STD_PARTITION="" +CONFIG_SUSPEND=y +CONFIG_ARM_CPU_SUSPEND=y +CONFIG_ARM_CPU_TOPOLOGY=y + +CONFIG_DEFAULT_MMAP_MIN_ADDR=32768 +CONFIG_LSM_MMAP_MIN_ADDR=32768 + +# CONFIG_XEN is not set + +CONFIG_PINCTRL=y +CONFIG_PINCONF=y + +CONFIG_COMMON_CLK=y + +CONFIG_THERMAL=y + +CONFIG_ETHERNET=y + +CONFIG_PERF_EVENTS=y +CONFIG_PERF_COUNTERS=y + +CONFIG_CC_STACKPROTECTOR=y + +CONFIG_SECCOMP=y +CONFIG_STRICT_DEVMEM=y + +CONFIG_SPARSE_IRQ=y + +# Generic HW for all ARM platforms +CONFIG_LEDS_GPIO=m + +CONFIG_LBDAF=y + +CONFIG_GPIOLIB=y +CONFIG_RFKILL_GPIO=m +CONFIG_ARCH_WANT_OPTIONAL_GPIOLIB=y +CONFIG_GPIO_GENERIC_PLATFORM=m +CONFIG_PINCTRL_SINGLE=m +CONFIG_POWER_RESET_GPIO=y + +CONFIG_USB_ULPI=y + +CONFIG_SND_ARM=y +CONFIG_SND_ARMAACI=m +CONFIG_SND_SOC=m +CONFIG_SND_DESIGNWARE_I2S=m +CONFIG_SND_SIMPLE_CARD=m +# CONFIG_SND_SOC_CACHE_LZO is not set +CONFIG_SND_SOC_ALL_CODECS=m +CONFIG_SND_SPI=y + +CONFIG_AX88796=m +CONFIG_AX88796_93CX6=y +CONFIG_SMC91X=m +CONFIG_DM9000=m +CONFIG_DM9000_DEBUGLEVEL=4 +# CONFIG_DM9000_FORCE_SIMPLE_PHY_POLL is not set +CONFIG_SMC911X=m +CONFIG_SMSC911X=m + +CONFIG_SERIO_AMBAKMI=m +CONFIG_I2C_NOMADIK=m +CONFIG_ARM_SP805_WATCHDOG=m +CONFIG_FB_ARMCLCD=m +CONFIG_FB_SSD1307=m +CONFIG_MPCORE_WATCHDOG=m +CONFIG_BACKLIGHT_PWM=m + +CONFIG_MMC_ARMMMCI=m +CONFIG_MMC_SDHCI_PLTFM=m +CONFIG_MMC_SDHCI_OF=m +CONFIG_MMC_SPI=m +CONFIG_MMC_DW=m +CONFIG_MMC_DW_PLTFM=m +CONFIG_MMC_DW_PCI=m +# CONFIG_MMC_DW_EXYNOS is not set +# CONFIG_MMC_DW_IDMAC is not set +CONFIG_MMC_SDHCI_PXAV3=m +CONFIG_MMC_SDHCI_PXAV2=m + +# CONFIG_DW_DMAC_BIG_ENDIAN_IO is not set + +CONFIG_SPI=y +# Generic GPIO options +CONFIG_GENERIC_GPIO=y + +CONFIG_MTD=m +CONFIG_MTD_TESTS=m +CONFIG_MTD_CMDLINE_PARTS=y +CONFIG_MTD_OF_PARTS=y +CONFIG_MTD_PHYSMAP_OF=y +# CONFIG_MTD_AFS_PARTS is not set +CONFIG_MTD_CHAR=m +CONFIG_MTD_BLKDEVS=m +CONFIG_MTD_BLOCK=m +# CONFIG_MTD_TESTS is not set +# CONFIG_MTD_BLOCK_RO is not set +# CONFIG_MTD_AR7_PARTS is not set +CONFIG_MTD_CFI=m +CONFIG_MTD_CFI_AMDSTD=m +CONFIG_MTD_CFI_ADV_OPTIONS=y +CONFIG_MTD_CFI_NOSWAP=y +CONFIG_MTD_CFI_GEOMETRY=y +CONFIG_MTD_CFI_I1=y +CONFIG_MTD_CFI_I2=y +CONFIG_MTD_CFI_INTELEXT=y +CONFIG_MTD_CFI_STAA=y +CONFIG_MTD_CFI_UTIL=y +CONFIG_MTD_DOC2000=m +CONFIG_MTD_DOC2001=m +CONFIG_MTD_DOC2001PLUS=m +# CONFIG_MTD_DOCPROBE_ADVANCED is not set +CONFIG_MTD_ALAUDA=m +# CONFIG_MTD_ONENAND is not set +CONFIG_MTD_JEDECPROBE=m +CONFIG_MTD_GEN_PROBE=y +CONFIG_MTD_IMPA7=m +CONFIG_MTD_MAP_BANK_WIDTH_1=y +CONFIG_MTD_MAP_BANK_WIDTH_2=y +# CONFIG_MTD_MAP_BANK_WIDTH_4 is not set +# CONFIG_MTD_MAP_BANK_WIDTH_8 is not set +# CONFIG_MTD_MAP_BANK_WIDTH_16 is not set +# CONFIG_MTD_MAP_BANK_WIDTH_32 is not set +# CONFIG_MTD_CFI_I4 is not set +# CONFIG_MTD_CFI_I8 is not set +CONFIG_MTD_PHYSMAP=m +# CONFIG_MTD_PHYSMAP_COMPAT is not set +CONFIG_MTD_M25P80=m +CONFIG_M25PXX_USE_FAST_READ=y +CONFIG_MTD_NAND=m +CONFIG_MTD_NAND_ECC=m +CONFIG_MTD_NAND_IDS=m +# CONFIG_MTD_NAND_CAFE is not set +# CONFIG_MTD_NAND_ECC_SMC is not set +# CONFIG_MTD_NAND_DENALI is not set +# CONFIG_MTD_NAND_DOCG4 is not set +CONFIG_MTD_NAND_GPIO=m +# CONFIG_MTD_INTEL_VR_NOR is not set +# CONFIG_MTD_NAND_NANDSIM is not set +CONFIG_MTD_NAND_ORION=m +# CONFIG_MTD_NAND_RICOH is not set +# CONFIG_MTD_NAND_PLATFORM is not set +# CONFIG_MTD_OTP is not set +# CONFIG_MTD_PMC551 is not set +# CONFIG_MTD_PLATRAM is not set +# CONFIG_MTD_PHRAM is not set +# CONFIG_MTD_SLRAM is not set +CONFIG_MTD_DATAFLASH=m +CONFIG_MTD_DATAFLASH_WRITE_VERIFY=y +CONFIG_MTD_DATAFLASH_OTP=y +CONFIG_MTD_SST25L=m +CONFIG_MTD_UBI=m +CONFIG_MTD_UBI_WL_THRESHOLD=4096 +CONFIG_MTD_UBI_BEB_RESERVE=1 +# CONFIG_MTD_UBI_GLUEBI is not set +# CONFIG_MTD_UBI_DEBUG is not set +CONFIG_MG_DISK=m +CONFIG_MG_DISK_RES=0 + +# CONFIG_SM_FTL is not set + +CONFIG_JFFS2_FS=m +CONFIG_JFFS2_FS_DEBUG=0 +CONFIG_JFFS2_FS_WRITEBUFFER=y +# CONFIG_JFFS2_FS_WBUF_VERIFY is not set +# CONFIG_JFFS2_SUMMARY is not set +# CONFIG_JFFS2_FS_XATTR is not set +# CONFIG_JFFS2_COMPRESSION_OPTIONS is not set +CONFIG_JFFS2_ZLIB=y +# CONFIG_JFFS2_LZO is not set +CONFIG_JFFS2_RTIME=y +# CONFIG_JFFS2_RUBIN is not set + +CONFIG_UBIFS_FS=m +CONFIG_UBIFS_FS_XATTR=y +CONFIG_UBIFS_FS_ADVANCED_COMPR=y +CONFIG_UBIFS_FS_LZO=y +CONFIG_UBIFS_FS_ZLIB=y +# CONFIG_UBIFS_FS_DEBUG is not set + +# HW crypto and rng +CONFIG_CRYPTO_SHA1_ARM=m +CONFIG_CRYPTO_AES_ARM=m +CONFIG_HW_RANDOM_ATMEL=m +CONFIG_HW_RANDOM_EXYNOS=m + +# Device tree +CONFIG_DTC=y +CONFIG_OF=y +CONFIG_USE_OF=y +CONFIG_OF_DEVICE=y +CONFIG_OF_IRQ=y +CONFIG_OF_GPIO=y +CONFIG_ARM_ATAG_DTB_COMPAT=y +CONFIG_ARM_APPENDED_DTB=y +CONFIG_PROC_DEVICETREE=y +# CONFIG_OF_SELFTEST is not set + +CONFIG_SERIAL_OF_PLATFORM=y +CONFIG_OF_GPIO=y +CONFIG_OF_PCI=y +CONFIG_OF_PCI_IRQ=y +CONFIG_I2C_MUX_PINCTRL=m +CONFIG_OF_MDIO=m +CONFIG_MDIO_BUS_MUX_GPIO=m +CONFIG_MDIO_BUS_MUX_MMIOREG=m + +CONFIG_BPF_JIT=y + +CONFIG_RCU_FANOUT_LEAF=16 +CONFIG_EDAC=y +CONFIG_EDAC_MM_EDAC=m +CONFIG_EDAC_LEGACY_SYSFS=y + +CONFIG_RTC_DRV_88PM80X=m +CONFIG_RTC_DRV_DS1305=m +CONFIG_RTC_DRV_DS1390=m +CONFIG_RTC_DRV_DS3234=m +CONFIG_RTC_DRV_M41T93=m +CONFIG_RTC_DRV_M41T94=m +CONFIG_RTC_DRV_MAX6902=m +CONFIG_RTC_DRV_MC13XXX=m +CONFIG_RTC_DRV_PCF2123=m +CONFIG_RTC_DRV_PL030=m +CONFIG_RTC_DRV_PL031=m +CONFIG_RTC_DRV_R9701=m +CONFIG_RTC_DRV_RS5C348=m +CONFIG_RTC_DRV_SNVS=m + +CONFIG_RFKILL_REGULATOR=m +CONFIG_INPUT_88PM80X_ONKEY=y +CONFIG_INPUT_GP2A=m +CONFIG_INPUT_GPIO_TILT_POLLED=m +CONFIG_INPUT_PWM_BEEPER=m +CONFIG_INPUT_ARIZONA_HAPTICS=m +CONFIG_INPUT_MC13783_PWRBUTTON=m + +CONFIG_SERIAL_AMBA_PL010=m +CONFIG_SERIAL_AMBA_PL011=m +CONFIG_SERIAL_MAX3100=m +CONFIG_SERIAL_MAX310X=y +CONFIG_SERIAL_IFX6X60=m + +CONFIG_GPIO_74X164=m +CONFIG_GPIO_ADNP=m +CONFIG_GPIO_ARIZONA=m +CONFIG_GPIO_MAX7301=m +CONFIG_GPIO_MC33880=m +CONFIG_GPIO_MCP23S08=m +CONFIG_GPIO_PL061=y + +CONFIG_SPI_ALTERA=m +CONFIG_SPI_BITBANG=m +CONFIG_SPI_BUTTERFLY=m +CONFIG_SPI_DW_MMIO=m +CONFIG_SPI_GPIO=m +CONFIG_SPI_LM70_LLP=m +CONFIG_SPI_OC_TINY=m +CONFIG_SPI_PL022=m +CONFIG_SPI_SC18IS602=m +CONFIG_SPI_XCOMM=m +CONFIG_SPI_XILINX=m +CONFIG_SPI_DESIGNWARE=m +CONFIG_SPI_SPIDEV=m +CONFIG_SPI_TLE62X0=m +CONFIG_BMP085_SPI=m +CONFIG_BMP085_SPI=m +CONFIG_EEPROM_AT25=m +CONFIG_EEPROM_93XX46=m +CONFIG_KS8851=m +CONFIG_MICREL_KS8995MA=m +CONFIG_LIBERTAS_SPI=m +CONFIG_P54_SPI=m +CONFIG_P54_SPI_DEFAULT_EEPROM=y + +CONFIG_MFD_CORE=m +CONFIG_MFD_88PM800=m +CONFIG_MFD_88PM805=m +CONFIG_MFD_ARIZONA_SPI=m +CONFIG_MFD_MC13XXX_SPI=m +CONFIG_MFD_SYSCON=y +# CONFIG_MFD_WM5102 is not set +# CONFIG_MFD_WM5110 is not set +# CONFIG_MFD_TPS65912_SPI is not set +# CONFIG_MFD_DA9052_SPI is not set +# CONFIG_MFD_WM831X_SPI is not set +# CONFIG_MFD_TPS80031 is not set +# CONFIG_MFD_AS3711 is not set +# CONFIG_MFD_SMSC is not set +# CONFIG_MFD_DA9055 is not set +# CONFIG_MFD_MAX8907 is not set + +CONFIG_REGULATOR_VIRTUAL_CONSUMER=m +CONFIG_REGULATOR_USERSPACE_CONSUMER=m +# CONFIG_REGULATOR_DUMMY is not set +CONFIG_REGULATOR_GPIO=m +CONFIG_REGULATOR_AD5398=m +CONFIG_REGULATOR_ANATOP=m +CONFIG_REGULATOR_ARIZONA=m +CONFIG_REGULATOR_FAN53555=m +CONFIG_REGULATOR_ISL6271A=m +CONFIG_REGULATOR_LP3972=m +CONFIG_REGULATOR_MAX1586=m +CONFIG_REGULATOR_MAX8649=m +CONFIG_REGULATOR_MAX8660=m +CONFIG_REGULATOR_MAX8952=m +CONFIG_REGULATOR_MAX8973=m +CONFIG_REGULATOR_MC13783=m +CONFIG_REGULATOR_MC13892=m +CONFIG_REGULATOR_LP3971=m +CONFIG_REGULATOR_TPS51632=m +CONFIG_REGULATOR_TPS62360=m +CONFIG_REGULATOR_TPS65023=m +CONFIG_REGULATOR_TPS6524X=m +CONFIG_REGULATOR_TPS6507X=m +CONFIG_CHARGER_MANAGER=y +CONFIG_EXTCON_GPIO=m + +CONFIG_SENSORS_AD7314=m +CONFIG_SENSORS_ADCXX=m +CONFIG_SENSORS_LM70=m +CONFIG_SENSORS_MAX1111=m +CONFIG_SENSORS_MC13783_ADC=m +CONFIG_SENSORS_ADS7871=m +CONFIG_SENSORS_LIS3_SPI=m + +CONFIG_IEEE802154_AT86RF230=m +CONFIG_IEEE802154_MRF24J40=m + +# CONFIG_ARM_VIRT_EXT is not set +# CONFIG_PINCTRL_EXYNOS4 is not set +# CONFIG_PINCTRL_EXYNOS5440 is not set + +# CONFIG_AUTO_ZRELADDR is not set +# CONFIG_ASYMMETRIC_KEY_TYPE is not set + +# CONFIG_VFIO is not set + +# CONFIG_XIP_KERNEL is not set +# CONFIG_CPU_ICACHE_DISABLE is not set +# CONFIG_CPU_DCACHE_DISABLE is not set +# CONFIG_APM_EMULATION is not set +# CONFIG_DEPRECATED_PARAM_STRUCT is not set + +# CONFIG_SERIAL_8250_EM is not set +# CONFIG_GPIO_EM is not set +# CONFIG_HVC_DCC is not set +# CONFIG_LEDS_RENESAS_TPU is not set +CONFIG_LEDS_DAC124S085=m +CONFIG_LEDS_MC13783=m + +# CONFIG_VIRTIO_CONSOLE is not set + +# Possibly part of Snowball +# CONFIG_MFD_T7L66XB is not set +# CONFIG_MFD_TC6387XB is not set + +# CONFIG_IRQ_DOMAIN_DEBUG is not set +# CONFIG_COMMON_CLK_DEBUG is not set +# CONFIG_DEBUG_USER is not set +# CONFIG_DEBUG_LL is not set +# CONFIG_ARM_KPROBES_TEST is not set +# CONFIG_SGI_IOC4 is not set +# CONFIG_BLK_DEV_PCIESSD_MTIP32XX is not set + +# CONFIG_DEBUG_PINCTRL is not set + +# HW Disabled because it causes issues on ARM platforms + +# disable TPM on arm at least on the trimslices it causes havoc +# CONFIG_TCG_TPM is not set + +# CONFIG_IMA is not set + +# ERROR: "__bswapsi2" [drivers/staging/crystalhd/crystalhd.ko] undefined! +# CONFIG_CRYSTALHD is not set + +# these modules all fail with missing __bad_udelay +# http://www.spinics.net/lists/arm/msg15615.html provides some background +# CONFIG_SUNGEM is not set +# CONFIG_FB_SAVAGE is not set +# CONFIG_FB_RADEON is not set +# CONFIG_DRM_RADEON is not set +# CONFIG_ATM_HE is not set +# CONFIG_SCSI_ACARD is not set +# CONFIG_SFC is not set + +# these all currently fail due to missing symbols __bad_udelay or +# error: implicit declaration of function ‘iowrite32be’ +# CONFIG_SND_ALI5451 is not set +# CONFIG_DRM_NOUVEAU is not set +# CONFIG_MLX4_EN is not set + +CONFIG_TOUCHSCREEN_ADS7846=m +CONFIG_TOUCHSCREEN_AD7877=m +CONFIG_TOUCHSCREEN_TSC2005=m +CONFIG_TOUCHSCREEN_MC13783=m + +# drivers/input/touchscreen/eeti_ts.c:65:2: error: implicit declaration of function 'irq_to_gpio' [-Werror=implicit-function-declaration] +# CONFIG_TOUCHSCREEN_EETI is not set +# CONFIG_TOUCHSCREEN_EGALAX is not set +# CONFIG_TOUCHSCREEN_AUO_PIXCIR is not set + +# CONFIG_PANEL_LGPHILIPS_LB035Q02 is not set +# CONFIG_PANEL_ACX565AKM is not set +# CONFIG_PANEL_N8X0 is not set + +# CONFIG_LCD_L4F00242T03 is not set +# CONFIG_LCD_LMS283GF05 is not set +# CONFIG_LCD_LTV350QV is not set +# CONFIG_LCD_ILI9320 is not set +# CONFIG_LCD_TDO24M is not set +# CONFIG_LCD_VGG2432A4 is not set +# CONFIG_LCD_S6E63M0 is not set +# CONFIG_LCD_LD9040 is not set +# CONFIG_LCD_AMS369FG06 is not set + +# CONFIG_FB_MX3 is not set +# CONFIG_MX3_IPU is not set +# CONFIG_MX3_IPU_IRQS is not set + +# CONFIG_NET_VENDOR_CIRRUS is not set +# CONFIG_NET_VENDOR_MICROCHIP is not set +# CONFIG_CS89x0 is not set +# CONFIG_DVB_USB_PCTV452E is not set +# CONFIG_PINCTRL_EXYNOS is not set + +# CONFIG_EZX_PCAP is not set + +# CONFIG_EXTCON_ARIZONA is not set +CONFIG_ARCH_KIRKWOOD=y +CONFIG_ARCH_KIRKWOOD_DT=y + +CONFIG_MACH_CLOUDBOX_DT=y +CONFIG_MACH_D2NET_V2=y CONFIG_MACH_DB88F6281_BP=y -CONFIG_MACH_RD88F6192_NAS=y -CONFIG_MACH_RD88F6281=y -CONFIG_MACH_MV88F6281GTW_GE=y -CONFIG_MACH_SHEEVAPLUG=y -CONFIG_MACH_ESATA_SHEEVAPLUG=y -CONFIG_MACH_GURUPLUG=y -CONFIG_MACH_DREAMPLUG_DT=y CONFIG_MACH_DOCKSTAR=y -CONFIG_MACH_TS219=y -CONFIG_MACH_TS41X=y +CONFIG_MACH_DOCKSTAR_DT=y +CONFIG_MACH_DREAMPLUG_DT=y +CONFIG_MACH_ESATA_SHEEVAPLUG=y +CONFIG_MACH_DLINK_KIRKWOOD_DT=y +CONFIG_MACH_GOFLEXNET_DT=y +CONFIG_MACH_GURUPLUG=y +CONFIG_MACH_GURUPLUG_DT=y +CONFIG_MACH_ICONNECT_DT=y +CONFIG_MACH_IB62X0_DT=y +CONFIG_MACH_INETSPACE_V2=y +CONFIG_MACH_INETSPACE_V2_DT=y +CONFIG_MACH_IOMEGA_IX2_200_DT=y +CONFIG_MACH_KM_KIRKWOOD_DT=y +CONFIG_MACH_LSXL_DT=y +CONFIG_MACH_MPLCEC4_DT=y +CONFIG_MACH_MV88F6281GTW_GE=y +CONFIG_MACH_NETSPACE_LITE_V2_DT=y +CONFIG_MACH_NETSPACE_MAX_V2=y +CONFIG_MACH_NETSPACE_MAX_V2_DT=y +CONFIG_MACH_NETSPACE_MINI_V2_DT=y +CONFIG_MACH_NETSPACE_V2=y +CONFIG_MACH_NETSPACE_V2_DT=y +CONFIG_MACH_NET2BIG_V2=y +CONFIG_MACH_NET5BIG_V2=y +CONFIG_MACH_NSA310_DT=y +CONFIG_MACH_OPENBLOCKS_A6_DT=y CONFIG_MACH_OPENRD_BASE=y CONFIG_MACH_OPENRD_CLIENT=y CONFIG_MACH_OPENRD_ULTIMATE=y -CONFIG_MACH_NETSPACE_V2=y -CONFIG_MACH_INETSPACE_V2=y -CONFIG_MACH_NETSPACE_MAX_V2=y -CONFIG_MACH_D2NET_V2=y -CONFIG_MACH_NET2BIG_V2=y -CONFIG_MACH_NET5BIG_V2=y +CONFIG_MACH_RD88F6192_NAS=y +CONFIG_MACH_RD88F6281=y +CONFIG_MACH_READYNAS_DT=y +CONFIG_MACH_SHEEVAPLUG=y +CONFIG_MACH_TOPKICK_DT=y +CONFIG_MACH_TS219=y +CONFIG_MACH_TS219_DT=y +CONFIG_MACH_TS41X=y CONFIG_MACH_T5325=y -# CONFIG_CPU_FEROCEON_OLD_ID is not set - CONFIG_CACHE_FEROCEON_L2=y CONFIG_CACHE_FEROCEON_L2_WRITETHROUGH=y @@ -43,8 +569,55 @@ CONFIG_LEDS_NETXBIG=m CONFIG_RTC_DRV_MV=y CONFIG_MV_XOR=y CONFIG_CRYPTO_DEV_MV_CESA=m +# CONFIG_PINCTRL_EXYNOS is not set +CONFIG_PINCTRL_MVEBU=y +CONFIG_PINCTRL_KIRKWOOD=y +# CONFIG_CPU_IDLE_KIRKWOOD is not set +CONFIG_POWER_RESET_QNAP=y +CONFIG_POWER_RESET_RESTART=y +CONFIG_KIRKWOOD_THERMAL=m +CONFIG_REGULATOR_LP8755=m +# CONFIG_DRM_TILCDC is not set +CONFIG_OF_DISPLAY_TIMING=y +CONFIG_OF_VIDEOMODE=y +CONFIG_SND_ATMEL_SOC=m + +CONFIG_TI_DAC7512=m +# CONFIG_LATTICE_ECP3_CONFIG is not set +# CONFIG_SPI_FSL_SPI is not set +CONFIG_SPI_ORION=m +CONFIG_SPI_PXA2XX=m +CONFIG_SPI_TOPCLIFF_PCH=m +# CONFIG_SPI_DW_PCI is not set +CONFIG_GPIO_RCAR=m +# CONFIG_LCD_ILI922X is not set +# CONFIG_LCD_LMS501KF03 is not set +# CONFIG_LCD_HX8357 is not set +CONFIG_USB_EHCI_HCD_ORION=m +CONFIG_RTC_DRV_RX4581=m +CONFIG_COMMON_CLK_SI5351=m + +# CONFIG_CPU_FEROCEON_OLD_ID is not set # CONFIG_INPUT_GP2A is not set # CONFIG_INPUT_GPIO_TILT_POLLED is not set +# CONFIG_HIGHPTE is not set +# CONFIG_VIRTUALIZATION is not set +# CONFIG_EDAC is not set +# CONFIG_SPI is not set CONFIG_FB_XGI=m + +# FIXME +# CONFIG_MACH_DB88F628X_BP_DT is not set +# CONFIG_MACH_SHEEVAPLUG_DT is not set +# CONFIG_PCI_MVEBU is not set +# CONFIG_NFC_NCI_SPI is not set +# CONFIG_ARM_CCI is not set +# CONFIG_AHCI_IMX is not set +# CONFIG_POWER_RESET_VEXPRESS is not set +# CONFIG_MFD_WM8997 is not set +# CONFIG_VEXPRESS_CONFIG is not set +# CONFIG_DRM_RCAR_DU is not set +# CONFIG_DRM_SHMOBILE is not set +# CONFIG_MMC_DW_SOCFPGA is not set diff --git a/config-arm-omap b/config-arm-omap deleted file mode 100644 index 36041f82d..000000000 --- a/config-arm-omap +++ /dev/null @@ -1,262 +0,0 @@ -CONFIG_ARCH_OMAP=y -# CONFIG_GPIO_PCA953X is not set -# CONFIG_KEYBOARD_GPIO_POLLED is not set -# TI OMAP Common Features -CONFIG_ARCH_OMAP_OTG=y -# CONFIG_ARCH_OMAP1 is not set -CONFIG_ARCH_OMAP2PLUS=y - -# -# OMAP Feature Selections -# -CONFIG_OMAP_SMARTREFLEX=y -CONFIG_OMAP_SMARTREFLEX_CLASS3=y -CONFIG_OMAP_RESET_CLOCKS=y -CONFIG_OMAP_MUX=y -# CONFIG_OMAP_MUX_DEBUG is not set -CONFIG_OMAP_MUX_WARNINGS=y -CONFIG_OMAP_MCBSP=y -CONFIG_OMAP_MBOX_FWK=m -CONFIG_OMAP_MBOX_KFIFO_SIZE=256 -CONFIG_OMAP_32K_TIMER=y -# CONFIG_OMAP3_L2_AUX_SECURE_SAVE_RESTORE is not set -CONFIG_OMAP_32K_TIMER_HZ=128 -CONFIG_OMAP_DM_TIMER=y -# CONFIG_OMAP_PM_NONE is not set -CONFIG_OMAP_PM_NOOP=y -CONFIG_OMAP_IOMMU=y -CONFIG_OMAP3_EMU=y -CONFIG_HWSPINLOCK_OMAP=m - -# -# TI OMAP2/3/4 Specific Features -# -CONFIG_ARCH_OMAP2PLUS_TYPICAL=y -# CONFIG_ARCH_OMAP2 is not set -CONFIG_ARCH_OMAP3=y -CONFIG_ARCH_OMAP4=y -CONFIG_SOC_OMAP3430=y -# CONFIG_SOC_OMAPTI81XX is not set -# CONFIG_SOC_OMAPAM33XX is not set -# CONFIG_SOC_OMAPTI816X is not set -CONFIG_OMAP_PACKAGE_CBB=y -CONFIG_OMAP_PACKAGE_CBL=y -CONFIG_OMAP_PACKAGE_CBS=y -# CONFIG_OMAP4_ERRATA_I688 is not set - -CONFIG_ARM_OMAP2PLUS_CPUFREQ=y - -# -# OMAP Board Type -# -CONFIG_MACH_OMAP_GENERIC=y -CONFIG_MACH_OMAP3_BEAGLE=y -CONFIG_MACH_DEVKIT8000=y -CONFIG_MACH_OMAP_LDP=y -CONFIG_MACH_OMAP3530_LV_SOM=y -CONFIG_MACH_OMAP3_TORPEDO=y -CONFIG_MACH_OVERO=y -CONFIG_MACH_OMAP3EVM=y -CONFIG_MACH_OMAP3517EVM=y -CONFIG_MACH_CRANEBOARD=y -CONFIG_MACH_OMAP3_PANDORA=y -CONFIG_MACH_OMAP3_TOUCHBOOK=y -CONFIG_MACH_OMAP_3430SDP=y -CONFIG_MACH_OMAP_ZOOM2=y -CONFIG_MACH_OMAP_ZOOM3=y -CONFIG_MACH_CM_T35=y -CONFIG_MACH_CM_T3517=y -CONFIG_MACH_IGEP0020=y -CONFIG_MACH_IGEP0030=y -CONFIG_MACH_SBC3530=y -CONFIG_MACH_OMAP_3630SDP=y -CONFIG_MACH_OMAP_4430SDP=y -CONFIG_MACH_OMAP4_PANDA=y -CONFIG_MACH_TI8168EVM=y -# CONFIG_MACH_NOKIA_RM680 is not set -# CONFIG_MACH_NOKIA_RX51 is not set -# CONFIG_MACH_TI8148EVM is not set -CONFIG_MACH_OMAP3_WESTBRIDGE_AST_PNAND_HAL=y - - -# CONFIG_OMAP3_SDRC_AC_TIMING is not set - - -# System MMU -CONFIG_CPU_32v6K=y -CONFIG_CPU_V7=y -CONFIG_CPU_32v7=y -CONFIG_CPU_ABRT_EV7=y -CONFIG_CPU_PABRT_V7=y -CONFIG_CPU_CACHE_V7=y -CONFIG_CPU_CACHE_VIPT=y -CONFIG_CPU_COPY_V6=y -CONFIG_CPU_TLB_V7=y -CONFIG_CPU_HAS_ASID=y -CONFIG_ARM_THUMBEE=y -CONFIG_SWP_EMULATE=y -# CONFIG_CPU_BPREDICT_DISABLE is not set -CONFIG_OUTER_CACHE=y -CONFIG_OUTER_CACHE_SYNC=y -CONFIG_CACHE_L2X0=y -CONFIG_CACHE_PL310=y -CONFIG_ARM_DMA_MEM_BUFFERABLE=y -CONFIG_CPU_HAS_PMU=y -CONFIG_ARM_ERRATA_430973=y -# CONFIG_ARM_ERRATA_458693 is not set -# CONFIG_ARM_ERRATA_460075 is not set -# CONFIG_ARM_ERRATA_742230 is not set -# CONFIG_ARM_ERRATA_742231 is not set -CONFIG_PL310_ERRATA_588369=y -CONFIG_PL310_ERRATA_769419=y -CONFIG_ARM_ERRATA_720789=y -# CONFIG_ARM_ERRATA_743622 is not set -# CONFIG_ARM_ERRATA_751472 is not set -# CONFIG_ARM_ERRATA_753970 is not set -# CONFIG_ARM_ERRATA_754322 is not set -# CONFIG_ARM_ERRATA_754327 is not set -# CONFIG_ARM_ERRATA_764369 is not set -CONFIG_ARM_GIC=y -CONFIG_HAVE_ARM_SCU=y -CONFIG_HAVE_ARM_TWD=y -CONFIG_HOTPLUG_CPU=y -CONFIG_LOCAL_TIMERS=y -CONFIG_HZ=128 -# CONFIG_THUMB2_KERNEL is not set -CONFIG_ARCH_HAS_HOLES_MEMORYMODEL=y -CONFIG_SPLIT_PTLOCK_CPUS=4 -# CONFIG_KSM is not set -CONFIG_ZBOOT_ROM_TEXT=0x0 -CONFIG_ZBOOT_ROM_BSS=0x0 -CONFIG_CMDLINE="" -# CONFIG_AUTO_ZRELADDR is not set -CONFIG_VFPv3=y -CONFIG_NEON=y -# CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS is not set -CONFIG_BINFMT_MISC=m -CONFIG_PM_DEBUG=y -# CONFIG_PM_ADVANCED_DEBUG is not set -# CONFIG_PM_VERBOSE is not set -CONFIG_CAN_PM_TRACE=y -CONFIG_PM_SLEEP_SMP=y -CONFIG_ARCH_HAS_OPP=y -CONFIG_PM_OPP=y - -# -# OMAP Hardware -# -CONFIG_TI_ST=m -CONFIG_GPIOLIB=y -CONFIG_MTD_NAND_OMAP2=y -CONFIG_MTD_NAND_OMAP_PREFETCH=y -CONFIG_MTD_NAND_OMAP_PREFETCH_DMA=y -CONFIG_WL1251_SPI=m -CONFIG_WL12XX_SPI=m -CONFIG_WL12XX_SDIO_TEST=m -CONFIG_INPUT_TWL4030_PWRBUTTON=m -CONFIG_INPUT_TWL4030_VIBRA=m -CONFIG_INPUT_TWL6040_VIBRA=m -CONFIG_KEYBOARD_OMAP4=m -CONFIG_TOUCHSCREEN_TI_TSCADC=m -CONFIG_SERIAL_OMAP=y -CONFIG_SERIAL_OMAP_CONSOLE=y -CONFIG_OMAP_WATCHDOG=y -CONFIG_TWL4030_CORE=y -# CONFIG_TWL4030_MADC is not set -CONFIG_TWL4030_POWER=y -CONFIG_TWL4030_CODEC=y -CONFIG_GPIO_TWL4030=m -CONFIG_CHARGER_TWL4030=m -# CONFIG_TWL6030_PWM is not set - -CONFIG_MTD_ONENAND_OMAP2=y -CONFIG_I2C_OMAP=y -CONFIG_SPI_OMAP24XX=y -# CONFIG_MFD_OMAP_USB_HOST is not set -# CONFIG_MFD_WL1273_CORE is not set -CONFIG_REGULATOR_TWL4030=y -CONFIG_VIDEO_OMAP2_VOUT=m -# CONFIG_VIDEO_OMAP3 is not set - -CONFIG_DRM=m -CONFIG_DRM_OMAP=m -# CONFIG_FB_OMAP_BOOTLOADER_INIT is not set -# CONFIG_FB_OMAP_LCD_VGA is not set -CONFIG_OMAP2_VRAM=y -CONFIG_OMAP2_VRFB=y -CONFIG_OMAP2_DSS=y -CONFIG_OMAP2_VRAM_SIZE=12 -CONFIG_OMAP2_DSS_DEBUG_SUPPORT=y -# CONFIG_OMAP2_DSS_COLLECT_IRQ_STATS is not set -CONFIG_OMAP2_DSS_DPI=y -# CONFIG_OMAP2_DSS_RFBI is not set -ONFIG_OMAP2_DSS_VENC=y -CONFIG_OMAP4_DSS_HDMI=y -# CONFIG_OMAP2_DSS_SDI is not set -# CONFIG_OMAP2_DSS_DSI is not set -# CONFIG_OMAP2_DSS_FAKE_VSYNC is not set -CONFIG_OMAP2_DSS_MIN_FCK_PER_PCK=1 -CONFIG_OMAP2_DSS_SLEEP_BEFORE_RESET=y -CONFIG_OMAP2_DSS_SLEEP_AFTER_VENC_RESET=y -# CONFIG_FB_OMAP2 is not set - -# -# OMAP2/3 Display Device Drivers -# -CONFIG_PANEL_GENERIC_DPI=y -CONFIG_PANEL_SHARP_LS037V7DW01=y -CONFIG_PANEL_NEC_NL8048HL11_01B=y -CONFIG_PANEL_TPO_TD043MTEA1=y - -CONFIG_SND_OMAP_SOC=y -CONFIG_SND_OMAP_SOC_MCBSP=y -CONFIG_SND_OMAP_SOC_MCPDM=y -CONFIG_SND_OMAP_SOC_OVERO=y -CONFIG_SND_OMAP_SOC_OMAP3EVM=y -CONFIG_SND_OMAP_SOC_AM3517EVM=y -CONFIG_SND_OMAP_SOC_SDP3430=y -CONFIG_SND_OMAP_SOC_SDP4430=y -CONFIG_SND_OMAP_SOC_OMAP3_PANDORA=y -CONFIG_SND_OMAP_SOC_OMAP3_BEAGLE=y -CONFIG_SND_OMAP_SOC_ZOOM2=y -CONFIG_SND_OMAP_SOC_IGEP0020=y -# Because alsa is modular http://www.spinics.net/lists/linux-omap/msg67307.html -# CONFIG_SND_OMAP_SOC_OMAP4_HDMI is not set -CONFIG_SND_OMAP_SOC_OMAP_ABE_TWL6040=m -CONFIG_SND_SOC_I2C_AND_SPI=y -# CONFIG_SND_OMAP_SOC_RX51 is not set -# CONFIG_SND_SOC_ALL_CODECS is not set -CONFIG_SND_SOC_TLV320AIC23=y -CONFIG_SND_SOC_TLV320AIC3X=y -CONFIG_SND_SOC_TWL4030=y -CONFIG_SND_SOC_TWL6040=y -CONFIG_RADIO_WL128X - -CONFIG_USB_OTG=y -CONFIG_USB_EHCI_HCD_OMAP=y -CONFIG_USB_MUSB_OMAP2PLUS=y -CONFIG_USB_MUSB_HDRC=y -CONFIG_MUSB_PIO_ONLY=y -# CONFIG_USB_MUSB_DEBUG is not set -# - -# CONFIG_USB_GADGET_OMAP is not set -# CONFIG_ISP1301_OMAP is not set -CONFIG_MMC_OMAP=m -CONFIG_MMC_OMAP_HS=y -CONFIG_TWL4030_USB=y -CONFIG_TWL6030_USB=y -CONFIG_RTC_DRV_TWL4030=y - -CONFIG_TIDSPBRIDGE=m -CONFIG_TIDSPBRIDGE_MEMPOOL_SIZE=0x600000 -# CONFIG_TIDSPBRIDGE_DEBUG is not set -CONFIG_TIDSPBRIDGE_RECOVERY=y -# CONFIG_TIDSPBRIDGE_CACHE_LINE_CHECK is not set -CONFIG_TIDSPBRIDGE_WDT3=y -CONFIG_TIDSPBRIDGE_WDT_TIMEOUT=5 -# CONFIG_TIDSPBRIDGE_NTFY_PWRERR is not set -# CONFIG_TIDSPBRIDGE_BACKTRACE is not set - -CONFIG_CRYPTO_DEV_OMAP_SHAM=m -CONFIG_CRYPTO_DEV_OMAP_AES=m diff --git a/config-arm-tegra b/config-arm-tegra deleted file mode 100644 index 870ddc526..000000000 --- a/config-arm-tegra +++ /dev/null @@ -1,91 +0,0 @@ -CONFIG_ARCH_TEGRA=y - -CONFIG_ARCH_TEGRA_2x_SOC=y -# CONFIG_ARCH_TEGRA_3x_SOC is not set -# CONFIG_ARM_LPAE is not set -CONFIG_TEGRA_PCI=y - -CONFIG_VFP=y -CONFIG_VFPv3=y - -CONFIG_MACH_HARMONY=y -CONFIG_MACH_KAEN=y -CONFIG_MACH_PAZ00=y -CONFIG_MACH_SEABOARD=y -CONFIG_MACH_TEGRA_DT=y -CONFIG_MACH_TRIMSLICE=y -CONFIG_MACH_WARIO=y -CONFIG_MACH_TEGRA_DT=y -CONFIG_MACH_VENTANA=y - -CONFIG_TEGRA_DEBUG_UARTD=y -CONFIG_NR_CPUS=4 -CONFIG_ARM_CPU_TOPOLOGY=y - -CONFIG_TEGRA_IOMMU_GART=y -CONFIG_TEGRA_IOMMU_SMMU=y - -CONFIG_I2C_TEGRA=y - -CONFIG_MMC_SDHCI_TEGRA=y - -# CONFIG_RCU_BOOST is not set -CONFIG_TEGRA_SYSTEM_DMA=y -CONFIG_TEGRA_EMC_SCALING_ENABLE=y -CONFIG_ARM_THUMBEE=y -CONFIG_SWP_EMULATE=y -# CONFIG_CPU_BPREDICT_DISABLE is not set -CONFIG_CACHE_L2X0=y -CONFIG_ARM_ERRATA_430973=y -# CONFIG_ARM_ERRATA_458693 is not set -# CONFIG_ARM_ERRATA_460075 is not set -CONFIG_ARM_ERRATA_742230=y -# CONFIG_ARM_ERRATA_742231 is not set -CONFIG_PL310_ERRATA_588369=y -CONFIG_PL310_ERRATA_769419=y -CONFIG_ARM_ERRATA_720789=y -# CONFIG_PL310_ERRATA_727915 is not set -# CONFIG_ARM_ERRATA_743622 is not set -# CONFIG_ARM_ERRATA_751472 is not set -# CONFIG_ARM_ERRATA_753970 is not set -# CONFIG_ARM_ERRATA_754322 is not set -# CONFIG_ARM_ERRATA_754327 is not set -# CONFIG_ARM_ERRATA_764369 is not set -CONFIG_LOCAL_TIMERS=y -# CONFIG_THUMB2_KERNEL is not set -# CONFIG_NEON is not set -CONFIG_GPIO_GENERIC_PLATFORM=y -# CONFIG_GPIO_MCP23S08 is not set -# CONFIG_KEYBOARD_TEGRA is not set -# CONFIG_MPCORE_WATCHDOG is not set -CONFIG_USB_EHCI_TEGRA=y -CONFIG_RTC_DRV_TEGRA=y - -CONFIG_SND_SOC_TEGRA=m -CONFIG_SND_SOC_TEGRA_ALC5632=m -CONFIG_SND_SOC_TEGRA_WM8903=m -CONFIG_SND_SOC_TEGRA_TRIMSLICE=m -# CONFIG_SND_SOC_TEGRA30_AHUB is not set -# CONFIG_SND_SOC_TEGRA30_I2S is not set - -CONFIG_MFD_NVEC=y -CONFIG_KEYBOARD_NVEC=y -CONFIG_SERIO_NVEC_PS2=y -CONFIG_NVEC_POWER=y -CONFIG_POWER_SUPPLY=y -CONFIG_NVEC_LEDS=y - -CONFIG_CPU_PM=y -CONFIG_ARM_CPU_SUSPEND=y - -#CONFIG_CRYPTO_DEV_TEGRA_AES=m - -CONFIG_PL310_ERRATA_753970=y -CONFIG_LEDS_RENESAS_TPU=y - -CONFIG_OF=y -CONFIG_SERIAL_OF_PLATFORM=y -CONFIG_OF_GPIO=y -CONFIG_OF_PCI=y -CONFIG_OF_PCI_IRQ=y - diff --git a/config-arm-versatile b/config-arm-versatile deleted file mode 100644 index 54499f9b9..000000000 --- a/config-arm-versatile +++ /dev/null @@ -1,73 +0,0 @@ -CONFIG_ARCH_VEXPRESS=y -CONFIG_ARCH_VEXPRESS_CA9X4=y -CONFIG_PLAT_VERSATILE_CLCD=y -CONFIG_PLAT_VERSATILE_SCHED_CLOCK=y -CONFIG_PLAT_VERSATILE=y -CONFIG_ARM_TIMER_SP804=y - -CONFIG_CPU_V7=y -CONFIG_CPU_32v6K=y -CONFIG_CPU_32v7=y -CONFIG_CPU_ABRT_EV7=y -CONFIG_CPU_PABRT_V7=y -CONFIG_CPU_CACHE_V7=y -CONFIG_CPU_CACHE_VIPT=y -CONFIG_CPU_COPY_V6=y -CONFIG_CPU_TLB_V7=y -CONFIG_CPU_HAS_ASID=y -CONFIG_CPU_CP15=y -CONFIG_CPU_CP15_MMU=y -CONFIG_CPU_HAS_PMU=y - -# Need to verify whether these are generic or vexpress specific -CONFIG_ARM_AMBA=y - -CONFIG_VFP=y -CONFIG_VFPv3=y - -CONFIG_CPUSETS=y -# CONFIG_THUMB2_AVOID_R_ARM_THM_JUMP11 is not set -# CONFIG_THUMB2_KERNEL is not set -CONFIG_TICK_ONESHOT=y - -CONFIG_ARM_ASM_UNIFIED=y -CONFIG_ARM_CPU_TOPOLOGY=y -CONFIG_ARM_DMA_MEM_BUFFERABLE=y - -CONFIG_ARM_ERRATA_720789=y -CONFIG_ARM_ERRATA_751472=y -CONFIG_ARM_ERRATA_753970=y - -CONFIG_ARM_GIC=y -CONFIG_ARM_L1_CACHE_SHIFT=5 - -CONFIG_ARM_THUMB=y -CONFIG_ARM_TIMER_SP804=y -CONFIG_ARM_UNWIND=y - -CONFIG_FB=y -CONFIG_FB_ARMCLCD=y -CONFIG_FB_CFB_COPYAREA=y -CONFIG_FB_CFB_FILLRECT=y -CONFIG_FB_CFB_IMAGEBLIT=y - -CONFIG_TOUCHSCREEN_ADS7846=m - -CONFIG_CMDLINE="console=ttyAM0,115200 root=/dev/sda1 rootdelay=20" - -CONFIG_SERIO_AMBAKMI=m -CONFIG_SERIAL_AMBA_PL011=y -CONFIG_SERIAL_AMBA_PL011_CONSOLE=y - -CONFIG_FB_ARMCLCD=m - -CONFIG_MMC_ARMMMCI=y -CONFIG_MMC_DW=m -# CONFIG_MMC_DW_IDMAC is not set - -# CONFIG_ARM_CHARLCD is not set -CONFIG_PL330_DMA=y -CONFIG_RTC_DRV_PL030=y -CONFIG_RTC_DRV_PL031=y - -CONFIG_I2C_VERSATILE=y diff --git a/config-armv7 b/config-armv7 new file mode 100644 index 000000000..5fb4e9380 --- /dev/null +++ b/config-armv7 @@ -0,0 +1,678 @@ +# ARM unified arch kernel + +# CONFIG_ARCH_EXYNOS_MULTI is not set +# CONFIG_ARCH_KEYSTONE is not set +CONFIG_ARCH_MVEBU=y +CONFIG_ARCH_MXC=y +CONFIG_ARCH_OMAP2PLUS=y +CONFIG_ARCH_PICOXCELL=y +CONFIG_ARCH_ROCKCHIP=y +CONFIG_ARCH_SOCFPGA=y +CONFIG_ARCH_SUNXI=y +CONFIG_ARCH_TEGRA=y +# CONFIG_ARCH_U8500 is not set +# CONFIG_ARCH_VIRT is not set +CONFIG_ARCH_ZYNQ=y + +# These are supported in the LPAE kernel +# CONFIG_ARM_LPAE is not set +# CONFIG_XEN is not set +# CONFIG_VIRTIO_CONSOLE is not set +# CONFIG_ARM_VIRT_EXT is not set + +# Generic +CONFIG_REMOTEPROC=m + +# FIXME should be generic (I think it's enabled by default) +CONFIG_FB=y +CONFIG_FB_ARMCLCD=m +CONFIG_FB_CFB_COPYAREA=m +CONFIG_FB_CFB_FILLRECT=m +CONFIG_FB_CFB_IMAGEBLIT=m +CONFIG_TOUCHSCREEN_ADS7846=m + +CONFIG_OC_ETM=y + +# mvebu +CONFIG_MACH_ARMADA_370_XP=y +CONFIG_MACH_ARMADA_370=y +CONFIG_MACH_ARMADA_XP=y + +CONFIG_MVEBU_DEVBUS=y +CONFIG_PCI_MVEBU=y +CONFIG_CACHE_TAUROS2=y +CONFIG_MV_XOR=y +CONFIG_CRYPTO_DEV_MV_CESA=m +CONFIG_MV643XX_ETH=m +CONFIG_I2C_MV64XXX=m +CONFIG_PINCTRL_MVEBU=y +CONFIG_PINCTRL_ARMADA_370=y +CONFIG_PINCTRL_ARMADA_XP=y +CONFIG_PINCTRL_DOVE=y +CONFIG_EDAC_MV64X60=m +CONFIG_RTC_DRV_S35390A=m +CONFIG_RTC_DRV_88PM80X=m +CONFIG_RTC_DRV_MV=m +CONFIG_MVNETA=m +CONFIG_GPIO_MVEBU=y +CONFIG_MVEBU_CLK_CORE=y +CONFIG_MVEBU_CLK_GATING=y +CONFIG_MMC_MVSDIO=m +CONFIG_SPI_ORION=m +CONFIG_USB_MV_UDC=m +CONFIG_MVEBU_MBUS=y +CONFIG_ARMADA_THERMAL=m + +# omap +CONFIG_ARCH_OMAP2PLUS_TYPICAL=y +# CONFIG_ARCH_OMAP2 is not set +CONFIG_ARCH_OMAP3=y +CONFIG_ARCH_OMAP4=y +CONFIG_SOC_OMAP5=y +# CONFIG_SOC_OMAP2420 is not set +# CONFIG_SOC_OMAP2430 is not set +CONFIG_SOC_OMAP3430=y +CONFIG_SOC_TI81XX=y +CONFIG_SOC_AM33XX=y +CONFIG_SOC_AM43XX=y +CONFIG_MACH_OMAP_GENERIC=y +CONFIG_MACH_OMAP3_BEAGLE=y +CONFIG_MACH_DEVKIT8000=y +CONFIG_MACH_OMAP_LDP=y +CONFIG_MACH_OMAP3530_LV_SOM=y +CONFIG_MACH_OMAP3_TORPEDO=y +CONFIG_MACH_OVERO=y +CONFIG_MACH_OMAP3EVM=y +CONFIG_MACH_OMAP3517EVM=y +CONFIG_MACH_CRANEBOARD=y +CONFIG_MACH_OMAP3_PANDORA=y +CONFIG_MACH_TOUCHBOOK=y +CONFIG_MACH_OMAP_3430SDP=y +# CONFIG_MACH_NOKIA_N8X0 is not set +# CONFIG_MACH_NOKIA_RM680 is not set +# CONFIG_MACH_NOKIA_RX51 is not set +CONFIG_MACH_OMAP_ZOOM2=y +CONFIG_MACH_OMAP_ZOOM3=y +CONFIG_MACH_CM_T35=y +CONFIG_MACH_CM_T3517=y +CONFIG_MACH_IGEP0030=y +CONFIG_MACH_SBC3530=y +CONFIG_MACH_OMAP_3630SDP=y +CONFIG_MACH_TI8168EVM=y +CONFIG_MACH_TI8148EVM=y + +CONFIG_SOC_HAS_REALTIME_COUNTER=y +CONFIG_OMAP_RESET_CLOCKS=y +CONFIG_OMAP_MUX=y +CONFIG_OMAP_MUX_WARNINGS=y +CONFIG_OMAP_32K_TIMER=y +CONFIG_OMAP_32K_TIMER_HZ=128 +# CONFIG_OMAP3_L2_AUX_SECURE_SAVE_RESTORE is not set + +CONFIG_OMAP_MCBSP=y +CONFIG_OMAP2PLUS_MBOX=m +CONFIG_OMAP_MBOX_FWK=m +CONFIG_OMAP_MBOX_KFIFO_SIZE=256 +CONFIG_OMAP_DM_TIMER=y +CONFIG_OMAP_PM_NOOP=y +CONFIG_DMA_OMAP=y +CONFIG_OMAP_IOMMU=y +CONFIG_OMAP_IOVMM=m +CONFIG_HWSPINLOCK_OMAP=m +CONFIG_OMAP3_EMU=y +# CONFIG_OMAP3_SDRC_AC_TIMING is not set +CONFIG_OMAP_WATCHDOG=m +CONFIG_TWL4030_WATCHDOG=m + +CONFIG_TI_ST=m +CONFIG_TI_EDMA=y +CONFIG_TI_SOC_THERMAL=m +CONFIG_TI_DAC7512=m +CONFIG_TI_DAVINCI_EMAC=m +CONFIG_TI_DAVINCI_MDIO=m +CONFIG_TI_DAVINCI_CPDMA=m +CONFIG_TI_CPSW=m +CONFIG_TI_CPTS=y +CONFIG_TI_EMIF=m +CONFIG_MFD_TPS65217=m +CONFIG_REGULATOR_TI_ABB=y +CONFIG_REGULATOR_TPS65217=m +CONFIG_BACKLIGHT_TPS65217=m + +CONFIG_SERIAL_OMAP=y +CONFIG_SERIAL_OMAP_CONSOLE=y + +CONFIG_GPIO_TWL4030=m +CONFIG_GPIO_TWL6040=m +CONFIG_I2C_OMAP=m +CONFIG_CHARGER_TWL4030=m +CONFIG_OMAP_WATCHDOG=m +CONFIG_TWL4030_CORE=y +CONFIG_TWL4030_MADC=m +CONFIG_TWL4030_POWER=y +CONFIG_TWL4030_WATCHDOG=m +CONFIG_TWL4030_USB=m +CONFIG_TWL6030_USB=m +CONFIG_TWL6030_PWM=m +CONFIG_TWL6040_CORE=y +CONFIG_CLK_TWL6040=m +CONFIG_OMAP_INTERCONNECT=m +# CONFIG_MFD_TPS80031 is not set +CONFIG_MFD_TI_AM335X_TSCADC=m +CONFIG_MFD_OMAP_USB_HOST=y +CONFIG_MTD_ONENAND_OMAP2=m +CONFIG_HDQ_MASTER_OMAP=m +CONFIG_REGULATOR_TWL4030=y +CONFIG_BACKLIGHT_PANDORA=m +CONFIG_OMAP_OCP2SCP=m +CONFIG_OMAP_USB2=m +CONFIG_OMAP_USB3=m +CONFIG_USB_EHCI_HCD_OMAP=m +CONFIG_USB_OHCI_HCD_PLATFORM=m +CONFIG_USB_OHCI_HCD_OMAP3=y +CONFIG_USB_MUSB_AM35X=m +CONFIG_USB_MUSB_OMAP2PLUS=m +CONFIG_USB_MUSB_HDRC=m +CONFIG_USB_GADGET_MUSB_HDRC=m +# CONFIG_MUSB_PIO_ONLY is not set +# CONFIG_USB_MUSB_DEBUG is not set +CONFIG_OMAP_CONTROL_USB=m +CONFIG_MMC_OMAP=y +CONFIG_MMC_OMAP_HS=y +CONFIG_RTC_DRV_MAX8907=m +# CONFIG_RTC_DRV_TWL92330 is not set +CONFIG_RTC_DRV_TWL4030=y +CONFIG_RTC_DRV_OMAP=y +CONFIG_SENSORS_TWL4030_MADC=m + +CONFIG_WL_TI=y +CONFIG_WLCORE_SDIO=m +CONFIG_WLCORE_SPI=m +CONFIG_WL1251_SPI=m +CONFIG_WL12XX_SPI=m +CONFIG_WL12XX_SDIO_TEST=m +CONFIG_WL18XX=m +CONFIG_WILINK_PLATFORM_DATA=y +CONFIG_MFD_WL1273_CORE=m +CONFIG_NFC_WILINK=m + +CONFIG_MTD_NAND_OMAP2=m +CONFIG_SPI_DAVINCI=m +CONFIG_SPI_OMAP24XX=m +CONFIG_MFD_TI_SSP=m +CONFIG_SPI_TI_SSP=m + +CONFIG_INPUT_TWL4030_PWRBUTTON=m +CONFIG_INPUT_TWL4030_VIBRA=m +CONFIG_INPUT_TWL6040_VIBRA=m +CONFIG_KEYBOARD_OMAP4=m +CONFIG_KEYBOARD_TWL4030=m +CONFIG_TOUCHSCREEN_TI_TSCADC=m + +# OMAP thermal temp. Can likely be built as module but doesn't autoload so build in to ensure performance on PandaES +CONFIG_OMAP_BANDGAP=y +CONFIG_OMAP4_THERMAL=y +CONFIG_OMAP5_THERMAL=y + +# OMAP3 thermal/power +CONFIG_POWER_AVS=y +CONFIG_POWER_AVS_OMAP=y +CONFIG_POWER_AVS_OMAP_CLASS3=y + +CONFIG_ARM_OMAP2PLUS_CPUFREQ=y + +CONFIG_PWM_TIECAP=m +CONFIG_PWM_TIEHRPWM=m +CONFIG_PWM_TWL=m +CONFIG_PWM_TWL_LED=m + +CONFIG_CRYPTO_DEV_OMAP_SHAM=m +CONFIG_CRYPTO_DEV_OMAP_AES=m +CONFIG_HW_RANDOM_OMAP=m + +CONFIG_DRM_TILCDC=m +CONFIG_DRM_OMAP=m +CONFIG_DRM_OMAP_NUM_CRTCS=2 +CONFIG_OMAP2_VRFB=y +# CONFIG_FB_OMAP_BOOTLOADER_INIT is not set +# CONFIG_FB_OMAP_LCD_VGA is not set +# CONFIG_FB_OMAP2 is not set +# CONFIG_FB_DA8XX is not set + +CONFIG_OMAP2_DSS=m +CONFIG_OMAP2_DSS_DEBUG_SUPPORT=y +# CONFIG_OMAP2_DSS_COLLECT_IRQ_STATS is not set +CONFIG_OMAP2_DSS_DPI=y +CONFIG_OMAP2_DSS_RFBI=y +CONFIG_OMAP2_DSS_VENC=y +CONFIG_OMAP4_DSS_HDMI=y +CONFIG_OMAP2_DSS_SDI=y +CONFIG_OMAP2_DSS_DSI=y +# CONFIG_OMAP2_DSS_FAKE_VSYNC is not set +CONFIG_OMAP2_DSS_MIN_FCK_PER_PCK=0 +CONFIG_OMAP2_DSS_SLEEP_BEFORE_RESET=y +CONFIG_OMAP2_DSS_SLEEP_AFTER_VENC_RESET=y + +CONFIG_PANEL_GENERIC_DPI=m +CONFIG_PANEL_TFP410=m +CONFIG_PANEL_SHARP_LS037V7DW01=m +CONFIG_PANEL_PICODLP=m +CONFIG_PANEL_TAAL=m +CONFIG_PANEL_NEC_NL8048HL11_01B=m +CONFIG_PANEL_TPO_TD043MTEA1=m +CONFIG_PANEL_LGPHILIPS_LB035Q02=m +CONFIG_PANEL_ACX565AKM=m +# CONFIG_PANEL_N8X0 is not set + +CONFIG_DISPLAY_ENCODER_TFP410=m +CONFIG_DISPLAY_ENCODER_TPD12S015=m +CONFIG_DISPLAY_CONNECTOR_DVI=m +CONFIG_DISPLAY_CONNECTOR_HDMI=m +CONFIG_DISPLAY_CONNECTOR_ANALOG_TV=m +CONFIG_DISPLAY_PANEL_DPI=m +CONFIG_DISPLAY_PANEL_DSI_CM=m +CONFIG_DISPLAY_PANEL_SONY_ACX565AKM=m +CONFIG_DISPLAY_PANEL_LGPHILIPS_LB035Q02=m +CONFIG_DISPLAY_PANEL_SHARP_LS037V7DW01=m +CONFIG_DISPLAY_PANEL_TPO_TD043MTEA1=m +CONFIG_DISPLAY_PANEL_NEC_NL8048HL11=m + +# Enable V4L2 drivers for OMAP2+ +CONFIG_MEDIA_CONTROLLER=y +CONFIG_VIDEO_V4L2_SUBDEV_API=y +CONFIG_V4L_PLATFORM_DRIVERS=y +# CONFIG_VIDEO_OMAP2_VOUT is not set +# CONFIG_VIDEO_OMAP3 is not set +# CONFIG_VIDEO_VPFE_CAPTURE is not set +# The ones below are for TI Davinci +# CONFIG_VIDEO_VPSS_SYSTEM is not set +# CONFIG_VIDEO_DM6446_CCDC is not set +# CONFIG_VIDEO_DM644X_VPBE is not set +# CONFIG_VIDEO_DM355_CCDC is not set +# CONFIG_VIDEO_ISIF is not set +# Also enable vivi driver - useful for testing a full kernelspace V4L2 driver +CONFIG_V4L_TEST_DRIVERS=y +CONFIG_VIDEO_VIVI=m + +CONFIG_SND_OMAP_SOC_OMAP_ABE_TWL6040=m +CONFIG_SND_OMAP_SOC_OMAP_HDMI=m +CONFIG_SND_OMAP_SOC_OMAP_TWL4030=m +CONFIG_SND_OMAP_SOC_OMAP3_PANDORA=m + +CONFIG_SND_OMAP_SOC=m +CONFIG_SND_SOC_I2C_AND_SPI=m +CONFIG_SND_OMAP_SOC_AM3517EVM=m +CONFIG_SND_OMAP_SOC_DMIC=m +CONFIG_SND_OMAP_SOC_IGEP0020=m +CONFIG_SND_OMAP_SOC_MCBSP=m +CONFIG_SND_OMAP_SOC_MCPDM=m +CONFIG_SND_OMAP_SOC_OMAP_HDMI=m +CONFIG_SND_OMAP_SOC_OMAP_ABE_TWL6040=m +CONFIG_SND_OMAP_SOC_OMAP_TWL4030=m +CONFIG_SND_OMAP_SOC_OMAP3EVM=m +CONFIG_SND_OMAP_SOC_OMAP3_BEAGLE=m +CONFIG_SND_OMAP_SOC_OMAP3_PANDORA=m +CONFIG_SND_OMAP_SOC_OVERO=m +# CONFIG_SND_OMAP_SOC_RX51 is not set +CONFIG_SND_OMAP_SOC_SDP4430=m +CONFIG_SND_SOC_TLV320AIC23=m +CONFIG_SND_SOC_TLV320AIC3X=m +CONFIG_SND_SOC_TWL4030=m +CONFIG_SND_SOC_TWL6040=m +CONFIG_SND_SOC_PCM1792A=m +CONFIG_RADIO_WL128X=m + +CONFIG_OMAP_REMOTEPROC=m + +# CONFIG_TIDSPBRIDGE is not set +# CONFIG_TIDSPBRIDGE_MEMPOOL_SIZE=0x600000 +# CONFIG_TIDSPBRIDGE_DEBUG is not set +# CONFIG_TIDSPBRIDGE_RECOVERY=y +# CONFIG_TIDSPBRIDGE_CACHE_LINE_CHECK is not set +# CONFIG_TIDSPBRIDGE_WDT3=y +# CONFIG_TIDSPBRIDGE_WDT_TIMEOUT=5 +# CONFIG_TIDSPBRIDGE_NTFY_PWRERR is not set +# CONFIG_TIDSPBRIDGE_BACKTRACE is not set + +# CONFIG_OMAP2_DSS_DEBUGFS is not set +# CONFIG_OMAP_IOMMU_DEBUG is not set +# CONFIG_OMAP_MUX_DEBUG is not set +# CONFIG_VIDEO_OMAP3_DEBUG is not set + +# Allwinner a1x +CONFIG_PINCTRL_SUNXI=y +CONFIG_MDIO_SUN4I=m +CONFIG_NET_VENDOR_ALLWINNER=y +CONFIG_SUN4I_EMAC=m + +# imx +CONFIG_MXC_IRQ_PRIOR=y +# CONFIG_MXC_DEBUG_BOARD is not set +CONFIG_MACH_IMX51_DT=y +# CONFIG_MACH_MX51_BABBAGE is not set +# CONFIG_MACH_EUKREA_CPUIMX51SD is not set +CONFIG_SOC_IMX53=y +CONFIG_SOC_IMX6Q=y +CONFIG_SOC_IMX6SL=y +CONFIG_PATA_IMX=m +CONFIG_USB_CHIPIDEA=m +CONFIG_USB_CHIPIDEA_UDC=y +CONFIG_USB_CHIPIDEA_HOST=y +# CONFIG_USB_CHIPIDEA_DEBUG is not set +CONFIG_NET_VENDOR_FREESCALE=y +CONFIG_FEC=m +CONFIG_KEYBOARD_IMX=m +CONFIG_SERIAL_IMX=y +CONFIG_SERIAL_IMX_CONSOLE=y +CONFIG_I2C_IMX=m +CONFIG_SPI_IMX=m +CONFIG_MFD_MC13783=m +CONFIG_MFD_MC13XXX_SPI=m +CONFIG_W1_MASTER_MXC=m +CONFIG_IMX_WEIM=y +CONFIG_IMX2_WDT=m +CONFIG_CRYPTO_DEV_SAHARA=m +# CONFIG_FB_MX3 is not set +CONFIG_SND_IMX_SOC=m +CONFIG_SND_SOC_FSL_SSI=m +CONFIG_SND_SOC_FSL_UTILS=m +CONFIG_SND_SOC_IMX_SSI=m +CONFIG_SND_SOC_IMX_AUDMUX=m +CONFIG_SND_SOC_IMX_PCM_FIQ=m +CONFIG_SND_SOC_IMX_PCM_DMA=m +CONFIG_SND_SOC_IMX_SGTL5000=m +CONFIG_SND_SOC_IMX_WM8962=m +CONFIG_SND_SOC_IMX_MC13783=m +CONFIG_USB_EHCI_MXC=m +CONFIG_USB_IMX21_HCD=m +CONFIG_USB_MXS_PHY=m +CONFIG_MMC_SDHCI_ESDHC_IMX=m +CONFIG_MMC_MXC=m +CONFIG_SPI_MXS=m +CONFIG_RTC_DRV_IMXDI=m +CONFIG_RTC_DRV_MXC=m +# CONFIG_MX3_IPU is not set +# CONFIG_MX3_IPU_IRQS is not set +CONFIG_IMX_SDMA=m +CONFIG_IMX_DMA=m +CONFIG_AHCI_IMX=m +# CONFIG_MXS_DMA is not set +CONFIG_PWM_IMX=m +CONFIG_BACKLIGHT_PWM=m +CONFIG_DRM_IMX=m +CONFIG_DRM_IMX_FB_HELPER=m +CONFIG_DRM_IMX_IPUV3_CORE=m +CONFIG_DRM_IMX_IPUV3=m +# CONFIG_DRM_IMX_LDB is not set +CONFIG_DRM_IMX_PARALLEL_DISPLAY=m +CONFIG_DRM_IMX_TVE=m +CONFIG_VIDEO_CODA=m +CONFIG_SENSORS_MC13783_ADC=m +CONFIG_REGULATOR_MC13783=m +CONFIG_REGULATOR_MC13892=m +CONFIG_LEDS_MC13783=m +CONFIG_RTC_DRV_MC13XXX=m + +CONFIG_INPUT_PWM_BEEPER=m +CONFIG_INPUT_88PM80X_ONKEY=m + +# exynos +# CONFIG_DRM_EXYNOS is not set +# CONFIG_PINCTRL_EXYNOS5440 is not set +# CONFIG_PINCTRL_EXYNOS is not set + +# picoxcell +CONFIG_CRYPTO_DEV_PICOXCELL=m +CONFIG_HW_RANDOM_PICOXCELL=m + +# ST Ericsson +CONFIG_MACH_HREFV60=y +CONFIG_MACH_SNOWBALL=y +CONFIG_MACH_UX500_DT=y + +CONFIG_ABX500_CORE=y +CONFIG_UX500_DEBUG_UART=2 +CONFIG_AB8500_CORE=y +CONFIG_STE_DMA40=y +CONFIG_HSEM_U8500=m +CONFIG_PINCTRL_ABX500=y +CONFIG_PINCTRL_AB8500=y +CONFIG_I2C_NOMADIK=m +CONFIG_KEYBOARD_NOMADIK=m +CONFIG_DB8500_CPUFREQ_COOLING=m +CONFIG_DB8500_THERMAL=y +CONFIG_UX500_WATCHDOG=m +CONFIG_INPUT_AB8500_PONKEY=m +CONFIG_REGULATOR_AB8500=y +CONFIG_AB8500_USB=m +CONFIG_RTC_DRV_AB8500=m +CONFIG_PWM_AB8500=m +CONFIG_SND_SOC_UX500=m +CONFIG_SND_SOC_UX500_PLAT_DMA=m +CONFIG_SND_SOC_UX500_MACH_MOP500=m +CONFIG_CLKSRC_DBX500_PRCMU=y +CONFIG_CLKSRC_DBX500_PRCMU_SCHED_CLOCK=y +CONFIG_CRYPTO_DEV_UX500=m +CONFIG_CRYPTO_DEV_UX500_CRYP=m +CONFIG_CRYPTO_DEV_UX500_HASH=m +CONFIG_SENSORS_LIS3_I2C=m +CONFIG_AB8500_BM=y +CONFIG_AB8500_GPADC=y +CONFIG_SENSORS_AB8500=m +CONFIG_STE_MODEM_RPROC=m +CONFIG_CW1200=m +CONFIG_CW1200_WLAN_SDIO=m +CONFIG_CW1200_WLAN_SPI=m +CONFIG_UX500_WATCHDOG=m + +# tegra +CONFIG_ARCH_TEGRA_2x_SOC=y +CONFIG_ARCH_TEGRA_3x_SOC=y +# CONFIG_ARCH_TEGRA_114_SOC is not set +CONFIG_ARM_TEGRA_CPUFREQ=y +CONFIG_TEGRA20_MC=y +CONFIG_TEGRA30_MC=y + +CONFIG_SERIAL_TEGRA=y + +CONFIG_TEGRA_PCI=y +CONFIG_TEGRA_IOMMU_GART=y +CONFIG_TEGRA_IOMMU_SMMU=y +CONFIG_MMC_SDHCI_TEGRA=m + +CONFIG_I2C_TEGRA=m + +CONFIG_TEGRA_SYSTEM_DMA=y +CONFIG_TEGRA_EMC_SCALING_ENABLE=y +CONFIG_TEGRA_AHB=y +CONFIG_TEGRA20_APB_DMA=y +# CONFIG_SPI_TEGRA114 is not set +CONFIG_SPI_TEGRA20_SFLASH=m +CONFIG_SPI_TEGRA20_SLINK=m + +CONFIG_KEYBOARD_TEGRA=m +CONFIG_PINCTRL_TEGRA=y +CONFIG_PINCTRL_TEGRA20=y +CONFIG_PINCTRL_TEGRA30=y +CONFIG_USB_EHCI_TEGRA=m +CONFIG_RTC_DRV_TEGRA=m + +CONFIG_SND_SOC_TEGRA=m +CONFIG_SND_SOC_TEGRA_ALC5632=m +CONFIG_SND_SOC_TEGRA_RT5640=m +CONFIG_SND_SOC_TEGRA_TRIMSLICE=m +CONFIG_SND_SOC_TEGRA_WM8753=m +CONFIG_SND_SOC_TEGRA_WM8903=m +CONFIG_SND_SOC_TEGRA_WM9712=m +CONFIG_SND_SOC_TEGRA20_AC97=m +CONFIG_SND_SOC_TEGRA30_AHUB=m +CONFIG_SND_SOC_TEGRA30_I2S=m + +# AC100 (PAZ00) +CONFIG_MFD_NVEC=y +CONFIG_MFD_TPS80031=y +CONFIG_KEYBOARD_NVEC=y +CONFIG_SERIO_NVEC_PS2=y +CONFIG_NVEC_POWER=y +CONFIG_POWER_SUPPLY=y +CONFIG_NVEC_LEDS=y +CONFIG_NVEC_PAZ00=y +CONFIG_MFD_TPS6586X=y +CONFIG_GPIO_TPS6586X=y +CONFIG_REGULATOR_TPS6586X=m +CONFIG_RTC_DRV_TPS6586X=m + +CONFIG_PWM_TEGRA=m + +CONFIG_TEGRA_HOST1X=m +CONFIG_TEGRA_HOST1X_FIREWALL=y + +CONFIG_DRM_TEGRA=y +# CONFIG_DRM_TEGRA_STAGING is not set +# CONFIG_DRM_TEGRA_DEBUG is not set + +CONFIG_CRYPTO_DEV_TEGRA_AES=m + +CONFIG_LEDS_RENESAS_TPU=y + +# OLPC XO +CONFIG_SERIO_OLPC_APSP=m + +# Zynq-7xxx +# likely needs usb/mmc still +CONFIG_SERIAL_XILINX_PS_UART=y +CONFIG_SERIAL_XILINX_PS_UART_CONSOLE=y +CONFIG_COMMON_CLK_AXI_CLKGEN=m +CONFIG_CPU_IDLE_ZYNQ=y +CONFIG_LATTICE_ECP3_CONFIG=m +CONFIG_NET_VENDOR_XILINX=y +CONFIG_XILINX_EMACLITE=m +CONFIG_GPIO_XILINX=y +CONFIG_I2C_XILINX=m +CONFIG_SPI_XILINX=m + +# MMC/SD +CONFIG_MMC_TMIO=m +CONFIG_MMC_SDHCI_PXAV3=m +CONFIG_MMC_SDHCI_PXAV2=m + +# Multi function devices +CONFIG_MFD_88PM800=m +CONFIG_MFD_88PM805=m +CONFIG_MFD_T7L66XB=y +CONFIG_MFD_TC6387XB=y + +# Regulator drivers +CONFIG_REGULATOR_FAN53555=m +# CONFIG_CHARGER_MANAGER is not set +# CONFIG_REGULATOR_DUMMY is not set +# CONFIG_REGULATOR_VIRTUAL_CONSUMER is not set +# CONFIG_REGULATOR_USERSPACE_CONSUMER is not set +CONFIG_REGULATOR_AD5398=m +CONFIG_REGULATOR_ISL6271A=m +CONFIG_REGULATOR_MAX1586=m +CONFIG_REGULATOR_MAX8649=m +CONFIG_REGULATOR_MAX8660=m +CONFIG_REGULATOR_MAX8952=m +CONFIG_REGULATOR_MAX8973=m +CONFIG_REGULATOR_LP3971=m +CONFIG_REGULATOR_LP3972=m +CONFIG_REGULATOR_TPS51632=m +CONFIG_REGULATOR_TPS62360=m +CONFIG_REGULATOR_TPS65023=m +CONFIG_REGULATOR_TPS6524X=m +CONFIG_REGULATOR_TPS6507X=m +CONFIG_REGULATOR_TPS65912=m +CONFIG_REGULATOR_MAX8907=m +CONFIG_REGULATOR_LP872X=y +CONFIG_REGULATOR_LP8755=m + +# usb gadget +CONFIG_USB_GADGET=m +CONFIG_USB_GADGET_VBUS_DRAW=100 +CONFIG_USB_GADGET_STORAGE_NUM_BUFFERS=2 +# CONFIG_USB_FSL_USB2 is not set +# CONFIG_USB_FUSB300 is not set +# CONFIG_USB_RENESAS_USBHS is not set +# CONFIG_USB_GADGET_DEBUG is not set +# CONFIG_USB_GADGET_DEBUG_FILES is not set +# CONFIG_USB_GADGET_DEBUG_FS is not set +# CONFIG_USB_GADGET_VBUS_DRAW is not set +# CONFIG_USB_GADGET_STORAGE_NUM_BUFFERS is not set +# CONFIG_USB_FOTG210_UDC is not set +# CONFIG_USB_R8A66597 is not set +# CONFIG_USB_PXA27X is not set +# CONFIG_USB_MV_UDC is not set +# CONFIG_USB_MV_U3D is not set +# CONFIG_USB_M66592 is not set +# CONFIG_USB_AMD5536UDC is not set +# CONFIG_USB_NET2272 is not set +# CONFIG_USB_NET2280 is not set +# CONFIG_USB_GOKU is not set +# CONFIG_USB_EG20T is not set +# CONFIG_USB_DUMMY_HCD is not set +# CONFIG_USB_ZERO_HNPTEST is not set +# CONFIG_USB_ETH_RNDIS is not set +# CONFIG_USB_ETH_EEM is not set + +# Needs work/investigation + +# CONFIG_ARM_CHARLCD is not set +# CONFIG_MTD_AFS_PARTS is not set +# CONFIG_IP_PNP_RARP is not set +# CONFIG_PID_IN_CONTEXTIDR is not set +# CONFIG_DEPRECATED_PARAM_STRUCT is not set + +# CONFIG_ARM_KPROBES_TEST is not set + +# Defined config options we don't use yet +# CONFIG_PINCTRL_IMX35 is not set +# CONFIG_REGULATOR_ANATOP is not set + +# CONFIG_BATTERY_RX51 is not set +# CONFIG_IR_RX51 is not set +# CONFIG_GENERIC_CPUFREQ_CPU0 is not set +# CONFIG_MFD_SMSC is not set +# CONFIG_MFD_SEC_CORE is not set +# CONFIG_MFD_DA9055 is not set +# CONFIG_MFD_LP8788 is not set +# CONFIG_MFD_MAX8907 is not set +# CONFIG_MFD_TPS65912_I2C is not set +# CONFIG_MFD_DA9052_I2C is not set +# CONFIG_MFD_MAX77686 is not set +# CONFIG_MFD_MAX77693 is not set +# CONFIG_MFD_MAX8997 is not set +# CONFIG_MFD_TPS65090 is not set +# CONFIG_MFD_AAT2870_CORE is not set +# CONFIG_MFD_RC5T583 is not set +# CONFIG_MFD_PALMAS is not set +# CONFIG_MFD_DA9055 is not set +# CONFIG_MFD_SMSC is not set +# CONFIG_MFD_TPS65910 is not set +# CONFIG_MFD_AS3711 is not set +# CONFIG_PMIC_DA903X is not set +# CONFIG_PMIC_ADP5520 is not set +# CONFIG_REGULATOR_LP3972 is not set +# CONFIG_REGULATOR_LP872X is not set + +# CONFIG_DVB_USB_PCTV452E is not set +# We need to fix these as they should be either generic includes or kconfig fixes +# drivers/input/touchscreen/eeti_ts.c:65:2: error: implicit declaration of function 'irq_to_gpio' [-Werror=implicit-function-declaration] +# CONFIG_TOUCHSCREEN_EETI is not set +# CONFIG_TOUCHSCREEN_EGALAX is not set +# CONFIG_TOUCHSCREEN_AUO_PIXCIR is not set + +# CONFIG_VIRTUALIZATION is not set +# CONFIG_CHARGER_MANAGER is not set +# CONFIG_POWER_RESET_QNAP is not set +# CONFIG_POWER_RESET_RESTART is not set +# CONFIG_OMAP2_DSS_DEBUG is not set +# CONFIG_DRM_TEGRA_DEBUG is not set +# CONFIG_CRYPTO_DEV_UX500_DEBUG is not set +# CONFIG_AB8500_DEBUG is not set + +# CONFIG_SOC_VF610 is not set +# CONFIG_ARM_CCI is not set +# CONFIG_GPIO_XILINX is not set +# CONFIG_SERIAL_UARTLITE is not set + diff --git a/config-armv7-generic b/config-armv7-generic new file mode 100644 index 000000000..663f86b82 --- /dev/null +++ b/config-armv7-generic @@ -0,0 +1,461 @@ +# arm configs for sharing between armv7 and armv7-lpae +# Generic ARM config options +CONFIG_ARM=y + +# CONFIG_ARCH_MULTI_V4 is not set +# CONFIG_ARCH_MULTI_V4T is not set +# CONFIG_ARCH_MULTI_V6 is not set +CONFIG_ARCH_MULTI_V7=y + +CONFIG_CMDLINE="" +CONFIG_HAVE_ARM_ARCH_TIMER=y +CONFIG_HAVE_ARM_TWD=y +CONFIG_AEABI=y +CONFIG_VFP=y +CONFIG_VFPv3=y +CONFIG_NEON=y + +CONFIG_ARM_UNWIND=y +CONFIG_ARM_THUMB=y +CONFIG_ARM_THUMBEE=y +CONFIG_ARM_ASM_UNIFIED=y +CONFIG_ARM_CPU_TOPOLOGY=y +CONFIG_ARM_DMA_MEM_BUFFERABLE=y +CONFIG_SWP_EMULATE=y +CONFIG_CACHE_L2X0=y +CONFIG_CACHE_PL310=y +CONFIG_HIGHPTE=y +CONFIG_AUTO_ZRELADDR=y +CONFIG_ATAGS=y +CONFIG_ATAGS_PROC=y +CONFIG_ZBOOT_ROM_TEXT=0x0 +CONFIG_ZBOOT_ROM_BSS=0x0 +CONFIG_XZ_DEC_ARMTHUMB=y +CONFIG_ARCH_HAS_TICK_BROADCAST=y +CONFIG_ALWAYS_USE_PERSISTENT_CLOCK=y + +# CONFIG_MCPM is not set +# CONFIG_OABI_COMPAT is not set +# CONFIG_APM_EMULATION is not set +# CONFIG_CPU_ICACHE_DISABLE is not set +# CONFIG_CPU_DCACHE_DISABLE is not set +# CONFIG_CPU_BPREDICT_DISABLE is not set +# CONFIG_DMA_CACHE_RWFO is not set +# CONFIG_THUMB2_KERNEL is not set +# CONFIG_HVC_DCC is not set +# CONFIG_XIP_KERNEL is not set +# CONFIG_ARM_VIRT_EXT is not set + +# Platforms enabled/disabled globally on ARMv7 +CONFIG_ARCH_HIGHBANK=y +CONFIG_ARCH_VEXPRESS_CA9X4=y +CONFIG_ARCH_VEXPRESS_CORTEX_A5_A9_ERRATA=y +# CONFIG_ARCH_BCM is not set +# CONFIG_PLAT_SPEAR is not set +# CONFIG_ARCH_STI is not set +# CONFIG_ARCH_SIRF is not set +# CONFIG_ARCH_U8500 is not set +# CONFIG_ARCH_WM8850 is not set + +# highbank +# 2013/04/19 - stability issues +# CONFIG_CPU_IDLE_CALXEDA is not set +CONFIG_EDAC_HIGHBANK_MC=m +CONFIG_EDAC_HIGHBANK_L2=m +CONFIG_SATA_HIGHBANK=m +CONFIG_ARM_HIGHBANK_CPUFREQ=m + +# errata +# v5/v6 +# CONFIG_ARM_ERRATA_326103 is not set +# CONFIG_ARM_ERRATA_411920 is not set +# Cortex-A8 +CONFIG_ARM_ERRATA_430973=y +# The following two don't work with MP +# CONFIG_ARM_ERRATA_458693 is not set +# CONFIG_ARM_ERRATA_460075 is not set +# Cortex-A9 +CONFIG_ARM_ERRATA_643719=y +CONFIG_ARM_ERRATA_720789=y +CONFIG_ARM_ERRATA_742230=y +CONFIG_ARM_ERRATA_742231=y +CONFIG_ARM_ERRATA_743622=y +CONFIG_ARM_ERRATA_751472=y +CONFIG_ARM_ERRATA_754322=y +CONFIG_ARM_ERRATA_754327=y +CONFIG_ARM_ERRATA_764369=y +CONFIG_ARM_ERRATA_775420=y +# Disabled due to causing highbank to crash +# CONFIG_PL310_ERRATA_588369 is not set +# CONFIG_PL310_ERRATA_727915 is not set +CONFIG_PL310_ERRATA_753970=y +CONFIG_PL310_ERRATA_769419=y +CONFIG_PJ4B_ERRATA_4742=y +# Cortex-A15 +# CONFIG_ARM_ERRATA_798181 is not set + +# generic that deviates from or should be merged into config-generic +CONFIG_SMP_ON_UP=y +CONFIG_HIGHMEM=y +CONFIG_CC_OPTIMIZE_FOR_SIZE=y + +CONFIG_SCHED_MC=y +CONFIG_SCHED_SMT=y + +CONFIG_RCU_FANOUT=32 + +# 2013/04/19 - disable due to stability issues in 3.9 for the moment +# CONFIG_CPU_IDLE is not set +## CONFIG_CPU_IDLE_GOV_LADDER is not set +# CONFIG_CPU_IDLE_GOV_MENU is not set +# CONFIG_CPU_IDLE_MULTIPLE_DRIVERS is not set + +# CONFIG_ARM_BIG_LITTLE_CPUFREQ is not set + +CONFIG_DEFAULT_MMAP_MIN_ADDR=32768 +CONFIG_LSM_MMAP_MIN_ADDR=32768 + +CONFIG_XZ_DEC_ARM=y + +CONFIG_ARM_CPU_SUSPEND=y + +CONFIG_LOCAL_TIMERS=y +CONFIG_UACCESS_WITH_MEMCPY=y +CONFIG_CC_STACKPROTECTOR=y + +CONFIG_IP_PNP=y +CONFIG_IP_PNP_DHCP=y +CONFIG_IP_PNP_BOOTP=y + +# Root as NFS, different from mainline +CONFIG_ROOT_NFS=y + +CONFIG_LBDAF=y + +# Device tree +CONFIG_USE_OF=y +CONFIG_ARM_ATAG_DTB_COMPAT=y +CONFIG_ARM_APPENDED_DTB=y +CONFIG_I2C_MUX_PINCTRL=m + +# General vexpress ARM drivers +CONFIG_ARM_TIMER_SP804=y + +CONFIG_SERIO_AMBAKMI=m +CONFIG_SERIAL_AMBA_PL010=y +CONFIG_SERIAL_AMBA_PL010_CONSOLE=y +CONFIG_SERIAL_8250_DW=y +CONFIG_SERIAL_MRST_MAX3110=m + +CONFIG_RTC_DRV_PL030=y +CONFIG_RTC_DRV_PL031=y + +CONFIG_PL330_DMA=m +CONFIG_AMBA_PL08X=y +CONFIG_ARM_SP805_WATCHDOG=m +CONFIG_GPIO_PL061=y +CONFIG_FB_ARMCLCD=m + +# usb +CONFIG_USB_OTG=y +# CONFIG_USB_OTG_WHITELIST is not set +# CONFIG_USB_OTG_BLACKLIST_HUB is not set +CONFIG_USB_ULPI=y +CONFIG_AX88796=m +CONFIG_AX88796_93CX6=y +CONFIG_USB_ISP1760_HCD=m +# CONFIG_USB_EHCI_HCD_ORION is not set + +# Multifunction Devices +CONFIG_MFD_SYSCON=y +CONFIG_MFD_TPS65912_SPI=y +# CONFIG_MFD_DA9052_SPI is not set +# CONFIG_MFD_ARIZONA_SPI is not set +# CONFIG_MFD_WM831X_SPI is not set +# CONFIG_MFD_MC13XXX_SPI is not set + +# Pin stuff +CONFIG_PINMUX=y +CONFIG_PINCONF=y +CONFIG_PINCTRL=y +CONFIG_PINCTRL_SINGLE=y +# CONFIG_PINCTRL_SAMSUNG is not set +# CONFIG_PINCTRL_EXYNOS4 is not set + +# GPIO +CONFIG_GPIO_GENERIC_PLATFORM=m +CONFIG_EXTCON_GPIO=m +# CONFIG_GPIO_EM is not set +CONFIG_GPIO_ADNP=m +CONFIG_GPIO_MCP23S08=m +CONFIG_POWER_RESET_GPIO=y +CONFIG_SERIAL_8250_EM=m +CONFIG_INPUT_GPIO_TILT_POLLED=m +CONFIG_MDIO_BUS_MUX_GPIO=m +CONFIG_MDIO_BUS_MUX_MMIOREG=m +CONFIG_LEDS_GPIO=m +CONFIG_GPIO_MAX7301=m +CONFIG_GPIO_MC33880=m +CONFIG_GPIO_74X164=m +CONFIG_GPIO_TPS65912=m +# CONFIG_GPIO_RCAR is not set +CONFIG_W1_MASTER_GPIO=m +CONFIG_CHARGER_GPIO=m + +CONFIG_SPI=y +CONFIG_SPI_MASTER=y +CONFIG_SPI_GPIO=m +CONFIG_SPI_BITBANG=m +CONFIG_SPI_PL022=m +CONFIG_SPI_SPIDEV=m +CONFIG_SPI_ALTERA=m +CONFIG_SPI_BUTTERFLY=m +CONFIG_SPI_LM70_LLP=m +CONFIG_SPI_OC_TINY=m +CONFIG_SPI_S3C64XX=m +CONFIG_SPI_SC18IS602=m +CONFIG_SPI_XCOMM=m +CONFIG_SPI_XILINX=m +CONFIG_SPI_DESIGNWARE=m +CONFIG_SPI_TLE62X0=m +# CONFIG_SPI_FSL_SPI is not set + +CONFIG_NFC_NCI_SPI=y + +# HW crypto and rng +CONFIG_CRYPTO_SHA1_ARM=m +CONFIG_CRYPTO_AES_ARM=m + +# EDAC +CONFIG_EDAC=y +CONFIG_EDAC_MM_EDAC=m +CONFIG_EDAC_LEGACY_SYSFS=y + +# Watchdog +CONFIG_MPCORE_WATCHDOG=m + +# Thermal / powersaving +CONFIG_THERMAL=y +CONFIG_POWER_RESET_RESTART=y +CONFIG_ARM_PSCI=y + +# MTD +# CONFIG_MG_DISK is not set +CONFIG_MTD_DATAFLASH=m +CONFIG_MTD_DATAFLASH_WRITE_VERIFY=y +CONFIG_MTD_DATAFLASH_OTP=y +CONFIG_MTD_M25P80=m +CONFIG_MTD_SST25L=m +CONFIG_EEPROM_AT25=m +CONFIG_EEPROM_93XX46=m + +# MMC/SD +CONFIG_MMC_SPI=m + +# Designware (used by numerous devices) +CONFIG_MMC_DW=m +CONFIG_MMC_DW_PLTFM=m +CONFIG_MMC_DW_PCI=m +CONFIG_SPI_DW_MMIO=m +CONFIG_SPI_DW_PCI=m +CONFIG_MMC_DW_SOCFPGA=m +# CONFIG_MMC_DW_EXYNOS is not set +# CONFIG_MMC_DW_IDMAC is not set +CONFIG_USB_DWC2=m +CONFIG_USB_DWC3=m +# CONFIG_USB_DWC3_DEBUG is not set +CONFIG_DW_WATCHDOG=m + +# Sound +CONFIG_SND_ARM=y +CONFIG_SND_ARMAACI=m +CONFIG_SND_SOC=m +CONFIG_SND_SPI=y +CONFIG_SND_DESIGNWARE_I2S=m +CONFIG_SND_SIMPLE_CARD=m +CONFIG_SND_SOC_CACHE_LZO=y +CONFIG_SND_SOC_ALL_CODECS=m +CONFIG_SND_SOC_DMAENGINE_PCM=y +CONFIG_SND_SOC_GENERIC_DMAENGINE_PCM=y +# CONFIG_SND_ATMEL_SOC is not set + +# Displays + +# RTC +CONFIG_RTC_DRV_M41T93=m +CONFIG_RTC_DRV_M41T94=m +CONFIG_RTC_DRV_DS1305=m +CONFIG_RTC_DRV_DS1390=m +CONFIG_RTC_DRV_MAX6902=m +CONFIG_RTC_DRV_R9701=m +CONFIG_RTC_DRV_RS5C348=m +CONFIG_RTC_DRV_DS3234=m +CONFIG_RTC_DRV_PCF2123=m +CONFIG_RTC_DRV_RX4581=m + +# Regulators +CONFIG_REGULATOR=y +CONFIG_RFKILL_REGULATOR=m +CONFIG_CHARGER_MANAGER=y +# CONFIG_REGULATOR_DUMMY is not set +CONFIG_REGULATOR_FIXED_VOLTAGE=m +CONFIG_REGULATOR_VIRTUAL_CONSUMER=m +CONFIG_REGULATOR_USERSPACE_CONSUMER=m +CONFIG_REGULATOR_GPIO=m +CONFIG_REGULATOR_AD5398=m +CONFIG_REGULATOR_FAN53555=m +CONFIG_REGULATOR_ANATOP=m +CONFIG_REGULATOR_ISL6271A=m +CONFIG_REGULATOR_MAX1586=m +CONFIG_REGULATOR_MAX8649=m +CONFIG_REGULATOR_MAX8660=m +CONFIG_REGULATOR_MAX8952=m +CONFIG_REGULATOR_MAX8973=m +CONFIG_REGULATOR_LP3971=m +CONFIG_REGULATOR_LP3972=m +CONFIG_REGULATOR_LP8755=m +CONFIG_REGULATOR_TPS51632=m +CONFIG_REGULATOR_TPS62360=m +CONFIG_REGULATOR_TPS65023=m +CONFIG_REGULATOR_TPS6507X=m +CONFIG_REGULATOR_TPS6524X=m +CONFIG_REGULATOR_TPS65912=m + +CONFIG_SENSORS_AD7314=m +CONFIG_SENSORS_ADCXX=m +CONFIG_SENSORS_LM70=m +CONFIG_SENSORS_MAX1111=m +CONFIG_SENSORS_ADS7871=m +CONFIG_SENSORS_LIS3_SPI=m +CONFIG_SENSORS_GPIO_FAN=m + +CONFIG_LCD_L4F00242T03=m +CONFIG_LCD_LMS283GF05=m +CONFIG_LCD_LTV350QV=m +CONFIG_LCD_ILI922X=m +CONFIG_LCD_ILI9320=m +CONFIG_LCD_TDO24M=m +CONFIG_LCD_VGG2432A4=m +CONFIG_LCD_S6E63M0=m +CONFIG_LCD_LD9040=m +CONFIG_LCD_AMS369FG06=m +CONFIG_LCD_LMS501KF03=m +CONFIG_LCD_HX8357=m + +# Input +CONFIG_INPUT_GP2A=m +CONFIG_INPUT_ARIZONA_HAPTICS=m +CONFIG_INPUT_MC13783_PWRBUTTON=m + +CONFIG_TOUCHSCREEN_ADS7846=m +CONFIG_TOUCHSCREEN_AD7877=m +CONFIG_TOUCHSCREEN_MC13783=m +CONFIG_TOUCHSCREEN_TSC2005=m + +CONFIG_LEDS_DAC124S085=m +CONFIG_LEDS_PWM=m +CONFIG_BMP085_SPI=m + +# Display + +CONFIG_CMA=y +# CONFIG_CMA_DEBUG is not set +CONFIG_CMA_SIZE_MBYTES=16 +CONFIG_CMA_SIZE_SEL_MBYTES=y +# CONFIG_CMA_SIZE_SEL_PERCENTAGE is not set +# CONFIG_CMA_SIZE_SEL_MIN is not set +# CONFIG_CMA_SIZE_SEL_MAX is not set +CONFIG_CMA_ALIGNMENT=8 +CONFIG_CMA_AREAS=7 + +# Ethernet +CONFIG_KS8851=m +CONFIG_ENC28J60=m +CONFIG_LIBERTAS_SPI=m +CONFIG_P54_SPI=m +CONFIG_P54_SPI_DEFAULT_EEPROM=n +CONFIG_MICREL_KS8995MA=m +CONFIG_IEEE802154_AT86RF230=m +CONFIG_IEEE802154_MRF24J40=m + +CONFIG_ARM_KPROBES_TEST=m + +# jffs2 +CONFIG_JFFS2_FS=m +CONFIG_JFFS2_FS_DEBUG=0 +# CONFIG_JFFS2_COMPRESSION_OPTIONS is not set +# CONFIG_JFFS2_FS_WBUF_VERIFY is not set +CONFIG_JFFS2_FS_POSIX_ACL=y +CONFIG_JFFS2_FS_SECURITY=y +CONFIG_JFFS2_FS_WRITEBUFFER=y +CONFIG_JFFS2_FS_XATTR=y +CONFIG_JFFS2_LZO=y +CONFIG_JFFS2_RTIME=y +CONFIG_JFFS2_RUBIN=y +CONFIG_JFFS2_SUMMARY=y +CONFIG_JFFS2_ZLIB=y + +CONFIG_UBIFS_FS=m +CONFIG_UBIFS_FS_ADVANCED_COMPR=y +CONFIG_UBIFS_FS_LZO=y +CONFIG_UBIFS_FS_ZLIB=y +# CONFIG_UBIFS_FS_DEBUG is not set + +# Should be in generic +CONFIG_BPF_JIT=y +# CONFIG_NET_VENDOR_CIRRUS is not set +# CONFIG_NET_VENDOR_MICROCHIP is not set + +# CONFIG_PATA_PLATFORM is not set + +# CONFIG_DRM_EXYNOS is not set +# CONFIG_DRM_TILCDC is not set +# CONFIG_DRM_IMX is not set +# CONFIG_AHCI_IMX is not set +# CONFIG_CS89x0 is not set +# CONFIG_DM9000 is not set +# CONFIG_HW_RANDOM_ATMEL is not set +# CONFIG_HW_RANDOM_EXYNOS is not set +# CONFIG_MFD_T7L66XB is not set +# CONFIG_MFD_TC6387XB is not set +# CONFIG_TI_DAC7512 is not set +# CONFIG_EZX_PCAP is not set + +# Needs work/investigation +# CONFIG_ARM_CHARLCD is not set +# CONFIG_MTD_AFS_PARTS is not set +# CONFIG_IP_PNP_RARP is not set +# CONFIG_DEPRECATED_PARAM_STRUCT is not set +# CONFIG_LATTICE_ECP3_CONFIG is not set +# CONFIG_M25PXX_USE_FAST_READ is not set +# CONFIG_SERIAL_MAX3100 is not set +# CONFIG_SERIAL_MAX310X is not set +# CONFIG_SERIAL_IFX6X60 is not set +# CONFIG_COMMON_CLK_AXI_CLKGEN is not set +# CONFIG_SPI_TOPCLIFF_PCH is not set +# CONFIG_SPI_PXA2XX is not set + +# these modules all fail with missing __bad_udelay +# http://www.spinics.net/lists/arm/msg15615.html provides some background +# CONFIG_SUNGEM is not set +# CONFIG_FB_SAVAGE is not set +# CONFIG_FB_RADEON is not set +# CONFIG_DRM_RADEON is not set +# CONFIG_ATM_HE is not set +# CONFIG_SCSI_ACARD is not set +# CONFIG_SFC is not set + +# these all currently fail due to missing symbols __bad_udelay or +# error: implicit declaration of function ‘iowrite32be’ +# CONFIG_SND_ALI5451 is not set +# CONFIG_DRM_NOUVEAU is not set +# CONFIG_MLX4_EN is not set + +# Debug options. We need to deal with them at some point like x86 +# CONFIG_DEBUG_USER is not set +# CONFIG_DEBUG_LL is not set +# CONFIG_DEBUG_PINCTRL is not set +# CONFIG_ARM_DT_BL_CPUFREQ is not set + +# FIX ME +# CONFIG_FB_XILINX is not set diff --git a/config-debug b/config-debug index db0aa6d4e..fb7df3e38 100644 --- a/config-debug +++ b/config-debug @@ -5,6 +5,7 @@ CONFIG_SND_PCM_XRUN_DEBUG=y CONFIG_DEBUG_ATOMIC_SLEEP=y CONFIG_DEBUG_MUTEXES=y +CONFIG_DEBUG_WW_MUTEX_SLOWPATH=y CONFIG_DEBUG_RT_MUTEXES=y CONFIG_DEBUG_LOCK_ALLOC=y CONFIG_PROVE_LOCKING=y @@ -64,6 +65,8 @@ CONFIG_DEBUG_CREDENTIALS=y CONFIG_EXT4_DEBUG=y +CONFIG_XFS_WARN=y + CONFIG_DEBUG_PERF_USE_VMALLOC=y # off in both production debug and nodebug builds, @@ -82,6 +85,8 @@ CONFIG_ATH_DEBUG=y CONFIG_CARL9170_DEBUGFS=y CONFIG_IWLWIFI_DEVICE_TRACING=y +CONFIG_RTLWIFI_DEBUG=y + CONFIG_DEBUG_OBJECTS_WORK=y CONFIG_DMADEVICES_DEBUG=y @@ -96,9 +101,11 @@ CONFIG_PCI_DEFAULT_USE_CRS=y CONFIG_KGDB_KDB=y CONFIG_KDB_KEYBOARD=y +CONFIG_KDB_CONTINUE_CATASTROPHIC=0 CONFIG_DEBUG_OBJECTS_PERCPU_COUNTER=y CONFIG_TEST_LIST_SORT=y +CONFIG_TEST_STRING_HELPERS=m CONFIG_DETECT_HUNG_TASK=y CONFIG_DEFAULT_HUNG_TASK_TIMEOUT=120 @@ -112,3 +119,9 @@ CONFIG_DEBUG_KMEMLEAK_EARLY_LOG_SIZE=1024 CONFIG_DEBUG_KMEMLEAK_DEFAULT_OFF=y CONFIG_MAC80211_MESSAGE_TRACING=y + +CONFIG_EDAC_DEBUG=y + +CONFIG_X86_DEBUG_STATIC_CPU_HAS=y +CONFIG_LATENCYTOP=y +CONFIG_SCHEDSTATS=y diff --git a/config-generic b/config-generic index 20024fbba..3e29d7f02 100644 --- a/config-generic +++ b/config-generic @@ -4,6 +4,8 @@ CONFIG_MMU=y CONFIG_SMP=y CONFIG_HOTPLUG_CPU=y +# CONFIG_BOOTPARAM_HOTPLUG_CPU0 is not set +# CONFIG_DEBUG_HOTPLUG_CPU0 is not set CONFIG_LOCALVERSION="" CONFIG_CROSS_COMPILE="" CONFIG_DEFAULT_HOSTNAME="(none)" @@ -33,6 +35,7 @@ CONFIG_SWAP=y CONFIG_SYSVIPC=y CONFIG_BSD_PROCESS_ACCT=y CONFIG_BSD_PROCESS_ACCT_V3=y +# CONFIG_COMPILE_TEST is not set CONFIG_FHANDLE=y CONFIG_TASKSTATS=y CONFIG_TASK_DELAY_ACCT=y @@ -52,6 +55,8 @@ CONFIG_IOSCHED_DEADLINE=y CONFIG_IOSCHED_CFQ=y CONFIG_CFQ_GROUP_IOSCHED=y CONFIG_DEFAULT_CFQ=y +# CONFIG_CHECKPOINT_RESTORE is not set +CONFIG_NAMESPACES=y CONFIG_PID_NS=y CONFIG_UTS_NS=y CONFIG_IPC_NS=y @@ -63,6 +68,7 @@ CONFIG_PREEMPT_VOLUNTARY=y # CONFIG_PREEMPT is not set CONFIG_SLUB=y +CONFIG_SLUB_CPU_PARTIAL=y # CONFIG_SLUB_STATS is not set # CONFIG_AD525X_DPOT is not set @@ -97,6 +103,9 @@ CONFIG_PCIEAER_INJECT=m CONFIG_HOTPLUG_PCI_PCIE=y CONFIG_HOTPLUG_PCI_FAKE=m +# CONFIG_SGI_IOC4 is not set +# + # CONFIG_ISA is not set # CONFIG_SCx200 is not set @@ -124,6 +133,7 @@ CONFIG_MMC_BLOCK_MINORS=8 CONFIG_MMC_BLOCK_BOUNCE=y CONFIG_MMC_SDHCI=m CONFIG_MMC_SDHCI_PCI=m +CONFIG_MMC_SDHCI_ACPI=m CONFIG_MMC_SDRICOH_CS=m CONFIG_MMC_TIFM_SD=m CONFIG_MMC_WBSD=m @@ -132,6 +142,7 @@ CONFIG_MMC_SDHCI_PLTFM=m CONFIG_MMC_CB710=m CONFIG_MMC_RICOH_MMC=y CONFIG_MMC_USHC=m +CONFIG_MMC_REALTEK_PCI=m CONFIG_MMC_VUB300=m CONFIG_CB710_CORE=m @@ -150,6 +161,7 @@ CONFIG_INFINIBAND_USER_MAD=m CONFIG_INFINIBAND_USER_ACCESS=m CONFIG_INFINIBAND_IPATH=m CONFIG_INFINIBAND_ISER=m +CONFIG_INFINIBAND_ISERT=m CONFIG_INFINIBAND_AMSO1100=m # CONFIG_INFINIBAND_AMSO1100_DEBUG is not set CONFIG_INFINIBAND_CXGB3=m @@ -158,9 +170,11 @@ CONFIG_SCSI_CXGB3_ISCSI=m CONFIG_SCSI_CXGB4_ISCSI=m # CONFIG_INFINIBAND_CXGB3_DEBUG is not set CONFIG_MLX4_INFINIBAND=m +CONFIG_MLX5_INFINIBAND=m CONFIG_INFINIBAND_NES=m # CONFIG_INFINIBAND_NES_DEBUG is not set CONFIG_INFINIBAND_QIB=m +CONFIG_INFINIBAND_QIB_DCA=y # CONFIG_INFINIBAND_OCRDMA is not set # @@ -169,6 +183,7 @@ CONFIG_INFINIBAND_QIB=m CONFIG_BINFMT_ELF=y CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS=y # CONFIG_BINFMT_AOUT is not set +CONFIG_BINFMT_SCRIPT=y CONFIG_BINFMT_MISC=m # @@ -182,6 +197,9 @@ CONFIG_FW_LOADER=y # CONFIG_FIRMWARE_IN_KERNEL is not set CONFIG_EXTRA_FIRMWARE="" +# Give this a try in rawhide for now +# CONFIG_FW_LOADER_USER_HELPER is not set + # CONFIG_CMA is not set # CONFIG_SPI is not set @@ -189,31 +207,78 @@ CONFIG_EXTRA_FIRMWARE="" # # Memory Technology Devices (MTD) # -# CONFIG_MTD is not set +CONFIG_MTD=m +# CONFIG_MTD_TESTS is not set # CONFIG_MTD_REDBOOT_PARTS is not set +# CONFIG_MTD_AR7_PARTS is not set +# CONFIG_MTD_CMDLINE_PARTS is not set + +# +# User Modules And Translation Layers +# +# CONFIG_MTD_CHAR is not set +# CONFIG_MTD_BLKDEVS is not set +# CONFIG_MTD_BLOCK is not set +# CONFIG_MTD_BLOCK_RO is not set # CONFIG_FTL is not set # CONFIG_NFTL is not set # CONFIG_INFTL is not set # CONFIG_RFD_FTL is not set # CONFIG_SSFDC is not set +# CONFIG_SM_FTL is not set # CONFIG_MTD_OOPS is not set # CONFIG_MTD_SWAP is not set + +# +# RAM/ROM/Flash chip drivers +# # CONFIG_MTD_CFI is not set # CONFIG_MTD_JEDECPROBE is not set +CONFIG_MTD_MAP_BANK_WIDTH_1=y +CONFIG_MTD_MAP_BANK_WIDTH_2=y +CONFIG_MTD_MAP_BANK_WIDTH_4=y +# CONFIG_MTD_MAP_BANK_WIDTH_8 is not set +# CONFIG_MTD_MAP_BANK_WIDTH_16 is not set +# CONFIG_MTD_MAP_BANK_WIDTH_32 is not set +CONFIG_MTD_CFI_I1=y +CONFIG_MTD_CFI_I2=y +# CONFIG_MTD_CFI_I4 is not set +# CONFIG_MTD_CFI_I8 is not set # CONFIG_MTD_RAM is not set # CONFIG_MTD_ROM is not set # CONFIG_MTD_ABSENT is not set + +# +# Mapping drivers for chip access +# # CONFIG_MTD_COMPLEX_MAPPINGS is not set +# CONFIG_MTD_TS5500 is not set +# CONFIG_MTD_INTEL_VR_NOR is not set +# CONFIG_MTD_PLATRAM is not set + +# Self-contained MTD device drivers +# CONFIG_MTD_PMC551 is not set +# CONFIG_MTD_SLRAM is not set +# CONFIG_MTD_PHRAM is not set # CONFIG_MTD_MTDRAM is not set # CONFIG_MTD_BLOCK2MTD is not set + +# +# Disk-On-Chip Device Drivers +# # CONFIG_MTD_DOCG3 is not set +# CONFIG_MTD_NAND is not set +# CONFIG_MTD_ONENAND is not set # CONFIG_MTD_NAND_VERIFY_WRITE is not set # CONFIG_MTD_NAND_ECC_BCH is not set # CONFIG_MTD_NAND_MUSEUM_IDS is not set # CONFIG_MTD_NAND_DISKONCHIP is not set # CONFIG_MTD_LPDDR is not set -# CONFIG_MTD_UBI is not set - +CONFIG_MTD_UBI=m +CONFIG_MTD_UBI_WL_THRESHOLD=4096 +CONFIG_MTD_UBI_BEB_LIMIT=20 +# CONFIG_MTD_UBI_FASTMAP is not set +# CONFIG_MTD_UBI_GLUEBI is not set # # Parallel port support @@ -242,6 +307,7 @@ CONFIG_BLK_CPQ_DA=m CONFIG_BLK_CPQ_CISS_DA=m CONFIG_CISS_SCSI_TAPE=y CONFIG_BLK_DEV_DAC960=m +# CONFIG_BLK_DEV_PCIESSD_MTIP32XX is not set CONFIG_BLK_DEV_DRBD=m CONFIG_BLK_DEV_UMEM=m CONFIG_BLK_DEV_LOOP=y @@ -268,6 +334,7 @@ CONFIG_BLK_DEV_THROTTLING=y # CONFIG_IDE is not set # CONFIG_BLK_DEV_HD is not set +# CONFIG_BLK_DEV_RSXX is not set CONFIG_SCSI_VIRTIO=m CONFIG_VIRTIO_BLK=m @@ -276,10 +343,11 @@ CONFIG_VIRTIO_BALLOON=m CONFIG_VIRTIO_MMIO=m # CONFIG_VIRTIO_MMIO_CMDLINE_DEVICES is not set CONFIG_VIRTIO_NET=m -CONFIG_VMXNET3=m CONFIG_HW_RANDOM_VIRTIO=m CONFIG_VIRTIO_CONSOLE=y CONFIG_VHOST_NET=m +CONFIG_TCM_VHOST=m +CONFIG_VHOST_SCSI=m # # SCSI device support @@ -293,6 +361,7 @@ CONFIG_SCSI_SRP=m CONFIG_SCSI_SRP_ATTRS=m CONFIG_SCSI_TGT=m CONFIG_SCSI_ISCI=m +CONFIG_SCSI_CHELSIO_FCOE=m CONFIG_SCSI_DH=y CONFIG_SCSI_DH_RDAC=m @@ -340,7 +409,8 @@ CONFIG_SCSI_3W_9XXX=m CONFIG_SCSI_ACARD=m CONFIG_SCSI_AACRAID=m CONFIG_SCSI_AIC7XXX=m -CONFIG_SCSI_AIC7XXX_OLD=m +# http://lists.fedoraproject.org/pipermail/kernel/2013-February/004102.html +# CONFIG_SCSI_AIC7XXX_OLD is not set CONFIG_AIC7XXX_CMDS_PER_DEVICE=4 CONFIG_AIC7XXX_RESET_DELAY_MS=15000 # CONFIG_AIC7XXX_BUILD_FIRMWARE is not set @@ -369,8 +439,13 @@ CONFIG_SCSI_MVSAS_TASKLET=y CONFIG_SCSI_MPT2SAS=m CONFIG_SCSI_MPT2SAS_MAX_SGE=128 CONFIG_SCSI_MPT2SAS_LOGGING=y +CONFIG_SCSI_MPT3SAS=m +CONFIG_SCSI_MPT3SAS_MAX_SGE=128 +CONFIG_SCSI_MPT3SAS_LOGGING=y CONFIG_SCSI_UFSHCD=m +CONFIG_SCSI_UFSHCD_PCI=m +# CONFIG_SCSI_UFSHCD_PLATFORM is not set CONFIG_SCSI_MVUMI=m @@ -380,6 +455,7 @@ CONFIG_SCSI_OSD_DPRINT_SENSE=1 # CONFIG_SCSI_OSD_DEBUG is not set CONFIG_SCSI_BNX2_ISCSI=m +CONFIG_SCSI_BNX2X_FCOE=m CONFIG_BE2ISCSI=m CONFIG_SCSI_PMCRAID=m @@ -393,7 +469,7 @@ CONFIG_SCSI_ARCMSR=m CONFIG_SCSI_BUSLOGIC=m CONFIG_SCSI_INITIO=m CONFIG_SCSI_FLASHPOINT=y -# CONFIG_SCSI_DMX3191D is not set +CONFIG_SCSI_DMX3191D=m # CONFIG_SCSI_EATA is not set # CONFIG_SCSI_EATA_PIO is not set # CONFIG_SCSI_FUTURE_DOMAIN is not set @@ -419,7 +495,9 @@ CONFIG_SCSI_DC390T=m CONFIG_SCSI_QLA_FC=m CONFIG_TCM_QLA2XXX=m CONFIG_SCSI_QLA_ISCSI=m -# CONFIG_SCSI_IPR is not set +CONFIG_SCSI_IPR=m +CONFIG_SCSI_IPR_TRACE=y +CONFIG_SCSI_IPR_DUMP=y # CONFIG_SCSI_DPT_I2O is not set CONFIG_SCSI_LPFC=m # CONFIG_SCSI_LPFC_DEBUG_FS is not set @@ -432,6 +510,7 @@ CONFIG_ATA_BMDMA=y CONFIG_ATA_VERBOSE_ERROR=y CONFIG_ATA_SFF=y CONFIG_ATA_PIIX=y +# CONFIG_SATA_HIGHBANK is not set CONFIG_ATA_ACPI=y CONFIG_BLK_DEV_SX8=m CONFIG_PDC_ADMA=m @@ -443,6 +522,7 @@ CONFIG_SATA_NV=m CONFIG_SATA_PMP=y CONFIG_SATA_PROMISE=m CONFIG_SATA_QSTOR=m +CONFIG_SATA_RCAR=m CONFIG_SATA_SIL=m CONFIG_SATA_SIL24=m CONFIG_SATA_SIS=m @@ -451,6 +531,7 @@ CONFIG_SATA_SX4=m CONFIG_SATA_ULI=m CONFIG_SATA_VIA=m CONFIG_SATA_VITESSE=m +# CONFIG_SATA_ZPODD is not set CONFIG_SATA_ACARD_AHCI=m # CONFIG_PATA_LEGACY is not set @@ -519,14 +600,23 @@ CONFIG_MD_RAID10=m CONFIG_MD_RAID456=m # CONFIG_MULTICORE_RAID456 is not set CONFIG_ASYNC_RAID6_TEST=m + +CONFIG_BCACHE=m +# CONFIG_BCACHE_DEBUG is not set +# CONFIG_BCACHE_EDEBUG is not set +# CONFIG_BCACHE_CLOSURES_DEBUG is not set + CONFIG_BLK_DEV_DM=y CONFIG_DM_CRYPT=m CONFIG_DM_DEBUG=y -# CONFIG_DM_DELAY is not set +CONFIG_DM_DELAY=m CONFIG_DM_MIRROR=y CONFIG_DM_MULTIPATH=m CONFIG_DM_SNAPSHOT=y CONFIG_DM_THIN_PROVISIONING=m +CONFIG_DM_CACHE=m +CONFIG_DM_CACHE_MQ=m +CONFIG_DM_CACHE_CLEANER=m # CONFIG_DM_DEBUG_BLOCK_STACK_TRACING is not set # CONFIG_DM_DEBUG_SPACE_MAPS is not set CONFIG_DM_UEVENT=y @@ -537,6 +627,7 @@ CONFIG_DM_MULTIPATH_ST=m CONFIG_DM_RAID=m CONFIG_DM_FLAKEY=m CONFIG_DM_VERITY=m +CONFIG_DM_SWITCH=m # # Fusion MPT device support @@ -559,6 +650,7 @@ CONFIG_FIREWIRE_SBP2=m CONFIG_FIREWIRE_NET=m CONFIG_FIREWIRE_OHCI_DEBUG=y CONFIG_FIREWIRE_NOSY=m +CONFIG_FIREWIRE_SERIAL=m # CONFIG_FIREWIRE_OHCI_REMOTE_DMA is not set # @@ -582,6 +674,9 @@ CONFIG_NET=y CONFIG_NET_DMA=y +CONFIG_NETLINK_MMAP=y +CONFIG_NETLINK_DIAG=m + CONFIG_TCP_CONG_ADVANCED=y CONFIG_TCP_CONG_BIC=m CONFIG_TCP_CONG_CUBIC=y @@ -602,6 +697,7 @@ CONFIG_TCP_MD5SIG=y # Networking options # CONFIG_PACKET=y +CONFIG_PACKET_DIAG=m CONFIG_UNIX=y CONFIG_UNIX_DIAG=m CONFIG_NET_KEY=m @@ -681,6 +777,7 @@ CONFIG_IPV6_MIP6=y CONFIG_IPV6_SIT=m CONFIG_IPV6_SIT_6RD=y CONFIG_IPV6_TUNNEL=m +# CONFIG_IPV6_GRE is not set CONFIG_IPV6_SUBTREES=y CONFIG_IPV6_MULTIPLE_TABLES=y CONFIG_IPV6_MROUTE=y @@ -700,6 +797,7 @@ CONFIG_NET_9P_RDMA=m # CONFIG_DECNET is not set CONFIG_BRIDGE=m CONFIG_BRIDGE_IGMP_SNOOPING=y +CONFIG_BRIDGE_VLAN_FILTERING=y # PHY timestamping adds overhead CONFIG_NETWORK_PHY_TIMESTAMPING=y @@ -742,10 +840,12 @@ CONFIG_NETFILTER_XT_TARGET_TEE=m CONFIG_NETFILTER_XT_TARGET_TPROXY=m CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m +CONFIG_NETFILTER_XT_MATCH_BPF=m CONFIG_NETFILTER_XT_MATCH_CLUSTER=m CONFIG_NETFILTER_XT_MATCH_COMMENT=m CONFIG_NETFILTER_XT_MATCH_CPU=m CONFIG_NETFILTER_XT_MATCH_CONNBYTES=m +CONFIG_NETFILTER_XT_MATCH_CONNLABEL=m CONFIG_NETFILTER_XT_MATCH_CONNMARK=m CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=m CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y @@ -824,7 +924,6 @@ CONFIG_IP_NF_MATCH_ECN=m CONFIG_IP_NF_MATCH_RPFILTER=m CONFIG_IP_NF_MATCH_TTL=m CONFIG_IP_NF_TARGET_CLUSTERIP=m -CONFIG_IP_NF_TARGET_MASQUERADE=m CONFIG_IP_NF_TARGET_REDIRECT=m CONFIG_IP_NF_TARGET_NETMAP=m CONFIG_IP_NF_TARGET_ECN=m @@ -832,6 +931,8 @@ CONFIG_IP_NF_TARGET_LOG=m CONFIG_IP_NF_TARGET_ULOG=m CONFIG_IP_NF_TARGET_REJECT=y CONFIG_IP_NF_TARGET_TTL=m +CONFIG_NF_NAT_IPV4=m +CONFIG_IP_NF_TARGET_MASQUERADE=m CONFIG_IP_NF_MANGLE=m CONFIG_IP_NF_ARPTABLES=m CONFIG_IP_NF_ARPFILTER=m @@ -863,6 +964,9 @@ CONFIG_IP6_NF_SECURITY=m CONFIG_IP6_NF_TARGET_LOG=m CONFIG_IP6_NF_TARGET_REJECT=m CONFIG_IP6_NF_TARGET_HL=m +CONFIG_NF_NAT_IPV6=m +CONFIG_IP6_NF_TARGET_MASQUERADE=m +# CONFIG_IP6_NF_TARGET_NPT is not set # # Bridge: Netfilter Configuration @@ -923,12 +1027,15 @@ CONFIG_IP_SCTP=m CONFIG_NET_SCTPPROBE=m # CONFIG_SCTP_DBG_MSG is not set # CONFIG_SCTP_DBG_OBJCNT is not set -# CONFIG_SCTP_HMAC_NONE is not set -CONFIG_SCTP_HMAC_SHA1=y -# CONFIG_SCTP_HMAC_MD5 is not set +CONFIG_SCTP_DEFAULT_COOKIE_HMAC_SHA1=y +# CONFIG_SCTP_DEFAULT_COOKIE_HMAC_MD5 is not set +# CONFIG_SCTP_DEFAULT_COOKIE_HMAC_NONE is not set +CONFIG_SCTP_COOKIE_HMAC_MD5=y +CONFIG_SCTP_COOKIE_HMAC_SHA1=y CONFIG_ATM=m CONFIG_VLAN_8021Q=m CONFIG_VLAN_8021Q_GVRP=y +CONFIG_VLAN_8021Q_MVRP=y CONFIG_LLC=m # CONFIG_LLC2 is not set CONFIG_IPX=m @@ -953,7 +1060,9 @@ CONFIG_IP_DCCP_CCID3=y # # TIPC Configuration (EXPERIMENTAL) # -# CONFIG_TIPC is not set +CONFIG_TIPC=m +CONFIG_TIPC_PORTS=8192 +# CONFIG_TIPC_MEDIA_IB is not set # CONFIG_TIPC_ADVANCED is not set # CONFIG_TIPC_DEBUG is not set @@ -1023,8 +1132,12 @@ CONFIG_DCB=y CONFIG_DNS_RESOLVER=m CONFIG_BATMAN_ADV=m CONFIG_BATMAN_ADV_BLA=y +CONFIG_BATMAN_ADV_DAT=y +CONFIG_BATMAN_ADV_NC=y # CONFIG_BATMAN_ADV_DEBUG is not set CONFIG_OPENVSWITCH=m +CONFIG_OPENVSWITCH_GRE=y +CONFIG_VSOCKETS=m CONFIG_NETPRIO_CGROUP=m @@ -1048,13 +1161,16 @@ CONFIG_NET_TEAM_MODE_ROUNDROBIN=m CONFIG_NET_TEAM_MODE_ACTIVEBACKUP=m CONFIG_NET_TEAM_MODE_LOADBALANCE=m CONFIG_NET_TEAM_MODE_BROADCAST=m +CONFIG_NET_TEAM_MODE_RANDOM=m CONFIG_DUMMY=m CONFIG_BONDING=m CONFIG_MACVLAN=m CONFIG_MACVTAP=m +CONFIG_VXLAN=m CONFIG_EQUALIZER=m CONFIG_TUN=m CONFIG_VETH=m +CONFIG_NLMON=m # # ATM @@ -1111,6 +1227,8 @@ CONFIG_L2TP_ETH=m CONFIG_RFKILL=m CONFIG_RFKILL_INPUT=y +CONFIG_ETHERNET=y + # # Ethernet (10 or 100Mbit) # @@ -1127,11 +1245,18 @@ CONFIG_PCNET32=m CONFIG_AMD8111_ETH=m CONFIG_PCMCIA_NMCLAN=m +CONFIG_NET_VENDOR_ARC=y +CONFIG_ARC_EMAC=m + CONFIG_NET_VENDOR_ATHEROS=y +CONFIG_ALX=m CONFIG_ATL2=m CONFIG_ATL1=m CONFIG_ATL1C=m CONFIG_ATL1E=m +CONFIG_NET_CADENCE=y +CONFIG_ARM_AT91_ETHER=m +CONFIG_MACB=m CONFIG_NET_VENDOR_BROCADE=y CONFIG_BNA=m @@ -1188,6 +1313,7 @@ CONFIG_E100=m CONFIG_E1000=m CONFIG_E1000E=m CONFIG_IGB=m +CONFIG_IGB_HWMON=y CONFIG_IGB_DCA=y CONFIG_IGB_PTP=y CONFIG_IGBVF=m @@ -1202,6 +1328,7 @@ CONFIG_IXGBE_PTP=y # CONFIG_NET_VENDOR_I825XX is not set CONFIG_NET_VENDOR_MARVELL=y +CONFIG_MVMDIO=m CONFIG_SKGE=m # CONFIG_SKGE_DEBUG is not set CONFIG_SKGE_GENESIS=y @@ -1241,6 +1368,7 @@ CONFIG_YELLOWFIN=m CONFIG_NET_VENDOR_QLOGIC=y CONFIG_QLA3XXX=m CONFIG_QLCNIC=m +CONFIG_QLCNIC_SRIOV=y CONFIG_QLGE=m CONFIG_NETXEN_NIC=m @@ -1254,6 +1382,8 @@ CONFIG_8139TOO_8129=y # CONFIG_8139_OLD_RX_RESET is not set CONFIG_R8169=m +CONFIG_SH_ETH=m + CONFIG_NET_VENDOR_RDC=y CONFIG_R6040=m @@ -1269,6 +1399,7 @@ CONFIG_SIS190=m CONFIG_NET_VENDOR_SMSC=y CONFIG_PCMCIA_SMC91C92=m CONFIG_EPIC100=m +CONFIG_SMSC911X=m CONFIG_SMSC9420=m CONFIG_NET_VENDOR_STMICRO=y @@ -1304,6 +1435,7 @@ CONFIG_NET_VENDOR_XIRCOM=y CONFIG_PCMCIA_XIRC2PS=m CONFIG_PHYLIB=y +CONFIG_AT803X_PHY=m CONFIG_AMD_PHY=m CONFIG_BROADCOM_PHY=m CONFIG_BCM87XX_PHY=m @@ -1326,6 +1458,7 @@ CONFIG_VITESSE_PHY=m CONFIG_MICREL_PHY=m CONFIG_MII=m +CONFIG_NET_CORE=y CONFIG_NET_VENDOR_3COM=y CONFIG_VORTEX=m CONFIG_TYPHOON=m @@ -1338,6 +1471,8 @@ CONFIG_NET_PCI=y CONFIG_B44=m CONFIG_B44_PCI=y CONFIG_BNX2=m +CONFIG_BNX2X=m +CONFIG_BNX2X_SRIOV=y CONFIG_CNIC=m CONFIG_FEALNX=m CONFIG_NET_POCKET=y @@ -1352,15 +1487,9 @@ CONFIG_JME=m # # Ethernet (10000 Mbit) # -CONFIG_IP1000=m -CONFIG_MLX4_EN=m -CONFIG_MLX4_EN_DCB=y -# CONFIG_MLX4_DEBUG is not set -CONFIG_SFC=m -CONFIG_SFC_MCDI_MON=y -CONFIG_SFC_SRIOV=y - -# CONFIG_SFC_MTD is not set +# CONFIG_IP1000 is not set +# CONFIG_MLX4_EN is not set +# CONFIG_SFC is not set # CONFIG_FDDI is not set # CONFIG_DEFXX is not set @@ -1426,6 +1555,7 @@ CONFIG_WIMAX_I2400M_DEBUG_LEVEL=8 # CONFIG_ADM8211 is not set CONFIG_ATH_COMMON=m +CONFIG_ATH_CARDS=m CONFIG_ATH5K=m CONFIG_ATH5K_DEBUG=y # CONFIG_ATH5K_TRACER is not set @@ -1433,6 +1563,8 @@ CONFIG_ATH6KL=m CONFIG_ATH6KL_DEBUG=y CONFIG_ATH6KL_SDIO=m CONFIG_ATH6KL_USB=m +# CONFIG_ATH6KL_TRACING is not set +CONFIG_AR5523=m CONFIG_ATH9K=m CONFIG_ATH9K_PCI=y CONFIG_ATH9K_AHB=y @@ -1442,7 +1574,15 @@ CONFIG_ATH9K_DEBUGFS=y CONFIG_ATH9K_HTC=m CONFIG_ATH9K_BTCOEX_SUPPORT=y # CONFIG_ATH9K_HTC_DEBUGFS is not set -CONFIG_ATH9K_RATE_CONTROL=y +# CONFIG_ATH9K_LEGACY_RATE_CONTROL is not set +CONFIG_ATH10K=m +CONFIG_ATH10K_PCI=m +# CONFIG_ATH10K_DEBUG is not set +# CONFIG_ATH10K_TRACING is not set +CONFIG_ATH10K_DEBUGFS=y +CONFIG_WIL6210=m +CONFIG_WIL6210_ISR_COR=y +# CONFIG_WIL6210_TRACING is not set CONFIG_CARL9170=m CONFIG_CARL9170_LEDS=y # CONFIG_CARL9170_HWRNG is not set @@ -1450,19 +1590,20 @@ CONFIG_AT76C50X_USB=m # CONFIG_AIRO is not set # CONFIG_AIRO_CS is not set # CONFIG_ATMEL is not set +CONFIG_NET_VENDOR_BROADCOM=y CONFIG_B43=m CONFIG_B43_PCMCIA=y CONFIG_B43_SDIO=y CONFIG_B43_BCMA=y # CONFIG_B43_BCMA_EXTRA is not set CONFIG_B43_BCMA_PIO=y -CONFIG_B43_DEBUG=y +# CONFIG_B43_DEBUG is not set CONFIG_B43_PHY_LP=y CONFIG_B43_PHY_N=y CONFIG_B43_PHY_HT=y # CONFIG_B43_FORCE_PIO is not set CONFIG_B43LEGACY=m -CONFIG_B43LEGACY_DEBUG=y +# CONFIG_B43LEGACY_DEBUG is not set CONFIG_B43LEGACY_DMA=y CONFIG_B43LEGACY_PIO=y CONFIG_B43LEGACY_DMA_AND_PIO_MODE=y @@ -1473,8 +1614,22 @@ CONFIG_BRCMFMAC=m CONFIG_BRCMFMAC_SDIO=y CONFIG_BRCMFMAC_SDIO_OOB=y CONFIG_BRCMFMAC_USB=y +# CONFIG_BRCM_TRACING is not set +# CONFIG_BRCMISCAN is not set # CONFIG_BRCMDBG is not set -# CONFIG_HERMES is not set +CONFIG_HERMES=m +CONFIG_HERMES_CACHE_FW_ON_INIT=y +# CONFIG_HERMES_PRISM is not set +CONFIG_NORTEL_HERMES=m +CONFIG_PCI_HERMES=m +CONFIG_PLX_HERMES=m +CONFIG_PCMCIA_HERMES=m +CONFIG_ORINOCO_USB=m +# CONFIG_TMD_HERMES is not set +# CONFIG_PCMCIA_SPECTRUM is not set +CONFIG_CW1200=m +CONFIG_CW1200_WLAN_SDIO=m +CONFIG_CW1200_WLAN_SPI=m # CONFIG_HOSTAP is not set # CONFIG_IPW2100 is not set # CONFIG_IPW2200 is not set @@ -1489,6 +1644,8 @@ CONFIG_LIBERTAS_SDIO=m # CONFIG_LIBERTAS_THINFIRM is not set CONFIG_LIBERTAS_MESH=y CONFIG_IWLWIFI=m +CONFIG_IWLDVM=m +CONFIG_IWLMVM=m CONFIG_IWLWIFI_DEBUG=y CONFIG_IWLWIFI_DEBUGFS=y CONFIG_IWLWIFI_DEVICE_SVTOOL=y @@ -1521,6 +1678,7 @@ CONFIG_RT2800USB=m CONFIG_RT2800USB_RT33XX=y CONFIG_RT2800USB_RT35XX=y CONFIG_RT2800USB_RT53XX=y +CONFIG_RT2800USB_RT55XX=y CONFIG_RT2800USB_UNKNOWN=y CONFIG_RT2800PCI=m CONFIG_RT2800PCI_RT3290=y @@ -1530,7 +1688,6 @@ CONFIG_RT2800PCI_RT53XX=y CONFIG_RT73USB=m CONFIG_RTL8180=m CONFIG_RTL8187=m -# CONFIG_RTLWIFI_DEBUG is not set # CONFIG_USB_ZD1201 is not set CONFIG_USB_NET_RNDIS_WLAN=m CONFIG_USB_NET_KALMIA=m @@ -1551,10 +1708,14 @@ CONFIG_WL1251=m CONFIG_WL1251_SPI=m CONFIG_WL1251_SDIO=m +CONFIG_RTL_CARDS=m +CONFIG_RTLWIFI=m CONFIG_RTL8192CE=m CONFIG_RTL8192SE=m CONFIG_RTL8192CU=m CONFIG_RTL8192DE=m +CONFIG_RTL8723AE=m +CONFIG_RTL8188EE=m CONFIG_MWIFIEX=m CONFIG_MWIFIEX_SDIO=m @@ -1606,13 +1767,16 @@ CONFIG_NFC_NCI=m CONFIG_NFC_HCI=m CONFIG_NFC_SHDLC=y CONFIG_NFC_LLCP=y +CONFIG_NFC_SIM=m # # Near Field Communication (NFC) devices # -CONFIG_PN544_NFC=m -CONFIG_PN544_HCI_NFC=m +CONFIG_NFC_PN544=m +CONFIG_NFC_PN544_I2C=m CONFIG_NFC_PN533=m +CONFIG_NFC_MICROREAD=m +CONFIG_NFC_MICROREAD_I2C=m # # IrDA (infrared) support @@ -1848,6 +2012,7 @@ CONFIG_INPUT_POLLDEV=m CONFIG_INPUT_SPARSEKMAP=m # CONFIG_INPUT_ADXL34X is not set # CONFIG_INPUT_BMA150 is not set +# CONFIG_INPUT_IMS_PCU is not set CONFIG_INPUT_CMA3000=m CONFIG_INPUT_CMA3000_I2C=m @@ -1865,8 +2030,11 @@ CONFIG_SERIO_SERPORT=y CONFIG_SERIO_RAW=m CONFIG_SERIO_ALTERA_PS2=m # CONFIG_SERIO_PS2MULT is not set +CONFIG_SERIO_ARC_PS2=m +# CONFIG_SERIO_APBPS2 is not set # CONFIG_SERIO_CT82C710 is not set +# CONFIG_SERIO_OLPC_APSP is not set # CONFIG_SERIO_PARKBD is not set # CONFIG_SERIO_PCIPS2 is not set @@ -1906,6 +2074,7 @@ CONFIG_MOUSE_APPLETOUCH=m CONFIG_MOUSE_BCM5974=m CONFIG_MOUSE_SYNAPTICS_I2C=m CONFIG_MOUSE_SYNAPTICS_USB=m +CONFIG_MOUSE_CYAPA=m CONFIG_INPUT_JOYSTICK=y CONFIG_JOYSTICK_ANALOG=m CONFIG_JOYSTICK_A3D=m @@ -1943,6 +2112,7 @@ CONFIG_INPUT_TOUCHSCREEN=y CONFIG_TOUCHSCREEN_AD7879_I2C=m # CONFIG_TOUCHSCREEN_CY8CTMG110 is not set # CONFIG_TOUCHSCREEN_CYTTSP_CORE is not set +# CONFIG_TOUCHSCREEN_CYTTSP4_CORE is not set CONFIG_TOUCHSCREEN_DYNAPRO=m CONFIG_TOUCHSCREEN_EDT_FT5X06=m CONFIG_TOUCHSCREEN_EETI=m @@ -1976,9 +2146,12 @@ CONFIG_TOUCHSCREEN_W90X900=m CONFIG_TOUCHSCREEN_ST1232=m CONFIG_TOUCHSCREEN_ATMEL_MXT=m # CONFIG_TOUCHSCREEN_MAX11801 is not set +CONFIG_TOUCHSCREEN_AUO_PIXCIR=m +CONFIG_TOUCHSCREEN_TI_AM335X_TSC=m CONFIG_INPUT_MISC=y CONFIG_INPUT_PCSPKR=m +CONFIG_INPUT_RETU_PWRBUTTON=m CONFIG_INPUT_UINPUT=m CONFIG_INPUT_WISTRON_BTNS=m CONFIG_INPUT_ATLAS_BTNS=m @@ -2014,20 +2187,24 @@ CONFIG_N_HDLC=m CONFIG_N_GSM=m # CONFIG_TRACE_SINK is not set # CONFIG_STALDRV is not set +# CONFIG_DUMMY_IRQ is not set # CONFIG_IBM_ASM is not set CONFIG_TIFM_CORE=m CONFIG_TIFM_7XX1=m CONFIG_TCG_TPM=m CONFIG_TCG_TIS=m +# CONFIG_TCG_TIS_I2C_INFINEON is not set CONFIG_TCG_NSC=m CONFIG_TCG_ATMEL=m # CONFIG_TCG_INFINEON is not set +# CONFIG_TCG_ST33_I2C is not set CONFIG_TELCLOCK=m # # Serial drivers # CONFIG_SERIAL_8250=y +# CONFIG_SERIAL_8250_DEPRECATED_OPTIONS is not set CONFIG_SERIAL_8250_CONSOLE=y CONFIG_SERIAL_8250_CS=m CONFIG_SERIAL_8250_NR_UARTS=32 @@ -2045,6 +2222,7 @@ CONFIG_CYCLADES=m # CONFIG_ISI is not set # CONFIG_RIO is not set CONFIG_SERIAL_JSM=m +# CONFIG_SERIAL_SCCNXP is not set # CONFIG_SERIAL_MFD_HSU is not set # CONFIG_SERIAL_ALTERA_JTAGUART is not set @@ -2053,6 +2231,7 @@ CONFIG_SERIAL_JSM=m # # Non-8250 serial port support # +# CONFIG_SERIAL_KGDB_NMI is not set CONFIG_SERIAL_CORE=y CONFIG_SERIAL_CORE_CONSOLE=y # CONFIG_SERIAL_XILINX_PS_UART is not set @@ -2099,6 +2278,8 @@ CONFIG_I2C_ALGOPCA=m # CONFIG_I2C_NFORCE2_S4985 is not set # CONFIG_I2C_INTEL_MID is not set # CONFIG_I2C_EG20T is not set +# CONFIG_I2C_CBUS_GPIO is not set +CONFIG_I2C_VIPERBOARD=m CONFIG_EEPROM_AT24=m CONFIG_EEPROM_LEGACY=m @@ -2141,6 +2322,8 @@ CONFIG_SENSORS_ADM1026=m CONFIG_SENSORS_ADM1029=m CONFIG_SENSORS_ADM1031=m CONFIG_SENSORS_ADM9240=m +CONFIG_SENSORS_ADT7310=m +CONFIG_SENSORS_ADT7410=m CONFIG_SENSORS_ADS7828=m CONFIG_SENSORS_ADT7462=m CONFIG_SENSORS_ADT7470=m @@ -2157,6 +2340,7 @@ CONFIG_SENSORS_F71882FG=m CONFIG_SENSORS_F75375S=m CONFIG_SENSORS_FSCHMD=m CONFIG_SENSORS_G760A=m +CONFIG_SENSORS_G762=m CONFIG_SENSORS_GL518SM=m CONFIG_SENSORS_GL520SM=m CONFIG_SENSORS_HDAPS=m @@ -2181,10 +2365,13 @@ CONFIG_SENSORS_LM87=m CONFIG_SENSORS_LM90=m CONFIG_SENSORS_LM92=m CONFIG_SENSORS_LM93=m +CONFIG_SENSORS_LM95234=m CONFIG_SENSORS_LTC4245=m CONFIG_SENSORS_MAX1619=m CONFIG_SENSORS_MAX6650=m +CONFIG_SENSORS_MAX6697=m CONFIG_SENSORS_MCP3021=m +CONFIG_SENSORS_NCT6775=m CONFIG_SENSORS_NTC_THERMISTOR=m CONFIG_SENSORS_PC87360=m CONFIG_SENSORS_PC87427=m @@ -2224,6 +2411,7 @@ CONFIG_SENSORS_WM831X=m CONFIG_SENSORS_LM73=m CONFIG_SENSORS_AMC6821=m CONFIG_SENSORS_INA2XX=m +CONFIG_SENSORS_INA209=m CONFIG_SENSORS_ADT7411=m CONFIG_SENSORS_ASC7621=m CONFIG_SENSORS_EMC1403=m @@ -2260,6 +2448,7 @@ CONFIG_SENSORS_LTC2978=m CONFIG_SENSORS_MAX34440=m CONFIG_SENSORS_MAX8688=m CONFIG_SENSORS_MAX1668=m +CONFIG_SENSORS_MAX197=m # CONFIG_HMC6352 is not set # CONFIG_BMP085 is not set @@ -2267,8 +2456,33 @@ CONFIG_SENSORS_MAX1668=m # CONFIG_PCH_PHUB is not set # CONFIG_SERIAL_PCH_UART is not set # CONFIG_USB_SWITCH_FSA9480 is not set +# CONFIG_SRAM is not set +CONFIG_SERIAL_ARC=m +CONFIG_SERIAL_ARC_NR_PORTS=1 +# CONFIG_SERIAL_RP2 is not set +# CONFIG_SERIAL_FSL_LPUART is not set -# CONFIG_W1 is not set +CONFIG_W1=m +CONFIG_W1_CON=y +# CONFIG_W1_MASTER_MATROX is not set +CONFIG_W1_MASTER_DS2490=m +CONFIG_W1_MASTER_DS2482=m +CONFIG_W1_MASTER_DS1WM=m +# CONFIG_HDQ_MASTER_OMAP is not set +CONFIG_W1_SLAVE_THERM=m +CONFIG_W1_SLAVE_SMEM=m +CONFIG_W1_SLAVE_DS2408=m +# CONFIG_W1_SLAVE_DS2408_READBACK is not set +CONFIG_W1_SLAVE_DS2413=m +CONFIG_W1_SLAVE_DS2423=m +CONFIG_W1_SLAVE_DS2431=m +CONFIG_W1_SLAVE_DS2433=m +CONFIG_W1_SLAVE_DS2433_CRC=y +CONFIG_W1_SLAVE_DS2760=m +CONFIG_W1_SLAVE_DS2780=m +CONFIG_W1_SLAVE_DS2781=m +CONFIG_W1_SLAVE_DS28E04=m +CONFIG_W1_SLAVE_BQ27000=m # # Mice @@ -2325,15 +2539,18 @@ CONFIG_WM831X_WATCHDOG=m # CONFIG_MAX63XX_WATCHDOG is not set # CONFIG_DW_WATCHDOG is not set CONFIG_W83697UG_WDT=m +# CONFIG_MEN_A21_WDT is not set CONFIG_HW_RANDOM=y CONFIG_HW_RANDOM_TIMERIOMEM=m +CONFIG_HW_RANDOM_TPM=m # CONFIG_NVRAM is not set # CONFIG_RTC is not set # CONFIG_RTC_DEBUG is not set # CONFIG_GEN_RTC is not set CONFIG_RTC_CLASS=y CONFIG_RTC_HCTOSYS=y +# CONFIG_RTC_SYSTOHC is not set CONFIG_RTC_HCTOSYS_DEVICE="rtc0" CONFIG_RTC_INTF_SYSFS=y CONFIG_RTC_INTF_PROC=y @@ -2354,13 +2571,16 @@ CONFIG_RTC_DRV_M41T80_WDT=y CONFIG_RTC_DRV_M48T59=m CONFIG_RTC_DRV_MAX6900=m # CONFIG_RTC_DRV_M48T86 is not set +CONFIG_RTC_DRV_PCF2127=m CONFIG_RTC_DRV_PCF8563=m CONFIG_RTC_DRV_PCF8583=m CONFIG_RTC_DRV_RS5C372=m # CONFIG_RTC_DRV_SA1100 is not set # CONFIG_RTC_DRV_TEST is not set CONFIG_RTC_DRV_X1205=m +CONFIG_RTC_DRV_PCF8523=m CONFIG_RTC_DRV_V3020=m +CONFIG_RTC_DRV_DS2404=m CONFIG_RTC_DRV_STK17TA8=m # CONFIG_RTC_DRV_S35390A is not set CONFIG_RTC_DRV_RX8581=m @@ -2376,6 +2596,10 @@ CONFIG_RTC_DRV_MSM6242=m CONFIG_RTC_DRV_RP5C01=m CONFIG_RTC_DRV_EM3027=m CONFIG_RTC_DRV_RV3029C2=m +CONFIG_RTC_DRV_PCF50633=m +CONFIG_RTC_DRV_DS3232=m +CONFIG_RTC_DRV_ISL12022=m +# CONFIG_RTC_DRV_HID_SENSOR_TIME is not set CONFIG_R3964=m # CONFIG_APPLICOM is not set @@ -2402,13 +2626,14 @@ CONFIG_VGA_ARB_MAX_GPUS=16 # CONFIG_STUB_POULSBO is not set CONFIG_DRM=m -# CONFIG_DRM_LOAD_EDID_FIRMWARE is not set +CONFIG_DRM_LOAD_EDID_FIRMWARE=y CONFIG_DRM_AST=m # do not enable on f17 or older CONFIG_DRM_CIRRUS_QEMU=m # do not enable on f17 or older # CONFIG_DRM_TDFX is not set # CONFIG_DRM_R128 is not set CONFIG_DRM_RADEON=m CONFIG_DRM_RADEON_KMS=y +# CONFIG_DRM_RADEON_UMS is not set # CONFIG_DRM_I810 is not set # CONFIG_DRM_MGA is not set CONFIG_DRM_MGAG200=m # do not enable on f17 or older @@ -2418,14 +2643,19 @@ CONFIG_DRM_I915=m CONFIG_DRM_I915_KMS=y CONFIG_DRM_VIA=m CONFIG_DRM_NOUVEAU=m +CONFIG_NOUVEAU_DEBUG=5 +CONFIG_NOUVEAU_DEBUG_DEFAULT=3 CONFIG_DRM_NOUVEAU_BACKLIGHT=y CONFIG_DRM_NOUVEAU_DEBUG=y # CONFIG_DRM_PSB is not set CONFIG_DRM_I2C_CH7006=m CONFIG_DRM_I2C_SIL164=m +CONFIG_DRM_I2C_NXP_TDA998X=m CONFIG_DRM_UDL=m CONFIG_DRM_VMWGFX=m +CONFIG_DRM_VMWGFX_FBCON=y CONFIG_DRM_VGEM=m +CONFIG_DRM_QXL=m # # PCMCIA character devices @@ -2440,6 +2670,8 @@ CONFIG_RAW_DRIVER=y CONFIG_MAX_RAW_DEVS=8192 CONFIG_HANGCHECK_TIMER=m +CONFIG_MEDIA_USB_SUPPORT=y +CONFIG_MEDIA_PCI_SUPPORT=y # # Multimedia devices # @@ -2454,6 +2686,7 @@ CONFIG_VIDEO_DEV=m # CONFIG_VIDEO_ADV_DEBUG is not set CONFIG_VIDEO_HELPER_CHIPS_AUTO=y CONFIG_VIDEO_V4L2=y +# CONFIG_VIDEO_V4L2_INT_DEVICE is not set CONFIG_VIDEO_V4L2_SUBDEV_API=y # CONFIG_VIDEO_VIVI is not set @@ -2468,6 +2701,7 @@ CONFIG_V4L_USB_DRIVERS=y CONFIG_VIDEO_CAPTURE_DRIVERS=y CONFIG_V4L_PCI_DRIVERS=y CONFIG_VIDEO_AU0828=m +CONFIG_VIDEO_AU0828_V4L2=y CONFIG_VIDEO_BT848=m CONFIG_VIDEO_BT848_DVB=y CONFIG_VIDEO_BWQCAM=m @@ -2497,6 +2731,7 @@ CONFIG_VIDEO_CX231XX_RC=y CONFIG_VIDEO_HEXIUM_ORION=m CONFIG_VIDEO_HEXIUM_GEMINI=m CONFIG_VIDEO_IVTV=m +# CONFIG_VIDEO_IVTV_ALSA is not set CONFIG_VIDEO_MEYE=m CONFIG_VIDEO_MXB=m CONFIG_VIDEO_PVRUSB2_DVB=y @@ -2508,6 +2743,8 @@ CONFIG_VIDEO_SAA7134_ALSA=m CONFIG_VIDEO_SAA7134_DVB=m CONFIG_VIDEO_SAA7134_RC=y CONFIG_VIDEO_USBVISION=m +CONFIG_VIDEO_STK1160=m +CONFIG_VIDEO_STK1160_AC97=y CONFIG_VIDEO_W9966=m CONFIG_VIDEO_ZORAN=m CONFIG_VIDEO_ZORAN_AVS6EYES=m @@ -2528,6 +2765,7 @@ CONFIG_VIDEO_TLG2300=m # CONFIG_VIDEO_TIMBERDALE is not set # CONFIG_VIDEO_M5MOLS is not set # CONFIG_EXYNOS_VIDEO is not set +CONFIG_VIDEO_USBTV=m CONFIG_USB_VIDEO_CLASS=m CONFIG_USB_VIDEO_CLASS_INPUT_EVDEV=y @@ -2571,6 +2809,9 @@ CONFIG_DVB_BT8XX=m CONFIG_DVB_BUDGET_CORE=m CONFIG_DVB_PLUTO2=m CONFIG_SMS_SIANO_MDTV=m +CONFIG_SMS_SIANO_RC=y +# CONFIG_SMS_SIANO_DEBUGFS is not set +CONFIG_MEDIA_SUBDRV_AUTOSELECT=y CONFIG_SMS_USB_DRV=m CONFIG_SMS_SDIO_DRV=m CONFIG_DVB_TTUSB_DEC=m @@ -2588,6 +2829,7 @@ CONFIG_DVB_FIREDTV=m CONFIG_DVB_NGENE=m CONFIG_DVB_DDBRIDGE=m CONFIG_DVB_USB_TECHNISAT_USB2=m +CONFIG_DVB_USB_V2=m CONFIG_DVB_AV7110=m CONFIG_DVB_AV7110_OSD=y @@ -2600,7 +2842,10 @@ CONFIG_DVB_TTUSB_BUDGET=m CONFIG_DVB_USB_CINERGY_T2=m CONFIG_DVB_B2C2_FLEXCOP=m +# CONFIG_DVB_B2C2_FLEXCOP_USB_DEBUG is not set + CONFIG_DVB_B2C2_FLEXCOP_PCI=m +# CONFIG_DVB_B2C2_FLEXCOP_PCI_DEBUG is not set CONFIG_DVB_B2C2_FLEXCOP_USB=m # CONFIG_DVB_B2C2_FLEXCOP_DEBUG is not set CONFIG_DVB_USB=m @@ -2672,9 +2917,14 @@ CONFIG_IR_ENE=m CONFIG_IR_STREAMZAP=m CONFIG_IR_WINBOND_CIR=m CONFIG_IR_IGUANA=m +CONFIG_IR_TTUSBIR=m CONFIG_IR_GPIO_CIR=m CONFIG_V4L_MEM2MEM_DRIVERS=y +# CONFIG_VIDEO_MEM2MEM_DEINTERLACE is not set +# CONFIG_VIDEO_SH_VEU is not set +# CONFIG_V4L_TEST_DRIVERS is not set + # CONFIG_VIDEO_MEM2MEM_TESTDEV is not set # @@ -2737,6 +2987,7 @@ CONFIG_FB_I810_I2C=y # CONFIG_FB_S1D13XXX is not set # CONFIG_FB_S3 is not set # CONFIG_FB_SAVAGE is not set +# CONFIG_FB_SIMPLE is not set # CONFIG_FB_SIS is not set # CONFIG_FB_SM501 is not set # CONFIG_FB_SMSCUFX is not set @@ -2758,6 +3009,7 @@ CONFIG_FB_EFI=y # CONFIG_FB_TMIO is not set # CONFIG_FB_BROADSHEET is not set # CONFIG_FB_UDL is not set +# CONFIG_FB_GOLDFISH is not set # CONFIG_FIRMWARE_EDID is not set @@ -2805,6 +3057,7 @@ CONFIG_SND_PCM_OSS=y CONFIG_SND_PCM_OSS_PLUGINS=y CONFIG_SND_RTCTIMER=y CONFIG_SND_DYNAMIC_MINORS=y +CONFIG_SND_MAX_CARDS=32 # CONFIG_SND_SUPPORT_OLD_API is not set # @@ -2880,7 +3133,9 @@ CONFIG_SND_HDA_CODEC_CONEXANT=y CONFIG_SND_HDA_CODEC_CMEDIA=y CONFIG_SND_HDA_CODEC_SI3054=y CONFIG_SND_HDA_CODEC_HDMI=y +CONFIG_SND_HDA_I915=y CONFIG_SND_HDA_CODEC_CA0132=y +CONFIG_SND_HDA_CODEC_CA0132_DSP=y CONFIG_SND_HDA_GENERIC=y CONFIG_SND_HDA_POWER_SAVE=y CONFIG_SND_HDA_POWER_SAVE_DEFAULT=0 @@ -2926,6 +3181,7 @@ CONFIG_SND_USB_USX2Y=m CONFIG_SND_USB_US122L=m CONFIG_SND_USB_UA101=m CONFIG_SND_USB_6FIRE=m +CONFIG_SND_USB_HIFACE=m # # PCMCIA devices @@ -2935,6 +3191,7 @@ CONFIG_SND_USB_6FIRE=m CONFIG_SND_FIREWIRE=y CONFIG_SND_FIREWIRE_SPEAKERS=m CONFIG_SND_ISIGHT=m +CONFIG_SND_SCS1X=m # # Open Sound System @@ -2959,6 +3216,7 @@ CONFIG_USB_SUPPORT=y # Deprecated. # CONFIG_USB_DEVICEFS is not set +CONFIG_USB_DEFAULT_PERSIST=y # CONFIG_USB_DYNAMIC_MINORS is not set CONFIG_USB_SUSPEND=y @@ -2971,6 +3229,7 @@ CONFIG_USB_EHCI_TT_NEWSCHED=y # CONFIG_USB_EHCI_MV is not set # CONFIG_USB_EHCI_HCD_PLATFORM is not set CONFIG_USB_OHCI_HCD=y +CONFIG_USB_OHCI_HCD_PCI=y # CONFIG_USB_OHCI_HCD_SSB is not set # CONFIG_USB_OHCI_HCD_PLATFORM is not set CONFIG_USB_UHCI_HCD=y @@ -2981,6 +3240,7 @@ CONFIG_USB_SL811_HCD_ISO=y CONFIG_USB_XHCI_HCD=y # CONFIG_USB_XHCI_HCD_DEBUGGING is not set CONFIG_USB_ISP1362_HCD=m +CONFIG_USB_FUSBH200_HCD=m # # USB Device Class drivers @@ -3011,7 +3271,7 @@ CONFIG_USB_STORAGE_REALTEK=m CONFIG_REALTEK_AUTOPM=y CONFIG_USB_STORAGE_ENE_UB6250=m # CONFIG_USB_LIBUSUAL is not set -CONFIG_USB_UAS=m +# CONFIG_USB_UAS is not set # @@ -3022,6 +3282,7 @@ CONFIG_USB_HID=y CONFIG_HID_SUPPORT=y CONFIG_HID=y +CONFIG_I2C_HID=m CONFIG_HID_BATTERY_STRENGTH=y # debugging default is y upstream now CONFIG_HIDRAW=y @@ -3048,9 +3309,11 @@ CONFIG_HID_MULTITOUCH=m CONFIG_HID_NTRIG=y CONFIG_HID_QUANTA=y CONFIG_HID_PRIMAX=m +CONFIG_HID_PS3REMOTE=m CONFIG_HID_PRODIKEYS=m CONFIG_HID_DRAGONRISE=m CONFIG_HID_GYRATION=m +CONFIG_HID_ICADE=m CONFIG_HID_TWINHAN=m CONFIG_HID_ORTEK=m CONFIG_HID_PANTHERLORD=m @@ -3061,14 +3324,18 @@ CONFIG_HID_ROCCAT_KONE=m CONFIG_HID_SAMSUNG=m CONFIG_HID_SONY=m CONFIG_HID_SUNPLUS=m +CONFIG_HID_STEELSERIES=m CONFIG_HID_GREENASIA=m CONFIG_HID_SMARTJOYPLUS=m CONFIG_HID_TOPSEED=m +CONFIG_HID_THINGM=m CONFIG_HID_THRUSTMASTER=m CONFIG_HID_ZEROPLUS=m CONFIG_HID_ZYDACRON=m +CONFIG_HID_SENSOR_HUB=m CONFIG_HID_EMS_FF=m CONFIG_HID_ELECOM=m +CONFIG_HID_ELO=m CONFIG_HID_UCLOGIC=m CONFIG_HID_WALTOP=m CONFIG_HID_ROCCAT_PYRA=m @@ -3083,6 +3350,7 @@ CONFIG_HID_ROCCAT_ISKU=m CONFIG_HID_ROCCAT_KOVAPLUS=m CONFIG_HID_HOLTEK=m CONFIG_HOLTEK_FF=y +CONFIG_HID_HUION=m CONFIG_HID_SPEEDLINK=m CONFIG_HID_WIIMOTE=m CONFIG_HID_WIIMOTE_EXT=y @@ -3091,6 +3359,7 @@ CONFIG_HID_SAITEK=m CONFIG_HID_TIVO=m CONFIG_HID_GENERIC=y CONFIG_HID_AUREAL=m +CONFIG_HID_APPLEIR=m # @@ -3168,9 +3437,11 @@ CONFIG_USB_HSO=m CONFIG_USB_KAWETH=m CONFIG_USB_PEGASUS=m CONFIG_USB_RTL8150=m +CONFIG_USB_RTL8152=m CONFIG_USB_USBNET=m CONFIG_USB_SPEEDTOUCH=m CONFIG_USB_NET_AX8817X=m +CONFIG_USB_NET_AX88179_178A=m CONFIG_USB_NET_DM9601=m CONFIG_USB_NET_SMSC95XX=m CONFIG_USB_NET_GL620A=m @@ -3181,6 +3452,7 @@ CONFIG_USB_NET_RNDIS_HOST=m CONFIG_USB_NET_CDC_SUBSET=m CONFIG_USB_NET_CDC_EEM=m CONFIG_USB_NET_CDC_NCM=m +CONFIG_USB_NET_CDC_MBIM=m CONFIG_USB_NET_ZAURUS=m CONFIG_USB_NET_CX82310_ETH=m CONFIG_USB_NET_INT51X1=m @@ -3258,6 +3530,8 @@ CONFIG_USB_SERIAL_MCT_U232=m CONFIG_USB_SERIAL_MOS7720=m CONFIG_USB_SERIAL_MOS7715_PARPORT=y # CONFIG_USB_SERIAL_ZIO is not set +# CONFIG_USB_SERIAL_WISHBONE is not set +# CONFIG_USB_SERIAL_ZTE is not set CONFIG_USB_SERIAL_MOS7840=m CONFIG_USB_SERIAL_MOTOROLA=m CONFIG_USB_SERIAL_NAVMAN=m @@ -3278,10 +3552,12 @@ CONFIG_USB_SERIAL_WHITEHEAT=m CONFIG_USB_SERIAL_XIRCOM=m CONFIG_USB_SERIAL_QCAUX=m CONFIG_USB_SERIAL_VIVOPAY_SERIAL=m +CONFIG_USB_SERIAL_XSENS_MT=m CONFIG_USB_SERIAL_DEBUG=m CONFIG_USB_SERIAL_SSU100=m CONFIG_USB_SERIAL_QT2=m - +CONFIG_USB_SERIAL_FLASHLOADER=m +CONFIG_USB_SERIAL_SUUNTO=m CONFIG_USB_SERIAL_CONSOLE=y CONFIG_USB_EZUSB=y @@ -3298,6 +3574,17 @@ CONFIG_USB_ADUTUX=m CONFIG_USB_SEVSEG=m CONFIG_USB_ALI_M5632=y CONFIG_USB_APPLEDISPLAY=m + +# Physical Layer USB driver +CONFIG_USB_PHY=y + +# CONFIG_OMAP_USB2 is not set +# CONFIG_OMAP_USB3 is not set +# CONFIG_OMAP_CONTROL_USB is not set +# CONFIG_SAMSUNG_USBPHY is not set +# CONFIG_SAMSUNG_USB2PHY is not set +# CONFIG_SAMSUNG_USB3PHY is not set +CONFIG_USB_RCAR_PHY=m CONFIG_USB_ATM=m CONFIG_USB_CXACRU=m # CONFIG_USB_C67X00_HCD is not set @@ -3316,6 +3603,8 @@ CONFIG_USB_FILE_STORAGE=m CONFIG_USB_IOWARRIOR=m CONFIG_USB_ISIGHTFW=m CONFIG_USB_YUREX=m +CONFIG_USB_EZUSB_FX2=m +CONFIG_USB_HSIC_USB3503=m CONFIG_USB_LCD=m CONFIG_USB_LD=m CONFIG_USB_LEGOTOWER=m @@ -3328,6 +3617,7 @@ CONFIG_USB_SISUSBVGA=m CONFIG_USB_SISUSBVGA_CON=y CONFIG_RADIO_SI470X=y CONFIG_USB_KEENE=m +CONFIG_USB_MA901=m CONFIG_USB_SI470X=m CONFIG_I2C_SI470X=m CONFIG_RADIO_SI4713=m @@ -3341,6 +3631,8 @@ CONFIG_USB_UEAGLEATM=m CONFIG_USB_XUSBATM=m CONFIG_USB_ZERO=m +# CONFIG_USB_DWC2 is not set + CONFIG_USB_ANNOUNCE_NEW_DEVICES=y # CONFIG_USB_ISP1301 is not set @@ -3357,6 +3649,7 @@ CONFIG_SSB_PCMCIAHOST=y # CONFIG_SSB_SILENT is not set # CONFIG_SSB_DEBUG is not set CONFIG_SSB_DRIVER_PCICORE=y +CONFIG_SSB_DRIVER_GPIO=y # Multifunction USB devices # CONFIG_MFD_PCF50633 is not set @@ -3365,14 +3658,15 @@ CONFIG_PCF50633_GPIO=m # CONFIG_AB3100_CORE is not set CONFIG_INPUT_PCF50633_PMU=m CONFIG_INPUT_GPIO_ROTARY_ENCODER=m -CONFIG_RTC_DRV_PCF50633=m -CONFIG_RTC_DRV_DS3232=m -CONFIG_RTC_DRV_ISL12022=m CONFIG_MFD_SUPPORT=y CONFIG_MFD_VX855=m CONFIG_MFD_SM501=m CONFIG_MFD_SM501_GPIO=y +CONFIG_MFD_RTSX_PCI=m +# CONFIG_MFD_TI_AM335X_TSCADC is not set +CONFIG_MFD_VIPERBOARD=m +# CONFIG_MFD_RETU is not set # CONFIG_MFD_TC6393XB is not set # CONFIG_MFD_WM8400 is not set # CONFIG_MFD_WM8350_I2C is not set @@ -3392,6 +3686,7 @@ CONFIG_MFD_SM501_GPIO=y # CONFIG_ABX500_CORE is not set # CONFIG_MFD_RDC321X is not set # CONFIG_MFD_JANZ_CMODIO is not set +# CONFIG_MFD_KEMPLD is not set # CONFIG_MFD_WM831X_I2C is not set # CONFIG_MFD_CS5535 is not set # CONFIG_MFD_STMPE is not set @@ -3404,6 +3699,10 @@ CONFIG_MFD_SM501_GPIO=y # CONFIG_MFD_MC13XXX_I2C is not set # CONFIG_MFD_ARIZONA is not set # CONFIG_MFD_ARIZONA_I2C is not set +# CONFIG_MFD_CROS_EC is not set +# CONFIG_MFD_SI476X_CORE is not set +# CONFIG_MFD_TPS65912 is not set +# CONFIG_MFD_SYSCON is not set # # File systems @@ -3504,6 +3803,7 @@ CONFIG_DEBUG_FS=y # CONFIG_ADFS_FS is not set CONFIG_AFFS_FS=m CONFIG_ECRYPT_FS=m +# CONFIG_ECRYPT_FS_MESSAGING is not set CONFIG_HFS_FS=m CONFIG_HFSPLUS_FS=m CONFIG_BEFS_FS=m @@ -3531,9 +3831,11 @@ CONFIG_UFS_FS=m CONFIG_9P_FS=m CONFIG_9P_FSCACHE=y CONFIG_9P_FS_POSIX_ACL=y +CONFIG_9P_FS_SECURITY=y CONFIG_FUSE_FS=m # CONFIG_OMFS_FS is not set CONFIG_CUSE=m +# CONFIG_F2FS_FS is not set # # Network File Systems @@ -3544,13 +3846,15 @@ CONFIG_NFS_V2=y CONFIG_NFS_V3=y CONFIG_NFS_V3_ACL=y CONFIG_NFS_V4=y -# CONFIG_NFS_SWAP is not set +CONFIG_NFS_SWAP=y CONFIG_NFS_V4_1=y CONFIG_NFS_V4_1_IMPLEMENTATION_ID_DOMAIN="kernel.org" +CONFIG_NFS_V4_2=y CONFIG_NFSD=m CONFIG_NFSD_V3=y CONFIG_NFSD_V3_ACL=y CONFIG_NFSD_V4=y +CONFIG_NFSD_V4_SECURITY_LABEL=y CONFIG_NFS_FSCACHE=y # CONFIG_NFS_USE_LEGACY_DNS is not set CONFIG_PNFS_OBJLAYOUT=m @@ -3566,12 +3870,14 @@ CONFIG_RPCSEC_GSS_KRB5=m CONFIG_CIFS=m CONFIG_CIFS_STATS=y # CONFIG_CIFS_STATS2 is not set +CONFIG_CIFS_SMB2=y CONFIG_CIFS_UPCALL=y CONFIG_CIFS_XATTR=y CONFIG_CIFS_POSIX=y CONFIG_CIFS_FSCACHE=y CONFIG_CIFS_ACL=y CONFIG_CIFS_WEAK_PW_HASH=y +CONFIG_CIFS_DEBUG=y # CONFIG_CIFS_DEBUG2 is not set CONFIG_CIFS_DFS_UPCALL=y CONFIG_CIFS_NFSD_EXPORT=y @@ -3599,6 +3905,8 @@ CONFIG_BTRFS_FS=m CONFIG_BTRFS_FS_POSIX_ACL=y # Maybe see if we want this on for debug kernels? # CONFIG_BTRFS_FS_CHECK_INTEGRITY is not set +# CONFIG_BTRFS_FS_RUN_SANITY_TESTS is not set +# CONFIG_BTRFS_DEBUG is not set CONFIG_CONFIGFS_FS=y @@ -3607,19 +3915,25 @@ CONFIG_DLM_DEBUG=y CONFIG_GFS2_FS=m CONFIG_GFS2_FS_LOCKING_DLM=y -# CONFIG_UBIFS_FS is not set + +CONFIG_UBIFS_FS=m +CONFIG_UBIFS_FS_XATTR=y +# CONFIG_UBIFS_FS_ADVANCED_COMPR is not set +# CONFIG_UBIFS_FS_DEBUG is not set # # Partition Types # CONFIG_PARTITION_ADVANCED=y # CONFIG_ACORN_PARTITION is not set +CONFIG_AIX_PARTITION=y CONFIG_AMIGA_PARTITION=y # CONFIG_ATARI_PARTITION is not set CONFIG_BSD_DISKLABEL=y CONFIG_EFI_PARTITION=y CONFIG_KARMA_PARTITION=y -# CONFIG_LDM_PARTITION is not set +CONFIG_LDM_PARTITION=y +# CONFIG_LDM_DEBUG is not set CONFIG_MAC_PARTITION=y CONFIG_MSDOS_PARTITION=y CONFIG_MINIX_SUBPARTITION=y @@ -3733,20 +4047,20 @@ CONFIG_DEBUG_NX_TEST=m CONFIG_DEBUG_SET_MODULE_RONX=y CONFIG_DEBUG_BOOT_PARAMS=y CONFIG_DEBUG_VM=y +# CONFIG_DEBUG_VM_RB is not set # revisit this if performance isn't horrible # CONFIG_DEBUG_STRICT_USER_COPY_CHECKS is not set CONFIG_LOCKUP_DETECTOR=y # CONFIG_DEBUG_INFO_REDUCED is not set # CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC is not set # CONFIG_BOOTPARAM_HARDLOCKUP_PANIC is not set +# CONFIG_PANIC_ON_OOPS is not set CONFIG_ATOMIC64_SELFTEST=y CONFIG_MEMORY_FAILURE=y CONFIG_HWPOISON_INJECT=m CONFIG_CROSS_MEMORY_ATTACH=y # CONFIG_DEBUG_SECTION_MISMATCH is not set # CONFIG_BACKTRACE_SELF_TEST is not set -CONFIG_LATENCYTOP=y CONFIG_RESOURCE_COUNTERS=y -# CONFIG_MEMCG is not set # CONFIG_COMPAT_BRK is not set # CONFIG_DEBUG_VIRTUAL is not set # CONFIG_DEBUG_BLOCK_EXT_DEVT is not set @@ -3787,7 +4101,13 @@ CONFIG_SECURITY_SELINUX_AVC_STATS=y # CONFIG_SECURITY_YAMA is not set CONFIG_AUDIT=y CONFIG_AUDITSYSCALL=y -# CONFIG_AUDIT_LOGINUID_IMMUTABLE is not set +# http://lists.fedoraproject.org/pipermail/kernel/2013-February/004125.html +CONFIG_AUDIT_LOGINUID_IMMUTABLE=y + +CONFIG_SECCOMP=y +CONFIG_STRICT_DEVMEM=y + +# CONFIG_SSBI is not set # # Cryptographic options @@ -3813,6 +4133,7 @@ CONFIG_CRYPTO_CAST6=m CONFIG_CRYPTO_CBC=y CONFIG_CRYPTO_CCM=m CONFIG_CRYPTO_CRC32C=y +CONFIG_CRYPTO_CRC32=m CONFIG_CRYPTO_CTR=y CONFIG_CRYPTO_CTS=m CONFIG_CRYPTO_DEFLATE=m @@ -3821,10 +4142,13 @@ CONFIG_CRYPTO_ECB=y CONFIG_CRYPTO_FCRYPT=m CONFIG_CRYPTO_GCM=m CONFIG_CRYPTO_GF128MUL=m +CONFIG_CRYPTO_CMAC=m CONFIG_CRYPTO_HMAC=y CONFIG_CRYPTO_KHAZAD=m CONFIG_CRYPTO_LRW=m CONFIG_CRYPTO_LZO=m +CONFIG_CRYPTO_LZ4=m +CONFIG_CRYPTO_LZ4HC=m CONFIG_CRYPTO_MD4=m CONFIG_CRYPTO_MD5=m CONFIG_CRYPTO_MICHAEL_MIC=m @@ -3883,6 +4207,8 @@ CONFIG_ZLIB_DEFLATE=m CONFIG_INITRAMFS_SOURCE="" CONFIG_KEYS=y +CONFIG_PERSISTENT_KEYRINGS=y +CONFIG_BIG_KEYS=m CONFIG_TRUSTED_KEYS=m CONFIG_ENCRYPTED_KEYS=m CONFIG_KEYS_DEBUG_PROC_KEYS=y @@ -3897,6 +4223,8 @@ CONFIG_BACKLIGHT_CLASS_DEVICE=m CONFIG_BACKLIGHT_PROGEAR=m # CONFIG_BACKLIGHT_ADP8860 is not set # CONFIG_BACKLIGHT_ADP8870 is not set +# CONFIG_BACKLIGHT_LM3630 is not set +# CONFIG_BACKLIGHT_LM3639 is not set CONFIG_FB_NVIDIA_BACKLIGHT=y CONFIG_FB_RIVA_BACKLIGHT=y CONFIG_FB_RADEON_BACKLIGHT=y @@ -3909,7 +4237,6 @@ CONFIG_BACKLIGHT_LP855X=m CONFIG_LCD_CLASS_DEVICE=m CONFIG_LCD_PLATFORM=m -CONFIG_SCHEDSTATS=y CONFIG_SCHED_DEBUG=y CONFIG_FAIR_GROUP_SCHED=y CONFIG_CFS_BANDWIDTH=y @@ -3948,23 +4275,39 @@ CONFIG_KEXEC=y CONFIG_HWMON=y # CONFIG_HWMON_DEBUG_CHIP is not set CONFIG_THERMAL_HWMON=y +# CONFIG_THERMAL_DEFAULT_GOV_FAIR_SHARE is not set +# CONFIG_THERMAL_DEFAULT_GOV_USER_SPACE is not set +CONFIG_THERMAL_GOV_FAIR_SHARE=y +# CONFIG_THERMAL_GOV_USER_SPACE is not set +CONFIG_THERMAL_GOV_STEP_WISE=y +# CONFIG_THERMAL_EMULATION is not set +# CONFIG_CPU_THERMAL is not set CONFIG_INOTIFY=y CONFIG_INOTIFY_USER=y +# +# Bus devices +# +# CONFIG_OMAP_OCP2SCP is not set CONFIG_CONNECTOR=y CONFIG_PROC_EVENTS=y CONFIG_IBMASR=m +CONFIG_PM=y +CONFIG_PM_STD_PARTITION="" CONFIG_PM_DEBUG=y CONFIG_PM_TRACE=y CONFIG_PM_TRACE_RTC=y -CONFIG_PM_TEST_SUSPEND=y +# CONFIG_PM_TEST_SUSPEND is not set CONFIG_PM_RUNTIME=y # CONFIG_PM_OPP is not set # CONFIG_PM_AUTOSLEEP is not set # CONFIG_PM_WAKELOCKS is not set +CONFIG_HIBERNATION=y +# CONFIG_WQ_POWER_EFFICIENT_DEFAULT is not set +CONFIG_SUSPEND=y CONFIG_CPU_FREQ=y CONFIG_CPU_FREQ_GOV_PERFORMANCE=y @@ -3986,6 +4329,8 @@ CONFIG_NET_VENDOR_SMC=y # CONFIG_MOUSE_ATIXL is not set +# CONFIG_MEDIA_PARPORT_SUPPORT is not set + CONFIG_RADIO_ADAPTERS=y CONFIG_RADIO_TEA5764=m CONFIG_RADIO_SAA7706H=m @@ -4017,8 +4362,10 @@ CONFIG_SND_INDIGOIOX=m CONFIG_SND_INDIGODJX=m # CONFIG_SND_SOC is not set +CONFIG_BALLOON_COMPACTION=y CONFIG_COMPACTION=y CONFIG_MIGRATION=y +CONFIG_BOUNCE=y CONFIG_NEW_LEDS=y CONFIG_LEDS_CLASS=y # CONFIG_LEDS_AMS_DELTA is not set @@ -4032,24 +4379,30 @@ CONFIG_LEDS_CLASS=y # CONFIG_LEDS_PCA9633 is not set CONFIG_LEDS_DELL_NETBOOKS=m # CONFIG_LEDS_TCA6507 is not set +# CONFIG_LEDS_LM355x is not set # CONFIG_LEDS_OT200 is not set +# CONFIG_LEDS_PWM is not set CONFIG_LEDS_TRIGGERS=y CONFIG_LEDS_TRIGGER_TIMER=m CONFIG_LEDS_TRIGGER_ONESHOT=m CONFIG_LEDS_TRIGGER_IDE_DISK=y CONFIG_LEDS_TRIGGER_HEARTBEAT=m CONFIG_LEDS_TRIGGER_BACKLIGHT=m +# CONFIG_LEDS_TRIGGER_CPU is not set CONFIG_LEDS_TRIGGER_DEFAULT_ON=m CONFIG_LEDS_TRIGGER_TRANSIENT=m +CONFIG_LEDS_TRIGGER_CAMERA=m CONFIG_LEDS_ALIX2=m CONFIG_LEDS_CLEVO_MAIL=m CONFIG_LEDS_INTEL_SS4200=m CONFIG_LEDS_LM3530=m +# CONFIG_LEDS_LM3642 is not set CONFIG_LEDS_LM3556=m CONFIG_LEDS_BLINKM=m CONFIG_LEDS_LP3944=m CONFIG_LEDS_LP5521=m CONFIG_LEDS_LP5523=m +CONFIG_LEDS_LP5562=m CONFIG_LEDS_LT3593=m CONFIG_LEDS_REGULATOR=m CONFIG_LEDS_TRIGGER_GPIO=m @@ -4058,7 +4411,10 @@ CONFIG_LEDS_WM831X_STATUS=m CONFIG_DMADEVICES=y CONFIG_DMA_ENGINE=y +CONFIG_DW_DMAC_CORE=m CONFIG_DW_DMAC=m +CONFIG_DW_DMAC_PCI=m +# CONFIG_DW_DMAC_BIG_ENDIAN_IO is not set # CONFIG_TIMB_DMA is not set # CONFIG_DMATEST is not set CONFIG_ASYNC_TX_DMA=y @@ -4072,12 +4428,17 @@ CONFIG_DYNAMIC_FTRACE=y # CONFIG_IRQSOFF_TRACER is not set CONFIG_SCHED_TRACER=y CONFIG_CONTEXT_SWITCH_TRACER=y +CONFIG_TRACER_SNAPSHOT=y +# CONFIG_TRACER_SNAPSHOT_PER_CPU_SWAP is not set CONFIG_FTRACE_SYSCALLS=y CONFIG_FTRACE_MCOUNT_RECORD=y # CONFIG_FTRACE_STARTUP_TEST is not set # CONFIG_TRACE_BRANCH_PROFILING is not set CONFIG_FUNCTION_PROFILER=y CONFIG_RING_BUFFER_BENCHMARK=m +# CONFIG_RING_BUFFER_STARTUP_TEST is not set +# CONFIG_RBTREE_TEST is not set +# CONFIG_INTERVAL_TREE_TEST is not set CONFIG_FUNCTION_TRACER=y CONFIG_STACK_TRACER=y # CONFIG_FUNCTION_GRAPH_TRACER is not set @@ -4089,8 +4450,12 @@ CONFIG_JUMP_LABEL=y CONFIG_OPTPROBES=y CONFIG_HZ_1000=y +CONFIG_NO_HZ=y CONFIG_TIMER_STATS=y +CONFIG_HIGH_RES_TIMERS=y +CONFIG_PERF_EVENTS=y +CONFIG_PERF_COUNTERS=y # Auxillary displays CONFIG_KS0108=m @@ -4117,12 +4482,15 @@ CONFIG_APM_POWER=m # CONFIG_BATTERY_BQ27x00 is not set # CONFIG_BATTERY_MAX17040 is not set # CONFIG_BATTERY_MAX17042 is not set +# CONFIG_BATTERY_GOLDFISH is not set # CONFIG_CHARGER_ISP1704 is not set # CONFIG_CHARGER_MAX8903 is not set # CONFIG_CHARGER_LP8727 is not set # CONFIG_CHARGER_GPIO is not set # CONFIG_CHARGER_PCF50633 is not set +# CONFIG_CHARGER_BQ2415X is not set +CONFIG_POWER_RESET=y # CONFIG_PDA_POWER is not set @@ -4132,12 +4500,15 @@ CONFIG_UIO=m CONFIG_UIO_CIF=m # CONFIG_UIO_PDRV is not set # CONFIG_UIO_PDRV_GENIRQ is not set +# CONFIG_UIO_DMEM_GENIRQ is not set CONFIG_UIO_AEC=m CONFIG_UIO_SERCOS3=m CONFIG_UIO_PCI_GENERIC=m # CONFIG_UIO_NETX is not set -# CONFIG_VFIO is not set +CONFIG_VFIO=m +CONFIG_VFIO_IOMMU_TYPE1=m +CONFIG_VFIO_PCI=m # LIRC @@ -4157,13 +4528,12 @@ CONFIG_LIRC_TTUSBIR=m # CONFIG_DEVKMEM is not set -CONFIG_BNX2X=m -CONFIG_SCSI_BNX2X_FCOE=m - CONFIG_NOZOMI=m # CONFIG_TPS65010 is not set CONFIG_INPUT_APANEL=m +CONFIG_INPUT_GP2A=m +# CONFIG_INPUT_GPIO_TILT_POLLED is not set # CONFIG_INTEL_MENLOW is not set CONFIG_ENCLOSURE_SERVICES=m @@ -4177,6 +4547,7 @@ CONFIG_MSPRO_BLOCK=m CONFIG_MEMSTICK_TIFM_MS=m CONFIG_MEMSTICK_JMICRON_38X=m CONFIG_MEMSTICK_R592=m +CONFIG_MEMSTICK_REALTEK_PCI=m CONFIG_ACCESSIBILITY=y CONFIG_A11Y_BRAILLE_CONSOLE=y @@ -4202,6 +4573,7 @@ CONFIG_NET_DSA_MV88E6123_61_65=m # CONFIG_PHONET is not set # CONFIG_ICS932S401 is not set +# CONFIG_ATMEL_SSC is not set # CONFIG_C2PORT is not set @@ -4215,7 +4587,7 @@ CONFIG_WM8350_POWER=m CONFIG_USB_WUSB=m CONFIG_USB_WUSB_CBAF=m # CONFIG_USB_WUSB_CBAF_DEBUG is not set -CONFIG_USB_WHCI_HCD=m +# CONFIG_USB_WHCI_HCD is not set CONFIG_USB_HWA_HCD=m # CONFIG_USB_HCD_BCMA is not set # CONFIG_USB_HCD_SSB is not set @@ -4226,7 +4598,6 @@ CONFIG_UWB_WHCI=m CONFIG_UWB_I1480U=m CONFIG_STAGING=y -# CONFIG_RTLLIB is not set # CONFIG_ANDROID is not set CONFIG_STAGING_MEDIA=y # CONFIG_DVB_AS102 is not set @@ -4255,7 +4626,12 @@ CONFIG_USB_ATMEL=m # CONFIG_RAR_REGISTER is not set # CONFIG_VT6656 is not set # CONFIG_USB_SERIAL_QUATECH_USB2 is not set -# CONFIG_RTL8192E is not set +# Larry Finger maintains these (rhbz 913753) +CONFIG_RTLLIB=m +CONFIG_RTLLIB_CRYPTO_CCMP=m +CONFIG_RTLLIB_CRYPTO_TKIP=m +CONFIG_RTLLIB_CRYPTO_WEP=m +CONFIG_RTL8192E=m # CONFIG_INPUT_GPIO is not set # CONFIG_VIDEO_CX25821 is not set # CONFIG_R8187SE is not set @@ -4271,6 +4647,7 @@ CONFIG_R8712U=m # Larry Finger maintains this (rhbz 699618) # CONFIG_ATH6K_LEGACY is not set # CONFIG_USB_ENESTORAGE is not set # CONFIG_BCM_WIMAX is not set +# CONFIG_USB_BTMTK is not set # CONFIG_FT1000 is not set # CONFIG_SPEAKUP is not set # CONFIG_DX_SEP is not set @@ -4291,9 +4668,20 @@ CONFIG_ALTERA_STAPL=m # CONFIG_WIMAX_GDM72XX is not set # CONFIG_IPACK_BUS is not set # CONFIG_CSR_WIFI is not set -# +# CONFIG_ZCACHE2 is not set +# CONFIG_NET_VENDOR_SILICOM is not set +# CONFIG_SBYPASS is not set +# CONFIG_BPCTL is not set +# CONFIG_CED1401 is not set +# CONFIG_DGRP is not set +# CONFIG_SB105X is not set # END OF STAGING +# +# Remoteproc drivers (EXPERIMENTAL) +# +# CONFIG_STE_MODEM_RPROC is not set + CONFIG_LIBFC=m CONFIG_LIBFCOE=m CONFIG_FCOE=m @@ -4308,18 +4696,21 @@ CONFIG_IMA_LSM_RULES=y # CONFIG_EVM is not set # CONFIG_PWM is not set +# CONFIG_PWM_PCA9685 is not set CONFIG_LSM_MMAP_MIN_ADDR=65536 CONFIG_STRIP_ASM_SYMS=y # CONFIG_RCU_FANOUT_EXACT is not set -# FIXME: Revisit FAST_NO_HZ after 3.5 +# FIXME: Revisit FAST_NO_HZ after it's fixed # CONFIG_RCU_FAST_NO_HZ is not set +# CONFIG_RCU_NOCB_CPU is not set CONFIG_RCU_CPU_STALL_TIMEOUT=60 # CONFIG_RCU_TORTURE_TEST is not set # CONFIG_RCU_TRACE is not set # CONFIG_RCU_CPU_STALL_INFO is not set +# CONFIG_RCU_USER_QS is not set CONFIG_SPARSE_RCU_POINTER=y CONFIG_KSM=y @@ -4336,6 +4727,7 @@ CONFIG_IEEE802154_FAKEHARD=m CONFIG_IEEE802154_FAKELB=m CONFIG_MAC802154=m +CONFIG_NET_MPLS_GSO=m # CONFIG_EXTCON is not set # CONFIG_MEMORY is not set @@ -4354,6 +4746,7 @@ CONFIG_PTP_1588_CLOCK_PCH=m CONFIG_CLEANCACHE=y CONFIG_FRONTSWAP=y +CONFIG_ZSWAP=y # CONFIG_MDIO_GPIO is not set # CONFIG_KEYBOARD_GPIO is not set @@ -4372,6 +4765,9 @@ CONFIG_GPIO_SYSFS=y # CONFIG_GPIO_CS5535 is not set # CONFIG_GPIO_ADP5588 is not set # CONFIG_GPIO_IT8761E is not set +# CONFIG SB105x is not set +# CONFIG_GPIO_TS5500 is not set +CONFIG_GPIO_VIPERBOARD=m # CONFIG_GPIO_MAX7300 is not set # CONFIG_UCB1400_CORE is not set # CONFIG_TPS6105X is not set @@ -4386,11 +4782,19 @@ CONFIG_GPIO_SYSFS=y # CONFIG_GPIO_AMD8111 is not set # CONFIG_GPIO_BT8XX is not set # CONFIG_GPIO_SX150X is not set +# CONFIG_GPIO_GRGPIO is not set # FIXME: Why? CONFIG_EVENT_POWER_TRACING_DEPRECATED=y CONFIG_TEST_KSTRTOX=y +CONFIG_XZ_DEC=y +# CONFIG_XZ_DEC_X86 is not set +# CONFIG_XZ_DEC_POWERPC is not set +# CONFIG_XZ_DEC_IA64 is not set +# CONFIG_XZ_DEC_ARM is not set +# CONFIG_XZ_DEC_ARMTHUMB is not set +# CONFIG_XZ_DEC_SPARC is not set # CONFIG_XZ_DEC_TEST is not set # CONFIG_POWER_AVS is not set @@ -4413,6 +4817,7 @@ CONFIG_PSTORE_RAM=m # CONFIG_AVERAGE is not set +# CONFIG_VMXNET3 is not set # CONFIG_SIGMA is not set @@ -4423,16 +4828,29 @@ CONFIG_BCMA_BLOCKIO=y CONFIG_BCMA_HOST_PCI_POSSIBLE=y CONFIG_BCMA_HOST_PCI=y CONFIG_BCMA_DRIVER_GMAC_CMN=y +CONFIG_BCMA_DRIVER_GPIO=y # CONFIG_BCMA_DEBUG is not set # CONFIG_GOOGLE_FIRMWARE is not set # CONFIG_INTEL_MID_PTI is not set CONFIG_IOMMU_SUPPORT=y +# CONFIG_MAILBOX is not set + +# CONFIG_RESET_CONTROLLER is not set + +CONFIG_FMC=m +CONFIG_FMC_FAKEDEV=m +CONFIG_FMC_TRIVIAL=m +CONFIG_FMC_WRITE_EEPROM=m +CONFIG_FMC_CHARDEV=m + # CONFIG_HSI is not set # CONFIG_PM_DEVFREQ is not set # CONFIG_MODULE_SIG is not set +# CONFIG_SYSTEM_TRUSTED_KEYRING is not set +# CONFIG_SYSTEM_BLACKLIST_KEYRING is not set # CONFIG_MODULE_VERIFY_ELF is not set # CONFIG_CRYPTO_KEY_TYPE is not set # CONFIG_PGP_LIBRARY is not set diff --git a/config-nodebug b/config-nodebug index d99deeb2f..75fc2200b 100644 --- a/config-nodebug +++ b/config-nodebug @@ -2,113 +2,130 @@ CONFIG_SND_VERBOSE_PRINTK=y CONFIG_SND_DEBUG=y CONFIG_SND_PCM_XRUN_DEBUG=y -CONFIG_DEBUG_ATOMIC_SLEEP=y +# CONFIG_DEBUG_ATOMIC_SLEEP is not set -CONFIG_DEBUG_MUTEXES=y -CONFIG_DEBUG_RT_MUTEXES=y -CONFIG_DEBUG_LOCK_ALLOC=y -CONFIG_PROVE_LOCKING=y -CONFIG_DEBUG_SPINLOCK=y -CONFIG_PROVE_RCU=y +# CONFIG_DEBUG_MUTEXES is not set +# CONFIG_DEBUG_WW_MUTEX_SLOWPATH is not set +# CONFIG_DEBUG_RT_MUTEXES is not set +# CONFIG_DEBUG_LOCK_ALLOC is not set +# CONFIG_PROVE_LOCKING is not set +# CONFIG_DEBUG_SPINLOCK is not set +# CONFIG_PROVE_RCU is not set # CONFIG_PROVE_RCU_REPEATEDLY is not set -CONFIG_DEBUG_PER_CPU_MAPS=y +# CONFIG_DEBUG_PER_CPU_MAPS is not set CONFIG_CPUMASK_OFFSTACK=y -CONFIG_CPU_NOTIFIER_ERROR_INJECT=m +# CONFIG_CPU_NOTIFIER_ERROR_INJECT is not set -CONFIG_FAULT_INJECTION=y -CONFIG_FAILSLAB=y -CONFIG_FAIL_PAGE_ALLOC=y -CONFIG_FAIL_MAKE_REQUEST=y -CONFIG_FAULT_INJECTION_DEBUG_FS=y -CONFIG_FAULT_INJECTION_STACKTRACE_FILTER=y -CONFIG_FAIL_IO_TIMEOUT=y -CONFIG_FAIL_MMC_REQUEST=y +# CONFIG_FAULT_INJECTION is not set +# CONFIG_FAILSLAB is not set +# CONFIG_FAIL_PAGE_ALLOC is not set +# CONFIG_FAIL_MAKE_REQUEST is not set +# CONFIG_FAULT_INJECTION_DEBUG_FS is not set +# CONFIG_FAULT_INJECTION_STACKTRACE_FILTER is not set +# CONFIG_FAIL_IO_TIMEOUT is not set +# CONFIG_FAIL_MMC_REQUEST is not set -CONFIG_SLUB_DEBUG_ON=y +# CONFIG_SLUB_DEBUG_ON is not set -CONFIG_LOCK_STAT=y +# CONFIG_LOCK_STAT is not set -CONFIG_DEBUG_STACK_USAGE=y +# CONFIG_DEBUG_STACK_USAGE is not set -CONFIG_ACPI_DEBUG=y +# CONFIG_ACPI_DEBUG is not set # CONFIG_ACPI_DEBUG_FUNC_TRACE is not set -CONFIG_DEBUG_SG=y +# CONFIG_DEBUG_SG is not set # CONFIG_DEBUG_PAGEALLOC is not set -CONFIG_DEBUG_WRITECOUNT=y -CONFIG_DEBUG_OBJECTS=y +# CONFIG_DEBUG_WRITECOUNT is not set +# CONFIG_DEBUG_OBJECTS is not set # CONFIG_DEBUG_OBJECTS_SELFTEST is not set -CONFIG_DEBUG_OBJECTS_FREE=y -CONFIG_DEBUG_OBJECTS_TIMERS=y -CONFIG_DEBUG_OBJECTS_RCU_HEAD=y +# CONFIG_DEBUG_OBJECTS_FREE is not set +# CONFIG_DEBUG_OBJECTS_TIMERS is not set +# CONFIG_DEBUG_OBJECTS_RCU_HEAD is not set CONFIG_DEBUG_OBJECTS_ENABLE_DEFAULT=1 -CONFIG_X86_PTDUMP=y +# CONFIG_X86_PTDUMP is not set -CONFIG_CAN_DEBUG_DEVICES=y +# CONFIG_CAN_DEBUG_DEVICES is not set -CONFIG_MODULE_FORCE_UNLOAD=y +# CONFIG_MODULE_FORCE_UNLOAD is not set -CONFIG_SYSCTL_SYSCALL_CHECK=y +# CONFIG_SYSCTL_SYSCALL_CHECK is not set -CONFIG_DEBUG_NOTIFIERS=y +# CONFIG_DEBUG_NOTIFIERS is not set -CONFIG_DMA_API_DEBUG=y +# CONFIG_DMA_API_DEBUG is not set -CONFIG_MMIOTRACE=y +# CONFIG_MMIOTRACE is not set -CONFIG_DEBUG_CREDENTIALS=y +# CONFIG_DEBUG_CREDENTIALS is not set # off in both production debug and nodebug builds, # on in rawhide nodebug builds -CONFIG_DEBUG_FORCE_WEAK_PER_CPU=y +# CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set -CONFIG_EXT4_DEBUG=y +# CONFIG_EXT4_DEBUG is not set -CONFIG_DEBUG_PERF_USE_VMALLOC=y +# CONFIG_XFS_WARN is not set -CONFIG_JBD2_DEBUG=y +# CONFIG_DEBUG_PERF_USE_VMALLOC is not set -CONFIG_NFSD_FAULT_INJECTION=y +# CONFIG_JBD2_DEBUG is not set -CONFIG_DEBUG_BLK_CGROUP=y +# CONFIG_NFSD_FAULT_INJECTION is not set -CONFIG_DRBD_FAULT_INJECTION=y +# CONFIG_DEBUG_BLK_CGROUP is not set -CONFIG_ATH_DEBUG=y -CONFIG_CARL9170_DEBUGFS=y -CONFIG_IWLWIFI_DEVICE_TRACING=y +# CONFIG_DRBD_FAULT_INJECTION is not set -CONFIG_DEBUG_OBJECTS_WORK=y +# CONFIG_ATH_DEBUG is not set +# CONFIG_CARL9170_DEBUGFS is not set +# CONFIG_IWLWIFI_DEVICE_TRACING is not set -CONFIG_DMADEVICES_DEBUG=y -CONFIG_DMADEVICES_VDEBUG=y +# CONFIG_RTLWIFI_DEBUG is not set + +# CONFIG_DEBUG_OBJECTS_WORK is not set + +# CONFIG_DMADEVICES_DEBUG is not set +# CONFIG_DMADEVICES_VDEBUG is not set CONFIG_PM_ADVANCED_DEBUG=y -CONFIG_CEPH_LIB_PRETTYDEBUG=y -CONFIG_QUOTA_DEBUG=y +# CONFIG_CEPH_LIB_PRETTYDEBUG is not set +# CONFIG_QUOTA_DEBUG is not set CONFIG_PCI_DEFAULT_USE_CRS=y CONFIG_KGDB_KDB=y CONFIG_KDB_KEYBOARD=y +CONFIG_KDB_CONTINUE_CATASTROPHIC=0 -CONFIG_DEBUG_OBJECTS_PERCPU_COUNTER=y -CONFIG_TEST_LIST_SORT=y +# CONFIG_DEBUG_OBJECTS_PERCPU_COUNTER is not set +# CONFIG_TEST_LIST_SORT is not set +# CONFIG_TEST_STRING_HELPERS is not set -CONFIG_DETECT_HUNG_TASK=y +# CONFIG_DETECT_HUNG_TASK is not set CONFIG_DEFAULT_HUNG_TASK_TIMEOUT=120 # CONFIG_BOOTPARAM_HUNG_TASK_PANIC is not set -CONFIG_X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK=y +# CONFIG_X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK is not set -CONFIG_DEBUG_KMEMLEAK=y +# CONFIG_DEBUG_KMEMLEAK is not set CONFIG_DEBUG_KMEMLEAK_EARLY_LOG_SIZE=1024 # CONFIG_DEBUG_KMEMLEAK_TEST is not set CONFIG_DEBUG_KMEMLEAK_DEFAULT_OFF=y # CONFIG_MAC80211_MESSAGE_TRACING is not set + +# CONFIG_EDAC_DEBUG is not set + +# CONFIG_SPI_DEBUG is not set + +# CONFIG_X86_DEBUG_STATIC_CPU_HAS is not set + +# CONFIG_SCHEDSTATS is not set +# CONFIG_LATENCYTOP is not set + diff --git a/config-powerpc-generic b/config-powerpc-generic index e6c2ebd6d..2f26fb4ba 100644 --- a/config-powerpc-generic +++ b/config-powerpc-generic @@ -1,5 +1,4 @@ # Most PowerPC kernels we build are SMP -CONFIG_SMP=y CONFIG_IRQ_ALL_CPUS=y CONFIG_PPC=y CONFIG_WATCHDOG_RTAS=m @@ -11,14 +10,6 @@ CONFIG_TAU=y # CONFIG_TAU_INT is not set CONFIG_TAU_AVERAGE=y -CONFIG_SECCOMP=y - -CONFIG_PM=y - -CONFIG_PM_STD_PARTITION="" - -CONFIG_SUSPEND=y -CONFIG_HIBERNATION=y # CONFIG_RTC is not set # CONFIG_GEN_RTC is not set # CONFIG_GEN_RTC_X is not set @@ -39,6 +30,7 @@ CONFIG_FB_OF=y # CONFIG_FB_CONTROL is not set CONFIG_FB_IBM_GXT4500=y CONFIG_FB_MATROX=y +CONFIG_FB_MATROX_G=y # CONFIG_FB_VGA16 is not set CONFIG_FB_ATY128_BACKLIGHT=y CONFIG_FB_ATY_BACKLIGHT=y @@ -99,9 +91,6 @@ CONFIG_LEDS_TRIGGER_TIMER=m CONFIG_LEDS_TRIGGER_HEARTBEAT=m CONFIG_LEDS_TRIGGER_GPIO=m -# FIXME: Should depend on IA64/x86 -# CONFIG_SGI_IOC4 is not set - CONFIG_PPC_EFIKA=y CONFIG_PPC_MEDIA5200=y @@ -181,7 +170,6 @@ CONFIG_PMAC_APM_EMU=m CONFIG_HW_RANDOM_PASEMI=m CONFIG_EDAC=y -# CONFIG_EDAC_DEBUG is not set CONFIG_EDAC_MM_EDAC=m CONFIG_EDAC_PASEMI=m CONFIG_EDAC_AMD8131=m @@ -314,7 +302,7 @@ CONFIG_SPARSE_IRQ=y # CONFIG_PPC_MPC5200_LPBFIFO is not set # CONFIG_CAN_MSCAN is not set # CONFIG_CAN_MPC5XXX is not set -CONFIG_PATA_MACIO=m +CONFIG_PATA_MACIO=y CONFIG_SERIAL_GRLIB_GAISLER_APBUART=m # CONFIG_PMIC_ADP5520 is not set # CONFIG_MFD_88PM8607 is not set @@ -346,6 +334,7 @@ CONFIG_I2C_MPC=m CONFIG_RFKILL_GPIO=m # CONFIG_CRYPTO_DEV_FSL_CAAM is not set +# CONFIG_CRYPTO_SHA1_PPC is not set # CONFIG_GPIO_GENERIC_PLATFORM is not set # CONFIG_GPIO_MCP23S08 is not set @@ -357,15 +346,11 @@ CONFIG_RFKILL_GPIO=m # CONFIG_NET_VENDOR_PASEMI is not set # CONFIG_NET_VENDOR_TOSHIBA is not set -# Disable btrfs until it is shown to work with 64k pages (rhbz 747079) -# CONFIG_BTRFS_FS is not set -# # CONFIG_CPU_IDLE is not set # CONFIG_OF_SELFTEST is not set # CONFIG_TOUCHSCREEN_AUO_PIXCIR is not set # CONFIG_INPUT_GP2A is not set # CONFIG_INPUT_GPIO_TILT_POLLED is not set -CONFIG_STRICT_DEVMEM=y CONFIG_RCU_FANOUT_LEAF=16 @@ -373,6 +358,27 @@ CONFIG_RCU_FANOUT_LEAF=16 # CONFIG_MPIC_MSGR is not set # CONFIG_FA_DUMP is not set # CONFIG_MDIO_BUS_MUX_GPIO is not set -# CONFIG_BLK_DEV_PCIESSD_MTIP32XX is not set # CONFIG_FAIL_IOMMU is not set +# CONFIG_SPAPR_TCE_IOMMU is not set +# CONFIG_TRANSPARENT_HUGEPAGE is not set + +# CONFIG_PPC_DENORMALISATION is not set +# CONFIG_MDIO_BUS_MUX_MMIOREG is not set +# CONFIG_GPIO_ADNP is not set +# CONFIG_MFD_SYSCON is not set +# CONFIG_RTC_DRV_SNVS is not set +# CONFIG_ASYMMETRIC_KEY_TYPE is not set + +# CONFIG_OF_DISPLAY_TIMING is not set +# CONFIG_OF_VIDEOMODE is not set + +# CONFIG_POWERNV_MSI is not set + +CONFIG_POWER_RESET_GPIO=y +CONFIG_FB_SSD1307=m +CONFIG_INPUT_PWM_BEEPER=m +CONFIG_BACKLIGHT_PWM=m +CONFIG_CPU_IDLE_MULTIPLE_DRIVERS=n + +CONFIG_XZ_DEC_POWERPC=y diff --git a/config-powerpc32-generic b/config-powerpc32-generic index 935aab420..61e3236b1 100644 --- a/config-powerpc32-generic +++ b/config-powerpc32-generic @@ -95,8 +95,6 @@ CONFIG_SERIAL_OF_PLATFORM=y CONFIG_DEBUG_STACKOVERFLOW=y # CONFIG_EMBEDDED6xx is not set -CONFIG_NO_HZ=y -CONFIG_HIGH_RES_TIMERS=y # CONFIG_BLK_DEV_PLATFORM is not set # CONFIG_BLK_DEV_4DRIVES is not set @@ -175,10 +173,6 @@ CONFIG_CRYPTO_DEV_TALITOS=m CONFIG_RCU_FANOUT=32 -CONFIG_PERF_COUNTERS=y -CONFIG_PERF_EVENTS=y -CONFIG_EVENT_PROFILE=y - CONFIG_KVM_BOOK3S_32=m # CONFIG_SCSI_QLA_ISCSI is not set diff --git a/config-powerpc32-smp b/config-powerpc32-smp index e60f59cdf..5dbe87f7f 100644 --- a/config-powerpc32-smp +++ b/config-powerpc32-smp @@ -1,4 +1,3 @@ -CONFIG_SMP=y # CONFIG_HOTPLUG_CPU is not set CONFIG_NR_CPUS=4 # CONFIG_BATTERY_PMU is not set diff --git a/config-powerpc64 b/config-powerpc64 index 46ffe87c9..705a7ea2b 100644 --- a/config-powerpc64 +++ b/config-powerpc64 @@ -12,6 +12,7 @@ CONFIG_PPC_MAPLE=y CONFIG_PPC_PSERIES=y CONFIG_PPC_PMAC=y CONFIG_PPC_POWERNV=y +CONFIG_POWERNV_MSI=y CONFIG_PPC_POWERNV_RTAS=y # CONFIG_PPC_PASEMI is not set # CONFIG_PPC_PASEMI_IOMMU_DMA_FORCE is not set @@ -110,11 +111,7 @@ CONFIG_XMON_DISASSEMBLY=y CONFIG_SCSI_IBMVSCSIS=m -CONFIG_SECCOMP=y - # CONFIG_TUNE_CELL is not set -CONFIG_NO_HZ=y -CONFIG_HIGH_RES_TIMERS=y # CONFIG_BLK_DEV_PLATFORM is not set # CONFIG_VIRQ_DEBUG is not set @@ -137,13 +134,10 @@ CONFIG_RELOCATABLE=y CONFIG_RCU_FANOUT=64 -CONFIG_PERF_COUNTERS=y -CONFIG_PERF_EVENTS=y -CONFIG_EVENT_PROFILE=y - CONFIG_KVM_BOOK3S_64=m CONFIG_KVM_BOOK3S_64_HV=y # CONFIG_KVM_EXIT_TIMING is not set +CONFIG_KVM_XICS=y #-- bz#607175 #-- active memory sharing @@ -164,13 +158,19 @@ CONFIG_PPC_ICSWX=y CONFIG_IO_EVENT_IRQ=y CONFIG_HW_RANDOM_AMD=m -# CONFIG_HW_RANDOM_PSERIES is not set -# CONFIG_CRYPTO_DEV_NX is not set +CONFIG_UIO_PDRV=m + +CONFIG_HW_RANDOM_PSERIES=m +CONFIG_CRYPTO_DEV_NX=y +CONFIG_CRYPTO_842=m +CONFIG_CRYPTO_DEV_NX_ENCRYPT=m +CONFIG_CRYPTO_DEV_NX_COMPRESS=m CONFIG_BPF_JIT=y # CONFIG_PPC_ICSWX_PID is not set # CONFIG_PPC_ICSWX_USE_SIGILL is not set -# CONFIG_BLK_DEV_PCIESSD_MTIP32XX is not set # CONFIG_PCIEPORTBUS is not set - +# CONFIG_PPC_TRANSACTIONAL_MEM is not set +# CONFIG_SND_HDA_INTEL is not set +CONFIG_BLK_DEV_RSXX=m diff --git a/config-powerpc64p7 b/config-powerpc64p7 index 7e2ea454b..7ab19187b 100644 --- a/config-powerpc64p7 +++ b/config-powerpc64p7 @@ -8,6 +8,7 @@ CONFIG_POWER7_CPU=y CONFIG_PPC_PSERIES=y # CONFIG_PPC_PMAC is not set CONFIG_PPC_POWERNV=y +CONFIG_POWERNV_MSI=y CONFIG_PPC_POWERNV_RTAS=y # CONFIG_PPC_PASEMI is not set # CONFIG_PPC_PASEMI_IOMMU_DMA_FORCE is not set @@ -101,11 +102,7 @@ CONFIG_XMON_DISASSEMBLY=y CONFIG_SCSI_IBMVSCSIS=m -CONFIG_SECCOMP=y - # CONFIG_TUNE_CELL is not set -CONFIG_NO_HZ=y -CONFIG_HIGH_RES_TIMERS=y # CONFIG_BLK_DEV_PLATFORM is not set # CONFIG_VIRQ_DEBUG is not set @@ -128,13 +125,10 @@ CONFIG_RELOCATABLE=y CONFIG_RCU_FANOUT=64 -CONFIG_PERF_COUNTERS=y -CONFIG_PERF_EVENTS=y -CONFIG_EVENT_PROFILE=y - CONFIG_KVM_BOOK3S_64=m CONFIG_KVM_BOOK3S_64_HV=y # CONFIG_KVM_EXIT_TIMING is not set +CONFIG_KVM_XICS=y #-- bz#607175 #-- active memory sharing @@ -155,13 +149,18 @@ CONFIG_PPC_ICSWX=y CONFIG_IO_EVENT_IRQ=y CONFIG_HW_RANDOM_AMD=m -# CONFIG_HW_RANDOM_PSERIES is not set -# CONFIG_CRYPTO_DEV_NX is not set +CONFIG_UIO_PDRV=m + +CONFIG_HW_RANDOM_PSERIES=m +CONFIG_CRYPTO_DEV_NX=y +CONFIG_CRYPTO_842=m +CONFIG_CRYPTO_DEV_NX_ENCRYPT=m +CONFIG_CRYPTO_DEV_NX_COMPRESS=m CONFIG_BPF_JIT=y # CONFIG_PPC_ICSWX_PID is not set # CONFIG_PPC_ICSWX_USE_SIGILL is not set -# CONFIG_BLK_DEV_PCIESSD_MTIP32XX is not set # CONFIG_PCIEPORTBUS is not set - +# CONFIG_SND_HDA_INTEL is not set +CONFIG_BLK_DEV_RSXX=m diff --git a/config-s390x b/config-s390x index 451512e9a..a292f425e 100644 --- a/config-s390x +++ b/config-s390x @@ -13,13 +13,9 @@ CONFIG_HZ_100=y # See bug 496605 # CONFIG_CC_OPTIMIZE_FOR_SIZE is not set -CONFIG_MMU=y - CONFIG_LOG_BUF_SHIFT=16 CONFIG_NO_IDLE_HZ=y -CONFIG_SMP=y - # # I/O subsystem configuration # @@ -38,6 +34,7 @@ CONFIG_CMM=m CONFIG_CMM_PROC=y # CONFIG_NETIUCV is not set CONFIG_SMSGIUCV=m +CONFIG_CRASH_DUMP=y # # SCSI low-level drivers @@ -189,8 +186,6 @@ CONFIG_S390_VMUR=m # CONFIG_THERMAL is not set -CONFIG_NO_HZ=y -CONFIG_HIGH_RES_TIMERS=y CONFIG_CTCM=m CONFIG_QETH_L2=m CONFIG_QETH_L3=m @@ -213,15 +208,7 @@ CONFIG_HVC_IUCV=y CONFIG_RCU_FANOUT=64 CONFIG_RCU_FANOUT_LEAF=16 -CONFIG_SECCOMP=y - -CONFIG_PM=y -CONFIG_HIBERNATION=y -CONFIG_PM_STD_PARTITION="/dev/jokes" - -CONFIG_PERF_COUNTERS=y -CONFIG_PERF_EVENTS=y -CONFIG_EVENT_PROFILE=y +# CONFIG_SUSPEND is not set CONFIG_SMSGIUCV_EVENT=m @@ -234,10 +221,60 @@ CONFIG_ZFCP_DIF=y CONFIG_SCHED_MC=y CONFIG_SCHED_BOOK=y -CONFIG_STRICT_DEVMEM=y - # CONFIG_WARN_DYNAMIC_STACK is not set CONFIG_CRYPTO_GHASH_S390=m -CONFIG_NET_CORE=y -CONFIG_ETHERNET=y + +CONFIG_BPF_JIT=y +# CONFIG_TRANSPARENT_HUGEPAGE is not set +CONFIG_SCM_BUS=y +CONFIG_EADM_SCH=m +CONFIG_SCM_BLOCK=m +CONFIG_SCM_BLOCK_CLUSTER_WRITE=y +# CONFIG_S390_PTDUMP is not set +# CONFIG_ASYMMETRIC_KEY_TYPE is not set +# CONFIG_PCI is not set +# CONFIG_GPIO_GENERIC_PLATFORM is not set +# CONFIG_GPIO_MCP23S08 is not set + +# CONFIG_NEW_LEDS is not set +# CONFIG_HID is not set + +# CONFIG_INPUT is not set +# CONFIG_INPUT_JOYDEV is not set +# CONFIG_INPUT_KEYBOARD is not set +# CONFIG_INPUT_MOUSE is not set +# CONFIG_INPUT_JOYSTICK is not set +# CONFIG_INPUT_TABLET is not set +# CONFIG_INPUT_TOUCHSCREEN is not set +# CONFIG_INPUT_MISC is not set + +# CONFIG_ACCESSIBILITY is not set +# CONFIG_AUXDISPLAY is not set +# CONFIG_POWER_SUPPLY is not set +# CONFIG_STAGING is not set +# CONFIG_MEMSTICK is not set +# CONFIG_MEDIA_SUPPORT is not set +# CONFIG_USB_SUPPORT is not set +# CONFIG_DRM is not set +# CONFIG_SOUND is not set +# CONFIG_DW_DMAC is not set +# CONFIG_I2C is not set +# CONFIG_I2C_SMBUS is not set +# CONFIG_I2C_STUB is not set +# CONFIG_I2C_HELPER_AUTO is not set +# CONFIG_I2C_PARPORT is not set +# CONFIG_I2C_PARPORT_LIGHT is not set +# CONFIG_I2C_NFORCE2 is not set + +# CONFIG_PHYLIB is not set +# CONFIG_ATM_DRIVERS is not set +# CONFIG_NET_VENDOR_ARC is not set +# CONFIG_NET_VENDOR_INTEL is not set +# CONFIG_NET_VENDOR_MARVELL is not set +# CONFIG_NET_VENDOR_NATSEMI is not set +# CONFIG_SH_ETH is not set +# CONFIG_NET_VENDOR_VIA is not set +# CONFIG_IEEE802154_DRIVERS is not set + +# CONFIG_FMC is not set diff --git a/config-sparc64-generic b/config-sparc64-generic deleted file mode 100644 index ebc891d8a..000000000 --- a/config-sparc64-generic +++ /dev/null @@ -1,203 +0,0 @@ -CONFIG_SMP=y -CONFIG_SPARC=y -CONFIG_SPARC64=y -CONFIG_SECCOMP=y -CONFIG_HZ_100=y -# CONFIG_HZ_1000 is not set -CONFIG_HZ=100 - -CONFIG_NO_HZ=y -CONFIG_HIGH_RES_TIMERS=y - -CONFIG_US3_FREQ=m -CONFIG_US2E_FREQ=m - -CONFIG_SUN_LDOMS=y -CONFIG_SCHED_SMT=y -CONFIG_SCHED_MC=y -CONFIG_64BIT=y -# CONFIG_BBC_I2C is not set -CONFIG_HUGETLB_PAGE_SIZE_4MB=y -# CONFIG_HUGETLB_PAGE_SIZE_512K is not set -# CONFIG_HUGETLB_PAGE_SIZE_64K is not set -CONFIG_NR_CPUS=256 -CONFIG_US3_FREQ=m -CONFIG_US2E_FREQ=m -CONFIG_SUN_OPENPROMFS=m -CONFIG_COMPAT=y -CONFIG_UID16=y -CONFIG_BINFMT_ELF32=y -CONFIG_ENVCTRL=m -CONFIG_DISPLAY7SEG=m -CONFIG_WATCHDOG_CP1XXX=m -CONFIG_WATCHDOG_RIO=m -# CONFIG_CMDLINE_BOOL is not set -# CONFIG_PREVENT_FIRMWARE_BUILD is not set -# CONFIG_PARPORT is not set -# CONFIG_BLK_DEV_FD is not set -# CONFIG_LIRC_PARALLEL is not set -# CONFIG_I2C_NFORCE2 is not set -# CONFIG_I2C_PARPORT_LIGHT is not set -# CONFIG_I2C_SIMTEC is not set -CONFIG_I2C_ALI1535=m -# CONFIG_VGASTATE is not set -# CONFIG_FB_DDC is not set -# CONFIG_FB_BW2 is not set -# CONFIG_FB_GRVGA is not set -CONFIG_FB_CG3=y -CONFIG_FB_CG6=y -# CONFIG_FB_RIVA is not set -# CONFIG_FB_MATROX is not set -# CONFIG_FB_RADEON is not set -CONFIG_FB_ATY=y -# CONFIG_FB_S3 is not set -# CONFIG_FB_SAVAGE is not set -# CONFIG_FB_SIS is not set -# CONFIG_FB_NEOMAGIC is not set -# CONFIG_FB_3DFX is not set -# CONFIG_FB_VOODOO1 is not set -# CONFIG_FB_TRIDENT is not set -CONFIG_FB_SBUS=y -CONFIG_FB_FFB=y -# CONFIG_FB_TCX is not set -# CONFIG_FB_CG14 is not set -CONFIG_FB_PM2=y -CONFIG_FB_P9100=y -# CONFIG_FB_LEO is not set -CONFIG_FB_XVR500=y -CONFIG_FB_XVR2500=y -# CONFIG_VGASTATE is not set -# CONFIG_FB_DDC is not set -# CONFIG_FB_CIRRUS is not set -# CONFIG_FB_ATY128 is not set -# CONFIG_FB_KYRO is not set -# CONFIG_AGP is not set -# CONFIG_DRM_NOUVEAU is not set -# CONFIG_MDA_CONSOLE is not set -CONFIG_FONTS=y -# CONFIG_FONT_8x8 is not set -# CONFIG_FONT_8x16 is not set -# CONFIG_FONT_7x14 is not set -# CONFIG_FONT_10x18 is not set -# CONFIG_FONT_6x11 is not set -# CONFIG_FONT_SUN12x22 is not set -# CONFIG_FONT_PEARL_8x8 is not set -# CONFIG_FONT_ACORN_8x8 is not set -CONFIG_FONT_SUN8x16=y -CONFIG_FONT_SUN12x22=y -# CONFIG_LOGO_LINUX_CLUT224 is not set -# CONFIG_SERIAL_8250 is not set -CONFIG_SERIAL_SUNZILOG=y -CONFIG_SERIAL_SUNZILOG_CONSOLE=y -CONFIG_SERIAL_SUNSU=y -CONFIG_SERIAL_SUNSU_CONSOLE=y -CONFIG_SERIAL_SUNSAB=y -CONFIG_SERIAL_SUNSAB_CONSOLE=y -CONFIG_SERIAL_SUNHV=y -CONFIG_SUN_OPENPROMIO=y -CONFIG_OBP_FLASH=m -# CONFIG_SERIO_SERPORT is not set -CONFIG_BLK_DEV_FD=y -CONFIG_SUNVDC=m -CONFIG_SUNVNET=m -# CONFIG_BLK_DEV_AEC62XX is not set -# CONFIG_BLK_DEV_HPT366 is not set -# CONFIG_BLK_DEV_PDC202XX_OLD is not set -# CONFIG_BLK_DEV_PDC202XX_NEW is not set -# CONFIG_BLK_DEV_SIIMAGE is not set -# CONFIG_BLK_DEV_SLC90E66 is not set -# CONFIG_BLK_DEV_VIA82CXXX is not set -# CONFIG_SCSI_ADVANSYS is not set -# CONFIG_SCSI_BUSLOGIC is not set -# CONFIG_SCSI_EATA is not set -# CONFIG_SCSI_GDTH is not set -# CONFIG_SCSI_AIC7XXX is not set -# CONFIG_SCSI_AIC79XX is not set -# CONFIG_SCSI_FUTURE_DOMAIN is not set -CONFIG_SCSI_QLOGICPTI=m -CONFIG_SCSI_SUNESP=m -CONFIG_SUNLANCE=m -CONFIG_SUNBMAC=m -CONFIG_SUNQE=m -# CONFIG_DM9102 is not set -# CONFIG_HAMACHI is not set -# CONFIG_R8169 is not set -CONFIG_ATM_FORE200E_USE_TASKLET=y -CONFIG_ATM_FORE200E_DEBUG=0 -CONFIG_ATM_FORE200E_TX_RETRY=16 -# CONFIG_DRM_TDFX is not set -CONFIG_KEYBOARD_ATKBD=y -CONFIG_KEYBOARD_SUNKBD=y -# CONFIG_INPUT_PCSPKR is not set -CONFIG_INPUT_SPARCSPKR=m -# CONFIG_SOUND_PRIME is not set -# CONFIG_SND_SUN_AMD7930 is not set -CONFIG_SND_SUN_CS4231=m -# CONFIG_SND_SUN_DBRI is not set -CONFIG_PARPORT_SUNBPP=m -CONFIG_LOGO_SUN_CLUT224=y -CONFIG_MTD_SUN_UFLASH=m -CONFIG_MYRI_SBUS=m -# CONFIG_SGI_IOC4 is not set -# CONFIG_VIDEO_ZORAN is not set -# CONFIG_VIDEO_STRADIS is not set -# CONFIG_IEEE1394_SBP2 is not set -# CONFIG_USB_NET2280 is not set -# CONFIG_DEBUG_BUGVERBOSE is not set -# CONFIG_DEBUG_DCFLUSH is not set -# CONFIG_DEBUG_BOOTMEM is not set -# CONFIG_DEBUG_LOCK_ALLOC is not set -# CONFIG_PROVE_LOCKING is not set -# CONFIG_LOCK_STAT is not set -# CONFIG_LOCKDEP is not set -# CONFIG_STACK_DEBUG is not set - -CONFIG_SPARSEMEM_VMEMMAP=y - -# CONFIG_THERMAL is not set - -CONFIG_FRAME_WARN=2048 - -CONFIG_NUMA=y - -CONFIG_SND_SPARC=y - -CONFIG_HW_RANDOM_N2RNG=m - -# drivers/isdn/hardware/mISDN/hfcmulti.c:5255:2: error: #error "not running on big endian machines now" -# CONFIG_MISDN_HFCMULTI is not set - -CONFIG_US3_MC=y -CONFIG_SENSORS_ULTRA45=m -CONFIG_LEDS_SUNFIRE=m -CONFIG_TADPOLE_TS102_UCTRL=m - -CONFIG_RCU_FANOUT=64 -CONFIG_RCU_FANOUT_LEAF=16 - -CONFIG_LIRC_ENE0100=m -# CONFIG_BATTERY_DS2782 is not set -CONFIG_USB_GSPCA_SN9C20X=m -CONFIG_USB_GSPCA_SN9C20X_EVDEV=y -CONFIG_LSM_MMAP_MIN_ADDR=65536 - -CONFIG_PERF_COUNTERS=y -CONFIG_PERF_EVENTS=y -CONFIG_EVENT_PROFILE=y - -CONFIG_EARLYFB=y -CONFIG_SERIAL_GRLIB_GAISLER_APBUART=m - -CONFIG_GRETH=m -CONFIG_FB_XVR1000=y - -CONFIG_CRYPTO_DEV_NIAGARA2=y - -# CONFIG_MTD_OF_PARTS is not set -# CONFIG_MTD_PHYSMAP_OF is not set -# CONFIG_MMC_SDHCI_OF is not set -# CONFIG_OF_SELFTEST is not set - -CONFIG_BPF_JIT=y -# CONFIG_BLK_DEV_PCIESSD_MTIP32XX is not set -# CONFIG_IRQ_DOMAIN_DEBUG is not set diff --git a/config-x86-32-generic b/config-x86-32-generic index b1a04993a..3cd496569 100644 --- a/config-x86-32-generic +++ b/config-x86-32-generic @@ -3,6 +3,7 @@ CONFIG_X86_32_NON_STANDARD=y # CONFIG_X86_ELAN is not set +# CONFIG_X86_GOLDFISH is not set # CONFIG_X86_NUMAQ is not set # CONFIG_X86_SUMMIT is not set CONFIG_X86_BIGSMP=y @@ -53,6 +54,8 @@ CONFIG_FB_GEODE_LX=y CONFIG_FB_GEODE_GX=y # CONFIG_FB_GEODE_GX1 is not set +CONFIG_FB_SSD1307=m + # CONFIG_PCI_GOBIOS is not set # CONFIG_PCI_GODIRECT is not set # CONFIG_PCI_GOMMCONFIG is not set @@ -94,6 +97,8 @@ CONFIG_X86_TRAMPOLINE=y CONFIG_PCI_DIRECT=y +# CONFIG_TRANSPARENT_HUGEPAGE is not set + # SHPC has half-arsed PCI probing, which makes it load on too many systems # CONFIG_HOTPLUG_PCI_SHPC is not set @@ -117,8 +122,6 @@ CONFIG_SND_ES18XX=m CONFIG_HW_RANDOM_GEODE=m -# CONFIG_SGI_IOC4 is not set - CONFIG_TC1100_WMI=m CONFIG_IB700_WDT=m @@ -179,6 +182,9 @@ CONFIG_XO1_RFKILL=m CONFIG_X86_32_IRIS=m +CONFIG_POWER_RESET_GPIO=y + + CONFIG_MTD_OF_PARTS=y CONFIG_MTD_PHYSMAP_OF=m @@ -190,6 +196,7 @@ CONFIG_SERIAL_GRLIB_GAISLER_APBUART=m # CONFIG_X86_INTEL_MID is not set CONFIG_MFD_CS5535=m +# CONFIG_MFD_SYSCON is not set # I2O enabled only for 32-bit x86, disabled for PAE kernel CONFIG_I2O=m @@ -201,6 +208,9 @@ CONFIG_I2O_EXT_ADAPTEC=y CONFIG_I2O_CONFIG_OLD_IOCTL=y CONFIG_I2O_BUS=m +CONFIG_INPUT_PWM_BEEPER=m +CONFIG_BACKLIGHT_PWM=m + # CONFIG_EDAC_SBRIDGE is not set # CONFIG_X86_WANT_INTEL_MID is not set @@ -211,5 +221,12 @@ CONFIG_I2O_BUS=m # CONFIG_GEOS is not set # CONFIG_NET5501 is not set # CONFIG_MDIO_BUS_MUX_GPIO is not set +# CONFIG_MDIO_BUS_MUX_MMIOREG is not set # CONFIG_GPIO_SODAVILLE is not set +# CONFIG_GPIO_ADNP is not set # CONFIG_BACKLIGHT_OT200 is not set +# CONFIG_RTC_DRV_SNVS is not set +# CONFIG_OF_DISPLAY_TIMING is not set +# CONFIG_OF_VIDEOMODE is not set + +# CONFIG_MLX5_INFINIBAND is not set diff --git a/config-x86-generic b/config-x86-generic index ad22edd8d..c21bf1989 100644 --- a/config-x86-generic +++ b/config-x86-generic @@ -2,8 +2,6 @@ CONFIG_UID16=y CONFIG_X86_EXTENDED_PLATFORM=y -CONFIG_SMP=y - CONFIG_X86_GENERIC=y CONFIG_HPET=y @@ -14,6 +12,7 @@ CONFIG_I8K=m CONFIG_SONYPI_COMPAT=y CONFIG_MICROCODE=m CONFIG_MICROCODE_INTEL=y +CONFIG_MICROCODE_INTEL_EARLY=y CONFIG_MICROCODE_AMD=y CONFIG_X86_MSR=y @@ -28,7 +27,7 @@ CONFIG_PNP=y CONFIG_MTRR=y CONFIG_MTRR_SANITIZER=y -CONFIG_MTRR_SANITIZER_ENABLE_DEFAULT=1 +CONFIG_MTRR_SANITIZER_ENABLE_DEFAULT=0 CONFIG_MTRR_SANITIZER_SPARE_REG_NR_DEFAULT=1 CONFIG_X86_PAT=y CONFIG_X86_PM_TIMER=y @@ -36,6 +35,9 @@ CONFIG_X86_PM_TIMER=y CONFIG_EFI=y CONFIG_EFI_STUB=y CONFIG_EFI_VARS=y +CONFIG_EFIVAR_FS=y +CONFIG_EFI_VARS_PSTORE=y +CONFIG_EFI_VARS_PSTORE_DEFAULT_DISABLE=y CONFIG_EFI_PCDP=y CONFIG_FB_EFI=y @@ -48,8 +50,6 @@ CONFIG_INTEL_IOMMU_FLOPPY_WA=y # CONFIG_INTEL_IOMMU_DEFAULT_ON is not set CONFIG_SCSI_ADVANSYS=m -CONFIG_SECCOMP=y - CONFIG_CAPI_EICON=y # @@ -67,7 +67,7 @@ CONFIG_ACPI_AC=y # CONFIG_ACPI_ASUS is not set CONFIG_ACPI_BATTERY=y CONFIG_ACPI_BUTTON=y -CONFIG_ACPI_CONTAINER=m +CONFIG_ACPI_CONTAINER=y CONFIG_ACPI_DOCK=y CONFIG_ACPI_FAN=y CONFIG_ACPI_NUMA=y @@ -78,6 +78,7 @@ CONFIG_ACPI_SLEEP=y CONFIG_ACPI_THERMAL=y CONFIG_ACPI_TOSHIBA=m CONFIG_ACPI_VIDEO=m +CONFIG_ACPI_INITRD_TABLE_OVERRIDE=y # FIXME: Next two are deprecated. Remove them when they disappear upstream # CONFIG_ACPI_PROCFS_POWER is not set # CONFIG_ACPI_PROC_EVENT is not set @@ -91,12 +92,15 @@ CONFIG_ACPI_APEI_MEMORY_FAILURE=y # CONFIG_ACPI_APEI_EINJ is not set CONFIG_ACPI_IPMI=m CONFIG_ACPI_CUSTOM_METHOD=m -CONFIG_ACPI_BGRT=m +CONFIG_ACPI_BGRT=y -CONFIG_X86_ACPI_CPUFREQ=y -CONFIG_X86_PCC_CPUFREQ=y -CONFIG_X86_POWERNOW_K8=y -CONFIG_X86_P4_CLOCKMOD=y +# CONFIG_X86_INTEL_PSTATE is not set +CONFIG_X86_ACPI_CPUFREQ=m +CONFIG_X86_PCC_CPUFREQ=m +CONFIG_X86_ACPI_CPUFREQ_CPB=y +CONFIG_X86_POWERNOW_K8=m +CONFIG_X86_AMD_FREQ_SENSITIVITY=m +CONFIG_X86_P4_CLOCKMOD=m # CONFIG_X86_SPEEDSTEP_CENTRINO is not set # @@ -109,10 +113,6 @@ CONFIG_CRYPTO_DEV_PADLOCK_SHA=m CONFIG_GENERIC_ISA_DMA=y -CONFIG_SUSPEND=y -CONFIG_HIBERNATION=y -CONFIG_PM_STD_PARTITION="" - CONFIG_PCI_MMCONFIG=y CONFIG_PCI_BIOS=y CONFIG_PCI_IOAPIC=y @@ -123,8 +123,6 @@ CONFIG_HOTPLUG_PCI_COMPAQ=m CONFIG_HOTPLUG_PCI_IBM=m # CONFIG_HOTPLUG_PCI_CPCI is not set -CONFIG_PM=y - CONFIG_IPW2100=m CONFIG_IPW2100_MONITOR=y CONFIG_IPW2200=m @@ -140,6 +138,7 @@ CONFIG_I2C_AMD756_S4882=m CONFIG_I2C_AMD8111=m CONFIG_I2C_I801=m CONFIG_I2C_ISCH=m +CONFIG_I2C_ISMT=m CONFIG_I2C_NFORCE2=m CONFIG_I2C_NFORCE2_S4985=m CONFIG_I2C_PIIX4=m @@ -151,7 +150,6 @@ CONFIG_DELL_RBU=m CONFIG_DCDBAS=m CONFIG_EDAC=y -# CONFIG_EDAC_DEBUG is not set CONFIG_EDAC_MM_EDAC=m CONFIG_EDAC_AMD76X=m CONFIG_EDAC_AMD8111=m @@ -193,6 +191,7 @@ CONFIG_AMILO_RFKILL=m CONFIG_ASUS_LAPTOP=m CONFIG_COMPAL_LAPTOP=m CONFIG_DELL_LAPTOP=m +CONFIG_CHROMEOS_LAPTOP=m CONFIG_EEEPC_LAPTOP=m CONFIG_FUJITSU_TABLET=m CONFIG_FUJITSU_LAPTOP=m @@ -204,7 +203,6 @@ CONFIG_SAMSUNG_LAPTOP=m CONFIG_SONY_LAPTOP=m CONFIG_TOPSTAR_LAPTOP=m - CONFIG_ACPI_WMI=m CONFIG_ACER_WMI=m CONFIG_ACERHDF=m @@ -219,6 +217,9 @@ CONFIG_INTEL_OAKTRAIL=m CONFIG_SAMSUNG_Q10=m CONFIG_APPLE_GMUX=m CONFIG_XO15_EBOOK=m +CONFIG_INTEL_RST=m +CONFIG_INTEL_SMARTCONNECT=y +CONFIG_PVPANIC=m # CONFIG_TOUCHSCREEN_INTEL_MID is not set @@ -235,10 +236,11 @@ CONFIG_VIRTUALIZATION=y CONFIG_KVM=m CONFIG_KVM_INTEL=m CONFIG_KVM_AMD=m +CONFIG_KVM_DEVICE_ASSIGNMENT=y CONFIG_LGUEST=m CONFIG_LGUEST_GUEST=y -CONFIG_PARAVIRT_GUEST=y +CONFIG_HYPERVISOR_GUEST=y CONFIG_PARAVIRT=y CONFIG_PARAVIRT_TIME_ACCOUNTING=y # CONFIG_PARAVIRT_DEBUG is not set @@ -279,9 +281,8 @@ CONFIG_XEN_ACPI_PROCESSOR=m CONFIG_MTD_ESB2ROM=m CONFIG_MTD_CK804XROM=m -CONFIG_NO_HZ=y -CONFIG_HIGH_RES_TIMERS=y CONFIG_CPU_IDLE=y +# CONFIG_CPU_IDLE_MULTIPLE_DRIVERS is not set # CONFIG_CPU_IDLE_GOV_LADDER is not set CONFIG_CPU_IDLE_GOV_MENU=y @@ -314,13 +315,11 @@ CONFIG_HP_WATCHDOG=m CONFIG_NV_TCO=m CONFIG_SP5100_TCO=m -CONFIG_STRICT_DEVMEM=y - # CONFIG_NO_BOOTMEM is not set # CONFIG_MEMTEST is not set # CONFIG_DEBUG_TLBFLUSH is not set -CONFIG_MAXSMP=y +# CONFIG_MAXSMP is not set CONFIG_HP_ILO=m @@ -338,13 +337,10 @@ CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS=y # CONFIG_IOMMU_STRESS is not set -CONFIG_PERF_COUNTERS=y -CONFIG_PERF_EVENTS=y - CONFIG_X86_MCE=y CONFIG_X86_MCE_INTEL=y CONFIG_X86_MCE_AMD=y -# CONFIG_X86_MCE_INJECT is not set +CONFIG_X86_MCE_INJECT=m CONFIG_SFI=y @@ -362,6 +358,7 @@ CONFIG_LPC_SCH=m CONFIG_LPC_ICH=m CONFIG_GPIO_ICH=m +# CONFIG_GPIO_LYNXPOINT is not set CONFIG_PCI_CNB20LE_QUIRK=y @@ -390,10 +387,9 @@ CONFIG_X86_RESERVE_LOW=64 CONFIG_PCH_GBE=m CONFIG_PCH_PHUB=m -CONFIG_TRANSPARENT_HUGEPAGE=y - CONFIG_CRYPTO_AES_NI_INTEL=y CONFIG_CRYPTO_SERPENT_SSE2_586=m +CONFIG_CRYPTO_CRC32_PCLMUL=m CONFIG_HP_ACCEL=m @@ -411,6 +407,8 @@ CONFIG_HYPERV_UTILS=m CONFIG_HID_HYPERV_MOUSE=m CONFIG_HYPERV_NET=m CONFIG_HYPERV_STORAGE=m +CONFIG_HYPERV_BALLOON=m +CONFIG_FB_HYPERV=m # Depends on HOTPLUG_PCI_PCIE CONFIG_BLK_DEV_PCIESSD_MTIP32XX=m @@ -422,12 +420,41 @@ CONFIG_DRM_GMA3600=y CONFIG_RCU_FANOUT_LEAF=16 CONFIG_INTEL_MEI=m +CONFIG_INTEL_MEI_ME=m + +CONFIG_NFC_MEI_PHY=m +CONFIG_NFC_PN544_MEI=m +CONFIG_NFC_MICROREAD_MEI=m # Maybe enable in debug kernels? # CONFIG_DEBUG_NMI_SELFTEST is not set +# CONFIG_X86_INTEL_LPSS is not set + +# CONFIG_INTEL_POWERCLAMP is not set +CONFIG_X86_PKG_TEMP_THERMAL=m + +CONFIG_VMWARE_VMCI=m +CONFIG_VMWARE_VMCI_VSOCKETS=m + +CONFIG_XZ_DEC_X86=y + CONFIG_MPILIB=y +CONFIG_PKCS7_MESSAGE_PARSER=y +CONFIG_EFI_SIGNATURE_LIST_PARSER=y +CONFIG_PE_FILE_PARSER=y +CONFIG_SYSTEM_TRUSTED_KEYRING=y +CONFIG_SYSTEM_BLACKLIST_KEYRING=y CONFIG_MODULE_SIG=y +CONFIG_MODULE_SIG_ALL=y # CONFIG_MODULE_SIG_SHA1 is not set CONFIG_MODULE_SIG_SHA256=y # CONFIG_MODULE_SIG_FORCE is not set +CONFIG_MODULE_SIG_BLACKLIST=y +CONFIG_EFI_SECURE_BOOT_SIG_ENFORCE=y +CONFIG_EFI_SIGNATURE_LIST_PARSER=y + +CONFIG_MODULE_SIG_UEFI=y + +CONFIG_VMXNET3=m +CONFIG_VFIO_PCI_VGA=y diff --git a/config-x86_64-generic b/config-x86_64-generic index 342b8620a..b1bfed734 100644 --- a/config-x86_64-generic +++ b/config-x86_64-generic @@ -13,6 +13,8 @@ CONFIG_AMD_NUMA=y CONFIG_X86_64_ACPI_NUMA=y # CONFIG_NUMA_EMU is not set # CONFIG_X86_NUMACHIP is not set +CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y +CONFIG_NUMA_BALANCING=y CONFIG_NR_CPUS=128 CONFIG_PHYSICAL_START=0x1000000 @@ -27,10 +29,13 @@ CONFIG_AMD_IOMMU_V2=m CONFIG_SWIOTLB=y # CONFIG_CALGARY_IOMMU is not set +CONFIG_TRANSPARENT_HUGEPAGE=y +CONFIG_MEM_SOFT_DIRTY=y + CONFIG_KEXEC_JUMP=y CONFIG_ACPI_BLACKLIST_YEAR=0 -CONFIG_ACPI_HOTPLUG_MEMORY=m +CONFIG_ACPI_HOTPLUG_MEMORY=y # CONFIG_INTEL_SCU_IPC is not set @@ -43,11 +48,21 @@ CONFIG_CRYPTO_TWOFISH_X86_64=m CONFIG_CRYPTO_SALSA20_X86_64=m CONFIG_CRYPTO_GHASH_CLMUL_NI_INTEL=m CONFIG_CRYPTO_SHA1_SSSE3=m +CONFIG_CRYPTO_SHA256_SSSE3=m +CONFIG_CRYPTO_SHA512_SSSE3=m CONFIG_CRYPTO_BLOWFISH_X86_64=m +CONFIG_CRYPTO_BLOWFISH_AVX2_X86_64=m CONFIG_CRYPTO_TWOFISH_X86_64_3WAY=m CONFIG_CRYPTO_CAMELLIA_X86_64=m +CONFIG_CRYPTO_CAMELLIA_AESNI_AVX_X86_64=m +CONFIG_CRYPTO_CAMELLIA_AESNI_AVX2_X86_64=m +CONFIG_CRYPTO_CAST5_AVX_X86_64=m +CONFIG_CRYPTO_CAST6_AVX_X86_64=m +CONFIG_CRYPTO_CRCT10DIF_PCLMUL=m CONFIG_CRYPTO_SERPENT_AVX_X86_64=m +CONFIG_CRYPTO_SERPENT_AVX2_X86_64=m CONFIG_CRYPTO_TWOFISH_AVX_X86_64=m +CONFIG_CRYPTO_TWOFISH_AVX2_X86_64=m # CONFIG_I2C_ALI1535 is not set # CONFIG_I2C_ALI1563 is not set @@ -67,6 +82,7 @@ CONFIG_SPARSEMEM=y CONFIG_HAVE_MEMORY_PRESENT=y CONFIG_SPARSEMEM_EXTREME=y CONFIG_SPARSEMEM_VMEMMAP=y +# CONFIG_MOVABLE_NODE is not set # CONFIG_MEMORY_HOTPLUG is not set # CONFIG_MEMORY_HOTREMOVE is not set @@ -89,6 +105,7 @@ CONFIG_XEN_MAX_DOMAIN_MEMORY=128 CONFIG_XEN_DEV_EVTCHN=m CONFIG_XEN_SYS_HYPERVISOR=y # CONFIG_XEN_MCE_LOG is not set +# CONFIG_XEN_STUB is not set CONFIG_PROVIDE_OHCI1394_DMA_INIT=y @@ -107,6 +124,7 @@ CONFIG_X86_X2APIC=y CONFIG_SPARSE_IRQ=y CONFIG_RCU_FANOUT=64 +# CONFIG_RCU_USER_QS is not set CONFIG_INTEL_TXT=y @@ -118,6 +136,27 @@ CONFIG_I7300_IDLE=m CONFIG_BPF_JIT=y +# https://fedoraproject.org/wiki/Features/Checkpoint_Restore +CONFIG_CHECKPOINT_RESTORE=y + # Should be 32bit only, but lacks KConfig depends # CONFIG_XO15_EBOOK is not set +CONFIG_NTB=m +CONFIG_NTB_NETDEV=m + +# 10GigE +# +CONFIG_IP1000=m +CONFIG_MLX4_EN=m +CONFIG_MLX4_EN_DCB=y +# CONFIG_MLX4_DEBUG is not set +CONFIG_SFC=m +CONFIG_SFC_MCDI_MON=y +CONFIG_SFC_SRIOV=y +CONFIG_SFC_PTP=y +CONFIG_SFC_MTD=y +# Override MTD stuff because SFC_MTD needs it +CONFIG_MTD_CHAR=m +CONFIG_MTD_BLOCK=m + diff --git a/cpupower-Fix-segfault-due-to-incorrect-getopt_long-a.patch b/cpupower-Fix-segfault-due-to-incorrect-getopt_long-a.patch new file mode 100644 index 000000000..dcc6b84b6 --- /dev/null +++ b/cpupower-Fix-segfault-due-to-incorrect-getopt_long-a.patch @@ -0,0 +1,40 @@ +From cb8e390d258b7f8073afafcbb163976e27346e9d Mon Sep 17 00:00:00 2001 +From: Josh Boyer +Date: Fri, 11 Oct 2013 08:37:53 -0400 +Subject: [PATCH] cpupower: Fix segfault due to incorrect getopt_long arugments + +If a user calls 'cpupower set --perf-bias 15', the process will end with a +SIGSEGV in libc because cpupower-set passes a NULL optarg to the atoi call. +This is because the getopt_long structure currently has all of the options +as having an optional_argument when they really have a required argument. +We change the structure to use required_argument to match the short options +and it resolves the issue. + +This fixes https://bugzilla.redhat.com/show_bug.cgi?id=1000439 + +Cc: stable@vger.kernel.org +Signed-off-by: Josh Boyer +--- + tools/power/cpupower/utils/cpupower-set.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/tools/power/cpupower/utils/cpupower-set.c b/tools/power/cpupower/utils/cpupower-set.c +index dc4de37..bcf1d2f 100644 +--- a/tools/power/cpupower/utils/cpupower-set.c ++++ b/tools/power/cpupower/utils/cpupower-set.c +@@ -18,9 +18,9 @@ + #include "helpers/bitmask.h" + + static struct option set_opts[] = { +- { .name = "perf-bias", .has_arg = optional_argument, .flag = NULL, .val = 'b'}, +- { .name = "sched-mc", .has_arg = optional_argument, .flag = NULL, .val = 'm'}, +- { .name = "sched-smt", .has_arg = optional_argument, .flag = NULL, .val = 's'}, ++ { .name = "perf-bias", .has_arg = required_argument, .flag = NULL, .val = 'b'}, ++ { .name = "sched-mc", .has_arg = required_argument, .flag = NULL, .val = 'm'}, ++ { .name = "sched-smt", .has_arg = required_argument, .flag = NULL, .val = 's'}, + { }, + }; + +-- +1.8.3.1 + diff --git a/linux-2.6-crash-driver.patch b/crash-driver.patch similarity index 96% rename from linux-2.6-crash-driver.patch rename to crash-driver.patch index 239f0f6a0..a7b7b72f9 100644 --- a/linux-2.6-crash-driver.patch +++ b/crash-driver.patch @@ -131,7 +131,7 @@ new file mode 100644 index 0000000..dfcc006 --- /dev/null +++ b/arch/x86/include/asm/crash.h -@@ -0,0 +1,75 @@ +@@ -0,0 +1,73 @@ +#ifndef _ASM_I386_CRASH_H +#define _ASM_I386_CRASH_H + @@ -162,8 +162,6 @@ index 0000000..dfcc006 +#include +#include + -+extern int page_is_ram(unsigned long); -+ +static inline void * +map_virtual(u64 offset, struct page **pp) +{ @@ -207,19 +205,6 @@ index 0000000..dfcc006 +#endif /* __KERNEL__ */ + +#endif /* _ASM_I386_CRASH_H */ -diff --git a/arch/x86/mm/ioremap.c b/arch/x86/mm/ioremap.c -index be1ef57..ac659f7 100644 ---- a/arch/x86/mm/ioremap.c -+++ b/arch/x86/mm/ioremap.c -@@ -24,6 +24,8 @@ - - #include "physaddr.h" - -+EXPORT_SYMBOL_GPL(page_is_ram); -+ - /* - * Fix up the linear direct mapping of the kernel to avoid cache attribute - * conflicts. diff --git a/drivers/char/Kconfig b/drivers/char/Kconfig index 423fd56..e04a561 100644 --- a/drivers/char/Kconfig diff --git a/linux-2.6-defaults-acpi-video.patch b/defaults-acpi-video.patch similarity index 100% rename from linux-2.6-defaults-acpi-video.patch rename to defaults-acpi-video.patch diff --git a/dell-laptop.patch b/dell-laptop.patch new file mode 100644 index 000000000..906d93519 --- /dev/null +++ b/dell-laptop.patch @@ -0,0 +1,1017 @@ +Bugzilla: 958826 +Upstream-status: 3.13 + +From 4cc8a57425c623753b10b77b15392e5b83baa5a3 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Sun, 17 Nov 2013 14:00:16 +0100 +Subject: [PATCH 01/12] Revert "dell-laptop: Remove rfkill code" + +Without rfkill functionality in dell-laptop I have the following problems: +-If the hardware radio switch is set to disable the radio, then userspace + will still think it can use wireless and bluetooth. +-The wwan / 3g modem cannot be soft blocked without the dell-laptop rfkill + functionality + +I know the rfkill functionality was removed from the dell-laptop driver because +it caused more problems then it fixed, and the blacklist for it was growing out +of control. + +But in the thread discussing this Dell mentioned that they only QA the rfkill +acpi interface on Latitudes and indeed there have been no blacklist entries +for Latitudes. Therefor I would like to bring the rfkill functionality back +only for Latitudes. This patch is a straight-forward revert. The next patch +in this set will drop the blacklist and replace it with a Latitude check. + +This reverts commit a6c2390cd6d2083d27a2359658e08f2d3df375ac. + +Conflicts: + drivers/platform/x86/dell-laptop.c + +Signed-off-by: Hans de Goede +Signed-off-by: Matthew Garrett +--- + drivers/platform/x86/dell-laptop.c | 289 +++++++++++++++++++++++++++++++++++++ + 1 file changed, 289 insertions(+) + +diff --git a/drivers/platform/x86/dell-laptop.c b/drivers/platform/x86/dell-laptop.c +index bb77e18..55f75a2 100644 +--- a/drivers/platform/x86/dell-laptop.c ++++ b/drivers/platform/x86/dell-laptop.c +@@ -21,6 +21,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -89,6 +90,9 @@ static struct platform_driver platform_driver = { + + static struct platform_device *platform_device; + static struct backlight_device *dell_backlight_device; ++static struct rfkill *wifi_rfkill; ++static struct rfkill *bluetooth_rfkill; ++static struct rfkill *wwan_rfkill; + + static const struct dmi_system_id dell_device_table[] __initconst = { + { +@@ -115,6 +119,53 @@ static const struct dmi_system_id dell_device_table[] __initconst = { + }; + MODULE_DEVICE_TABLE(dmi, dell_device_table); + ++static struct dmi_system_id dell_blacklist[] = { ++ /* Supported by compal-laptop */ ++ { ++ .ident = "Dell Mini 9", ++ .matches = { ++ DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), ++ DMI_MATCH(DMI_PRODUCT_NAME, "Inspiron 910"), ++ }, ++ }, ++ { ++ .ident = "Dell Mini 10", ++ .matches = { ++ DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), ++ DMI_MATCH(DMI_PRODUCT_NAME, "Inspiron 1010"), ++ }, ++ }, ++ { ++ .ident = "Dell Mini 10v", ++ .matches = { ++ DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), ++ DMI_MATCH(DMI_PRODUCT_NAME, "Inspiron 1011"), ++ }, ++ }, ++ { ++ .ident = "Dell Mini 1012", ++ .matches = { ++ DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), ++ DMI_MATCH(DMI_PRODUCT_NAME, "Inspiron 1012"), ++ }, ++ }, ++ { ++ .ident = "Dell Inspiron 11z", ++ .matches = { ++ DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), ++ DMI_MATCH(DMI_PRODUCT_NAME, "Inspiron 1110"), ++ }, ++ }, ++ { ++ .ident = "Dell Mini 12", ++ .matches = { ++ DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), ++ DMI_MATCH(DMI_PRODUCT_NAME, "Inspiron 1210"), ++ }, ++ }, ++ {} ++}; ++ + static struct dmi_system_id dell_quirks[] = { + { + .callback = dmi_matched, +@@ -355,6 +406,94 @@ dell_send_request(struct calling_interface_buffer *buffer, int class, + return buffer; + } + ++/* Derived from information in DellWirelessCtl.cpp: ++ Class 17, select 11 is radio control. It returns an array of 32-bit values. ++ ++ Input byte 0 = 0: Wireless information ++ ++ result[0]: return code ++ result[1]: ++ Bit 0: Hardware switch supported ++ Bit 1: Wifi locator supported ++ Bit 2: Wifi is supported ++ Bit 3: Bluetooth is supported ++ Bit 4: WWAN is supported ++ Bit 5: Wireless keyboard supported ++ Bits 6-7: Reserved ++ Bit 8: Wifi is installed ++ Bit 9: Bluetooth is installed ++ Bit 10: WWAN is installed ++ Bits 11-15: Reserved ++ Bit 16: Hardware switch is on ++ Bit 17: Wifi is blocked ++ Bit 18: Bluetooth is blocked ++ Bit 19: WWAN is blocked ++ Bits 20-31: Reserved ++ result[2]: NVRAM size in bytes ++ result[3]: NVRAM format version number ++ ++ Input byte 0 = 2: Wireless switch configuration ++ result[0]: return code ++ result[1]: ++ Bit 0: Wifi controlled by switch ++ Bit 1: Bluetooth controlled by switch ++ Bit 2: WWAN controlled by switch ++ Bits 3-6: Reserved ++ Bit 7: Wireless switch config locked ++ Bit 8: Wifi locator enabled ++ Bits 9-14: Reserved ++ Bit 15: Wifi locator setting locked ++ Bits 16-31: Reserved ++*/ ++ ++static int dell_rfkill_set(void *data, bool blocked) ++{ ++ int disable = blocked ? 1 : 0; ++ unsigned long radio = (unsigned long)data; ++ int hwswitch_bit = (unsigned long)data - 1; ++ int ret = 0; ++ ++ get_buffer(); ++ dell_send_request(buffer, 17, 11); ++ ++ /* If the hardware switch controls this radio, and the hardware ++ switch is disabled, don't allow changing the software state */ ++ if ((hwswitch_state & BIT(hwswitch_bit)) && ++ !(buffer->output[1] & BIT(16))) { ++ ret = -EINVAL; ++ goto out; ++ } ++ ++ buffer->input[0] = (1 | (radio<<8) | (disable << 16)); ++ dell_send_request(buffer, 17, 11); ++ ++out: ++ release_buffer(); ++ return ret; ++} ++ ++static void dell_rfkill_query(struct rfkill *rfkill, void *data) ++{ ++ int status; ++ int bit = (unsigned long)data + 16; ++ int hwswitch_bit = (unsigned long)data - 1; ++ ++ get_buffer(); ++ dell_send_request(buffer, 17, 11); ++ status = buffer->output[1]; ++ release_buffer(); ++ ++ rfkill_set_sw_state(rfkill, !!(status & BIT(bit))); ++ ++ if (hwswitch_state & (BIT(hwswitch_bit))) ++ rfkill_set_hw_state(rfkill, !(status & BIT(16))); ++} ++ ++static const struct rfkill_ops dell_rfkill_ops = { ++ .set_block = dell_rfkill_set, ++ .query = dell_rfkill_query, ++}; ++ + static struct dentry *dell_laptop_dir; + + static int dell_debugfs_show(struct seq_file *s, void *data) +@@ -424,6 +563,108 @@ static const struct file_operations dell_debugfs_fops = { + .release = single_release, + }; + ++static void dell_update_rfkill(struct work_struct *ignored) ++{ ++ if (wifi_rfkill) ++ dell_rfkill_query(wifi_rfkill, (void *)1); ++ if (bluetooth_rfkill) ++ dell_rfkill_query(bluetooth_rfkill, (void *)2); ++ if (wwan_rfkill) ++ dell_rfkill_query(wwan_rfkill, (void *)3); ++} ++static DECLARE_DELAYED_WORK(dell_rfkill_work, dell_update_rfkill); ++ ++ ++static int __init dell_setup_rfkill(void) ++{ ++ int status; ++ int ret; ++ ++ if (dmi_check_system(dell_blacklist)) { ++ pr_info("Blacklisted hardware detected - not enabling rfkill\n"); ++ return 0; ++ } ++ ++ get_buffer(); ++ dell_send_request(buffer, 17, 11); ++ status = buffer->output[1]; ++ buffer->input[0] = 0x2; ++ dell_send_request(buffer, 17, 11); ++ hwswitch_state = buffer->output[1]; ++ release_buffer(); ++ ++ if ((status & (1<<2|1<<8)) == (1<<2|1<<8)) { ++ wifi_rfkill = rfkill_alloc("dell-wifi", &platform_device->dev, ++ RFKILL_TYPE_WLAN, ++ &dell_rfkill_ops, (void *) 1); ++ if (!wifi_rfkill) { ++ ret = -ENOMEM; ++ goto err_wifi; ++ } ++ ret = rfkill_register(wifi_rfkill); ++ if (ret) ++ goto err_wifi; ++ } ++ ++ if ((status & (1<<3|1<<9)) == (1<<3|1<<9)) { ++ bluetooth_rfkill = rfkill_alloc("dell-bluetooth", ++ &platform_device->dev, ++ RFKILL_TYPE_BLUETOOTH, ++ &dell_rfkill_ops, (void *) 2); ++ if (!bluetooth_rfkill) { ++ ret = -ENOMEM; ++ goto err_bluetooth; ++ } ++ ret = rfkill_register(bluetooth_rfkill); ++ if (ret) ++ goto err_bluetooth; ++ } ++ ++ if ((status & (1<<4|1<<10)) == (1<<4|1<<10)) { ++ wwan_rfkill = rfkill_alloc("dell-wwan", ++ &platform_device->dev, ++ RFKILL_TYPE_WWAN, ++ &dell_rfkill_ops, (void *) 3); ++ if (!wwan_rfkill) { ++ ret = -ENOMEM; ++ goto err_wwan; ++ } ++ ret = rfkill_register(wwan_rfkill); ++ if (ret) ++ goto err_wwan; ++ } ++ ++ return 0; ++err_wwan: ++ rfkill_destroy(wwan_rfkill); ++ if (bluetooth_rfkill) ++ rfkill_unregister(bluetooth_rfkill); ++err_bluetooth: ++ rfkill_destroy(bluetooth_rfkill); ++ if (wifi_rfkill) ++ rfkill_unregister(wifi_rfkill); ++err_wifi: ++ rfkill_destroy(wifi_rfkill); ++ ++ return ret; ++} ++ ++static void dell_cleanup_rfkill(void) ++{ ++ if (wifi_rfkill) { ++ rfkill_unregister(wifi_rfkill); ++ rfkill_destroy(wifi_rfkill); ++ } ++ if (bluetooth_rfkill) { ++ rfkill_unregister(bluetooth_rfkill); ++ rfkill_destroy(bluetooth_rfkill); ++ } ++ if (wwan_rfkill) { ++ rfkill_unregister(wwan_rfkill); ++ rfkill_destroy(wwan_rfkill); ++ } ++} ++ + static int dell_send_intensity(struct backlight_device *bd) + { + int ret = 0; +@@ -515,6 +756,30 @@ static void touchpad_led_exit(void) + led_classdev_unregister(&touchpad_led); + } + ++static bool dell_laptop_i8042_filter(unsigned char data, unsigned char str, ++ struct serio *port) ++{ ++ static bool extended; ++ ++ if (str & 0x20) ++ return false; ++ ++ if (unlikely(data == 0xe0)) { ++ extended = true; ++ return false; ++ } else if (unlikely(extended)) { ++ switch (data) { ++ case 0x8: ++ schedule_delayed_work(&dell_rfkill_work, ++ round_jiffies_relative(HZ)); ++ break; ++ } ++ extended = false; ++ } ++ ++ return false; ++} ++ + static int __init dell_init(void) + { + int max_intensity = 0; +@@ -557,10 +822,26 @@ static int __init dell_init(void) + } + buffer = page_address(bufferpage); + ++ ret = dell_setup_rfkill(); ++ ++ if (ret) { ++ pr_warn("Unable to setup rfkill\n"); ++ goto fail_rfkill; ++ } ++ ++ ret = i8042_install_filter(dell_laptop_i8042_filter); ++ if (ret) { ++ pr_warn("Unable to install key filter\n"); ++ goto fail_filter; ++ } ++ + if (quirks && quirks->touchpad_led) + touchpad_led_init(&platform_device->dev); + + dell_laptop_dir = debugfs_create_dir("dell_laptop", NULL); ++ if (dell_laptop_dir != NULL) ++ debugfs_create_file("rfkill", 0444, dell_laptop_dir, NULL, ++ &dell_debugfs_fops); + + #ifdef CONFIG_ACPI + /* In the event of an ACPI backlight being available, don't +@@ -603,6 +884,11 @@ static int __init dell_init(void) + return 0; + + fail_backlight: ++ i8042_remove_filter(dell_laptop_i8042_filter); ++ cancel_delayed_work_sync(&dell_rfkill_work); ++fail_filter: ++ dell_cleanup_rfkill(); ++fail_rfkill: + free_page((unsigned long)bufferpage); + fail_buffer: + platform_device_del(platform_device); +@@ -620,7 +906,10 @@ static void __exit dell_exit(void) + debugfs_remove_recursive(dell_laptop_dir); + if (quirks && quirks->touchpad_led) + touchpad_led_exit(); ++ i8042_remove_filter(dell_laptop_i8042_filter); ++ cancel_delayed_work_sync(&dell_rfkill_work); + backlight_device_unregister(dell_backlight_device); ++ dell_cleanup_rfkill(); + if (platform_device) { + platform_device_unregister(platform_device); + platform_driver_unregister(&platform_driver); +-- +1.8.3.1 + + +From 2a92551845bbbc8421ba908cd14bbdf065e0f454 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Sun, 17 Nov 2013 14:00:17 +0100 +Subject: [PATCH 02/12] dell-laptop: Only enable rfkill on Latitudes + +The rfkill functionality was removed from the dell-laptop driver because it +was causing problems on various non Latitude models, and the blacklist kept +growing and growing. In the thread discussing this Dell mentioned that they +only QA the rfkill acpi interface on Latitudes and indeed there have been +no blacklist entries for Latitudes. + +Note that the blacklist contained no Vostros either, and most Vostros have +a hardware switch too, so we could consider supporting Vostros with a +hardware switch too. + +Signed-off-by: Hans de Goede +Signed-off-by: Matthew Garrett +--- + drivers/platform/x86/dell-laptop.c | 57 +++++--------------------------------- + 1 file changed, 7 insertions(+), 50 deletions(-) + +diff --git a/drivers/platform/x86/dell-laptop.c b/drivers/platform/x86/dell-laptop.c +index 55f75a2..bae932b 100644 +--- a/drivers/platform/x86/dell-laptop.c ++++ b/drivers/platform/x86/dell-laptop.c +@@ -119,53 +119,6 @@ static const struct dmi_system_id dell_device_table[] __initconst = { + }; + MODULE_DEVICE_TABLE(dmi, dell_device_table); + +-static struct dmi_system_id dell_blacklist[] = { +- /* Supported by compal-laptop */ +- { +- .ident = "Dell Mini 9", +- .matches = { +- DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), +- DMI_MATCH(DMI_PRODUCT_NAME, "Inspiron 910"), +- }, +- }, +- { +- .ident = "Dell Mini 10", +- .matches = { +- DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), +- DMI_MATCH(DMI_PRODUCT_NAME, "Inspiron 1010"), +- }, +- }, +- { +- .ident = "Dell Mini 10v", +- .matches = { +- DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), +- DMI_MATCH(DMI_PRODUCT_NAME, "Inspiron 1011"), +- }, +- }, +- { +- .ident = "Dell Mini 1012", +- .matches = { +- DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), +- DMI_MATCH(DMI_PRODUCT_NAME, "Inspiron 1012"), +- }, +- }, +- { +- .ident = "Dell Inspiron 11z", +- .matches = { +- DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), +- DMI_MATCH(DMI_PRODUCT_NAME, "Inspiron 1110"), +- }, +- }, +- { +- .ident = "Dell Mini 12", +- .matches = { +- DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), +- DMI_MATCH(DMI_PRODUCT_NAME, "Inspiron 1210"), +- }, +- }, +- {} +-}; +- + static struct dmi_system_id dell_quirks[] = { + { + .callback = dmi_matched, +@@ -579,11 +532,15 @@ static int __init dell_setup_rfkill(void) + { + int status; + int ret; ++ const char *product; + +- if (dmi_check_system(dell_blacklist)) { +- pr_info("Blacklisted hardware detected - not enabling rfkill\n"); ++ /* ++ * rfkill causes trouble on various non Latitudes, according to Dell ++ * actually testing the rfkill functionality is only done on Latitudes. ++ */ ++ product = dmi_get_system_info(DMI_PRODUCT_NAME); ++ if (!product || strncmp(product, "Latitude", 8)) + return 0; +- } + + get_buffer(); + dell_send_request(buffer, 17, 11); +-- +1.8.3.1 + + +From ddde708217af6d5fe43c0086247c05ed317076b4 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Sun, 17 Nov 2013 14:00:18 +0100 +Subject: [PATCH 03/12] dell-laptop: If there is no hwswitch, then clear all + hw-controlled bits + +To ensure we don't enter any hw-switch related code paths on machines without +a hw-switch. + +Signed-off-by: Hans de Goede +Signed-off-by: Matthew Garrett +--- + drivers/platform/x86/dell-laptop.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/drivers/platform/x86/dell-laptop.c b/drivers/platform/x86/dell-laptop.c +index bae932b..48fabf6 100644 +--- a/drivers/platform/x86/dell-laptop.c ++++ b/drivers/platform/x86/dell-laptop.c +@@ -548,6 +548,9 @@ static int __init dell_setup_rfkill(void) + buffer->input[0] = 0x2; + dell_send_request(buffer, 17, 11); + hwswitch_state = buffer->output[1]; ++ /* If there is no hwswitch, then clear all hw-controlled bits */ ++ if (!(status & BIT(0))) ++ hwswitch_state &= ~7; + release_buffer(); + + if ((status & (1<<2|1<<8)) == (1<<2|1<<8)) { +-- +1.8.3.1 + + +From d038880efd9dd222c67fd31fbfca3440d0db3a06 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Sun, 17 Nov 2013 14:00:19 +0100 +Subject: [PATCH 04/12] dell-laptop: Only get status from BIOS once when + updating + +Signed-off-by: Hans de Goede +Signed-off-by: Matthew Garrett +--- + drivers/platform/x86/dell-laptop.c | 28 +++++++++++++++++++--------- + 1 file changed, 19 insertions(+), 9 deletions(-) + +diff --git a/drivers/platform/x86/dell-laptop.c b/drivers/platform/x86/dell-laptop.c +index 48fabf6..06f281b 100644 +--- a/drivers/platform/x86/dell-laptop.c ++++ b/drivers/platform/x86/dell-laptop.c +@@ -425,21 +425,24 @@ out: + return ret; + } + ++static void dell_rfkill_update(struct rfkill *rfkill, int radio, int status) ++{ ++ rfkill_set_sw_state(rfkill, !!(status & BIT(radio + 16))); ++ ++ if (hwswitch_state & (BIT(radio - 1))) ++ rfkill_set_hw_state(rfkill, !(status & BIT(16))); ++} ++ + static void dell_rfkill_query(struct rfkill *rfkill, void *data) + { + int status; +- int bit = (unsigned long)data + 16; +- int hwswitch_bit = (unsigned long)data - 1; + + get_buffer(); + dell_send_request(buffer, 17, 11); + status = buffer->output[1]; + release_buffer(); + +- rfkill_set_sw_state(rfkill, !!(status & BIT(bit))); +- +- if (hwswitch_state & (BIT(hwswitch_bit))) +- rfkill_set_hw_state(rfkill, !(status & BIT(16))); ++ dell_rfkill_update(rfkill, (unsigned long)data, status); + } + + static const struct rfkill_ops dell_rfkill_ops = { +@@ -518,12 +521,19 @@ static const struct file_operations dell_debugfs_fops = { + + static void dell_update_rfkill(struct work_struct *ignored) + { ++ int status; ++ ++ get_buffer(); ++ dell_send_request(buffer, 17, 11); ++ status = buffer->output[1]; ++ release_buffer(); ++ + if (wifi_rfkill) +- dell_rfkill_query(wifi_rfkill, (void *)1); ++ dell_rfkill_update(wifi_rfkill, 1, status); + if (bluetooth_rfkill) +- dell_rfkill_query(bluetooth_rfkill, (void *)2); ++ dell_rfkill_update(bluetooth_rfkill, 2, status); + if (wwan_rfkill) +- dell_rfkill_query(wwan_rfkill, (void *)3); ++ dell_rfkill_update(wwan_rfkill, 3, status); + } + static DECLARE_DELAYED_WORK(dell_rfkill_work, dell_update_rfkill); + +-- +1.8.3.1 + + +From 33f9359abb9f6ded3e7b6dc98b1468c83404af49 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Sun, 17 Nov 2013 14:00:20 +0100 +Subject: [PATCH 05/12] dell-laptop: Don't set sw_state from the query callback + +The query callback should only update the hw_state, see the comment in +net/rfkill/core.c in rfkill_set_block, which is its only caller. + +rfkill_set_block will modify the sw_state directly after calling query so +calling set_sw_state is an expensive NOP. + +Signed-off-by: Hans de Goede +Signed-off-by: Matthew Garrett +--- + drivers/platform/x86/dell-laptop.c | 27 +++++++++++++++++++-------- + 1 file changed, 19 insertions(+), 8 deletions(-) + +diff --git a/drivers/platform/x86/dell-laptop.c b/drivers/platform/x86/dell-laptop.c +index 06f281b..7f47396 100644 +--- a/drivers/platform/x86/dell-laptop.c ++++ b/drivers/platform/x86/dell-laptop.c +@@ -425,10 +425,15 @@ out: + return ret; + } + +-static void dell_rfkill_update(struct rfkill *rfkill, int radio, int status) ++static void dell_rfkill_update_sw_state(struct rfkill *rfkill, int radio, ++ int status) + { + rfkill_set_sw_state(rfkill, !!(status & BIT(radio + 16))); ++} + ++static void dell_rfkill_update_hw_state(struct rfkill *rfkill, int radio, ++ int status) ++{ + if (hwswitch_state & (BIT(radio - 1))) + rfkill_set_hw_state(rfkill, !(status & BIT(16))); + } +@@ -442,7 +447,7 @@ static void dell_rfkill_query(struct rfkill *rfkill, void *data) + status = buffer->output[1]; + release_buffer(); + +- dell_rfkill_update(rfkill, (unsigned long)data, status); ++ dell_rfkill_update_hw_state(rfkill, (unsigned long)data, status); + } + + static const struct rfkill_ops dell_rfkill_ops = { +@@ -528,12 +533,18 @@ static void dell_update_rfkill(struct work_struct *ignored) + status = buffer->output[1]; + release_buffer(); + +- if (wifi_rfkill) +- dell_rfkill_update(wifi_rfkill, 1, status); +- if (bluetooth_rfkill) +- dell_rfkill_update(bluetooth_rfkill, 2, status); +- if (wwan_rfkill) +- dell_rfkill_update(wwan_rfkill, 3, status); ++ if (wifi_rfkill) { ++ dell_rfkill_update_hw_state(wifi_rfkill, 1, status); ++ dell_rfkill_update_sw_state(wifi_rfkill, 1, status); ++ } ++ if (bluetooth_rfkill) { ++ dell_rfkill_update_hw_state(bluetooth_rfkill, 2, status); ++ dell_rfkill_update_sw_state(bluetooth_rfkill, 2, status); ++ } ++ if (wwan_rfkill) { ++ dell_rfkill_update_hw_state(wwan_rfkill, 3, status); ++ dell_rfkill_update_sw_state(wwan_rfkill, 3, status); ++ } + } + static DECLARE_DELAYED_WORK(dell_rfkill_work, dell_update_rfkill); + +-- +1.8.3.1 + + +From 3f56588a79a06a0499db0077cad6675762ddc40e Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Sun, 17 Nov 2013 14:00:21 +0100 +Subject: [PATCH 06/12] dell-laptop: Don't read-back sw_state on machines with + a hardware switch + +On machines with a hardware switch, the blocking settings can not be changed +through a Fn + wireless-key combo, so there is no reason to read back the +blocking state from the BIOS. + +Reading back is not only not necessary it is actually harmful, since on some +machines the blocking state will be cleared to all 0 after a wireless switch +toggle, even for radios not controlled by the hw-switch (yeah firmware bugs). + +This causes "magic" changes to the sw_state. This is inconsistent with other +rfkill drivers which preserve the sw_state over a hw kill on / off. + +Signed-off-by: Hans de Goede +Signed-off-by: Matthew Garrett +--- + drivers/platform/x86/dell-laptop.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/drivers/platform/x86/dell-laptop.c b/drivers/platform/x86/dell-laptop.c +index 7f47396..80de0cc 100644 +--- a/drivers/platform/x86/dell-laptop.c ++++ b/drivers/platform/x86/dell-laptop.c +@@ -428,7 +428,10 @@ out: + static void dell_rfkill_update_sw_state(struct rfkill *rfkill, int radio, + int status) + { +- rfkill_set_sw_state(rfkill, !!(status & BIT(radio + 16))); ++ if (!(status & BIT(0))) { ++ /* No hw-switch, sync BIOS state to sw_state */ ++ rfkill_set_sw_state(rfkill, !!(status & BIT(radio + 16))); ++ } + } + + static void dell_rfkill_update_hw_state(struct rfkill *rfkill, int radio, +-- +1.8.3.1 + + +From 4d39d88ceb83e88953a76df8b1fa10f43f328038 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Sun, 17 Nov 2013 14:00:22 +0100 +Subject: [PATCH 07/12] dell-laptop: Allow changing the sw_state while the + radio is blocked by hw + +This makes dell-laptop's rfkill code consistent with other drivers which +allow sw_state changes while hw blocked. + +Signed-off-by: Hans de Goede +Signed-off-by: Matthew Garrett +--- + drivers/platform/x86/dell-laptop.c | 7 ++----- + 1 file changed, 2 insertions(+), 5 deletions(-) + +diff --git a/drivers/platform/x86/dell-laptop.c b/drivers/platform/x86/dell-laptop.c +index 80de0cc..834f499 100644 +--- a/drivers/platform/x86/dell-laptop.c ++++ b/drivers/platform/x86/dell-laptop.c +@@ -404,7 +404,6 @@ static int dell_rfkill_set(void *data, bool blocked) + int disable = blocked ? 1 : 0; + unsigned long radio = (unsigned long)data; + int hwswitch_bit = (unsigned long)data - 1; +- int ret = 0; + + get_buffer(); + dell_send_request(buffer, 17, 11); +@@ -412,17 +411,15 @@ static int dell_rfkill_set(void *data, bool blocked) + /* If the hardware switch controls this radio, and the hardware + switch is disabled, don't allow changing the software state */ + if ((hwswitch_state & BIT(hwswitch_bit)) && +- !(buffer->output[1] & BIT(16))) { +- ret = -EINVAL; ++ !(buffer->output[1] & BIT(16))) + goto out; +- } + + buffer->input[0] = (1 | (radio<<8) | (disable << 16)); + dell_send_request(buffer, 17, 11); + + out: + release_buffer(); +- return ret; ++ return 0; + } + + static void dell_rfkill_update_sw_state(struct rfkill *rfkill, int radio, +-- +1.8.3.1 + + +From 04c9a3a06c47b337b90a91e458716262cc45b103 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Sun, 17 Nov 2013 14:00:23 +0100 +Subject: [PATCH 08/12] dell-laptop: Sync current block state to BIOS on hw + switch change + +This is necessary for 3 reasons: +1) To apply sw_state changes made while hw-blocked +2) To set all the blocked bits for hw-switch controlled radios to 1 when the + switch gets changed to off, this is necessary on some models to actually + turn the radio status LEDs off. +3) On some models non hw-switch controlled radios will have their block bit + cleared (potentially undoing a soft-block) on hw-switch toggle, this + restores the sw-block in this case. + +Signed-off-by: Hans de Goede +Signed-off-by: Matthew Garrett +--- + drivers/platform/x86/dell-laptop.c | 14 +++++++++++--- + 1 file changed, 11 insertions(+), 3 deletions(-) + +diff --git a/drivers/platform/x86/dell-laptop.c b/drivers/platform/x86/dell-laptop.c +index 834f499..7f59624 100644 +--- a/drivers/platform/x86/dell-laptop.c ++++ b/drivers/platform/x86/dell-laptop.c +@@ -422,10 +422,16 @@ out: + return 0; + } + ++/* Must be called with the buffer held */ + static void dell_rfkill_update_sw_state(struct rfkill *rfkill, int radio, + int status) + { +- if (!(status & BIT(0))) { ++ if (status & BIT(0)) { ++ /* Has hw-switch, sync sw_state to BIOS */ ++ int block = rfkill_blocked(rfkill); ++ buffer->input[0] = (1 | (radio << 8) | (block << 16)); ++ dell_send_request(buffer, 17, 11); ++ } else { + /* No hw-switch, sync BIOS state to sw_state */ + rfkill_set_sw_state(rfkill, !!(status & BIT(radio + 16))); + } +@@ -445,9 +451,10 @@ static void dell_rfkill_query(struct rfkill *rfkill, void *data) + get_buffer(); + dell_send_request(buffer, 17, 11); + status = buffer->output[1]; +- release_buffer(); + + dell_rfkill_update_hw_state(rfkill, (unsigned long)data, status); ++ ++ release_buffer(); + } + + static const struct rfkill_ops dell_rfkill_ops = { +@@ -531,7 +538,6 @@ static void dell_update_rfkill(struct work_struct *ignored) + get_buffer(); + dell_send_request(buffer, 17, 11); + status = buffer->output[1]; +- release_buffer(); + + if (wifi_rfkill) { + dell_rfkill_update_hw_state(wifi_rfkill, 1, status); +@@ -545,6 +551,8 @@ static void dell_update_rfkill(struct work_struct *ignored) + dell_rfkill_update_hw_state(wwan_rfkill, 3, status); + dell_rfkill_update_sw_state(wwan_rfkill, 3, status); + } ++ ++ release_buffer(); + } + static DECLARE_DELAYED_WORK(dell_rfkill_work, dell_update_rfkill); + +-- +1.8.3.1 + + +From ed1128989ab242f44664b446702a512e5695c4b7 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Sun, 17 Nov 2013 14:00:24 +0100 +Subject: [PATCH 09/12] dell-laptop: Do not skip setting blocked bit rfkill_set + while hw-blocked + +Instead when hw-blocked always write 1 to the blocked bit for the radio in +question. This is necessary to properly set all the blocked bits for hw-switch +controlled radios to 1 after power-on and resume. + +Signed-off-by: Hans de Goede +Signed-off-by: Matthew Garrett +--- + drivers/platform/x86/dell-laptop.c | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +diff --git a/drivers/platform/x86/dell-laptop.c b/drivers/platform/x86/dell-laptop.c +index 7f59624..b33b779 100644 +--- a/drivers/platform/x86/dell-laptop.c ++++ b/drivers/platform/x86/dell-laptop.c +@@ -409,15 +409,14 @@ static int dell_rfkill_set(void *data, bool blocked) + dell_send_request(buffer, 17, 11); + + /* If the hardware switch controls this radio, and the hardware +- switch is disabled, don't allow changing the software state */ ++ switch is disabled, always disable the radio */ + if ((hwswitch_state & BIT(hwswitch_bit)) && + !(buffer->output[1] & BIT(16))) +- goto out; ++ disable = 1; + + buffer->input[0] = (1 | (radio<<8) | (disable << 16)); + dell_send_request(buffer, 17, 11); + +-out: + release_buffer(); + return 0; + } +-- +1.8.3.1 + + +From 26c22d63a70f62e0832c6d9f2a2690ab0155d584 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Sun, 17 Nov 2013 14:00:25 +0100 +Subject: [PATCH 10/12] dell-laptop: Wait less long before updating rfkill + after an rfkill keypress + +Some time is needed for the BIOS to do its work, but 250ms should be plenty. + +Signed-off-by: Hans de Goede +Signed-off-by: Matthew Garrett +--- + drivers/platform/x86/dell-laptop.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/drivers/platform/x86/dell-laptop.c b/drivers/platform/x86/dell-laptop.c +index b33b779..fe20f67 100644 +--- a/drivers/platform/x86/dell-laptop.c ++++ b/drivers/platform/x86/dell-laptop.c +@@ -759,7 +759,7 @@ static bool dell_laptop_i8042_filter(unsigned char data, unsigned char str, + switch (data) { + case 0x8: + schedule_delayed_work(&dell_rfkill_work, +- round_jiffies_relative(HZ)); ++ round_jiffies_relative(HZ / 4)); + break; + } + extended = false; +-- +1.8.3.1 + + +From 8e0e668d0aa09d2eb0a7a260b6c7801796e01bd3 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Sun, 17 Nov 2013 14:00:26 +0100 +Subject: [PATCH 11/12] dell-laptop: Add a force_rfkill module parameter + +Setting force_rfkill will cause the dell-laptop rfkill code to skip its +whitelist checks, this will allow individual users to override the whitelist, +as well as to gather info from users to improve the checks. + +Signed-off-by: Hans de Goede +Signed-off-by: Matthew Garrett +--- + drivers/platform/x86/dell-laptop.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/drivers/platform/x86/dell-laptop.c b/drivers/platform/x86/dell-laptop.c +index fe20f67..bd67c89 100644 +--- a/drivers/platform/x86/dell-laptop.c ++++ b/drivers/platform/x86/dell-laptop.c +@@ -93,6 +93,10 @@ static struct backlight_device *dell_backlight_device; + static struct rfkill *wifi_rfkill; + static struct rfkill *bluetooth_rfkill; + static struct rfkill *wwan_rfkill; ++static bool force_rfkill; ++ ++module_param(force_rfkill, bool, 0444); ++MODULE_PARM_DESC(force_rfkill, "enable rfkill on non whitelisted models"); + + static const struct dmi_system_id dell_device_table[] __initconst = { + { +@@ -567,7 +571,7 @@ static int __init dell_setup_rfkill(void) + * actually testing the rfkill functionality is only done on Latitudes. + */ + product = dmi_get_system_info(DMI_PRODUCT_NAME); +- if (!product || strncmp(product, "Latitude", 8)) ++ if (!force_rfkill && (!product || strncmp(product, "Latitude", 8))) + return 0; + + get_buffer(); +-- +1.8.3.1 + + +From 2bd4ac139259bb605fc0325a7dda33e2fbb67ae3 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Sun, 17 Nov 2013 14:00:27 +0100 +Subject: [PATCH 12/12] dell-laptop: Only enable rfkill functionality on + laptops with a hw killswitch + +All my testing has been on laptops with a hw killswitch, so to be on the +safe side disable rfkill functionality on models without a hw killswitch for +now. Once we gather some feedback on laptops without a hw killswitch this +decision maybe reconsidered. + +Signed-off-by: Hans de Goede +Signed-off-by: Matthew Garrett +--- + drivers/platform/x86/dell-laptop.c | 13 ++++++++++--- + 1 file changed, 10 insertions(+), 3 deletions(-) + +diff --git a/drivers/platform/x86/dell-laptop.c b/drivers/platform/x86/dell-laptop.c +index bd67c89..c608b1d 100644 +--- a/drivers/platform/x86/dell-laptop.c ++++ b/drivers/platform/x86/dell-laptop.c +@@ -580,11 +580,18 @@ static int __init dell_setup_rfkill(void) + buffer->input[0] = 0x2; + dell_send_request(buffer, 17, 11); + hwswitch_state = buffer->output[1]; +- /* If there is no hwswitch, then clear all hw-controlled bits */ +- if (!(status & BIT(0))) +- hwswitch_state &= ~7; + release_buffer(); + ++ if (!(status & BIT(0))) { ++ if (force_rfkill) { ++ /* No hwsitch, clear all hw-controlled bits */ ++ hwswitch_state &= ~7; ++ } else { ++ /* rfkill is only tested on laptops with a hwswitch */ ++ return 0; ++ } ++ } ++ + if ((status & (1<<2|1<<8)) == (1<<2|1<<8)) { + wifi_rfkill = rfkill_alloc("dell-wifi", &platform_device->dev, + RFKILL_TYPE_WLAN, +-- +1.8.3.1 + diff --git a/devel-pekey-secure-boot-20130502.patch b/devel-pekey-secure-boot-20130502.patch new file mode 100644 index 000000000..0a5342f83 --- /dev/null +++ b/devel-pekey-secure-boot-20130502.patch @@ -0,0 +1,5912 @@ +From 888c361d20210d39863ba6f2b71adb84e0a926a7 Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Fri, 18 Jan 2013 13:53:35 +0000 +Subject: [PATCH 01/47] KEYS: Load *.x509 files into kernel keyring + +Load all the files matching the pattern "*.x509" that are to be found in kernel +base source dir and base build dir into the module signing keyring. + +The "extra_certificates" file is then redundant. + +Signed-off-by: David Howells +--- + kernel/Makefile | 35 +++++++++++++++++++++++++++++------ + kernel/modsign_certificate.S | 3 +-- + 2 files changed, 30 insertions(+), 8 deletions(-) + +diff --git a/kernel/Makefile b/kernel/Makefile +index d1574d4..64c97da 100644 +--- a/kernel/Makefile ++++ b/kernel/Makefile +@@ -141,17 +141,40 @@ $(obj)/timeconst.h: $(obj)/hz.bc $(src)/timeconst.bc FORCE + $(call if_changed,bc) + + ifeq ($(CONFIG_MODULE_SIG),y) ++############################################################################### + # +-# Pull the signing certificate and any extra certificates into the kernel ++# Roll all the X.509 certificates that we can find together and pull ++# them into the kernel. + # ++############################################################################### ++X509_CERTIFICATES-y := $(wildcard *.x509) $(wildcard $(srctree)/*.x509) ++X509_CERTIFICATES-$(CONFIG_MODULE_SIG) += signing_key.x509 ++X509_CERTIFICATES := $(sort $(X509_CERTIFICATES-y)) ++ ++ifeq ($(X509_CERTIFICATES),) ++$(warning *** No X.509 certificates found ***) ++endif ++ ++ifneq ($(wildcard $(obj)/.x509.list),) ++ifneq ($(shell cat $(obj)/.x509.list),$(X509_CERTIFICATES)) ++$(info X.509 certificate list changed) ++$(shell rm $(obj)/.x509.list) ++endif ++endif ++ ++kernel/modsign_certificate.o: $(obj)/x509_certificate_list + +-quiet_cmd_touch = TOUCH $@ +- cmd_touch = touch $@ ++quiet_cmd_x509certs = CERTS $@ ++ cmd_x509certs = cat $(X509_CERTIFICATES) /dev/null >$@ ++targets += $(obj)/x509_certificate_list ++$(obj)/x509_certificate_list: $(X509_CERTIFICATES) $(obj)/.x509.list ++ $(call if_changed,x509certs) + +-extra_certificates: +- $(call cmd,touch) ++targets += $(obj)/.x509.list ++$(obj)/.x509.list: ++ @echo $(X509_CERTIFICATES) >$@ + +-kernel/modsign_certificate.o: signing_key.x509 extra_certificates ++clean-files := x509_certificate_list .x509.list + + ############################################################################### + # +diff --git a/kernel/modsign_certificate.S b/kernel/modsign_certificate.S +index 246b4c6..0a60203 100644 +--- a/kernel/modsign_certificate.S ++++ b/kernel/modsign_certificate.S +@@ -14,6 +14,5 @@ + .section ".init.data","aw" + + GLOBAL(modsign_certificate_list) +- .incbin "signing_key.x509" +- .incbin "extra_certificates" ++ .incbin "kernel/x509_certificate_list" + GLOBAL(modsign_certificate_list_end) +-- +1.8.1.4 + + +From 26a6bf8ffbe82d706c6de06746d760d9bc425ee5 Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Tue, 15 Jan 2013 18:39:54 +0000 +Subject: [PATCH 02/47] KEYS: Separate the kernel signature checking keyring + from module signing + +Separate the kernel signature checking keyring from module signing so that it +can be used by code other than the module-signing code. + +Signed-off-by: David Howells +--- + include/keys/system_keyring.h | 23 ++++++++++ + init/Kconfig | 13 ++++++ + kernel/Makefile | 17 ++++--- + kernel/modsign_pubkey.c | 104 ------------------------------------------ + kernel/module-internal.h | 2 - + kernel/module_signing.c | 3 +- + kernel/system_certificates.S | 18 ++++++++ + kernel/system_keyring.c | 101 ++++++++++++++++++++++++++++++++++++++++ + 8 files changed, 168 insertions(+), 113 deletions(-) + create mode 100644 include/keys/system_keyring.h + delete mode 100644 kernel/modsign_pubkey.c + create mode 100644 kernel/system_certificates.S + create mode 100644 kernel/system_keyring.c + +diff --git a/include/keys/system_keyring.h b/include/keys/system_keyring.h +new file mode 100644 +index 0000000..8dabc39 +--- /dev/null ++++ b/include/keys/system_keyring.h +@@ -0,0 +1,23 @@ ++/* System keyring containing trusted public keys. ++ * ++ * Copyright (C) 2013 Red Hat, Inc. All Rights Reserved. ++ * Written by David Howells (dhowells@redhat.com) ++ * ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU General Public Licence ++ * as published by the Free Software Foundation; either version ++ * 2 of the Licence, or (at your option) any later version. ++ */ ++ ++#ifndef _KEYS_SYSTEM_KEYRING_H ++#define _KEYS_SYSTEM_KEYRING_H ++ ++#ifdef CONFIG_SYSTEM_TRUSTED_KEYRING ++ ++#include ++ ++extern struct key *system_trusted_keyring; ++ ++#endif ++ ++#endif /* _KEYS_SYSTEM_KEYRING_H */ +diff --git a/init/Kconfig b/init/Kconfig +index a76d131..b9d8870 100644 +--- a/init/Kconfig ++++ b/init/Kconfig +@@ -1615,6 +1615,18 @@ config BASE_SMALL + default 0 if BASE_FULL + default 1 if !BASE_FULL + ++config SYSTEM_TRUSTED_KEYRING ++ bool "Provide system-wide ring of trusted keys" ++ depends on KEYS ++ help ++ Provide a system keyring to which trusted keys can be added. Keys in ++ the keyring are considered to be trusted. Keys may be added at will ++ by the kernel from compiled-in data and from hardware key stores, but ++ userspace may only add extra keys if those keys can be verified by ++ keys already in the keyring. ++ ++ Keys in this keyring are used by module signature checking. ++ + menuconfig MODULES + bool "Enable loadable module support" + help +@@ -1687,6 +1699,7 @@ config MODULE_SRCVERSION_ALL + config MODULE_SIG + bool "Module signature verification" + depends on MODULES ++ select SYSTEM_TRUSTED_KEYRING + select KEYS + select CRYPTO + select ASYMMETRIC_KEY_TYPE +diff --git a/kernel/Makefile b/kernel/Makefile +index 64c97da..ecff938 100644 +--- a/kernel/Makefile ++++ b/kernel/Makefile +@@ -52,8 +52,9 @@ obj-$(CONFIG_SMP) += spinlock.o + obj-$(CONFIG_DEBUG_SPINLOCK) += spinlock.o + obj-$(CONFIG_PROVE_LOCKING) += spinlock.o + obj-$(CONFIG_UID16) += uid16.o ++obj-$(CONFIG_SYSTEM_TRUSTED_KEYRING) += system_keyring.o system_certificates.o + obj-$(CONFIG_MODULES) += module.o +-obj-$(CONFIG_MODULE_SIG) += module_signing.o modsign_pubkey.o modsign_certificate.o ++obj-$(CONFIG_MODULE_SIG) += module_signing.o + obj-$(CONFIG_KALLSYMS) += kallsyms.o + obj-$(CONFIG_BSD_PROCESS_ACCT) += acct.o + obj-$(CONFIG_KEXEC) += kexec.o +@@ -140,13 +141,14 @@ targets += timeconst.h + $(obj)/timeconst.h: $(obj)/hz.bc $(src)/timeconst.bc FORCE + $(call if_changed,bc) + +-ifeq ($(CONFIG_MODULE_SIG),y) + ############################################################################### + # +-# Roll all the X.509 certificates that we can find together and pull +-# them into the kernel. ++# Roll all the X.509 certificates that we can find together and pull them into ++# the kernel so that they get loaded into the system trusted keyring during ++# boot. + # + ############################################################################### ++ifeq ($(CONFIG_SYSTEM_TRUSTED_KEYRING),y) + X509_CERTIFICATES-y := $(wildcard *.x509) $(wildcard $(srctree)/*.x509) + X509_CERTIFICATES-$(CONFIG_MODULE_SIG) += signing_key.x509 + X509_CERTIFICATES := $(sort $(X509_CERTIFICATES-y)) +@@ -162,10 +164,11 @@ $(shell rm $(obj)/.x509.list) + endif + endif + +-kernel/modsign_certificate.o: $(obj)/x509_certificate_list ++kernel/system_certificates.o: $(obj)/x509_certificate_list + + quiet_cmd_x509certs = CERTS $@ +- cmd_x509certs = cat $(X509_CERTIFICATES) /dev/null >$@ ++ cmd_x509certs = cat $(X509_CERTIFICATES) /dev/null >$@ $(foreach X509,$(X509_CERTIFICATES),; echo " - Including cert $(X509)") ++ + targets += $(obj)/x509_certificate_list + $(obj)/x509_certificate_list: $(X509_CERTIFICATES) $(obj)/.x509.list + $(call if_changed,x509certs) +@@ -175,7 +178,9 @@ $(obj)/.x509.list: + @echo $(X509_CERTIFICATES) >$@ + + clean-files := x509_certificate_list .x509.list ++endif + ++ifeq ($(CONFIG_MODULE_SIG),y) + ############################################################################### + # + # If module signing is requested, say by allyesconfig, but a key has not been +diff --git a/kernel/modsign_pubkey.c b/kernel/modsign_pubkey.c +deleted file mode 100644 +index 2b6e699..0000000 +--- a/kernel/modsign_pubkey.c ++++ /dev/null +@@ -1,104 +0,0 @@ +-/* Public keys for module signature verification +- * +- * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. +- * Written by David Howells (dhowells@redhat.com) +- * +- * This program is free software; you can redistribute it and/or +- * modify it under the terms of the GNU General Public Licence +- * as published by the Free Software Foundation; either version +- * 2 of the Licence, or (at your option) any later version. +- */ +- +-#include +-#include +-#include +-#include +-#include +-#include "module-internal.h" +- +-struct key *modsign_keyring; +- +-extern __initdata const u8 modsign_certificate_list[]; +-extern __initdata const u8 modsign_certificate_list_end[]; +- +-/* +- * We need to make sure ccache doesn't cache the .o file as it doesn't notice +- * if modsign.pub changes. +- */ +-static __initdata const char annoy_ccache[] = __TIME__ "foo"; +- +-/* +- * Load the compiled-in keys +- */ +-static __init int module_verify_init(void) +-{ +- pr_notice("Initialise module verification\n"); +- +- modsign_keyring = keyring_alloc(".module_sign", +- KUIDT_INIT(0), KGIDT_INIT(0), +- current_cred(), +- ((KEY_POS_ALL & ~KEY_POS_SETATTR) | +- KEY_USR_VIEW | KEY_USR_READ), +- KEY_ALLOC_NOT_IN_QUOTA, NULL); +- if (IS_ERR(modsign_keyring)) +- panic("Can't allocate module signing keyring\n"); +- +- return 0; +-} +- +-/* +- * Must be initialised before we try and load the keys into the keyring. +- */ +-device_initcall(module_verify_init); +- +-/* +- * Load the compiled-in keys +- */ +-static __init int load_module_signing_keys(void) +-{ +- key_ref_t key; +- const u8 *p, *end; +- size_t plen; +- +- pr_notice("Loading module verification certificates\n"); +- +- end = modsign_certificate_list_end; +- p = modsign_certificate_list; +- while (p < end) { +- /* Each cert begins with an ASN.1 SEQUENCE tag and must be more +- * than 256 bytes in size. +- */ +- if (end - p < 4) +- goto dodgy_cert; +- if (p[0] != 0x30 && +- p[1] != 0x82) +- goto dodgy_cert; +- plen = (p[2] << 8) | p[3]; +- plen += 4; +- if (plen > end - p) +- goto dodgy_cert; +- +- key = key_create_or_update(make_key_ref(modsign_keyring, 1), +- "asymmetric", +- NULL, +- p, +- plen, +- (KEY_POS_ALL & ~KEY_POS_SETATTR) | +- KEY_USR_VIEW, +- KEY_ALLOC_NOT_IN_QUOTA); +- if (IS_ERR(key)) +- pr_err("MODSIGN: Problem loading in-kernel X.509 certificate (%ld)\n", +- PTR_ERR(key)); +- else +- pr_notice("MODSIGN: Loaded cert '%s'\n", +- key_ref_to_ptr(key)->description); +- p += plen; +- } +- +- return 0; +- +-dodgy_cert: +- pr_err("MODSIGN: Problem parsing in-kernel X.509 certificate list\n"); +- return 0; +-} +-late_initcall(load_module_signing_keys); +diff --git a/kernel/module-internal.h b/kernel/module-internal.h +index 24f9247..915e123 100644 +--- a/kernel/module-internal.h ++++ b/kernel/module-internal.h +@@ -9,6 +9,4 @@ + * 2 of the Licence, or (at your option) any later version. + */ + +-extern struct key *modsign_keyring; +- + extern int mod_verify_sig(const void *mod, unsigned long *_modlen); +diff --git a/kernel/module_signing.c b/kernel/module_signing.c +index f2970bd..0034e36 100644 +--- a/kernel/module_signing.c ++++ b/kernel/module_signing.c +@@ -14,6 +14,7 @@ + #include + #include + #include ++#include + #include "module-internal.h" + + /* +@@ -157,7 +158,7 @@ static struct key *request_asymmetric_key(const char *signer, size_t signer_len, + + pr_debug("Look up: \"%s\"\n", id); + +- key = keyring_search(make_key_ref(modsign_keyring, 1), ++ key = keyring_search(make_key_ref(system_trusted_keyring, 1), + &key_type_asymmetric, id); + if (IS_ERR(key)) + pr_warn("Request for unknown module key '%s' err %ld\n", +diff --git a/kernel/system_certificates.S b/kernel/system_certificates.S +new file mode 100644 +index 0000000..86240df +--- /dev/null ++++ b/kernel/system_certificates.S +@@ -0,0 +1,18 @@ ++/* SYMBOL_PREFIX defined on commandline from CONFIG_SYMBOL_PREFIX */ ++#ifndef SYMBOL_PREFIX ++#define ASM_SYMBOL(sym) sym ++#else ++#define PASTE2(x,y) x##y ++#define PASTE(x,y) PASTE2(x,y) ++#define ASM_SYMBOL(sym) PASTE(SYMBOL_PREFIX, sym) ++#endif ++ ++#define GLOBAL(name) \ ++ .globl ASM_SYMBOL(name); \ ++ ASM_SYMBOL(name): ++ ++ .section ".init.data","aw" ++ ++GLOBAL(system_certificate_list) ++ .incbin "kernel/x509_certificate_list" ++GLOBAL(system_certificate_list_end) +diff --git a/kernel/system_keyring.c b/kernel/system_keyring.c +new file mode 100644 +index 0000000..a3ca76f +--- /dev/null ++++ b/kernel/system_keyring.c +@@ -0,0 +1,101 @@ ++/* System trusted keyring for trusted public keys ++ * ++ * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. ++ * Written by David Howells (dhowells@redhat.com) ++ * ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU General Public Licence ++ * as published by the Free Software Foundation; either version ++ * 2 of the Licence, or (at your option) any later version. ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include "module-internal.h" ++ ++struct key *system_trusted_keyring; ++EXPORT_SYMBOL_GPL(system_trusted_keyring); ++ ++extern __initdata const u8 system_certificate_list[]; ++extern __initdata const u8 system_certificate_list_end[]; ++ ++/* ++ * Load the compiled-in keys ++ */ ++static __init int system_trusted_keyring_init(void) ++{ ++ pr_notice("Initialise system trusted keyring\n"); ++ ++ system_trusted_keyring = ++ keyring_alloc(".system_keyring", ++ KUIDT_INIT(0), KGIDT_INIT(0), current_cred(), ++ ((KEY_POS_ALL & ~KEY_POS_SETATTR) | ++ KEY_USR_VIEW | KEY_USR_READ), ++ KEY_ALLOC_NOT_IN_QUOTA, NULL); ++ if (IS_ERR(system_trusted_keyring)) ++ panic("Can't allocate system trusted keyring\n"); ++ ++ return 0; ++} ++ ++/* ++ * Must be initialised before we try and load the keys into the keyring. ++ */ ++device_initcall(system_trusted_keyring_init); ++ ++/* ++ * Load the compiled-in list of X.509 certificates. ++ */ ++static __init int load_system_certificate_list(void) ++{ ++ key_ref_t key; ++ const u8 *p, *end; ++ size_t plen; ++ ++ pr_notice("Loading compiled-in X.509 certificates\n"); ++ ++ end = system_certificate_list_end; ++ p = system_certificate_list; ++ while (p < end) { ++ /* Each cert begins with an ASN.1 SEQUENCE tag and must be more ++ * than 256 bytes in size. ++ */ ++ if (end - p < 4) ++ goto dodgy_cert; ++ if (p[0] != 0x30 && ++ p[1] != 0x82) ++ goto dodgy_cert; ++ plen = (p[2] << 8) | p[3]; ++ plen += 4; ++ if (plen > end - p) ++ goto dodgy_cert; ++ ++ key = key_create_or_update(make_key_ref(system_trusted_keyring, 1), ++ "asymmetric", ++ NULL, ++ p, ++ plen, ++ (KEY_POS_ALL & ~KEY_POS_SETATTR) | ++ KEY_USR_VIEW, ++ KEY_ALLOC_NOT_IN_QUOTA); ++ if (IS_ERR(key)) ++ pr_err("Problem loading in-kernel X.509 certificate (%ld)\n", ++ PTR_ERR(key)); ++ else ++ pr_notice("Loaded X.509 cert '%s'\n", ++ key_ref_to_ptr(key)->description); ++ p += plen; ++ } ++ ++ return 0; ++ ++dodgy_cert: ++ pr_err("Problem parsing in-kernel X.509 certificate list\n"); ++ return 0; ++} ++late_initcall(load_system_certificate_list); +-- +1.8.1.4 + + +From 4e2b0f425d73360fc40b8719b36e6e3ca94d458e Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Thu, 17 Jan 2013 16:25:00 +0000 +Subject: [PATCH 03/47] KEYS: Add a 'trusted' flag and a 'trusted only' flag + +Add KEY_FLAG_TRUSTED to indicate that a key either comes from a trusted source +or had a cryptographic signature chain that led back to a trusted key the +kernel already possessed. + +Add KEY_FLAGS_TRUSTED_ONLY to indicate that a keyring will only accept links to +keys marked with KEY_FLAGS_TRUSTED. + +Signed-off-by: David Howells +Reviewed-by: Kees Cook +--- + include/linux/key-type.h | 1 + + include/linux/key.h | 3 +++ + kernel/system_keyring.c | 4 +++- + security/keys/key.c | 8 ++++++++ + security/keys/keyring.c | 4 ++++ + 5 files changed, 19 insertions(+), 1 deletion(-) + +diff --git a/include/linux/key-type.h b/include/linux/key-type.h +index 518a53a..f942b2d 100644 +--- a/include/linux/key-type.h ++++ b/include/linux/key-type.h +@@ -45,6 +45,7 @@ struct key_preparsed_payload { + const void *data; /* Raw data */ + size_t datalen; /* Raw datalen */ + size_t quotalen; /* Quota length for proposed payload */ ++ bool trusted; /* True if key is trusted */ + }; + + typedef int (*request_key_actor_t)(struct key_construction *key, +diff --git a/include/linux/key.h b/include/linux/key.h +index 4dfde11..0b32a09 100644 +--- a/include/linux/key.h ++++ b/include/linux/key.h +@@ -162,6 +162,8 @@ struct key { + #define KEY_FLAG_NEGATIVE 5 /* set if key is negative */ + #define KEY_FLAG_ROOT_CAN_CLEAR 6 /* set if key can be cleared by root without permission */ + #define KEY_FLAG_INVALIDATED 7 /* set if key has been invalidated */ ++#define KEY_FLAG_TRUSTED 8 /* set if key is trusted */ ++#define KEY_FLAG_TRUSTED_ONLY 9 /* set if keyring only accepts links to trusted keys */ + + /* the description string + * - this is used to match a key against search criteria +@@ -203,6 +205,7 @@ extern struct key *key_alloc(struct key_type *type, + #define KEY_ALLOC_IN_QUOTA 0x0000 /* add to quota, reject if would overrun */ + #define KEY_ALLOC_QUOTA_OVERRUN 0x0001 /* add to quota, permit even if overrun */ + #define KEY_ALLOC_NOT_IN_QUOTA 0x0002 /* not in quota */ ++#define KEY_ALLOC_TRUSTED 0x0004 /* Key should be flagged as trusted */ + + extern void key_revoke(struct key *key); + extern void key_invalidate(struct key *key); +diff --git a/kernel/system_keyring.c b/kernel/system_keyring.c +index a3ca76f..dae8778 100644 +--- a/kernel/system_keyring.c ++++ b/kernel/system_keyring.c +@@ -40,6 +40,7 @@ static __init int system_trusted_keyring_init(void) + if (IS_ERR(system_trusted_keyring)) + panic("Can't allocate system trusted keyring\n"); + ++ set_bit(KEY_FLAG_TRUSTED_ONLY, &system_trusted_keyring->flags); + return 0; + } + +@@ -82,7 +83,8 @@ static __init int load_system_certificate_list(void) + plen, + (KEY_POS_ALL & ~KEY_POS_SETATTR) | + KEY_USR_VIEW, +- KEY_ALLOC_NOT_IN_QUOTA); ++ KEY_ALLOC_NOT_IN_QUOTA | ++ KEY_ALLOC_TRUSTED); + if (IS_ERR(key)) + pr_err("Problem loading in-kernel X.509 certificate (%ld)\n", + PTR_ERR(key)); +diff --git a/security/keys/key.c b/security/keys/key.c +index 8fb7c7b..f3de9e4 100644 +--- a/security/keys/key.c ++++ b/security/keys/key.c +@@ -299,6 +299,8 @@ struct key *key_alloc(struct key_type *type, const char *desc, + + if (!(flags & KEY_ALLOC_NOT_IN_QUOTA)) + key->flags |= 1 << KEY_FLAG_IN_QUOTA; ++ if (flags & KEY_ALLOC_TRUSTED) ++ key->flags |= 1 << KEY_FLAG_TRUSTED; + + memset(&key->type_data, 0, sizeof(key->type_data)); + +@@ -813,6 +815,7 @@ key_ref_t key_create_or_update(key_ref_t keyring_ref, + prep.data = payload; + prep.datalen = plen; + prep.quotalen = ktype->def_datalen; ++ prep.trusted = flags & KEY_ALLOC_TRUSTED; + if (ktype->preparse) { + ret = ktype->preparse(&prep); + if (ret < 0) { +@@ -826,6 +829,11 @@ key_ref_t key_create_or_update(key_ref_t keyring_ref, + goto error_free_prep; + } + ++ key_ref = ERR_PTR(-EPERM); ++ if (!prep.trusted && test_bit(KEY_FLAG_TRUSTED_ONLY, &keyring->flags)) ++ goto error_free_prep; ++ flags |= prep.trusted ? KEY_ALLOC_TRUSTED : 0; ++ + ret = __key_link_begin(keyring, ktype, description, &prealloc); + if (ret < 0) { + key_ref = ERR_PTR(ret); +diff --git a/security/keys/keyring.c b/security/keys/keyring.c +index 6ece7f2..f18d7ff 100644 +--- a/security/keys/keyring.c ++++ b/security/keys/keyring.c +@@ -1006,6 +1006,10 @@ int key_link(struct key *keyring, struct key *key) + key_check(keyring); + key_check(key); + ++ if (test_bit(KEY_FLAG_TRUSTED_ONLY, &keyring->flags) && ++ !test_bit(KEY_FLAG_TRUSTED, &key->flags)) ++ return -EPERM; ++ + ret = __key_link_begin(keyring, key->type, key->description, &prealloc); + if (ret == 0) { + ret = __key_link_check_live_key(keyring, key); +-- +1.8.1.4 + + +From 3deae827abdd3de9b7976b423279812d7559e580 Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Tue, 15 Jan 2013 15:33:32 +0000 +Subject: [PATCH 04/47] KEYS: Rename public key parameter name arrays + +Rename the arrays of public key parameters (public key algorithm names, hash +algorithm names and ID type names) so that the array name ends in "_name". + +Signed-off-by: David Howells +Reviewed-by: Kees Cook +Reviewed-by: Josh Boyer +--- + crypto/asymmetric_keys/public_key.c | 14 +++++++------- + crypto/asymmetric_keys/x509_public_key.c | 8 ++++---- + include/crypto/public_key.h | 6 +++--- + kernel/module_signing.c | 4 ++-- + 4 files changed, 16 insertions(+), 16 deletions(-) + +diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c +index cb2e291..b313df1 100644 +--- a/crypto/asymmetric_keys/public_key.c ++++ b/crypto/asymmetric_keys/public_key.c +@@ -22,13 +22,13 @@ + + MODULE_LICENSE("GPL"); + +-const char *const pkey_algo[PKEY_ALGO__LAST] = { ++const char *const pkey_algo_name[PKEY_ALGO__LAST] = { + [PKEY_ALGO_DSA] = "DSA", + [PKEY_ALGO_RSA] = "RSA", + }; +-EXPORT_SYMBOL_GPL(pkey_algo); ++EXPORT_SYMBOL_GPL(pkey_algo_name); + +-const char *const pkey_hash_algo[PKEY_HASH__LAST] = { ++const char *const pkey_hash_algo_name[PKEY_HASH__LAST] = { + [PKEY_HASH_MD4] = "md4", + [PKEY_HASH_MD5] = "md5", + [PKEY_HASH_SHA1] = "sha1", +@@ -38,13 +38,13 @@ const char *const pkey_hash_algo[PKEY_HASH__LAST] = { + [PKEY_HASH_SHA512] = "sha512", + [PKEY_HASH_SHA224] = "sha224", + }; +-EXPORT_SYMBOL_GPL(pkey_hash_algo); ++EXPORT_SYMBOL_GPL(pkey_hash_algo_name); + +-const char *const pkey_id_type[PKEY_ID_TYPE__LAST] = { ++const char *const pkey_id_type_name[PKEY_ID_TYPE__LAST] = { + [PKEY_ID_PGP] = "PGP", + [PKEY_ID_X509] = "X509", + }; +-EXPORT_SYMBOL_GPL(pkey_id_type); ++EXPORT_SYMBOL_GPL(pkey_id_type_name); + + /* + * Provide a part of a description of the key for /proc/keys. +@@ -56,7 +56,7 @@ static void public_key_describe(const struct key *asymmetric_key, + + if (key) + seq_printf(m, "%s.%s", +- pkey_id_type[key->id_type], key->algo->name); ++ pkey_id_type_name[key->id_type], key->algo->name); + } + + /* +diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c +index 06007f0..afbbc36 100644 +--- a/crypto/asymmetric_keys/x509_public_key.c ++++ b/crypto/asymmetric_keys/x509_public_key.c +@@ -49,7 +49,7 @@ static int x509_check_signature(const struct public_key *pub, + /* Allocate the hashing algorithm we're going to need and find out how + * big the hash operational data will be. + */ +- tfm = crypto_alloc_shash(pkey_hash_algo[cert->sig_hash_algo], 0, 0); ++ tfm = crypto_alloc_shash(pkey_hash_algo_name[cert->sig_hash_algo], 0, 0); + if (IS_ERR(tfm)) + return (PTR_ERR(tfm) == -ENOENT) ? -ENOPKG : PTR_ERR(tfm); + +@@ -117,7 +117,7 @@ static int x509_key_preparse(struct key_preparsed_payload *prep) + + pr_devel("Cert Issuer: %s\n", cert->issuer); + pr_devel("Cert Subject: %s\n", cert->subject); +- pr_devel("Cert Key Algo: %s\n", pkey_algo[cert->pkey_algo]); ++ pr_devel("Cert Key Algo: %s\n", pkey_algo_name[cert->pkey_algo]); + pr_devel("Cert Valid From: %04ld-%02d-%02d %02d:%02d:%02d\n", + cert->valid_from.tm_year + 1900, cert->valid_from.tm_mon + 1, + cert->valid_from.tm_mday, cert->valid_from.tm_hour, +@@ -127,8 +127,8 @@ static int x509_key_preparse(struct key_preparsed_payload *prep) + cert->valid_to.tm_mday, cert->valid_to.tm_hour, + cert->valid_to.tm_min, cert->valid_to.tm_sec); + pr_devel("Cert Signature: %s + %s\n", +- pkey_algo[cert->sig_pkey_algo], +- pkey_hash_algo[cert->sig_hash_algo]); ++ pkey_algo_name[cert->sig_pkey_algo], ++ pkey_hash_algo_name[cert->sig_hash_algo]); + + if (!cert->fingerprint || !cert->authority) { + pr_warn("Cert for '%s' must have SubjKeyId and AuthKeyId extensions\n", +diff --git a/include/crypto/public_key.h b/include/crypto/public_key.h +index f5b0224..619d570 100644 +--- a/include/crypto/public_key.h ++++ b/include/crypto/public_key.h +@@ -22,7 +22,7 @@ enum pkey_algo { + PKEY_ALGO__LAST + }; + +-extern const char *const pkey_algo[PKEY_ALGO__LAST]; ++extern const char *const pkey_algo_name[PKEY_ALGO__LAST]; + + enum pkey_hash_algo { + PKEY_HASH_MD4, +@@ -36,7 +36,7 @@ enum pkey_hash_algo { + PKEY_HASH__LAST + }; + +-extern const char *const pkey_hash_algo[PKEY_HASH__LAST]; ++extern const char *const pkey_hash_algo_name[PKEY_HASH__LAST]; + + enum pkey_id_type { + PKEY_ID_PGP, /* OpenPGP generated key ID */ +@@ -44,7 +44,7 @@ enum pkey_id_type { + PKEY_ID_TYPE__LAST + }; + +-extern const char *const pkey_id_type[PKEY_ID_TYPE__LAST]; ++extern const char *const pkey_id_type_name[PKEY_ID_TYPE__LAST]; + + /* + * Cryptographic data for the public-key subtype of the asymmetric key type. +diff --git a/kernel/module_signing.c b/kernel/module_signing.c +index 0034e36..0b6b870 100644 +--- a/kernel/module_signing.c ++++ b/kernel/module_signing.c +@@ -55,7 +55,7 @@ static struct public_key_signature *mod_make_digest(enum pkey_hash_algo hash, + /* Allocate the hashing algorithm we're going to need and find out how + * big the hash operational data will be. + */ +- tfm = crypto_alloc_shash(pkey_hash_algo[hash], 0, 0); ++ tfm = crypto_alloc_shash(pkey_hash_algo_name[hash], 0, 0); + if (IS_ERR(tfm)) + return (PTR_ERR(tfm) == -ENOENT) ? ERR_PTR(-ENOPKG) : ERR_CAST(tfm); + +@@ -218,7 +218,7 @@ int mod_verify_sig(const void *mod, unsigned long *_modlen) + return -ENOPKG; + + if (ms.hash >= PKEY_HASH__LAST || +- !pkey_hash_algo[ms.hash]) ++ !pkey_hash_algo_name[ms.hash]) + return -ENOPKG; + + key = request_asymmetric_key(sig, ms.signer_len, +-- +1.8.1.4 + + +From 2acf1a703de1213ad85515a71873f57535dc057d Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Tue, 15 Jan 2013 15:33:33 +0000 +Subject: [PATCH 05/47] KEYS: Move the algorithm pointer array from x509 to + public_key.c + +Move the public-key algorithm pointer array from x509_public_key.c to +public_key.c as it isn't X.509 specific. + +Signed-off-by: David Howells +Reviewed-by: Kees Cook +Reviewed-by: Josh Boyer +--- + crypto/asymmetric_keys/public_key.c | 8 ++++++++ + crypto/asymmetric_keys/x509_public_key.c | 11 +---------- + include/crypto/public_key.h | 1 + + 3 files changed, 10 insertions(+), 10 deletions(-) + +diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c +index b313df1..796ce08 100644 +--- a/crypto/asymmetric_keys/public_key.c ++++ b/crypto/asymmetric_keys/public_key.c +@@ -28,6 +28,14 @@ const char *const pkey_algo_name[PKEY_ALGO__LAST] = { + }; + EXPORT_SYMBOL_GPL(pkey_algo_name); + ++const struct public_key_algorithm *pkey_algo[PKEY_ALGO__LAST] = { ++#if defined(CONFIG_PUBLIC_KEY_ALGO_RSA) || \ ++ defined(CONFIG_PUBLIC_KEY_ALGO_RSA_MODULE) ++ [PKEY_ALGO_RSA] = &RSA_public_key_algorithm, ++#endif ++}; ++EXPORT_SYMBOL_GPL(pkey_algo); ++ + const char *const pkey_hash_algo_name[PKEY_HASH__LAST] = { + [PKEY_HASH_MD4] = "md4", + [PKEY_HASH_MD5] = "md5", +diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c +index afbbc36..fe38628 100644 +--- a/crypto/asymmetric_keys/x509_public_key.c ++++ b/crypto/asymmetric_keys/x509_public_key.c +@@ -23,15 +23,6 @@ + #include "public_key.h" + #include "x509_parser.h" + +-static const +-struct public_key_algorithm *x509_public_key_algorithms[PKEY_ALGO__LAST] = { +- [PKEY_ALGO_DSA] = NULL, +-#if defined(CONFIG_PUBLIC_KEY_ALGO_RSA) || \ +- defined(CONFIG_PUBLIC_KEY_ALGO_RSA_MODULE) +- [PKEY_ALGO_RSA] = &RSA_public_key_algorithm, +-#endif +-}; +- + /* + * Check the signature on a certificate using the provided public key + */ +@@ -174,7 +165,7 @@ static int x509_key_preparse(struct key_preparsed_payload *prep) + goto error_free_cert; + } + +- cert->pub->algo = x509_public_key_algorithms[cert->pkey_algo]; ++ cert->pub->algo = pkey_algo[cert->pkey_algo]; + cert->pub->id_type = PKEY_ID_X509; + + /* Check the signature on the key */ +diff --git a/include/crypto/public_key.h b/include/crypto/public_key.h +index 619d570..46bde25 100644 +--- a/include/crypto/public_key.h ++++ b/include/crypto/public_key.h +@@ -23,6 +23,7 @@ enum pkey_algo { + }; + + extern const char *const pkey_algo_name[PKEY_ALGO__LAST]; ++extern const struct public_key_algorithm *pkey_algo[PKEY_ALGO__LAST]; + + enum pkey_hash_algo { + PKEY_HASH_MD4, +-- +1.8.1.4 + + +From 3cc2c6f01277dfa00106c3e4f3f3ab8184025b90 Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Tue, 15 Jan 2013 15:33:33 +0000 +Subject: [PATCH 06/47] KEYS: Store public key algo ID in public_key struct + +Store public key algo ID in public_key struct for reference purposes. This +allows it to be removed from the x509_certificate struct and used to find a +default in public_key_verify_signature(). + +Signed-off-by: David Howells +Reviewed-by: Kees Cook +Reviewed-by: Josh Boyer +--- + crypto/asymmetric_keys/x509_cert_parser.c | 5 +++-- + crypto/asymmetric_keys/x509_parser.h | 1 - + crypto/asymmetric_keys/x509_public_key.c | 4 ++-- + include/crypto/public_key.h | 1 + + 4 files changed, 6 insertions(+), 5 deletions(-) + +diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c +index 7fabc4c..a583930 100644 +--- a/crypto/asymmetric_keys/x509_cert_parser.c ++++ b/crypto/asymmetric_keys/x509_cert_parser.c +@@ -343,8 +343,9 @@ int x509_extract_key_data(void *context, size_t hdrlen, + if (ctx->last_oid != OID_rsaEncryption) + return -ENOPKG; + +- /* There seems to be an extraneous 0 byte on the front of the data */ +- ctx->cert->pkey_algo = PKEY_ALGO_RSA; ++ ctx->cert->pub->pkey_algo = PKEY_ALGO_RSA; ++ ++ /* Discard the BIT STRING metadata */ + ctx->key = value + 1; + ctx->key_size = vlen - 1; + return 0; +diff --git a/crypto/asymmetric_keys/x509_parser.h b/crypto/asymmetric_keys/x509_parser.h +index f86dc5f..e583ad0 100644 +--- a/crypto/asymmetric_keys/x509_parser.h ++++ b/crypto/asymmetric_keys/x509_parser.h +@@ -20,7 +20,6 @@ struct x509_certificate { + char *authority; /* Authority key fingerprint as hex */ + struct tm valid_from; + struct tm valid_to; +- enum pkey_algo pkey_algo : 8; /* Public key algorithm */ + enum pkey_algo sig_pkey_algo : 8; /* Signature public key algorithm */ + enum pkey_hash_algo sig_hash_algo : 8; /* Signature hash algorithm */ + const void *tbs; /* Signed data */ +diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c +index fe38628..fac574c 100644 +--- a/crypto/asymmetric_keys/x509_public_key.c ++++ b/crypto/asymmetric_keys/x509_public_key.c +@@ -108,7 +108,7 @@ static int x509_key_preparse(struct key_preparsed_payload *prep) + + pr_devel("Cert Issuer: %s\n", cert->issuer); + pr_devel("Cert Subject: %s\n", cert->subject); +- pr_devel("Cert Key Algo: %s\n", pkey_algo_name[cert->pkey_algo]); ++ pr_devel("Cert Key Algo: %s\n", pkey_algo_name[cert->pub->pkey_algo]); + pr_devel("Cert Valid From: %04ld-%02d-%02d %02d:%02d:%02d\n", + cert->valid_from.tm_year + 1900, cert->valid_from.tm_mon + 1, + cert->valid_from.tm_mday, cert->valid_from.tm_hour, +@@ -165,7 +165,7 @@ static int x509_key_preparse(struct key_preparsed_payload *prep) + goto error_free_cert; + } + +- cert->pub->algo = pkey_algo[cert->pkey_algo]; ++ cert->pub->algo = pkey_algo[cert->pub->pkey_algo]; + cert->pub->id_type = PKEY_ID_X509; + + /* Check the signature on the key */ +diff --git a/include/crypto/public_key.h b/include/crypto/public_key.h +index 46bde25..05778df 100644 +--- a/include/crypto/public_key.h ++++ b/include/crypto/public_key.h +@@ -60,6 +60,7 @@ struct public_key { + #define PKEY_CAN_DECRYPT 0x02 + #define PKEY_CAN_SIGN 0x04 + #define PKEY_CAN_VERIFY 0x08 ++ enum pkey_algo pkey_algo : 8; + enum pkey_id_type id_type : 8; + union { + MPI mpi[5]; +-- +1.8.1.4 + + +From 7dcc63793a873198d3b3c4299f896e2896292d84 Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Tue, 15 Jan 2013 15:33:34 +0000 +Subject: [PATCH 07/47] KEYS: Split public_key_verify_signature() and make + available + +Modify public_key_verify_signature() so that it now takes a public_key struct +rather than a key struct and supply a wrapper that takes a key struct. The +wrapper is then used by the asymmetric key subtype and the modified function is +used by X.509 self-signature checking and can be used by PKCS#7 also. + +Signed-off-by: David Howells +Reviewed-by: Kees Cook +Reviewed-by: Josh Boyer +--- + crypto/asymmetric_keys/public_key.c | 40 +++++++++++++++++++++++++------- + crypto/asymmetric_keys/public_key.h | 6 +++++ + crypto/asymmetric_keys/x509_public_key.c | 2 +- + 3 files changed, 39 insertions(+), 9 deletions(-) + +diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c +index 796ce08..49ac8d8 100644 +--- a/crypto/asymmetric_keys/public_key.c ++++ b/crypto/asymmetric_keys/public_key.c +@@ -86,21 +86,45 @@ EXPORT_SYMBOL_GPL(public_key_destroy); + /* + * Verify a signature using a public key. + */ +-static int public_key_verify_signature(const struct key *key, +- const struct public_key_signature *sig) ++int public_key_verify_signature(const struct public_key *pk, ++ const struct public_key_signature *sig) + { +- const struct public_key *pk = key->payload.data; ++ const struct public_key_algorithm *algo; ++ ++ BUG_ON(!pk); ++ BUG_ON(!pk->mpi[0]); ++ BUG_ON(!pk->mpi[1]); ++ BUG_ON(!sig); ++ BUG_ON(!sig->digest); ++ BUG_ON(!sig->mpi[0]); ++ ++ algo = pk->algo; ++ if (!algo) { ++ if (pk->pkey_algo >= PKEY_ALGO__LAST) ++ return -ENOPKG; ++ algo = pkey_algo[pk->pkey_algo]; ++ if (!algo) ++ return -ENOPKG; ++ } + +- if (!pk->algo->verify_signature) ++ if (!algo->verify_signature) + return -ENOTSUPP; + +- if (sig->nr_mpi != pk->algo->n_sig_mpi) { ++ if (sig->nr_mpi != algo->n_sig_mpi) { + pr_debug("Signature has %u MPI not %u\n", +- sig->nr_mpi, pk->algo->n_sig_mpi); ++ sig->nr_mpi, algo->n_sig_mpi); + return -EINVAL; + } + +- return pk->algo->verify_signature(pk, sig); ++ return algo->verify_signature(pk, sig); ++} ++EXPORT_SYMBOL_GPL(public_key_verify_signature); ++ ++static int public_key_verify_signature_2(const struct key *key, ++ const struct public_key_signature *sig) ++{ ++ const struct public_key *pk = key->payload.data; ++ return public_key_verify_signature(pk, sig); + } + + /* +@@ -111,6 +135,6 @@ struct asymmetric_key_subtype public_key_subtype = { + .name = "public_key", + .describe = public_key_describe, + .destroy = public_key_destroy, +- .verify_signature = public_key_verify_signature, ++ .verify_signature = public_key_verify_signature_2, + }; + EXPORT_SYMBOL_GPL(public_key_subtype); +diff --git a/crypto/asymmetric_keys/public_key.h b/crypto/asymmetric_keys/public_key.h +index 5e5e356..5c37a22 100644 +--- a/crypto/asymmetric_keys/public_key.h ++++ b/crypto/asymmetric_keys/public_key.h +@@ -28,3 +28,9 @@ struct public_key_algorithm { + }; + + extern const struct public_key_algorithm RSA_public_key_algorithm; ++ ++/* ++ * public_key.c ++ */ ++extern int public_key_verify_signature(const struct public_key *pk, ++ const struct public_key_signature *sig); +diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c +index fac574c..8cb2f70 100644 +--- a/crypto/asymmetric_keys/x509_public_key.c ++++ b/crypto/asymmetric_keys/x509_public_key.c +@@ -76,7 +76,7 @@ static int x509_check_signature(const struct public_key *pub, + if (ret < 0) + goto error_mpi; + +- ret = pub->algo->verify_signature(pub, sig); ++ ret = public_key_verify_signature(pub, sig); + + pr_debug("Cert Verification: %d\n", ret); + +-- +1.8.1.4 + + +From da18477d1a1987dce0f3c5f78b62e5b223e2bf90 Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Tue, 15 Jan 2013 15:33:35 +0000 +Subject: [PATCH 08/47] KEYS: Store public key algo ID in public_key_signature + struct + +Store public key algorithm ID in public_key_signature struct for reference +purposes. This allows a public_key_signature struct to be embedded in +struct x509_certificate and struct pkcs7_message more easily. + +Signed-off-by: David Howells +Reviewed-by: Kees Cook +Reviewed-by: Josh Boyer +--- + include/crypto/public_key.h | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/include/crypto/public_key.h b/include/crypto/public_key.h +index 05778df..b34fda4 100644 +--- a/include/crypto/public_key.h ++++ b/include/crypto/public_key.h +@@ -90,6 +90,7 @@ struct public_key_signature { + u8 *digest; + u8 digest_size; /* Number of bytes in digest */ + u8 nr_mpi; /* Occupancy of mpi[] */ ++ enum pkey_algo pkey_algo : 8; + enum pkey_hash_algo pkey_hash_algo : 8; + union { + MPI mpi[2]; +-- +1.8.1.4 + + +From 29d80acc90a95ef5614cf36d4e30835bcc014cc4 Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Tue, 15 Jan 2013 15:33:35 +0000 +Subject: [PATCH 09/47] X.509: struct x509_certificate needs struct tm + declaring + +struct x509_certificate needs struct tm declaring by #inclusion of linux/time.h +prior to its definition. + +Signed-off-by: David Howells +Reviewed-by: Kees Cook +Reviewed-by: Josh Boyer +--- + crypto/asymmetric_keys/x509_parser.h | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/crypto/asymmetric_keys/x509_parser.h b/crypto/asymmetric_keys/x509_parser.h +index e583ad0..2d01182 100644 +--- a/crypto/asymmetric_keys/x509_parser.h ++++ b/crypto/asymmetric_keys/x509_parser.h +@@ -9,6 +9,7 @@ + * 2 of the Licence, or (at your option) any later version. + */ + ++#include + #include + + struct x509_certificate { +-- +1.8.1.4 + + +From ba3ba9e41abb17a7632075668e4f0a30edb59896 Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Tue, 15 Jan 2013 15:33:35 +0000 +Subject: [PATCH 10/47] X.509: Add bits needed for PKCS#7 + +PKCS#7 validation requires access to the serial number and the raw names in an +X.509 certificate. + +Signed-off-by: David Howells +Reviewed-by: Kees Cook +Reviewed-by: Josh Boyer +--- + crypto/asymmetric_keys/x509.asn1 | 2 +- + crypto/asymmetric_keys/x509_cert_parser.c | 17 +++++++++++++++++ + crypto/asymmetric_keys/x509_parser.h | 10 ++++++++-- + 3 files changed, 26 insertions(+), 3 deletions(-) + +diff --git a/crypto/asymmetric_keys/x509.asn1 b/crypto/asymmetric_keys/x509.asn1 +index bf32b3d..aae0cde 100644 +--- a/crypto/asymmetric_keys/x509.asn1 ++++ b/crypto/asymmetric_keys/x509.asn1 +@@ -6,7 +6,7 @@ Certificate ::= SEQUENCE { + + TBSCertificate ::= SEQUENCE { + version [ 0 ] Version DEFAULT, +- serialNumber CertificateSerialNumber, ++ serialNumber CertificateSerialNumber ({ x509_note_serial }), + signature AlgorithmIdentifier ({ x509_note_pkey_algo }), + issuer Name ({ x509_note_issuer }), + validity Validity, +diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c +index a583930..08bebf1 100644 +--- a/crypto/asymmetric_keys/x509_cert_parser.c ++++ b/crypto/asymmetric_keys/x509_cert_parser.c +@@ -209,6 +209,19 @@ int x509_note_signature(void *context, size_t hdrlen, + } + + /* ++ * Note the certificate serial number ++ */ ++int x509_note_serial(void *context, size_t hdrlen, ++ unsigned char tag, ++ const void *value, size_t vlen) ++{ ++ struct x509_parse_context *ctx = context; ++ ctx->cert->raw_serial = value; ++ ctx->cert->raw_serial_size = vlen; ++ return 0; ++} ++ ++/* + * Note some of the name segments from which we'll fabricate a name. + */ + int x509_extract_name_segment(void *context, size_t hdrlen, +@@ -320,6 +333,8 @@ int x509_note_issuer(void *context, size_t hdrlen, + const void *value, size_t vlen) + { + struct x509_parse_context *ctx = context; ++ ctx->cert->raw_issuer = value; ++ ctx->cert->raw_issuer_size = vlen; + return x509_fabricate_name(ctx, hdrlen, tag, &ctx->cert->issuer, vlen); + } + +@@ -328,6 +343,8 @@ int x509_note_subject(void *context, size_t hdrlen, + const void *value, size_t vlen) + { + struct x509_parse_context *ctx = context; ++ ctx->cert->raw_subject = value; ++ ctx->cert->raw_subject_size = vlen; + return x509_fabricate_name(ctx, hdrlen, tag, &ctx->cert->subject, vlen); + } + +diff --git a/crypto/asymmetric_keys/x509_parser.h b/crypto/asymmetric_keys/x509_parser.h +index 2d01182..a6ce46f 100644 +--- a/crypto/asymmetric_keys/x509_parser.h ++++ b/crypto/asymmetric_keys/x509_parser.h +@@ -24,9 +24,15 @@ struct x509_certificate { + enum pkey_algo sig_pkey_algo : 8; /* Signature public key algorithm */ + enum pkey_hash_algo sig_hash_algo : 8; /* Signature hash algorithm */ + const void *tbs; /* Signed data */ +- size_t tbs_size; /* Size of signed data */ ++ unsigned tbs_size; /* Size of signed data */ ++ unsigned sig_size; /* Size of sigature */ + const void *sig; /* Signature data */ +- size_t sig_size; /* Size of sigature */ ++ const void *raw_serial; /* Raw serial number in ASN.1 */ ++ unsigned raw_serial_size; ++ unsigned raw_issuer_size; ++ const void *raw_issuer; /* Raw issuer name in ASN.1 */ ++ const void *raw_subject; /* Raw subject name in ASN.1 */ ++ unsigned raw_subject_size; + }; + + /* +-- +1.8.1.4 + + +From 4d2f837ab3629d5b4b3bac2bbdbdf2d0060e74a8 Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Tue, 15 Jan 2013 15:33:36 +0000 +Subject: [PATCH 11/47] X.509: Embed public_key_signature struct and create + filler function + +Embed a public_key_signature struct in struct x509_certificate, eliminating +now unnecessary fields, and split x509_check_signature() to create a filler +function for it that attaches a digest of the signed data and an MPI that +represents the signature data. x509_free_certificate() is then modified to +deal with these. + +Whilst we're at it, export both x509_check_signature() and the new +x509_get_sig_params(). + +Signed-off-by: David Howells +Reviewed-by: Kees Cook +Reviewed-by: Josh Boyer +--- + crypto/asymmetric_keys/x509_cert_parser.c | 30 +++++------ + crypto/asymmetric_keys/x509_parser.h | 14 ++++-- + crypto/asymmetric_keys/x509_public_key.c | 83 +++++++++++++++++-------------- + 3 files changed, 73 insertions(+), 54 deletions(-) + +diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c +index 08bebf1..931f069 100644 +--- a/crypto/asymmetric_keys/x509_cert_parser.c ++++ b/crypto/asymmetric_keys/x509_cert_parser.c +@@ -47,6 +47,8 @@ void x509_free_certificate(struct x509_certificate *cert) + kfree(cert->subject); + kfree(cert->fingerprint); + kfree(cert->authority); ++ kfree(cert->sig.digest); ++ mpi_free(cert->sig.rsa.s); + kfree(cert); + } + } +@@ -152,33 +154,33 @@ int x509_note_pkey_algo(void *context, size_t hdrlen, + return -ENOPKG; /* Unsupported combination */ + + case OID_md4WithRSAEncryption: +- ctx->cert->sig_hash_algo = PKEY_HASH_MD5; +- ctx->cert->sig_pkey_algo = PKEY_ALGO_RSA; ++ ctx->cert->sig.pkey_hash_algo = PKEY_HASH_MD5; ++ ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA; + break; + + case OID_sha1WithRSAEncryption: +- ctx->cert->sig_hash_algo = PKEY_HASH_SHA1; +- ctx->cert->sig_pkey_algo = PKEY_ALGO_RSA; ++ ctx->cert->sig.pkey_hash_algo = PKEY_HASH_SHA1; ++ ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA; + break; + + case OID_sha256WithRSAEncryption: +- ctx->cert->sig_hash_algo = PKEY_HASH_SHA256; +- ctx->cert->sig_pkey_algo = PKEY_ALGO_RSA; ++ ctx->cert->sig.pkey_hash_algo = PKEY_HASH_SHA256; ++ ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA; + break; + + case OID_sha384WithRSAEncryption: +- ctx->cert->sig_hash_algo = PKEY_HASH_SHA384; +- ctx->cert->sig_pkey_algo = PKEY_ALGO_RSA; ++ ctx->cert->sig.pkey_hash_algo = PKEY_HASH_SHA384; ++ ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA; + break; + + case OID_sha512WithRSAEncryption: +- ctx->cert->sig_hash_algo = PKEY_HASH_SHA512; +- ctx->cert->sig_pkey_algo = PKEY_ALGO_RSA; ++ ctx->cert->sig.pkey_hash_algo = PKEY_HASH_SHA512; ++ ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA; + break; + + case OID_sha224WithRSAEncryption: +- ctx->cert->sig_hash_algo = PKEY_HASH_SHA224; +- ctx->cert->sig_pkey_algo = PKEY_ALGO_RSA; ++ ctx->cert->sig.pkey_hash_algo = PKEY_HASH_SHA224; ++ ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA; + break; + } + +@@ -203,8 +205,8 @@ int x509_note_signature(void *context, size_t hdrlen, + return -EINVAL; + } + +- ctx->cert->sig = value; +- ctx->cert->sig_size = vlen; ++ ctx->cert->raw_sig = value; ++ ctx->cert->raw_sig_size = vlen; + return 0; + } + +diff --git a/crypto/asymmetric_keys/x509_parser.h b/crypto/asymmetric_keys/x509_parser.h +index a6ce46f..6b1d877 100644 +--- a/crypto/asymmetric_keys/x509_parser.h ++++ b/crypto/asymmetric_keys/x509_parser.h +@@ -21,18 +21,17 @@ struct x509_certificate { + char *authority; /* Authority key fingerprint as hex */ + struct tm valid_from; + struct tm valid_to; +- enum pkey_algo sig_pkey_algo : 8; /* Signature public key algorithm */ +- enum pkey_hash_algo sig_hash_algo : 8; /* Signature hash algorithm */ + const void *tbs; /* Signed data */ + unsigned tbs_size; /* Size of signed data */ +- unsigned sig_size; /* Size of sigature */ +- const void *sig; /* Signature data */ ++ unsigned raw_sig_size; /* Size of sigature */ ++ const void *raw_sig; /* Signature data */ + const void *raw_serial; /* Raw serial number in ASN.1 */ + unsigned raw_serial_size; + unsigned raw_issuer_size; + const void *raw_issuer; /* Raw issuer name in ASN.1 */ + const void *raw_subject; /* Raw subject name in ASN.1 */ + unsigned raw_subject_size; ++ struct public_key_signature sig; /* Signature parameters */ + }; + + /* +@@ -40,3 +39,10 @@ struct x509_certificate { + */ + extern void x509_free_certificate(struct x509_certificate *cert); + extern struct x509_certificate *x509_cert_parse(const void *data, size_t datalen); ++ ++/* ++ * x509_public_key.c ++ */ ++extern int x509_get_sig_params(struct x509_certificate *cert); ++extern int x509_check_signature(const struct public_key *pub, ++ struct x509_certificate *cert); +diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c +index 8cb2f70..b7c81d8 100644 +--- a/crypto/asymmetric_keys/x509_public_key.c ++++ b/crypto/asymmetric_keys/x509_public_key.c +@@ -24,72 +24,83 @@ + #include "x509_parser.h" + + /* +- * Check the signature on a certificate using the provided public key ++ * Set up the signature parameters in an X.509 certificate. This involves ++ * digesting the signed data and extracting the signature. + */ +-static int x509_check_signature(const struct public_key *pub, +- const struct x509_certificate *cert) ++int x509_get_sig_params(struct x509_certificate *cert) + { +- struct public_key_signature *sig; + struct crypto_shash *tfm; + struct shash_desc *desc; + size_t digest_size, desc_size; ++ void *digest; + int ret; + + pr_devel("==>%s()\n", __func__); +- ++ ++ if (cert->sig.rsa.s) ++ return 0; ++ ++ cert->sig.rsa.s = mpi_read_raw_data(cert->raw_sig, cert->raw_sig_size); ++ if (!cert->sig.rsa.s) ++ return -ENOMEM; ++ cert->sig.nr_mpi = 1; ++ + /* Allocate the hashing algorithm we're going to need and find out how + * big the hash operational data will be. + */ +- tfm = crypto_alloc_shash(pkey_hash_algo_name[cert->sig_hash_algo], 0, 0); ++ tfm = crypto_alloc_shash(pkey_hash_algo_name[cert->sig.pkey_hash_algo], 0, 0); + if (IS_ERR(tfm)) + return (PTR_ERR(tfm) == -ENOENT) ? -ENOPKG : PTR_ERR(tfm); + + desc_size = crypto_shash_descsize(tfm) + sizeof(*desc); + digest_size = crypto_shash_digestsize(tfm); + +- /* We allocate the hash operational data storage on the end of our +- * context data. ++ /* We allocate the hash operational data storage on the end of the ++ * digest storage space. + */ + ret = -ENOMEM; +- sig = kzalloc(sizeof(*sig) + desc_size + digest_size, GFP_KERNEL); +- if (!sig) +- goto error_no_sig; ++ digest = kzalloc(digest_size + desc_size, GFP_KERNEL); ++ if (!digest) ++ goto error; + +- sig->pkey_hash_algo = cert->sig_hash_algo; +- sig->digest = (u8 *)sig + sizeof(*sig) + desc_size; +- sig->digest_size = digest_size; ++ cert->sig.digest = digest; ++ cert->sig.digest_size = digest_size; + +- desc = (void *)sig + sizeof(*sig); +- desc->tfm = tfm; +- desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP; ++ desc = digest + digest_size; ++ desc->tfm = tfm; ++ desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP; + + ret = crypto_shash_init(desc); + if (ret < 0) + goto error; ++ might_sleep(); ++ ret = crypto_shash_finup(desc, cert->tbs, cert->tbs_size, digest); ++error: ++ crypto_free_shash(tfm); ++ pr_devel("<==%s() = %d\n", __func__, ret); ++ return ret; ++} ++EXPORT_SYMBOL_GPL(x509_get_sig_params); + +- ret = -ENOMEM; +- sig->rsa.s = mpi_read_raw_data(cert->sig, cert->sig_size); +- if (!sig->rsa.s) +- goto error; ++/* ++ * Check the signature on a certificate using the provided public key ++ */ ++int x509_check_signature(const struct public_key *pub, ++ struct x509_certificate *cert) ++{ ++ int ret; + +- ret = crypto_shash_finup(desc, cert->tbs, cert->tbs_size, sig->digest); +- if (ret < 0) +- goto error_mpi; ++ pr_devel("==>%s()\n", __func__); + +- ret = public_key_verify_signature(pub, sig); ++ ret = x509_get_sig_params(cert); ++ if (ret < 0) ++ return ret; + ++ ret = public_key_verify_signature(pub, &cert->sig); + pr_debug("Cert Verification: %d\n", ret); +- +-error_mpi: +- mpi_free(sig->rsa.s); +-error: +- kfree(sig); +-error_no_sig: +- crypto_free_shash(tfm); +- +- pr_devel("<==%s() = %d\n", __func__, ret); + return ret; + } ++EXPORT_SYMBOL_GPL(x509_check_signature); + + /* + * Attempt to parse a data blob for a key as an X509 certificate. +@@ -118,8 +129,8 @@ static int x509_key_preparse(struct key_preparsed_payload *prep) + cert->valid_to.tm_mday, cert->valid_to.tm_hour, + cert->valid_to.tm_min, cert->valid_to.tm_sec); + pr_devel("Cert Signature: %s + %s\n", +- pkey_algo_name[cert->sig_pkey_algo], +- pkey_hash_algo_name[cert->sig_hash_algo]); ++ pkey_algo_name[cert->sig.pkey_algo], ++ pkey_hash_algo_name[cert->sig.pkey_hash_algo]); + + if (!cert->fingerprint || !cert->authority) { + pr_warn("Cert for '%s' must have SubjKeyId and AuthKeyId extensions\n", +-- +1.8.1.4 + + +From 822175026ad1d4640240d1fdd77b1f45ddd9e7a9 Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Tue, 15 Jan 2013 15:33:36 +0000 +Subject: [PATCH 12/47] X.509: Check the algorithm IDs obtained from parsing an + X.509 certificate + +Check that the algorithm IDs obtained from the ASN.1 parse by OID lookup +corresponds to algorithms that are available to us. + +Reported-by: Kees Cook +Signed-off-by: David Howells +--- + crypto/asymmetric_keys/x509_public_key.c | 11 +++++++++++ + 1 file changed, 11 insertions(+) + +diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c +index b7c81d8..eb368d4 100644 +--- a/crypto/asymmetric_keys/x509_public_key.c ++++ b/crypto/asymmetric_keys/x509_public_key.c +@@ -119,6 +119,17 @@ static int x509_key_preparse(struct key_preparsed_payload *prep) + + pr_devel("Cert Issuer: %s\n", cert->issuer); + pr_devel("Cert Subject: %s\n", cert->subject); ++ ++ if (cert->pub->pkey_algo >= PKEY_ALGO__LAST || ++ cert->sig.pkey_algo >= PKEY_ALGO__LAST || ++ cert->sig.pkey_hash_algo >= PKEY_HASH__LAST || ++ !pkey_algo[cert->pub->pkey_algo] || ++ !pkey_algo[cert->sig.pkey_algo] || ++ !pkey_hash_algo_name[cert->sig.pkey_hash_algo]) { ++ ret = -ENOPKG; ++ goto error_free_cert; ++ } ++ + pr_devel("Cert Key Algo: %s\n", pkey_algo_name[cert->pub->pkey_algo]); + pr_devel("Cert Valid From: %04ld-%02d-%02d %02d:%02d:%02d\n", + cert->valid_from.tm_year + 1900, cert->valid_from.tm_mon + 1, +-- +1.8.1.4 + + +From 4a1a540f79d36d8b0b8970ea638648cef080057b Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Tue, 15 Jan 2013 15:33:37 +0000 +Subject: [PATCH 13/47] X.509: Handle certificates that lack an + authorityKeyIdentifier field + +Handle certificates that lack an authorityKeyIdentifier field by assuming +they're self-signed and checking their signatures against themselves. + +Signed-off-by: David Howells +Reviewed-by: Kees Cook +Reviewed-by: Josh Boyer +--- + crypto/asymmetric_keys/x509_public_key.c | 9 +++++---- + 1 file changed, 5 insertions(+), 4 deletions(-) + +diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c +index eb368d4..0f55e3b 100644 +--- a/crypto/asymmetric_keys/x509_public_key.c ++++ b/crypto/asymmetric_keys/x509_public_key.c +@@ -143,8 +143,8 @@ static int x509_key_preparse(struct key_preparsed_payload *prep) + pkey_algo_name[cert->sig.pkey_algo], + pkey_hash_algo_name[cert->sig.pkey_hash_algo]); + +- if (!cert->fingerprint || !cert->authority) { +- pr_warn("Cert for '%s' must have SubjKeyId and AuthKeyId extensions\n", ++ if (!cert->fingerprint) { ++ pr_warn("Cert for '%s' must have a SubjKeyId extension\n", + cert->subject); + ret = -EKEYREJECTED; + goto error_free_cert; +@@ -190,8 +190,9 @@ static int x509_key_preparse(struct key_preparsed_payload *prep) + cert->pub->algo = pkey_algo[cert->pub->pkey_algo]; + cert->pub->id_type = PKEY_ID_X509; + +- /* Check the signature on the key */ +- if (strcmp(cert->fingerprint, cert->authority) == 0) { ++ /* Check the signature on the key if it appears to be self-signed */ ++ if (!cert->authority || ++ strcmp(cert->fingerprint, cert->authority) == 0) { + ret = x509_check_signature(cert->pub, cert); + if (ret < 0) + goto error_free_cert; +-- +1.8.1.4 + + +From f5e443e719cfb7cae2aea764ad3c9ec9ffba4f60 Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Tue, 15 Jan 2013 15:33:37 +0000 +Subject: [PATCH 14/47] X.509: Export certificate parse and free functions + +Export certificate parse and free functions for use by modules. + +Signed-off-by: David Howells +Reviewed-by: Kees Cook +Reviewed-by: Josh Boyer +--- + crypto/asymmetric_keys/x509_cert_parser.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c +index 931f069..9cf0e16 100644 +--- a/crypto/asymmetric_keys/x509_cert_parser.c ++++ b/crypto/asymmetric_keys/x509_cert_parser.c +@@ -11,6 +11,7 @@ + + #define pr_fmt(fmt) "X.509: "fmt + #include ++#include + #include + #include + #include +@@ -52,6 +53,7 @@ void x509_free_certificate(struct x509_certificate *cert) + kfree(cert); + } + } ++EXPORT_SYMBOL_GPL(x509_free_certificate); + + /* + * Parse an X.509 certificate +@@ -97,6 +99,7 @@ error_no_ctx: + error_no_cert: + return ERR_PTR(ret); + } ++EXPORT_SYMBOL_GPL(x509_cert_parse); + + /* + * Note an OID when we find one for later processing when we know how +-- +1.8.1.4 + + +From 792a56d205765cf4ece16868929ad5fbe6b89df4 Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Tue, 15 Jan 2013 15:33:38 +0000 +Subject: [PATCH 15/47] PKCS#7: Implement a parser [RFC 2315] + +Implement a parser for a PKCS#7 signed-data message as described in part of +RFC 2315. + +Signed-off-by: David Howells +Reviewed-by: Kees Cook +--- + crypto/asymmetric_keys/Kconfig | 9 + + crypto/asymmetric_keys/Makefile | 13 ++ + crypto/asymmetric_keys/pkcs7.asn1 | 127 +++++++++++++ + crypto/asymmetric_keys/pkcs7_parser.c | 326 ++++++++++++++++++++++++++++++++++ + crypto/asymmetric_keys/pkcs7_parser.h | 65 +++++++ + include/linux/oid_registry.h | 1 + + 6 files changed, 541 insertions(+) + create mode 100644 crypto/asymmetric_keys/pkcs7.asn1 + create mode 100644 crypto/asymmetric_keys/pkcs7_parser.c + create mode 100644 crypto/asymmetric_keys/pkcs7_parser.h + +diff --git a/crypto/asymmetric_keys/Kconfig b/crypto/asymmetric_keys/Kconfig +index 6d2c2ea..413f3f6 100644 +--- a/crypto/asymmetric_keys/Kconfig ++++ b/crypto/asymmetric_keys/Kconfig +@@ -35,4 +35,13 @@ config X509_CERTIFICATE_PARSER + data and provides the ability to instantiate a crypto key from a + public key packet found inside the certificate. + ++config PKCS7_MESSAGE_PARSER ++ tristate "PKCS#7 message parser" ++ depends on X509_CERTIFICATE_PARSER ++ select ASN1 ++ select OID_REGISTRY ++ help ++ This option provides support for parsing PKCS#7 format messages for ++ signature data and provides the ability to verify the signature. ++ + endif # ASYMMETRIC_KEY_TYPE +diff --git a/crypto/asymmetric_keys/Makefile b/crypto/asymmetric_keys/Makefile +index 0727204..59d8cad 100644 +--- a/crypto/asymmetric_keys/Makefile ++++ b/crypto/asymmetric_keys/Makefile +@@ -25,3 +25,16 @@ $(obj)/x509_rsakey-asn1.o: $(obj)/x509_rsakey-asn1.c $(obj)/x509_rsakey-asn1.h + + clean-files += x509-asn1.c x509-asn1.h + clean-files += x509_rsakey-asn1.c x509_rsakey-asn1.h ++ ++# ++# PKCS#7 message handling ++# ++obj-$(CONFIG_PKCS7_MESSAGE_PARSER) += pkcs7_message.o ++pkcs7_message-y := \ ++ pkcs7-asn1.o \ ++ pkcs7_parser.o ++ ++$(obj)/pkcs7_parser.o: $(obj)/pkcs7-asn1.h ++$(obj)/pkcs7-asn1.o: $(obj)/pkcs7-asn1.c $(obj)/pkcs7-asn1.h ++ ++clean-files += pkcs7-asn1.c pkcs7-asn1.h +diff --git a/crypto/asymmetric_keys/pkcs7.asn1 b/crypto/asymmetric_keys/pkcs7.asn1 +new file mode 100644 +index 0000000..7bf91ed +--- /dev/null ++++ b/crypto/asymmetric_keys/pkcs7.asn1 +@@ -0,0 +1,127 @@ ++PKCS7ContentInfo ::= SEQUENCE { ++ contentType ContentType, ++ content [0] EXPLICIT SignedData OPTIONAL ++} ++ ++ContentType ::= OBJECT IDENTIFIER ({ pkcs7_note_OID }) ++ ++SignedData ::= SEQUENCE { ++ version INTEGER, ++ digestAlgorithms DigestAlgorithmIdentifiers ({ pkcs7_note_digest_algo }), ++ contentInfo ContentInfo, ++ certificates CHOICE { ++ certSet [0] IMPLICIT ExtendedCertificatesAndCertificates, ++ certSequence [2] IMPLICIT Certificates ++ } OPTIONAL ({ pkcs7_note_certificate_list }), ++ crls CHOICE { ++ crlSet [1] IMPLICIT CertificateRevocationLists, ++ crlSequence [3] IMPLICIT CRLSequence ++ } OPTIONAL, ++ signerInfos SignerInfos ++} ++ ++ContentInfo ::= SEQUENCE { ++ contentType ContentType, ++ content [0] EXPLICIT Data OPTIONAL ++} ++ ++Data ::= ANY ({ pkcs7_note_data }) ++ ++DigestAlgorithmIdentifiers ::= CHOICE { ++ daSet SET OF DigestAlgorithmIdentifier, ++ daSequence SEQUENCE OF DigestAlgorithmIdentifier ++} ++ ++DigestAlgorithmIdentifier ::= SEQUENCE { ++ algorithm OBJECT IDENTIFIER ({ pkcs7_note_OID }), ++ parameters ANY OPTIONAL ++} ++ ++-- ++-- Certificates and certificate lists ++-- ++ExtendedCertificatesAndCertificates ::= SET OF ExtendedCertificateOrCertificate ++ ++ExtendedCertificateOrCertificate ::= CHOICE { ++ certificate Certificate, -- X.509 ++ extendedCertificate [0] IMPLICIT ExtendedCertificate -- PKCS#6 ++} ++ ++ExtendedCertificate ::= Certificate -- cheating ++ ++Certificates ::= SEQUENCE OF Certificate ++ ++CertificateRevocationLists ::= SET OF CertificateList ++ ++CertificateList ::= SEQUENCE OF Certificate -- This may be defined incorrectly ++ ++CRLSequence ::= SEQUENCE OF CertificateList ++ ++Certificate ::= ANY ({ pkcs7_extract_cert }) -- X.509 ++ ++-- ++-- Signer information ++-- ++SignerInfos ::= CHOICE { ++ siSet SET OF SignerInfo, ++ siSequence SEQUENCE OF SignerInfo ++} ++ ++SignerInfo ::= SEQUENCE { ++ version INTEGER, ++ issuerAndSerialNumber IssuerAndSerialNumber, ++ digestAlgorithm DigestAlgorithmIdentifier ({ pkcs7_note_digest_algo }), ++ authenticatedAttributes CHOICE { ++ aaSet [0] IMPLICIT SetOfAuthenticatedAttribute ++ ({ pkcs7_note_set_of_authattrs }), ++ aaSequence [2] EXPLICIT SEQUENCE OF AuthenticatedAttribute ++ -- Explicit because easier to compute digest on ++ -- sequence of attributes and then reuse encoded ++ -- sequence in aaSequence. ++ } OPTIONAL, ++ digestEncryptionAlgorithm ++ DigestEncryptionAlgorithmIdentifier ({ pkcs7_note_pkey_algo }), ++ encryptedDigest EncryptedDigest, ++ unauthenticatedAttributes CHOICE { ++ uaSet [1] IMPLICIT SET OF UnauthenticatedAttribute, ++ uaSequence [3] IMPLICIT SEQUENCE OF UnauthenticatedAttribute ++ } OPTIONAL ++} ++ ++IssuerAndSerialNumber ::= SEQUENCE { ++ issuer Name ({ pkcs7_note_issuer }), ++ serialNumber CertificateSerialNumber ({ pkcs7_note_serial }) ++} ++ ++CertificateSerialNumber ::= INTEGER ++ ++SetOfAuthenticatedAttribute ::= SET OF AuthenticatedAttribute ++ ++AuthenticatedAttribute ::= SEQUENCE { ++ type OBJECT IDENTIFIER ({ pkcs7_note_OID }), ++ values SET OF ANY ({ pkcs7_note_authenticated_attr }) ++} ++ ++UnauthenticatedAttribute ::= SEQUENCE { ++ type OBJECT IDENTIFIER ({ pkcs7_note_OID }), ++ values SET OF ANY ++} ++ ++DigestEncryptionAlgorithmIdentifier ::= SEQUENCE { ++ algorithm OBJECT IDENTIFIER ({ pkcs7_note_OID }), ++ parameters ANY OPTIONAL ++} ++ ++EncryptedDigest ::= OCTET STRING ({ pkcs7_note_signature }) ++ ++--- ++--- X.500 Name ++--- ++Name ::= SEQUENCE OF RelativeDistinguishedName ++ ++RelativeDistinguishedName ::= SET OF AttributeValueAssertion ++ ++AttributeValueAssertion ::= SEQUENCE { ++ attributeType OBJECT IDENTIFIER ({ pkcs7_note_OID }), ++ attributeValue ANY ++} +diff --git a/crypto/asymmetric_keys/pkcs7_parser.c b/crypto/asymmetric_keys/pkcs7_parser.c +new file mode 100644 +index 0000000..231aff9 +--- /dev/null ++++ b/crypto/asymmetric_keys/pkcs7_parser.c +@@ -0,0 +1,326 @@ ++/* PKCS#7 parser ++ * ++ * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. ++ * Written by David Howells (dhowells@redhat.com) ++ * ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU General Public Licence ++ * as published by the Free Software Foundation; either version ++ * 2 of the Licence, or (at your option) any later version. ++ */ ++ ++#define pr_fmt(fmt) "PKCS7: "fmt ++#include ++#include ++#include ++#include ++#include ++#include "public_key.h" ++#include "pkcs7_parser.h" ++#include "pkcs7-asn1.h" ++ ++struct pkcs7_parse_context { ++ struct pkcs7_message *msg; /* Message being constructed */ ++ struct x509_certificate *certs; /* Certificate cache */ ++ struct x509_certificate **ppcerts; ++ unsigned long data; /* Start of data */ ++ enum OID last_oid; /* Last OID encountered */ ++}; ++ ++/* ++ * Free a PKCS#7 message ++ */ ++void pkcs7_free_message(struct pkcs7_message *pkcs7) ++{ ++ struct x509_certificate *cert; ++ ++ if (pkcs7) { ++ while (pkcs7->certs) { ++ cert = pkcs7->certs; ++ pkcs7->certs = cert->next; ++ x509_free_certificate(cert); ++ } ++ while (pkcs7->crl) { ++ cert = pkcs7->crl; ++ pkcs7->crl = cert->next; ++ x509_free_certificate(cert); ++ } ++ kfree(pkcs7->sig.digest); ++ mpi_free(pkcs7->sig.mpi[0]); ++ kfree(pkcs7); ++ } ++} ++EXPORT_SYMBOL_GPL(pkcs7_free_message); ++ ++/* ++ * Parse a PKCS#7 message ++ */ ++struct pkcs7_message *pkcs7_parse_message(const void *data, size_t datalen) ++{ ++ struct pkcs7_parse_context *ctx; ++ struct pkcs7_message *msg; ++ long ret; ++ ++ ret = -ENOMEM; ++ msg = kzalloc(sizeof(struct pkcs7_message), GFP_KERNEL); ++ if (!msg) ++ goto error_no_sig; ++ ctx = kzalloc(sizeof(struct pkcs7_parse_context), GFP_KERNEL); ++ if (!ctx) ++ goto error_no_ctx; ++ ++ ctx->msg = msg; ++ ctx->data = (unsigned long)data; ++ ctx->ppcerts = &ctx->certs; ++ ++ /* Attempt to decode the signature */ ++ ret = asn1_ber_decoder(&pkcs7_decoder, ctx, data, datalen); ++ if (ret < 0) ++ goto error_decode; ++ ++ while (ctx->certs) { ++ struct x509_certificate *cert = ctx->certs; ++ ctx->certs = cert->next; ++ x509_free_certificate(cert); ++ } ++ kfree(ctx); ++ return msg; ++ ++error_decode: ++ kfree(ctx); ++error_no_ctx: ++ pkcs7_free_message(msg); ++error_no_sig: ++ return ERR_PTR(ret); ++} ++EXPORT_SYMBOL_GPL(pkcs7_parse_message); ++ ++/* ++ * Note an OID when we find one for later processing when we know how ++ * to interpret it. ++ */ ++int pkcs7_note_OID(void *context, size_t hdrlen, ++ unsigned char tag, ++ const void *value, size_t vlen) ++{ ++ struct pkcs7_parse_context *ctx = context; ++ ++ ctx->last_oid = look_up_OID(value, vlen); ++ if (ctx->last_oid == OID__NR) { ++ char buffer[50]; ++ sprint_oid(value, vlen, buffer, sizeof(buffer)); ++ printk("PKCS7: Unknown OID: [%lu] %s\n", ++ (unsigned long)value - ctx->data, buffer); ++ } ++ return 0; ++} ++ ++/* ++ * Note the digest algorithm for the signature. ++ */ ++int pkcs7_note_digest_algo(void *context, size_t hdrlen, ++ unsigned char tag, ++ const void *value, size_t vlen) ++{ ++ struct pkcs7_parse_context *ctx = context; ++ ++ switch (ctx->last_oid) { ++ case OID_md4: ++ ctx->msg->sig.pkey_hash_algo = PKEY_HASH_MD4; ++ break; ++ case OID_md5: ++ ctx->msg->sig.pkey_hash_algo = PKEY_HASH_MD5; ++ break; ++ case OID_sha1: ++ ctx->msg->sig.pkey_hash_algo = PKEY_HASH_SHA1; ++ break; ++ case OID_sha256: ++ ctx->msg->sig.pkey_hash_algo = PKEY_HASH_SHA256; ++ break; ++ default: ++ printk("Unsupported digest algo: %u\n", ctx->last_oid); ++ return -ENOPKG; ++ } ++ return 0; ++} ++ ++/* ++ * Note the public key algorithm for the signature. ++ */ ++int pkcs7_note_pkey_algo(void *context, size_t hdrlen, ++ unsigned char tag, ++ const void *value, size_t vlen) ++{ ++ struct pkcs7_parse_context *ctx = context; ++ ++ switch (ctx->last_oid) { ++ case OID_rsaEncryption: ++ ctx->msg->sig.pkey_algo = PKEY_ALGO_RSA; ++ break; ++ default: ++ printk("Unsupported pkey algo: %u\n", ctx->last_oid); ++ return -ENOPKG; ++ } ++ return 0; ++} ++ ++/* ++ * Extract a certificate and store it in the context. ++ */ ++int pkcs7_extract_cert(void *context, size_t hdrlen, ++ unsigned char tag, ++ const void *value, size_t vlen) ++{ ++ struct pkcs7_parse_context *ctx = context; ++ struct x509_certificate *cert; ++ ++ if (tag != ((ASN1_UNIV << 6) | ASN1_CONS_BIT | ASN1_SEQ)) { ++ pr_debug("Cert began with tag %02x at %lu\n", ++ tag, (unsigned long)ctx - ctx->data); ++ return -EBADMSG; ++ } ++ ++ /* We have to correct for the header so that the X.509 parser can start ++ * from the beginning. Note that since X.509 stipulates DER, there ++ * probably shouldn't be an EOC trailer - but it is in PKCS#7 (which ++ * stipulates BER). ++ */ ++ value -= hdrlen; ++ vlen += hdrlen; ++ ++ if (((u8*)value)[1] == 0x80) ++ vlen += 2; /* Indefinite length - there should be an EOC */ ++ ++ cert = x509_cert_parse(value, vlen); ++ if (IS_ERR(cert)) ++ return PTR_ERR(cert); ++ ++ pr_debug("Got cert for %s\n", cert->subject); ++ pr_debug("- fingerprint %s\n", cert->fingerprint); ++ ++ *ctx->ppcerts = cert; ++ ctx->ppcerts = &cert->next; ++ return 0; ++} ++ ++/* ++ * Save the certificate list ++ */ ++int pkcs7_note_certificate_list(void *context, size_t hdrlen, ++ unsigned char tag, ++ const void *value, size_t vlen) ++{ ++ struct pkcs7_parse_context *ctx = context; ++ ++ pr_devel("Got cert list (%02x)\n", tag); ++ ++ *ctx->ppcerts = ctx->msg->certs; ++ ctx->msg->certs = ctx->certs; ++ ctx->certs = NULL; ++ ctx->ppcerts = &ctx->certs; ++ return 0; ++} ++ ++/* ++ * Extract the data from the signature and store that and its content type OID ++ * in the context. ++ */ ++int pkcs7_note_data(void *context, size_t hdrlen, ++ unsigned char tag, ++ const void *value, size_t vlen) ++{ ++ struct pkcs7_parse_context *ctx = context; ++ ++ pr_debug("Got data\n"); ++ ++ ctx->msg->data = value; ++ ctx->msg->data_len = vlen; ++ ctx->msg->data_hdrlen = hdrlen; ++ ctx->msg->data_type = ctx->last_oid; ++ return 0; ++} ++ ++/* ++ * Parse authenticated attributes ++ */ ++int pkcs7_note_authenticated_attr(void *context, size_t hdrlen, ++ unsigned char tag, ++ const void *value, size_t vlen) ++{ ++ struct pkcs7_parse_context *ctx = context; ++ ++ pr_devel("AuthAttr: %02x %zu [%*ph]\n", tag, vlen, (unsigned)vlen, value); ++ ++ switch (ctx->last_oid) { ++ case OID_messageDigest: ++ if (tag != ASN1_OTS) ++ return -EBADMSG; ++ ctx->msg->msgdigest = value; ++ ctx->msg->msgdigest_len = vlen; ++ return 0; ++ default: ++ return 0; ++ } ++} ++ ++/* ++ * Note the set of auth attributes for digestion purposes [RFC2315 9.3] ++ */ ++int pkcs7_note_set_of_authattrs(void *context, size_t hdrlen, ++ unsigned char tag, ++ const void *value, size_t vlen) ++{ ++ struct pkcs7_parse_context *ctx = context; ++ ++ /* We need to switch the 'CONT 0' to a 'SET OF' when we digest */ ++ ctx->msg->authattrs = value - (hdrlen - 1); ++ ctx->msg->authattrs_len = vlen + (hdrlen - 1); ++ return 0; ++} ++ ++/* ++ * Note the issuing certificate serial number ++ */ ++int pkcs7_note_serial(void *context, size_t hdrlen, ++ unsigned char tag, ++ const void *value, size_t vlen) ++{ ++ struct pkcs7_parse_context *ctx = context; ++ ctx->msg->raw_serial = value; ++ ctx->msg->raw_serial_size = vlen; ++ return 0; ++} ++ ++/* ++ * Note the issuer's name ++ */ ++int pkcs7_note_issuer(void *context, size_t hdrlen, ++ unsigned char tag, ++ const void *value, size_t vlen) ++{ ++ struct pkcs7_parse_context *ctx = context; ++ ctx->msg->raw_issuer = value; ++ ctx->msg->raw_issuer_size = vlen; ++ return 0; ++} ++ ++/* ++ * Note the signature data ++ */ ++int pkcs7_note_signature(void *context, size_t hdrlen, ++ unsigned char tag, ++ const void *value, size_t vlen) ++{ ++ struct pkcs7_parse_context *ctx = context; ++ MPI mpi; ++ ++ BUG_ON(ctx->msg->sig.pkey_algo != PKEY_ALGO_RSA); ++ ++ mpi = mpi_read_raw_data(value, vlen); ++ if (!mpi) ++ return -ENOMEM; ++ ++ ctx->msg->sig.mpi[0] = mpi; ++ ctx->msg->sig.nr_mpi = 1; ++ return 0; ++} +diff --git a/crypto/asymmetric_keys/pkcs7_parser.h b/crypto/asymmetric_keys/pkcs7_parser.h +new file mode 100644 +index 0000000..5415857 +--- /dev/null ++++ b/crypto/asymmetric_keys/pkcs7_parser.h +@@ -0,0 +1,65 @@ ++/* PKCS#7 crypto data parser internal definitions ++ * ++ * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. ++ * Written by David Howells (dhowells@redhat.com) ++ * ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU General Public Licence ++ * as published by the Free Software Foundation; either version ++ * 2 of the Licence, or (at your option) any later version. ++ */ ++ ++#include ++#include "x509_parser.h" ++ ++#define kenter(FMT, ...) \ ++ pr_devel("==> %s("FMT")\n", __func__, ##__VA_ARGS__) ++#define kleave(FMT, ...) \ ++ pr_devel("<== %s()"FMT"\n", __func__, ##__VA_ARGS__) ++ ++struct pkcs7_message { ++ struct x509_certificate *certs; /* Certificate list */ ++ struct x509_certificate *crl; /* Revocation list */ ++ struct x509_certificate *signer; /* Signing certificate (in ->certs) */ ++ ++ /* Content Data (or NULL) */ ++ enum OID data_type; /* Type of Data */ ++ size_t data_len; /* Length of Data */ ++ size_t data_hdrlen; /* Length of Data ASN.1 header */ ++ const void *data; /* Content Data (or 0) */ ++ ++ /* Message digest - the digest of the Content Data (or NULL) */ ++ const void *msgdigest; ++ unsigned msgdigest_len; ++ ++ /* Authenticated Attribute data (or NULL) */ ++ unsigned authattrs_len; ++ const void *authattrs; ++ ++ /* Issuing cert serial number and issuer's name */ ++ const void *raw_serial; ++ unsigned raw_serial_size; ++ unsigned raw_issuer_size; ++ const void *raw_issuer; ++ ++ /* Message signature. ++ * ++ * This contains the generated digest of _either_ the Content Data or ++ * the Authenticated Attributes [RFC2315 9.3]. If the latter, one of ++ * the attributes contains the digest of the the Content Data within ++ * it. ++ */ ++ struct public_key_signature sig; ++}; ++ ++/* ++ * pkcs7_parser.c ++ */ ++extern struct pkcs7_message *pkcs7_parse_message(const void *data, ++ size_t datalen); ++extern void pkcs7_free_message(struct pkcs7_message *pkcs7); ++ ++/* ++ * pkcs7_verify.c ++ */ ++extern int pkcs7_verify(struct pkcs7_message *pkcs7); +diff --git a/include/linux/oid_registry.h b/include/linux/oid_registry.h +index 6926db7..edeff85 100644 +--- a/include/linux/oid_registry.h ++++ b/include/linux/oid_registry.h +@@ -55,6 +55,7 @@ enum OID { + OID_certAuthInfoAccess, /* 1.3.6.1.5.5.7.1.1 */ + OID_msOutlookExpress, /* 1.3.6.1.4.1.311.16.4 */ + OID_sha1, /* 1.3.14.3.2.26 */ ++ OID_sha256, /* 2.16.840.1.101.3.4.2.1 */ + + /* Distinguished Name attribute IDs [RFC 2256] */ + OID_commonName, /* 2.5.4.3 */ +-- +1.8.1.4 + + +From 3b4b82eecde52c1bd75ab11ef7f8a5c13ec73c40 Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Tue, 15 Jan 2013 15:33:38 +0000 +Subject: [PATCH 16/47] PKCS#7: Digest the data in a signed-data message + +Digest the data in a PKCS#7 signed-data message and attach to the +public_key_signature struct contained in the pkcs7_message struct. + +Signed-off-by: David Howells +Reviewed-by: Kees Cook +--- + crypto/asymmetric_keys/Makefile | 3 +- + crypto/asymmetric_keys/pkcs7_verify.c | 134 ++++++++++++++++++++++++++++++++++ + 2 files changed, 136 insertions(+), 1 deletion(-) + create mode 100644 crypto/asymmetric_keys/pkcs7_verify.c + +diff --git a/crypto/asymmetric_keys/Makefile b/crypto/asymmetric_keys/Makefile +index 59d8cad..b6b39e7 100644 +--- a/crypto/asymmetric_keys/Makefile ++++ b/crypto/asymmetric_keys/Makefile +@@ -32,7 +32,8 @@ clean-files += x509_rsakey-asn1.c x509_rsakey-asn1.h + obj-$(CONFIG_PKCS7_MESSAGE_PARSER) += pkcs7_message.o + pkcs7_message-y := \ + pkcs7-asn1.o \ +- pkcs7_parser.o ++ pkcs7_parser.o \ ++ pkcs7_verify.o + + $(obj)/pkcs7_parser.o: $(obj)/pkcs7-asn1.h + $(obj)/pkcs7-asn1.o: $(obj)/pkcs7-asn1.c $(obj)/pkcs7-asn1.h +diff --git a/crypto/asymmetric_keys/pkcs7_verify.c b/crypto/asymmetric_keys/pkcs7_verify.c +new file mode 100644 +index 0000000..2f9f26c +--- /dev/null ++++ b/crypto/asymmetric_keys/pkcs7_verify.c +@@ -0,0 +1,134 @@ ++/* Verify the signature on a PKCS#7 message. ++ * ++ * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. ++ * Written by David Howells (dhowells@redhat.com) ++ * ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU General Public Licence ++ * as published by the Free Software Foundation; either version ++ * 2 of the Licence, or (at your option) any later version. ++ */ ++ ++#define pr_fmt(fmt) "PKCS7: "fmt ++#include ++#include ++#include ++#include ++#include ++#include ++#include "public_key.h" ++#include "pkcs7_parser.h" ++ ++/* ++ * Digest the relevant parts of the PKCS#7 data ++ */ ++static int pkcs7_digest(struct pkcs7_message *pkcs7) ++{ ++ struct crypto_shash *tfm; ++ struct shash_desc *desc; ++ size_t digest_size, desc_size; ++ void *digest; ++ int ret; ++ ++ kenter(",%u", pkcs7->sig.pkey_hash_algo); ++ ++ if (pkcs7->sig.pkey_hash_algo >= PKEY_HASH__LAST || ++ !pkey_hash_algo_name[pkcs7->sig.pkey_hash_algo]) ++ return -ENOPKG; ++ ++ /* Allocate the hashing algorithm we're going to need and find out how ++ * big the hash operational data will be. ++ */ ++ tfm = crypto_alloc_shash(pkey_hash_algo_name[pkcs7->sig.pkey_hash_algo], ++ 0, 0); ++ if (IS_ERR(tfm)) ++ return (PTR_ERR(tfm) == -ENOENT) ? -ENOPKG : PTR_ERR(tfm); ++ ++ desc_size = crypto_shash_descsize(tfm) + sizeof(*desc); ++ pkcs7->sig.digest_size = digest_size = crypto_shash_digestsize(tfm); ++ ++ ret = -ENOMEM; ++ digest = kzalloc(digest_size + desc_size, GFP_KERNEL); ++ if (!digest) ++ goto error_no_desc; ++ ++ desc = digest + digest_size; ++ desc->tfm = tfm; ++ desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP; ++ ++ /* Digest the message [RFC2315 9.3] */ ++ ret = crypto_shash_init(desc); ++ if (ret < 0) ++ goto error; ++ ret = crypto_shash_finup(desc, pkcs7->data, pkcs7->data_len, digest); ++ if (ret < 0) ++ goto error; ++ pr_devel("MsgDigest = [%*ph]\n", 8, digest); ++ ++ /* However, if there are authenticated attributes, there must be a ++ * message digest attribute amongst them which corresponds to the ++ * digest we just calculated. ++ */ ++ if (pkcs7->msgdigest) { ++ u8 tag; ++ ++ if (pkcs7->msgdigest_len != pkcs7->sig.digest_size) { ++ pr_debug("Invalid digest size (%u)\n", ++ pkcs7->msgdigest_len); ++ ret = -EBADMSG; ++ goto error; ++ } ++ ++ if (memcmp(digest, pkcs7->msgdigest, pkcs7->msgdigest_len) != 0) { ++ pr_debug("Message digest doesn't match\n"); ++ ret = -EKEYREJECTED; ++ goto error; ++ } ++ ++ /* We then calculate anew, using the authenticated attributes ++ * as the contents of the digest instead. Note that we need to ++ * convert the attributes from a CONT.0 into a SET before we ++ * hash it. ++ */ ++ memset(digest, 0, pkcs7->sig.digest_size); ++ ++ ret = crypto_shash_init(desc); ++ if (ret < 0) ++ goto error; ++ tag = ASN1_CONS_BIT | ASN1_SET; ++ ret = crypto_shash_update(desc, &tag, 1); ++ if (ret < 0) ++ goto error; ++ ret = crypto_shash_finup(desc, pkcs7->authattrs, ++ pkcs7->authattrs_len, digest); ++ if (ret < 0) ++ goto error; ++ pr_devel("AADigest = [%*ph]\n", 8, digest); ++ } ++ ++ pkcs7->sig.digest = digest; ++ digest = NULL; ++ ++error: ++ kfree(digest); ++error_no_desc: ++ crypto_free_shash(tfm); ++ kleave(" = %d\n", ret); ++ return ret; ++} ++ ++/* ++ * Verify a PKCS#7 message ++ */ ++int pkcs7_verify(struct pkcs7_message *pkcs7) ++{ ++ int ret; ++ ++ /* First of all, digest the data in the PKCS#7 message */ ++ ret = pkcs7_digest(pkcs7); ++ if (ret < 0) ++ return ret; ++ ++ return 0; ++} ++EXPORT_SYMBOL_GPL(pkcs7_verify); +-- +1.8.1.4 + + +From e67fed4626a30dd11967abad9187013ff4185991 Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Tue, 15 Jan 2013 15:33:39 +0000 +Subject: [PATCH 17/47] PKCS#7: Find the right key in the PKCS#7 key list and + verify the signature + +Find the appropriate key in the PKCS#7 key list and verify the signature with +it. There may be several keys in there forming a chain. Any link in that +chain or the root of that chain may be in our keyrings. + +Signed-off-by: David Howells +Reviewed-by: Kees Cook +--- + crypto/asymmetric_keys/pkcs7_verify.c | 61 +++++++++++++++++++++++++++++++++++ + 1 file changed, 61 insertions(+) + +diff --git a/crypto/asymmetric_keys/pkcs7_verify.c b/crypto/asymmetric_keys/pkcs7_verify.c +index 2f9f26c..3f6f0e2 100644 +--- a/crypto/asymmetric_keys/pkcs7_verify.c ++++ b/crypto/asymmetric_keys/pkcs7_verify.c +@@ -118,6 +118,53 @@ error_no_desc: + } + + /* ++ * Find the key (X.509 certificate) to use to verify a PKCS#7 message. PKCS#7 ++ * uses the issuer's name and the issuing certificate serial number for ++ * matching purposes. These must match the certificate issuer's name (not ++ * subject's name) and the certificate serial number [RFC 2315 6.7]. ++ */ ++static int pkcs7_find_key(struct pkcs7_message *pkcs7) ++{ ++ struct x509_certificate *x509; ++ ++ kenter("%u,%u", pkcs7->raw_serial_size, pkcs7->raw_issuer_size); ++ ++ for (x509 = pkcs7->certs; x509; x509 = x509->next) { ++ pr_devel("- x509 %u,%u\n", ++ x509->raw_serial_size, x509->raw_issuer_size); ++ ++ /* I'm _assuming_ that the generator of the PKCS#7 message will ++ * encode the fields from the X.509 cert in the same way in the ++ * PKCS#7 message - but I can't be 100% sure of that. It's ++ * possible this will need element-by-element comparison. ++ */ ++ if (x509->raw_serial_size != pkcs7->raw_serial_size || ++ memcmp(x509->raw_serial, pkcs7->raw_serial, ++ pkcs7->raw_serial_size) != 0) ++ continue; ++ pr_devel("Found cert serial match\n"); ++ ++ if (x509->raw_issuer_size != pkcs7->raw_issuer_size || ++ memcmp(x509->raw_issuer, pkcs7->raw_issuer, ++ pkcs7->raw_issuer_size) != 0) { ++ pr_warn("X.509 subject and PKCS#7 issuer don't match\n"); ++ continue; ++ } ++ ++ if (x509->pub->pkey_algo != pkcs7->sig.pkey_algo) { ++ pr_warn("X.509 algo and PKCS#7 sig algo don't match\n"); ++ continue; ++ } ++ ++ pkcs7->signer = x509; ++ return 0; ++ } ++ pr_warn("Issuing X.509 cert not found (#%*ph)\n", ++ pkcs7->raw_serial_size, pkcs7->raw_serial); ++ return -ENOKEY; ++} ++ ++/* + * Verify a PKCS#7 message + */ + int pkcs7_verify(struct pkcs7_message *pkcs7) +@@ -129,6 +176,20 @@ int pkcs7_verify(struct pkcs7_message *pkcs7) + if (ret < 0) + return ret; + ++ /* Find the key for the message signature */ ++ ret = pkcs7_find_key(pkcs7); ++ if (ret < 0) ++ return ret; ++ ++ pr_devel("Found X.509 cert\n"); ++ ++ /* Verify the PKCS#7 binary against the key */ ++ ret = public_key_verify_signature(pkcs7->signer->pub, &pkcs7->sig); ++ if (ret < 0) ++ return ret; ++ ++ pr_devel("Verified signature\n"); ++ + return 0; + } + EXPORT_SYMBOL_GPL(pkcs7_verify); +-- +1.8.1.4 + + +From 87ec8d783c887617ee6e85f66a9ce1a03c627e87 Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Tue, 15 Jan 2013 15:33:39 +0000 +Subject: [PATCH 18/47] PKCS#7: Verify internal certificate chain + +Verify certificate chain in the X.509 certificates contained within the PKCS#7 +message as far as possible. If any signature that we should be able to verify +fails, we reject the whole lot. + +Signed-off-by: David Howells +Reviewed-by: Kees Cook +--- + crypto/asymmetric_keys/pkcs7_verify.c | 67 ++++++++++++++++++++++++++++++++++- + crypto/asymmetric_keys/x509_parser.h | 1 + + 2 files changed, 67 insertions(+), 1 deletion(-) + +diff --git a/crypto/asymmetric_keys/pkcs7_verify.c b/crypto/asymmetric_keys/pkcs7_verify.c +index 3f6f0e2..b3774bd 100644 +--- a/crypto/asymmetric_keys/pkcs7_verify.c ++++ b/crypto/asymmetric_keys/pkcs7_verify.c +@@ -165,6 +165,70 @@ static int pkcs7_find_key(struct pkcs7_message *pkcs7) + } + + /* ++ * Verify the internal certificate chain as best we can. ++ */ ++static int pkcs7_verify_sig_chain(struct pkcs7_message *pkcs7) ++{ ++ struct x509_certificate *x509 = pkcs7->signer, *p; ++ int ret; ++ ++ kenter(""); ++ ++ for (;;) { ++ pr_debug("verify %s: %s\n", x509->subject, x509->fingerprint); ++ ret = x509_get_sig_params(x509); ++ if (ret < 0) ++ return ret; ++ ++ if (x509->issuer) ++ pr_debug("- issuer %s\n", x509->issuer); ++ if (x509->authority) ++ pr_debug("- authkeyid %s\n", x509->authority); ++ ++ if (!x509->authority || ++ (x509->subject && ++ strcmp(x509->subject, x509->authority) == 0)) { ++ /* If there's no authority certificate specified, then ++ * the certificate must be self-signed and is the root ++ * of the chain. Likewise if the cert is its own ++ * authority. ++ */ ++ pr_debug("- no auth?\n"); ++ if (x509->raw_subject_size != x509->raw_issuer_size || ++ memcmp(x509->raw_subject, x509->raw_issuer, ++ x509->raw_issuer_size) != 0) ++ return 0; ++ ++ ret = x509_check_signature(x509->pub, x509); ++ if (ret < 0) ++ return ret; ++ x509->signer = x509; ++ pr_debug("- self-signed\n"); ++ return 0; ++ } ++ ++ for (p = pkcs7->certs; p; p = p->next) ++ if (!p->signer && ++ p->raw_subject_size == x509->raw_issuer_size && ++ strcmp(p->fingerprint, x509->authority) == 0 && ++ memcmp(p->raw_subject, x509->raw_issuer, ++ x509->raw_issuer_size) == 0) ++ goto found_issuer; ++ pr_debug("- top\n"); ++ return 0; ++ ++ found_issuer: ++ pr_debug("- issuer %s\n", p->subject); ++ ret = x509_check_signature(p->pub, x509); ++ if (ret < 0) ++ return ret; ++ x509->signer = p; ++ x509 = p; ++ might_sleep(); ++ } ++} ++ ++/* + * Verify a PKCS#7 message + */ + int pkcs7_verify(struct pkcs7_message *pkcs7) +@@ -190,6 +254,7 @@ int pkcs7_verify(struct pkcs7_message *pkcs7) + + pr_devel("Verified signature\n"); + +- return 0; ++ /* Verify the internal certificate chain */ ++ return pkcs7_verify_sig_chain(pkcs7); + } + EXPORT_SYMBOL_GPL(pkcs7_verify); +diff --git a/crypto/asymmetric_keys/x509_parser.h b/crypto/asymmetric_keys/x509_parser.h +index 6b1d877..5e35fba 100644 +--- a/crypto/asymmetric_keys/x509_parser.h ++++ b/crypto/asymmetric_keys/x509_parser.h +@@ -14,6 +14,7 @@ + + struct x509_certificate { + struct x509_certificate *next; ++ const struct x509_certificate *signer; /* Certificate that signed this one */ + struct public_key *pub; /* Public key details */ + char *issuer; /* Name of certificate issuer */ + char *subject; /* Name of certificate subject */ +-- +1.8.1.4 + + +From cc6c40318a05330e4bb201b35378d7c0a0278aaa Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Tue, 15 Jan 2013 15:33:42 +0000 +Subject: [PATCH 19/47] PKCS#7: Find intersection between PKCS#7 message and + known, trusted keys + +Find the intersection between the X.509 certificate chain contained in a PKCS#7 +message and a set of keys that we already know and trust. + +Signed-off-by: David Howells +Reviewed-by: Kees Cook +--- + crypto/asymmetric_keys/Makefile | 1 + + crypto/asymmetric_keys/pkcs7_parser.h | 7 ++ + crypto/asymmetric_keys/pkcs7_trust.c | 149 ++++++++++++++++++++++++++++++++++ + 3 files changed, 157 insertions(+) + create mode 100644 crypto/asymmetric_keys/pkcs7_trust.c + +diff --git a/crypto/asymmetric_keys/Makefile b/crypto/asymmetric_keys/Makefile +index b6b39e7..d63cb43 100644 +--- a/crypto/asymmetric_keys/Makefile ++++ b/crypto/asymmetric_keys/Makefile +@@ -33,6 +33,7 @@ obj-$(CONFIG_PKCS7_MESSAGE_PARSER) += pkcs7_message.o + pkcs7_message-y := \ + pkcs7-asn1.o \ + pkcs7_parser.o \ ++ pkcs7_trust.o \ + pkcs7_verify.o + + $(obj)/pkcs7_parser.o: $(obj)/pkcs7-asn1.h +diff --git a/crypto/asymmetric_keys/pkcs7_parser.h b/crypto/asymmetric_keys/pkcs7_parser.h +index 5415857..ffa72dc 100644 +--- a/crypto/asymmetric_keys/pkcs7_parser.h ++++ b/crypto/asymmetric_keys/pkcs7_parser.h +@@ -60,6 +60,13 @@ extern struct pkcs7_message *pkcs7_parse_message(const void *data, + extern void pkcs7_free_message(struct pkcs7_message *pkcs7); + + /* ++ * pkcs7_trust.c ++ */ ++extern int pkcs7_validate_trust(struct pkcs7_message *pkcs7, ++ struct key *trust_keyring, ++ bool *_trusted); ++ ++/* + * pkcs7_verify.c + */ + extern int pkcs7_verify(struct pkcs7_message *pkcs7); +diff --git a/crypto/asymmetric_keys/pkcs7_trust.c b/crypto/asymmetric_keys/pkcs7_trust.c +new file mode 100644 +index 0000000..cc226f5 +--- /dev/null ++++ b/crypto/asymmetric_keys/pkcs7_trust.c +@@ -0,0 +1,149 @@ ++/* Validate the trust chain of a PKCS#7 message. ++ * ++ * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. ++ * Written by David Howells (dhowells@redhat.com) ++ * ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU General Public Licence ++ * as published by the Free Software Foundation; either version ++ * 2 of the Licence, or (at your option) any later version. ++ */ ++ ++#define pr_fmt(fmt) "PKCS7: "fmt ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include "public_key.h" ++#include "pkcs7_parser.h" ++ ++/* ++ * Request an asymmetric key. ++ */ ++static struct key *pkcs7_request_asymmetric_key( ++ struct key *keyring, ++ const char *signer, size_t signer_len, ++ const char *authority, size_t auth_len) ++{ ++ key_ref_t key; ++ char *id; ++ ++ kenter(",%zu,,%zu", signer_len, auth_len); ++ ++ /* Construct an identifier. */ ++ id = kmalloc(signer_len + 2 + auth_len + 1, GFP_KERNEL); ++ if (!id) ++ return ERR_PTR(-ENOMEM); ++ ++ memcpy(id, signer, signer_len); ++ id[signer_len + 0] = ':'; ++ id[signer_len + 1] = ' '; ++ memcpy(id + signer_len + 2, authority, auth_len); ++ id[signer_len + 2 + auth_len] = 0; ++ ++ pr_debug("Look up: \"%s\"\n", id); ++ ++ key = keyring_search(make_key_ref(keyring, 1), ++ &key_type_asymmetric, id); ++ if (IS_ERR(key)) ++ pr_debug("Request for module key '%s' err %ld\n", ++ id, PTR_ERR(key)); ++ kfree(id); ++ ++ if (IS_ERR(key)) { ++ switch (PTR_ERR(key)) { ++ /* Hide some search errors */ ++ case -EACCES: ++ case -ENOTDIR: ++ case -EAGAIN: ++ return ERR_PTR(-ENOKEY); ++ default: ++ return ERR_CAST(key); ++ } ++ } ++ ++ pr_devel("<==%s() = 0 [%x]\n", __func__, key_serial(key_ref_to_ptr(key))); ++ return key_ref_to_ptr(key); ++} ++ ++/* ++ * Validate that the certificate chain inside the PKCS#7 message intersects ++ * keys we already know and trust. ++ */ ++int pkcs7_validate_trust(struct pkcs7_message *pkcs7, ++ struct key *trust_keyring, ++ bool *_trusted) ++{ ++ struct public_key_signature *sig = &pkcs7->sig; ++ struct x509_certificate *x509, *last = NULL; ++ struct key *key; ++ bool trusted; ++ int ret; ++ ++ kenter(""); ++ ++ for (x509 = pkcs7->signer; x509; x509 = x509->next) { ++ /* Look to see if this certificate is present in the trusted ++ * keys. ++ */ ++ key = pkcs7_request_asymmetric_key( ++ trust_keyring, ++ x509->subject, strlen(x509->subject), ++ x509->fingerprint, strlen(x509->fingerprint)); ++ if (!IS_ERR(key)) ++ /* One of the X.509 certificates in the PKCS#7 message ++ * is apparently the same as one we already trust. ++ * Verify that the trusted variant can also validate ++ * the signature on the descendent. ++ */ ++ goto matched; ++ if (key == ERR_PTR(-ENOMEM)) ++ return -ENOMEM; ++ ++ /* Self-signed certificates form roots of their own, and if we ++ * don't know them, then we can't accept them. ++ */ ++ if (x509->next == x509) { ++ kleave(" = -EKEYREJECTED [unknown self-signed]"); ++ return -EKEYREJECTED; ++ } ++ ++ might_sleep(); ++ last = x509; ++ sig = &last->sig; ++ } ++ ++ /* No match - see if the root certificate has a signer amongst the ++ * trusted keys. ++ */ ++ if (!last || !last->issuer || !last->authority) { ++ kleave(" = -EKEYREJECTED [no backref]"); ++ return -EKEYREJECTED; ++ } ++ ++ key = pkcs7_request_asymmetric_key( ++ trust_keyring, ++ last->issuer, strlen(last->issuer), ++ last->authority, strlen(last->authority)); ++ if (IS_ERR(key)) ++ return PTR_ERR(key) == -ENOMEM ? -ENOMEM : -EKEYREJECTED; ++ ++matched: ++ ret = verify_signature(key, sig); ++ trusted = test_bit(KEY_FLAG_TRUSTED, &key->flags); ++ key_put(key); ++ if (ret < 0) { ++ if (ret == -ENOMEM) ++ return ret; ++ kleave(" = -EKEYREJECTED [verify %d]", ret); ++ return -EKEYREJECTED; ++ } ++ ++ *_trusted = trusted; ++ kleave(" = 0"); ++ return 0; ++} ++EXPORT_SYMBOL_GPL(pkcs7_validate_trust); +-- +1.8.1.4 + + +From f20b0d77771133bd0d7e89932fef494f00687607 Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Tue, 15 Jan 2013 15:33:39 +0000 +Subject: [PATCH 20/47] Provide PE binary definitions + +Provide some PE binary structural and constant definitions as taken from the +pesign package sources. + +Signed-off-by: David Howells +Reviewed-by: Kees Cook +--- + include/linux/pe.h | 448 +++++++++++++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 448 insertions(+) + create mode 100644 include/linux/pe.h + +diff --git a/include/linux/pe.h b/include/linux/pe.h +new file mode 100644 +index 0000000..9234aef +--- /dev/null ++++ b/include/linux/pe.h +@@ -0,0 +1,448 @@ ++/* ++ * Copyright 2011 Red Hat, Inc. ++ * All rights reserved. ++ * ++ * This program is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; version 2 of the License. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with this program. If not, see . ++ * ++ * Author(s): Peter Jones ++ */ ++#ifndef __LINUX_PE_H ++#define __LINUX_PE_H ++ ++#include ++ ++#define MZ_MAGIC 0x5a4d /* "MZ" */ ++ ++struct mz_hdr { ++ uint16_t magic; /* MZ_MAGIC */ ++ uint16_t lbsize; /* size of last used block */ ++ uint16_t blocks; /* pages in file, 0x3 */ ++ uint16_t relocs; /* relocations */ ++ uint16_t hdrsize; /* header size in "paragraphs" */ ++ uint16_t min_extra_pps; /* .bss */ ++ uint16_t max_extra_pps; /* runtime limit for the arena size */ ++ uint16_t ss; /* relative stack segment */ ++ uint16_t sp; /* initial %sp register */ ++ uint16_t checksum; /* word checksum */ ++ uint16_t ip; /* initial %ip register */ ++ uint16_t cs; /* initial %cs relative to load segment */ ++ uint16_t reloc_table_offset; /* offset of the first relocation */ ++ uint16_t overlay_num; /* overlay number. set to 0. */ ++ uint16_t reserved0[4]; /* reserved */ ++ uint16_t oem_id; /* oem identifier */ ++ uint16_t oem_info; /* oem specific */ ++ uint16_t reserved1[10]; /* reserved */ ++ uint32_t peaddr; /* address of pe header */ ++ char message[64]; /* message to print */ ++}; ++ ++struct mz_reloc { ++ uint16_t offset; ++ uint16_t segment; ++}; ++ ++#define PE_MAGIC 0x00004550 /* "PE\0\0" */ ++#define PE_OPT_MAGIC_PE32 0x010b ++#define PE_OPT_MAGIC_PE32_ROM 0x0107 ++#define PE_OPT_MAGIC_PE32PLUS 0x020b ++ ++/* machine type */ ++#define IMAGE_FILE_MACHINE_UNKNOWN 0x0000 ++#define IMAGE_FILE_MACHINE_AM33 0x01d3 ++#define IMAGE_FILE_MACHINE_AMD64 0x8664 ++#define IMAGE_FILE_MACHINE_ARM 0x01c0 ++#define IMAGE_FILE_MACHINE_ARMV7 0x01c4 ++#define IMAGE_FILE_MACHINE_EBC 0x0ebc ++#define IMAGE_FILE_MACHINE_I386 0x014c ++#define IMAGE_FILE_MACHINE_IA64 0x0200 ++#define IMAGE_FILE_MACHINE_M32R 0x9041 ++#define IMAGE_FILE_MACHINE_MIPS16 0x0266 ++#define IMAGE_FILE_MACHINE_MIPSFPU 0x0366 ++#define IMAGE_FILE_MACHINE_MIPSFPU16 0x0466 ++#define IMAGE_FILE_MACHINE_POWERPC 0x01f0 ++#define IMAGE_FILE_MACHINE_POWERPCFP 0x01f1 ++#define IMAGE_FILE_MACHINE_R4000 0x0166 ++#define IMAGE_FILE_MACHINE_SH3 0x01a2 ++#define IMAGE_FILE_MACHINE_SH3DSP 0x01a3 ++#define IMAGE_FILE_MACHINE_SH3E 0x01a4 ++#define IMAGE_FILE_MACHINE_SH4 0x01a6 ++#define IMAGE_FILE_MACHINE_SH5 0x01a8 ++#define IMAGE_FILE_MACHINE_THUMB 0x01c2 ++#define IMAGE_FILE_MACHINE_WCEMIPSV2 0x0169 ++ ++/* flags */ ++#define IMAGE_FILE_RELOCS_STRIPPED 0x0001 ++#define IMAGE_FILE_EXECUTABLE_IMAGE 0x0002 ++#define IMAGE_FILE_LINE_NUMS_STRIPPED 0x0004 ++#define IMAGE_FILE_LOCAL_SYMS_STRIPPED 0x0008 ++#define IMAGE_FILE_AGGRESSIVE_WS_TRIM 0x0010 ++#define IMAGE_FILE_LARGE_ADDRESS_AWARE 0x0020 ++#define IMAGE_FILE_16BIT_MACHINE 0x0040 ++#define IMAGE_FILE_BYTES_REVERSED_LO 0x0080 ++#define IMAGE_FILE_32BIT_MACHINE 0x0100 ++#define IMAGE_FILE_DEBUG_STRIPPED 0x0200 ++#define IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP 0x0400 ++#define IMAGE_FILE_NET_RUN_FROM_SWAP 0x0800 ++#define IMAGE_FILE_SYSTEM 0x1000 ++#define IMAGE_FILE_DLL 0x2000 ++#define IMAGE_FILE_UP_SYSTEM_ONLY 0x4000 ++#define IMAGE_FILE_BYTES_REVERSED_HI 0x8000 ++ ++struct pe_hdr { ++ uint32_t magic; /* PE magic */ ++ uint16_t machine; /* machine type */ ++ uint16_t sections; /* number of sections */ ++ uint32_t timestamp; /* time_t */ ++ uint32_t symbol_table; /* symbol table offset */ ++ uint32_t symbols; /* number of symbols */ ++ uint16_t opt_hdr_size; /* size of optional header */ ++ uint16_t flags; /* flags */ ++}; ++ ++#define IMAGE_FILE_OPT_ROM_MAGIC 0x107 ++#define IMAGE_FILE_OPT_PE32_MAGIC 0x10b ++#define IMAGE_FILE_OPT_PE32_PLUS_MAGIC 0x20b ++ ++#define IMAGE_SUBSYSTEM_UNKNOWN 0 ++#define IMAGE_SUBSYSTEM_NATIVE 1 ++#define IMAGE_SUBSYSTEM_WINDOWS_GUI 2 ++#define IMAGE_SUBSYSTEM_WINDOWS_CUI 3 ++#define IMAGE_SUBSYSTEM_POSIX_CUI 7 ++#define IMAGE_SUBSYSTEM_WINDOWS_CE_GUI 9 ++#define IMAGE_SUBSYSTEM_EFI_APPLICATION 10 ++#define IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER 11 ++#define IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER 12 ++#define IMAGE_SUBSYSTEM_EFI_ROM_IMAGE 13 ++#define IMAGE_SUBSYSTEM_XBOX 14 ++ ++#define IMAGE_DLL_CHARACTERISTICS_DYNAMIC_BASE 0x0040 ++#define IMAGE_DLL_CHARACTERISTICS_FORCE_INTEGRITY 0x0080 ++#define IMAGE_DLL_CHARACTERISTICS_NX_COMPAT 0x0100 ++#define IMAGE_DLLCHARACTERISTICS_NO_ISOLATION 0x0200 ++#define IMAGE_DLLCHARACTERISTICS_NO_SEH 0x0400 ++#define IMAGE_DLLCHARACTERISTICS_NO_BIND 0x0800 ++#define IMAGE_DLLCHARACTERISTICS_WDM_DRIVER 0x2000 ++#define IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE 0x8000 ++ ++/* the fact that pe32 isn't padded where pe32+ is 64-bit means union won't ++ * work right. vomit. */ ++struct pe32_opt_hdr { ++ /* "standard" header */ ++ uint16_t magic; /* file type */ ++ uint8_t ld_major; /* linker major version */ ++ uint8_t ld_minor; /* linker minor version */ ++ uint32_t text_size; /* size of text section(s) */ ++ uint32_t data_size; /* size of data section(s) */ ++ uint32_t bss_size; /* size of bss section(s) */ ++ uint32_t entry_point; /* file offset of entry point */ ++ uint32_t code_base; /* relative code addr in ram */ ++ uint32_t data_base; /* relative data addr in ram */ ++ /* "windows" header */ ++ uint32_t image_base; /* preferred load address */ ++ uint32_t section_align; /* alignment in bytes */ ++ uint32_t file_align; /* file alignment in bytes */ ++ uint16_t os_major; /* major OS version */ ++ uint16_t os_minor; /* minor OS version */ ++ uint16_t image_major; /* major image version */ ++ uint16_t image_minor; /* minor image version */ ++ uint16_t subsys_major; /* major subsystem version */ ++ uint16_t subsys_minor; /* minor subsystem version */ ++ uint32_t win32_version; /* reserved, must be 0 */ ++ uint32_t image_size; /* image size */ ++ uint32_t header_size; /* header size rounded up to ++ file_align */ ++ uint32_t csum; /* checksum */ ++ uint16_t subsys; /* subsystem */ ++ uint16_t dll_flags; /* more flags! */ ++ uint32_t stack_size_req;/* amt of stack requested */ ++ uint32_t stack_size; /* amt of stack required */ ++ uint32_t heap_size_req; /* amt of heap requested */ ++ uint32_t heap_size; /* amt of heap required */ ++ uint32_t loader_flags; /* reserved, must be 0 */ ++ uint32_t data_dirs; /* number of data dir entries */ ++}; ++ ++struct pe32plus_opt_hdr { ++ uint16_t magic; /* file type */ ++ uint8_t ld_major; /* linker major version */ ++ uint8_t ld_minor; /* linker minor version */ ++ uint32_t text_size; /* size of text section(s) */ ++ uint32_t data_size; /* size of data section(s) */ ++ uint32_t bss_size; /* size of bss section(s) */ ++ uint32_t entry_point; /* file offset of entry point */ ++ uint32_t code_base; /* relative code addr in ram */ ++ /* "windows" header */ ++ uint64_t image_base; /* preferred load address */ ++ uint32_t section_align; /* alignment in bytes */ ++ uint32_t file_align; /* file alignment in bytes */ ++ uint16_t os_major; /* major OS version */ ++ uint16_t os_minor; /* minor OS version */ ++ uint16_t image_major; /* major image version */ ++ uint16_t image_minor; /* minor image version */ ++ uint16_t subsys_major; /* major subsystem version */ ++ uint16_t subsys_minor; /* minor subsystem version */ ++ uint32_t win32_version; /* reserved, must be 0 */ ++ uint32_t image_size; /* image size */ ++ uint32_t header_size; /* header size rounded up to ++ file_align */ ++ uint32_t csum; /* checksum */ ++ uint16_t subsys; /* subsystem */ ++ uint16_t dll_flags; /* more flags! */ ++ uint64_t stack_size_req;/* amt of stack requested */ ++ uint64_t stack_size; /* amt of stack required */ ++ uint64_t heap_size_req; /* amt of heap requested */ ++ uint64_t heap_size; /* amt of heap required */ ++ uint32_t loader_flags; /* reserved, must be 0 */ ++ uint32_t data_dirs; /* number of data dir entries */ ++}; ++ ++struct data_dirent { ++ uint32_t virtual_address; /* relative to load address */ ++ uint32_t size; ++}; ++ ++struct data_directory { ++ struct data_dirent exports; /* .edata */ ++ struct data_dirent imports; /* .idata */ ++ struct data_dirent resources; /* .rsrc */ ++ struct data_dirent exceptions; /* .pdata */ ++ struct data_dirent certs; /* certs */ ++ struct data_dirent base_relocations; /* .reloc */ ++ struct data_dirent debug; /* .debug */ ++ struct data_dirent arch; /* reservered */ ++ struct data_dirent global_ptr; /* global pointer reg. Size=0 */ ++ struct data_dirent tls; /* .tls */ ++ struct data_dirent load_config; /* load configuration structure */ ++ struct data_dirent bound_imports; /* no idea */ ++ struct data_dirent import_addrs; /* import address table */ ++ struct data_dirent delay_imports; /* delay-load import table */ ++ struct data_dirent clr_runtime_hdr; /* .cor (object only) */ ++ struct data_dirent reserved; ++}; ++ ++struct section_header { ++ char name[8]; /* name or "/12\0" string tbl offset */ ++ uint32_t virtual_size; /* size of loaded section in ram */ ++ uint32_t virtual_address; /* relative virtual address */ ++ uint32_t raw_data_size; /* size of the section */ ++ uint32_t data_addr; /* file pointer to first page of sec */ ++ uint32_t relocs; /* file pointer to relocation entries */ ++ uint32_t line_numbers; /* line numbers! */ ++ uint16_t num_relocs; /* number of relocations */ ++ uint16_t num_lin_numbers; /* srsly. */ ++ uint32_t flags; ++}; ++ ++/* they actually defined 0x00000000 as well, but I think we'll skip that one. */ ++#define IMAGE_SCN_RESERVED_0 0x00000001 ++#define IMAGE_SCN_RESERVED_1 0x00000002 ++#define IMAGE_SCN_RESERVED_2 0x00000004 ++#define IMAGE_SCN_TYPE_NO_PAD 0x00000008 /* don't pad - obsolete */ ++#define IMAGE_SCN_RESERVED_3 0x00000010 ++#define IMAGE_SCN_CNT_CODE 0x00000020 /* .text */ ++#define IMAGE_SCN_CNT_INITIALIZED_DATA 0x00000040 /* .data */ ++#define IMAGE_SCN_CNT_UNINITIALIZED_DATA 0x00000080 /* .bss */ ++#define IMAGE_SCN_LNK_OTHER 0x00000100 /* reserved */ ++#define IMAGE_SCN_LNK_INFO 0x00000200 /* .drectve comments */ ++#define IMAGE_SCN_RESERVED_4 0x00000400 ++#define IMAGE_SCN_LNK_REMOVE 0x00000800 /* .o only - scn to be rm'd*/ ++#define IMAGE_SCN_LNK_COMDAT 0x00001000 /* .o only - COMDAT data */ ++#define IMAGE_SCN_RESERVED_5 0x00002000 /* spec omits this */ ++#define IMAGE_SCN_RESERVED_6 0x00004000 /* spec omits this */ ++#define IMAGE_SCN_GPREL 0x00008000 /* global pointer referenced data */ ++/* spec lists 0x20000 twice, I suspect they meant 0x10000 for one of them */ ++#define IMAGE_SCN_MEM_PURGEABLE 0x00010000 /* reserved for "future" use */ ++#define IMAGE_SCN_16BIT 0x00020000 /* reserved for "future" use */ ++#define IMAGE_SCN_LOCKED 0x00040000 /* reserved for "future" use */ ++#define IMAGE_SCN_PRELOAD 0x00080000 /* reserved for "future" use */ ++/* and here they just stuck a 1-byte integer in the middle of a bitfield */ ++#define IMAGE_SCN_ALIGN_1BYTES 0x00100000 /* it does what it says on the box */ ++#define IMAGE_SCN_ALIGN_2BYTES 0x00200000 ++#define IMAGE_SCN_ALIGN_4BYTES 0x00300000 ++#define IMAGE_SCN_ALIGN_8BYTES 0x00400000 ++#define IMAGE_SCN_ALIGN_16BYTES 0x00500000 ++#define IMAGE_SCN_ALIGN_32BYTES 0x00600000 ++#define IMAGE_SCN_ALIGN_64BYTES 0x00700000 ++#define IMAGE_SCN_ALIGN_128BYTES 0x00800000 ++#define IMAGE_SCN_ALIGN_256BYTES 0x00900000 ++#define IMAGE_SCN_ALIGN_512BYTES 0x00a00000 ++#define IMAGE_SCN_ALIGN_1024BYTES 0x00b00000 ++#define IMAGE_SCN_ALIGN_2048BYTES 0x00c00000 ++#define IMAGE_SCN_ALIGN_4096BYTES 0x00d00000 ++#define IMAGE_SCN_ALIGN_8192BYTES 0x00e00000 ++#define IMAGE_SCN_LNK_NRELOC_OVFL 0x01000000 /* extended relocations */ ++#define IMAGE_SCN_MEM_DISCARDABLE 0x02000000 /* scn can be discarded */ ++#define IMAGE_SCN_MEM_NOT_CACHED 0x04000000 /* cannot be cached */ ++#define IMAGE_SCN_MEM_NOT_PAGED 0x08000000 /* not pageable */ ++#define IMAGE_SCN_MEM_SHARED 0x10000000 /* can be shared */ ++#define IMAGE_SCN_MEM_EXECUTE 0x20000000 /* can be executed as code */ ++#define IMAGE_SCN_MEM_READ 0x40000000 /* readable */ ++#define IMAGE_SCN_MEM_WRITE 0x80000000 /* writeable */ ++ ++enum x64_coff_reloc_type { ++ IMAGE_REL_AMD64_ABSOLUTE = 0, ++ IMAGE_REL_AMD64_ADDR64, ++ IMAGE_REL_AMD64_ADDR32, ++ IMAGE_REL_AMD64_ADDR32N, ++ IMAGE_REL_AMD64_REL32, ++ IMAGE_REL_AMD64_REL32_1, ++ IMAGE_REL_AMD64_REL32_2, ++ IMAGE_REL_AMD64_REL32_3, ++ IMAGE_REL_AMD64_REL32_4, ++ IMAGE_REL_AMD64_REL32_5, ++ IMAGE_REL_AMD64_SECTION, ++ IMAGE_REL_AMD64_SECREL, ++ IMAGE_REL_AMD64_SECREL7, ++ IMAGE_REL_AMD64_TOKEN, ++ IMAGE_REL_AMD64_SREL32, ++ IMAGE_REL_AMD64_PAIR, ++ IMAGE_REL_AMD64_SSPAN32, ++}; ++ ++enum arm_coff_reloc_type { ++ IMAGE_REL_ARM_ABSOLUTE, ++ IMAGE_REL_ARM_ADDR32, ++ IMAGE_REL_ARM_ADDR32N, ++ IMAGE_REL_ARM_BRANCH2, ++ IMAGE_REL_ARM_BRANCH1, ++ IMAGE_REL_ARM_SECTION, ++ IMAGE_REL_ARM_SECREL, ++}; ++ ++enum sh_coff_reloc_type { ++ IMAGE_REL_SH3_ABSOLUTE, ++ IMAGE_REL_SH3_DIRECT16, ++ IMAGE_REL_SH3_DIRECT32, ++ IMAGE_REL_SH3_DIRECT8, ++ IMAGE_REL_SH3_DIRECT8_WORD, ++ IMAGE_REL_SH3_DIRECT8_LONG, ++ IMAGE_REL_SH3_DIRECT4, ++ IMAGE_REL_SH3_DIRECT4_WORD, ++ IMAGE_REL_SH3_DIRECT4_LONG, ++ IMAGE_REL_SH3_PCREL8_WORD, ++ IMAGE_REL_SH3_PCREL8_LONG, ++ IMAGE_REL_SH3_PCREL12_WORD, ++ IMAGE_REL_SH3_STARTOF_SECTION, ++ IMAGE_REL_SH3_SIZEOF_SECTION, ++ IMAGE_REL_SH3_SECTION, ++ IMAGE_REL_SH3_SECREL, ++ IMAGE_REL_SH3_DIRECT32_NB, ++ IMAGE_REL_SH3_GPREL4_LONG, ++ IMAGE_REL_SH3_TOKEN, ++ IMAGE_REL_SHM_PCRELPT, ++ IMAGE_REL_SHM_REFLO, ++ IMAGE_REL_SHM_REFHALF, ++ IMAGE_REL_SHM_RELLO, ++ IMAGE_REL_SHM_RELHALF, ++ IMAGE_REL_SHM_PAIR, ++ IMAGE_REL_SHM_NOMODE, ++}; ++ ++enum ppc_coff_reloc_type { ++ IMAGE_REL_PPC_ABSOLUTE, ++ IMAGE_REL_PPC_ADDR64, ++ IMAGE_REL_PPC_ADDR32, ++ IMAGE_REL_PPC_ADDR24, ++ IMAGE_REL_PPC_ADDR16, ++ IMAGE_REL_PPC_ADDR14, ++ IMAGE_REL_PPC_REL24, ++ IMAGE_REL_PPC_REL14, ++ IMAGE_REL_PPC_ADDR32N, ++ IMAGE_REL_PPC_SECREL, ++ IMAGE_REL_PPC_SECTION, ++ IMAGE_REL_PPC_SECREL16, ++ IMAGE_REL_PPC_REFHI, ++ IMAGE_REL_PPC_REFLO, ++ IMAGE_REL_PPC_PAIR, ++ IMAGE_REL_PPC_SECRELLO, ++ IMAGE_REL_PPC_GPREL, ++ IMAGE_REL_PPC_TOKEN, ++}; ++ ++enum x86_coff_reloc_type { ++ IMAGE_REL_I386_ABSOLUTE, ++ IMAGE_REL_I386_DIR16, ++ IMAGE_REL_I386_REL16, ++ IMAGE_REL_I386_DIR32, ++ IMAGE_REL_I386_DIR32NB, ++ IMAGE_REL_I386_SEG12, ++ IMAGE_REL_I386_SECTION, ++ IMAGE_REL_I386_SECREL, ++ IMAGE_REL_I386_TOKEN, ++ IMAGE_REL_I386_SECREL7, ++ IMAGE_REL_I386_REL32, ++}; ++ ++enum ia64_coff_reloc_type { ++ IMAGE_REL_IA64_ABSOLUTE, ++ IMAGE_REL_IA64_IMM14, ++ IMAGE_REL_IA64_IMM22, ++ IMAGE_REL_IA64_IMM64, ++ IMAGE_REL_IA64_DIR32, ++ IMAGE_REL_IA64_DIR64, ++ IMAGE_REL_IA64_PCREL21B, ++ IMAGE_REL_IA64_PCREL21M, ++ IMAGE_REL_IA64_PCREL21F, ++ IMAGE_REL_IA64_GPREL22, ++ IMAGE_REL_IA64_LTOFF22, ++ IMAGE_REL_IA64_SECTION, ++ IMAGE_REL_IA64_SECREL22, ++ IMAGE_REL_IA64_SECREL64I, ++ IMAGE_REL_IA64_SECREL32, ++ IMAGE_REL_IA64_DIR32NB, ++ IMAGE_REL_IA64_SREL14, ++ IMAGE_REL_IA64_SREL22, ++ IMAGE_REL_IA64_SREL32, ++ IMAGE_REL_IA64_UREL32, ++ IMAGE_REL_IA64_PCREL60X, ++ IMAGE_REL_IA64_PCREL60B, ++ IMAGE_REL_IA64_PCREL60F, ++ IMAGE_REL_IA64_PCREL60I, ++ IMAGE_REL_IA64_PCREL60M, ++ IMAGE_REL_IA64_IMMGPREL6, ++ IMAGE_REL_IA64_TOKEN, ++ IMAGE_REL_IA64_GPREL32, ++ IMAGE_REL_IA64_ADDEND, ++}; ++ ++struct coff_reloc { ++ uint32_t virtual_address; ++ uint32_t symbol_table_index; ++ union { ++ enum x64_coff_reloc_type x64_type; ++ enum arm_coff_reloc_type arm_type; ++ enum sh_coff_reloc_type sh_type; ++ enum ppc_coff_reloc_type ppc_type; ++ enum x86_coff_reloc_type x86_type; ++ enum ia64_coff_reloc_type ia64_type; ++ uint16_t data; ++ }; ++}; ++ ++/* ++ * Definitions for the contents of the certs data block ++ */ ++#define WIN_CERT_TYPE_PKCS_SIGNED_DATA 0x0002 ++#define WIN_CERT_TYPE_EFI_OKCS115 0x0EF0 ++#define WIN_CERT_TYPE_EFI_GUID 0x0EF1 ++ ++#define WIN_CERT_REVISION_1_0 0x0100 ++#define WIN_CERT_REVISION_2_0 0x0200 ++ ++struct win_certificate { ++ uint32_t length; ++ uint16_t revision; ++ uint16_t cert_type; ++}; ++ ++#endif /* __LINUX_PE_H */ +-- +1.8.1.4 + + +From d329754b0c2881b6331aacafab74a26b2d9262b3 Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Tue, 15 Jan 2013 15:33:40 +0000 +Subject: [PATCH 21/47] pefile: Parse a PE binary to find a key and a signature + contained therein + +Parse a PE binary to find a key and a signature contained therein. Later +patches will check the signature and add the key if the signature checks out. + +Signed-off-by: David Howells +Reviewed-by: Kees Cook +--- + crypto/asymmetric_keys/Kconfig | 10 +- + crypto/asymmetric_keys/Makefile | 8 ++ + crypto/asymmetric_keys/pefile_parser.c | 185 +++++++++++++++++++++++++++++++++ + crypto/asymmetric_keys/pefile_parser.h | 31 ++++++ + 4 files changed, 233 insertions(+), 1 deletion(-) + create mode 100644 crypto/asymmetric_keys/pefile_parser.c + create mode 100644 crypto/asymmetric_keys/pefile_parser.h + +diff --git a/crypto/asymmetric_keys/Kconfig b/crypto/asymmetric_keys/Kconfig +index 413f3f6..2e7315c 100644 +--- a/crypto/asymmetric_keys/Kconfig ++++ b/crypto/asymmetric_keys/Kconfig +@@ -31,7 +31,7 @@ config X509_CERTIFICATE_PARSER + select ASN1 + select OID_REGISTRY + help +- This option procides support for parsing X.509 format blobs for key ++ This option provides support for parsing X.509 format blobs for key + data and provides the ability to instantiate a crypto key from a + public key packet found inside the certificate. + +@@ -44,4 +44,12 @@ config PKCS7_MESSAGE_PARSER + This option provides support for parsing PKCS#7 format messages for + signature data and provides the ability to verify the signature. + ++config PE_FILE_PARSER ++ tristate "PE binary-wrapped key parser" ++ depends on X509_CERTIFICATE_PARSER ++ depends on PKCS7_MESSAGE_PARSER ++ help ++ This option provides support for parsing signed PE binaries that ++ contain an X.509 certificate in an internal section. ++ + endif # ASYMMETRIC_KEY_TYPE +diff --git a/crypto/asymmetric_keys/Makefile b/crypto/asymmetric_keys/Makefile +index d63cb43..2675146 100644 +--- a/crypto/asymmetric_keys/Makefile ++++ b/crypto/asymmetric_keys/Makefile +@@ -40,3 +40,11 @@ $(obj)/pkcs7_parser.o: $(obj)/pkcs7-asn1.h + $(obj)/pkcs7-asn1.o: $(obj)/pkcs7-asn1.c $(obj)/pkcs7-asn1.h + + clean-files += pkcs7-asn1.c pkcs7-asn1.h ++ ++# ++# Signed PE binary-wrapped key handling ++# ++obj-$(CONFIG_PE_FILE_PARSER) += pefile_key_parser.o ++ ++pefile_key_parser-y := \ ++ pefile_parser.o +diff --git a/crypto/asymmetric_keys/pefile_parser.c b/crypto/asymmetric_keys/pefile_parser.c +new file mode 100644 +index 0000000..fb80cf0 +--- /dev/null ++++ b/crypto/asymmetric_keys/pefile_parser.c +@@ -0,0 +1,185 @@ ++/* Parse a signed PE binary that wraps a key. ++ * ++ * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. ++ * Written by David Howells (dhowells@redhat.com) ++ * ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU General Public Licence ++ * as published by the Free Software Foundation; either version ++ * 2 of the Licence, or (at your option) any later version. ++ */ ++ ++#define pr_fmt(fmt) "PEFILE: "fmt ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include "asymmetric_keys.h" ++#include "public_key.h" ++#include "pefile_parser.h" ++ ++/* ++ * Parse a PE binary. ++ */ ++static int pefile_parse_binary(struct key_preparsed_payload *prep, ++ struct pefile_context *ctx) ++{ ++ const struct mz_hdr *mz = prep->data; ++ const struct pe_hdr *pe; ++ const struct pe32_opt_hdr *pe32; ++ const struct pe32plus_opt_hdr *pe64; ++ const struct data_directory *ddir; ++ const struct data_dirent *dde; ++ const struct section_header *secs, *sec; ++ unsigned loop; ++ size_t cursor, datalen = prep->datalen; ++ ++ kenter(""); ++ ++#define chkaddr(base, x, s) \ ++ do { \ ++ if ((x) < base || (s) >= datalen || (x) > datalen - (s)) \ ++ return -ELIBBAD; \ ++ } while(0) ++ ++ chkaddr(0, 0, sizeof(*mz)); ++ if (mz->magic != MZ_MAGIC) ++ return -ELIBBAD; ++ cursor = sizeof(*mz); ++ ++ chkaddr(cursor, mz->peaddr, sizeof(*pe)); ++ pe = prep->data + mz->peaddr; ++ if (pe->magic != PE_MAGIC) ++ return -ELIBBAD; ++ cursor = mz->peaddr + sizeof(*pe); ++ ++ chkaddr(0, cursor, sizeof(pe32->magic)); ++ pe32 = prep->data + cursor; ++ pe64 = prep->data + cursor; ++ ++ switch (pe32->magic) { ++ case PE_OPT_MAGIC_PE32: ++ chkaddr(0, cursor, sizeof(*pe32)); ++ ctx->image_checksum_offset = ++ (unsigned long)&pe32->csum - (unsigned long)prep->data; ++ ctx->header_size = pe32->header_size; ++ cursor += sizeof(*pe32); ++ ctx->n_data_dirents = pe32->data_dirs; ++ break; ++ ++ case PE_OPT_MAGIC_PE32PLUS: ++ chkaddr(0, cursor, sizeof(*pe64)); ++ ctx->image_checksum_offset = ++ (unsigned long)&pe64->csum - (unsigned long)prep->data; ++ ctx->header_size = pe64->header_size; ++ cursor += sizeof(*pe64); ++ ctx->n_data_dirents = pe64->data_dirs; ++ break; ++ ++ default: ++ pr_devel("Unknown PEOPT magic = %04hx\n", pe32->magic); ++ return -ELIBBAD; ++ } ++ ++ pr_devel("checksum @ %x\n", ctx->image_checksum_offset); ++ pr_devel("header size = %x\n", ctx->header_size); ++ ++ if (cursor >= ctx->header_size || ctx->header_size >= datalen) ++ return -ELIBBAD; ++ ++ if (ctx->n_data_dirents > (ctx->header_size - cursor) / sizeof(*dde) || ++ ctx->n_data_dirents < sizeof(*ddir) / sizeof(*dde)) ++ return -ELIBBAD; ++ ++ ddir = prep->data + cursor; ++ cursor += sizeof(*dde) * ctx->n_data_dirents; ++ ++ ctx->cert_dirent_offset = ++ (unsigned long)&ddir->certs - (unsigned long)prep->data; ++ ctx->certs_size = ddir->certs.size; ++ ++ if (!ddir->certs.virtual_address || !ddir->certs.size) { ++ pr_devel("Unsigned PE binary\n"); ++ return -EKEYREJECTED; ++ } ++ ++ chkaddr(ctx->header_size, ddir->certs.virtual_address, ddir->certs.size); ++ ctx->sig_offset = ddir->certs.virtual_address; ++ ctx->sig_len = ddir->certs.size; ++ pr_devel("cert = %x @%x [%*ph]\n", ++ ctx->sig_len, ctx->sig_offset, ++ ctx->sig_len, prep->data + ctx->sig_offset); ++ ++ /* Parse the section table, checking the parameters and looking for the ++ * section containing the list of keys. ++ */ ++ ctx->n_sections = pe->sections; ++ if (ctx->n_sections > (ctx->header_size - cursor) / sizeof(*sec)) ++ return -ELIBBAD; ++ ctx->secs = secs = prep->data + cursor; ++ cursor += sizeof(*sec) * ctx->n_sections; ++ ++ for (loop = 0; loop < ctx->n_sections; loop++) { ++ sec = &secs[loop]; ++ chkaddr(cursor, sec->data_addr, sec->raw_data_size); ++ if (memcmp(sec->name, ".keylist", 8) == 0) { ++ ctx->keylist_offset = sec->data_addr; ++ ctx->keylist_len = sec->raw_data_size; ++ } ++ } ++ ++ if (ctx->keylist_offset == 0) { ++ pr_devel("No .keylist section in PE binary\n"); ++ return -ENOENT; ++ } ++ ++ pr_devel("keylist = %x @%x [%*ph]\n", ++ ctx->keylist_len, ctx->keylist_offset, ++ ctx->keylist_len, prep->data + ctx->keylist_offset); ++ ++ return 0; ++} ++ ++/* ++ * Parse a PE binary. ++ */ ++static int pefile_key_preparse(struct key_preparsed_payload *prep) ++{ ++ struct pefile_context ctx; ++ int ret; ++ ++ kenter(""); ++ ++ memset(&ctx, 0, sizeof(ctx)); ++ ret = pefile_parse_binary(prep, &ctx); ++ if (ret < 0) ++ return ret; ++ ++ return -ENOANO; // Not yet complete ++} ++ ++static struct asymmetric_key_parser pefile_key_parser = { ++ .owner = THIS_MODULE, ++ .name = "pefile", ++ .parse = pefile_key_preparse, ++}; ++ ++/* ++ * Module stuff ++ */ ++static int __init pefile_key_init(void) ++{ ++ return register_asymmetric_key_parser(&pefile_key_parser); ++} ++ ++static void __exit pefile_key_exit(void) ++{ ++ unregister_asymmetric_key_parser(&pefile_key_parser); ++} ++ ++module_init(pefile_key_init); ++module_exit(pefile_key_exit); +diff --git a/crypto/asymmetric_keys/pefile_parser.h b/crypto/asymmetric_keys/pefile_parser.h +new file mode 100644 +index 0000000..82bcaf6 +--- /dev/null ++++ b/crypto/asymmetric_keys/pefile_parser.h +@@ -0,0 +1,31 @@ ++/* PE Binary parser bits ++ * ++ * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. ++ * Written by David Howells (dhowells@redhat.com) ++ * ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU General Public Licence ++ * as published by the Free Software Foundation; either version ++ * 2 of the Licence, or (at your option) any later version. ++ */ ++#include "pkcs7_parser.h" ++ ++struct pefile_context { ++ unsigned header_size; ++ unsigned image_checksum_offset; ++ unsigned cert_dirent_offset; ++ unsigned n_data_dirents; ++ unsigned n_sections; ++ unsigned certs_size; ++ unsigned sig_offset; ++ unsigned sig_len; ++ unsigned keylist_offset; ++ unsigned keylist_len; ++ const struct section_header *secs; ++ struct pkcs7_message *pkcs7; ++ ++ /* PKCS#7 MS Individual Code Signing content */ ++ const void *digest; /* Digest */ ++ unsigned digest_len; /* Digest length */ ++ enum pkey_hash_algo digest_algo; /* Digest algorithm */ ++}; +-- +1.8.1.4 + + +From 3794d7963e17fc0b0c2f62164306b9a45cb2254e Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Tue, 15 Jan 2013 15:33:40 +0000 +Subject: [PATCH 22/47] pefile: Strip the wrapper off of the cert data block + +The certificate data block in a PE binary has a wrapper around the PKCS#7 +signature we actually want to get at. Strip this off and check that we've got +something that appears to be a PKCS#7 signature. + +Signed-off-by: David Howells +Reviewed-by: Kees Cook +--- + crypto/asymmetric_keys/pefile_parser.c | 60 ++++++++++++++++++++++++++++++++++ + 1 file changed, 60 insertions(+) + +diff --git a/crypto/asymmetric_keys/pefile_parser.c b/crypto/asymmetric_keys/pefile_parser.c +index fb80cf0..f2d4df0 100644 +--- a/crypto/asymmetric_keys/pefile_parser.c ++++ b/crypto/asymmetric_keys/pefile_parser.c +@@ -15,6 +15,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -145,6 +146,61 @@ static int pefile_parse_binary(struct key_preparsed_payload *prep, + } + + /* ++ * Check and strip the PE wrapper from around the signature and check that the ++ * remnant looks something like PKCS#7. ++ */ ++static int pefile_strip_sig_wrapper(struct key_preparsed_payload *prep, ++ struct pefile_context *ctx) ++{ ++ struct win_certificate wrapper; ++ const u8 *pkcs7; ++ ++ if (ctx->sig_len < sizeof(wrapper)) { ++ pr_devel("Signature wrapper too short\n"); ++ return -ELIBBAD; ++ } ++ ++ memcpy(&wrapper, prep->data + ctx->sig_offset, sizeof(wrapper)); ++ pr_devel("sig wrapper = { %x, %x, %x }\n", ++ wrapper.length, wrapper.revision, wrapper.cert_type); ++ if (wrapper.length != ctx->sig_len) { ++ pr_devel("Signature wrapper len wrong\n"); ++ return -ELIBBAD; ++ } ++ if (wrapper.revision != WIN_CERT_REVISION_2_0) { ++ pr_devel("Signature is not revision 2.0\n"); ++ return -ENOTSUPP; ++ } ++ if (wrapper.cert_type != WIN_CERT_TYPE_PKCS_SIGNED_DATA) { ++ pr_devel("Signature certificate type is not PKCS\n"); ++ return -ENOTSUPP; ++ } ++ ++ ctx->sig_offset += sizeof(wrapper); ++ ctx->sig_len -= sizeof(wrapper); ++ if (ctx->sig_len == 0) { ++ pr_devel("Signature data missing\n"); ++ return -EKEYREJECTED; ++ } ++ ++ /* What's left should a PKCS#7 cert */ ++ pkcs7 = prep->data + ctx->sig_offset; ++ if (pkcs7[0] == (ASN1_CONS_BIT | ASN1_SEQ)) { ++ if (pkcs7[1] == 0x82 && ++ pkcs7[2] == (((ctx->sig_len - 4) >> 8) & 0xff) && ++ pkcs7[3] == ((ctx->sig_len - 4) & 0xff)) ++ return 0; ++ if (pkcs7[1] == 0x80) ++ return 0; ++ if (pkcs7[1] > 0x82) ++ return -EMSGSIZE; ++ } ++ ++ pr_devel("Signature data not PKCS#7\n"); ++ return -ELIBBAD; ++} ++ ++/* + * Parse a PE binary. + */ + static int pefile_key_preparse(struct key_preparsed_payload *prep) +@@ -159,6 +215,10 @@ static int pefile_key_preparse(struct key_preparsed_payload *prep) + if (ret < 0) + return ret; + ++ ret = pefile_strip_sig_wrapper(prep, &ctx); ++ if (ret < 0) ++ return ret; ++ + return -ENOANO; // Not yet complete + } + +-- +1.8.1.4 + + +From f23895761a15e08959140091dc17004e7e6e2035 Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Tue, 15 Jan 2013 15:33:40 +0000 +Subject: [PATCH 23/47] pefile: Parse the presumed PKCS#7 content of the + certificate blob + +Parse the content of the certificate blob, presuming it to be PKCS#7 format. + +Signed-off-by: David Howells +Reviewed-by: Kees Cook +--- + crypto/asymmetric_keys/pefile_parser.c | 18 +++++++++++++++++- + 1 file changed, 17 insertions(+), 1 deletion(-) + +diff --git a/crypto/asymmetric_keys/pefile_parser.c b/crypto/asymmetric_keys/pefile_parser.c +index f2d4df0..056500f 100644 +--- a/crypto/asymmetric_keys/pefile_parser.c ++++ b/crypto/asymmetric_keys/pefile_parser.c +@@ -205,6 +205,7 @@ static int pefile_strip_sig_wrapper(struct key_preparsed_payload *prep, + */ + static int pefile_key_preparse(struct key_preparsed_payload *prep) + { ++ struct pkcs7_message *pkcs7; + struct pefile_context ctx; + int ret; + +@@ -219,7 +220,22 @@ static int pefile_key_preparse(struct key_preparsed_payload *prep) + if (ret < 0) + return ret; + +- return -ENOANO; // Not yet complete ++ pkcs7 = pkcs7_parse_message(prep->data + ctx.sig_offset, ctx.sig_len); ++ if (IS_ERR(pkcs7)) ++ return PTR_ERR(pkcs7); ++ ctx.pkcs7 = pkcs7; ++ ++ if (!ctx.pkcs7->data || !ctx.pkcs7->data_len) { ++ pr_devel("PKCS#7 message does not contain data\n"); ++ ret = -EBADMSG; ++ goto error; ++ } ++ ++ ret = -ENOANO; // Not yet complete ++ ++error: ++ pkcs7_free_message(ctx.pkcs7); ++ return ret; + } + + static struct asymmetric_key_parser pefile_key_parser = { +-- +1.8.1.4 + + +From fcdb91196beb6235eed676c368a662cbdf92b804 Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Tue, 15 Jan 2013 15:33:41 +0000 +Subject: [PATCH 24/47] pefile: Parse the "Microsoft individual code signing" + data blob + +The PKCS#7 certificate should contain a "Microsoft individual code signing" +data blob as its signed content. This blob contains a digest of the signed +content of the PE binary and the OID of the digest algorithm used (typically +SHA256). + +Signed-off-by: David Howells +Reviewed-by: Kees Cook +--- + crypto/asymmetric_keys/Makefile | 9 ++- + crypto/asymmetric_keys/mscode.asn1 | 28 +++++++++ + crypto/asymmetric_keys/mscode_parser.c | 110 +++++++++++++++++++++++++++++++++ + crypto/asymmetric_keys/pefile_parser.c | 6 ++ + crypto/asymmetric_keys/pefile_parser.h | 5 ++ + include/linux/oid_registry.h | 6 +- + 6 files changed, 162 insertions(+), 2 deletions(-) + create mode 100644 crypto/asymmetric_keys/mscode.asn1 + create mode 100644 crypto/asymmetric_keys/mscode_parser.c + +diff --git a/crypto/asymmetric_keys/Makefile b/crypto/asymmetric_keys/Makefile +index 2675146..ddc64bb 100644 +--- a/crypto/asymmetric_keys/Makefile ++++ b/crypto/asymmetric_keys/Makefile +@@ -47,4 +47,11 @@ clean-files += pkcs7-asn1.c pkcs7-asn1.h + obj-$(CONFIG_PE_FILE_PARSER) += pefile_key_parser.o + + pefile_key_parser-y := \ +- pefile_parser.o ++ pefile_parser.o \ ++ mscode_parser.o \ ++ mscode-asn1.o ++ ++$(obj)/mscode_parser.o: $(obj)/mscode-asn1.h $(obj)/mscode-asn1.h ++$(obj)/mscode-asn1.o: $(obj)/mscode-asn1.c $(obj)/mscode-asn1.h ++ ++clean-files += mscode-asn1.c mscode-asn1.h +diff --git a/crypto/asymmetric_keys/mscode.asn1 b/crypto/asymmetric_keys/mscode.asn1 +new file mode 100644 +index 0000000..6d09ba4 +--- /dev/null ++++ b/crypto/asymmetric_keys/mscode.asn1 +@@ -0,0 +1,28 @@ ++--- Microsoft individual code signing data blob parser ++--- ++--- Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. ++--- Written by David Howells (dhowells@redhat.com) ++--- ++--- This program is free software; you can redistribute it and/or ++--- modify it under the terms of the GNU General Public Licence ++--- as published by the Free Software Foundation; either version ++--- 2 of the Licence, or (at your option) any later version. ++--- ++ ++MSCode ::= SEQUENCE { ++ type SEQUENCE { ++ contentType ContentType, ++ parameters ANY ++ }, ++ content SEQUENCE { ++ digestAlgorithm DigestAlgorithmIdentifier, ++ digest OCTET STRING ({ mscode_note_digest }) ++ } ++} ++ ++ContentType ::= OBJECT IDENTIFIER ({ mscode_note_content_type }) ++ ++DigestAlgorithmIdentifier ::= SEQUENCE { ++ algorithm OBJECT IDENTIFIER ({ mscode_note_digest_algo }), ++ parameters ANY OPTIONAL ++} +diff --git a/crypto/asymmetric_keys/mscode_parser.c b/crypto/asymmetric_keys/mscode_parser.c +new file mode 100644 +index 0000000..0bd68e0 +--- /dev/null ++++ b/crypto/asymmetric_keys/mscode_parser.c +@@ -0,0 +1,110 @@ ++/* Parse a Microsoft Individual Code Signing blob ++ * ++ * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. ++ * Written by David Howells (dhowells@redhat.com) ++ * ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU General Public Licence ++ * as published by the Free Software Foundation; either version ++ * 2 of the Licence, or (at your option) any later version. ++ */ ++ ++#define pr_fmt(fmt) "MSCODE: "fmt ++#include ++#include ++#include ++#include ++#include "pefile_parser.h" ++#include "mscode-asn1.h" ++ ++/* ++ * Parse a Microsoft Individual Code Signing blob ++ */ ++int mscode_parse(struct pefile_context *ctx) ++{ ++ pr_devel("Data: %zu [%*ph]\n", ++ ctx->pkcs7->data_len + ctx->pkcs7->data_hdrlen, ++ (unsigned)(ctx->pkcs7->data_len + ctx->pkcs7->data_hdrlen), ++ ctx->pkcs7->data - ctx->pkcs7->data_hdrlen); ++ ++ return asn1_ber_decoder(&mscode_decoder, ctx, ++ ctx->pkcs7->data - ctx->pkcs7->data_hdrlen, ++ ctx->pkcs7->data_len + ctx->pkcs7->data_hdrlen); ++} ++ ++/* ++ * Check the content type OID ++ */ ++int mscode_note_content_type(void *context, size_t hdrlen, ++ unsigned char tag, ++ const void *value, size_t vlen) ++{ ++ enum OID oid; ++ ++ oid = look_up_OID(value, vlen); ++ if (oid == OID__NR) { ++ char buffer[50]; ++ sprint_oid(value, vlen, buffer, sizeof(buffer)); ++ printk("MSCODE: Unknown OID: %s\n", buffer); ++ return -EBADMSG; ++ } ++ ++ if (oid != OID_msIndividualSPKeyPurpose) { ++ printk("MSCODE: Unexpected content type OID %u\n", oid); ++ return -EBADMSG; ++ } ++ ++ return 0; ++} ++ ++/* ++ * Note the digest algorithm OID ++ */ ++int mscode_note_digest_algo(void *context, size_t hdrlen, ++ unsigned char tag, ++ const void *value, size_t vlen) ++{ ++ struct pefile_context *ctx = context; ++ char buffer[50]; ++ enum OID oid; ++ ++ oid = look_up_OID(value, vlen); ++ switch (oid) { ++ case OID_md4: ++ ctx->digest_algo = PKEY_HASH_MD4; ++ break; ++ case OID_md5: ++ ctx->digest_algo = PKEY_HASH_MD5; ++ break; ++ case OID_sha1: ++ ctx->digest_algo = PKEY_HASH_SHA1; ++ break; ++ case OID_sha256: ++ ctx->digest_algo = PKEY_HASH_SHA256; ++ break; ++ ++ case OID__NR: ++ sprint_oid(value, vlen, buffer, sizeof(buffer)); ++ printk("MSCODE: Unknown OID: %s\n", buffer); ++ return -EBADMSG; ++ ++ default: ++ printk("MSCODE: Unsupported content type: %u\n", oid); ++ return -ENOPKG; ++ } ++ ++ return 0; ++} ++ ++/* ++ * Note the digest we're guaranteeing with this certificate ++ */ ++int mscode_note_digest(void *context, size_t hdrlen, ++ unsigned char tag, ++ const void *value, size_t vlen) ++{ ++ struct pefile_context *ctx = context; ++ ctx->digest = value; ++ ctx->digest_len = vlen; ++ return 0; ++} +diff --git a/crypto/asymmetric_keys/pefile_parser.c b/crypto/asymmetric_keys/pefile_parser.c +index 056500f..f1c8cc1 100644 +--- a/crypto/asymmetric_keys/pefile_parser.c ++++ b/crypto/asymmetric_keys/pefile_parser.c +@@ -231,6 +231,12 @@ static int pefile_key_preparse(struct key_preparsed_payload *prep) + goto error; + } + ++ ret = mscode_parse(&ctx); ++ if (ret < 0) ++ goto error; ++ ++ pr_devel("Digest: %u [%*ph]\n", ctx.digest_len, ctx.digest_len, ctx.digest); ++ + ret = -ENOANO; // Not yet complete + + error: +diff --git a/crypto/asymmetric_keys/pefile_parser.h b/crypto/asymmetric_keys/pefile_parser.h +index 82bcaf6..c3462b7 100644 +--- a/crypto/asymmetric_keys/pefile_parser.h ++++ b/crypto/asymmetric_keys/pefile_parser.h +@@ -29,3 +29,8 @@ struct pefile_context { + unsigned digest_len; /* Digest length */ + enum pkey_hash_algo digest_algo; /* Digest algorithm */ + }; ++ ++/* ++ * mscode_parser.c ++ */ ++extern int mscode_parse(struct pefile_context *ctx); +diff --git a/include/linux/oid_registry.h b/include/linux/oid_registry.h +index edeff85..332dcf5 100644 +--- a/include/linux/oid_registry.h ++++ b/include/linux/oid_registry.h +@@ -52,8 +52,12 @@ enum OID { + OID_md4, /* 1.2.840.113549.2.4 */ + OID_md5, /* 1.2.840.113549.2.5 */ + +- OID_certAuthInfoAccess, /* 1.3.6.1.5.5.7.1.1 */ ++ /* Microsoft Authenticode & Software Publishing */ ++ OID_msIndirectData, /* 1.3.6.1.4.1.311.2.1.4 */ ++ OID_msIndividualSPKeyPurpose, /* 1.3.6.1.4.1.311.2.1.21 */ + OID_msOutlookExpress, /* 1.3.6.1.4.1.311.16.4 */ ++ ++ OID_certAuthInfoAccess, /* 1.3.6.1.5.5.7.1.1 */ + OID_sha1, /* 1.3.14.3.2.26 */ + OID_sha256, /* 2.16.840.1.101.3.4.2.1 */ + +-- +1.8.1.4 + + +From 63204898d9491f8ba1b90dea8660e8ff778db993 Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Tue, 15 Jan 2013 15:33:41 +0000 +Subject: [PATCH 25/47] pefile: Digest the PE binary and compare to the PKCS#7 + data + +Digest the signed parts of the PE binary, canonicalising the section table +before we need it, and then compare the the resulting digest to the one in the +PKCS#7 signed content. + +Signed-off-by: David Howells +Reviewed-by: Kees Cook +--- + crypto/asymmetric_keys/pefile_parser.c | 198 +++++++++++++++++++++++++++++++++ + 1 file changed, 198 insertions(+) + +diff --git a/crypto/asymmetric_keys/pefile_parser.c b/crypto/asymmetric_keys/pefile_parser.c +index f1c8cc1..dfdb85e 100644 +--- a/crypto/asymmetric_keys/pefile_parser.c ++++ b/crypto/asymmetric_keys/pefile_parser.c +@@ -201,6 +201,193 @@ static int pefile_strip_sig_wrapper(struct key_preparsed_payload *prep, + } + + /* ++ * Compare two sections for canonicalisation. ++ */ ++static int pefile_compare_shdrs(const void *a, const void *b) ++{ ++ const struct section_header *shdra = a; ++ const struct section_header *shdrb = b; ++ int rc; ++ ++ if (shdra->data_addr > shdrb->data_addr) ++ return 1; ++ if (shdrb->data_addr > shdra->data_addr) ++ return -1; ++ ++ if (shdra->virtual_address > shdrb->virtual_address) ++ return 1; ++ if (shdrb->virtual_address > shdra->virtual_address) ++ return -1; ++ ++ rc = strcmp(shdra->name, shdrb->name); ++ if (rc != 0) ++ return rc; ++ ++ if (shdra->virtual_size > shdrb->virtual_size) ++ return 1; ++ if (shdrb->virtual_size > shdra->virtual_size) ++ return -1; ++ ++ if (shdra->raw_data_size > shdrb->raw_data_size) ++ return 1; ++ if (shdrb->raw_data_size > shdra->raw_data_size) ++ return -1; ++ ++ return 0; ++} ++ ++/* ++ * Load the contents of the PE binary into the digest, leaving out the image ++ * checksum and the certificate data block. ++ */ ++static int pefile_digest_pe_contents(struct key_preparsed_payload *prep, ++ struct pefile_context *ctx, ++ struct shash_desc *desc) ++{ ++ unsigned *canon, tmp, loop, i, hashed_bytes; ++ int ret; ++ ++ /* Digest the header and data directory, but leave out the image ++ * checksum and the data dirent for the signature. ++ */ ++ ret = crypto_shash_update(desc, prep->data, ctx->image_checksum_offset); ++ if (ret < 0) ++ return ret; ++ ++ tmp = ctx->image_checksum_offset + sizeof(uint32_t); ++ ret = crypto_shash_update(desc, prep->data + tmp, ++ ctx->cert_dirent_offset - tmp); ++ if (ret < 0) ++ return ret; ++ ++ tmp = ctx->cert_dirent_offset + sizeof(struct data_dirent); ++ ret = crypto_shash_update(desc, prep->data + tmp, ++ ctx->header_size - tmp); ++ if (ret < 0) ++ return ret; ++ ++ canon = kcalloc(ctx->n_sections, sizeof(unsigned), GFP_KERNEL); ++ if (!canon) ++ return -ENOMEM; ++ ++ /* We have to canonicalise the section table, so we perform an ++ * insertion sort. ++ */ ++ canon[0] = 0; ++ for (loop = 1; loop < ctx->n_sections; loop++) { ++ for (i = 0; i < loop; i++) { ++ if (pefile_compare_shdrs(&ctx->secs[canon[i]], ++ &ctx->secs[loop]) > 0) { ++ memmove(&canon[i + 1], &canon[i], ++ (loop - i) * sizeof(canon[0])); ++ break; ++ } ++ } ++ canon[i] = loop; ++ } ++ ++ hashed_bytes = ctx->header_size; ++ for (loop = 0; loop < ctx->n_sections; loop++) { ++ i = canon[loop]; ++ if (ctx->secs[i].raw_data_size == 0) ++ continue; ++ ret = crypto_shash_update(desc, ++ prep->data + ctx->secs[i].data_addr, ++ ctx->secs[i].raw_data_size); ++ if (ret < 0) { ++ kfree(canon); ++ return ret; ++ } ++ hashed_bytes += ctx->secs[i].raw_data_size; ++ } ++ kfree(canon); ++ ++ if (prep->datalen > hashed_bytes) { ++ tmp = hashed_bytes + ctx->certs_size; ++ ret = crypto_shash_update(desc, ++ prep->data + hashed_bytes, ++ prep->datalen - tmp); ++ if (ret < 0) ++ return ret; ++ } ++ ++ return 0; ++} ++ ++/* ++ * Digest the contents of the PE binary, leaving out the image checksum and the ++ * certificate data block. ++ */ ++static int pefile_digest_pe(struct key_preparsed_payload *prep, ++ struct pefile_context *ctx) ++{ ++ struct crypto_shash *tfm; ++ struct shash_desc *desc; ++ size_t digest_size, desc_size; ++ void *digest; ++ int ret; ++ ++ kenter(",%u", ctx->digest_algo); ++ ++ /* Allocate the hashing algorithm we're going to need and find out how ++ * big the hash operational data will be. ++ */ ++ tfm = crypto_alloc_shash(pkey_hash_algo_name[ctx->digest_algo], 0, 0); ++ if (IS_ERR(tfm)) ++ return (PTR_ERR(tfm) == -ENOENT) ? -ENOPKG : PTR_ERR(tfm); ++ ++ desc_size = crypto_shash_descsize(tfm) + sizeof(*desc); ++ digest_size = crypto_shash_digestsize(tfm); ++ ++ if (digest_size != ctx->digest_len) { ++ pr_debug("Digest size mismatch (%zx != %x)\n", ++ digest_size, ctx->digest_len); ++ ret = -EBADMSG; ++ goto error_no_desc; ++ } ++ pr_devel("Digest: desc=%zu size=%zu\n", desc_size, digest_size); ++ ++ ret = -ENOMEM; ++ desc = kzalloc(desc_size + digest_size, GFP_KERNEL); ++ if (!desc) ++ goto error_no_desc; ++ ++ desc->tfm = tfm; ++ desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP; ++ ret = crypto_shash_init(desc); ++ if (ret < 0) ++ goto error; ++ ++ ret = pefile_digest_pe_contents(prep, ctx, desc); ++ if (ret < 0) ++ goto error; ++ ++ digest = (void *)desc + desc_size; ++ ret = crypto_shash_final(desc, digest); ++ if (ret < 0) ++ goto error; ++ ++ pr_devel("Digest calc = [%*ph]\n", ctx->digest_len, digest); ++ ++ /* Check that the PE file digest matches that in the MSCODE part of the ++ * PKCS#7 certificate. ++ */ ++ if (memcmp(digest, ctx->digest, ctx->digest_len) != 0) { ++ pr_debug("Digest mismatch\n"); ++ ret = -EKEYREJECTED; ++ } else { ++ pr_debug("The digests match!\n"); ++ } ++ ++error: ++ kfree(desc); ++error_no_desc: ++ crypto_free_shash(tfm); ++ kleave(" = %d", ret); ++ return ret; ++} ++ ++/* + * Parse a PE binary. + */ + static int pefile_key_preparse(struct key_preparsed_payload *prep) +@@ -237,6 +424,17 @@ static int pefile_key_preparse(struct key_preparsed_payload *prep) + + pr_devel("Digest: %u [%*ph]\n", ctx.digest_len, ctx.digest_len, ctx.digest); + ++ /* Generate the digest and check against the PKCS7 certificate ++ * contents. ++ */ ++ ret = pefile_digest_pe(prep, &ctx); ++ if (ret < 0) ++ goto error; ++ ++ ret = pkcs7_verify(pkcs7); ++ if (ret < 0) ++ goto error; ++ + ret = -ENOANO; // Not yet complete + + error: +-- +1.8.1.4 + + +From 17ed825e5f3f595665abd3fc11a6c180e6762b87 Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Fri, 18 Jan 2013 13:58:35 +0000 +Subject: [PATCH 26/47] PEFILE: Validate PKCS#7 trust chain + +Validate the PKCS#7 trust chain against the contents of the system keyring. + +Signed-off-by: David Howells +--- + crypto/asymmetric_keys/Kconfig | 1 + + crypto/asymmetric_keys/pefile_parser.c | 5 +++++ + 2 files changed, 6 insertions(+) + +diff --git a/crypto/asymmetric_keys/Kconfig b/crypto/asymmetric_keys/Kconfig +index 2e7315c..2777916 100644 +--- a/crypto/asymmetric_keys/Kconfig ++++ b/crypto/asymmetric_keys/Kconfig +@@ -48,6 +48,7 @@ config PE_FILE_PARSER + tristate "PE binary-wrapped key parser" + depends on X509_CERTIFICATE_PARSER + depends on PKCS7_MESSAGE_PARSER ++ depends on SYSTEM_TRUSTED_KEYRING + help + This option provides support for parsing signed PE binaries that + contain an X.509 certificate in an internal section. +diff --git a/crypto/asymmetric_keys/pefile_parser.c b/crypto/asymmetric_keys/pefile_parser.c +index dfdb85e..edad948 100644 +--- a/crypto/asymmetric_keys/pefile_parser.c ++++ b/crypto/asymmetric_keys/pefile_parser.c +@@ -18,6 +18,7 @@ + #include + #include + #include ++#include + #include + #include "asymmetric_keys.h" + #include "public_key.h" +@@ -435,6 +436,10 @@ static int pefile_key_preparse(struct key_preparsed_payload *prep) + if (ret < 0) + goto error; + ++ ret = pkcs7_validate_trust(pkcs7, system_trusted_keyring, &prep->trusted); ++ if (ret < 0) ++ goto error; ++ + ret = -ENOANO; // Not yet complete + + error: +-- +1.8.1.4 + + +From ce9ca4236f691264a94bcbe10beda9ec5a035baf Mon Sep 17 00:00:00 2001 +From: David Howells +Date: Tue, 15 Jan 2013 15:33:42 +0000 +Subject: [PATCH 27/47] PEFILE: Load the contained key if we consider the + container to be validly signed + +Load the key contained in the PE binary if the signature on the container can +be verified by following the chain of X.509 certificates in the PKCS#7 message +to a key that we already trust. Typically, the trusted key will be acquired +from a source outside of the kernel, such as the UEFI database. + +Signed-off-by: David Howells +Reviewed-by: Kees Cook +--- + crypto/asymmetric_keys/pefile_parser.c | 11 ++++++++++- + crypto/asymmetric_keys/x509_parser.h | 3 +++ + crypto/asymmetric_keys/x509_public_key.c | 3 ++- + 3 files changed, 15 insertions(+), 2 deletions(-) + +diff --git a/crypto/asymmetric_keys/pefile_parser.c b/crypto/asymmetric_keys/pefile_parser.c +index edad948..c3efe39 100644 +--- a/crypto/asymmetric_keys/pefile_parser.c ++++ b/crypto/asymmetric_keys/pefile_parser.c +@@ -395,6 +395,8 @@ static int pefile_key_preparse(struct key_preparsed_payload *prep) + { + struct pkcs7_message *pkcs7; + struct pefile_context ctx; ++ const void *saved_data; ++ size_t saved_datalen; + int ret; + + kenter(""); +@@ -440,7 +442,14 @@ static int pefile_key_preparse(struct key_preparsed_payload *prep) + if (ret < 0) + goto error; + +- ret = -ENOANO; // Not yet complete ++ /* We can now try to load the key */ ++ saved_data = prep->data; ++ saved_datalen = prep->datalen; ++ prep->data += ctx.keylist_offset; ++ prep->datalen = ctx.keylist_len; ++ ret = x509_key_preparse(prep); ++ prep->data = saved_data; ++ prep->datalen = saved_datalen; + + error: + pkcs7_free_message(ctx.pkcs7); +diff --git a/crypto/asymmetric_keys/x509_parser.h b/crypto/asymmetric_keys/x509_parser.h +index 5e35fba..65452c4 100644 +--- a/crypto/asymmetric_keys/x509_parser.h ++++ b/crypto/asymmetric_keys/x509_parser.h +@@ -12,6 +12,8 @@ + #include + #include + ++struct key_preparsed_payload; ++ + struct x509_certificate { + struct x509_certificate *next; + const struct x509_certificate *signer; /* Certificate that signed this one */ +@@ -47,3 +49,4 @@ extern struct x509_certificate *x509_cert_parse(const void *data, size_t datalen + extern int x509_get_sig_params(struct x509_certificate *cert); + extern int x509_check_signature(const struct public_key *pub, + struct x509_certificate *cert); ++extern int x509_key_preparse(struct key_preparsed_payload *prep); +diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c +index 0f55e3b..c3e5a6d 100644 +--- a/crypto/asymmetric_keys/x509_public_key.c ++++ b/crypto/asymmetric_keys/x509_public_key.c +@@ -105,7 +105,7 @@ EXPORT_SYMBOL_GPL(x509_check_signature); + /* + * Attempt to parse a data blob for a key as an X509 certificate. + */ +-static int x509_key_preparse(struct key_preparsed_payload *prep) ++int x509_key_preparse(struct key_preparsed_payload *prep) + { + struct x509_certificate *cert; + struct tm now; +@@ -229,6 +229,7 @@ error_free_cert: + x509_free_certificate(cert); + return ret; + } ++EXPORT_SYMBOL_GPL(x509_key_preparse); + + static struct asymmetric_key_parser x509_key_parser = { + .owner = THIS_MODULE, +-- +1.8.1.4 + + +From 395cc1b55a0645ced39f92b31ba3bcc141e59383 Mon Sep 17 00:00:00 2001 +From: Chun-Yi Lee +Date: Thu, 21 Feb 2013 19:23:49 +0800 +Subject: [PATCH 28/47] MODSIGN: Fix including certificate twice when the + signing_key.x509 already exists + +This issue was found in devel-pekey branch on linux-modsign.git tree. The +x509_certificate_list includes certificate twice when the signing_key.x509 +already exists. +We can reproduce this issue by making kernel twice, the build log of +second time looks like this: + +... + CHK kernel/config_data.h + CERTS kernel/x509_certificate_list + - Including cert /ramdisk/working/joey/linux-modsign/signing_key.x509 + - Including cert signing_key.x509 +... + +Actually the build path was the same with the srctree path when building +kernel. It causes the size of bzImage increased by packaging certificates +twice. + +Cc: Rusty Russell +Cc: Josh Boyer +Cc: Randy Dunlap +Cc: Herbert Xu +Cc: "David S. Miller" +Cc: Michal Marek +Signed-off-by: Chun-Yi Lee +Signed-off-by: David Howells +--- + kernel/Makefile | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/kernel/Makefile b/kernel/Makefile +index ecff938..52f3426 100644 +--- a/kernel/Makefile ++++ b/kernel/Makefile +@@ -149,7 +149,10 @@ $(obj)/timeconst.h: $(obj)/hz.bc $(src)/timeconst.bc FORCE + # + ############################################################################### + ifeq ($(CONFIG_SYSTEM_TRUSTED_KEYRING),y) +-X509_CERTIFICATES-y := $(wildcard *.x509) $(wildcard $(srctree)/*.x509) ++X509_CERTIFICATES-y := $(wildcard *.x509) ++ifneq ($(shell pwd), $(srctree)) ++X509_CERTIFICATES-y += $(wildcard $(srctree)/*.x509) ++endif + X509_CERTIFICATES-$(CONFIG_MODULE_SIG) += signing_key.x509 + X509_CERTIFICATES := $(sort $(X509_CERTIFICATES-y)) + +-- +1.8.1.4 + + +From 0ef575739cff3fda47dd2a9415f066ab44dcc922 Mon Sep 17 00:00:00 2001 +From: Matthew Garrett +Date: Thu, 20 Sep 2012 10:40:56 -0400 +Subject: [PATCH 29/47] Secure boot: Add new capability + +Secure boot adds certain policy requirements, including that root must not +be able to do anything that could cause the kernel to execute arbitrary code. +The simplest way to handle this would seem to be to add a new capability +and gate various functionality on that. We'll then strip it from the initial +capability set if required. + +Signed-off-by: Matthew Garrett +--- + include/uapi/linux/capability.h | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/include/uapi/linux/capability.h b/include/uapi/linux/capability.h +index ba478fa..7109e65 100644 +--- a/include/uapi/linux/capability.h ++++ b/include/uapi/linux/capability.h +@@ -343,7 +343,11 @@ struct vfs_cap_data { + + #define CAP_BLOCK_SUSPEND 36 + +-#define CAP_LAST_CAP CAP_BLOCK_SUSPEND ++/* Allow things that trivially permit root to modify the running kernel */ ++ ++#define CAP_COMPROMISE_KERNEL 37 ++ ++#define CAP_LAST_CAP CAP_COMPROMISE_KERNEL + + #define cap_valid(x) ((x) >= 0 && (x) <= CAP_LAST_CAP) + +-- +1.8.1.4 + + +From 7312bed4fb9125d4880f11a64521b110079a3c0a Mon Sep 17 00:00:00 2001 +From: Josh Boyer +Date: Thu, 20 Sep 2012 10:41:05 -0400 +Subject: [PATCH 30/47] SELinux: define mapping for new Secure Boot capability + +Add the name of the new Secure Boot capability. This allows SELinux +policies to properly map CAP_COMPROMISE_KERNEL to the appropriate +capability class. + +Signed-off-by: Josh Boyer +--- + security/selinux/include/classmap.h | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/security/selinux/include/classmap.h b/security/selinux/include/classmap.h +index 14d04e6..ed99a2d 100644 +--- a/security/selinux/include/classmap.h ++++ b/security/selinux/include/classmap.h +@@ -146,8 +146,8 @@ struct security_class_mapping secclass_map[] = { + { "memprotect", { "mmap_zero", NULL } }, + { "peer", { "recv", NULL } }, + { "capability2", +- { "mac_override", "mac_admin", "syslog", "wake_alarm", "block_suspend", +- NULL } }, ++ { "mac_override", "mac_admin", "syslog", "wake_alarm", ++ "block_suspend", "compromise_kernel", NULL } }, + { "kernel_service", { "use_as_override", "create_files_as", NULL } }, + { "tun_socket", + { COMMON_SOCK_PERMS, "attach_queue", NULL } }, +-- +1.8.1.4 + + +From e99e1273b0a50d874d2a53461e95f74460e1b812 Mon Sep 17 00:00:00 2001 +From: Josh Boyer +Date: Thu, 20 Sep 2012 10:41:02 -0400 +Subject: [PATCH 31/47] Secure boot: Add a dummy kernel parameter that will + switch on Secure Boot mode + +This forcibly drops CAP_COMPROMISE_KERNEL from both cap_permitted and cap_bset +in the init_cred struct, which everything else inherits from. This works on +any machine and can be used to develop even if the box doesn't have UEFI. + +Signed-off-by: Josh Boyer +--- + Documentation/kernel-parameters.txt | 7 +++++++ + kernel/cred.c | 17 +++++++++++++++++ + 2 files changed, 24 insertions(+) + +diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt +index 8c01a02..ee6c1ca 100644 +--- a/Documentation/kernel-parameters.txt ++++ b/Documentation/kernel-parameters.txt +@@ -2744,6 +2744,13 @@ bytes respectively. Such letter suffixes can also be entirely omitted. + Note: increases power consumption, thus should only be + enabled if running jitter sensitive (HPC/RT) workloads. + ++ secureboot_enable= ++ [KNL] Enables an emulated UEFI Secure Boot mode. This ++ locks down various aspects of the kernel guarded by the ++ CAP_COMPROMISE_KERNEL capability. This includes things ++ like /dev/mem, IO port access, and other areas. It can ++ be used on non-UEFI machines for testing purposes. ++ + security= [SECURITY] Choose a security module to enable at boot. + If this boot parameter is not specified, only the first + security module asking for security registration will be +diff --git a/kernel/cred.c b/kernel/cred.c +index e0573a4..c3f4e3e 100644 +--- a/kernel/cred.c ++++ b/kernel/cred.c +@@ -565,6 +565,23 @@ void __init cred_init(void) + 0, SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL); + } + ++void __init secureboot_enable() ++{ ++ pr_info("Secure boot enabled\n"); ++ cap_lower((&init_cred)->cap_bset, CAP_COMPROMISE_KERNEL); ++ cap_lower((&init_cred)->cap_permitted, CAP_COMPROMISE_KERNEL); ++} ++ ++/* Dummy Secure Boot enable option to fake out UEFI SB=1 */ ++static int __init secureboot_enable_opt(char *str) ++{ ++ int sb_enable = !!simple_strtol(str, NULL, 0); ++ if (sb_enable) ++ secureboot_enable(); ++ return 1; ++} ++__setup("secureboot_enable=", secureboot_enable_opt); ++ + /** + * prepare_kernel_cred - Prepare a set of credentials for a kernel service + * @daemon: A userspace daemon to be used as a reference +-- +1.8.1.4 + + +From eeac2b5391d834eefebfae49a100244fdccc82e5 Mon Sep 17 00:00:00 2001 +From: Matthew Garrett +Date: Thu, 20 Sep 2012 10:41:03 -0400 +Subject: [PATCH 32/47] efi: Enable secure boot lockdown automatically when + enabled in firmware + +The firmware has a set of flags that indicate whether secure boot is enabled +and enforcing. Use them to indicate whether the kernel should lock itself +down. We also indicate the machine is in secure boot mode by adding the +EFI_SECURE_BOOT bit for use with efi_enabled. + +Signed-off-by: Matthew Garrett +Signed-off-by: Josh Boyer +--- + Documentation/x86/zero-page.txt | 2 ++ + arch/x86/boot/compressed/eboot.c | 32 ++++++++++++++++++++++++++++++++ + arch/x86/include/asm/bootparam_utils.h | 8 ++++++-- + arch/x86/include/uapi/asm/bootparam.h | 3 ++- + arch/x86/kernel/setup.c | 7 +++++++ + include/linux/cred.h | 2 ++ + include/linux/efi.h | 1 + + 7 files changed, 52 insertions(+), 3 deletions(-) + +diff --git a/Documentation/x86/zero-page.txt b/Documentation/x86/zero-page.txt +index 199f453..ff651d3 100644 +--- a/Documentation/x86/zero-page.txt ++++ b/Documentation/x86/zero-page.txt +@@ -30,6 +30,8 @@ Offset Proto Name Meaning + 1E9/001 ALL eddbuf_entries Number of entries in eddbuf (below) + 1EA/001 ALL edd_mbr_sig_buf_entries Number of entries in edd_mbr_sig_buffer + (below) ++1EB/001 ALL kbd_status Numlock is enabled ++1EC/001 ALL secure_boot Kernel should enable secure boot lockdowns + 1EF/001 ALL sentinel Used to detect broken bootloaders + 290/040 ALL edd_mbr_sig_buffer EDD MBR signatures + 2D0/A00 ALL e820_map E820 memory map table +diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c +index 35ee62f..0998ec7 100644 +--- a/arch/x86/boot/compressed/eboot.c ++++ b/arch/x86/boot/compressed/eboot.c +@@ -906,6 +906,36 @@ fail: + return status; + } + ++static int get_secure_boot(efi_system_table_t *_table) ++{ ++ u8 sb, setup; ++ unsigned long datasize = sizeof(sb); ++ efi_guid_t var_guid = EFI_GLOBAL_VARIABLE_GUID; ++ efi_status_t status; ++ ++ status = efi_call_phys5(sys_table->runtime->get_variable, ++ L"SecureBoot", &var_guid, NULL, &datasize, &sb); ++ ++ if (status != EFI_SUCCESS) ++ return 0; ++ ++ if (sb == 0) ++ return 0; ++ ++ ++ status = efi_call_phys5(sys_table->runtime->get_variable, ++ L"SetupMode", &var_guid, NULL, &datasize, ++ &setup); ++ ++ if (status != EFI_SUCCESS) ++ return 0; ++ ++ if (setup == 1) ++ return 0; ++ ++ return 1; ++} ++ + /* + * Because the x86 boot code expects to be passed a boot_params we + * need to create one ourselves (usually the bootloader would create +@@ -1200,6 +1230,8 @@ struct boot_params *efi_main(void *handle, efi_system_table_t *_table, + if (sys_table->hdr.signature != EFI_SYSTEM_TABLE_SIGNATURE) + goto fail; + ++ boot_params->secure_boot = get_secure_boot(sys_table); ++ + setup_graphics(boot_params); + + setup_efi_vars(boot_params); +diff --git a/arch/x86/include/asm/bootparam_utils.h b/arch/x86/include/asm/bootparam_utils.h +index 653668d..69a6c08 100644 +--- a/arch/x86/include/asm/bootparam_utils.h ++++ b/arch/x86/include/asm/bootparam_utils.h +@@ -38,9 +38,13 @@ static void sanitize_boot_params(struct boot_params *boot_params) + memset(&boot_params->ext_ramdisk_image, 0, + (char *)&boot_params->efi_info - + (char *)&boot_params->ext_ramdisk_image); +- memset(&boot_params->kbd_status, 0, ++ memset(&boot_params->kbd_status, 0, sizeof(boot_params->kbd_status)); ++ /* don't clear boot_params->secure_boot. we set that ourselves ++ * earlier. ++ */ ++ memset(&boot_params->_pad5[0], 0, + (char *)&boot_params->hdr - +- (char *)&boot_params->kbd_status); ++ (char *)&boot_params->_pad5[0]); + memset(&boot_params->_pad7[0], 0, + (char *)&boot_params->edd_mbr_sig_buffer[0] - + (char *)&boot_params->_pad7[0]); +diff --git a/arch/x86/include/uapi/asm/bootparam.h b/arch/x86/include/uapi/asm/bootparam.h +index 0874424..56b7d39 100644 +--- a/arch/x86/include/uapi/asm/bootparam.h ++++ b/arch/x86/include/uapi/asm/bootparam.h +@@ -132,7 +132,8 @@ struct boot_params { + __u8 eddbuf_entries; /* 0x1e9 */ + __u8 edd_mbr_sig_buf_entries; /* 0x1ea */ + __u8 kbd_status; /* 0x1eb */ +- __u8 _pad5[3]; /* 0x1ec */ ++ __u8 secure_boot; /* 0x1ec */ ++ __u8 _pad5[2]; /* 0x1ed */ + /* + * The sentinel is set to a nonzero value (0xff) in header.S. + * +diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c +index 56f7fcf..3af6cf8 100644 +--- a/arch/x86/kernel/setup.c ++++ b/arch/x86/kernel/setup.c +@@ -1131,6 +1131,13 @@ void __init setup_arch(char **cmdline_p) + + io_delay_init(); + ++ if (boot_params.secure_boot) { ++#ifdef CONFIG_EFI ++ set_bit(EFI_SECURE_BOOT, &x86_efi_facility); ++#endif ++ secureboot_enable(); ++ } ++ + /* + * Parse the ACPI tables for possible boot-time SMP configuration. + */ +diff --git a/include/linux/cred.h b/include/linux/cred.h +index 04421e8..9e69542 100644 +--- a/include/linux/cred.h ++++ b/include/linux/cred.h +@@ -156,6 +156,8 @@ extern int set_security_override_from_ctx(struct cred *, const char *); + extern int set_create_files_as(struct cred *, struct inode *); + extern void __init cred_init(void); + ++extern void secureboot_enable(void); ++ + /* + * check for validity of credentials + */ +diff --git a/include/linux/efi.h b/include/linux/efi.h +index 2bc0ad7..10b167a 100644 +--- a/include/linux/efi.h ++++ b/include/linux/efi.h +@@ -634,6 +634,7 @@ extern int __init efi_setup_pcdp_console(char *); + #define EFI_RUNTIME_SERVICES 3 /* Can we use runtime services? */ + #define EFI_MEMMAP 4 /* Can we use EFI memory map? */ + #define EFI_64BIT 5 /* Is the firmware 64-bit? */ ++#define EFI_SECURE_BOOT 6 /* Are we in Secure Boot mode? */ + + #ifdef CONFIG_EFI + # ifdef CONFIG_X86 +-- +1.8.1.4 + + +From a1ac3b80b7a85d4fce665047b9701713fcfc1ea0 Mon Sep 17 00:00:00 2001 +From: Dave Howells +Date: Tue, 23 Oct 2012 09:30:54 -0400 +Subject: [PATCH 33/47] Add EFI signature data types + +Add the data types that are used for containing hashes, keys and certificates +for cryptographic verification. + +Signed-off-by: David Howells +--- + include/linux/efi.h | 20 ++++++++++++++++++++ + 1 file changed, 20 insertions(+) + +diff --git a/include/linux/efi.h b/include/linux/efi.h +index 10b167a..d3ef7c6 100644 +--- a/include/linux/efi.h ++++ b/include/linux/efi.h +@@ -389,6 +389,12 @@ typedef efi_status_t efi_query_variable_store_t(u32 attributes, unsigned long si + #define EFI_FILE_SYSTEM_GUID \ + EFI_GUID( 0x964e5b22, 0x6459, 0x11d2, 0x8e, 0x39, 0x00, 0xa0, 0xc9, 0x69, 0x72, 0x3b ) + ++#define EFI_CERT_SHA256_GUID \ ++ EFI_GUID( 0xc1c41626, 0x504c, 0x4092, 0xac, 0xa9, 0x41, 0xf9, 0x36, 0x93, 0x43, 0x28 ) ++ ++#define EFI_CERT_X509_GUID \ ++ EFI_GUID( 0xa5c059a1, 0x94e4, 0x4aa7, 0x87, 0xb5, 0xab, 0x15, 0x5c, 0x2b, 0xf0, 0x72 ) ++ + typedef struct { + efi_guid_t guid; + u64 table; +@@ -524,6 +530,20 @@ typedef struct { + + #define EFI_INVALID_TABLE_ADDR (~0UL) + ++typedef struct { ++ efi_guid_t signature_owner; ++ u8 signature_data[]; ++} efi_signature_data_t; ++ ++typedef struct { ++ efi_guid_t signature_type; ++ u32 signature_list_size; ++ u32 signature_header_size; ++ u32 signature_size; ++ u8 signature_header[]; ++ /* efi_signature_data_t signatures[][] */ ++} efi_signature_list_t; ++ + /* + * All runtime access to EFI goes through this structure: + */ +-- +1.8.1.4 + + +From fac308c18ba449322666325f37f6a08ad818cf9f Mon Sep 17 00:00:00 2001 +From: Dave Howells +Date: Tue, 23 Oct 2012 09:36:28 -0400 +Subject: [PATCH 34/47] Add an EFI signature blob parser and key loader. + +X.509 certificates are loaded into the specified keyring as asymmetric type +keys. + +Signed-off-by: David Howells +--- + crypto/asymmetric_keys/Kconfig | 8 +++ + crypto/asymmetric_keys/Makefile | 1 + + crypto/asymmetric_keys/efi_parser.c | 109 ++++++++++++++++++++++++++++++++++++ + include/linux/efi.h | 4 ++ + 4 files changed, 122 insertions(+) + create mode 100644 crypto/asymmetric_keys/efi_parser.c + +diff --git a/crypto/asymmetric_keys/Kconfig b/crypto/asymmetric_keys/Kconfig +index 2777916..429bbb7 100644 +--- a/crypto/asymmetric_keys/Kconfig ++++ b/crypto/asymmetric_keys/Kconfig +@@ -53,4 +53,12 @@ config PE_FILE_PARSER + This option provides support for parsing signed PE binaries that + contain an X.509 certificate in an internal section. + ++config EFI_SIGNATURE_LIST_PARSER ++ bool "EFI signature list parser" ++ depends on EFI ++ select X509_CERTIFICATE_PARSER ++ help ++ This option provides support for parsing EFI signature lists for ++ X.509 certificates and turning them into keys. ++ + endif # ASYMMETRIC_KEY_TYPE +diff --git a/crypto/asymmetric_keys/Makefile b/crypto/asymmetric_keys/Makefile +index ddc64bb..360b308 100644 +--- a/crypto/asymmetric_keys/Makefile ++++ b/crypto/asymmetric_keys/Makefile +@@ -8,6 +8,7 @@ asymmetric_keys-y := asymmetric_type.o signature.o + + obj-$(CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += public_key.o + obj-$(CONFIG_PUBLIC_KEY_ALGO_RSA) += rsa.o ++obj-$(CONFIG_EFI_SIGNATURE_LIST_PARSER) += efi_parser.o + + # + # X.509 Certificate handling +diff --git a/crypto/asymmetric_keys/efi_parser.c b/crypto/asymmetric_keys/efi_parser.c +new file mode 100644 +index 0000000..424896a +--- /dev/null ++++ b/crypto/asymmetric_keys/efi_parser.c +@@ -0,0 +1,109 @@ ++/* EFI signature/key/certificate list parser ++ * ++ * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. ++ * Written by David Howells (dhowells@redhat.com) ++ * ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU General Public Licence ++ * as published by the Free Software Foundation; either version ++ * 2 of the Licence, or (at your option) any later version. ++ */ ++ ++#define pr_fmt(fmt) "EFI: "fmt ++#include ++#include ++#include ++#include ++#include ++ ++static __initdata efi_guid_t efi_cert_x509_guid = EFI_CERT_X509_GUID; ++ ++/** ++ * parse_efi_signature_list - Parse an EFI signature list for certificates ++ * @data: The data blob to parse ++ * @size: The size of the data blob ++ * @keyring: The keyring to add extracted keys to ++ */ ++int __init parse_efi_signature_list(const void *data, size_t size, struct key *keyring) ++{ ++ unsigned offs = 0; ++ size_t lsize, esize, hsize, elsize; ++ ++ pr_devel("-->%s(,%zu)\n", __func__, size); ++ ++ while (size > 0) { ++ efi_signature_list_t list; ++ const efi_signature_data_t *elem; ++ key_ref_t key; ++ ++ if (size < sizeof(list)) ++ return -EBADMSG; ++ ++ memcpy(&list, data, sizeof(list)); ++ pr_devel("LIST[%04x] guid=%pUl ls=%x hs=%x ss=%x\n", ++ offs, ++ list.signature_type.b, list.signature_list_size, ++ list.signature_header_size, list.signature_size); ++ ++ lsize = list.signature_list_size; ++ hsize = list.signature_header_size; ++ esize = list.signature_size; ++ elsize = lsize - sizeof(list) - hsize; ++ ++ if (lsize > size) { ++ pr_devel("<--%s() = -EBADMSG [overrun @%x]\n", ++ __func__, offs); ++ return -EBADMSG; ++ } ++ if (lsize < sizeof(list) || ++ lsize - sizeof(list) < hsize || ++ esize < sizeof(*elem) || ++ elsize < esize || ++ elsize % esize != 0) { ++ pr_devel("- bad size combo @%x\n", offs); ++ return -EBADMSG; ++ } ++ ++ if (efi_guidcmp(list.signature_type, efi_cert_x509_guid) != 0) { ++ data += lsize; ++ size -= lsize; ++ offs += lsize; ++ continue; ++ } ++ ++ data += sizeof(list) + hsize; ++ size -= sizeof(list) + hsize; ++ offs += sizeof(list) + hsize; ++ ++ for (; elsize > 0; elsize -= esize) { ++ elem = data; ++ ++ pr_devel("ELEM[%04x]\n", offs); ++ ++ key = key_create_or_update( ++ make_key_ref(keyring, 1), ++ "asymmetric", ++ NULL, ++ &elem->signature_data, ++ esize - sizeof(*elem), ++ (KEY_POS_ALL & ~KEY_POS_SETATTR) | ++ KEY_USR_VIEW, ++ KEY_ALLOC_NOT_IN_QUOTA | ++ KEY_ALLOC_TRUSTED); ++ ++ if (IS_ERR(key)) ++ pr_err("Problem loading in-kernel X.509 certificate (%ld)\n", ++ PTR_ERR(key)); ++ else ++ pr_notice("Loaded cert '%s' linked to '%s'\n", ++ key_ref_to_ptr(key)->description, ++ keyring->description); ++ ++ data += esize; ++ size -= esize; ++ offs += esize; ++ } ++ } ++ ++ return 0; ++} +diff --git a/include/linux/efi.h b/include/linux/efi.h +index d3ef7c6..4f0fbb7 100644 +--- a/include/linux/efi.h ++++ b/include/linux/efi.h +@@ -619,6 +619,10 @@ extern int efi_set_rtc_mmss(unsigned long nowtime); + extern void efi_reserve_boot_services(void); + extern struct efi_memory_map memmap; + ++struct key; ++extern int __init parse_efi_signature_list(const void *data, size_t size, ++ struct key *keyring); ++ + /** + * efi_range_is_wc - check the WC bit on an address range + * @start: starting kvirt address +-- +1.8.1.4 + + +From 75560e565cb8a4e853a3b6f6c65ed70c1ba29039 Mon Sep 17 00:00:00 2001 +From: Josh Boyer +Date: Fri, 26 Oct 2012 12:36:24 -0400 +Subject: [PATCH 35/47] KEYS: Add a system blacklist keyring + +This adds an additional keyring that is used to store certificates that +are blacklisted. This keyring is searched first when loading signed modules +and if the module's certificate is found, it will refuse to load. This is +useful in cases where third party certificates are used for module signing. + +Signed-off-by: Josh Boyer +--- + include/keys/system_keyring.h | 4 ++++ + init/Kconfig | 9 +++++++++ + kernel/module_signing.c | 12 ++++++++++++ + kernel/system_keyring.c | 17 +++++++++++++++++ + 4 files changed, 42 insertions(+) + +diff --git a/include/keys/system_keyring.h b/include/keys/system_keyring.h +index 8dabc39..e466de1 100644 +--- a/include/keys/system_keyring.h ++++ b/include/keys/system_keyring.h +@@ -18,6 +18,10 @@ + + extern struct key *system_trusted_keyring; + ++#ifdef CONFIG_SYSTEM_BLACKLIST_KEYRING ++extern struct key *system_blacklist_keyring; ++#endif ++ + #endif + + #endif /* _KEYS_SYSTEM_KEYRING_H */ +diff --git a/init/Kconfig b/init/Kconfig +index b9d8870..4f9771f 100644 +--- a/init/Kconfig ++++ b/init/Kconfig +@@ -1627,6 +1627,15 @@ config SYSTEM_TRUSTED_KEYRING + + Keys in this keyring are used by module signature checking. + ++config SYSTEM_BLACKLIST_KEYRING ++ bool "Provide system-wide ring of blacklisted keys" ++ depends on KEYS ++ help ++ Provide a system keyring to which blacklisted keys can be added. Keys ++ in the keyring are considered entirely untrusted. Keys in this keyring ++ are used by the module signature checking to reject loading of modules ++ signed with a blacklisted key. ++ + menuconfig MODULES + bool "Enable loadable module support" + help +diff --git a/kernel/module_signing.c b/kernel/module_signing.c +index 0b6b870..0a29b40 100644 +--- a/kernel/module_signing.c ++++ b/kernel/module_signing.c +@@ -158,6 +158,18 @@ static struct key *request_asymmetric_key(const char *signer, size_t signer_len, + + pr_debug("Look up: \"%s\"\n", id); + ++#ifdef CONFIG_SYSTEM_BLACKLIST_KEYRING ++ key = keyring_search(make_key_ref(system_blacklist_keyring, 1), ++ &key_type_asymmetric, id); ++ if (!IS_ERR(key)) { ++ /* module is signed with a cert in the blacklist. reject */ ++ pr_err("Module key '%s' is in blacklist\n", id); ++ key_ref_put(key); ++ kfree(id); ++ return ERR_PTR(-EKEYREJECTED); ++ } ++#endif ++ + key = keyring_search(make_key_ref(system_trusted_keyring, 1), + &key_type_asymmetric, id); + if (IS_ERR(key)) +diff --git a/kernel/system_keyring.c b/kernel/system_keyring.c +index dae8778..2913c70 100644 +--- a/kernel/system_keyring.c ++++ b/kernel/system_keyring.c +@@ -20,6 +20,9 @@ + + struct key *system_trusted_keyring; + EXPORT_SYMBOL_GPL(system_trusted_keyring); ++#ifdef CONFIG_SYSTEM_BLACKLIST_KEYRING ++struct key *system_blacklist_keyring; ++#endif + + extern __initdata const u8 system_certificate_list[]; + extern __initdata const u8 system_certificate_list_end[]; +@@ -41,6 +44,20 @@ static __init int system_trusted_keyring_init(void) + panic("Can't allocate system trusted keyring\n"); + + set_bit(KEY_FLAG_TRUSTED_ONLY, &system_trusted_keyring->flags); ++ ++#ifdef CONFIG_SYSTEM_BLACKLIST_KEYRING ++ system_blacklist_keyring = keyring_alloc(".system_blacklist_keyring", ++ KUIDT_INIT(0), KGIDT_INIT(0), ++ current_cred(), ++ (KEY_POS_ALL & ~KEY_POS_SETATTR) | ++ KEY_USR_VIEW | KEY_USR_READ, ++ KEY_ALLOC_NOT_IN_QUOTA, NULL); ++ if (IS_ERR(system_blacklist_keyring)) ++ panic("Can't allocate system blacklist keyring\n"); ++ ++ set_bit(KEY_FLAG_TRUSTED_ONLY, &system_blacklist_keyring->flags); ++#endif ++ + return 0; + } + +-- +1.8.1.4 + + +From e46bf80471882ce1ab0b75dc954b2b59deec6fbb Mon Sep 17 00:00:00 2001 +From: Josh Boyer +Date: Fri, 26 Oct 2012 12:42:16 -0400 +Subject: [PATCH 36/47] MODSIGN: Import certificates from UEFI Secure Boot + +Secure Boot stores a list of allowed certificates in the 'db' variable. +This imports those certificates into the system trusted keyring. This +allows for a third party signing certificate to be used in conjunction +with signed modules. By importing the public certificate into the 'db' +variable, a user can allow a module signed with that certificate to +load. The shim UEFI bootloader has a similar certificate list stored +in the 'MokListRT' variable. We import those as well. + +In the opposite case, Secure Boot maintains a list of disallowed +certificates in the 'dbx' variable. We load those certificates into +the newly introduced system blacklist keyring and forbid any module +signed with those from loading. + +Signed-off-by: Josh Boyer +--- + include/linux/efi.h | 6 ++++ + init/Kconfig | 9 +++++ + kernel/Makefile | 3 ++ + kernel/modsign_uefi.c | 92 +++++++++++++++++++++++++++++++++++++++++++++++++++ + 4 files changed, 110 insertions(+) + create mode 100644 kernel/modsign_uefi.c + +diff --git a/include/linux/efi.h b/include/linux/efi.h +index 4f0fbb7..7ac7a17 100644 +--- a/include/linux/efi.h ++++ b/include/linux/efi.h +@@ -395,6 +395,12 @@ typedef efi_status_t efi_query_variable_store_t(u32 attributes, unsigned long si + #define EFI_CERT_X509_GUID \ + EFI_GUID( 0xa5c059a1, 0x94e4, 0x4aa7, 0x87, 0xb5, 0xab, 0x15, 0x5c, 0x2b, 0xf0, 0x72 ) + ++#define EFI_IMAGE_SECURITY_DATABASE_GUID \ ++ EFI_GUID( 0xd719b2cb, 0x3d3a, 0x4596, 0xa3, 0xbc, 0xda, 0xd0, 0x0e, 0x67, 0x65, 0x6f ) ++ ++#define EFI_SHIM_LOCK_GUID \ ++ EFI_GUID( 0x605dab50, 0xe046, 0x4300, 0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23 ) ++ + typedef struct { + efi_guid_t guid; + u64 table; +diff --git a/init/Kconfig b/init/Kconfig +index 4f9771f..da92f1c 100644 +--- a/init/Kconfig ++++ b/init/Kconfig +@@ -1745,6 +1745,15 @@ config MODULE_SIG_ALL + comment "Do not forget to sign required modules with scripts/sign-file" + depends on MODULE_SIG_FORCE && !MODULE_SIG_ALL + ++config MODULE_SIG_UEFI ++ bool "Allow modules signed with certs stored in UEFI" ++ depends on MODULE_SIG && SYSTEM_BLACKLIST_KEYRING && EFI ++ select EFI_SIGNATURE_LIST_PARSER ++ help ++ This will import certificates stored in UEFI and allow modules ++ signed with those to be loaded. It will also disallow loading ++ of modules stored in the UEFI dbx variable. ++ + choice + prompt "Which hash algorithm should modules be signed with?" + depends on MODULE_SIG +diff --git a/kernel/Makefile b/kernel/Makefile +index 52f3426..e2a616f 100644 +--- a/kernel/Makefile ++++ b/kernel/Makefile +@@ -55,6 +55,7 @@ obj-$(CONFIG_UID16) += uid16.o + obj-$(CONFIG_SYSTEM_TRUSTED_KEYRING) += system_keyring.o system_certificates.o + obj-$(CONFIG_MODULES) += module.o + obj-$(CONFIG_MODULE_SIG) += module_signing.o ++obj-$(CONFIG_MODULE_SIG_UEFI) += modsign_uefi.o + obj-$(CONFIG_KALLSYMS) += kallsyms.o + obj-$(CONFIG_BSD_PROCESS_ACCT) += acct.o + obj-$(CONFIG_KEXEC) += kexec.o +@@ -114,6 +115,8 @@ obj-$(CONFIG_CONTEXT_TRACKING) += context_tracking.o + + $(obj)/configs.o: $(obj)/config_data.h + ++$(obj)/modsign_uefi.o: KBUILD_CFLAGS += -fshort-wchar ++ + # config_data.h contains the same information as ikconfig.h but gzipped. + # Info from config_data can be extracted from /proc/config* + targets += config_data.gz +diff --git a/kernel/modsign_uefi.c b/kernel/modsign_uefi.c +new file mode 100644 +index 0000000..94b0eb3 +--- /dev/null ++++ b/kernel/modsign_uefi.c +@@ -0,0 +1,92 @@ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include "module-internal.h" ++ ++static __init void *get_cert_list(efi_char16_t *name, efi_guid_t *guid, unsigned long *size) ++{ ++ efi_status_t status; ++ unsigned long lsize = 4; ++ unsigned long tmpdb[4]; ++ void *db = NULL; ++ ++ status = efi.get_variable(name, guid, NULL, &lsize, &tmpdb); ++ if (status != EFI_BUFFER_TOO_SMALL) { ++ pr_err("Couldn't get size: 0x%lx\n", status); ++ return NULL; ++ } ++ ++ db = kmalloc(lsize, GFP_KERNEL); ++ if (!db) { ++ pr_err("Couldn't allocate memory for uefi cert list\n"); ++ goto out; ++ } ++ ++ status = efi.get_variable(name, guid, NULL, &lsize, db); ++ if (status != EFI_SUCCESS) { ++ kfree(db); ++ db = NULL; ++ pr_err("Error reading db var: 0x%lx\n", status); ++ } ++out: ++ *size = lsize; ++ return db; ++} ++ ++/* ++ * * Load the certs contained in the UEFI databases ++ * */ ++static int __init load_uefi_certs(void) ++{ ++ efi_guid_t secure_var = EFI_IMAGE_SECURITY_DATABASE_GUID; ++ efi_guid_t mok_var = EFI_SHIM_LOCK_GUID; ++ void *db = NULL, *dbx = NULL, *mok = NULL; ++ unsigned long dbsize = 0, dbxsize = 0, moksize = 0; ++ int rc = 0; ++ ++ /* Check if SB is enabled and just return if not */ ++ if (!efi_enabled(EFI_SECURE_BOOT)) ++ return 0; ++ ++ /* Get db, MokListRT, and dbx. They might not exist, so it isn't ++ * an error if we can't get them. ++ */ ++ db = get_cert_list(L"db", &secure_var, &dbsize); ++ if (!db) { ++ pr_err("MODSIGN: Couldn't get UEFI db list\n"); ++ } else { ++ rc = parse_efi_signature_list(db, dbsize, system_trusted_keyring); ++ if (rc) ++ pr_err("Couldn't parse db signatures: %d\n", rc); ++ kfree(db); ++ } ++ ++ mok = get_cert_list(L"MokListRT", &mok_var, &moksize); ++ if (!mok) { ++ pr_info("MODSIGN: Couldn't get UEFI MokListRT\n"); ++ } else { ++ rc = parse_efi_signature_list(mok, moksize, system_trusted_keyring); ++ if (rc) ++ pr_err("Couldn't parse MokListRT signatures: %d\n", rc); ++ kfree(mok); ++ } ++ ++ dbx = get_cert_list(L"dbx", &secure_var, &dbxsize); ++ if (!dbx) { ++ pr_info("MODSIGN: Couldn't get UEFI dbx list\n"); ++ } else { ++ rc = parse_efi_signature_list(dbx, dbxsize, ++ system_blacklist_keyring); ++ if (rc) ++ pr_err("Couldn't parse dbx signatures: %d\n", rc); ++ kfree(dbx); ++ } ++ ++ return rc; ++} ++late_initcall(load_uefi_certs); +-- +1.8.1.4 + + +From 8724600edad99706cce510645eff15f28787561a Mon Sep 17 00:00:00 2001 +From: Matthew Garrett +Date: Thu, 20 Sep 2012 10:40:57 -0400 +Subject: [PATCH 37/47] PCI: Lock down BAR access in secure boot environments + +Any hardware that can potentially generate DMA has to be locked down from +userspace in order to avoid it being possible for an attacker to cause +arbitrary kernel behaviour. Default to paranoid - in future we can +potentially relax this for sufficiently IOMMU-isolated devices. + +Signed-off-by: Matthew Garrett +--- + drivers/pci/pci-sysfs.c | 9 +++++++++ + drivers/pci/proc.c | 8 +++++++- + drivers/pci/syscall.c | 2 +- + 3 files changed, 17 insertions(+), 2 deletions(-) + +diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c +index 5b4a9d9..db2ff9e 100644 +--- a/drivers/pci/pci-sysfs.c ++++ b/drivers/pci/pci-sysfs.c +@@ -622,6 +622,9 @@ pci_write_config(struct file* filp, struct kobject *kobj, + loff_t init_off = off; + u8 *data = (u8*) buf; + ++ if (!capable(CAP_COMPROMISE_KERNEL)) ++ return -EPERM; ++ + if (off > dev->cfg_size) + return 0; + if (off + count > dev->cfg_size) { +@@ -928,6 +931,9 @@ pci_mmap_resource(struct kobject *kobj, struct bin_attribute *attr, + resource_size_t start, end; + int i; + ++ if (!capable(CAP_COMPROMISE_KERNEL)) ++ return -EPERM; ++ + for (i = 0; i < PCI_ROM_RESOURCE; i++) + if (res == &pdev->resource[i]) + break; +@@ -1035,6 +1041,9 @@ pci_write_resource_io(struct file *filp, struct kobject *kobj, + struct bin_attribute *attr, char *buf, + loff_t off, size_t count) + { ++ if (!capable(CAP_COMPROMISE_KERNEL)) ++ return -EPERM; ++ + return pci_resource_io(filp, kobj, attr, buf, off, count, true); + } + +diff --git a/drivers/pci/proc.c b/drivers/pci/proc.c +index 0812608..544132d 100644 +--- a/drivers/pci/proc.c ++++ b/drivers/pci/proc.c +@@ -136,6 +136,9 @@ proc_bus_pci_write(struct file *file, const char __user *buf, size_t nbytes, lof + int size = dev->cfg_size; + int cnt; + ++ if (!capable(CAP_COMPROMISE_KERNEL)) ++ return -EPERM; ++ + if (pos >= size) + return 0; + if (nbytes >= size) +@@ -215,6 +218,9 @@ static long proc_bus_pci_ioctl(struct file *file, unsigned int cmd, + #endif /* HAVE_PCI_MMAP */ + int ret = 0; + ++ if (!capable(CAP_COMPROMISE_KERNEL)) ++ return -EPERM; ++ + switch (cmd) { + case PCIIOC_CONTROLLER: + ret = pci_domain_nr(dev->bus); +@@ -253,7 +259,7 @@ static int proc_bus_pci_mmap(struct file *file, struct vm_area_struct *vma) + struct pci_filp_private *fpriv = file->private_data; + int i, ret; + +- if (!capable(CAP_SYS_RAWIO)) ++ if (!capable(CAP_SYS_RAWIO) || !capable(CAP_COMPROMISE_KERNEL)) + return -EPERM; + + /* Make sure the caller is mapping a real resource for this device */ +diff --git a/drivers/pci/syscall.c b/drivers/pci/syscall.c +index e1c1ec5..97e785f 100644 +--- a/drivers/pci/syscall.c ++++ b/drivers/pci/syscall.c +@@ -92,7 +92,7 @@ SYSCALL_DEFINE5(pciconfig_write, unsigned long, bus, unsigned long, dfn, + u32 dword; + int err = 0; + +- if (!capable(CAP_SYS_ADMIN)) ++ if (!capable(CAP_SYS_ADMIN) || !capable(CAP_COMPROMISE_KERNEL)) + return -EPERM; + + dev = pci_get_bus_and_slot(bus, dfn); +-- +1.8.1.4 + + +From 2361c561632c00e3974a092454ecc7daafb7cdf6 Mon Sep 17 00:00:00 2001 +From: Matthew Garrett +Date: Thu, 20 Sep 2012 10:40:58 -0400 +Subject: [PATCH 38/47] x86: Lock down IO port access in secure boot + environments + +IO port access would permit users to gain access to PCI configuration +registers, which in turn (on a lot of hardware) give access to MMIO register +space. This would potentially permit root to trigger arbitrary DMA, so lock +it down by default. + +Signed-off-by: Matthew Garrett +--- + arch/x86/kernel/ioport.c | 4 ++-- + drivers/char/mem.c | 3 +++ + 2 files changed, 5 insertions(+), 2 deletions(-) + +diff --git a/arch/x86/kernel/ioport.c b/arch/x86/kernel/ioport.c +index 4ddaf66..f505995 100644 +--- a/arch/x86/kernel/ioport.c ++++ b/arch/x86/kernel/ioport.c +@@ -28,7 +28,7 @@ asmlinkage long sys_ioperm(unsigned long from, unsigned long num, int turn_on) + + if ((from + num <= from) || (from + num > IO_BITMAP_BITS)) + return -EINVAL; +- if (turn_on && !capable(CAP_SYS_RAWIO)) ++ if (turn_on && (!capable(CAP_SYS_RAWIO) || !capable(CAP_COMPROMISE_KERNEL))) + return -EPERM; + + /* +@@ -103,7 +103,7 @@ SYSCALL_DEFINE1(iopl, unsigned int, level) + return -EINVAL; + /* Trying to gain more privileges? */ + if (level > old) { +- if (!capable(CAP_SYS_RAWIO)) ++ if (!capable(CAP_SYS_RAWIO) || !capable(CAP_COMPROMISE_KERNEL)) + return -EPERM; + } + regs->flags = (regs->flags & ~X86_EFLAGS_IOPL) | (level << 12); +diff --git a/drivers/char/mem.c b/drivers/char/mem.c +index 2c644af..7eee4d8 100644 +--- a/drivers/char/mem.c ++++ b/drivers/char/mem.c +@@ -597,6 +597,9 @@ static ssize_t write_port(struct file *file, const char __user *buf, + unsigned long i = *ppos; + const char __user *tmp = buf; + ++ if (!capable(CAP_COMPROMISE_KERNEL)) ++ return -EPERM; ++ + if (!access_ok(VERIFY_READ, buf, count)) + return -EFAULT; + while (count-- > 0 && i < 65536) { +-- +1.8.1.4 + + +From e97f4dd5b1baaae0854e8a5c87aa4be4d03d1854 Mon Sep 17 00:00:00 2001 +From: Matthew Garrett +Date: Thu, 20 Sep 2012 10:40:59 -0400 +Subject: [PATCH 39/47] ACPI: Limit access to custom_method + +It must be impossible for even root to get code executed in kernel context +under a secure boot environment. custom_method effectively allows arbitrary +access to system memory, so it needs to have a capability check here. + +Signed-off-by: Matthew Garrett +--- + drivers/acpi/custom_method.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/drivers/acpi/custom_method.c b/drivers/acpi/custom_method.c +index 12b62f2..edf0710 100644 +--- a/drivers/acpi/custom_method.c ++++ b/drivers/acpi/custom_method.c +@@ -29,6 +29,9 @@ static ssize_t cm_write(struct file *file, const char __user * user_buf, + struct acpi_table_header table; + acpi_status status; + ++ if (!capable(CAP_COMPROMISE_KERNEL)) ++ return -EPERM; ++ + if (!(*ppos)) { + /* parse the table header to get the table length */ + if (count <= sizeof(struct acpi_table_header)) +-- +1.8.1.4 + + +From f0389c3a6d823e2386ab4e21d9e012c4ebd310ac Mon Sep 17 00:00:00 2001 +From: Matthew Garrett +Date: Thu, 20 Sep 2012 10:41:00 -0400 +Subject: [PATCH 40/47] asus-wmi: Restrict debugfs interface + +We have no way of validating what all of the Asus WMI methods do on a +given machine, and there's a risk that some will allow hardware state to +be manipulated in such a way that arbitrary code can be executed in the +kernel. Add a capability check to prevent that. + +Signed-off-by: Matthew Garrett +--- + drivers/platform/x86/asus-wmi.c | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/drivers/platform/x86/asus-wmi.c b/drivers/platform/x86/asus-wmi.c +index c11b242..6d5f88f 100644 +--- a/drivers/platform/x86/asus-wmi.c ++++ b/drivers/platform/x86/asus-wmi.c +@@ -1617,6 +1617,9 @@ static int show_dsts(struct seq_file *m, void *data) + int err; + u32 retval = -1; + ++ if (!capable(CAP_COMPROMISE_KERNEL)) ++ return -EPERM; ++ + err = asus_wmi_get_devstate(asus, asus->debug.dev_id, &retval); + + if (err < 0) +@@ -1633,6 +1636,9 @@ static int show_devs(struct seq_file *m, void *data) + int err; + u32 retval = -1; + ++ if (!capable(CAP_COMPROMISE_KERNEL)) ++ return -EPERM; ++ + err = asus_wmi_set_devstate(asus->debug.dev_id, asus->debug.ctrl_param, + &retval); + +@@ -1657,6 +1663,9 @@ static int show_call(struct seq_file *m, void *data) + union acpi_object *obj; + acpi_status status; + ++ if (!capable(CAP_COMPROMISE_KERNEL)) ++ return -EPERM; ++ + status = wmi_evaluate_method(ASUS_WMI_MGMT_GUID, + 1, asus->debug.method_id, + &input, &output); +-- +1.8.1.4 + + +From 2e507337fc23547c7a15e5a102647becf20dba77 Mon Sep 17 00:00:00 2001 +From: Matthew Garrett +Date: Thu, 20 Sep 2012 10:41:01 -0400 +Subject: [PATCH 41/47] Restrict /dev/mem and /dev/kmem in secure boot setups + +Allowing users to write to address space makes it possible for the kernel +to be subverted. Restrict this when we need to protect the kernel. + +Signed-off-by: Matthew Garrett +--- + drivers/char/mem.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/drivers/char/mem.c b/drivers/char/mem.c +index 7eee4d8..772ee2b 100644 +--- a/drivers/char/mem.c ++++ b/drivers/char/mem.c +@@ -158,6 +158,9 @@ static ssize_t write_mem(struct file *file, const char __user *buf, + unsigned long copied; + void *ptr; + ++ if (!capable(CAP_COMPROMISE_KERNEL)) ++ return -EPERM; ++ + if (!valid_phys_addr_range(p, count)) + return -EFAULT; + +@@ -530,6 +533,9 @@ static ssize_t write_kmem(struct file *file, const char __user *buf, + char *kbuf; /* k-addr because vwrite() takes vmlist_lock rwlock */ + int err = 0; + ++ if (!capable(CAP_COMPROMISE_KERNEL)) ++ return -EPERM; ++ + if (p < (unsigned long) high_memory) { + unsigned long to_write = min_t(unsigned long, count, + (unsigned long)high_memory - p); +-- +1.8.1.4 + + +From ff22d9716846844f8c249dbc965684a8014efed0 Mon Sep 17 00:00:00 2001 +From: Josh Boyer +Date: Thu, 20 Sep 2012 10:41:04 -0400 +Subject: [PATCH 42/47] acpi: Ignore acpi_rsdp kernel parameter in a secure + boot environment + +This option allows userspace to pass the RSDP address to the kernel. This +could potentially be used to circumvent the secure boot trust model. +This is setup through the setup_arch function, which is called before the +security_init function sets up the security_ops, so we cannot use a +capable call here. We ignore the setting if we are booted in Secure Boot +mode. + +Signed-off-by: Josh Boyer +--- + drivers/acpi/osl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/drivers/acpi/osl.c b/drivers/acpi/osl.c +index e721863..ed82da7 100644 +--- a/drivers/acpi/osl.c ++++ b/drivers/acpi/osl.c +@@ -245,7 +245,7 @@ early_param("acpi_rsdp", setup_acpi_rsdp); + acpi_physical_address __init acpi_os_get_root_pointer(void) + { + #ifdef CONFIG_KEXEC +- if (acpi_rsdp) ++ if (acpi_rsdp && !efi_enabled(EFI_SECURE_BOOT)) + return acpi_rsdp; + #endif + +-- +1.8.1.4 + + +From b08ac626fbcf917bc219133d49c347d7d58eaae1 Mon Sep 17 00:00:00 2001 +From: Matthew Garrett +Date: Tue, 4 Sep 2012 11:55:13 -0400 +Subject: [PATCH 43/47] kexec: Disable in a secure boot environment + +kexec could be used as a vector for a malicious user to use a signed kernel +to circumvent the secure boot trust model. In the long run we'll want to +support signed kexec payloads, but for the moment we should just disable +loading entirely in that situation. + +Signed-off-by: Matthew Garrett +--- + kernel/kexec.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/kernel/kexec.c b/kernel/kexec.c +index 59f7b55..8bf1336 100644 +--- a/kernel/kexec.c ++++ b/kernel/kexec.c +@@ -939,7 +939,7 @@ SYSCALL_DEFINE4(kexec_load, unsigned long, entry, unsigned long, nr_segments, + int result; + + /* We only trust the superuser with rebooting the system. */ +- if (!capable(CAP_SYS_BOOT)) ++ if (!capable(CAP_SYS_BOOT) || !capable(CAP_COMPROMISE_KERNEL)) + return -EPERM; + + /* +-- +1.8.1.4 + + +From f0d9c2906c1145585882fb7eb167e47e998c2e24 Mon Sep 17 00:00:00 2001 +From: Josh Boyer +Date: Fri, 5 Oct 2012 10:12:48 -0400 +Subject: [PATCH 44/47] MODSIGN: Always enforce module signing in a Secure Boot + environment + +If a machine is booted into a Secure Boot environment, we need to +protect the trust model. This requires that all modules be signed +with a key that is in the kernel's _modsign keyring. The checks for +this are already done via the 'sig_enforce' module parameter. Make +this visible within the kernel and force it to be true. + +Signed-off-by: Josh Boyer +--- + kernel/cred.c | 8 ++++++++ + kernel/module.c | 4 ++-- + 2 files changed, 10 insertions(+), 2 deletions(-) + +diff --git a/kernel/cred.c b/kernel/cred.c +index c3f4e3e..c5554e0 100644 +--- a/kernel/cred.c ++++ b/kernel/cred.c +@@ -565,11 +565,19 @@ void __init cred_init(void) + 0, SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL); + } + ++#ifdef CONFIG_MODULE_SIG ++extern bool sig_enforce; ++#endif ++ + void __init secureboot_enable() + { + pr_info("Secure boot enabled\n"); + cap_lower((&init_cred)->cap_bset, CAP_COMPROMISE_KERNEL); + cap_lower((&init_cred)->cap_permitted, CAP_COMPROMISE_KERNEL); ++#ifdef CONFIG_MODULE_SIG ++ /* Enable module signature enforcing */ ++ sig_enforce = true; ++#endif + } + + /* Dummy Secure Boot enable option to fake out UEFI SB=1 */ +diff --git a/kernel/module.c b/kernel/module.c +index 0925c9a..af4a476 100644 +--- a/kernel/module.c ++++ b/kernel/module.c +@@ -109,9 +109,9 @@ struct list_head *kdb_modules = &modules; /* kdb needs the list of modules */ + + #ifdef CONFIG_MODULE_SIG + #ifdef CONFIG_MODULE_SIG_FORCE +-static bool sig_enforce = true; ++bool sig_enforce = true; + #else +-static bool sig_enforce = false; ++bool sig_enforce = false; + + static int param_set_bool_enable_only(const char *val, + const struct kernel_param *kp) +-- +1.8.1.4 + + +From 1c6bfec7db39e46eeb456fb84e3153281690bbe0 Mon Sep 17 00:00:00 2001 +From: Josh Boyer +Date: Fri, 26 Oct 2012 14:02:09 -0400 +Subject: [PATCH 45/47] hibernate: Disable in a Secure Boot environment + +There is currently no way to verify the resume image when returning +from hibernate. This might compromise the secure boot trust model, +so until we can work with signed hibernate images we disable it in +a Secure Boot environment. + +Signed-off-by: Josh Boyer +--- + kernel/power/hibernate.c | 15 ++++++++++++++- + kernel/power/main.c | 7 ++++++- + kernel/power/user.c | 3 +++ + 3 files changed, 23 insertions(+), 2 deletions(-) + +diff --git a/kernel/power/hibernate.c b/kernel/power/hibernate.c +index b26f5f1..7f63cb4 100644 +--- a/kernel/power/hibernate.c ++++ b/kernel/power/hibernate.c +@@ -28,6 +28,7 @@ + #include + #include + #include ++#include + + #include "power.h" + +@@ -632,6 +633,10 @@ int hibernate(void) + { + int error; + ++ if (!capable(CAP_COMPROMISE_KERNEL)) { ++ return -EPERM; ++ } ++ + lock_system_sleep(); + /* The snapshot device should not be opened while we're running */ + if (!atomic_add_unless(&snapshot_device_available, -1, 0)) { +@@ -723,7 +728,7 @@ static int software_resume(void) + /* + * If the user said "noresume".. bail out early. + */ +- if (noresume) ++ if (noresume || !capable(CAP_COMPROMISE_KERNEL)) + return 0; + + /* +@@ -889,6 +894,11 @@ static ssize_t disk_show(struct kobject *kobj, struct kobj_attribute *attr, + int i; + char *start = buf; + ++ if (efi_enabled(EFI_SECURE_BOOT)) { ++ buf += sprintf(buf, "[%s]\n", "disabled"); ++ return buf-start; ++ } ++ + for (i = HIBERNATION_FIRST; i <= HIBERNATION_MAX; i++) { + if (!hibernation_modes[i]) + continue; +@@ -923,6 +933,9 @@ static ssize_t disk_store(struct kobject *kobj, struct kobj_attribute *attr, + char *p; + int mode = HIBERNATION_INVALID; + ++ if (!capable(CAP_COMPROMISE_KERNEL)) ++ return -EPERM; ++ + p = memchr(buf, '\n', n); + len = p ? p - buf : n; + +diff --git a/kernel/power/main.c b/kernel/power/main.c +index d77663b..78f8ed5 100644 +--- a/kernel/power/main.c ++++ b/kernel/power/main.c +@@ -15,6 +15,7 @@ + #include + #include + #include ++#include + + #include "power.h" + +@@ -301,7 +302,11 @@ static ssize_t state_show(struct kobject *kobj, struct kobj_attribute *attr, + } + #endif + #ifdef CONFIG_HIBERNATION +- s += sprintf(s, "%s\n", "disk"); ++ if (!efi_enabled(EFI_SECURE_BOOT)) { ++ s += sprintf(s, "%s\n", "disk"); ++ } else { ++ s += sprintf(s, "\n"); ++ } + #else + if (s != buf) + /* convert the last space to a newline */ +diff --git a/kernel/power/user.c b/kernel/power/user.c +index 4ed81e7..b11a0f4 100644 +--- a/kernel/power/user.c ++++ b/kernel/power/user.c +@@ -48,6 +48,9 @@ static int snapshot_open(struct inode *inode, struct file *filp) + struct snapshot_data *data; + int error; + ++ if (!capable(CAP_COMPROMISE_KERNEL)) ++ return -EPERM; ++ + lock_system_sleep(); + + if (!atomic_add_unless(&snapshot_device_available, -1, 0)) { +-- +1.8.1.4 + + +From 07cda990d2f18774522889ece30bddf67c703157 Mon Sep 17 00:00:00 2001 +From: Josh Boyer +Date: Tue, 5 Feb 2013 19:25:05 -0500 +Subject: [PATCH 46/47] efi: Disable secure boot if shim is in insecure mode + +A user can manually tell the shim boot loader to disable validation of +images it loads. When a user does this, it creates a UEFI variable called +MokSBState that does not have the runtime attribute set. Given that the +user explicitly disabled validation, we can honor that and not enable +secure boot mode if that variable is set. + +Signed-off-by: Josh Boyer +--- + arch/x86/boot/compressed/eboot.c | 20 +++++++++++++++++++- + 1 file changed, 19 insertions(+), 1 deletion(-) + +diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c +index 0998ec7..4945ee5 100644 +--- a/arch/x86/boot/compressed/eboot.c ++++ b/arch/x86/boot/compressed/eboot.c +@@ -908,8 +908,9 @@ fail: + + static int get_secure_boot(efi_system_table_t *_table) + { +- u8 sb, setup; ++ u8 sb, setup, moksbstate; + unsigned long datasize = sizeof(sb); ++ u32 attr; + efi_guid_t var_guid = EFI_GLOBAL_VARIABLE_GUID; + efi_status_t status; + +@@ -933,6 +934,23 @@ static int get_secure_boot(efi_system_table_t *_table) + if (setup == 1) + return 0; + ++ /* See if a user has put shim into insecure_mode. If so, and the variable ++ * doesn't have the runtime attribute set, we might as well honor that. ++ */ ++ var_guid = EFI_SHIM_LOCK_GUID; ++ status = efi_call_phys5(sys_table->runtime->get_variable, ++ L"MokSBState", &var_guid, &attr, &datasize, ++ &moksbstate); ++ ++ /* If it fails, we don't care why. Default to secure */ ++ if (status != EFI_SUCCESS) ++ return 1; ++ ++ if (!(attr & EFI_VARIABLE_RUNTIME_ACCESS)) { ++ if (moksbstate == 1) ++ return 0; ++ } ++ + return 1; + } + +-- +1.8.1.4 + + +From e61066577405c37c2758f9b7fb2694967bdbe921 Mon Sep 17 00:00:00 2001 +From: Kees Cook +Date: Fri, 8 Feb 2013 11:12:13 -0800 +Subject: [PATCH 47/47] x86: Lock down MSR writing in secure boot + +Writing to MSRs should not be allowed unless CAP_COMPROMISE_KERNEL is +set since it could lead to execution of arbitrary code in kernel mode. + +Signed-off-by: Kees Cook +--- + arch/x86/kernel/msr.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/arch/x86/kernel/msr.c b/arch/x86/kernel/msr.c +index ce13049..fa4dc6c 100644 +--- a/arch/x86/kernel/msr.c ++++ b/arch/x86/kernel/msr.c +@@ -103,6 +103,9 @@ static ssize_t msr_write(struct file *file, const char __user *buf, + int err = 0; + ssize_t bytes = 0; + ++ if (!capable(CAP_COMPROMISE_KERNEL)) ++ return -EPERM; ++ + if (count % 8) + return -EINVAL; /* Invalid chunk size */ + +@@ -150,6 +153,10 @@ static long msr_ioctl(struct file *file, unsigned int ioc, unsigned long arg) + err = -EBADF; + break; + } ++ if (!capable(CAP_COMPROMISE_KERNEL)) { ++ err = -EPERM; ++ break; ++ } + if (copy_from_user(®s, uregs, sizeof regs)) { + err = -EFAULT; + break; +-- +1.8.1.4 + diff --git a/dm-cache-policy-mq_fix-large-scale-table-allocation-bug.patch b/dm-cache-policy-mq_fix-large-scale-table-allocation-bug.patch new file mode 100644 index 000000000..71234c1a7 --- /dev/null +++ b/dm-cache-policy-mq_fix-large-scale-table-allocation-bug.patch @@ -0,0 +1,31 @@ +diff --git a/drivers/md/dm-cache-policy-mq.c b/drivers/md/dm-cache-policy-mq.c +index cab6dd2..ec79c8f 100644 +--- a/drivers/md/dm-cache-policy-mq.c ++++ b/drivers/md/dm-cache-policy-mq.c +@@ -868,7 +868,7 @@ static void mq_destroy(struct dm_cache_policy *p) + struct mq_policy *mq = to_mq_policy(p); + + free_bitset(mq->allocation_bitset); +- kfree(mq->table); ++ vfree(mq->table); + free_entries(mq); + kfree(mq); + } +@@ -1189,7 +1189,7 @@ static struct dm_cache_policy *mq_create(dm_cblock_t cache_size, + + mq->nr_buckets = next_power(from_cblock(cache_size) / 2, 16); + mq->hash_bits = ffs(mq->nr_buckets) - 1; +- mq->table = kzalloc(sizeof(*mq->table) * mq->nr_buckets, GFP_KERNEL); ++ mq->table = vzalloc(sizeof(*mq->table) * mq->nr_buckets); + if (!mq->table) + goto bad_alloc_table; + +@@ -1200,7 +1200,7 @@ static struct dm_cache_policy *mq_create(dm_cblock_t cache_size, + return &mq->policy; + + bad_alloc_bitset: +- kfree(mq->table); ++ vfree(mq->table); + bad_alloc_table: + free_entries(mq); + bad_cache_alloc: diff --git a/dmar-disable-when-ricoh-multifunction.patch b/dmar-disable-when-ricoh-multifunction.patch deleted file mode 100644 index a4528617e..000000000 --- a/dmar-disable-when-ricoh-multifunction.patch +++ /dev/null @@ -1,33 +0,0 @@ -From da7662784dcced04a5b7a3a5b2bbb8276d699522 Mon Sep 17 00:00:00 2001 -From: Kyle McMartin -Date: Sun, 17 Oct 2010 15:55:32 -0400 -Subject: [PATCH] dmar: disable if ricoh multifunction detected - ---- - drivers/pci/intel-iommu.c | 10 ++++++++++ - 1 files changed, 10 insertions(+), 0 deletions(-) - -diff --git a/drivers/pci/intel-iommu.c b/drivers/pci/intel-iommu.c -index 4789f8e..5923914 100644 ---- a/drivers/iommu/intel-iommu.c -+++ b/drivers/iommu/intel-iommu.c -@@ -3784,6 +3784,16 @@ DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x0044, quirk_calpella_no_shadow_g - DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x0062, quirk_calpella_no_shadow_gtt); - DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x006a, quirk_calpella_no_shadow_gtt); - -+/* https://bugzilla.redhat.com/show_bug.cgi?id=605888 */ -+static void __devinit quirk_ricoh_multifunction(struct pci_dev *dev) -+{ -+ dmar_disabled = 1; -+} -+DECLARE_PCI_FIXUP_HEADER(0x1180, 0xe822, quirk_ricoh_multifunction); -+DECLARE_PCI_FIXUP_HEADER(0x1180, 0xe230, quirk_ricoh_multifunction); -+DECLARE_PCI_FIXUP_HEADER(0x1180, 0xe832, quirk_ricoh_multifunction); -+DECLARE_PCI_FIXUP_HEADER(0x1180, 0xe476, quirk_ricoh_multifunction); -+ - /* On Tylersburg chipsets, some BIOSes have been known to enable the - ISOCH DMAR unit for the Azalia sound device, but not give it any - TLB entries, which causes it to deadlock. Check for that. We do --- -1.7.3.1 - diff --git a/drm-i915-dp-stfu.patch b/drm-i915-dp-stfu.patch deleted file mode 100644 index c005a06ba..000000000 --- a/drm-i915-dp-stfu.patch +++ /dev/null @@ -1,53 +0,0 @@ -diff --git a/drivers/gpu/drm/i915/intel_dp.c b/drivers/gpu/drm/i915/intel_dp.c -index 296cfc2..516e1e2 100644 ---- a/drivers/gpu/drm/i915/intel_dp.c -+++ b/drivers/gpu/drm/i915/intel_dp.c -@@ -350,7 +350,7 @@ intel_dp_check_edp(struct intel_dp *intel_dp) - if (!is_edp(intel_dp)) - return; - if (!ironlake_edp_have_panel_power(intel_dp) && !ironlake_edp_have_panel_vdd(intel_dp)) { -- WARN(1, "eDP powered off while attempting aux channel communication.\n"); -+ DRM_ERROR("eDP powered off while attempting aux channel communication.\n"); - DRM_DEBUG_KMS("Status 0x%08x Control 0x%08x\n", - I915_READ(PCH_PP_STATUS), - I915_READ(PCH_PP_CONTROL)); -@@ -400,7 +400,7 @@ intel_dp_aux_ch(struct intel_dp *intel_dp, - } - - if (try == 3) { -- WARN(1, "dp_aux_ch not started status 0x%08x\n", -+ DRM_ERROR("dp_aux_ch not started status 0x%08x\n", - I915_READ(ch_ctl)); - return -EBUSY; - } -@@ -1024,8 +1024,8 @@ static void ironlake_edp_panel_vdd_on(struct intel_dp *intel_dp) - return; - DRM_DEBUG_KMS("Turn eDP VDD on\n"); - -- WARN(intel_dp->want_panel_vdd, -- "eDP VDD already requested on\n"); -+ if (intel_dp->want_panel_vdd) -+ DRM_ERROR("eDP VDD already requested on\n"); - - intel_dp->want_panel_vdd = true; - -@@ -1090,7 +1090,8 @@ static void ironlake_edp_panel_vdd_off(struct intel_dp *intel_dp, bool sync) - return; - - DRM_DEBUG_KMS("Turn eDP VDD off %d\n", intel_dp->want_panel_vdd); -- WARN(!intel_dp->want_panel_vdd, "eDP VDD not forced on"); -+ if (!intel_dp->want_panel_vdd) -+ DRM_ERROR("eDP VDD not forced on"); - - intel_dp->want_panel_vdd = false; - -@@ -1160,7 +1161,8 @@ static void ironlake_edp_panel_off(struct intel_dp *intel_dp) - - DRM_DEBUG_KMS("Turn eDP power off\n"); - -- WARN(!intel_dp->want_panel_vdd, "Need VDD to turn off panel\n"); -+ if (!intel_dp->want_panel_vdd) -+ DRM_ERROR("Need VDD to turn off panel\n"); - - pp = ironlake_get_pp_control(dev_priv); - pp &= ~(POWER_TARGET_ON | PANEL_POWER_RESET | EDP_BLC_ENABLE); diff --git a/drm-i915-tv-detect-hush.patch b/drm-i915-tv-detect-hush.patch new file mode 100644 index 000000000..e774db071 --- /dev/null +++ b/drm-i915-tv-detect-hush.patch @@ -0,0 +1,46 @@ +Obviously this is not upstreamable... + +diff -up linux-3.7.5-202.fc18.x86_64/drivers/gpu/drm/i915/intel_display.c.jx linux-3.7.5-202.fc18.x86_64/drivers/gpu/drm/i915/intel_display.c +--- linux-3.7.5-202.fc18.x86_64/drivers/gpu/drm/i915/intel_display.c.jx 2013-01-30 12:03:28.000000000 -0500 ++++ linux-3.7.5-202.fc18.x86_64/drivers/gpu/drm/i915/intel_display.c 2013-01-30 12:40:53.177449368 -0500 +@@ -6925,6 +6925,11 @@ intel_modeset_check_state(struct drm_dev + struct intel_encoder *encoder; + struct intel_connector *connector; + ++ /* oh hush */ ++ extern int i915_in_tv_detect; ++ if (i915_in_tv_detect) ++ return; ++ + list_for_each_entry(connector, &dev->mode_config.connector_list, + base.head) { + /* This also checks the encoder/connector hw state with the +diff -up linux-3.7.5-202.fc18.x86_64/drivers/gpu/drm/i915/intel_tv.c.jx linux-3.7.5-202.fc18.x86_64/drivers/gpu/drm/i915/intel_tv.c +--- linux-3.7.5-202.fc18.x86_64/drivers/gpu/drm/i915/intel_tv.c.jx 2012-12-10 22:30:57.000000000 -0500 ++++ linux-3.7.5-202.fc18.x86_64/drivers/gpu/drm/i915/intel_tv.c 2013-01-30 12:39:34.318593585 -0500 +@@ -1296,6 +1296,8 @@ static void intel_tv_find_better_format( + connector->dev->mode_config.tv_mode_property, i); + } + ++int i915_in_tv_detect = 0; ++ + /** + * Detect the TV connection. + * +@@ -1314,11 +1316,15 @@ intel_tv_detect(struct drm_connector *co + if (force) { + struct intel_load_detect_pipe tmp; + ++ i915_in_tv_detect = 1; + if (intel_get_load_detect_pipe(connector, &mode, &tmp)) { + type = intel_tv_detect_type(intel_tv, connector); + intel_release_load_detect_pipe(connector, &tmp); +- } else ++ i915_in_tv_detect = 0; ++ } else { ++ i915_in_tv_detect = 0; + return connector_status_unknown; ++ } + } else + return connector->status; + diff --git a/drm-qxl-backport-fixes-for-Fedora.patch b/drm-qxl-backport-fixes-for-Fedora.patch new file mode 100644 index 000000000..c46060d64 --- /dev/null +++ b/drm-qxl-backport-fixes-for-Fedora.patch @@ -0,0 +1,226 @@ +Bugzilla: N/A +Upstream-status: Queued for 3.13 + +From db8edc33193879f39c1b52521e20f4d6eb4e9858 Mon Sep 17 00:00:00 2001 +From: Dave Airlie +Date: Fri, 08 Nov 2013 06:36:45 +0000 +Subject: drm/qxl: backport fixes for Fedora + +This pulls these changes from drm-next back into Fedora. + +drm/qxl: prefer the monitor config resolution (b080742393e2c1) +drm/qxl: remove unnecessary check (a40a60d912a101e8dfb08ee1) +drm/qxl: fix disabling extra monitors from client (5cab51cb3381157) +qxl: avoid an oops in the deferred io code. (cc87509d87696d7cd39) +drm/qxl: support 64bit surface bar (35541782dcc1e502) +qxl: add a connector property to denote hotplug should rescan modes. (4695b03970df37) + +Signed-off-by: Dave Airlie +--- +diff --git a/drivers/gpu/drm/qxl/qxl_display.c b/drivers/gpu/drm/qxl/qxl_display.c +index 835caba..1d975eb 100644 +--- a/drivers/gpu/drm/qxl/qxl_display.c ++++ b/drivers/gpu/drm/qxl/qxl_display.c +@@ -110,7 +110,9 @@ void qxl_display_read_client_monitors_config(struct qxl_device *qdev) + drm_helper_hpd_irq_event(qdev->ddev); + } + +-static int qxl_add_monitors_config_modes(struct drm_connector *connector) ++static int qxl_add_monitors_config_modes(struct drm_connector *connector, ++ unsigned *pwidth, ++ unsigned *pheight) + { + struct drm_device *dev = connector->dev; + struct qxl_device *qdev = dev->dev_private; +@@ -126,11 +128,15 @@ static int qxl_add_monitors_config_modes(struct drm_connector *connector) + mode = drm_cvt_mode(dev, head->width, head->height, 60, false, false, + false); + mode->type |= DRM_MODE_TYPE_PREFERRED; ++ *pwidth = head->width; ++ *pheight = head->height; + drm_mode_probed_add(connector, mode); + return 1; + } + +-static int qxl_add_common_modes(struct drm_connector *connector) ++static int qxl_add_common_modes(struct drm_connector *connector, ++ unsigned pwidth, ++ unsigned pheight) + { + struct drm_device *dev = connector->dev; + struct drm_display_mode *mode = NULL; +@@ -159,12 +165,9 @@ static int qxl_add_common_modes(struct drm_connector *connector) + }; + + for (i = 0; i < ARRAY_SIZE(common_modes); i++) { +- if (common_modes[i].w < 320 || common_modes[i].h < 200) +- continue; +- + mode = drm_cvt_mode(dev, common_modes[i].w, common_modes[i].h, + 60, false, false, false); +- if (common_modes[i].w == 1024 && common_modes[i].h == 768) ++ if (common_modes[i].w == pwidth && common_modes[i].h == pheight) + mode->type |= DRM_MODE_TYPE_PREFERRED; + drm_mode_probed_add(connector, mode); + } +@@ -720,16 +723,18 @@ static int qxl_conn_get_modes(struct drm_connector *connector) + { + int ret = 0; + struct qxl_device *qdev = connector->dev->dev_private; ++ unsigned pwidth = 1024; ++ unsigned pheight = 768; + + DRM_DEBUG_KMS("monitors_config=%p\n", qdev->monitors_config); + /* TODO: what should we do here? only show the configured modes for the + * device, or allow the full list, or both? */ + if (qdev->monitors_config && qdev->monitors_config->count) { +- ret = qxl_add_monitors_config_modes(connector); ++ ret = qxl_add_monitors_config_modes(connector, &pwidth, &pheight); + if (ret < 0) + return ret; + } +- ret += qxl_add_common_modes(connector); ++ ret += qxl_add_common_modes(connector, pwidth, pheight); + return ret; + } + +@@ -793,7 +798,10 @@ static enum drm_connector_status qxl_conn_detect( + qdev->client_monitors_config->count > output->index && + qxl_head_enabled(&qdev->client_monitors_config->heads[output->index])); + +- DRM_DEBUG("\n"); ++ DRM_DEBUG("#%d connected: %d\n", output->index, connected); ++ if (!connected) ++ qxl_monitors_config_set(qdev, output->index, 0, 0, 0, 0, 0); ++ + return connected ? connector_status_connected + : connector_status_disconnected; + } +@@ -835,8 +843,21 @@ static const struct drm_encoder_funcs qxl_enc_funcs = { + .destroy = qxl_enc_destroy, + }; + ++static int qxl_mode_create_hotplug_mode_update_property(struct qxl_device *qdev) ++{ ++ if (qdev->hotplug_mode_update_property) ++ return 0; ++ ++ qdev->hotplug_mode_update_property = ++ drm_property_create_range(qdev->ddev, DRM_MODE_PROP_IMMUTABLE, ++ "hotplug_mode_update", 0, 1); ++ ++ return 0; ++} ++ + static int qdev_output_init(struct drm_device *dev, int num_output) + { ++ struct qxl_device *qdev = dev->dev_private; + struct qxl_output *qxl_output; + struct drm_connector *connector; + struct drm_encoder *encoder; +@@ -863,6 +884,8 @@ static int qdev_output_init(struct drm_device *dev, int num_output) + drm_encoder_helper_add(encoder, &qxl_enc_helper_funcs); + drm_connector_helper_add(connector, &qxl_connector_helper_funcs); + ++ drm_object_attach_property(&connector->base, ++ qdev->hotplug_mode_update_property, 0); + drm_sysfs_connector_add(connector); + return 0; + } +@@ -975,6 +998,9 @@ int qxl_modeset_init(struct qxl_device *qdev) + qdev->ddev->mode_config.max_height = 8192; + + qdev->ddev->mode_config.fb_base = qdev->vram_base; ++ ++ qxl_mode_create_hotplug_mode_update_property(qdev); ++ + for (i = 0 ; i < qxl_num_crtc; ++i) { + qdev_crtc_init(qdev->ddev, i); + qdev_output_init(qdev->ddev, i); +diff --git a/drivers/gpu/drm/qxl/qxl_drv.h b/drivers/gpu/drm/qxl/qxl_drv.h +index 7e96f4f..18c599d 100644 +--- a/drivers/gpu/drm/qxl/qxl_drv.h ++++ b/drivers/gpu/drm/qxl/qxl_drv.h +@@ -323,6 +323,8 @@ struct qxl_device { + struct work_struct gc_work; + + struct work_struct fb_work; ++ ++ struct drm_property *hotplug_mode_update_property; + }; + + /* forward declaration for QXL_INFO_IO */ +diff --git a/drivers/gpu/drm/qxl/qxl_fb.c b/drivers/gpu/drm/qxl/qxl_fb.c +index 88722f2..f437b30 100644 +--- a/drivers/gpu/drm/qxl/qxl_fb.c ++++ b/drivers/gpu/drm/qxl/qxl_fb.c +@@ -108,7 +108,7 @@ static void qxl_fb_dirty_flush(struct fb_info *info) + u32 x1, x2, y1, y2; + + /* TODO: hard coding 32 bpp */ +- int stride = qfbdev->qfb.base.pitches[0] * 4; ++ int stride = qfbdev->qfb.base.pitches[0]; + + x1 = qfbdev->dirty.x1; + x2 = qfbdev->dirty.x2; +diff --git a/drivers/gpu/drm/qxl/qxl_kms.c b/drivers/gpu/drm/qxl/qxl_kms.c +index 9e8da9e..e0ddd5b 100644 +--- a/drivers/gpu/drm/qxl/qxl_kms.c ++++ b/drivers/gpu/drm/qxl/qxl_kms.c +@@ -120,7 +120,7 @@ int qxl_device_init(struct qxl_device *qdev, + struct pci_dev *pdev, + unsigned long flags) + { +- int r; ++ int r, sb; + + qdev->dev = &pdev->dev; + qdev->ddev = ddev; +@@ -136,21 +136,39 @@ int qxl_device_init(struct qxl_device *qdev, + qdev->rom_base = pci_resource_start(pdev, 2); + qdev->rom_size = pci_resource_len(pdev, 2); + qdev->vram_base = pci_resource_start(pdev, 0); +- qdev->surfaceram_base = pci_resource_start(pdev, 1); +- qdev->surfaceram_size = pci_resource_len(pdev, 1); + qdev->io_base = pci_resource_start(pdev, 3); + + qdev->vram_mapping = io_mapping_create_wc(qdev->vram_base, pci_resource_len(pdev, 0)); +- qdev->surface_mapping = io_mapping_create_wc(qdev->surfaceram_base, qdev->surfaceram_size); +- DRM_DEBUG_KMS("qxl: vram %llx-%llx(%dM %dk), surface %llx-%llx(%dM %dk)\n", ++ ++ if (pci_resource_len(pdev, 4) > 0) { ++ /* 64bit surface bar present */ ++ sb = 4; ++ qdev->surfaceram_base = pci_resource_start(pdev, sb); ++ qdev->surfaceram_size = pci_resource_len(pdev, sb); ++ qdev->surface_mapping = ++ io_mapping_create_wc(qdev->surfaceram_base, ++ qdev->surfaceram_size); ++ } ++ if (qdev->surface_mapping == NULL) { ++ /* 64bit surface bar not present (or mapping failed) */ ++ sb = 1; ++ qdev->surfaceram_base = pci_resource_start(pdev, sb); ++ qdev->surfaceram_size = pci_resource_len(pdev, sb); ++ qdev->surface_mapping = ++ io_mapping_create_wc(qdev->surfaceram_base, ++ qdev->surfaceram_size); ++ } ++ ++ DRM_DEBUG_KMS("qxl: vram %llx-%llx(%dM %dk), surface %llx-%llx(%dM %dk, %s)\n", + (unsigned long long)qdev->vram_base, + (unsigned long long)pci_resource_end(pdev, 0), + (int)pci_resource_len(pdev, 0) / 1024 / 1024, + (int)pci_resource_len(pdev, 0) / 1024, + (unsigned long long)qdev->surfaceram_base, +- (unsigned long long)pci_resource_end(pdev, 1), ++ (unsigned long long)pci_resource_end(pdev, sb), + (int)qdev->surfaceram_size / 1024 / 1024, +- (int)qdev->surfaceram_size / 1024); ++ (int)qdev->surfaceram_size / 1024, ++ (sb == 4) ? "64bit" : "32bit"); + + qdev->rom = ioremap(qdev->rom_base, qdev->rom_size); + if (!qdev->rom) { +-- +cgit v0.9.0.2-2-gbebe diff --git a/drm-qxl-fix-memory-leak-in-release-list-handling.patch b/drm-qxl-fix-memory-leak-in-release-list-handling.patch new file mode 100644 index 000000000..8ed4819f2 --- /dev/null +++ b/drm-qxl-fix-memory-leak-in-release-list-handling.patch @@ -0,0 +1,30 @@ +Bugzilla: N/A +Upstream-status: 3.13 + +From 1b28c3e628315ac0d9ef2d3fac0403f05ae692db Mon Sep 17 00:00:00 2001 +From: Dave Airlie +Date: Thu, 28 Nov 2013 05:39:03 +0000 +Subject: drm/qxl: fix memory leak in release list handling + +wow no idea how I got this far without seeing this, +leaking the entries in the list makes kmalloc-64 slab grow. + +References: https://bugzilla.kernel.org/show_bug.cgi?id=65121 +Cc: stable@vger.kernel.org +Reported-by: Matthew Stapleton +Signed-off-by: Dave Airlie +--- +diff --git a/drivers/gpu/drm/qxl/qxl_release.c b/drivers/gpu/drm/qxl/qxl_release.c +index 0109a96..821ab7b 100644 +--- a/drivers/gpu/drm/qxl/qxl_release.c ++++ b/drivers/gpu/drm/qxl/qxl_release.c +@@ -92,6 +92,7 @@ qxl_release_free(struct qxl_device *qdev, + - DRM_FILE_OFFSET); + qxl_fence_remove_release(&bo->fence, release->id); + qxl_bo_unref(&bo); ++ kfree(entry); + } + spin_lock(&qdev->release_idr_lock); + idr_remove(&qdev->release_idr, release->id); +-- +cgit v0.9.0.2-2-gbebe diff --git a/drm-radeon-24hz-audio-fixes.patch b/drm-radeon-24hz-audio-fixes.patch new file mode 100644 index 000000000..4fd8341ed --- /dev/null +++ b/drm-radeon-24hz-audio-fixes.patch @@ -0,0 +1,173 @@ +Bugzilla: 1010679 +Upstream-status: 3.13 + +From 908171aa738b5bbcc6241cec46f73fcd57dd00d4 Mon Sep 17 00:00:00 2001 +From: Pierre Ossman +Date: Wed, 6 Nov 2013 20:00:32 +0100 +Subject: [PATCH 1/2] drm/radeon/audio: correct ACR table + +The values were taken from the HDMI spec, but they assumed +exact x/1.001 clocks. Since we round the clocks, we also need +to calculate different N and CTS values. + +Note that the N for 25.2/1.001 MHz at 44.1 kHz audio is out of +spec. Hopefully this mode is rarely used and/or HDMI sinks +tolerate overly large values of N. + +bug: +https://bugs.freedesktop.org/show_bug.cgi?id=69675 + +Signed-off-by: Pierre Ossman +Signed-off-by: Alex Deucher +--- + drivers/gpu/drm/radeon/r600_hdmi.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/drivers/gpu/drm/radeon/r600_hdmi.c b/drivers/gpu/drm/radeon/r600_hdmi.c +index 4140fe8..e8ca095 100644 +--- a/drivers/gpu/drm/radeon/r600_hdmi.c ++++ b/drivers/gpu/drm/radeon/r600_hdmi.c +@@ -57,15 +57,15 @@ enum r600_hdmi_iec_status_bits { + static const struct radeon_hdmi_acr r600_hdmi_predefined_acr[] = { + /* 32kHz 44.1kHz 48kHz */ + /* Clock N CTS N CTS N CTS */ +- { 25175, 4576, 28125, 7007, 31250, 6864, 28125 }, /* 25,20/1.001 MHz */ ++ { 25175, 4096, 25175, 28224, 125875, 6144, 25175 }, /* 25,20/1.001 MHz */ + { 25200, 4096, 25200, 6272, 28000, 6144, 25200 }, /* 25.20 MHz */ + { 27000, 4096, 27000, 6272, 30000, 6144, 27000 }, /* 27.00 MHz */ + { 27027, 4096, 27027, 6272, 30030, 6144, 27027 }, /* 27.00*1.001 MHz */ + { 54000, 4096, 54000, 6272, 60000, 6144, 54000 }, /* 54.00 MHz */ + { 54054, 4096, 54054, 6272, 60060, 6144, 54054 }, /* 54.00*1.001 MHz */ +- { 74176, 11648, 210937, 17836, 234375, 11648, 140625 }, /* 74.25/1.001 MHz */ ++ { 74176, 4096, 74176, 5733, 75335, 6144, 74176 }, /* 74.25/1.001 MHz */ + { 74250, 4096, 74250, 6272, 82500, 6144, 74250 }, /* 74.25 MHz */ +- { 148352, 11648, 421875, 8918, 234375, 5824, 140625 }, /* 148.50/1.001 MHz */ ++ { 148352, 4096, 148352, 5733, 150670, 6144, 148352 }, /* 148.50/1.001 MHz */ + { 148500, 4096, 148500, 6272, 165000, 6144, 148500 }, /* 148.50 MHz */ + { 0, 4096, 0, 6272, 0, 6144, 0 } /* Other */ + }; +-- +1.8.3.1 + + +From 05e4776357fe7217e531cbaaa163e24f688d10ce Mon Sep 17 00:00:00 2001 +From: Pierre Ossman +Date: Wed, 6 Nov 2013 20:09:08 +0100 +Subject: [PATCH 2/2] drm/radeon/audio: improve ACR calculation + +In order to have any realistic chance of calculating proper +ACR values, we need to be able to calculate both N and CTS, +not just CTS. We still aim for the ideal N as specified in +the HDMI spec though. + +bug: +https://bugs.freedesktop.org/show_bug.cgi?id=69675 + +Signed-off-by: Pierre Ossman +Signed-off-by: Alex Deucher +--- + drivers/gpu/drm/radeon/r600_hdmi.c | 68 ++++++++++++++++++++++++++------------ + 1 file changed, 46 insertions(+), 22 deletions(-) + +diff --git a/drivers/gpu/drm/radeon/r600_hdmi.c b/drivers/gpu/drm/radeon/r600_hdmi.c +index e8ca095..92c6df7 100644 +--- a/drivers/gpu/drm/radeon/r600_hdmi.c ++++ b/drivers/gpu/drm/radeon/r600_hdmi.c +@@ -24,6 +24,7 @@ + * Authors: Christian König + */ + #include ++#include + #include + #include + #include "radeon.h" +@@ -67,25 +68,47 @@ static const struct radeon_hdmi_acr r600_hdmi_predefined_acr[] = { + { 74250, 4096, 74250, 6272, 82500, 6144, 74250 }, /* 74.25 MHz */ + { 148352, 4096, 148352, 5733, 150670, 6144, 148352 }, /* 148.50/1.001 MHz */ + { 148500, 4096, 148500, 6272, 165000, 6144, 148500 }, /* 148.50 MHz */ +- { 0, 4096, 0, 6272, 0, 6144, 0 } /* Other */ + }; + ++ + /* +- * calculate CTS value if it's not found in the table ++ * calculate CTS and N values if they are not found in the table + */ +-static void r600_hdmi_calc_cts(uint32_t clock, int *CTS, int N, int freq) ++static void r600_hdmi_calc_cts(uint32_t clock, int *CTS, int *N, int freq) + { +- u64 n; +- u32 d; +- +- if (*CTS == 0) { +- n = (u64)clock * (u64)N * 1000ULL; +- d = 128 * freq; +- do_div(n, d); +- *CTS = n; +- } +- DRM_DEBUG("Using ACR timing N=%d CTS=%d for frequency %d\n", +- N, *CTS, freq); ++ int n, cts; ++ unsigned long div, mul; ++ ++ /* Safe, but overly large values */ ++ n = 128 * freq; ++ cts = clock * 1000; ++ ++ /* Smallest valid fraction */ ++ div = gcd(n, cts); ++ ++ n /= div; ++ cts /= div; ++ ++ /* ++ * The optimal N is 128*freq/1000. Calculate the closest larger ++ * value that doesn't truncate any bits. ++ */ ++ mul = ((128*freq/1000) + (n-1))/n; ++ ++ n *= mul; ++ cts *= mul; ++ ++ /* Check that we are in spec (not always possible) */ ++ if (n < (128*freq/1500)) ++ printk(KERN_WARNING "Calculated ACR N value is too small. You may experience audio problems.\n"); ++ if (n > (128*freq/300)) ++ printk(KERN_WARNING "Calculated ACR N value is too large. You may experience audio problems.\n"); ++ ++ *N = n; ++ *CTS = cts; ++ ++ DRM_DEBUG("Calculated ACR timing N=%d CTS=%d for frequency %d\n", ++ *N, *CTS, freq); + } + + struct radeon_hdmi_acr r600_hdmi_acr(uint32_t clock) +@@ -93,15 +116,16 @@ struct radeon_hdmi_acr r600_hdmi_acr(uint32_t clock) + struct radeon_hdmi_acr res; + u8 i; + +- for (i = 0; r600_hdmi_predefined_acr[i].clock != clock && +- r600_hdmi_predefined_acr[i].clock != 0; i++) +- ; +- res = r600_hdmi_predefined_acr[i]; ++ /* Precalculated values for common clocks */ ++ for (i = 0; i < ARRAY_SIZE(r600_hdmi_predefined_acr); i++) { ++ if (r600_hdmi_predefined_acr[i].clock == clock) ++ return r600_hdmi_predefined_acr[i]; ++ } + +- /* In case some CTS are missing */ +- r600_hdmi_calc_cts(clock, &res.cts_32khz, res.n_32khz, 32000); +- r600_hdmi_calc_cts(clock, &res.cts_44_1khz, res.n_44_1khz, 44100); +- r600_hdmi_calc_cts(clock, &res.cts_48khz, res.n_48khz, 48000); ++ /* And odd clocks get manually calculated */ ++ r600_hdmi_calc_cts(clock, &res.cts_32khz, &res.n_32khz, 32000); ++ r600_hdmi_calc_cts(clock, &res.cts_44_1khz, &res.n_44_1khz, 44100); ++ r600_hdmi_calc_cts(clock, &res.cts_48khz, &res.n_48khz, 48000); + + return res; + } +-- +1.8.3.1 + diff --git a/efi-dont-map-boot-services-on-32bit.patch b/efi-dont-map-boot-services-on-32bit.patch deleted file mode 100644 index 7cc614992..000000000 --- a/efi-dont-map-boot-services-on-32bit.patch +++ /dev/null @@ -1,22 +0,0 @@ -diff --git a/arch/x86/platform/efi/efi.c b/arch/x86/platform/efi/efi.c -index 3ae4128..ff7dc70 100644 ---- a/arch/x86/platform/efi/efi.c -+++ b/arch/x86/platform/efi/efi.c -@@ -659,10 +659,13 @@ void __init efi_enter_virtual_mode(void) - - for (p = memmap.map; p < memmap.map_end; p += memmap.desc_size) { - md = p; -- if (!(md->attribute & EFI_MEMORY_RUNTIME) && -- md->type != EFI_BOOT_SERVICES_CODE && -- md->type != EFI_BOOT_SERVICES_DATA) -- continue; -+ if (!(md->attribute & EFI_MEMORY_RUNTIME)) { -+#ifdef CONFIG_X86_64 -+ if (md->type != EFI_BOOT_SERVICES_CODE && -+ md->type != EFI_BOOT_SERVICES_DATA) -+#endif -+ continue; -+ } - - size = md->num_pages << EFI_PAGE_SHIFT; - end = md->phys_addr + size; diff --git a/efivarfs-3.6.patch b/efivarfs-3.6.patch new file mode 100644 index 000000000..de7b4434d --- /dev/null +++ b/efivarfs-3.6.patch @@ -0,0 +1,1630 @@ +From bc390c0e405a4fe896dfc54c8e6e737e41661e28 Mon Sep 17 00:00:00 2001 +From: Matthew Garrett +Date: Fri, 5 Oct 2012 13:54:56 +0800 +Subject: [PATCH 01/17] efi: Add support for a UEFI variable filesystem + +The existing EFI variables code only supports variables of up to 1024 +bytes. This limitation existed in version 0.99 of the EFI specification, +but was removed before any full releases. Since variables can now be +larger than a single page, sysfs isn't the best interface for this. So, +instead, let's add a filesystem. Variables can be read, written and +created, with the first 4 bytes of each variable representing its UEFI +attributes. The create() method doesn't actually commit to flash since +zero-length variables can't exist per-spec. + +Updates from Jeremy Kerr . + +Signed-off-by: Matthew Garrett +Signed-off-by: Jeremy Kerr +Signed-off-by: Matt Fleming +--- + drivers/firmware/efivars.c | 384 ++++++++++++++++++++++++++++++++++++++++++++- + include/linux/efi.h | 5 + + 2 files changed, 383 insertions(+), 6 deletions(-) + +diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c +index d10c987..b605c48 100644 +--- a/drivers/firmware/efivars.c ++++ b/drivers/firmware/efivars.c +@@ -80,6 +80,10 @@ + #include + #include + ++#include ++#include ++#include ++ + #include + + #define EFIVARS_VERSION "0.08" +@@ -91,6 +95,7 @@ MODULE_LICENSE("GPL"); + MODULE_VERSION(EFIVARS_VERSION); + + #define DUMP_NAME_LEN 52 ++#define GUID_LEN 37 + + /* + * The maximum size of VariableName + Data = 1024 +@@ -108,7 +113,6 @@ struct efi_variable { + __u32 Attributes; + } __attribute__((packed)); + +- + struct efivar_entry { + struct efivars *efivars; + struct efi_variable var; +@@ -122,6 +126,9 @@ struct efivar_attribute { + ssize_t (*store)(struct efivar_entry *entry, const char *buf, size_t count); + }; + ++static struct efivars __efivars; ++static struct efivar_operations ops; ++ + #define PSTORE_EFI_ATTRIBUTES \ + (EFI_VARIABLE_NON_VOLATILE | \ + EFI_VARIABLE_BOOTSERVICE_ACCESS | \ +@@ -629,14 +636,380 @@ static struct kobj_type efivar_ktype = { + .default_attrs = def_attrs, + }; + +-static struct pstore_info efi_pstore_info; +- + static inline void + efivar_unregister(struct efivar_entry *var) + { + kobject_put(&var->kobj); + } + ++static int efivarfs_file_open(struct inode *inode, struct file *file) ++{ ++ file->private_data = inode->i_private; ++ return 0; ++} ++ ++static ssize_t efivarfs_file_write(struct file *file, ++ const char __user *userbuf, size_t count, loff_t *ppos) ++{ ++ struct efivar_entry *var = file->private_data; ++ struct efivars *efivars; ++ efi_status_t status; ++ void *data; ++ u32 attributes; ++ struct inode *inode = file->f_mapping->host; ++ int datasize = count - sizeof(attributes); ++ ++ if (count < sizeof(attributes)) ++ return -EINVAL; ++ ++ data = kmalloc(datasize, GFP_KERNEL); ++ ++ if (!data) ++ return -ENOMEM; ++ ++ efivars = var->efivars; ++ ++ if (copy_from_user(&attributes, userbuf, sizeof(attributes))) { ++ count = -EFAULT; ++ goto out; ++ } ++ ++ if (attributes & ~(EFI_VARIABLE_MASK)) { ++ count = -EINVAL; ++ goto out; ++ } ++ ++ if (copy_from_user(data, userbuf + sizeof(attributes), datasize)) { ++ count = -EFAULT; ++ goto out; ++ } ++ ++ if (validate_var(&var->var, data, datasize) == false) { ++ count = -EINVAL; ++ goto out; ++ } ++ ++ status = efivars->ops->set_variable(var->var.VariableName, ++ &var->var.VendorGuid, ++ attributes, datasize, ++ data); ++ ++ switch (status) { ++ case EFI_SUCCESS: ++ mutex_lock(&inode->i_mutex); ++ i_size_write(inode, count); ++ mutex_unlock(&inode->i_mutex); ++ break; ++ case EFI_INVALID_PARAMETER: ++ count = -EINVAL; ++ break; ++ case EFI_OUT_OF_RESOURCES: ++ count = -ENOSPC; ++ break; ++ case EFI_DEVICE_ERROR: ++ count = -EIO; ++ break; ++ case EFI_WRITE_PROTECTED: ++ count = -EROFS; ++ break; ++ case EFI_SECURITY_VIOLATION: ++ count = -EACCES; ++ break; ++ case EFI_NOT_FOUND: ++ count = -ENOENT; ++ break; ++ default: ++ count = -EINVAL; ++ break; ++ } ++out: ++ kfree(data); ++ ++ return count; ++} ++ ++static ssize_t efivarfs_file_read(struct file *file, char __user *userbuf, ++ size_t count, loff_t *ppos) ++{ ++ struct efivar_entry *var = file->private_data; ++ struct efivars *efivars = var->efivars; ++ efi_status_t status; ++ unsigned long datasize = 0; ++ u32 attributes; ++ void *data; ++ ssize_t size; ++ ++ status = efivars->ops->get_variable(var->var.VariableName, ++ &var->var.VendorGuid, ++ &attributes, &datasize, NULL); ++ ++ if (status != EFI_BUFFER_TOO_SMALL) ++ return 0; ++ ++ data = kmalloc(datasize + 4, GFP_KERNEL); ++ ++ if (!data) ++ return 0; ++ ++ status = efivars->ops->get_variable(var->var.VariableName, ++ &var->var.VendorGuid, ++ &attributes, &datasize, ++ (data + 4)); ++ ++ if (status != EFI_SUCCESS) ++ return 0; ++ ++ memcpy(data, &attributes, 4); ++ size = simple_read_from_buffer(userbuf, count, ppos, ++ data, datasize + 4); ++ kfree(data); ++ ++ return size; ++} ++ ++static void efivarfs_evict_inode(struct inode *inode) ++{ ++ clear_inode(inode); ++} ++ ++static const struct super_operations efivarfs_ops = { ++ .statfs = simple_statfs, ++ .drop_inode = generic_delete_inode, ++ .evict_inode = efivarfs_evict_inode, ++ .show_options = generic_show_options, ++}; ++ ++static struct super_block *efivarfs_sb; ++ ++static const struct inode_operations efivarfs_dir_inode_operations; ++ ++static const struct file_operations efivarfs_file_operations = { ++ .open = efivarfs_file_open, ++ .read = efivarfs_file_read, ++ .write = efivarfs_file_write, ++ .llseek = no_llseek, ++}; ++ ++static struct inode *efivarfs_get_inode(struct super_block *sb, ++ const struct inode *dir, int mode, dev_t dev) ++{ ++ struct inode *inode = new_inode(sb); ++ ++ if (inode) { ++ inode->i_ino = get_next_ino(); ++ inode->i_uid = inode->i_gid = 0; ++ inode->i_mode = mode; ++ inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME; ++ switch (mode & S_IFMT) { ++ case S_IFREG: ++ inode->i_fop = &efivarfs_file_operations; ++ break; ++ case S_IFDIR: ++ inode->i_op = &efivarfs_dir_inode_operations; ++ inode->i_fop = &simple_dir_operations; ++ inc_nlink(inode); ++ break; ++ } ++ } ++ return inode; ++} ++ ++static void efivarfs_hex_to_guid(const char *str, efi_guid_t *guid) ++{ ++ guid->b[0] = hex_to_bin(str[6]) << 4 | hex_to_bin(str[7]); ++ guid->b[1] = hex_to_bin(str[4]) << 4 | hex_to_bin(str[5]); ++ guid->b[2] = hex_to_bin(str[2]) << 4 | hex_to_bin(str[3]); ++ guid->b[3] = hex_to_bin(str[0]) << 4 | hex_to_bin(str[1]); ++ guid->b[4] = hex_to_bin(str[11]) << 4 | hex_to_bin(str[12]); ++ guid->b[5] = hex_to_bin(str[9]) << 4 | hex_to_bin(str[10]); ++ guid->b[6] = hex_to_bin(str[16]) << 4 | hex_to_bin(str[17]); ++ guid->b[7] = hex_to_bin(str[14]) << 4 | hex_to_bin(str[15]); ++ guid->b[8] = hex_to_bin(str[19]) << 4 | hex_to_bin(str[20]); ++ guid->b[9] = hex_to_bin(str[21]) << 4 | hex_to_bin(str[22]); ++ guid->b[10] = hex_to_bin(str[24]) << 4 | hex_to_bin(str[25]); ++ guid->b[11] = hex_to_bin(str[26]) << 4 | hex_to_bin(str[27]); ++ guid->b[12] = hex_to_bin(str[28]) << 4 | hex_to_bin(str[29]); ++ guid->b[13] = hex_to_bin(str[30]) << 4 | hex_to_bin(str[31]); ++ guid->b[14] = hex_to_bin(str[32]) << 4 | hex_to_bin(str[33]); ++ guid->b[15] = hex_to_bin(str[34]) << 4 | hex_to_bin(str[35]); ++} ++ ++static int efivarfs_create(struct inode *dir, struct dentry *dentry, ++ umode_t mode, bool excl) ++{ ++ struct inode *inode = efivarfs_get_inode(dir->i_sb, dir, mode, 0); ++ struct efivars *efivars = &__efivars; ++ struct efivar_entry *var; ++ int namelen, i = 0, err = 0; ++ ++ if (dentry->d_name.len < 38) ++ return -EINVAL; ++ ++ if (!inode) ++ return -ENOSPC; ++ ++ var = kzalloc(sizeof(struct efivar_entry), GFP_KERNEL); ++ ++ if (!var) ++ return -ENOMEM; ++ ++ namelen = dentry->d_name.len - GUID_LEN; ++ ++ efivarfs_hex_to_guid(dentry->d_name.name + namelen + 1, ++ &var->var.VendorGuid); ++ ++ for (i = 0; i < namelen; i++) ++ var->var.VariableName[i] = dentry->d_name.name[i]; ++ ++ var->var.VariableName[i] = '\0'; ++ ++ inode->i_private = var; ++ var->efivars = efivars; ++ var->kobj.kset = efivars->kset; ++ ++ err = kobject_init_and_add(&var->kobj, &efivar_ktype, NULL, "%s", ++ dentry->d_name.name); ++ if (err) ++ goto out; ++ ++ kobject_uevent(&var->kobj, KOBJ_ADD); ++ spin_lock(&efivars->lock); ++ list_add(&var->list, &efivars->list); ++ spin_unlock(&efivars->lock); ++ d_instantiate(dentry, inode); ++ dget(dentry); ++out: ++ if (err) ++ kfree(var); ++ return err; ++} ++ ++static int efivarfs_unlink(struct inode *dir, struct dentry *dentry) ++{ ++ struct efivar_entry *var = dentry->d_inode->i_private; ++ struct efivars *efivars = var->efivars; ++ efi_status_t status; ++ ++ spin_lock(&efivars->lock); ++ ++ status = efivars->ops->set_variable(var->var.VariableName, ++ &var->var.VendorGuid, ++ 0, 0, NULL); ++ ++ if (status == EFI_SUCCESS || status == EFI_NOT_FOUND) { ++ list_del(&var->list); ++ spin_unlock(&efivars->lock); ++ efivar_unregister(var); ++ drop_nlink(dir); ++ dput(dentry); ++ return 0; ++ } ++ ++ spin_unlock(&efivars->lock); ++ return -EINVAL; ++}; ++ ++int efivarfs_fill_super(struct super_block *sb, void *data, int silent) ++{ ++ struct inode *inode = NULL; ++ struct dentry *root; ++ struct efivar_entry *entry, *n; ++ struct efivars *efivars = &__efivars; ++ int err; ++ ++ efivarfs_sb = sb; ++ ++ sb->s_maxbytes = MAX_LFS_FILESIZE; ++ sb->s_blocksize = PAGE_CACHE_SIZE; ++ sb->s_blocksize_bits = PAGE_CACHE_SHIFT; ++ sb->s_magic = PSTOREFS_MAGIC; ++ sb->s_op = &efivarfs_ops; ++ sb->s_time_gran = 1; ++ ++ inode = efivarfs_get_inode(sb, NULL, S_IFDIR | 0755, 0); ++ if (!inode) { ++ err = -ENOMEM; ++ goto fail; ++ } ++ inode->i_op = &efivarfs_dir_inode_operations; ++ ++ root = d_make_root(inode); ++ sb->s_root = root; ++ if (!root) { ++ err = -ENOMEM; ++ goto fail; ++ } ++ ++ list_for_each_entry_safe(entry, n, &efivars->list, list) { ++ struct inode *inode; ++ struct dentry *dentry, *root = efivarfs_sb->s_root; ++ char *name; ++ unsigned long size = 0; ++ int len, i; ++ ++ len = utf16_strlen(entry->var.VariableName); ++ ++ /* GUID plus trailing NULL */ ++ name = kmalloc(len + 38, GFP_ATOMIC); ++ ++ for (i = 0; i < len; i++) ++ name[i] = entry->var.VariableName[i] & 0xFF; ++ ++ name[len] = '-'; ++ ++ efi_guid_unparse(&entry->var.VendorGuid, name + len + 1); ++ ++ name[len+GUID_LEN] = '\0'; ++ ++ inode = efivarfs_get_inode(efivarfs_sb, root->d_inode, ++ S_IFREG | 0644, 0); ++ dentry = d_alloc_name(root, name); ++ ++ efivars->ops->get_variable(entry->var.VariableName, ++ &entry->var.VendorGuid, ++ &entry->var.Attributes, ++ &size, ++ NULL); ++ ++ mutex_lock(&inode->i_mutex); ++ inode->i_private = entry; ++ i_size_write(inode, size+4); ++ mutex_unlock(&inode->i_mutex); ++ d_add(dentry, inode); ++ } ++ ++ return 0; ++fail: ++ iput(inode); ++ return err; ++} ++ ++static struct dentry *efivarfs_mount(struct file_system_type *fs_type, ++ int flags, const char *dev_name, void *data) ++{ ++ return mount_single(fs_type, flags, data, efivarfs_fill_super); ++} ++ ++static void efivarfs_kill_sb(struct super_block *sb) ++{ ++ kill_litter_super(sb); ++ efivarfs_sb = NULL; ++} ++ ++static struct file_system_type efivarfs_type = { ++ .name = "efivarfs", ++ .mount = efivarfs_mount, ++ .kill_sb = efivarfs_kill_sb, ++}; ++ ++static const struct inode_operations efivarfs_dir_inode_operations = { ++ .lookup = simple_lookup, ++ .unlink = efivarfs_unlink, ++ .create = efivarfs_create, ++}; ++ ++static struct pstore_info efi_pstore_info; ++ + #ifdef CONFIG_PSTORE + + static int efi_pstore_open(struct pstore_info *psi) +@@ -1198,6 +1571,8 @@ int register_efivars(struct efivars *efivars, + pstore_register(&efivars->efi_pstore_info); + } + ++ register_filesystem(&efivarfs_type); ++ + out: + kfree(variable_name); + +@@ -1205,9 +1580,6 @@ out: + } + EXPORT_SYMBOL_GPL(register_efivars); + +-static struct efivars __efivars; +-static struct efivar_operations ops; +- + /* + * For now we register the efi subsystem with the firmware subsystem + * and the vars subsystem with the efi subsystem. In the future, it +diff --git a/include/linux/efi.h b/include/linux/efi.h +index 5782114..2f1db28 100644 +--- a/include/linux/efi.h ++++ b/include/linux/efi.h +@@ -29,7 +29,12 @@ + #define EFI_UNSUPPORTED ( 3 | (1UL << (BITS_PER_LONG-1))) + #define EFI_BAD_BUFFER_SIZE ( 4 | (1UL << (BITS_PER_LONG-1))) + #define EFI_BUFFER_TOO_SMALL ( 5 | (1UL << (BITS_PER_LONG-1))) ++#define EFI_NOT_READY ( 6 | (1UL << (BITS_PER_LONG-1))) ++#define EFI_DEVICE_ERROR ( 7 | (1UL << (BITS_PER_LONG-1))) ++#define EFI_WRITE_PROTECTED ( 8 | (1UL << (BITS_PER_LONG-1))) ++#define EFI_OUT_OF_RESOURCES ( 9 | (1UL << (BITS_PER_LONG-1))) + #define EFI_NOT_FOUND (14 | (1UL << (BITS_PER_LONG-1))) ++#define EFI_SECURITY_VIOLATION (26 | (1UL << (BITS_PER_LONG-1))) + + typedef unsigned long efi_status_t; + typedef u8 efi_bool_t; +-- +1.7.12.1 + + +From 47c7d712bac1ba86ae9d3f8bb5594d8d9ab57537 Mon Sep 17 00:00:00 2001 +From: Jeremy Kerr +Date: Fri, 5 Oct 2012 13:54:56 +0800 +Subject: [PATCH 02/17] efi: Handle deletions and size changes in + efivarfs_write_file + +A write to an efivarfs file will not always result in a variable of +'count' size after the EFI SetVariable() call. We may have appended to +the existing data (ie, with the EFI_VARIABLE_APPEND_WRITE attribute), or +even have deleted the variable (with an authenticated variable update, +with a zero datasize). + +This change re-reads the updated variable from firmware, to check for +size changes and deletions. In the latter case, we need to drop the +dentry. + +Signed-off-by: Jeremy Kerr +Signed-off-by: Matt Fleming +--- + drivers/firmware/efivars.c | 49 ++++++++++++++++++++++++++++++++++++---------- + 1 file changed, 39 insertions(+), 10 deletions(-) + +diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c +index b605c48..d7658b4 100644 +--- a/drivers/firmware/efivars.c ++++ b/drivers/firmware/efivars.c +@@ -658,6 +658,7 @@ static ssize_t efivarfs_file_write(struct file *file, + u32 attributes; + struct inode *inode = file->f_mapping->host; + int datasize = count - sizeof(attributes); ++ unsigned long newdatasize; + + if (count < sizeof(attributes)) + return -EINVAL; +@@ -696,32 +697,60 @@ static ssize_t efivarfs_file_write(struct file *file, + + switch (status) { + case EFI_SUCCESS: +- mutex_lock(&inode->i_mutex); +- i_size_write(inode, count); +- mutex_unlock(&inode->i_mutex); + break; + case EFI_INVALID_PARAMETER: + count = -EINVAL; +- break; ++ goto out; + case EFI_OUT_OF_RESOURCES: + count = -ENOSPC; +- break; ++ goto out; + case EFI_DEVICE_ERROR: + count = -EIO; +- break; ++ goto out; + case EFI_WRITE_PROTECTED: + count = -EROFS; +- break; ++ goto out; + case EFI_SECURITY_VIOLATION: + count = -EACCES; +- break; ++ goto out; + case EFI_NOT_FOUND: + count = -ENOENT; +- break; ++ goto out; + default: + count = -EINVAL; +- break; ++ goto out; + } ++ ++ /* ++ * Writing to the variable may have caused a change in size (which ++ * could either be an append or an overwrite), or the variable to be ++ * deleted. Perform a GetVariable() so we can tell what actually ++ * happened. ++ */ ++ newdatasize = 0; ++ status = efivars->ops->get_variable(var->var.VariableName, ++ &var->var.VendorGuid, ++ NULL, &newdatasize, ++ NULL); ++ ++ if (status == EFI_BUFFER_TOO_SMALL) { ++ mutex_lock(&inode->i_mutex); ++ i_size_write(inode, newdatasize + sizeof(attributes)); ++ mutex_unlock(&inode->i_mutex); ++ ++ } else if (status == EFI_NOT_FOUND) { ++ spin_lock(&efivars->lock); ++ list_del(&var->list); ++ spin_unlock(&efivars->lock); ++ efivar_unregister(var); ++ drop_nlink(inode); ++ dput(file->f_dentry); ++ ++ } else { ++ pr_warn("efivarfs: inconsistent EFI variable implementation? " ++ "status = %lx\n", status); ++ } ++ + out: + kfree(data); + +-- +1.7.12.1 + + +From 48173c3d1e7014574d5b2517a471587775e4cb91 Mon Sep 17 00:00:00 2001 +From: "Lee, Chun-Yi" +Date: Fri, 5 Oct 2012 13:54:56 +0800 +Subject: [PATCH 03/17] efi: add efivars kobject to efi sysfs folder + +UEFI variable filesystem need a new mount point, so this patch add +efivars kobject to efi_kobj for create a /sys/firmware/efi/efivars +folder. + +Cc: Matthew Garrett +Cc: H. Peter Anvin +Signed-off-by: Lee, Chun-Yi +Signed-off-by: Jeremy Kerr +Signed-off-by: Matt Fleming +--- + drivers/firmware/efivars.c | 9 +++++++++ + include/linux/efi.h | 1 + + 2 files changed, 10 insertions(+) + +diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c +index d7658b4..6793965 100644 +--- a/drivers/firmware/efivars.c ++++ b/drivers/firmware/efivars.c +@@ -1527,6 +1527,7 @@ void unregister_efivars(struct efivars *efivars) + sysfs_remove_bin_file(&efivars->kset->kobj, efivars->del_var); + kfree(efivars->new_var); + kfree(efivars->del_var); ++ kobject_put(efivars->kobject); + kset_unregister(efivars->kset); + } + EXPORT_SYMBOL_GPL(unregister_efivars); +@@ -1558,6 +1559,14 @@ int register_efivars(struct efivars *efivars, + goto out; + } + ++ efivars->kobject = kobject_create_and_add("efivars", parent_kobj); ++ if (!efivars->kobject) { ++ pr_err("efivars: Subsystem registration failed.\n"); ++ error = -ENOMEM; ++ kset_unregister(efivars->kset); ++ goto out; ++ } ++ + /* + * Per EFI spec, the maximum storage allocated for both + * the variable name and variable data is 1024 bytes. +diff --git a/include/linux/efi.h b/include/linux/efi.h +index 2f1db28..bff4b5e 100644 +--- a/include/linux/efi.h ++++ b/include/linux/efi.h +@@ -659,6 +659,7 @@ struct efivars { + spinlock_t lock; + struct list_head list; + struct kset *kset; ++ struct kobject *kobject; + struct bin_attribute *new_var, *del_var; + const struct efivar_operations *ops; + struct efivar_entry *walk_entry; +-- +1.7.12.1 + + +From 8c209f22c606ba8c4fa939245efae9921fb1988a Mon Sep 17 00:00:00 2001 +From: Matt Fleming +Date: Thu, 4 Oct 2012 09:57:31 +0100 +Subject: [PATCH 04/17] efivarfs: Add documentation for the EFI variable + filesystem + +Signed-off-by: Matt Fleming +--- + Documentation/filesystems/00-INDEX | 2 ++ + Documentation/filesystems/efivarfs.txt | 16 ++++++++++++++++ + 2 files changed, 18 insertions(+) + create mode 100644 Documentation/filesystems/efivarfs.txt + +diff --git a/Documentation/filesystems/00-INDEX b/Documentation/filesystems/00-INDEX +index 8c624a1..7b52ba7 100644 +--- a/Documentation/filesystems/00-INDEX ++++ b/Documentation/filesystems/00-INDEX +@@ -38,6 +38,8 @@ dnotify_test.c + - example program for dnotify + ecryptfs.txt + - docs on eCryptfs: stacked cryptographic filesystem for Linux. ++efivarfs.txt ++ - info for the efivarfs filesystem. + exofs.txt + - info, usage, mount options, design about EXOFS. + ext2.txt +diff --git a/Documentation/filesystems/efivarfs.txt b/Documentation/filesystems/efivarfs.txt +new file mode 100644 +index 0000000..c477af0 +--- /dev/null ++++ b/Documentation/filesystems/efivarfs.txt +@@ -0,0 +1,16 @@ ++ ++efivarfs - a (U)EFI variable filesystem ++ ++The efivarfs filesystem was created to address the shortcomings of ++using entries in sysfs to maintain EFI variables. The old sysfs EFI ++variables code only supported variables of up to 1024 bytes. This ++limitation existed in version 0.99 of the EFI specification, but was ++removed before any full releases. Since variables can now be larger ++than a single page, sysfs isn't the best interface for this. ++ ++Variables can be created, deleted and modified with the efivarfs ++filesystem. ++ ++efivarfs is typically mounted like this, ++ ++ mount -t efivarfs none /sys/firmware/efi/efivars +-- +1.7.12.1 + + +From 5897a97e56e999e3fe1d5b9d018496f2656f33fb Mon Sep 17 00:00:00 2001 +From: Andy Whitcroft +Date: Thu, 11 Oct 2012 11:32:17 +0100 +Subject: [PATCH 05/17] efivarfs: efivarfs_file_read ensure we free data in + error paths + +Signed-off-by: Andy Whitcroft +Acked-by: Matthew Garrett +Acked-by: Jeremy Kerr +Signed-off-by: Matt Fleming +--- + drivers/firmware/efivars.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c +index 6793965..b7c9a32 100644 +--- a/drivers/firmware/efivars.c ++++ b/drivers/firmware/efivars.c +@@ -766,7 +766,7 @@ static ssize_t efivarfs_file_read(struct file *file, char __user *userbuf, + unsigned long datasize = 0; + u32 attributes; + void *data; +- ssize_t size; ++ ssize_t size = 0; + + status = efivars->ops->get_variable(var->var.VariableName, + &var->var.VendorGuid, +@@ -784,13 +784,13 @@ static ssize_t efivarfs_file_read(struct file *file, char __user *userbuf, + &var->var.VendorGuid, + &attributes, &datasize, + (data + 4)); +- + if (status != EFI_SUCCESS) +- return 0; ++ goto out_free; + + memcpy(data, &attributes, 4); + size = simple_read_from_buffer(userbuf, count, ppos, + data, datasize + 4); ++out_free: + kfree(data); + + return size; +-- +1.7.12.1 + + +From e1f15611b82a3137949ec11b09a7c1230eec1b8e Mon Sep 17 00:00:00 2001 +From: Andy Whitcroft +Date: Thu, 11 Oct 2012 11:32:18 +0100 +Subject: [PATCH 06/17] efivarfs: efivarfs_create() ensure we drop our + reference on inode on error + +Signed-off-by: Andy Whitcroft +Acked-by: Matthew Garrett +Acked-by: Jeremy Kerr +Signed-off-by: Matt Fleming +--- + drivers/firmware/efivars.c | 14 +++++++++----- + 1 file changed, 9 insertions(+), 5 deletions(-) + +diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c +index b7c9a32..6e5f367 100644 +--- a/drivers/firmware/efivars.c ++++ b/drivers/firmware/efivars.c +@@ -866,7 +866,7 @@ static void efivarfs_hex_to_guid(const char *str, efi_guid_t *guid) + static int efivarfs_create(struct inode *dir, struct dentry *dentry, + umode_t mode, bool excl) + { +- struct inode *inode = efivarfs_get_inode(dir->i_sb, dir, mode, 0); ++ struct inode *inode; + struct efivars *efivars = &__efivars; + struct efivar_entry *var; + int namelen, i = 0, err = 0; +@@ -874,13 +874,15 @@ static int efivarfs_create(struct inode *dir, struct dentry *dentry, + if (dentry->d_name.len < 38) + return -EINVAL; + ++ inode = efivarfs_get_inode(dir->i_sb, dir, mode, 0); + if (!inode) + return -ENOSPC; + + var = kzalloc(sizeof(struct efivar_entry), GFP_KERNEL); +- +- if (!var) +- return -ENOMEM; ++ if (!var) { ++ err = -ENOMEM; ++ goto out; ++ } + + namelen = dentry->d_name.len - GUID_LEN; + +@@ -908,8 +910,10 @@ static int efivarfs_create(struct inode *dir, struct dentry *dentry, + d_instantiate(dentry, inode); + dget(dentry); + out: +- if (err) ++ if (err) { + kfree(var); ++ iput(inode); ++ } + return err; + } + +-- +1.7.12.1 + + +From da03533239fd31112b355b2e1c1b8aa168a27440 Mon Sep 17 00:00:00 2001 +From: Andy Whitcroft +Date: Thu, 11 Oct 2012 11:32:19 +0100 +Subject: [PATCH 07/17] efivarfs: efivarfs_fill_super() fix inode reference + counts + +When d_make_root() fails it will automatically drop the reference +on the root inode. We should not be doing so as well. + +Signed-off-by: Andy Whitcroft +Acked-by: Matthew Garrett +Acked-by: Jeremy Kerr +Signed-off-by: Matt Fleming +--- + drivers/firmware/efivars.c | 16 ++++------------ + 1 file changed, 4 insertions(+), 12 deletions(-) + +diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c +index 6e5f367..adfc486 100644 +--- a/drivers/firmware/efivars.c ++++ b/drivers/firmware/efivars.c +@@ -948,7 +948,6 @@ int efivarfs_fill_super(struct super_block *sb, void *data, int silent) + struct dentry *root; + struct efivar_entry *entry, *n; + struct efivars *efivars = &__efivars; +- int err; + + efivarfs_sb = sb; + +@@ -960,18 +959,14 @@ int efivarfs_fill_super(struct super_block *sb, void *data, int silent) + sb->s_time_gran = 1; + + inode = efivarfs_get_inode(sb, NULL, S_IFDIR | 0755, 0); +- if (!inode) { +- err = -ENOMEM; +- goto fail; +- } ++ if (!inode) ++ return -ENOMEM; + inode->i_op = &efivarfs_dir_inode_operations; + + root = d_make_root(inode); + sb->s_root = root; +- if (!root) { +- err = -ENOMEM; +- goto fail; +- } ++ if (!root) ++ return -ENOMEM; + + list_for_each_entry_safe(entry, n, &efivars->list, list) { + struct inode *inode; +@@ -1012,9 +1007,6 @@ int efivarfs_fill_super(struct super_block *sb, void *data, int silent) + } + + return 0; +-fail: +- iput(inode); +- return err; + } + + static struct dentry *efivarfs_mount(struct file_system_type *fs_type, +-- +1.7.12.1 + + +From 2e2b7d34a6b3b4534165d5cc22705b3c60e48f0a Mon Sep 17 00:00:00 2001 +From: Andy Whitcroft +Date: Thu, 11 Oct 2012 11:32:20 +0100 +Subject: [PATCH 08/17] efivarfs: efivarfs_fill_super() ensure we free our + temporary name + +d_alloc_name() copies the passed name to new storage, once complete we +no longer need our name. + +Signed-off-by: Andy Whitcroft +Acked-by: Matthew Garrett +Acked-by: Jeremy Kerr +Signed-off-by: Matt Fleming +--- + drivers/firmware/efivars.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c +index adfc486..36b3dd6 100644 +--- a/drivers/firmware/efivars.c ++++ b/drivers/firmware/efivars.c +@@ -992,6 +992,8 @@ int efivarfs_fill_super(struct super_block *sb, void *data, int silent) + inode = efivarfs_get_inode(efivarfs_sb, root->d_inode, + S_IFREG | 0644, 0); + dentry = d_alloc_name(root, name); ++ /* copied by the above to local storage in the dentry. */ ++ kfree(name); + + efivars->ops->get_variable(entry->var.VariableName, + &entry->var.VendorGuid, +-- +1.7.12.1 + + +From 247fd819a9fa1920ed7149bdbe13a16beb0ad44f Mon Sep 17 00:00:00 2001 +From: Andy Whitcroft +Date: Thu, 11 Oct 2012 11:32:21 +0100 +Subject: [PATCH 09/17] efivarfs: efivarfs_fill_super() ensure we clean up + correctly on error + +Ensure we free both the name and inode on error when building the +individual variables. + +Signed-off-by: Andy Whitcroft +Acked-by: Matthew Garrett +Acked-by: Jeremy Kerr +Signed-off-by: Matt Fleming +--- + drivers/firmware/efivars.c | 20 ++++++++++++++++++-- + 1 file changed, 18 insertions(+), 2 deletions(-) + +diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c +index 36b3dd6..216086d 100644 +--- a/drivers/firmware/efivars.c ++++ b/drivers/firmware/efivars.c +@@ -948,6 +948,7 @@ int efivarfs_fill_super(struct super_block *sb, void *data, int silent) + struct dentry *root; + struct efivar_entry *entry, *n; + struct efivars *efivars = &__efivars; ++ char *name; + + efivarfs_sb = sb; + +@@ -969,16 +970,18 @@ int efivarfs_fill_super(struct super_block *sb, void *data, int silent) + return -ENOMEM; + + list_for_each_entry_safe(entry, n, &efivars->list, list) { +- struct inode *inode; + struct dentry *dentry, *root = efivarfs_sb->s_root; +- char *name; + unsigned long size = 0; + int len, i; + ++ inode = NULL; ++ + len = utf16_strlen(entry->var.VariableName); + + /* GUID plus trailing NULL */ + name = kmalloc(len + 38, GFP_ATOMIC); ++ if (!name) ++ goto fail; + + for (i = 0; i < len; i++) + name[i] = entry->var.VariableName[i] & 0xFF; +@@ -991,7 +994,13 @@ int efivarfs_fill_super(struct super_block *sb, void *data, int silent) + + inode = efivarfs_get_inode(efivarfs_sb, root->d_inode, + S_IFREG | 0644, 0); ++ if (!inode) ++ goto fail_name; ++ + dentry = d_alloc_name(root, name); ++ if (!dentry) ++ goto fail_inode; ++ + /* copied by the above to local storage in the dentry. */ + kfree(name); + +@@ -1009,6 +1018,13 @@ int efivarfs_fill_super(struct super_block *sb, void *data, int silent) + } + + return 0; ++ ++fail_inode: ++ iput(inode); ++fail_name: ++ kfree(name); ++fail: ++ return -ENOMEM; + } + + static struct dentry *efivarfs_mount(struct file_system_type *fs_type, +-- +1.7.12.1 + + +From 01eb8510eb659fd1471d92166bfd7a4d939b2b21 Mon Sep 17 00:00:00 2001 +From: Jeremy Kerr +Date: Thu, 11 Oct 2012 21:19:11 +0800 +Subject: [PATCH 10/17] efivarfs: Implement exclusive access for + {get,set}_variable + +Currently, efivarfs does not enforce exclusion over the get_variable and +set_variable operations. Section 7.1 of UEFI requires us to only allow a +single processor to enter {get,set}_variable services at once. + +This change acquires the efivars->lock over calls to these operations +from the efivarfs paths. + +Signed-off-by: Jeremy Kerr +Signed-off-by: Matt Fleming +--- + drivers/firmware/efivars.c | 68 +++++++++++++++++++++++++++++----------------- + 1 file changed, 43 insertions(+), 25 deletions(-) + +diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c +index 216086d..d478c56 100644 +--- a/drivers/firmware/efivars.c ++++ b/drivers/firmware/efivars.c +@@ -690,35 +690,45 @@ static ssize_t efivarfs_file_write(struct file *file, + goto out; + } + ++ /* ++ * The lock here protects the get_variable call, the conditional ++ * set_variable call, and removal of the variable from the efivars ++ * list (in the case of an authenticated delete). ++ */ ++ spin_lock(&efivars->lock); ++ + status = efivars->ops->set_variable(var->var.VariableName, + &var->var.VendorGuid, + attributes, datasize, + data); + +- switch (status) { +- case EFI_SUCCESS: +- break; +- case EFI_INVALID_PARAMETER: +- count = -EINVAL; +- goto out; +- case EFI_OUT_OF_RESOURCES: +- count = -ENOSPC; +- goto out; +- case EFI_DEVICE_ERROR: +- count = -EIO; +- goto out; +- case EFI_WRITE_PROTECTED: +- count = -EROFS; +- goto out; +- case EFI_SECURITY_VIOLATION: +- count = -EACCES; +- goto out; +- case EFI_NOT_FOUND: +- count = -ENOENT; +- goto out; +- default: +- count = -EINVAL; +- goto out; ++ if (status != EFI_SUCCESS) { ++ spin_unlock(&efivars->lock); ++ kfree(data); ++ ++ switch (status) { ++ case EFI_INVALID_PARAMETER: ++ count = -EINVAL; ++ break; ++ case EFI_OUT_OF_RESOURCES: ++ count = -ENOSPC; ++ break; ++ case EFI_DEVICE_ERROR: ++ count = -EIO; ++ break; ++ case EFI_WRITE_PROTECTED: ++ count = -EROFS; ++ break; ++ case EFI_SECURITY_VIOLATION: ++ count = -EACCES; ++ break; ++ case EFI_NOT_FOUND: ++ count = -ENOENT; ++ break; ++ default: ++ count = -EINVAL; ++ } ++ return count; + } + + /* +@@ -734,12 +744,12 @@ static ssize_t efivarfs_file_write(struct file *file, + NULL); + + if (status == EFI_BUFFER_TOO_SMALL) { ++ spin_unlock(&efivars->lock); + mutex_lock(&inode->i_mutex); + i_size_write(inode, newdatasize + sizeof(attributes)); + mutex_unlock(&inode->i_mutex); + + } else if (status == EFI_NOT_FOUND) { +- spin_lock(&efivars->lock); + list_del(&var->list); + spin_unlock(&efivars->lock); + efivar_unregister(var); +@@ -747,6 +757,7 @@ static ssize_t efivarfs_file_write(struct file *file, + dput(file->f_dentry); + + } else { ++ spin_unlock(&efivars->lock); + pr_warn("efivarfs: inconsistent EFI variable implementation? " + "status = %lx\n", status); + } +@@ -768,9 +779,11 @@ static ssize_t efivarfs_file_read(struct file *file, char __user *userbuf, + void *data; + ssize_t size = 0; + ++ spin_lock(&efivars->lock); + status = efivars->ops->get_variable(var->var.VariableName, + &var->var.VendorGuid, + &attributes, &datasize, NULL); ++ spin_unlock(&efivars->lock); + + if (status != EFI_BUFFER_TOO_SMALL) + return 0; +@@ -780,10 +793,13 @@ static ssize_t efivarfs_file_read(struct file *file, char __user *userbuf, + if (!data) + return 0; + ++ spin_lock(&efivars->lock); + status = efivars->ops->get_variable(var->var.VariableName, + &var->var.VendorGuid, + &attributes, &datasize, + (data + 4)); ++ spin_unlock(&efivars->lock); ++ + if (status != EFI_SUCCESS) + goto out_free; + +@@ -1004,11 +1020,13 @@ int efivarfs_fill_super(struct super_block *sb, void *data, int silent) + /* copied by the above to local storage in the dentry. */ + kfree(name); + ++ spin_lock(&efivars->lock); + efivars->ops->get_variable(entry->var.VariableName, + &entry->var.VendorGuid, + &entry->var.Attributes, + &size, + NULL); ++ spin_unlock(&efivars->lock); + + mutex_lock(&inode->i_mutex); + inode->i_private = entry; +-- +1.7.12.1 + + +From 871a36dd8509c2833d02930d6f166a65f85c4f92 Mon Sep 17 00:00:00 2001 +From: Jeremy Kerr +Date: Fri, 19 Oct 2012 15:16:45 +0800 +Subject: [PATCH 11/17] efi: Clarify GUID length calculations + +At present, the handling of GUIDs in efivar file names isn't consistent. +We use GUID_LEN in some places, and 38 in others (GUID_LEN plus +separator), and implicitly use the presence of the trailing NUL. + +This change removes the trailing NUL from GUID_LEN, so that we're +explicitly adding it when required. We also replace magic numbers +with GUID_LEN, and clarify the comments where appropriate. + +We also fix the allocation size in efivar_create_sysfs_entry, where +we're allocating one byte too much, due to counting the trailing NUL +twice - once when calculating short_name_size, and once in the kzalloc. + +Signed-off-by: Jeremy Kerr +Signed-off-by: Matt Fleming +--- + drivers/firmware/efivars.c | 33 +++++++++++++++++++++++++-------- + 1 file changed, 25 insertions(+), 8 deletions(-) + +diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c +index d478c56..a93e401 100644 +--- a/drivers/firmware/efivars.c ++++ b/drivers/firmware/efivars.c +@@ -95,7 +95,12 @@ MODULE_LICENSE("GPL"); + MODULE_VERSION(EFIVARS_VERSION); + + #define DUMP_NAME_LEN 52 +-#define GUID_LEN 37 ++ ++/* ++ * Length of a GUID string (strlen("aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee")) ++ * not including trailing NUL ++ */ ++#define GUID_LEN 36 + + /* + * The maximum size of VariableName + Data = 1024 +@@ -887,7 +892,11 @@ static int efivarfs_create(struct inode *dir, struct dentry *dentry, + struct efivar_entry *var; + int namelen, i = 0, err = 0; + +- if (dentry->d_name.len < 38) ++ /* ++ * We need a GUID, plus at least one letter for the variable name, ++ * plus the '-' separator ++ */ ++ if (dentry->d_name.len < GUID_LEN + 2) + return -EINVAL; + + inode = efivarfs_get_inode(dir->i_sb, dir, mode, 0); +@@ -900,7 +909,8 @@ static int efivarfs_create(struct inode *dir, struct dentry *dentry, + goto out; + } + +- namelen = dentry->d_name.len - GUID_LEN; ++ /* length of the variable name itself: remove GUID and separator */ ++ namelen = dentry->d_name.len - GUID_LEN - 1; + + efivarfs_hex_to_guid(dentry->d_name.name + namelen + 1, + &var->var.VendorGuid); +@@ -994,8 +1004,8 @@ int efivarfs_fill_super(struct super_block *sb, void *data, int silent) + + len = utf16_strlen(entry->var.VariableName); + +- /* GUID plus trailing NULL */ +- name = kmalloc(len + 38, GFP_ATOMIC); ++ /* name, plus '-', plus GUID, plus NUL*/ ++ name = kmalloc(len + 1 + GUID_LEN + 1, GFP_ATOMIC); + if (!name) + goto fail; + +@@ -1006,7 +1016,7 @@ int efivarfs_fill_super(struct super_block *sb, void *data, int silent) + + efi_guid_unparse(&entry->var.VendorGuid, name + len + 1); + +- name[len+GUID_LEN] = '\0'; ++ name[len+GUID_LEN+1] = '\0'; + + inode = efivarfs_get_inode(efivarfs_sb, root->d_inode, + S_IFREG | 0644, 0); +@@ -1435,11 +1445,18 @@ efivar_create_sysfs_entry(struct efivars *efivars, + efi_char16_t *variable_name, + efi_guid_t *vendor_guid) + { +- int i, short_name_size = variable_name_size / sizeof(efi_char16_t) + 38; ++ int i, short_name_size; + char *short_name; + struct efivar_entry *new_efivar; + +- short_name = kzalloc(short_name_size + 1, GFP_KERNEL); ++ /* ++ * Length of the variable bytes in ASCII, plus the '-' separator, ++ * plus the GUID, plus trailing NUL ++ */ ++ short_name_size = variable_name_size / sizeof(efi_char16_t) ++ + 1 + GUID_LEN + 1; ++ ++ short_name = kzalloc(short_name_size, GFP_KERNEL); + new_efivar = kzalloc(sizeof(struct efivar_entry), GFP_KERNEL); + + if (!short_name || !new_efivar) { +-- +1.7.12.1 + + +From 5d2cf34731c10e035387ae65f6cf461fd7a53304 Mon Sep 17 00:00:00 2001 +From: Matt Fleming +Date: Tue, 16 Oct 2012 15:58:07 +0100 +Subject: [PATCH 12/17] efivarfs: Return an error if we fail to read a + variable + +Instead of always returning 0 in efivarfs_file_read(), even when we +fail to successfully read the variable, convert the EFI status to +something meaningful and return that to the caller. This way the user +will have some hint as to why the read failed. + +Acked-by: Jeremy Kerr +Signed-off-by: Matt Fleming +--- + drivers/firmware/efivars.c | 62 +++++++++++++++++++++++++++------------------- + 1 file changed, 36 insertions(+), 26 deletions(-) + +diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c +index a93e401..277e426 100644 +--- a/drivers/firmware/efivars.c ++++ b/drivers/firmware/efivars.c +@@ -653,6 +653,36 @@ static int efivarfs_file_open(struct inode *inode, struct file *file) + return 0; + } + ++static int efi_status_to_err(efi_status_t status) ++{ ++ int err; ++ ++ switch (status) { ++ case EFI_INVALID_PARAMETER: ++ err = -EINVAL; ++ break; ++ case EFI_OUT_OF_RESOURCES: ++ err = -ENOSPC; ++ break; ++ case EFI_DEVICE_ERROR: ++ err = -EIO; ++ break; ++ case EFI_WRITE_PROTECTED: ++ err = -EROFS; ++ break; ++ case EFI_SECURITY_VIOLATION: ++ err = -EACCES; ++ break; ++ case EFI_NOT_FOUND: ++ err = -ENOENT; ++ break; ++ default: ++ err = -EINVAL; ++ } ++ ++ return err; ++} ++ + static ssize_t efivarfs_file_write(struct file *file, + const char __user *userbuf, size_t count, loff_t *ppos) + { +@@ -711,29 +741,7 @@ static ssize_t efivarfs_file_write(struct file *file, + spin_unlock(&efivars->lock); + kfree(data); + +- switch (status) { +- case EFI_INVALID_PARAMETER: +- count = -EINVAL; +- break; +- case EFI_OUT_OF_RESOURCES: +- count = -ENOSPC; +- break; +- case EFI_DEVICE_ERROR: +- count = -EIO; +- break; +- case EFI_WRITE_PROTECTED: +- count = -EROFS; +- break; +- case EFI_SECURITY_VIOLATION: +- count = -EACCES; +- break; +- case EFI_NOT_FOUND: +- count = -ENOENT; +- break; +- default: +- count = -EINVAL; +- } +- return count; ++ return efi_status_to_err(status); + } + + /* +@@ -791,12 +799,12 @@ static ssize_t efivarfs_file_read(struct file *file, char __user *userbuf, + spin_unlock(&efivars->lock); + + if (status != EFI_BUFFER_TOO_SMALL) +- return 0; ++ return efi_status_to_err(status); + + data = kmalloc(datasize + 4, GFP_KERNEL); + + if (!data) +- return 0; ++ return -ENOMEM; + + spin_lock(&efivars->lock); + status = efivars->ops->get_variable(var->var.VariableName, +@@ -805,8 +813,10 @@ static ssize_t efivarfs_file_read(struct file *file, char __user *userbuf, + (data + 4)); + spin_unlock(&efivars->lock); + +- if (status != EFI_SUCCESS) ++ if (status != EFI_SUCCESS) { ++ size = efi_status_to_err(status); + goto out_free; ++ } + + memcpy(data, &attributes, 4); + size = simple_read_from_buffer(userbuf, count, ppos, +-- +1.7.12.1 + + +From 0bdf9e5f271f74b7079d8bd06aea7973ffa43562 Mon Sep 17 00:00:00 2001 +From: Matt Fleming +Date: Mon, 22 Oct 2012 15:23:29 +0100 +Subject: [PATCH 13/17] efivarfs: Replace magic number with sizeof(attributes) + +Seeing "+ 4" littered throughout the functions gets a bit +confusing. Use "sizeof(attributes)" which clearly explains what +quantity we're adding. + +Acked-by: Jeremy Kerr +Signed-off-by: Matt Fleming +--- + drivers/firmware/efivars.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c +index 277e426..2c04434 100644 +--- a/drivers/firmware/efivars.c ++++ b/drivers/firmware/efivars.c +@@ -801,7 +801,7 @@ static ssize_t efivarfs_file_read(struct file *file, char __user *userbuf, + if (status != EFI_BUFFER_TOO_SMALL) + return efi_status_to_err(status); + +- data = kmalloc(datasize + 4, GFP_KERNEL); ++ data = kmalloc(datasize + sizeof(attributes), GFP_KERNEL); + + if (!data) + return -ENOMEM; +@@ -810,7 +810,7 @@ static ssize_t efivarfs_file_read(struct file *file, char __user *userbuf, + status = efivars->ops->get_variable(var->var.VariableName, + &var->var.VendorGuid, + &attributes, &datasize, +- (data + 4)); ++ (data + sizeof(attributes))); + spin_unlock(&efivars->lock); + + if (status != EFI_SUCCESS) { +@@ -818,9 +818,9 @@ static ssize_t efivarfs_file_read(struct file *file, char __user *userbuf, + goto out_free; + } + +- memcpy(data, &attributes, 4); ++ memcpy(data, &attributes, sizeof(attributes)); + size = simple_read_from_buffer(userbuf, count, ppos, +- data, datasize + 4); ++ data, datasize + sizeof(attributes)); + out_free: + kfree(data); + +-- +1.7.12.1 + + +From 2835e3a8a7774d72c3e82b6f5350b4c6750c07db Mon Sep 17 00:00:00 2001 +From: Matt Fleming +Date: Mon, 22 Oct 2012 15:51:45 +0100 +Subject: [PATCH 14/17] efivarfs: Add unique magic number + +Using pstore's superblock magic number is no doubt going to cause +problems in the future. Give efivarfs its own magic number. + +Acked-by: Jeremy Kerr +Signed-off-by: Matt Fleming +--- + drivers/firmware/efivars.c | 2 +- + include/linux/magic.h | 1 + + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c +index 2c04434..3b0cf9a 100644 +--- a/drivers/firmware/efivars.c ++++ b/drivers/firmware/efivars.c +@@ -991,7 +991,7 @@ int efivarfs_fill_super(struct super_block *sb, void *data, int silent) + sb->s_maxbytes = MAX_LFS_FILESIZE; + sb->s_blocksize = PAGE_CACHE_SIZE; + sb->s_blocksize_bits = PAGE_CACHE_SHIFT; +- sb->s_magic = PSTOREFS_MAGIC; ++ sb->s_magic = EFIVARFS_MAGIC; + sb->s_op = &efivarfs_ops; + sb->s_time_gran = 1; + +diff --git a/include/linux/magic.h b/include/linux/magic.h +index e15192c..12f68c7 100644 +--- a/include/linux/magic.h ++++ b/include/linux/magic.h +@@ -27,6 +27,7 @@ + #define ISOFS_SUPER_MAGIC 0x9660 + #define JFFS2_SUPER_MAGIC 0x72b6 + #define PSTOREFS_MAGIC 0x6165676C ++#define EFIVARFS_MAGIC 0xde5e81e4 + + #define MINIX_SUPER_MAGIC 0x137F /* minix v1 fs, 14 char names */ + #define MINIX_SUPER_MAGIC2 0x138F /* minix v1 fs, 30 char names */ +-- +1.7.12.1 + + +From 6cd03d922cfcdf802a0b7cb28a2d12b85064e1cf Mon Sep 17 00:00:00 2001 +From: Matt Fleming +Date: Tue, 23 Oct 2012 12:35:43 +0100 +Subject: [PATCH 15/17] efivarfs: Make 'datasize' unsigned long + +There's no reason to declare 'datasize' as an int, since the majority +of the functions it's passed to expect an unsigned long anyway. Plus, +this way we avoid any sign problems during arithmetic. + +Acked-by: Jeremy Kerr +Signed-off-by: Matt Fleming +--- + drivers/firmware/efivars.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c +index 3b0cf9a..6a858d1 100644 +--- a/drivers/firmware/efivars.c ++++ b/drivers/firmware/efivars.c +@@ -692,7 +692,7 @@ static ssize_t efivarfs_file_write(struct file *file, + void *data; + u32 attributes; + struct inode *inode = file->f_mapping->host; +- int datasize = count - sizeof(attributes); ++ unsigned long datasize = count - sizeof(attributes); + unsigned long newdatasize; + + if (count < sizeof(attributes)) +-- +1.7.12.1 + + +From b96ed46670ff62693e169066da6c44014b487da6 Mon Sep 17 00:00:00 2001 +From: Matt Fleming +Date: Tue, 23 Oct 2012 12:41:03 +0100 +Subject: [PATCH 16/17] efivarfs: Return a consistent error when + efivarfs_get_inode() fails + +Instead of returning -ENOSPC if efivarfs_get_inode() fails we should +be returning -ENOMEM, since running out of memory is the only reason +it can fail. Furthermore, that's the error value used everywhere else +in this file. It's also less likely to confuse users that hit this +error case. + +Acked-by: Jeremy Kerr +Signed-off-by: Matt Fleming +--- + drivers/firmware/efivars.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c +index 6a858d1..58cec62 100644 +--- a/drivers/firmware/efivars.c ++++ b/drivers/firmware/efivars.c +@@ -911,7 +911,7 @@ static int efivarfs_create(struct inode *dir, struct dentry *dentry, + + inode = efivarfs_get_inode(dir->i_sb, dir, mode, 0); + if (!inode) +- return -ENOSPC; ++ return -ENOMEM; + + var = kzalloc(sizeof(struct efivar_entry), GFP_KERNEL); + if (!var) { +-- +1.7.12.1 + + +From d537167e87d99d6fffa04f7f36de80a9bc7ffd4f Mon Sep 17 00:00:00 2001 +From: Matt Fleming +Date: Fri, 26 Oct 2012 12:18:53 +0100 +Subject: [PATCH 17/17] efivarfs: Fix return value of efivarfs_file_write() + +We're stuffing a variable of type size_t (unsigned) into a ssize_t +(signed) which, even though both types should be the same number of +bits, it's just asking for sign issues to be introduced. + +Cc: Jeremy Kerr +Reported-by: Alan Cox +Signed-off-by: Matt Fleming +--- + drivers/firmware/efivars.c | 13 ++++++++----- + 1 file changed, 8 insertions(+), 5 deletions(-) + +diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c +index 58cec62..9ac9340 100644 +--- a/drivers/firmware/efivars.c ++++ b/drivers/firmware/efivars.c +@@ -694,6 +694,7 @@ static ssize_t efivarfs_file_write(struct file *file, + struct inode *inode = file->f_mapping->host; + unsigned long datasize = count - sizeof(attributes); + unsigned long newdatasize; ++ ssize_t bytes = 0; + + if (count < sizeof(attributes)) + return -EINVAL; +@@ -706,22 +707,22 @@ static ssize_t efivarfs_file_write(struct file *file, + efivars = var->efivars; + + if (copy_from_user(&attributes, userbuf, sizeof(attributes))) { +- count = -EFAULT; ++ bytes = -EFAULT; + goto out; + } + + if (attributes & ~(EFI_VARIABLE_MASK)) { +- count = -EINVAL; ++ bytes = -EINVAL; + goto out; + } + + if (copy_from_user(data, userbuf + sizeof(attributes), datasize)) { +- count = -EFAULT; ++ bytes = -EFAULT; + goto out; + } + + if (validate_var(&var->var, data, datasize) == false) { +- count = -EINVAL; ++ bytes = -EINVAL; + goto out; + } + +@@ -744,6 +745,8 @@ static ssize_t efivarfs_file_write(struct file *file, + return efi_status_to_err(status); + } + ++ bytes = count; ++ + /* + * Writing to the variable may have caused a change in size (which + * could either be an append or an overwrite), or the variable to be +@@ -778,7 +781,7 @@ static ssize_t efivarfs_file_write(struct file *file, + out: + kfree(data); + +- return count; ++ return bytes; + } + + static ssize_t efivarfs_file_read(struct file *file, char __user *userbuf, +-- +1.7.12.1 + diff --git a/elantech-Properly-differentiate-between-clickpads-an.patch b/elantech-Properly-differentiate-between-clickpads-an.patch new file mode 100644 index 000000000..3fc49980b --- /dev/null +++ b/elantech-Properly-differentiate-between-clickpads-an.patch @@ -0,0 +1,110 @@ +Bugzilla: 1030802 +Upstream-status: http://www.mail-archive.com/linux-input@vger.kernel.org/msg07220.html + +From e1c7fa5fbb6688bd464658ff8a93bdf23c442065 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Mon, 9 Dec 2013 15:18:04 +0100 +Subject: [PATCH v2] elantech: Properly differentiate between clickpads and + normal touchpads + +The current assumption in the elantech driver that hw version 3 touchpads are +never clickpads and hw version 4 touchpads are always clickpads is wrong. + +There are several bug reports for this, ie: +https://bugzilla.redhat.com/show_bug.cgi?id=1030802 +http://superuser.com/questions/619582/right-elantech-touchpad-button-not-working-in-linux + +I've spend a couple of hours wading through various bugzillas, +launchpads and forum posts to create a list of fw-versions and capabilities +for different laptop models to find a good method to differentiate between +clickpads and versions with separate hardware buttons. + +Which shows that a device being a clickpad is reliable indicated by bit 12 +being set in the fw_version. I've included the gathered list inside the driver, +so that we've this info at hand if we need to revisit this later. + +Signed-off-by: Hans de Goede +--- + drivers/input/mouse/elantech.c | 45 +++++++++++++++++++++++++++++++++++++++--- + 1 file changed, 42 insertions(+), 3 deletions(-) + +diff --git a/drivers/input/mouse/elantech.c b/drivers/input/mouse/elantech.c +index 597e9b8..ef1cf52 100644 +--- a/drivers/input/mouse/elantech.c ++++ b/drivers/input/mouse/elantech.c +@@ -486,6 +486,7 @@ static void elantech_input_sync_v4(struct psmouse *psmouse) + unsigned char *packet = psmouse->packet; + + input_report_key(dev, BTN_LEFT, packet[0] & 0x01); ++ input_report_key(dev, BTN_RIGHT, packet[0] & 0x02); + input_mt_report_pointer_emulation(dev, true); + input_sync(dev); + } +@@ -984,6 +985,44 @@ static int elantech_get_resolution_v4(struct psmouse *psmouse, + } + + /* ++ * Advertise INPUT_PROP_BUTTONPAD for clickpads. The testing of bit 12 in ++ * fw_version for this is based on the following fw_version & caps table: ++ * ++ * Laptop-model: fw_version: caps: buttons: ++ * Acer S3 0x461f00 10, 13, 0e clickpad ++ * Acer S7-392 0x581f01 50, 17, 0d clickpad ++ * Acer V5-131 0x461f02 01, 16, 0c clickpad ++ * Acer V5-551 0x461f00 ? clickpad ++ * Asus K53SV 0x450f01 78, 15, 0c 2 hw buttons ++ * Asus G46VW 0x460f02 00, 18, 0c 2 hw buttons ++ * Asus G750JX 0x360f00 00, 16, 0c 2 hw buttons ++ * Asus UX31 0x361f00 20, 15, 0e clickpad ++ * Asus UX32VD 0x361f02 00, 15, 0e clickpad ++ * Avatar AVIU-145A2 0x361f00 ? clickpad ++ * Gigabyte U2442 0x450f01 58, 17, 0c 2 hw buttons ++ * Lenovo L430 0x350f02 b9, 15, 0c 2 hw buttons (*) ++ * Samsung NF210 0x150b00 78, 14, 0a 2 hw buttons ++ * Samsung NP770Z5E 0x575f01 10, 15, 0f clickpad ++ * Samsung NP700Z5B 0x361f06 21, 15, 0f clickpad ++ * Samsung NP900X3E-A02 0x575f03 ? clickpad ++ * Samsung NP-QX410 0x851b00 19, 14, 0c clickpad ++ * Samsung RC512 0x450f00 08, 15, 0c 2 hw buttons ++ * Samsung RF710 0x450f00 ? 2 hw buttons ++ * System76 Pangolin 0x250f01 ? 2 hw buttons ++ * (*) + 3 trackpoint buttons ++ */ ++static void elantech_set_buttonpad_prop(struct psmouse *psmouse) ++{ ++ struct input_dev *dev = psmouse->dev; ++ struct elantech_data *etd = psmouse->private; ++ ++ if (etd->fw_version & 0x001000) { ++ __set_bit(INPUT_PROP_BUTTONPAD, dev->propbit); ++ __clear_bit(BTN_RIGHT, dev->keybit); ++ } ++} ++ ++/* + * Set the appropriate event bits for the input subsystem + */ + static int elantech_set_input_params(struct psmouse *psmouse) +@@ -1026,6 +1065,8 @@ static int elantech_set_input_params(struct psmouse *psmouse) + __set_bit(INPUT_PROP_SEMI_MT, dev->propbit); + /* fall through */ + case 3: ++ if (etd->hw_version == 3) ++ elantech_set_buttonpad_prop(psmouse); + input_set_abs_params(dev, ABS_X, x_min, x_max, 0, 0); + input_set_abs_params(dev, ABS_Y, y_min, y_max, 0, 0); + if (etd->reports_pressure) { +@@ -1047,9 +1088,7 @@ static int elantech_set_input_params(struct psmouse *psmouse) + */ + psmouse_warn(psmouse, "couldn't query resolution data.\n"); + } +- /* v4 is clickpad, with only one button. */ +- __set_bit(INPUT_PROP_BUTTONPAD, dev->propbit); +- __clear_bit(BTN_RIGHT, dev->keybit); ++ elantech_set_buttonpad_prop(psmouse); + __set_bit(BTN_TOOL_QUADTAP, dev->keybit); + /* For X to recognize me as touchpad. */ + input_set_abs_params(dev, ABS_X, x_min, x_max, 0, 0); +-- +1.8.4.2 + diff --git a/elevator-Fix-a-race-in-elevator-switching-and-md.patch b/elevator-Fix-a-race-in-elevator-switching-and-md.patch new file mode 100644 index 000000000..5517687ff --- /dev/null +++ b/elevator-Fix-a-race-in-elevator-switching-and-md.patch @@ -0,0 +1,162 @@ + +Delivered-To: jwboyer@gmail.com +Received: by 10.76.168.104 with SMTP id zv8csp55663oab; + Fri, 30 Aug 2013 15:52:46 -0700 (PDT) +X-Received: by 10.68.244.168 with SMTP id xh8mr12419215pbc.3.1377903166373; + Fri, 30 Aug 2013 15:52:46 -0700 (PDT) +Return-Path: +Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) + by mx.google.com with ESMTP id qc9si280431pac.269.1969.12.31.16.00.00; + Fri, 30 Aug 2013 15:52:46 -0700 (PDT) +Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; +Authentication-Results: mx.google.com; + spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mail=linux-kernel-owner@vger.kernel.org; + dkim=neutral (bad format) header.i=@hds.com +Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand + id S1753535Ab3H3WrV (ORCPT + + 99 others); Fri, 30 Aug 2013 18:47:21 -0400 +Received: from usindpps04.hds.com ([207.126.252.17]:35636 "EHLO + usindpps04.hds.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org + with ESMTP id S1752650Ab3H3WrU (ORCPT + ); + Fri, 30 Aug 2013 18:47:20 -0400 +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=hds.com; h=subject : to : from : cc + : date : message-id : mime-version : content-type : + content-transfer-encoding; s=mail1; + bh=VofHN8IMnygn2hbqnFjLmX0PPEPbvpzE377u1RxpGOY=; + b=piW6J78W57qDXBPJJuodWw/tvf0T//JbxKX6sLPvpuaOG2nBLMHzDqUeTYwFEQqUvdmf + ZTkiwsKi0WEku3MKcxJ7veR7wvTZcQ4fGMETFTf1c2J/1JOKpXLnft4ERuW89/FAxw25 + wQM1ulsuQ3Cncl0I/sIaqMlaMOtvuQ/C8rsHorp+75eFiL6yx1jU5wMbuti4D/NprIET + 3r57cPZ0YCh6sLjvOgjay6mKyktMToyjHPx6X1TWCSWcwes33Popc1hpadxUdFI/0npL + mN3Tttbe7e2RcmkXAZbwg8xj+FwSu3nIRC4G9UpFCsMz518C/AWZj4puwWE6VHZWVvVZ Rg== +Received: from usindmail01.hds.com (usindmail03 [207.126.252.22]) + by usindpps04.hds.com (8.14.5/8.14.5) with ESMTP id r7UMlBjr025492; + Fri, 30 Aug 2013 18:47:11 -0400 +Received: from hds.com (usindnetf5d-vlan47float.corp.hds.com [10.74.73.11]) + by usindmail01.hds.com (8.14.1/8.14.1) with ESMTP id r7UMl8SG058466; + Fri, 30 Aug 2013 18:47:10 -0400 (EDT) +Subject: [PATCH v2 1/2] elevator: Fix a race in elevator switching and md + device initialization +To: linux-kernel@vger.kernel.org +From: Tomoki Sekiyama +Cc: axboe@kernel.dk, tj@kernel.org, seiji.aguchi@hds.com, + vgoyal@redhat.com, majianpeng@gmail.com +Date: Fri, 30 Aug 2013 18:47:07 -0400 +Message-ID: <20130830224707.21812.63516.stgit@hds.com> +User-Agent: StGit/0.16 +MIME-Version: 1.0 +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 7bit +X-Proofpoint-SPF-Result: pass +X-Proofpoint-SPF-Record: v=spf1 mx ip4:207.126.244.0/26 ip4:207.126.252.0/25 include:mktomail.com + include:cloud.hds.com ~all +X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.10.8794,1.0.431,0.0.0000 + definitions=2013-08-30_09:2013-08-30,2013-08-30,1970-01-01 signatures=0 +X-Proofpoint-Spam-Details: rule=notspam policy=outbound_policy score=0 spamscore=0 suspectscore=1 + phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx + scancount=1 engine=7.0.1-1305240000 definitions=main-1308300162 +Sender: linux-kernel-owner@vger.kernel.org +Precedence: bulk +List-ID: +X-Mailing-List: linux-kernel@vger.kernel.org + +The soft lockup below happens at the boot time of the system using dm +multipath and the udev rules to switch scheduler. + +[ 356.127001] BUG: soft lockup - CPU#3 stuck for 22s! [sh:483] +[ 356.127001] RIP: 0010:[] [] lock_timer_base.isra.35+0x1d/0x50 +... +[ 356.127001] Call Trace: +[ 356.127001] [] try_to_del_timer_sync+0x20/0x70 +[ 356.127001] [] ? kmem_cache_alloc_node_trace+0x20a/0x230 +[ 356.127001] [] del_timer_sync+0x52/0x60 +[ 356.127001] [] cfq_exit_queue+0x32/0xf0 +[ 356.127001] [] elevator_exit+0x2f/0x50 +[ 356.127001] [] elevator_change+0xf1/0x1c0 +[ 356.127001] [] elv_iosched_store+0x20/0x50 +[ 356.127001] [] queue_attr_store+0x59/0xb0 +[ 356.127001] [] sysfs_write_file+0xc6/0x140 +[ 356.127001] [] vfs_write+0xbd/0x1e0 +[ 356.127001] [] SyS_write+0x49/0xa0 +[ 356.127001] [] system_call_fastpath+0x16/0x1b + +This is caused by a race between md device initialization by multipathd and +shell script to switch the scheduler using sysfs. + + - multipathd: + SyS_ioctl -> do_vfs_ioctl -> dm_ctl_ioctl -> ctl_ioctl -> table_load + -> dm_setup_md_queue -> blk_init_allocated_queue -> elevator_init + q->elevator = elevator_alloc(q, e); // not yet initialized + + - sh -c 'echo deadline > /sys/$DEVPATH/queue/scheduler': + elevator_switch (in the call trace above) + struct elevator_queue *old = q->elevator; + q->elevator = elevator_alloc(q, new_e); + elevator_exit(old); // lockup! (*) + + - multipathd: (cont.) + err = e->ops.elevator_init_fn(q); // init fails; q->elevator is modified + +(*) When del_timer_sync() is called, lock_timer_base() will loop infinitely +while timer->base == NULL. In this case, as timer will never initialized, +it results in lockup. + +This patch introduces acquisition of q->sysfs_lock around elevator_init() +into blk_init_allocated_queue(), to provide mutual exclusion between +initialization of the q->scheduler and switching of the scheduler. + +This should fix this bugzilla: +https://bugzilla.redhat.com/show_bug.cgi?id=902012 + +Signed-off-by: Tomoki Sekiyama +--- + block/blk-core.c | 10 +++++++++- + block/elevator.c | 6 ++++++ + 2 files changed, 15 insertions(+), 1 deletion(-) + +diff --git a/block/blk-core.c b/block/blk-core.c +index 93a18d1..2f6275f 100644 +--- a/block/blk-core.c ++++ b/block/blk-core.c +@@ -739,9 +739,17 @@ blk_init_allocated_queue(struct request_queue *q, request_fn_proc *rfn, + + q->sg_reserved_size = INT_MAX; + ++ /* Protect q->elevator from elevator_change */ ++ mutex_lock(&q->sysfs_lock); ++ + /* init elevator */ +- if (elevator_init(q, NULL)) ++ if (elevator_init(q, NULL)) { ++ mutex_unlock(&q->sysfs_lock); + return NULL; ++ } ++ ++ mutex_unlock(&q->sysfs_lock); ++ + return q; + } + EXPORT_SYMBOL(blk_init_allocated_queue); +diff --git a/block/elevator.c b/block/elevator.c +index 668394d..02d4390 100644 +--- a/block/elevator.c ++++ b/block/elevator.c +@@ -186,6 +186,12 @@ int elevator_init(struct request_queue *q, char *name) + struct elevator_type *e = NULL; + int err; + ++ /* ++ * q->sysfs_lock must be held to provide mutual exclusion between ++ * elevator_switch() and here. ++ */ ++ lockdep_assert_held(&q->sysfs_lock); ++ + if (unlikely(q->elevator)) + return 0; + + +-- +To unsubscribe from this list: send the line "unsubscribe linux-kernel" in +the body of a message to majordomo@vger.kernel.org +More majordomo info at http://vger.kernel.org/majordomo-info.html +Please read the FAQ at http://www.tux.org/lkml/ diff --git a/elevator-acquire-q-sysfs_lock-in-elevator_change.patch b/elevator-acquire-q-sysfs_lock-in-elevator_change.patch new file mode 100644 index 000000000..6f112b81c --- /dev/null +++ b/elevator-acquire-q-sysfs_lock-in-elevator_change.patch @@ -0,0 +1,121 @@ + +Delivered-To: jwboyer@gmail.com +Received: by 10.76.168.104 with SMTP id zv8csp55623oab; + Fri, 30 Aug 2013 15:51:42 -0700 (PDT) +X-Received: by 10.67.30.70 with SMTP id kc6mr13149193pad.32.1377903101609; + Fri, 30 Aug 2013 15:51:41 -0700 (PDT) +Return-Path: +Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) + by mx.google.com with ESMTP id gg2si304840pac.217.1969.12.31.16.00.00; + Fri, 30 Aug 2013 15:51:41 -0700 (PDT) +Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; +Authentication-Results: mx.google.com; + spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mail=linux-kernel-owner@vger.kernel.org; + dkim=neutral (bad format) header.i=@hds.com +Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand + id S1756106Ab3H3WrX (ORCPT + + 99 others); Fri, 30 Aug 2013 18:47:23 -0400 +Received: from usindpps04.hds.com ([207.126.252.17]:35640 "EHLO + usindpps04.hds.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org + with ESMTP id S1752650Ab3H3WrW (ORCPT + ); + Fri, 30 Aug 2013 18:47:22 -0400 +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=hds.com; h=subject : to : from : cc + : date : message-id : in-reply-to : references : mime-version : + content-type : content-transfer-encoding; s=mail1; + bh=xbQuWVaSJrPfWG5E7bXFAbOFjf/sBaRZsPmpVgy0CYk=; + b=NW/A8Imu32MXoBi5FLrQ0FsK66RTWMQo1bFRtgQplVEQQIAXyf1XhCaAZyTkTplc0iEx + ovyGZHvLbmGL6w3I3pxkCFz1BPJCqoZtvQITir/WvfzyadYOK1cz+vuBUQSCmfkacvS/ + w37h1jLAjsvWXkl0GY7pxB9HJMXdeLnhhuWxtNU8m8rKZ7t3LSByMeQi5/3OTkNojDEe + 70cKeZXCPQ/UIDJAF4cpSVXia5FwoJISjXvQIrvqkYhFelzq3OHMcC482PdpqNB475h3 + yHHJ83HFOLRulUQdOG5ZVTB9qRg0zxRx/oedeXwzturFke68noRRa4f4izQ8sCwsWOCI Dw== +Received: from usindmail01.hds.com (usindmail03 [207.126.252.22]) + by usindpps04.hds.com (8.14.5/8.14.5) with ESMTP id r7UMlHIc025543; + Fri, 30 Aug 2013 18:47:17 -0400 +Received: from hds.com (usindnetf5d-vlan47float.corp.hds.com [10.74.73.11]) + by usindmail01.hds.com (8.14.1/8.14.1) with ESMTP id r7UMlGiC058545; + Fri, 30 Aug 2013 18:47:17 -0400 (EDT) +Subject: [PATCH v2 2/2] elevator: acquire q->sysfs_lock in elevator_change() +To: linux-kernel@vger.kernel.org +From: Tomoki Sekiyama +Cc: axboe@kernel.dk, tj@kernel.org, seiji.aguchi@hds.com, + vgoyal@redhat.com, majianpeng@gmail.com +Date: Fri, 30 Aug 2013 18:47:16 -0400 +Message-ID: <20130830224716.21812.99333.stgit@hds.com> +In-Reply-To: <20130830224707.21812.63516.stgit@hds.com> +References: <20130830224707.21812.63516.stgit@hds.com> +User-Agent: StGit/0.16 +MIME-Version: 1.0 +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 7bit +X-Proofpoint-SPF-Result: pass +X-Proofpoint-SPF-Record: v=spf1 mx ip4:207.126.244.0/26 ip4:207.126.252.0/25 include:mktomail.com + include:cloud.hds.com ~all +X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.10.8794,1.0.431,0.0.0000 + definitions=2013-08-30_09:2013-08-30,2013-08-30,1970-01-01 signatures=0 +X-Proofpoint-Spam-Details: rule=notspam policy=outbound_policy score=0 spamscore=0 suspectscore=1 + phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx + scancount=1 engine=7.0.1-1305240000 definitions=main-1308300162 +Sender: linux-kernel-owner@vger.kernel.org +Precedence: bulk +List-ID: +X-Mailing-List: linux-kernel@vger.kernel.org + +Add locking of q->sysfs_lock into elevator_change() (an exported function) +to ensure it is held to protect q->elevator from elevator_init(), even if +elevator_change() is called from non-sysfs paths. +sysfs path (elv_iosched_store) uses __elevator_change(), non-locking +version, as the lock is already taken by elv_iosched_store(). + +Signed-off-by: Tomoki Sekiyama +--- + block/elevator.c | 16 ++++++++++++++-- + 1 file changed, 14 insertions(+), 2 deletions(-) + +diff --git a/block/elevator.c b/block/elevator.c +index 02d4390..6d765f7 100644 +--- a/block/elevator.c ++++ b/block/elevator.c +@@ -965,7 +965,7 @@ fail_init: + /* + * Switch this queue to the given IO scheduler. + */ +-int elevator_change(struct request_queue *q, const char *name) ++static int __elevator_change(struct request_queue *q, const char *name) + { + char elevator_name[ELV_NAME_MAX]; + struct elevator_type *e; +@@ -987,6 +987,18 @@ int elevator_change(struct request_queue *q, const char *name) + + return elevator_switch(q, e); + } ++ ++int elevator_change(struct request_queue *q, const char *name) ++{ ++ int ret; ++ ++ /* Protect q->elevator from elevator_init() */ ++ mutex_lock(&q->sysfs_lock); ++ ret = __elevator_change(q, name); ++ mutex_unlock(&q->sysfs_lock); ++ ++ return ret; ++} + EXPORT_SYMBOL(elevator_change); + + ssize_t elv_iosched_store(struct request_queue *q, const char *name, +@@ -997,7 +1009,7 @@ ssize_t elv_iosched_store(struct request_queue *q, const char *name, + if (!q->elevator) + return count; + +- ret = elevator_change(q, name); ++ ret = __elevator_change(q, name); + if (!ret) + return count; + + +-- +To unsubscribe from this list: send the line "unsubscribe linux-kernel" in +the body of a message to majordomo@vger.kernel.org +More majordomo info at http://vger.kernel.org/majordomo-info.html +Please read the FAQ at http://www.tux.org/lkml/ diff --git a/fix-child-thread-introspection.patch b/fix-child-thread-introspection.patch new file mode 100644 index 000000000..4c0bad1a6 --- /dev/null +++ b/fix-child-thread-introspection.patch @@ -0,0 +1,76 @@ +Allow threads other than the main thread to do introspection of files in +proc without relying on read permissions. proc_pid_follow_link() calls +proc_fd_access_allowed() which ultimately calls __ptrace_may_access(). + +Though this allows additional access to some proc files, we do not +believe that this has any unintended security implications. However it +probably needs to be looked at carefully. + +The original problem was a thread of a process whose permissions were +111 couldn't open its own /proc/self/exe This was interfering with a +special purpose debugging tool. A simple reproducer is below.: + +#include +#include +#include +#include +#include +#include + +#define BUFSIZE 2048 + +void *thread_main(void *arg){ + char *str=(char*)arg; + char buf[BUFSIZE]; + ssize_t len=readlink("/proc/self/exe", buf, BUFSIZE); + if(len==-1) + printf("/proc/self/exe in %s: %s\n", str,sys_errlist[errno]); + else + printf("/proc/self/exe in %s: OK\n", str); + + return 0; +} + +int main(){ + pthread_t thread; + + int retval=pthread_create( &thread, NULL, thread_main, "thread"); + if(retval!=0) + exit(1); + + thread_main("main"); + pthread_join(thread, NULL); + + exit(0); +} + +Signed-off-by: Ben Woodard +Signed-off-by: Mark Grondona +--- + kernel/ptrace.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/kernel/ptrace.c b/kernel/ptrace.c +index acbd284..347c4c7 100644 +--- a/kernel/ptrace.c ++++ b/kernel/ptrace.c +diff -ruNp linux-3.8.4-103.fc17.noarch/kernel/ptrace.c linux-3.8.4-103.fc17.ptrace/kernel/ptrace.c +--- linux-3.8.4-103.fc17.noarch/kernel/ptrace.c 2013-02-18 17:58:34.000000000 -0600 ++++ linux-3.8.4-103.fc17.ptrace/kernel/ptrace.c 2013-03-26 14:59:01.939396346 -0500 +@@ -234,7 +234,7 @@ static int __ptrace_may_access(struct ta + */ + int dumpable = 0; + /* Don't let security modules deny introspection */ +- if (task == current) ++ if (same_thread_group(task, current)) + return 0; + rcu_read_lock(); + tcred = __task_cred(task); +-- +1.8.1.4 + +-- +To unsubscribe from this list: send the line "unsubscribe linux-kernel" in +the body of a message to majordomo@vger.kernel.org +More majordomo info at http://vger.kernel.org/majordomo-info.html +Please read the FAQ at http://www.tux.org/lkml/ diff --git a/fix-radeon-sound.patch b/fix-radeon-sound.patch new file mode 100644 index 000000000..6e59256bb --- /dev/null +++ b/fix-radeon-sound.patch @@ -0,0 +1,154 @@ +From 062c2e4363451d49ef840232fe65e8bff0dde2a5 Mon Sep 17 00:00:00 2001 +From: Alex Deucher +Date: Fri, 27 Sep 2013 18:09:54 -0400 +Subject: [PATCH 1/4] drm/radeon: use 64-bit math to calculate CTS values for + audio (v2) + +Avoid losing precision. See bug: +https://bugs.freedesktop.org/show_bug.cgi?id=69675 + +v2: fix math as per Anssi's comments. + +Signed-off-by: Alex Deucher +--- + drivers/gpu/drm/radeon/r600_hdmi.c | 11 +++++++++-- + 1 file changed, 9 insertions(+), 2 deletions(-) + +diff --git a/drivers/gpu/drm/radeon/r600_hdmi.c b/drivers/gpu/drm/radeon/r600_hdmi.c +index b0fa600..49043a5 100644 +--- a/drivers/gpu/drm/radeon/r600_hdmi.c ++++ b/drivers/gpu/drm/radeon/r600_hdmi.c +@@ -75,8 +75,15 @@ static const struct radeon_hdmi_acr r600_hdmi_predefined_acr[] = { + */ + static void r600_hdmi_calc_cts(uint32_t clock, int *CTS, int N, int freq) + { +- if (*CTS == 0) +- *CTS = clock * N / (128 * freq) * 1000; ++ u64 n; ++ u32 d; ++ ++ if (*CTS == 0) { ++ n = (u64)clock * (u64)N * 1000ULL; ++ d = 128 * freq; ++ do_div(n, d); ++ *CTS = n; ++ } + DRM_DEBUG("Using ACR timing N=%d CTS=%d for frequency %d\n", + N, *CTS, freq); + } +-- +1.8.3.1 + + +From e7d12c2f98ae1e68c7298e5028048d150fa553a1 Mon Sep 17 00:00:00 2001 +From: Alex Deucher +Date: Fri, 27 Sep 2013 18:19:42 -0400 +Subject: [PATCH 2/4] drm/radeon: fix N/CTS clock matching for audio + +The drm code that calculates the 1001 clocks rounds up +rather than truncating. This allows the table to match +properly on those modes. + +See bug: +https://bugs.freedesktop.org/show_bug.cgi?id=69675 + +Signed-off-by: Alex Deucher +--- + drivers/gpu/drm/radeon/r600_hdmi.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/drivers/gpu/drm/radeon/r600_hdmi.c b/drivers/gpu/drm/radeon/r600_hdmi.c +index 49043a5..567703f 100644 +--- a/drivers/gpu/drm/radeon/r600_hdmi.c ++++ b/drivers/gpu/drm/radeon/r600_hdmi.c +@@ -57,15 +57,15 @@ enum r600_hdmi_iec_status_bits { + static const struct radeon_hdmi_acr r600_hdmi_predefined_acr[] = { + /* 32kHz 44.1kHz 48kHz */ + /* Clock N CTS N CTS N CTS */ +- { 25174, 4576, 28125, 7007, 31250, 6864, 28125 }, /* 25,20/1.001 MHz */ ++ { 25175, 4576, 28125, 7007, 31250, 6864, 28125 }, /* 25,20/1.001 MHz */ + { 25200, 4096, 25200, 6272, 28000, 6144, 25200 }, /* 25.20 MHz */ + { 27000, 4096, 27000, 6272, 30000, 6144, 27000 }, /* 27.00 MHz */ + { 27027, 4096, 27027, 6272, 30030, 6144, 27027 }, /* 27.00*1.001 MHz */ + { 54000, 4096, 54000, 6272, 60000, 6144, 54000 }, /* 54.00 MHz */ + { 54054, 4096, 54054, 6272, 60060, 6144, 54054 }, /* 54.00*1.001 MHz */ +- { 74175, 11648, 210937, 17836, 234375, 11648, 140625 }, /* 74.25/1.001 MHz */ ++ { 74176, 11648, 210937, 17836, 234375, 11648, 140625 }, /* 74.25/1.001 MHz */ + { 74250, 4096, 74250, 6272, 82500, 6144, 74250 }, /* 74.25 MHz */ +- { 148351, 11648, 421875, 8918, 234375, 5824, 140625 }, /* 148.50/1.001 MHz */ ++ { 148352, 11648, 421875, 8918, 234375, 5824, 140625 }, /* 148.50/1.001 MHz */ + { 148500, 4096, 148500, 6272, 165000, 6144, 148500 }, /* 148.50 MHz */ + { 0, 4096, 0, 6272, 0, 6144, 0 } /* Other */ + }; +-- +1.8.3.1 + + +From ee0fec312a1c4e26f255955da942562cd8908a4b Mon Sep 17 00:00:00 2001 +From: Alex Deucher +Date: Fri, 27 Sep 2013 18:22:15 -0400 +Subject: [PATCH 3/4] drm/radeon: use hw generated CTS/N values for audio + +Use the hw generated values rather than calculating +them in the driver. There may be some older r6xx +asics where this doesn't work correctly. This remains +to be seen. + +See bug: +https://bugs.freedesktop.org/show_bug.cgi?id=69675 + +Signed-off-by: Alex Deucher +--- + drivers/gpu/drm/radeon/r600_hdmi.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/drivers/gpu/drm/radeon/r600_hdmi.c b/drivers/gpu/drm/radeon/r600_hdmi.c +index 567703f..e2ae1c2 100644 +--- a/drivers/gpu/drm/radeon/r600_hdmi.c ++++ b/drivers/gpu/drm/radeon/r600_hdmi.c +@@ -451,8 +451,7 @@ void r600_hdmi_setmode(struct drm_encoder *encoder, struct drm_display_mode *mod + } + + WREG32(HDMI0_ACR_PACKET_CONTROL + offset, +- HDMI0_ACR_AUTO_SEND | /* allow hw to sent ACR packets when required */ +- HDMI0_ACR_SOURCE); /* select SW CTS value */ ++ HDMI0_ACR_AUTO_SEND); /* allow hw to sent ACR packets when required */ + + WREG32(HDMI0_VBI_PACKET_CONTROL + offset, + HDMI0_NULL_SEND | /* send null packets when required */ +-- +1.8.3.1 + + +From b852c985010a77c850b7548d64bbb964ca462b02 Mon Sep 17 00:00:00 2001 +From: Alex Deucher +Date: Thu, 10 Oct 2013 11:47:01 -0400 +Subject: [PATCH 4/4] drm/radeon: re-enable sw ACR support on pre-DCE4 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +HW ACR support may have issues on some older chips, so +use SW ACR for now until we've tested further. + +Signed-off-by: Alex Deucher +CC: RafaÅ‚ MiÅ‚ecki +--- + drivers/gpu/drm/radeon/r600_hdmi.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/drivers/gpu/drm/radeon/r600_hdmi.c b/drivers/gpu/drm/radeon/r600_hdmi.c +index e2ae1c2..5b72931 100644 +--- a/drivers/gpu/drm/radeon/r600_hdmi.c ++++ b/drivers/gpu/drm/radeon/r600_hdmi.c +@@ -451,6 +451,7 @@ void r600_hdmi_setmode(struct drm_encoder *encoder, struct drm_display_mode *mod + } + + WREG32(HDMI0_ACR_PACKET_CONTROL + offset, ++ HDMI0_ACR_SOURCE | /* select SW CTS value - XXX verify that hw CTS works on all families */ + HDMI0_ACR_AUTO_SEND); /* allow hw to sent ACR packets when required */ + + WREG32(HDMI0_VBI_PACKET_CONTROL + offset, +-- +1.8.3.1 + diff --git a/fix_xen_guest_on_old_EC2.patch b/fix_xen_guest_on_old_EC2.patch deleted file mode 100644 index e86200295..000000000 --- a/fix_xen_guest_on_old_EC2.patch +++ /dev/null @@ -1,34 +0,0 @@ - -Legacy hypervisors (RHEL 5.0 and RHEL 5.1) do not handle guest writes to -cr4 gracefully. If a guest attempts to write a bit of cr4 that is -unsupported, then the HV is so offended it crashes the domain. While -later guest kernels (such as RHEL6) don't assume the HV supports all -features, they do expect nicer responses. That assumption introduced -code that probes whether or not xsave is supported early in the boot. So -now when attempting to boot a RHEL6 guest on RHEL5.0 or RHEL5.1 an early -crash will occur. - -This patch is quite obviously an undesirable hack. The real fix for this -problem should be in the HV, and is, in later HVs. However, to support -running on old HVs, RHEL6 can take this small change. No impact will -occur for running on any RHEL HV (not even RHEL 5.5 supports xsave). -There is only potential for guest performance loss on upstream Xen. - ---- - arch/x86/xen/enlighten.c | 1 + - 1 files changed, 1 insertions(+), 0 deletions(-) - -diff --git a/arch/x86/xen/enlighten.c b/arch/x86/xen/enlighten.c -index 52f8e19..6db3d67 100644 ---- a/arch/x86/xen/enlighten.c -+++ b/arch/x86/xen/enlighten.c -@@ -802,6 +802,7 @@ static void xen_write_cr4(unsigned long cr4) - { - cr4 &= ~X86_CR4_PGE; - cr4 &= ~X86_CR4_PSE; -+ cr4 &= ~X86_CR4_OSXSAVE; - - native_write_cr4(cr4); - } --- -1.6.6.1 diff --git a/genkey b/genkey deleted file mode 100644 index fdb7d1f64..000000000 --- a/genkey +++ /dev/null @@ -1,10 +0,0 @@ -%pubring modsign.pub -%secring modsign.sec -%no-protection: yes -%transient-key: yes -Key-Type: RSA -Key-Length: 2048 -Name-Real: Fedora Project -Name-Comment: Kernel Module GPG key -%commit - diff --git a/inet-fix-addr_len-msg_namelen-assignment-in-recv_error-and-rxpmtu-functions.patch b/inet-fix-addr_len-msg_namelen-assignment-in-recv_error-and-rxpmtu-functions.patch new file mode 100644 index 000000000..b76fd2a36 --- /dev/null +++ b/inet-fix-addr_len-msg_namelen-assignment-in-recv_error-and-rxpmtu-functions.patch @@ -0,0 +1,253 @@ +Bugzilla: 1035887 +Upstream-status: 3.13 + +From 4be402ba6158068d53ab0268f1affa9d82dae2ec Mon Sep 17 00:00:00 2001 +From: Hannes Frederic Sowa +Date: Fri, 22 Nov 2013 23:46:12 +0000 +Subject: [PATCH] inet: fix addr_len/msg->msg_namelen assignment in recv_error + and rxpmtu functions + +Commit bceaa90240b6019ed73b49965eac7d167610be69 ("inet: prevent leakage +of uninitialized memory to user in recv syscalls") conditionally updated +addr_len if the msg_name is written to. The recv_error and rxpmtu +functions relied on the recvmsg functions to set up addr_len before. + +As this does not happen any more we have to pass addr_len to those +functions as well and set it to the size of the corresponding sockaddr +length. + +This broke traceroute and such. + +Fixes: bceaa90240b6 ("inet: prevent leakage of uninitialized memory to user in recv syscalls") +Reported-by: Brad Spengler +Reported-by: Tom Labanowski +Cc: mpb +Cc: David S. Miller +Cc: Eric Dumazet +Signed-off-by: Hannes Frederic Sowa +Signed-off-by: David S. Miller +--- + include/net/ip.h | 2 +- + include/net/ipv6.h | 4 ++-- + include/net/ping.h | 3 ++- + net/ipv4/ip_sockglue.c | 3 ++- + net/ipv4/ping.c | 5 +++-- + net/ipv4/raw.c | 2 +- + net/ipv4/udp.c | 2 +- + net/ipv6/datagram.c | 7 +++++-- + net/ipv6/ping.c | 3 ++- + net/ipv6/raw.c | 4 ++-- + net/ipv6/udp.c | 4 ++-- + net/l2tp/l2tp_ip6.c | 2 +- + 12 files changed, 24 insertions(+), 17 deletions(-) + +diff --git a/include/net/ip.h b/include/net/ip.h +index 5e52688..301f10c 100644 +--- a/include/net/ip.h ++++ b/include/net/ip.h +@@ -464,7 +464,7 @@ extern int compat_ip_getsockopt(struct sock *sk, int level, + int optname, char __user *optval, int __user *optlen); + extern int ip_ra_control(struct sock *sk, unsigned char on, void (*destructor)(struct sock *)); + +-extern int ip_recv_error(struct sock *sk, struct msghdr *msg, int len); ++extern int ip_recv_error(struct sock *sk, struct msghdr *msg, int len, int *addr_len); + extern void ip_icmp_error(struct sock *sk, struct sk_buff *skb, int err, + __be16 port, u32 info, u8 *payload); + extern void ip_local_error(struct sock *sk, int err, __be32 daddr, __be16 dport, +diff --git a/include/net/ipv6.h b/include/net/ipv6.h +index bbf1c8f..5529d79 100644 +--- a/include/net/ipv6.h ++++ b/include/net/ipv6.h +@@ -802,8 +802,8 @@ extern int compat_ipv6_getsockopt(struct sock *sk, + extern int ip6_datagram_connect(struct sock *sk, + struct sockaddr *addr, int addr_len); + +-extern int ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len); +-extern int ipv6_recv_rxpmtu(struct sock *sk, struct msghdr *msg, int len); ++extern int ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len, int *addr_len); ++extern int ipv6_recv_rxpmtu(struct sock *sk, struct msghdr *msg, int len, int *addr_len); + extern void ipv6_icmp_error(struct sock *sk, struct sk_buff *skb, int err, __be16 port, + u32 info, u8 *payload); + extern void ipv6_local_error(struct sock *sk, int err, struct flowi6 *fl6, u32 info); +diff --git a/include/net/ping.h b/include/net/ping.h +index 5db0224..2b496e9 100644 +--- a/include/net/ping.h ++++ b/include/net/ping.h +@@ -31,7 +31,8 @@ + + /* Compatibility glue so we can support IPv6 when it's compiled as a module */ + struct pingv6_ops { +- int (*ipv6_recv_error)(struct sock *sk, struct msghdr *msg, int len); ++ int (*ipv6_recv_error)(struct sock *sk, struct msghdr *msg, int len, ++ int *addr_len); + int (*ip6_datagram_recv_ctl)(struct sock *sk, struct msghdr *msg, + struct sk_buff *skb); + int (*icmpv6_err_convert)(u8 type, u8 code, int *err); +diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c +index d9c4f11..23e6ab0 100644 +--- a/net/ipv4/ip_sockglue.c ++++ b/net/ipv4/ip_sockglue.c +@@ -368,7 +368,7 @@ void ip_local_error(struct sock *sk, int err, __be32 daddr, __be16 port, u32 inf + /* + * Handle MSG_ERRQUEUE + */ +-int ip_recv_error(struct sock *sk, struct msghdr *msg, int len) ++int ip_recv_error(struct sock *sk, struct msghdr *msg, int len, int *addr_len) + { + struct sock_exterr_skb *serr; + struct sk_buff *skb, *skb2; +@@ -405,6 +405,7 @@ int ip_recv_error(struct sock *sk, struct msghdr *msg, int len) + serr->addr_offset); + sin->sin_port = serr->port; + memset(&sin->sin_zero, 0, sizeof(sin->sin_zero)); ++ *addr_len = sizeof(*sin); + } + + memcpy(&errhdr.ee, &serr->ee, sizeof(struct sock_extended_err)); +diff --git a/net/ipv4/ping.c b/net/ipv4/ping.c +index 92fb6ff..ac31877 100644 +--- a/net/ipv4/ping.c ++++ b/net/ipv4/ping.c +@@ -838,10 +838,11 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, + + if (flags & MSG_ERRQUEUE) { + if (family == AF_INET) { +- return ip_recv_error(sk, msg, len); ++ return ip_recv_error(sk, msg, len, addr_len); + #if IS_ENABLED(CONFIG_IPV6) + } else if (family == AF_INET6) { +- return pingv6_ops.ipv6_recv_error(sk, msg, len); ++ return pingv6_ops.ipv6_recv_error(sk, msg, len, ++ addr_len); + #endif + } + } +diff --git a/net/ipv4/raw.c b/net/ipv4/raw.c +index ca4c3f1..7d3db78 100644 +--- a/net/ipv4/raw.c ++++ b/net/ipv4/raw.c +@@ -695,7 +695,7 @@ static int raw_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, + goto out; + + if (flags & MSG_ERRQUEUE) { +- err = ip_recv_error(sk, msg, len); ++ err = ip_recv_error(sk, msg, len, addr_len); + goto out; + } + +diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c +index a7003de..1ef8794 100644 +--- a/net/ipv4/udp.c ++++ b/net/ipv4/udp.c +@@ -1210,7 +1210,7 @@ int udp_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, + bool slow; + + if (flags & MSG_ERRQUEUE) +- return ip_recv_error(sk, msg, len); ++ return ip_recv_error(sk, msg, len, addr_len); + + try_again: + skb = __skb_recv_datagram(sk, flags | (noblock ? MSG_DONTWAIT : 0), +diff --git a/net/ipv6/datagram.c b/net/ipv6/datagram.c +index 48b6bd2..7a0fd80 100644 +--- a/net/ipv6/datagram.c ++++ b/net/ipv6/datagram.c +@@ -318,7 +318,7 @@ void ipv6_local_rxpmtu(struct sock *sk, struct flowi6 *fl6, u32 mtu) + /* + * Handle MSG_ERRQUEUE + */ +-int ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len) ++int ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len, int *addr_len) + { + struct ipv6_pinfo *np = inet6_sk(sk); + struct sock_exterr_skb *serr; +@@ -369,6 +369,7 @@ int ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len) + &sin->sin6_addr); + sin->sin6_scope_id = 0; + } ++ *addr_len = sizeof(*sin); + } + + memcpy(&errhdr.ee, &serr->ee, sizeof(struct sock_extended_err)); +@@ -423,7 +424,8 @@ EXPORT_SYMBOL_GPL(ipv6_recv_error); + /* + * Handle IPV6_RECVPATHMTU + */ +-int ipv6_recv_rxpmtu(struct sock *sk, struct msghdr *msg, int len) ++int ipv6_recv_rxpmtu(struct sock *sk, struct msghdr *msg, int len, ++ int *addr_len) + { + struct ipv6_pinfo *np = inet6_sk(sk); + struct sk_buff *skb; +@@ -457,6 +459,7 @@ int ipv6_recv_rxpmtu(struct sock *sk, struct msghdr *msg, int len) + sin->sin6_port = 0; + sin->sin6_scope_id = mtu_info.ip6m_addr.sin6_scope_id; + sin->sin6_addr = mtu_info.ip6m_addr.sin6_addr; ++ *addr_len = sizeof(*sin); + } + + put_cmsg(msg, SOL_IPV6, IPV6_PATHMTU, sizeof(mtu_info), &mtu_info); +diff --git a/net/ipv6/ping.c b/net/ipv6/ping.c +index 18f19df..7856e96 100644 +--- a/net/ipv6/ping.c ++++ b/net/ipv6/ping.c +@@ -57,7 +57,8 @@ static struct inet_protosw pingv6_protosw = { + + + /* Compatibility glue so we can support IPv6 when it's compiled as a module */ +-static int dummy_ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len) ++static int dummy_ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len, ++ int *addr_len) + { + return -EAFNOSUPPORT; + } +diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c +index 2f303bf..430067c 100644 +--- a/net/ipv6/raw.c ++++ b/net/ipv6/raw.c +@@ -467,10 +467,10 @@ static int rawv6_recvmsg(struct kiocb *iocb, struct sock *sk, + return -EOPNOTSUPP; + + if (flags & MSG_ERRQUEUE) +- return ipv6_recv_error(sk, msg, len); ++ return ipv6_recv_error(sk, msg, len, addr_len); + + if (np->rxpmtu && np->rxopt.bits.rxpmtu) +- return ipv6_recv_rxpmtu(sk, msg, len); ++ return ipv6_recv_rxpmtu(sk, msg, len, addr_len); + + skb = skb_recv_datagram(sk, flags, noblock, &err); + if (!skb) +diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c +index a59beed..3d2758d 100644 +--- a/net/ipv6/udp.c ++++ b/net/ipv6/udp.c +@@ -375,10 +375,10 @@ int udpv6_recvmsg(struct kiocb *iocb, struct sock *sk, + bool slow; + + if (flags & MSG_ERRQUEUE) +- return ipv6_recv_error(sk, msg, len); ++ return ipv6_recv_error(sk, msg, len, addr_len); + + if (np->rxpmtu && np->rxopt.bits.rxpmtu) +- return ipv6_recv_rxpmtu(sk, msg, len); ++ return ipv6_recv_rxpmtu(sk, msg, len, addr_len); + + try_again: + skb = __skb_recv_datagram(sk, flags | (noblock ? MSG_DONTWAIT : 0), +diff --git a/net/l2tp/l2tp_ip6.c b/net/l2tp/l2tp_ip6.c +index b8a6039..e6e8408 100644 +--- a/net/l2tp/l2tp_ip6.c ++++ b/net/l2tp/l2tp_ip6.c +@@ -665,7 +665,7 @@ static int l2tp_ip6_recvmsg(struct kiocb *iocb, struct sock *sk, + *addr_len = sizeof(*lsa); + + if (flags & MSG_ERRQUEUE) +- return ipv6_recv_error(sk, msg, len); ++ return ipv6_recv_error(sk, msg, len, addr_len); + + skb = skb_recv_datagram(sk, flags, noblock, &err); + if (!skb) +-- +1.8.3.1 + diff --git a/inet-prevent-leakage-of-uninitialized-memory-to-user.patch b/inet-prevent-leakage-of-uninitialized-memory-to-user.patch new file mode 100644 index 000000000..c5b941134 --- /dev/null +++ b/inet-prevent-leakage-of-uninitialized-memory-to-user.patch @@ -0,0 +1,256 @@ +Bugzilla: 1035887 +Upstream-status: 3.13 + +From bceaa90240b6019ed73b49965eac7d167610be69 Mon Sep 17 00:00:00 2001 +From: Hannes Frederic Sowa +Date: Mon, 18 Nov 2013 04:20:45 +0100 +Subject: [PATCH] inet: prevent leakage of uninitialized memory to user in recv + syscalls + +Only update *addr_len when we actually fill in sockaddr, otherwise we +can return uninitialized memory from the stack to the caller in the +recvfrom, recvmmsg and recvmsg syscalls. Drop the the (addr_len == NULL) +checks because we only get called with a valid addr_len pointer either +from sock_common_recvmsg or inet_recvmsg. + +If a blocking read waits on a socket which is concurrently shut down we +now return zero and set msg_msgnamelen to 0. + +Reported-by: mpb +Suggested-by: Eric Dumazet +Signed-off-by: Hannes Frederic Sowa +Signed-off-by: David S. Miller +--- + net/ieee802154/dgram.c | 3 +-- + net/ipv4/ping.c | 19 +++++++------------ + net/ipv4/raw.c | 4 +--- + net/ipv4/udp.c | 7 +------ + net/ipv6/raw.c | 4 +--- + net/ipv6/udp.c | 5 +---- + net/l2tp/l2tp_ip.c | 4 +--- + net/phonet/datagram.c | 9 ++++----- + 8 files changed, 17 insertions(+), 38 deletions(-) + +diff --git a/net/ieee802154/dgram.c b/net/ieee802154/dgram.c +index 581a595..1865fdf 100644 +--- a/net/ieee802154/dgram.c ++++ b/net/ieee802154/dgram.c +@@ -315,9 +315,8 @@ static int dgram_recvmsg(struct kiocb *iocb, struct sock *sk, + if (saddr) { + saddr->family = AF_IEEE802154; + saddr->addr = mac_cb(skb)->sa; +- } +- if (addr_len) + *addr_len = sizeof(*saddr); ++ } + + if (flags & MSG_TRUNC) + copied = skb->len; +diff --git a/net/ipv4/ping.c b/net/ipv4/ping.c +index 9afbdb1..aacefa0 100644 +--- a/net/ipv4/ping.c ++++ b/net/ipv4/ping.c +@@ -830,8 +830,6 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, + { + struct inet_sock *isk = inet_sk(sk); + int family = sk->sk_family; +- struct sockaddr_in *sin; +- struct sockaddr_in6 *sin6; + struct sk_buff *skb; + int copied, err; + +@@ -841,13 +839,6 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, + if (flags & MSG_OOB) + goto out; + +- if (addr_len) { +- if (family == AF_INET) +- *addr_len = sizeof(*sin); +- else if (family == AF_INET6 && addr_len) +- *addr_len = sizeof(*sin6); +- } +- + if (flags & MSG_ERRQUEUE) { + if (family == AF_INET) { + return ip_recv_error(sk, msg, len); +@@ -877,11 +868,13 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, + + /* Copy the address and add cmsg data. */ + if (family == AF_INET) { +- sin = (struct sockaddr_in *) msg->msg_name; ++ struct sockaddr_in *sin = (struct sockaddr_in *)msg->msg_name; ++ + sin->sin_family = AF_INET; + sin->sin_port = 0 /* skb->h.uh->source */; + sin->sin_addr.s_addr = ip_hdr(skb)->saddr; + memset(sin->sin_zero, 0, sizeof(sin->sin_zero)); ++ *addr_len = sizeof(*sin); + + if (isk->cmsg_flags) + ip_cmsg_recv(msg, skb); +@@ -890,17 +883,19 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, + } else if (family == AF_INET6) { + struct ipv6_pinfo *np = inet6_sk(sk); + struct ipv6hdr *ip6 = ipv6_hdr(skb); +- sin6 = (struct sockaddr_in6 *) msg->msg_name; ++ struct sockaddr_in6 *sin6 = ++ (struct sockaddr_in6 *)msg->msg_name; ++ + sin6->sin6_family = AF_INET6; + sin6->sin6_port = 0; + sin6->sin6_addr = ip6->saddr; +- + sin6->sin6_flowinfo = 0; + if (np->sndflow) + sin6->sin6_flowinfo = ip6_flowinfo(ip6); + + sin6->sin6_scope_id = ipv6_iface_scope_id(&sin6->sin6_addr, + IP6CB(skb)->iif); ++ *addr_len = sizeof(*sin6); + + if (inet6_sk(sk)->rxopt.all) + pingv6_ops.ip6_datagram_recv_ctl(sk, msg, skb); +diff --git a/net/ipv4/raw.c b/net/ipv4/raw.c +index 41e1d28..5cb8ddb 100644 +--- a/net/ipv4/raw.c ++++ b/net/ipv4/raw.c +@@ -696,9 +696,6 @@ static int raw_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, + if (flags & MSG_OOB) + goto out; + +- if (addr_len) +- *addr_len = sizeof(*sin); +- + if (flags & MSG_ERRQUEUE) { + err = ip_recv_error(sk, msg, len); + goto out; +@@ -726,6 +723,7 @@ static int raw_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, + sin->sin_addr.s_addr = ip_hdr(skb)->saddr; + sin->sin_port = 0; + memset(&sin->sin_zero, 0, sizeof(sin->sin_zero)); ++ *addr_len = sizeof(*sin); + } + if (inet->cmsg_flags) + ip_cmsg_recv(msg, skb); +diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c +index 89909dd..998431c 100644 +--- a/net/ipv4/udp.c ++++ b/net/ipv4/udp.c +@@ -1235,12 +1235,6 @@ int udp_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, + int is_udplite = IS_UDPLITE(sk); + bool slow; + +- /* +- * Check any passed addresses +- */ +- if (addr_len) +- *addr_len = sizeof(*sin); +- + if (flags & MSG_ERRQUEUE) + return ip_recv_error(sk, msg, len); + +@@ -1302,6 +1296,7 @@ try_again: + sin->sin_port = udp_hdr(skb)->source; + sin->sin_addr.s_addr = ip_hdr(skb)->saddr; + memset(sin->sin_zero, 0, sizeof(sin->sin_zero)); ++ *addr_len = sizeof(*sin); + } + if (inet->cmsg_flags) + ip_cmsg_recv(msg, skb); +diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c +index 3c00842..e24ff1d 100644 +--- a/net/ipv6/raw.c ++++ b/net/ipv6/raw.c +@@ -465,9 +465,6 @@ static int rawv6_recvmsg(struct kiocb *iocb, struct sock *sk, + if (flags & MSG_OOB) + return -EOPNOTSUPP; + +- if (addr_len) +- *addr_len=sizeof(*sin6); +- + if (flags & MSG_ERRQUEUE) + return ipv6_recv_error(sk, msg, len); + +@@ -506,6 +503,7 @@ static int rawv6_recvmsg(struct kiocb *iocb, struct sock *sk, + sin6->sin6_flowinfo = 0; + sin6->sin6_scope_id = ipv6_iface_scope_id(&sin6->sin6_addr, + IP6CB(skb)->iif); ++ *addr_len = sizeof(*sin6); + } + + sock_recv_ts_and_drops(msg, sk, skb); +diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c +index f3893e8..81eb8cf 100644 +--- a/net/ipv6/udp.c ++++ b/net/ipv6/udp.c +@@ -392,9 +392,6 @@ int udpv6_recvmsg(struct kiocb *iocb, struct sock *sk, + int is_udp4; + bool slow; + +- if (addr_len) +- *addr_len = sizeof(struct sockaddr_in6); +- + if (flags & MSG_ERRQUEUE) + return ipv6_recv_error(sk, msg, len); + +@@ -480,7 +477,7 @@ try_again: + ipv6_iface_scope_id(&sin6->sin6_addr, + IP6CB(skb)->iif); + } +- ++ *addr_len = sizeof(*sin6); + } + if (is_udp4) { + if (inet->cmsg_flags) +diff --git a/net/l2tp/l2tp_ip.c b/net/l2tp/l2tp_ip.c +index 571db8d..da1a1ce 100644 +--- a/net/l2tp/l2tp_ip.c ++++ b/net/l2tp/l2tp_ip.c +@@ -518,9 +518,6 @@ static int l2tp_ip_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *m + if (flags & MSG_OOB) + goto out; + +- if (addr_len) +- *addr_len = sizeof(*sin); +- + skb = skb_recv_datagram(sk, flags, noblock, &err); + if (!skb) + goto out; +@@ -543,6 +540,7 @@ static int l2tp_ip_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *m + sin->sin_addr.s_addr = ip_hdr(skb)->saddr; + sin->sin_port = 0; + memset(&sin->sin_zero, 0, sizeof(sin->sin_zero)); ++ *addr_len = sizeof(*sin); + } + if (inet->cmsg_flags) + ip_cmsg_recv(msg, skb); +diff --git a/net/phonet/datagram.c b/net/phonet/datagram.c +index 12c30f3..38946b2 100644 +--- a/net/phonet/datagram.c ++++ b/net/phonet/datagram.c +@@ -139,9 +139,6 @@ static int pn_recvmsg(struct kiocb *iocb, struct sock *sk, + MSG_CMSG_COMPAT)) + goto out_nofree; + +- if (addr_len) +- *addr_len = sizeof(sa); +- + skb = skb_recv_datagram(sk, flags, noblock, &rval); + if (skb == NULL) + goto out_nofree; +@@ -162,8 +159,10 @@ static int pn_recvmsg(struct kiocb *iocb, struct sock *sk, + + rval = (flags & MSG_TRUNC) ? skb->len : copylen; + +- if (msg->msg_name != NULL) +- memcpy(msg->msg_name, &sa, sizeof(struct sockaddr_pn)); ++ if (msg->msg_name != NULL) { ++ memcpy(msg->msg_name, &sa, sizeof(sa)); ++ *addr_len = sizeof(sa); ++ } + + out: + skb_free_datagram(sk, skb); +-- +1.8.3.1 + diff --git a/linux-2.6-input-kill-stupid-messages.patch b/input-kill-stupid-messages.patch similarity index 100% rename from linux-2.6-input-kill-stupid-messages.patch rename to input-kill-stupid-messages.patch diff --git a/iommu-Remove-stack-trace-from-broken-irq-remapping-warning.patch b/iommu-Remove-stack-trace-from-broken-irq-remapping-warning.patch new file mode 100644 index 000000000..9e88893ae --- /dev/null +++ b/iommu-Remove-stack-trace-from-broken-irq-remapping-warning.patch @@ -0,0 +1,47 @@ +From 05104a4e8713b27291c7bb49c1e7e68b4e243571 Mon Sep 17 00:00:00 2001 +From: Neil Horman +Date: Fri, 27 Sep 2013 16:53:35 +0000 +Subject: iommu: Remove stack trace from broken irq remapping warning + +The warning for the irq remapping broken check in intel_irq_remapping.c is +pretty pointless. We need the warning, but we know where its comming from, the +stack trace will always be the same, and it needlessly triggers things like +Abrt. This changes the warning to just print a text warning about BIOS being +broken, without the stack trace, then sets the appropriate taint bit. Since we +automatically disable irq remapping, theres no need to contiue making Abrt jump +at this problem + +Signed-off-by: Neil Horman +CC: Joerg Roedel +CC: Bjorn Helgaas +CC: Andy Lutomirski +CC: Konrad Rzeszutek Wilk +CC: Sebastian Andrzej Siewior +Signed-off-by: Joerg Roedel +--- +diff --git a/drivers/iommu/intel_irq_remapping.c b/drivers/iommu/intel_irq_remapping.c +index f71673d..b97d70b 100644 +--- a/drivers/iommu/intel_irq_remapping.c ++++ b/drivers/iommu/intel_irq_remapping.c +@@ -525,12 +525,13 @@ static int __init intel_irq_remapping_supported(void) + if (disable_irq_remap) + return 0; + if (irq_remap_broken) { +- WARN_TAINT(1, TAINT_FIRMWARE_WORKAROUND, +- "This system BIOS has enabled interrupt remapping\n" +- "on a chipset that contains an erratum making that\n" +- "feature unstable. To maintain system stability\n" +- "interrupt remapping is being disabled. Please\n" +- "contact your BIOS vendor for an update\n"); ++ printk(KERN_WARNING ++ "This system BIOS has enabled interrupt remapping\n" ++ "on a chipset that contains an erratum making that\n" ++ "feature unstable. To maintain system stability\n" ++ "interrupt remapping is being disabled. Please\n" ++ "contact your BIOS vendor for an update\n"); ++ add_taint(TAINT_FIRMWARE_WORKAROUND, LOCKDEP_STILL_OK); + disable_irq_remap = 1; + return 0; + } +-- +cgit v0.9.2 diff --git a/ipv6-fix-headroom-calculation-in-udp6_ufo_fragment.patch b/ipv6-fix-headroom-calculation-in-udp6_ufo_fragment.patch new file mode 100644 index 000000000..2b030387b --- /dev/null +++ b/ipv6-fix-headroom-calculation-in-udp6_ufo_fragment.patch @@ -0,0 +1,43 @@ +Bugzilla: 1030015 1030017 +Upstream-status: 3.13 + +From aeb45260747b0a1bf4d374d5e65298cc254cb4f5 Mon Sep 17 00:00:00 2001 +From: Hannes Frederic Sowa +Date: Tue, 5 Nov 2013 02:41:27 +0100 +Subject: [PATCH] ipv6: fix headroom calculation in udp6_ufo_fragment + +Commit 1e2bd517c108816220f262d7954b697af03b5f9c ("udp6: Fix udp +fragmentation for tunnel traffic.") changed the calculation if +there is enough space to include a fragment header in the skb from a +skb->mac_header dervived one to skb_headroom. Because we already peeled +off the skb to transport_header this is wrong. Change this back to check +if we have enough room before the mac_header. + +This fixes a panic Saran Neti reported. He used the tbf scheduler which +skb_gso_segments the skb. The offsets get negative and we panic in memcpy +because the skb was erroneously not expanded at the head. + +Reported-by: Saran Neti +Cc: Pravin B Shelar +Signed-off-by: Hannes Frederic Sowa +Signed-off-by: David S. Miller +--- + net/ipv6/udp_offload.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/net/ipv6/udp_offload.c b/net/ipv6/udp_offload.c +index 5d1b8d7..657914b 100644 +--- a/net/ipv6/udp_offload.c ++++ b/net/ipv6/udp_offload.c +@@ -86,7 +86,7 @@ static struct sk_buff *udp6_ufo_fragment(struct sk_buff *skb, + + /* Check if there is enough headroom to insert fragment header. */ + tnl_hlen = skb_tnl_header_len(skb); +- if (skb_headroom(skb) < (tnl_hlen + frag_hdr_sz)) { ++ if (skb->mac_header < (tnl_hlen + frag_hdr_sz)) { + if (gso_pskb_expand_head(skb, tnl_hlen + frag_hdr_sz)) + goto out; + } +-- +1.8.3.1 + diff --git a/iwl3945-better-skb-management-in-rx-path.patch b/iwl3945-better-skb-management-in-rx-path.patch new file mode 100644 index 000000000..5d85af7d4 --- /dev/null +++ b/iwl3945-better-skb-management-in-rx-path.patch @@ -0,0 +1,97 @@ +From: Eric Dumazet + +Steinar reported reallocations of skb->head with IPv6, leading to +a warning in skb_try_coalesce() + +It turns out iwl3945 has several problems : + +1) skb->truesize is underestimated. + We really consume PAGE_SIZE bytes for a fragment, + not the frame length. +2) 128 bytes of initial headroom is a bit low and forces reallocations. +3) We can avoid consuming a full page for small enough frames. + +Reported-by: Steinar H. Gunderson +Signed-off-by: Eric Dumazet +Cc: Paul Stewart +--- +v3: use regular memcpy(skb_put(...),...) +v2: SMALL_PACKET_SIZE define + + drivers/net/wireless/iwlegacy/3945.c | 31 +++++++++++++++---------- + 1 file changed, 19 insertions(+), 12 deletions(-) + +diff --git a/drivers/net/wireless/iwlegacy/3945.c b/drivers/net/wireless/iwlegacy/3945.c +index c092033..f09e257 100644 +--- a/drivers/net/wireless/iwlegacy/3945.c ++++ b/drivers/net/wireless/iwlegacy/3945.c +@@ -475,6 +475,8 @@ il3945_is_network_packet(struct il_priv *il, struct ieee80211_hdr *header) + } + } + ++#define SMALL_PACKET_SIZE 256 ++ + static void + il3945_pass_packet_to_mac80211(struct il_priv *il, struct il_rx_buf *rxb, + struct ieee80211_rx_status *stats) +@@ -483,14 +485,13 @@ il3945_pass_packet_to_mac80211(struct il_priv *il, struct il_rx_buf *rxb, + struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)IL_RX_DATA(pkt); + struct il3945_rx_frame_hdr *rx_hdr = IL_RX_HDR(pkt); + struct il3945_rx_frame_end *rx_end = IL_RX_END(pkt); +- u16 len = le16_to_cpu(rx_hdr->len); ++ u32 len = le16_to_cpu(rx_hdr->len); + struct sk_buff *skb; + __le16 fc = hdr->frame_control; ++ u32 fraglen = PAGE_SIZE << il->hw_params.rx_page_order; + + /* We received data from the HW, so stop the watchdog */ +- if (unlikely +- (len + IL39_RX_FRAME_SIZE > +- PAGE_SIZE << il->hw_params.rx_page_order)) { ++ if (unlikely(len + IL39_RX_FRAME_SIZE > fraglen)) { + D_DROP("Corruption detected!\n"); + return; + } +@@ -506,26 +507,32 @@ il3945_pass_packet_to_mac80211(struct il_priv *il, struct il_rx_buf *rxb, + D_INFO("Woke queues - frame received on passive channel\n"); + } + +- skb = dev_alloc_skb(128); ++ skb = dev_alloc_skb(SMALL_PACKET_SIZE); + if (!skb) { + IL_ERR("dev_alloc_skb failed\n"); + return; + } + + if (!il3945_mod_params.sw_crypto) +- il_set_decrypted_flag(il, (struct ieee80211_hdr *)rxb_addr(rxb), ++ il_set_decrypted_flag(il, (struct ieee80211_hdr *)pkt, + le32_to_cpu(rx_end->status), stats); + +- skb_add_rx_frag(skb, 0, rxb->page, +- (void *)rx_hdr->payload - (void *)pkt, len, +- len); +- ++ /* If frame is small enough to fit into skb->head, copy it ++ * and do not consume a full page ++ */ ++ if (len <= SMALL_PACKET_SIZE) { ++ memcpy(skb_put(skb, len), rx_hdr->payload, len); ++ } else { ++ skb_add_rx_frag(skb, 0, rxb->page, ++ (void *)rx_hdr->payload - (void *)pkt, len, ++ fraglen); ++ il->alloc_rxb_page--; ++ rxb->page = NULL; ++ } + il_update_stats(il, false, fc, len); + memcpy(IEEE80211_SKB_RXCB(skb), stats, sizeof(*stats)); + + ieee80211_rx(il->hw, skb); +- il->alloc_rxb_page--; +- rxb->page = NULL; + } + + #define IL_DELAY_NEXT_SCAN_AFTER_ASSOC (HZ*6) + + diff --git a/iwl4965-better-skb-management-in-rx-path.patch b/iwl4965-better-skb-management-in-rx-path.patch new file mode 100644 index 000000000..b5d987900 --- /dev/null +++ b/iwl4965-better-skb-management-in-rx-path.patch @@ -0,0 +1,66 @@ +4965 version of Eric patch "iwl3945: better skb management in rx path". +It fixes several problems : + +1) skb->truesize is underestimated. + We really consume PAGE_SIZE bytes for a fragment, + not the frame length. +2) 128 bytes of initial headroom is a bit low and forces reallocations. +3) We can avoid consuming a full page for small enough frames. + +Signed-off-by: Stanislaw Gruszka +--- + drivers/net/wireless/iwlegacy/4965-mac.c | 18 ++++++++++++------ + 1 file changed, 12 insertions(+), 6 deletions(-) + +diff --git a/drivers/net/wireless/iwlegacy/4965-mac.c b/drivers/net/wireless/iwlegacy/4965-mac.c +index d287fd2..4e5d408 100644 +--- a/drivers/net/wireless/iwlegacy/4965-mac.c ++++ b/drivers/net/wireless/iwlegacy/4965-mac.c +@@ -574,9 +574,11 @@ il4965_translate_rx_status(struct il_priv *il, u32 decrypt_in) + return decrypt_out; + } + ++#define SMALL_PACKET_SIZE 256 ++ + static void + il4965_pass_packet_to_mac80211(struct il_priv *il, struct ieee80211_hdr *hdr, +- u16 len, u32 ampdu_status, struct il_rx_buf *rxb, ++ u32 len, u32 ampdu_status, struct il_rx_buf *rxb, + struct ieee80211_rx_status *stats) + { + struct sk_buff *skb; +@@ -598,21 +600,25 @@ il4965_pass_packet_to_mac80211(struct il_priv *il, struct ieee80211_hdr *hdr, + il_set_decrypted_flag(il, hdr, ampdu_status, stats)) + return; + +- skb = dev_alloc_skb(128); ++ skb = dev_alloc_skb(SMALL_PACKET_SIZE); + if (!skb) { + IL_ERR("dev_alloc_skb failed\n"); + return; + } + +- skb_add_rx_frag(skb, 0, rxb->page, (void *)hdr - rxb_addr(rxb), len, +- len); ++ if (len <= SMALL_PACKET_SIZE) { ++ memcpy(skb_put(skb, len), hdr, len); ++ } else { ++ skb_add_rx_frag(skb, 0, rxb->page, (void *)hdr - rxb_addr(rxb), ++ len, PAGE_SIZE << il->hw_params.rx_page_order); ++ il->alloc_rxb_page--; ++ rxb->page = NULL; ++ } + + il_update_stats(il, false, fc, len); + memcpy(IEEE80211_SKB_RXCB(skb), stats, sizeof(*stats)); + + ieee80211_rx(il->hw, skb); +- il->alloc_rxb_page--; +- rxb->page = NULL; + } + + /* Called for N_RX (legacy ABG frames), or +-- +1.7.11.7 + + diff --git a/iwlwifi-dvm-dont-override-mac80211-queue-setting.patch b/iwlwifi-dvm-dont-override-mac80211-queue-setting.patch new file mode 100644 index 000000000..ce5f00b0b --- /dev/null +++ b/iwlwifi-dvm-dont-override-mac80211-queue-setting.patch @@ -0,0 +1,98 @@ +From f6b129527ca15bae29ffb9417ddaa1c9d99ffc5d Mon Sep 17 00:00:00 2001 +From: Emmanuel Grumbach +Date: Tue, 15 Oct 2013 19:04:54 +0000 +Subject: iwlwifi: dvm: don't override mac80211's queue setting + +Since we set IEEE80211_HW_QUEUE_CONTROL, we can let +mac80211 do the queue assignement and don't need to +override its decisions. +While reassiging the same values is harmless of course, +it triggered a WARNING when iwlwifi and mac80211 came +to different conclusions. This happened when mac80211 set +IEEE80211_TX_CTL_SEND_AFTER_DTIM, but didn't route the +packet to the cab_queue because no stations were asleep. + +iwlwifi should not override mac80211's decicions for +offchannel packets and packets to be sent after DTIM, +but it should override mac80211's decision for AMPDUs +since we have a special queue for them. So for AMPDU, +we still override info->hw_queue by the AMPDU queue. + +This avoids: +------------[ cut here ]------------ +WARNING: CPU: 0 PID: 2531 at drivers/net/wireless/iwlwifi/dvm/tx.c:456 iwlagn_tx_skb+0x6c5/0x883() +Modules linked in: +CPU: 0 PID: 2531 Comm: hostapd Not tainted 3.12.0-rc5+ #1 +Hardware name: /D53427RKE, BIOS RKPPT10H.86A.0017.2013.0425.1251 04/25/2013 + 0000000000000000 0000000000000009 ffffffff8189aa62 0000000000000000 + ffffffff8105a4f2 ffff880058339a48 ffffffff815f8a04 0000000000000000 + ffff8800560097b0 0000000000000208 0000000000000000 ffff8800561a9e5e +Call Trace: + [] ? dump_stack+0x41/0x51 + [] ? warn_slowpath_common+0x78/0x90 + [] ? iwlagn_tx_skb+0x6c5/0x883 + [] ? iwlagn_tx_skb+0x6c5/0x883 + [] ? put_cred+0x15/0x15 + [] ? iwlagn_mac_tx+0x19/0x2f + [] ? __ieee80211_tx+0x226/0x29b + [] ? ieee80211_tx+0xa6/0xb5 + [] ? ieee80211_monitor_start_xmit+0x1e9/0x204 + [] ? dev_hard_start_xmit+0x271/0x3ec + [] ? sch_direct_xmit+0x66/0x164 + [] ? dev_queue_xmit+0x1e5/0x3c8 + [] ? packet_sendmsg+0xac5/0xb3d + [] ? sock_sendmsg+0x37/0x52 + [] ? __do_fault+0x338/0x36b + [] ? verify_iovec+0x44/0x94 + [] ? ___sys_sendmsg+0x1f1/0x283 + [] ? __inode_wait_for_writeback+0x67/0xae + [] ? __cache_free.isra.46+0x178/0x187 + [] ? kmem_cache_free+0x44/0x84 + [] ? dentry_kill+0x13d/0x149 + [] ? dput+0xe5/0xef + [] ? fget_light+0x2e/0x7c + [] ? __sys_sendmsg+0x39/0x57 + [] ? system_call_fastpath+0x16/0x1b +---[ end trace 1b3eb79359c1d1e6 ]--- + +Reported-by: Sander Eikelenboom +Reviewed-by: Johannes Berg +Signed-off-by: Johannes Berg +--- +diff --git a/drivers/net/wireless/iwlwifi/dvm/tx.c b/drivers/net/wireless/iwlwifi/dvm/tx.c +index da442b8..1fef524 100644 +--- a/drivers/net/wireless/iwlwifi/dvm/tx.c ++++ b/drivers/net/wireless/iwlwifi/dvm/tx.c +@@ -433,27 +433,19 @@ int iwlagn_tx_skb(struct iwl_priv *priv, + /* Copy MAC header from skb into command buffer */ + memcpy(tx_cmd->hdr, hdr, hdr_len); + ++ txq_id = info->hw_queue; ++ + if (is_agg) + txq_id = priv->tid_data[sta_id][tid].agg.txq_id; + else if (info->flags & IEEE80211_TX_CTL_SEND_AFTER_DTIM) { + /* +- * Send this frame after DTIM -- there's a special queue +- * reserved for this for contexts that support AP mode. +- */ +- txq_id = ctx->mcast_queue; +- +- /* + * The microcode will clear the more data + * bit in the last frame it transmits. + */ + hdr->frame_control |= + cpu_to_le16(IEEE80211_FCTL_MOREDATA); +- } else if (info->flags & IEEE80211_TX_CTL_TX_OFFCHAN) +- txq_id = IWL_AUX_QUEUE; +- else +- txq_id = ctx->ac_to_queue[skb_get_queue_mapping(skb)]; ++ } + +- WARN_ON_ONCE(!is_agg && txq_id != info->hw_queue); + WARN_ON_ONCE(is_agg && + priv->queue_to_mac80211[txq_id] != info->hw_queue); + +-- +cgit v0.9.2 diff --git a/kernel.spec b/kernel.spec index be6c5b060..915e1a147 100644 --- a/kernel.spec +++ b/kernel.spec @@ -6,7 +6,7 @@ Summary: The Linux kernel # For a stable, released kernel, released_kernel should be 1. For rawhide # and/or a kernel built from an rc or git snapshot, released_kernel should # be 0. -%global released_kernel 0 +%global released_kernel 1 # Sign modules on x86. Make sure the config files match this setting if more # architectures are added. @@ -62,19 +62,19 @@ Summary: The Linux kernel # For non-released -rc kernels, this will be appended after the rcX and # gitX tags, so a 3 here would become part of release "0.rcX.gitX.3" # -%global baserelease 2 +%global baserelease 100 %global fedora_build %{baserelease} # base_sublevel is the kernel version we're starting with and patching # on top of -- for example, 3.1-rc7-git1 starts with a 3.0 base, # which yields a base_sublevel of 0. -%define base_sublevel 5 +%define base_sublevel 11 ## If this is a released kernel ## %if 0%{?released_kernel} # Do we have a -stable update to apply? -%define stable_update 0 +%define stable_update 10 # Is it a -stable RC? %define stable_rc 0 # Set rpm version accordingly @@ -93,9 +93,9 @@ Summary: The Linux kernel # The next upstream release sublevel (base_sublevel+1) %define upstream_sublevel %(echo $((%{base_sublevel} + 1))) # The rc snapshot level -%define rcrev 2 +%define rcrev 0 # The git snapshot level -%define gitrev 0 +%define gitrev 100 # Set rpm version accordingly %define rpmversion 3.%{upstream_sublevel}.0 %endif @@ -132,16 +132,8 @@ Summary: The Linux kernel %define with_bootwrapper %{?_without_bootwrapper: 0} %{?!_without_bootwrapper: 1} # Want to build a the vsdo directories installed %define with_vdso_install %{?_without_vdso_install: 0} %{?!_without_vdso_install: 1} -# ARM OMAP (Beagle/Panda Board) -%define with_omap %{?_without_omap: 0} %{?!_without_omap: 1} -# kernel-tegra (only valid for arm) -%define with_tegra %{?_without_tegra: 0} %{?!_without_tegra: 1} # kernel-kirkwood (only valid for arm) %define with_kirkwood %{?_without_kirkwood: 0} %{?!_without_kirkwood: 1} -# kernel-imx (only valid for arm) -%define with_imx %{?_without_imx: 0} %{?!_without_imx: 1} -# kernel-highbank (only valid for arm) -%define with_highbank %{?_without_highbank: 0} %{?!_without_highbank: 1} # # Additional options for user-friendly one-off kernel building: # @@ -163,7 +155,7 @@ Summary: The Linux kernel # Set debugbuildsenabled to 1 for production (build separate debug kernels) # and 0 for rawhide (all kernels are debug kernels). # See also 'make debug' and 'make release'. -%define debugbuildsenabled 0 +%define debugbuildsenabled 1 # Want to build a vanilla kernel build without any non-upstream patches? %define with_vanilla %{?_with_vanilla: 1} %{?!_with_vanilla: 0} @@ -176,7 +168,7 @@ Summary: The Linux kernel %define doc_build_fail true %endif -%define rawhide_skip_docs 1 +%define rawhide_skip_docs 0 %if 0%{?rawhide_skip_docs} %define with_doc 0 %define doc_build_fail true @@ -223,6 +215,9 @@ Summary: The Linux kernel %endif %if %{with_vanilla} +# Vanilla kernels before 3.7 don't contain modsign support. Remove this when +# we rebase to 3.7 +%define signmodules 0 %define nopatches 1 %endif @@ -255,14 +250,6 @@ Summary: The Linux kernel %define with_pae 0 %endif -# kernel up (versatile express), tegra, omap, imx and highbank are only built on armv7 hfp/sfp -%ifnarch armv7hl armv7l -%define with_imx 0 -%define with_highbank 0 -%define with_omap 0 -%define with_tegra 0 -%endif - # kernel-kirkwood is only built for armv5 %ifnarch armv5tel %define with_kirkwood 0 @@ -339,8 +326,8 @@ Summary: The Linux kernel %define with_bootwrapper 0 %endif -# sparse blows up on ppc64 and sparc64 -%ifarch ppc64 ppc sparc64 ppc64p7 +# sparse blows up on ppc64 +%ifarch ppc64 ppc ppc64p7 %define with_sparse 0 %endif @@ -381,19 +368,6 @@ Summary: The Linux kernel %define with_tools 0 %endif -%ifarch sparc64 -%define asmarch sparc -%define all_arch_configs kernel-%{version}-sparc64*.config -%define make_target vmlinux -%define kernel_image vmlinux -%define image_install_path boot -%define with_tools 0 -%endif - -%ifarch sparcv9 -%define hdrarch sparc -%endif - %ifarch ppc %define asmarch powerpc %define hdrarch powerpc @@ -423,6 +397,14 @@ Summary: The Linux kernel %endif %endif +# Should make listnewconfig fail if there's config options +# printed out? +%if %{nopatches}%{using_upstream_branch} +%define listnewconfig_fail 0 +%else +%define listnewconfig_fail 1 +%endif + # To temporarily exclude an architecture from being built, add it to # %%nobuildarches. Do _NOT_ use the ExclusiveArch: line, because if we # don't build kernel-headers then the new build system will no longer let @@ -430,7 +412,7 @@ Summary: The Linux kernel # Which is a BadThing(tm). # We only build kernel-headers on the following... -%define nobuildarches i386 s390 sparc sparcv9 +%define nobuildarches i386 s390 %ifarch %nobuildarches %define with_up 0 @@ -493,9 +475,15 @@ Provides: kernel-drm = 4.3.0\ Provides: kernel-drm-nouveau = 16\ Provides: kernel-modeset = 1\ Provides: kernel-uname-r = %{KVERREL}%{?1:.%{1}}\ +Provides: kernel-highbank\ +Provides: kernel-highbank-uname-r = %{KVERREL}%{?1:.%{1}}\ +Provides: kernel-omap\ +Provides: kernel-omap-uname-r = %{KVERREL}%{?1:.%{1}}\ +Provides: kernel-tegra\ +Provides: kernel-tegra-uname-r = %{KVERREL}%{?1:.%{1}}\ Requires(pre): %{kernel_prereq}\ Requires(pre): %{initrd_prereq}\ -Requires(pre): linux-firmware >= 20120206-0.1.git06c8f81\ +Requires(pre): linux-firmware >= 20130724-0.3.git31f6b30\ Requires(post): /sbin/new-kernel-pkg\ Requires(preun): /sbin/new-kernel-pkg\ Conflicts: %{kernel_dot_org_conflicts}\ @@ -512,13 +500,13 @@ AutoProv: yes\ Name: kernel%{?variant} Group: System Environment/Kernel -License: GPLv2 +License: GPLv2 and Redistributable, no modification permitted URL: http://www.kernel.org/ Version: %{rpmversion} Release: %{pkg_release} # DO NOT CHANGE THE 'ExclusiveArch' LINE TO TEMPORARILY EXCLUDE AN ARCHITECTURE BUILD. # SET %%nobuildarches (ABOVE) INSTEAD -ExclusiveArch: noarch %{all_x86} x86_64 ppc ppc64 ppc64p7 %{sparc} s390 s390x %{arm} +ExclusiveArch: noarch %{all_x86} x86_64 ppc ppc64 ppc64p7 s390 s390x %{arm} ExclusiveOS: Linux %kernel_reqprovconf @@ -529,13 +517,13 @@ ExclusiveOS: Linux BuildRequires: module-init-tools, patch >= 2.5.4, bash >= 2.03, sh-utils, tar BuildRequires: bzip2, xz, findutils, gzip, m4, perl, make >= 3.78, diffutils, gawk BuildRequires: gcc >= 3.4.2, binutils >= 2.12, redhat-rpm-config, hmaccalc -BuildRequires: net-tools +BuildRequires: net-tools, hostname, bc BuildRequires: xmlto, asciidoc %if %{with_sparse} BuildRequires: sparse >= 0.4.1 %endif %if %{with_perf} -BuildRequires: elfutils-devel zlib-devel binutils-devel newt-devel python-devel perl(ExtUtils::Embed) bison +BuildRequires: elfutils-devel zlib-devel binutils-devel newt-devel python-devel perl(ExtUtils::Embed) bison audit-libs-devel %endif %if %{with_tools} BuildRequires: pciutils-devel gettext @@ -551,18 +539,20 @@ BuildRequires: rpm-build >= 4.9.0-1, elfutils >= elfutils-0.153-1 %endif %if %{signmodules} -BuildRequires: gnupg +BuildRequires: openssl BuildRequires: pesign >= 0.10-4 %endif Source0: ftp://ftp.kernel.org/pub/linux/kernel/v3.0/linux-%{kversion}.tar.xz %if %{signmodules} -Source11: genkey +Source11: x509.genkey %endif Source15: merge.pl Source16: mod-extra.list +Source17: mod-extra.sh +Source18: mod-extra-sign.sh Source19: Makefile.release Source20: Makefile.config @@ -584,15 +574,13 @@ Source54: config-powerpc64p7 Source70: config-s390x -Source90: config-sparc64-generic - +# Unified ARM kernels Source100: config-arm-generic -Source110: config-arm-omap -Source111: config-arm-tegra -Source112: config-arm-kirkwood -Source113: config-arm-imx -Source114: config-arm-highbank -Source115: config-arm-versatile +Source101: config-armv7 +Source102: config-armv7-generic + +# Legacy ARM kernels +Source103: config-arm-kirkwood # This file is intentionally left empty in the stock kernel. Its a nicety # added for those wanting to do custom rebuilds with altered config opts. @@ -637,16 +625,16 @@ Patch00: patch-3.%{base_sublevel}-git%{gitrev}.xz %endif # we also need compile fixes for -vanilla -Patch04: linux-2.6-compile-fixes.patch +Patch04: compile-fixes.patch # build tweak for build ID magic, even for -vanilla -Patch05: linux-2.6-makefile-after_link.patch +Patch05: makefile-after_link.patch %if !%{nopatches} # revert upstream patches we get via other methods -Patch09: linux-2.6-upstream-reverts.patch +Patch09: upstream-reverts.patch # Git trees. # Standalone patches @@ -655,54 +643,46 @@ Patch100: taint-vbox.patch Patch110: vmbugon-warnon.patch -Patch150: team-net-next-20120808.patch +Patch390: defaults-acpi-video.patch -Patch390: linux-2.6-defaults-acpi-video.patch -Patch391: linux-2.6-acpi-video-dos.patch -Patch394: linux-2.6-acpi-debug-infinite-loop.patch -Patch396: acpi-sony-nonvs-blacklist.patch +Patch394: acpi-debug-infinite-loop.patch -Patch450: linux-2.6-input-kill-stupid-messages.patch -Patch452: linux-2.6.30-no-pcspkr-modalias.patch +Patch450: input-kill-stupid-messages.patch +Patch452: no-pcspkr-modalias.patch -Patch460: linux-2.6-serial-460800.patch +Patch460: serial-460800.patch Patch470: die-floppy-die.patch -Patch510: linux-2.6-silence-noise.patch -Patch520: quite-apm.patch -Patch530: linux-2.6-silence-fbcon-logo.patch +Patch510: silence-noise.patch +Patch530: silence-fbcon-logo.patch -Patch700: linux-2.6-e1000-ich9-montevina.patch - -Patch800: linux-2.6-crash-driver.patch - -# crypto/ -Patch900: modsign-20120814.patch +Patch800: crash-driver.patch # secure boot -Patch1000: secure-boot-20120809.patch +Patch1000: devel-pekey-secure-boot-20130502.patch # virt + ksm patches -Patch1555: fix_xen_guest_on_old_EC2.patch # DRM #atch1700: drm-edid-try-harder-to-fix-up-broken-headers.patch -Patch1800: drm-vgem.patch +#Patch1800: drm-vgem.patch # nouveau + drm fixes # intel drm is all merged upstream Patch1824: drm-intel-next.patch -Patch1825: drm-i915-dp-stfu.patch +# mustard patch to shut abrt up. please drop (and notify ajax) whenever it +# fails to apply +Patch1826: drm-i915-tv-detect-hush.patch # Quiet boot fixes # silence the ACPI blacklist code -Patch2802: linux-2.6-silence-acpi-blacklist.patch +Patch2802: silence-acpi-blacklist.patch # media patches -Patch2899: linux-2.6-v4l-dvb-fixes.patch -Patch2900: linux-2.6-v4l-dvb-update.patch -Patch2901: linux-2.6-v4l-dvb-experimental.patch +Patch2899: v4l-dvb-fixes.patch +Patch2900: v4l-dvb-update.patch +Patch2901: v4l-dvb-experimental.patch # fs fixes @@ -713,42 +693,156 @@ Patch10000: fs-proc-devtree-remove_proc_entry.patch Patch12016: disable-i8042-check-on-apple-mac.patch -Patch12303: dmar-disable-when-ricoh-multifunction.patch - -Patch13003: efi-dont-map-boot-services-on-32bit.patch - Patch14000: hibernate-freeze-filesystems.patch Patch14010: lis3-improve-handling-of-null-rate.patch +Patch15000: nowatchdog-on-virt.patch + +Patch20000: 0001-efifb-Skip-DMI-checks-if-the-bootloader-knows-what-i.patch +Patch20001: 0002-x86-EFI-Calculate-the-EFI-framebuffer-size-instead-o.patch # ARM -# OMAP +Patch21000: arm-export-read_current_timer.patch + +# lpae +Patch21001: arm-lpae-ax88796.patch + +# ARM omap +Patch21003: arm-omap-load-tfp410.patch # ARM tegra -Patch21004: arm-tegra-nvec-kconfig.patch Patch21005: arm-tegra-usb-no-reset-linux33.patch -Patch21006: arm-tegra-sdhci-module-fix.patch - -# ARM highbank patches - -Patch21094: power-x86-destdir.patch #rhbz 754518 Patch21235: scsi-sd_revalidate_disk-prevent-NULL-ptr-deref.patch -Patch21400: unhandled-irqs-switch-to-polling.patch - Patch22000: weird-root-dentry-name-debug.patch -#selinux ptrace child permissions -Patch22001: selinux-apply-different-permission-to-ptrace-child.patch +#rhbz 892811 +Patch22247: ath9k_rx_dma_stop_check.patch -#rhbz 836742 -Patch22059: uvcvideo-Reset-bytesused-field-when-recycling-erroneous-buffer.patch +#rhbz 927469 +Patch25007: fix-child-thread-introspection.patch -#rhbz 844485 -Patch22060: vfs-fix-file-creation-bugs.patch +#rhbz 977040 +Patch25056: iwl3945-better-skb-management-in-rx-path.patch +Patch25057: iwl4965-better-skb-management-in-rx-path.patch + +#rhbz 963715 +Patch25077: media-cx23885-Fix-TeVii-S471-regression-since-introduction-of-ts2020.patch + +#rhbz 971893 +Patch25106: bonding-driver-alb-learning.patch + +#rhbz 985522 +Patch25107: ntp-Make-periodic-RTC-update-more-reliable.patch + +#rhbz 902012 +Patch25114: elevator-Fix-a-race-in-elevator-switching-and-md.patch +Patch25115: elevator-acquire-q-sysfs_lock-in-elevator_change.patch + +#rhbz 974072 +Patch25117: rt2800-add-support-for-rf3070.patch + +#rhbz 1015989 +Patch25122: netfilter-nf_conntrack-use-RCU-safe-kfree-for-conntr.patch + +#rhbz 982153 +Patch25123: iommu-Remove-stack-trace-from-broken-irq-remapping-warning.patch + +#rhbz 998732 +Patch25125: vfio-iommu-Fixed-interaction-of-VFIO_IOMMU_MAP_DMA.patch + +#rhbz 896695 +Patch25126: 0001-iwlwifi-don-t-WARN-on-host-commands-sent-when-firmwa.patch +Patch25127: 0002-iwlwifi-don-t-WARN-on-bad-firmware-state.patch + +#rhbz 993744 +Patch25128: dm-cache-policy-mq_fix-large-scale-table-allocation-bug.patch + +#rhbz 1000439 +Patch25129: cpupower-Fix-segfault-due-to-incorrect-getopt_long-a.patch + +#rhbz 1010679 +Patch25130: fix-radeon-sound.patch +Patch25149: drm-radeon-24hz-audio-fixes.patch + +#rhbz 984696 +Patch25132: rt2800usb-slow-down-TX-status-polling.patch + +#rhbz 1023413 +Patch25135: alps-Support-for-Dell-XT2-model.patch + +#rhbz 1011621 +Patch25137: cifs-Allow-LANMAN-auth-for-unencapsulated-auth-methods.patch + +#rhbz 1025769 +Patch25142: iwlwifi-dvm-dont-override-mac80211-queue-setting.patch + +Patch25143: drm-qxl-backport-fixes-for-Fedora.patch +Patch25160: drm-qxl-fix-memory-leak-in-release-list-handling.patch + +Patch25144: Input-evdev-fall-back-to-vmalloc-for-client-event-buffer.patch + +#CVE-2013-4563 rhbz 1030015 1030017 +Patch25145: ipv6-fix-headroom-calculation-in-udp6_ufo_fragment.patch + +#rhbz 1015905 +Patch25146: 0001-ip6_output-fragment-outgoing-reassembled-skb-properl.patch +Patch25147: 0002-netfilter-push-reasm-skb-through-instead-of-original.patch + +#rhbz 1011362 +Patch25148: alx-Reset-phy-speed-after-resume.patch + +#rhbz 1031086 +Patch25150: slab_common-Do-not-check-for-duplicate-slab-names.patch + +#rhbz 967652 +Patch25151: KVM-x86-fix-emulation-of-movzbl-bpl-eax.patch + +# Fix 15sec NFS mount delay +Patch25152: sunrpc-create-a-new-dummy-pipe-for-gssd-to-hold-open.patch +Patch25153: sunrpc-replace-gssd_running-with-more-reliable-check.patch +Patch25154: nfs-check-gssd-running-before-krb5i-auth.patch + +#CVE-2013-6382 rhbz 1033603 1034670 +Patch25157: xfs-underflow-bug-in-xfs_attrlist_by_handle.patch + +#rhbz 1022733 +Patch25158: via-velocity-fix-netif_receive_skb-use-in-irq-disable.patch + +#rhbz 998342 +Patch25159: usbnet-fix-status-interrupt-urb-handling.patch + +#CVE-2013-6405 rhbz 1035875 1035887 +Patch25161: inet-prevent-leakage-of-uninitialized-memory-to-user.patch +Patch25162: inet-fix-addr_len-msg_namelen-assignment-in-recv_error-and-rxpmtu-functions.patch + +#rhbz 958826 +Patch25164: dell-laptop.patch + +#CVE-2013-XXXX rhbz 1039845 1039874 +Patch25165: net-rework-recvmsg-handler-msg_name-and-msg_namelen-.patch + +#rhbz 1030802 +Patch25170: Input-elantech-add-support-for-newer-August-2013-dev.patch +Patch25171: elantech-Properly-differentiate-between-clickpads-an.patch + +#CVE-2013-6367 rhbz 1032207 1042081 +Patch25172: KVM-x86-Fix-potential-divide-by-0-in-lapic.patch + +#CVE-2013-6368 rhbz 1032210 1042090 +Patch25173: KVM-x86-Convert-vapic-synchronization-to-_cached-functions.patch + +#CVE-2013-6376 rhbz 1033106 1042099 +Patch25174: KVM-x86-fix-guest-initiated-crash-with-x2apic.patch + +#CVE-2013-4587 rhbz 1030986 1042071 +Patch25175: KVM-Improve-create-VCPU-parameter.patch + +#rhbz 1025770 +Patch25176: br-fix-use-of-rx_handler_data-in-code-executed-on-no.patch # END OF PATCH DEFINITIONS @@ -861,18 +955,29 @@ Provides: cpufrequtils = 1:009-0.6.p1 Obsoletes: cpufreq-utils < 1:009-0.6.p1 Obsoletes: cpufrequtils < 1:009-0.6.p1 Obsoletes: cpuspeed < 1:1.5-16 +Requires: kernel-tools-libs = %{version}-%{release} %description -n kernel-tools This package contains the tools/ directory from the kernel source and the supporting documentation. -%package -n kernel-tools-devel +%package -n kernel-tools-libs +Summary: Libraries for the kernels-tools +Group: Development/System +License: GPLv2 +%description -n kernel-tools-libs +This package contains the libraries built from the tools/ directory +from the kernel source. + +%package -n kernel-tools-libs-devel Summary: Assortment of tools for the Linux kernel Group: Development/System License: GPLv2 Requires: kernel-tools = %{version}-%{release} Provides: cpupowerutils-devel = 1:009-0.6.p1 Obsoletes: cpupowerutils-devel < 1:009-0.6.p1 -%description -n kernel-tools-devel +Requires: kernel-tools-libs = %{version}-%{release} +Provides: kernel-tools-devel +%description -n kernel-tools-libs-devel This package contains the development files for the tools/ directory from the kernel source. @@ -888,7 +993,7 @@ This package provides debug information for package kernel-tools. # symlinks because of the trailing nonmatching alternation and # the leading .*, because of find-debuginfo.sh's buggy handling # of matching the pattern against the symlinks file. -%{expand:%%global debuginfo_args %{?debuginfo_args} -p '.*%%{_bindir}/centrino-decode(\.debug)?|.*%%{_bindir}/powernow-k8-decode(\.debug)?|.*%%{_bindir}/cpupower(\.debug)?|.*%%{_libdir}/libcpupower.*|XXX' -o kernel-tools-debuginfo.list} +%{expand:%%global debuginfo_args %{?debuginfo_args} -p '.*%%{_bindir}/centrino-decode(\.debug)?|.*%%{_bindir}/powernow-k8-decode(\.debug)?|.*%%{_bindir}/cpupower(\.debug)?|.*%%{_libdir}/libcpupower.*|.*%%{_bindir}/turbostat(\.debug)?|.*%%{_bindir}/x86_energy_perf_policy(\.debug)?|XXX' -o kernel-tools-debuginfo.list} %endif # with_tools @@ -932,9 +1037,9 @@ against the %{?2:%{2} }kernel package.\ # # This macro creates a kernel--modules-extra package. -# %%kernel_modules-extra_package +# %%kernel_modules_extra_package # -%define kernel_modules-extra_package() \ +%define kernel_modules_extra_package() \ %package %{?1:%{1}-}modules-extra\ Summary: Extra kernel modules to match the %{?2:%{2} }kernel\ Group: System Environment/Kernel\ @@ -960,14 +1065,14 @@ Summary: %{variant_summary}\ Group: System Environment/Kernel\ %kernel_reqprovconf\ %{expand:%%kernel_devel_package %1 %{!?-n:%1}%{?-n:%{-n*}}}\ -%{expand:%%kernel_modules-extra_package %1 %{!?-n:%1}%{?-n:%{-n*}}}\ +%{expand:%%kernel_modules_extra_package %1 %{!?-n:%1}%{?-n:%{-n*}}}\ %{expand:%%kernel_debuginfo_package %1}\ %{nil} # First the auxiliary packages of the main kernel package. %kernel_devel_package -%kernel_modules-extra_package +%kernel_modules_extra_package %kernel_debuginfo_package @@ -1024,30 +1129,6 @@ on kernel bugs, as some of these options impact performance noticably. This package includes a version of the Linux kernel with support for marvell kirkwood based systems, i.e., guruplug, sheevaplug -%define variant_summary The Linux kernel compiled for freescale boards -%kernel_variant_package imx -%description imx -This package includes a version of the Linux kernel with support for -freescale based systems, i.e., efika smartbook. - -%define variant_summary The Linux kernel compiled for Calxeda boards -%kernel_variant_package highbank -%description highbank -This package includes a version of the Linux kernel with support for -Calxeda based systems, i.e., HP arm servers. - -%define variant_summary The Linux kernel compiled for TI-OMAP boards -%kernel_variant_package omap -%description omap -This package includes a version of the Linux kernel with support for -TI-OMAP based systems, i.e., BeagleBoard-xM. - -%define variant_summary The Linux kernel compiled for tegra boards -%kernel_variant_package tegra -%description tegra -This package includes a version of the Linux kernel with support for -nvidia tegra based systems, i.e., trimslice, ac-100. - %prep # do a few sanity-checks for --with *only builds @@ -1278,43 +1359,40 @@ make -f %{SOURCE19} config-release make -f %{SOURCE20} VERSION=%{version} configs # Merge in any user-provided local config option changes -%if %{?all_arch_configs:1}%{!?all_arch_configs:0} -for i in %{all_arch_configs} +for i in kernel-%{version}-*.config do mv $i $i.tmp ./merge.pl %{SOURCE1000} $i.tmp > $i rm $i.tmp done -%endif -ApplyPatch linux-2.6-makefile-after_link.patch +ApplyPatch makefile-after_link.patch # # misc small stuff to make things compile # -ApplyOptionalPatch linux-2.6-compile-fixes.patch +ApplyOptionalPatch compile-fixes.patch %if !%{nopatches} # revert patches from upstream that conflict or that we get via other means -ApplyOptionalPatch linux-2.6-upstream-reverts.patch -R +ApplyOptionalPatch upstream-reverts.patch -R ApplyPatch taint-vbox.patch ApplyPatch vmbugon-warnon.patch -ApplyPatch team-net-next-20120808.patch - # Architecture patches # x86(-64) # # ARM # -ApplyPatch arm-tegra-nvec-kconfig.patch +ApplyPatch arm-export-read_current_timer.patch +ApplyPatch arm-lpae-ax88796.patch +ApplyPatch arm-omap-load-tfp410.patch ApplyPatch arm-tegra-usb-no-reset-linux33.patch -ApplyPatch arm-tegra-sdhci-module-fix.patch # # bugfixes to drivers and filesystems @@ -1335,10 +1413,8 @@ ApplyPatch arm-tegra-sdhci-module-fix.patch # WMI # ACPI -ApplyPatch linux-2.6-defaults-acpi-video.patch -ApplyPatch linux-2.6-acpi-video-dos.patch -ApplyPatch linux-2.6-acpi-debug-infinite-loop.patch -ApplyPatch acpi-sony-nonvs-blacklist.patch +ApplyPatch defaults-acpi-video.patch +ApplyPatch acpi-debug-infinite-loop.patch # # PCI @@ -1356,92 +1432,197 @@ ApplyPatch acpi-sony-nonvs-blacklist.patch # Misc fixes # The input layer spews crap no-one cares about. -ApplyPatch linux-2.6-input-kill-stupid-messages.patch +ApplyPatch input-kill-stupid-messages.patch # stop floppy.ko from autoloading during udev... ApplyPatch die-floppy-die.patch -ApplyPatch linux-2.6.30-no-pcspkr-modalias.patch +ApplyPatch no-pcspkr-modalias.patch # Allow to use 480600 baud on 16C950 UARTs -ApplyPatch linux-2.6-serial-460800.patch +ApplyPatch serial-460800.patch # Silence some useless messages that still get printed with 'quiet' -ApplyPatch linux-2.6-silence-noise.patch +ApplyPatch silence-noise.patch # Make fbcon not show the penguins with 'quiet' -ApplyPatch linux-2.6-silence-fbcon-logo.patch +ApplyPatch silence-fbcon-logo.patch # Changes to upstream defaults. # /dev/crash driver. -ApplyPatch linux-2.6-crash-driver.patch - -# Hack e1000e to work on Montevina SDV -ApplyPatch linux-2.6-e1000-ich9-montevina.patch - -# crypto/ -ApplyPatch modsign-20120814.patch +ApplyPatch crash-driver.patch # secure boot -ApplyPatch secure-boot-20120809.patch +ApplyPatch devel-pekey-secure-boot-20130502.patch # Assorted Virt Fixes -ApplyPatch fix_xen_guest_on_old_EC2.patch # DRM core #ApplyPatch drm-edid-try-harder-to-fix-up-broken-headers.patch -ApplyPatch drm-vgem.patch +#ApplyPatch drm-vgem.patch # Nouveau DRM # Intel DRM ApplyOptionalPatch drm-intel-next.patch -ApplyPatch drm-i915-dp-stfu.patch +ApplyPatch drm-i915-tv-detect-hush.patch # silence the ACPI blacklist code -ApplyPatch linux-2.6-silence-acpi-blacklist.patch -ApplyPatch quite-apm.patch +ApplyPatch silence-acpi-blacklist.patch # V4L/DVB updates/fixes/experimental drivers # apply if non-empty -ApplyOptionalPatch linux-2.6-v4l-dvb-fixes.patch -ApplyOptionalPatch linux-2.6-v4l-dvb-update.patch -ApplyOptionalPatch linux-2.6-v4l-dvb-experimental.patch +ApplyOptionalPatch v4l-dvb-fixes.patch +ApplyOptionalPatch v4l-dvb-update.patch +ApplyOptionalPatch v4l-dvb-experimental.patch # Patches headed upstream ApplyPatch fs-proc-devtree-remove_proc_entry.patch ApplyPatch disable-i8042-check-on-apple-mac.patch -# rhbz#605888 -ApplyPatch dmar-disable-when-ricoh-multifunction.patch - -ApplyPatch efi-dont-map-boot-services-on-32bit.patch - # FIXME: REBASE #ApplyPatch hibernate-freeze-filesystems.patch ApplyPatch lis3-improve-handling-of-null-rate.patch -ApplyPatch power-x86-destdir.patch +# Disable watchdog on virtual machines. +ApplyPatch nowatchdog-on-virt.patch + +#ApplyPatch 0001-efifb-Skip-DMI-checks-if-the-bootloader-knows-what-i.patch +#ApplyPatch 0002-x86-EFI-Calculate-the-EFI-framebuffer-size-instead-o.patch #rhbz 754518 ApplyPatch scsi-sd_revalidate_disk-prevent-NULL-ptr-deref.patch -ApplyPatch unhandled-irqs-switch-to-polling.patch - ApplyPatch weird-root-dentry-name-debug.patch -#selinux ptrace child permissions -ApplyPatch selinux-apply-different-permission-to-ptrace-child.patch +#rhbz 892811 +ApplyPatch ath9k_rx_dma_stop_check.patch -#rhbz 836742 -ApplyPatch uvcvideo-Reset-bytesused-field-when-recycling-erroneous-buffer.patch +#rhbz 927469 +ApplyPatch fix-child-thread-introspection.patch -#rhbz 844485 -ApplyPatch vfs-fix-file-creation-bugs.patch +#rhbz 977040 +ApplyPatch iwl3945-better-skb-management-in-rx-path.patch +ApplyPatch iwl4965-better-skb-management-in-rx-path.patch + +#rhbz 963715 +ApplyPatch media-cx23885-Fix-TeVii-S471-regression-since-introduction-of-ts2020.patch + +#rhbz 985522 +ApplyPatch ntp-Make-periodic-RTC-update-more-reliable.patch + +#rhbz 971893 +ApplyPatch bonding-driver-alb-learning.patch + +#rhbz 902012 +ApplyPatch elevator-Fix-a-race-in-elevator-switching-and-md.patch +ApplyPatch elevator-acquire-q-sysfs_lock-in-elevator_change.patch + +#rhbz 974072 +ApplyPatch rt2800-add-support-for-rf3070.patch + +#rhbz 1015989 +ApplyPatch netfilter-nf_conntrack-use-RCU-safe-kfree-for-conntr.patch + +#rhbz 982153 +ApplyPatch iommu-Remove-stack-trace-from-broken-irq-remapping-warning.patch + +#rhbz 998732 +ApplyPatch vfio-iommu-Fixed-interaction-of-VFIO_IOMMU_MAP_DMA.patch + +#rhbz 896695 +ApplyPatch 0001-iwlwifi-don-t-WARN-on-host-commands-sent-when-firmwa.patch +ApplyPatch 0002-iwlwifi-don-t-WARN-on-bad-firmware-state.patch + +#rhbz 993744 +ApplyPatch dm-cache-policy-mq_fix-large-scale-table-allocation-bug.patch + +#rhbz 1000439 +ApplyPatch cpupower-Fix-segfault-due-to-incorrect-getopt_long-a.patch + +#rhbz 1010679 +ApplyPatch fix-radeon-sound.patch +ApplyPatch drm-radeon-24hz-audio-fixes.patch + +#rhbz 984696 +ApplyPatch rt2800usb-slow-down-TX-status-polling.patch + +#rhbz 1023413 +ApplyPatch alps-Support-for-Dell-XT2-model.patch + +#rhbz 1011621 +ApplyPatch cifs-Allow-LANMAN-auth-for-unencapsulated-auth-methods.patch + +#rhbz 1025769 +ApplyPatch iwlwifi-dvm-dont-override-mac80211-queue-setting.patch + +ApplyPatch drm-qxl-backport-fixes-for-Fedora.patch +ApplyPatch drm-qxl-fix-memory-leak-in-release-list-handling.patch + +ApplyPatch Input-evdev-fall-back-to-vmalloc-for-client-event-buffer.patch + +#CVE-2013-4563 rhbz 1030015 1030017 +ApplyPatch ipv6-fix-headroom-calculation-in-udp6_ufo_fragment.patch + +#rhbz 1015905 +ApplyPatch 0001-ip6_output-fragment-outgoing-reassembled-skb-properl.patch +ApplyPatch 0002-netfilter-push-reasm-skb-through-instead-of-original.patch + +#rhbz 1011362 +ApplyPatch alx-Reset-phy-speed-after-resume.patch + +#rhbz 1031086 +ApplyPatch slab_common-Do-not-check-for-duplicate-slab-names.patch + +#rhbz 967652 +ApplyPatch KVM-x86-fix-emulation-of-movzbl-bpl-eax.patch + +# Fix 15sec NFS mount delay +ApplyPatch sunrpc-create-a-new-dummy-pipe-for-gssd-to-hold-open.patch +ApplyPatch sunrpc-replace-gssd_running-with-more-reliable-check.patch +ApplyPatch nfs-check-gssd-running-before-krb5i-auth.patch + +#CVE-2013-6382 rhbz 1033603 1034670 +ApplyPatch xfs-underflow-bug-in-xfs_attrlist_by_handle.patch + +#rhbz 1022733 +ApplyPatch via-velocity-fix-netif_receive_skb-use-in-irq-disable.patch + +#rhbz 998342 +ApplyPatch usbnet-fix-status-interrupt-urb-handling.patch + +#CVE-2013-6405 rhbz 1035875 1035887 +ApplyPatch inet-prevent-leakage-of-uninitialized-memory-to-user.patch +ApplyPatch inet-fix-addr_len-msg_namelen-assignment-in-recv_error-and-rxpmtu-functions.patch + +#rhbz 958826 +ApplyPatch dell-laptop.patch + +#CVE-2013-XXXX rhbz 1039845 1039874 +ApplyPatch net-rework-recvmsg-handler-msg_name-and-msg_namelen-.patch + +#rhbz 1030802 +ApplyPatch Input-elantech-add-support-for-newer-August-2013-dev.patch +ApplyPatch elantech-Properly-differentiate-between-clickpads-an.patch + +#CVE-2013-6367 rhbz 1032207 1042081 +ApplyPatch KVM-x86-Fix-potential-divide-by-0-in-lapic.patch + +#CVE-2013-6368 rhbz 1032210 1042090 +ApplyPatch KVM-x86-Convert-vapic-synchronization-to-_cached-functions.patch + +#CVE-2013-6376 rhbz 1033106 1042099 +ApplyPatch KVM-x86-fix-guest-initiated-crash-with-x2apic.patch + +#CVE-2013-4587 rhbz 1030986 1042071 +ApplyPatch KVM-Improve-create-VCPU-parameter.patch + +#rhbz 1025770 +ApplyPatch br-fix-use-of-rx_handler_data-in-code-executed-on-no.patch # END OF PATCH APPLICATIONS @@ -1459,28 +1640,28 @@ touch .scmversion mkdir configs -# Remove configs not for the buildarch -for cfg in kernel-%{version}-*.config; do - if [ `echo %{all_arch_configs} | grep -c $cfg` -eq 0 ]; then - rm -f $cfg - fi -done - %if !%{debugbuildsenabled} rm -f kernel-%{version}-*debug.config %endif -# run oldconfig over the config files (except when noarch) -if [ "%{_target_cpu}" != "noarch" ]; then - for i in kernel-*-%{_target_cpu}*.config - do - mv $i .config - Arch=`head -1 .config | cut -b 3-` - make ARCH=$Arch oldnoconfig - echo "# $Arch" > configs/$i - cat .config >> configs/$i - done -fi + +# now run oldconfig over all the config files +for i in *.config +do + mv $i .config + Arch=`head -1 .config | cut -b 3-` + make ARCH=$Arch listnewconfig | grep -E '^CONFIG_' >.newoptions || true +%if %{listnewconfig_fail} + if [ -s .newoptions ]; then + cat .newoptions + exit 1 + fi +%endif + rm -f .newoptions + make ARCH=$Arch oldnoconfig + echo "# $Arch" > configs/$i + cat .config >> configs/$i +done # end of kernel config %endif @@ -1490,10 +1671,6 @@ find . \( -name "*.orig" -o -name "*~" \) -exec rm -f {} \; >/dev/null # remove unnecessary SCM files find . -name .gitignore -exec rm -f {} \; >/dev/null -%if %{signmodules} -cp %{SOURCE11} . -%endif - cd .. ### @@ -1563,6 +1740,11 @@ BuildKernel() { make -s mrproper cp configs/$Config .config + %if %{signmodules} + cp %{SOURCE11} . + chmod +x scripts/sign-file + %endif + Arch=`head -1 .config | cut -b 3-` echo USING ARCH=$Arch @@ -1570,6 +1752,11 @@ BuildKernel() { %ifarch %{arm} # http://lists.infradead.org/pipermail/linux-arm-kernel/2012-March/091404.html make -s ARCH=$Arch V=1 %{?_smp_mflags} $MakeTarget %{?sparse_mflags} KALLSYMS_EXTRA_PASS=1 + + make -s ARCH=$Arch V=1 dtbs + mkdir -p $RPM_BUILD_ROOT/%{image_install_path}/dtb-$KernelVer + install -m 644 arch/arm/boot/dts/*.dtb $RPM_BUILD_ROOT/boot/dtb-$KernelVer/ + rm -f arch/arm/boot/dts/*.dtb %else make -s ARCH=$Arch V=1 %{?_smp_mflags} $MakeTarget %{?sparse_mflags} %endif @@ -1594,6 +1781,10 @@ BuildKernel() { %if %{signmodules} # Sign the image if we're using EFI %pesign -s -i $KernelImage -o vmlinuz.signed + if [ ! -s vmlinuz.signed ]; then + echo "pesigning failed" + exit 1 + fi mv vmlinuz.signed $KernelImage %endif $CopyKernel $KernelImage \ @@ -1610,13 +1801,6 @@ BuildKernel() { # we'll get it from the linux-firmware package and we don't want conflicts make -s ARCH=$Arch INSTALL_MOD_PATH=$RPM_BUILD_ROOT modules_install KERNELRELEASE=$KernelVer mod-fw= -%if %{signmodules} - if [ -z "$(readelf -n $(find fs/ -name \*.ko | head -n 1) | grep module.sig)" ]; then - echo "ERROR: modules are NOT signed" >&2; - exit 1; - fi -%endif - %ifarch %{vdso_arches} make -s ARCH=$Arch INSTALL_MOD_PATH=$RPM_BUILD_ROOT vdso_install KERNELRELEASE=$KernelVer if [ ! -s ldconfig-kernel.conf ]; then @@ -1678,8 +1862,8 @@ BuildKernel() { # Make sure the Makefile and version.h have a matching timestamp so that # external modules can be built - touch -r $RPM_BUILD_ROOT/lib/modules/$KernelVer/build/Makefile $RPM_BUILD_ROOT/lib/modules/$KernelVer/build/include/linux/version.h - touch -r $RPM_BUILD_ROOT/lib/modules/$KernelVer/build/.config $RPM_BUILD_ROOT/lib/modules/$KernelVer/build/include/linux/autoconf.h + touch -r $RPM_BUILD_ROOT/lib/modules/$KernelVer/build/Makefile $RPM_BUILD_ROOT/lib/modules/$KernelVer/build/include/generated/uapi/linux/version.h + # Copy .config to include/config/auto.conf so "make prepare" is unnecessary. cp $RPM_BUILD_ROOT/lib/modules/$KernelVer/build/.config $RPM_BUILD_ROOT/lib/modules/$KernelVer/build/include/config/auto.conf @@ -1737,66 +1921,18 @@ BuildKernel() { rm -f modinfo modnames - pushd $RPM_BUILD_ROOT/lib/modules/$KernelVer/ - rm -rf modnames - find . -name "*.ko" -type f > modnames - # Look through all of the modules, and throw any that have a dependency in - # our list into the list as well. - rm -rf dep.list dep2.list - rm -rf req.list req2.list - touch dep.list req.list - cp %{SOURCE16} . - for dep in `cat modnames` - do - depends=`modinfo $dep | grep depends| cut -f2 -d":" | sed -e 's/^[ \t]*//'` - [ -z "$depends" ] && continue; - for mod in `echo $depends | sed -e 's/,/ /g'` - do - match=`grep "^$mod.ko" mod-extra.list` ||: - if [ -z "$match" ] - then - continue - else - # check if the module we're looking at is in mod-extra too. if so - # we don't need to mark the dep as required - mod2=`basename $dep` - match2=`grep "^$mod2" mod-extra.list` ||: - if [ -n "$match2" ] - then - continue - #echo $mod2 >> notreq.list - else - echo $mod.ko >> req.list - fi - fi - done - done + # Call the modules-extra script to move things around + %{SOURCE17} $RPM_BUILD_ROOT/lib/modules/$KernelVer %{SOURCE16} - sort -u req.list > req2.list - sort -u mod-extra.list > mod-extra2.list - join -v 1 mod-extra2.list req2.list > mod-extra3.list - - for mod in `cat mod-extra3.list` - do - # get the path for the module - modpath=`grep /$mod modnames` ||: - [ -z "$modpath" ] && continue; - echo $modpath >> dep.list - done - - sort -u dep.list > dep2.list - - # now move the modules into the extra/ directory - for mod in `cat dep2.list` - do - newpath=`dirname $mod | sed -e 's/kernel\//extra\//'` - mkdir -p $newpath - mv $mod $newpath - done - - rm modnames dep.list dep2.list req.list req2.list - rm mod-extra.list mod-extra2.list mod-extra3.list - popd +%if %{signmodules} + # Save off the .tmp_versions/ directory. We'll use it in the + # __debug_install_post macro below to sign the right things + # Also save the signing keys so we actually sign the modules with the + # right key. + cp -r .tmp_versions .tmp_versions.sign${Flavour:+.${Flavour}} + cp signing_key.priv signing_key.priv.sign${Flavour:+.${Flavour}} + cp signing_key.x509 signing_key.x509.sign${Flavour:+.${Flavour}} +%endif # remove files that will be auto generated by depmod at rpm -i time for i in alias alias.bin builtin.bin ccwmap dep dep.bin ieee1394map inputmap isapnpmap ofmap pcimap seriomap symbols symbols.bin usbmap devname softdep @@ -1845,22 +1981,6 @@ BuildKernel %make_target %kernel_image PAE BuildKernel %make_target %kernel_image kirkwood %endif -%if %{with_imx} -BuildKernel %make_target %kernel_image imx -%endif - -%if %{with_highbank} -BuildKernel %make_target %kernel_image highbank -%endif - -%if %{with_omap} -BuildKernel %make_target %kernel_image omap -%endif - -%if %{with_tegra} -BuildKernel %make_target %kernel_image tegra -%endif - %if %{with_up} BuildKernel %make_target %kernel_image %endif @@ -1920,9 +2040,64 @@ find Documentation -type d | xargs chmod u+w # This macro is used by %%install, so we must redefine it before that. %define debug_package %{nil} +# In the modsign case, we do 3 things. 1) We check the "flavour" and hard +# code the value in the following invocations. This is somewhat sub-optimal +# but we're doing this inside of an RPM macro and it isn't as easy as it +# could be because of that. 2) We restore the .tmp_versions/ directory from +# the one we saved off in BuildKernel above. This is to make sure we're +# signing the modules we actually built/installed in that flavour. 3) We +# grab the arch and invoke 'make modules_sign' and the mod-extra-sign.sh +# commands to actually sign the modules. +# +# We have to do all of those things _after_ find-debuginfo runs, otherwise +# that will strip the signature off of the modules. + %if %{with_debuginfo} %define __debug_install_post \ /usr/lib/rpm/find-debuginfo.sh %{debuginfo_args} %{_builddir}/%{?buildsubdir}\ + if [ "%{signmodules}" == "1" ]; \ + then \ + if [ "%{with_pae}" != "0" ]; \ + then \ + Arch=`head -1 configs/kernel-%{version}-%{_target_cpu}-PAE.config | cut -b 3-` \ + rm -rf .tmp_versions \ + mv .tmp_versions.sign.PAE .tmp_versions \ + mv signing_key.priv.sign.PAE signing_key.priv \ + mv signing_key.x509.sign.PAE signing_key.x509 \ + make -s ARCH=$Arch V=1 INSTALL_MOD_PATH=$RPM_BUILD_ROOT modules_sign KERNELRELEASE=%{KVERREL}.PAE \ + %{SOURCE18} $RPM_BUILD_ROOT/lib/modules/%{KVERREL}.PAE/extra/ \ + fi \ + if [ "%{with_debug}" != "0" ]; \ + then \ + Arch=`head -1 configs/kernel-%{version}-%{_target_cpu}-debug.config | cut -b 3-` \ + rm -rf .tmp_versions \ + mv .tmp_versions.sign.debug .tmp_versions \ + mv signing_key.priv.sign.debug signing_key.priv \ + mv signing_key.x509.sign.debug signing_key.x509 \ + make -s ARCH=$Arch V=1 INSTALL_MOD_PATH=$RPM_BUILD_ROOT modules_sign KERNELRELEASE=%{KVERREL}.debug \ + %{SOURCE18} $RPM_BUILD_ROOT/lib/modules/%{KVERREL}.debug/extra/ \ + fi \ + if [ "%{with_pae_debug}" != "0" ]; \ + then \ + Arch=`head -1 configs/kernel-%{version}-%{_target_cpu}-PAEdebug.config | cut -b 3-` \ + rm -rf .tmp_versions \ + mv .tmp_versions.sign.PAEdebug .tmp_versions \ + mv signing_key.priv.sign.PAEdebug signing_key.priv \ + mv signing_key.x509.sign.PAEdebug signing_key.x509 \ + make -s ARCH=$Arch V=1 INSTALL_MOD_PATH=$RPM_BUILD_ROOT modules_sign KERNELRELEASE=%{KVERREL}.PAEdebug \ + %{SOURCE18} $RPM_BUILD_ROOT/lib/modules/%{KVERREL}.PAEdebug/extra/ \ + fi \ + if [ "%{with_up}" != "0" ]; \ + then \ + Arch=`head -1 configs/kernel-%{version}-%{_target_cpu}.config | cut -b 3-` \ + rm -rf .tmp_versions \ + mv .tmp_versions.sign .tmp_versions \ + mv signing_key.priv.sign signing_key.priv \ + mv signing_key.x509.sign signing_key.x509 \ + make -s ARCH=$Arch V=1 INSTALL_MOD_PATH=$RPM_BUILD_ROOT modules_sign KERNELRELEASE=%{KVERREL} \ + %{SOURCE18} $RPM_BUILD_ROOT/lib/modules/%{KVERREL}/extra/ \ + fi \ + fi \ %{nil} %ifnarch noarch @@ -1976,11 +2151,6 @@ find $RPM_BUILD_ROOT/usr/include \ \( -name .install -o -name .check -o \ -name ..install.cmd -o -name ..check.cmd \) | xargs rm -f -# glibc provides scsi headers for itself, for now -rm -rf $RPM_BUILD_ROOT/usr/include/scsi -rm -f $RPM_BUILD_ROOT/usr/include/asm*/atomic.h -rm -f $RPM_BUILD_ROOT/usr/include/asm*/io.h -rm -f $RPM_BUILD_ROOT/usr/include/asm*/irq.h %endif %if %{with_perf} @@ -2073,7 +2243,7 @@ fi\ # # This macro defines a %%post script for a kernel*-modules-extra package. -# %%kernel_modules-extra_post [] +# %%kernel_modules_extra_post [] # %define kernel_modules_extra_post() \ %{expand:%%post %{?1:%{1}-}modules-extra}\ @@ -2137,18 +2307,6 @@ fi}\ %kernel_variant_preun kirkwood %kernel_variant_post -v kirkwood -%kernel_variant_preun imx -%kernel_variant_post -v imx - -%kernel_variant_preun highbank -%kernel_variant_post -v highbank - -%kernel_variant_preun omap -%kernel_variant_post -v omap - -%kernel_variant_preun tegra -%kernel_variant_post -v tegra - if [ -x /sbin/ldconfig ] then /sbin/ldconfig -X || exit $? @@ -2188,6 +2346,7 @@ fi %dir %{_libexecdir}/perf-core %{_libexecdir}/perf-core/* %{_mandir}/man[1-8]/perf* +%{_sysconfdir}/bash_completion.d/perf %doc linux-%{KVERREL}/tools/perf/Documentation/examples.txt %files -n python-perf @@ -2212,8 +2371,6 @@ fi %{_bindir}/centrino-decode %{_bindir}/powernow-k8-decode %endif -%{_libdir}/libcpupower.so.0 -%{_libdir}/libcpupower.so.0.0.0 %{_unitdir}/cpupower.service %{_mandir}/man[1-8]/cpupower* %config(noreplace) %{_sysconfdir}/sysconfig/cpupower @@ -2231,7 +2388,11 @@ fi %endif %ifarch %{cpupowerarchs} -%files -n kernel-tools-devel +%files -n kernel-tools-libs +%{_libdir}/libcpupower.so.0 +%{_libdir}/libcpupower.so.0.0.0 + +%files -n kernel-tools-libs-devel %{_libdir}/libcpupower.so %{_includedir}/cpufreq.h %endif @@ -2252,6 +2413,9 @@ fi %defattr(-,root,root)\ /%{image_install_path}/%{?-k:%{-k*}}%{!?-k:vmlinuz}-%{KVERREL}%{?2:.%{2}}\ /%{image_install_path}/.vmlinuz-%{KVERREL}%{?2:.%{2}}.hmac \ +%ifarch %{arm}\ +/%{image_install_path}/dtb-%{KVERREL}%{?2:.%{2}} \ +%endif\ %attr(600,root,root) /boot/System.map-%{KVERREL}%{?2:.%{2}}\ /boot/config-%{KVERREL}%{?2:.%{2}}\ %dir /lib/modules/%{KVERREL}%{?2:.%{2}}\ @@ -2287,10 +2451,6 @@ fi %kernel_variant_files %{with_pae} PAE %kernel_variant_files %{with_pae_debug} PAEdebug %kernel_variant_files %{with_kirkwood} kirkwood -%kernel_variant_files %{with_imx} imx -%kernel_variant_files %{with_highbank} highbank -%kernel_variant_files %{with_omap} omap -%kernel_variant_files %{with_tegra} tegra # plz don't put in a version string unless you're going to tag # and build. @@ -2305,1885 +2465,1024 @@ fi # ||----w | # || || %changelog -* Fri Aug 17 2012 Josh Boyer - 3.6.0-0.rc2.git0.2 -- Reenable debugging options. +* Mon Dec 16 2013 Josh Boyer +- Fix host lockup in bridge code when starting from virt guest (rhbz 1025770) -* Thu Aug 16 2012 Josh Boyer - 3.6.0-0.rc2.git0.1 -- Linux v3.6-rc2 -- Disable debugging options. +* Thu Dec 12 2013 Josh Boyer +- CVE-2013-4587 kvm: out-of-bounds access (rhbz 1030986 1042071) +- CVE-2013-6376 kvm: BUG_ON in apic_cluster_id (rhbz 1033106 1042099) +- CVE-2013-6368 kvm: cross page vapic_addr access (rhbz 1032210 1042090) +- CVE-2013-6367 kvm: division by 0 in apic_get_tmcct (rhbz 1032207 1042081) -* Tue Aug 14 2012 Josh Boyer - 3.6.0-0.rc1.git6.1 -- Linux v3.6-rc1-355-gddf343f +* Wed Dec 11 2013 Josh Boyer +- Add patches to support ETPS/2 Elantech touchpads (rhbz 1030802) -* Mon Aug 13 2012 Josh Boyer - 3.6.0-0.rc1.git5.2 -- Fix VFS file creation bugs (rhbz 844485) +* Tue Dec 10 2013 Josh Boyer +- CVE-2013-XXXX net: memory leak in recvmsg (rhbz 1039845 1039874) -* Mon Aug 13 2012 Josh Boyer - 3.6.0-0.rc1.git5.1 -- Linux v3.6-rc1-312-g3bf671a +* Tue Dec 03 2013 Josh Boyer +- Add patches to fix rfkill switch on Dell machines (rhbz 958826) -* Sun Aug 12 2012 Josh Boyer - 3.6.0-0.rc1.git4.1 -- Linux v3.6-rc1-268-g21d2f8d +* Sat Nov 30 2013 Josh Boyer +- CVE-2013-6405 net: leak of uninited mem to userspace via recv syscalls (rhbz 1035875 1035887) -* Fri Aug 10 2012 Dennis Gilmore -- disable some options on highbank at calxeda's request -- enable the PL011 serial console on highbank -- enable ARM architected timer on all arm arches +* Fri Nov 29 2013 Josh Boyer - 3.11.10-100 +- Linux v3.11.10 +- Fix memory leak in qxl (from Dave Airlie) -* Thu Aug 09 2012 Josh Boyer - 3.6.0-0.rc1.git3.2 -- Update secure-boot patch to pass correct CFLAGS to EFI stub +* Tue Nov 26 2013 Josh Boyer +- Add patch to fix usbnet URB handling (rhbz 998342) +- Fix crash in via-velocity driver (rhbz 1022733) +- CVE-2013-6382 xfs: missing check for ZERO_SIZE_PTR (rhbz 1033603 1034670) -* Thu Aug 09 2012 Josh Boyer - 3.6.0-0.rc1.git3.1 -- Linux v3.6-rc1-207-gf4ba394 +* Mon Nov 25 2013 Josh Boyer +- CVE-2013-6380 aacraid: invalid pointer dereference (rhbz 1033593 1034304) +- CVE-2013-6378 libertas: potential oops in debugfs (rhbz 1033578 1034183) -* Wed Aug 08 2012 Josh Boyer - 3.6.0-0.rc1.git2.2 +* Fri Nov 22 2013 Josh Boyer +- Add patches from Jeff Layton to fix 15sec NFS mount hang + +* Wed Nov 20 2013 Josh Boyer - 3.11.9-100 +- Linux v3.11.9 + +* Mon Nov 18 2013 Josh Boyer +- Add patch to fix rhel5.9 KVM guests (rhbz 967652) +- Add patch to fix crash from slab when using md-raid mirrors (rhbz 1031086) +- Add patches from Pierre Ossman to fix 24Hz/24p radeon audio (rhbz 1010679) +- Add patch to fix ALX phy issues after resume (rhbz 1011362) +- Fix ipv6 sit panic with packet size > mtu (from Michele Baldessari) (rbhz 1015905) + +* Thu Nov 14 2013 Josh Boyer +- CVE-2013-4563: net: large udp packet over IPv6 over UFO-enabled device with TBF qdisc panic (rhbz 1030015 1030017) + +* Wed Nov 13 2013 Justin M. Forbes - 3.11.8-100 +- Linux v3.11.8 + +* Sat Nov 09 2013 Josh Boyer +- Add patch from Daniel Stone to avoid high order allocations in evdev +- Add qxl backport fixes from Dave Airlie + +* Mon Nov 04 2013 Josh Boyer - 3.11.7-100 +- Add patch to fix iwlwifi queue settings backtrace (rhbz 1025769) + +* Mon Nov 04 2013 Justin M. Forbes +- Linux v3.11.7 + +* Fri Nov 01 2013 Josh Boyer - 3.11.6-101 +- Revert blocking patches causing systemd to crash on resume (rhbz 1010603) +- CVE-2013-4348 net: deadloop path in skb_flow_dissect (rhbz 1007939 1025647) + +* Thu Oct 31 2013 Josh Boyer +- Fix display regression on Dell XPS 13 machines (rhbz 995782) + +* Tue Oct 29 2013 Josh Boyer +- Fix plaintext auth regression in cifs (rhbz 1011621) + +* Fri Oct 25 2013 Josh Boyer +- CVE-2013-4470 net: memory corruption with UDP_CORK and UFO (rhbz 1023477 1023495) +- Add touchpad support for Dell XT2 (rhbz 1023413) + +* Tue Oct 22 2013 Josh Boyer +- Add patch to fix warning in tcp_fastretrans_alert (rhbz 989251) + +* Fri Oct 18 2013 Justin M. Forbes - 3.11.6-100 +- Linux v3.11.6 + +* Thu Oct 17 2013 Josh Boyer +- Add patch to fix BusLogic error (rhbz 1015558) +- Fix rt2800usb polling timeouts and throughput issues (rhbz 984696) + +* Wed Oct 16 2013 Josh Boyer +- Fix btrfs balance/scrub issue (rhbz 1011714) + +* Tue Oct 15 2013 Josh Boyer +- Fix regression in radeon sound (rhbz 1010679) + +* Mon Oct 14 2013 Kyle McMartin +- Fix crash-driver.patch to properly use page_is_ram. + +* Mon Oct 14 2013 Justin M. Forbes - 3.11.5-100 +- Linux v3.11.5 + +* Fri Oct 11 2013 Josh Boyer +- Fix segfault in cpupower set (rhbz 1000439) + +* Thu Oct 10 2013 Justin M. Forbes - 3.11.4-101 +- Fix linux-firmware requirement + +* Thu Oct 10 2013 Josh Boyer +- USB OHCI accept very late isochronous URBs (in 3.11.4) (rhbz 975158) +- Fix large order allocation in dm mq policy (rhbz 993744) + +* Wed Oct 09 2013 Josh Boyer +- Don't trigger a stack trace on crashing iwlwifi firmware (rhbz 896695) +- Add patch to fix VFIO IOMMU crash (rhbz 998732) + +* Tue Oct 08 2013 Josh Boyer +- Add patch to fix nouveau crash (rhbz 1015920) + +* Tue Oct 08 2013 Justin M. Forbes +- Linux v3.11.4 +- Add missing 3.11 patches from F19 + +* Tue Oct 08 2013 Josh Boyer +- Quiet irq remapping stack trace (rhbz 982153) +- Use RCU safe kfree for conntrack (rhbz 1015989) + +* Fri Oct 4 2013 Justin M. Forbes 3.10.14-100 +- Linux v3.10.14 + +* Thu Oct 3 2013 Josh Boyer +- CVE-2013-4387 ipv6: panic when UFO=On for an interface (rhbz 1011927 1015166) + +* Mon Sep 30 2013 Josh Boyer +- Drop VC_MUTE patch (rhbz 859485) + +* Fri Sep 27 2013 Justin M. Forbes 3.10.13-101 +- Bump and tag for build + +* Fri Sep 27 2013 Josh Boyer +- Add HID revert patch to fix logitech unifying devices (rhbz 1013000) +- Add patches to fix soft lockup from elevator changes (rhbz 902012) + +* Fri Sep 27 2013 Justin M. Forbes 3.10.13-100 +- Linux v3.10.13 + +* Mon Sep 23 2013 Neil Horman +- Add alb learning packet config knob (rhbz 971893) + +* Fri Sep 20 2013 Josh Boyer +- Fix multimedia keys on Genius GX keyboard (rhbz 928561) + +* Tue Sep 17 2013 Josh Boyer +- CVE-2013-4345 ansi_cprng: off by one error in non-block size request (rhbz 1007690 1009136) + +* Mon Sep 16 2013 Justin M. Forbes 3.10.12-100 +- Linux v3.10.12 + +* Fri Sep 13 2013 Josh Boyer +- CVE-2013-4350 net: sctp: ipv6 ipsec encryption bug in sctp_v6_xmit (rhbz 1007872 1007903) +- CVE-2013-4343 net: use-after-free TUNSETIFF (rhbz 1007733 1007741) + +* Thu Sep 12 2013 Josh Boyer +- Update HID CVE fixes to fix crash from lenovo-tpkbd driver (rhbz 1003998) + +* Wed Sep 11 2013 Neil Horman +- Fix race in crypto larval lookup + +* Mon Sep 09 2013 Josh Boyer 3.10.11-100 +- Fix system freeze due to incorrect rt2800 initialization (rhbz 1000679) + +* Mon Sep 09 2013 Justin M. Forbes +- Linux v3.10.11 + +* Fri Aug 30 2013 Josh Boyer +- Fix HID CVEs. Absurd. +- CVE-2013-2888 rhbz 1000451 1002543 CVE-2013-2889 rhbz 999890 1002548 +- CVE-2013-2891 rhbz 999960 1002555 CVE-2013-2892 rhbz 1000429 1002570 +- CVE-2013-2893 rhbz 1000414 1002575 CVE-2013-2894 rhbz 1000137 1002579 +- CVE-2013-2895 rhbz 1000360 1002581 CVE-2013-2896 rhbz 1000494 1002594 +- CVE-2013-2897 rhbz 1000536 1002600 CVE-2013-2899 rhbz 1000373 1002604 + +* Thu Aug 29 2013 Justin M. Forbes 3.10.10-100 +- Linux v3.10.10 + +* Wed Aug 28 2013 Josh Boyer +- Add mei patches that fix various s/r issues (rhbz 994824 989373) + +* Wed Aug 21 2013 Josh Boyer +- Add patch to fix brcmsmac oops (rhbz 989269) +- CVE-2013-0343 handling of IPv6 temporary addresses (rhbz 914664 999380) + +* Tue Aug 20 2013 Josh Boyer +- Linux v3.10.9 + +* Tue Aug 20 2013 Josh Boyer - 3.10.8-100 +- Linux v3.10.8 +- CVE-2013-4254 ARM: perf: NULL pointer dereference in validate_event (rhbz 998878 998881) + +* Fri Aug 16 2013 Josh Boyer +- Add patch from Nathanael Noblet to fix mic on Gateway LT27 (rhbz 845699) + +* Thu Aug 15 2013 Josh Boyer - 3.10.7-100 +- Add patch to fix regression on TeVII S471 devices (rhbz 963715) +- Linux v3.10.7 + +* Mon Aug 12 2013 Justin M. Forbes 3.10.6-100 +- Linux v3.10.6 + +* Wed Aug 07 2013 Justin M. Forbes 3.10.5-101 +- Bump for rebuild after koji hiccup + +* Wed Aug 07 2013 Josh Boyer +- Add zero file length check to make sure pesign didn't fail (rhbz 991808) + +* Tue Aug 06 2013 Justin M. Forbes 3.10.5-100 +- update s390x config [Dan Horák] + +* Mon Aug 05 2013 Justin M. Forbes +- Linux v3.10.5 + +* Thu Aug 1 2013 Peter Robinson - 3.10.4-100 +- Rebase ARM config + +* Thu Aug 01 2013 Justin M. Forbes +- Update s390x config + +* Thu Aug 01 2013 Justin M. Forbes +- Rebase to 3.10.4 + dropped: + debug-bad-pte-dmi.patch + debug-bad-pte-modules.patch + VMX-x86-handle-host-TSC-calibration-failure.patch + ipv6-ip6_sk_dst_check-must-not-assume-ipv6-dst.patch + af_key-fix-info-leaks-in-notify-messages.patch + arm-tegra-fixclk.patch + vhost-net-fix-use-after-free-in-vhost_net_flush.patch + 0001-drivers-crypto-nx-fix-init-race-alignmasks-and-GCM-b.patch + i7300_edac_single_mode_fixup.patch + drivers-hwmon-nct6775.patch + iwlwifi-pcie-fix-race-in-queue-unmapping.patch + iwlwifi-pcie-wake-the-queue-if-stopped-when-being-unmapped.patch + cve-2013-4125.patch + iwlwifi-add-new-pci-id-for-6x35-series.patch + ipv6-ip6_append_data_mtu-did-not-care-about-pmtudisc-and_frag_size.patch + ipv6-call-udp_push_pending_frames-when-uncorking-a-socket-with-AF_INET-pending-data.patch + +* Thu Aug 01 2013 Josh Boyer +- Fix mac80211 connection issues (rhbz 981445) +- Fix firmware issues with iwl4965 and rfkill (rhbz 977053) + +* Mon Jul 29 2013 Josh Boyer +- Add support for elantech v7 devices (rhbz 969473) + +* Fri Jul 26 2013 Josh Boyer +- Add patch to fix NULL deref in iwlwifi (rhbz 979581) + +* Wed Jul 24 2013 Josh Boyer +- CVE-2013-4162 net: panic while pushing pending data out of a IPv6 socket with UDP_CORK enabled (rhbz 987627 987656) +- CVE-2013-4163 net: panic while appending data to a corked IPv6 socket in ip6_append_data_mtu (rhbz 987633 987639) + +* Mon Jul 22 2013 Josh Boyer - 3.9.11-200 +- Fix timer issue in bridge code (rhbz 980254) +- Add patch for iwlwifi 6x35 devices (rhbz 986538) +- Linux v3.9.11 + +* Fri Jul 19 2013 Dave Jones +- CVE-2013-4125 ipv6: BUG_ON in fib6_add_rt2node() (rhbz 984664) + +* Sat Jul 13 2013 Josh Boyer - 3.9.10-200 +- Linux v3.9.10 + +* Fri Jul 12 2013 Dave Jones - 3.9.9-203 +- Disable LATENCYTOP/SCHEDSTATS in non-debug builds. + +* Fri Jul 12 2013 Josh Boyer +- Fix various overflow issues in ext4 (rhbz 976837) +- Add iwlwifi fix for connection issue (rhbz 885407) + +* Fri Jul 05 2013 Josh Boyer +- Add report fixup for Genius Gila mouse from Benjamin Tissoires (rhbz 959721) +- Add vhost-net use-after-free fix (rhbz 976789 980643) +- Add fix for timer issue in bridge code (rhbz 980254) +- CVE-2013-2232 ipv6: using ipv4 vs ipv6 structure during routing lookup in sendmsg (rhbz 981552 981564) + +* Wed Jul 03 2013 Josh Boyer - 3.9.9-200 +- CVE-2013-1059 libceph: Fix NULL pointer dereference in auth client code (rhbz 977356 980341) +- CVE-2013-2234 net: information leak in AF_KEY notify (rhbz 980995 981007) +- Linux v3.9.9 + +* Wed Jul 03 2013 Josh Boyer +- Add patches to fix iwl skb managment (rhbz 977040) + +* Thu Jun 27 2013 Justin M. Forbes - 3.9.8-200 +- Linux v3.9.8 + +* Thu Jun 27 2013 Josh Boyer +- Fix stack memory usage for DMA in ath3k (rhbz 977558) + +* Wed Jun 26 2013 Josh Boyer +- Add two patches to fix bridge networking issues (rhbz 880035) + +* Mon Jun 24 2013 Josh Boyer +- Fix battery issue with bluetooth keyboards (rhbz 903741) + +* Fri Jun 21 2013 Josh Boyer +- Add two patches to fix iwlwifi issues in unmapping +- Add patch to fix carl9170 oops (rhbz 967271) + +* Thu Jun 20 2013 Justin M. Forbes - 3.9.7-200 +- Linux v3.9.7 + +* Wed Jun 19 2013 Mauro Carvalho Chehab +- Add and enable upstream kernel driver for nct6775 sensors + +* Tue Jun 18 2013 Dave Jones +- Disable MTRR sanitizer by default. + +* Thu Jun 13 2013 Josh Boyer - 3.9.6-200 +- Linux v3.9.6 + +* Wed Jun 12 2013 Josh Boyer +- Fix KVM divide by zero error (rhbz 969644) +- Add fix for rt5390/rt3290 regression (rhbz 950735) + +* Tue Jun 11 2013 Josh Boyer - 3.9.5-201 +- Add patches to fix MTRR issues in 3.9.5 (rhbz 973185) +- Add two patches to fix issues with vhost_net and macvlan (rhbz 954181) +- CVE-2013-2164 information leak in cdrom driver (rhbz 973100 973109) + +* Mon Jun 10 2013 Josh Boyer - 3.9.5-200 +- Linux v3.9.5 + +* Fri Jun 07 2013 Josh Boyer +- CVE-2013-2851 block: passing disk names as format strings (rhbz 969515 971662) +- CVE-2013-2852 b43: format string leaking into error msgs (rhbz 969518 971665) + +* Thu Jun 06 2013 Josh Boyer +- CVE-2013-2148 fanotify: info leak in copy_event_to_user (rhbz 971258 971261) +- CVE-2013-2147 cpqarray/cciss: information leak via ioctl (rhbz 971242 971249) + +* Wed Jun 05 2013 Josh Boyer +- CVE-2013-2140 xen: blkback: insufficient permission checks for BLKIF_OP_DISCARD (rhbz 971146 971148) + +* Mon Jun 03 2013 Josh Boyer +- Fix UEFI anti-bricking code (rhbz 964335) + +* Fri May 31 2013 Josh Boyer +- CVE-2013-2850 iscsi-target: heap buffer overflow on large key error (rhbz 968036 969272) + +* Fri May 24 2013 Justin M. Forbes - 3.9.4-200 +- Linux v3.9.4 + +* Fri May 24 2013 Josh Boyer +- Add patch to quiet irq remapping failures (rhbz 948262) + +* Thu May 23 2013 Josh Boyer +- Fix oops from incorrect rfkill set in hp-wmi (rhbz 964367) + +* Wed May 22 2013 Josh Boyer +- Fix memcmp error in iwlwifi + +* Tue May 21 2013 Josh Boyer - 3.9.3-201 +- Fix modules-extra signing with 3.9 kernels (rhbz 965181) + +* Mon May 20 2013 Josh Boyer - 3.9.3-200 +- Linux 3.9.3 +- Update s390x config + +* Thu May 16 2013 Josh Boyer +- Fix config-local usage (rhbz 950841) + +* Mon May 13 2013 Dave Jones - 3.9.2-200 +- Linux 3.9.2 + +* Fri May 10 2013 Dave Jones - 3.9.2-0.rc1.200 +- Linux 3.9.2-rc1 + +* Thu May 9 2013 Peter Robinson +- Disable PL330 on ARM as it's broken on highbank + +* Wed May 8 2013 Peter Robinson +- Add the ARM patches needed for 3.9 :-/ + +* Wed May 08 2013 Dave Jones - 3.9.1-200 +- Linux 3.9.1 + +* Wed May 08 2013 Josh Boyer +- Don't remove headers explicitly exported via UAPI (rhbz 959467) + +* Tue May 07 2013 Josh Boyer +- Fix dmesg_restrict patch to avoid regression (rhbz 952655) + +* Mon May 06 2013 Dave Jones - 3.9.1-0.rc1.201 +- Linux 3.9.1-rc1 + merged: wireless-regulatory-fix-channel-disabling-race-condition.patch + merged: iwlwifi-fix-freeing-uninitialized-pointer.patch + +* Mon May 06 2013 Josh Boyer +- Rebase F18 secure-boot patchset to Linux v3.9 + +* Mon May 6 2013 Peter Robinson +- Initial rebase of ARM to 3.9 + +* Mon May 06 2013 Dave Jones - 3.9.0-200 +- Rebase to Linux 3.9 + merged: silence-empty-ipi-mask-warning.patch + merged: quiet-apm.patch + merged: Input-increase-struct-ps2dev-cmdbuf-to-8-bytes.patch + merged: Input-add-support-for-Cypress-PS2-Trackpads.patch + merged: Input-cypress_ps2-fix-trackpadi-found-in-Dell-XPS12.patch + merged: alps-v2.patch + merged: userns-avoid-recursion-in-put_user_ns.patch + merged: amd64_edac_fix_rank_count.patch + merged: team-net-next-update-20130307.patch + merged: uvcvideo-suspend-fix.patch + merged: cfg80211-mac80211-disconnect-on-suspend.patch + merged: mac80211_fixes_for_ieee80211_do_stop_while_suspend_v3.8.patch + merged: mac80211-Dont-restart-sta-timer-if-not-running.patch + merged: 0001-bluetooth-Add-support-for-atheros-04ca-3004-device-t.patch + TODO: secure-boot + TODO: ARM configs. + +* Wed May 01 2013 Justin M. Forbes - 3.8.11-200 +- Linux v3.8.11 + +* Mon Apr 29 2013 Justin M. Forbes - 3.8.10-200 +- Linux v3.8.10 + +* Fri Apr 26 2013 Josh Boyer - 3.8.9-200 +- Linux v3.8.9 + +* Wed Apr 24 2013 Josh Boyer - 3.8.8-203 +- CVE-2013-3228 irda: missing msg_namelen update in irda_recvmsg_dgram (rhbz 956069 956071) +- CVE-2013-3230 l2tp: info leak in l2tp_ip6_recvmsg (rhbz 956088 956089) +- CVE-2013-3231 llc: Fix missing msg_namelen update in llc_ui_recvmsg (rhbz 956094 956104) +- CVE-2013-3232 netrom: information leak via msg_name in nr_recvmsg (rhbz 956110 956113) +- CVE-2013-3233 NFC: llcp: info leaks via msg_name in llcp_sock_recvmsg (rhbz 956125 956129) +- CVE-2013-3234 rose: info leak via msg_name in rose_recvmsg (rhbz 956135 956139) +- CVE-2013-3076 crypto: algif suppress sending src addr info in recvmsg (rhbz 956162 956168) + +* Tue Apr 23 2013 Josh Boyer +- CVE-2013-3223 ax25: information leak via msg_name in ax25_recvmsg (rhbz 955662 955666) +- CVE-2013-3225 Bluetooth: RFCOMM missing msg_namelen update in rfcomm_sock_recvmsg (rhbz 955649 955658) +- CVE-2013-1979 net: incorrect SCM_CREDENTIALS passing (rhbz 955629 955647) +- CVE-2013-3224 Bluetooth: possible info leak in bt_sock_recvmsg (rhbz 955599 955607) + +* Mon Apr 22 2013 Josh Boyer +- CVE-2013-3222 atm: update msg_namelen in vcc_recvmsg (rhbz 955216 955228) + +* Wed Apr 17 2013 Josh Boyer - 3.8.8-202 +- Fix missing raid REQ_WRITE_SAME flag commit (rhbz 947539) + +* Wed Apr 17 2013 Josh Boyer - 3.8.8-201 +- Linux v3.8.8 + +* Tue Apr 16 2013 Josh Boyer +- Fix uninitialized variable free in iwlwifi (rhbz 951241) +- Fix race in regulatory code (rhbz 919176) + +* Mon Apr 15 2013 Josh Boyer +- tracing: NULL pointer dereference (rhbz 952197 952217) +- Fix debug patches to build on s390x/ppc + +* Fri Apr 12 2013 Josh Boyer - 3.8.7-201 +- Linux v3.8.7 +- Enable CONFIG_LDM_PARTITION (rhbz 948636) + +* Thu Apr 11 2013 Dave Jones +- Print out some extra debug information when we hit bad page tables. + +* Thu Apr 11 2013 Josh Boyer +- Fix ALPS backport patch (rhbz 812111) + +* Tue Apr 09 2013 Josh Boyer - 3.8.6-203 +- Temporarily work around pci device assignment issues (rhbz 908888) +- CVE-2013-1929 tg3: len overflow in VPD firmware parsing (rhbz 949932 949946) +- Backport intel brightness quirk for emachines (rhbz 871932) + +* Mon Apr 8 2013 Peter Robinson +- Enable CMA on ARM tegra +- Minor tweeks to ARM OMAP + +* Mon Apr 08 2013 Josh Boyer +- Add patch from Benjamin Tissoires to fix race in HID magicmouse (rhbz 908604) + +* Fri Apr 05 2013 Justin M. Forbes +- Linux v3.8.6 + +* Wed Apr 03 2013 Dave Jones +- Enable MTD_CHAR/MTD_BLOCK (Needed for SFC) + Enable 10gigE on 64-bit only. + +* Tue Apr 02 2013 Josh Boyer +- Enable CONFIG_FB_MATROX_G on powerpc +- Add support for Atheros 04ca:3004 bluetooth devices (again) (rhbz 844750) +- Enable CONFIG_SCSI_DMX3191D (rhbz 919874) + +* Mon Apr 01 2013 Josh Boyer +- Enable the rtl8192e driver (rhbz 913753) +- Enable CONFIG_MCE_INJECT (rhbz 927353) + +* Thu Mar 28 2013 Josh Boyer - 3.8.5-201 +- Linux v3.8.5 + +* Tue Mar 26 2013 Justin M. Forbes +- Fix child thread introspection of of /proc/self/exe (rhbz 927469) + +* Tue Mar 26 2013 Josh Boyer +- Add quirk for Realtek card reader to avoid 10 sec boot delay (rhbz 806587) +- Add quirk for MSI keyboard backlight to avoid 10 sec boot delay (rhbz 907221) + +* Mon Mar 25 2013 Justin M. Forbes +- enable CONFIG_DRM_VMWGFX_FBCON (rhbz 927022) +- disable whci-hcd since it doesnt seem to have users (rhbz 919289) + +* Sat Mar 23 2013 Peter Robinson +- Disable Marvell Dove support for the moment as it breaks other SoCs + +* Thu Mar 21 2013 Josh Boyer +- Fix workqueue crash in mac80211 (rhbz 920218) + +* Thu Mar 21 2013 Peter Robinson +- Minor ARM config updates + +* Wed Mar 20 2013 Justin M. Forbes 3.8.4-201 +- Linux v3.8.4 +- CVE-2013-1873 information leaks via netlink interface (rhbz 923652 923662) + +* Wed Mar 20 2013 Josh Boyer +- CVE-2013-1796 kvm: buffer overflow in handling of MSR_KVM_SYSTEM_TIME + (rhbz 917012 923966) +- CVE-2013-1797 kvm: after free issue with the handling of MSR_KVM_SYSTEM_TIME + (rhbz 917013 923967) +- CVE-2013-1798 kvm: out-of-bounds access in ioapic indirect register reads + (rhbz 917017 923968) + +* Mon Mar 18 2013 Justin M. Forbes +- Revert rc6 ilk changes from 3.8.3 stable (rhbz 922304) + +* Mon Mar 18 2013 Peter Robinson +- Enable OMAP RNG and mvebu dove configs + +* Fri Mar 15 2013 Josh Boyer +- CVE-2013-1860 usb: cdc-wdm buf overflow triggered by dev (rhbz 921970 922004) + +* Thu Mar 14 2013 Justin M. Forbes 3.8.3-201 +- Linux v3.8.3 + +* Thu Mar 14 2013 Josh Boyer +- Fix divide by zero on host TSC calibration failure (rhbz 859282) + +* Thu Mar 14 2013 Mauro Carvalho Chehab +- fix i7300_edac twice-mem-size-report via EDAC API (rhbz 921500) + +* Tue Mar 12 2013 Josh Boyer +- Add patch to fix ieee80211_do_stop (rhbz 892599) +- Add patches to fix cfg80211 issues with suspend (rhbz 856863) +- Add patch to fix Cypress trackpad on XPS 12 machines (rhbz 912166) +- CVE-2013-0913 drm/i915: head writing overflow (rhbz 920471 920529) +- CVE-2013-0914 sa_restorer information leak (rhbz 920499 920510) + +* Mon Mar 11 2013 Mauro Carvalho Chehab +- fix amd64_edac twice-mem-size-report via EDAC API (rhbz 920586) + +* Mon Mar 11 2013 Josh Boyer +- Add patch to fix usb_submit_urb error in uvcvideo (rhbz 879462) +- Add patch to allow "8250." prefix to keep working (rhbz 911771) +- Add patch to fix w1_search oops (rhbz 857954) +- Add patch to fix broken tty handling (rhbz 904182) + +* Fri Mar 08 2013 Josh Boyer +- Add turbostat and x86_engery_perf_policy debuginfo to kernel-tools-debuginfo + +* Fri Mar 08 2013 Justin M. Forbes +- Revert "write backlight harder" until better solution is found (rhbz 917353) - Update team driver from net-next from Jiri Pirko -* Tue Aug 07 2012 Josh Boyer -- Add support for ppc64p7 subarch +* Fri Mar 08 2013 Josh Boyer +- CVE-2013-1828 sctp: SCTP_GET_ASSOC_STATS stack buffer overflow (rhbz 919315 919316) -* Mon Aug 06 2012 Josh Boyer - 3.6.0-0.rc1.git2.1 -- Linux v3.6-rc1-133-g42a579a +* Fri Mar 8 2013 Peter Robinson +- Have kernel provide kernel-highbank for upgrade to unified +- Update mvebu configs +- Drop unused ARM patches -* Sat Aug 04 2012 Josh Boyer - 3.6.0-0.rc1.git1.2 -- Reenable debugging options. +* Thu Mar 07 2013 Josh Boyer +- Fix DMI regression (rhbz 916444) +- Fix logitech-dj HID bug from Benjamin Tissoires (rhbz 840391) +- CVE-2013-1792 keys: race condition in install_user_keyrings (rhbz 916646 919021) -* Sat Aug 04 2012 Josh Boyer - 3.6.0-0.rc1.git1.1 -- Linux v3.6-rc1-112-ge7882d6 +* Wed Mar 06 2013 Justin M. Forbes +- Remove Ricoh multifunction DMAR patch as it's no longer needed (rhbz 880051) +- Fix destroy_conntrack GPF (rhbz 859346) -* Fri Aug 03 2012 Josh Boyer - 3.6.0-0.rc1.git0.2 -- CVE-2012-3412 sfc: potential rDOS through TCP MSS option (rhbz 844714 845558) +* Wed Mar 06 2013 Josh Boyer +- Fix regression in secure-boot acpi_rsdp patch (rhbz 906225) +- crypto: info leaks in report API (rhbz 918512 918521) -* Fri Aug 03 2012 Josh Boyer - 3.6.0-0.rc1.git0.1 -- Linux v3.6-rc1 +* Tue Mar 5 2013 Peter Robinson +- Fix Beagle (omap), update vexpress + +* Tue Mar 05 2013 Josh Boyer +- Backport 4 fixes for efivarfs (rhbz 917984) +- Enable CONFIG_IP6_NF_TARGET_MASQUERADE + +* Mon Mar 04 2013 Josh Boyer +- Fix issues in nx crypto driver from Kent Yoder (rhbz 916544) + +* Mon Mar 04 2013 Justin M. Forbes - 3.8.2-201 +- Linux v3.8.2 + +* Mon Mar 4 2013 Peter Robinson +- Fix DTB generation on ARM + +* Fri Mar 01 2013 Dave Jones +- Silence "tty is NULL" trace. + +* Fri Mar 01 2013 Josh Boyer +- Add patches to fix sunrpc panic (rhbz 904870) + +* Thu Feb 28 2013 Peter Robinson +- Update ARM config for 3.8 + +* Thu Feb 28 2013 Dave Jones +- Remove no longer needed E1000 hack. + +* Thu Feb 28 2013 Dave Jones +- Drop SPARC64 support. + +* Thu Feb 28 2013 Dave Jones +- Linux 3.8.1 + Dropped (merged in 3.8.1) + - drm-i915-lvds-reclock-fix.patch + - usb-cypress-supertop.patch + - perf-hists-Fix-period-symbol_conf.field_sep-display.patch + - ipv6-dst-from-ptr-race.patch + - sock_diag-Fix-out-of-bounds-access-to-sock_diag_handlers.patch + - tmpfs-fix-use-after-free-of-mempolicy-object.patch + +* Thu Feb 28 2013 Dave Jones +- Update usb-cypress-supertop.patch + +* Wed Feb 27 2013 Dave Jones +- Update ALPS patch to what got merged in 3.9-rc + +* Wed Feb 27 2013 Dave Jones +- 3.8.0 + Dropped (merged in 3.8) + - arm-l2x0-only-set-set_debug-on-pl310-r3p0-and-earlier.patch + - power-x86-destdir.patch + - modsign-post-KS-jwb.patch + - efivarfs-3.7.patch + - handle-efi-roms.patch + - drm-i915-Fix-up-mismerge-of-3490ea5d-in-3.7.y.patch + - USB-report-submission-of-active-URBs.patch + - exec-use-eloop-for-max-recursion-depth.patch + - 8139cp-revert-set-ring-address-before-enabling-receiver.patch + - 8139cp-set-ring-address-after-enabling-C-mode.patch + - 8139cp-re-enable-interrupts-after-tx-timeout.patch + - brcmsmac-updates-rhbz892428.patch + - silence-brcmsmac-warning.patch + - net-fix-infinite-loop-in-__skb_recv_datagram.patch + - Bluetooth-Add-support-for-Foxconn-Hon-Hai-0489-e056.patch + - 0001-bluetooth-Add-support-for-atheros-04ca-3004-device-t.patch + Needs checking: + - arm-tegra-nvec-kconfig.patch + - arm-tegra-sdhci-module-fix.patch + +* Tue Feb 26 2013 Justin M. Forbes +- Avoid recursion in put_user_ns, potential overflow + +* Tue Feb 26 2013 Josh Boyer +- CVE-2013-1767 tmpfs: fix use-after-free of mempolicy obj (rhbz 915592,915716) +- Fix vmalloc_fault oops during lazy MMU (rhbz 914737) + +* Mon Feb 25 2013 Josh Boyer +- Honor dmesg_restrict for /dev/kmsg (rhbz 903192) + +* Sun Feb 24 2013 Josh Boyer - 3.7.9-205 +- CVE-2013-1763 sock_diag: out-of-bounds access to sock_diag_handlers (rhbz 915052,915057) + +* Fri Feb 22 2013 Josh Boyer +- Add support for bluetooth in Acer Aspire S7 (rhbz 879408) + +* Thu Feb 21 2013 Neil Horman +- Fix crash from race in ipv6 dst entries (rhbz 892060) + +* Wed Feb 20 2013 Josh Boyer +- Fix perf report field separator issue (rhbz 906055) +- Fix oops from acpi_rsdp setup in secure-boot patchset (rhbz 906225) + +* Tue Feb 19 2013 Josh Boyer +- Add support for Atheros 04ca:3004 bluetooth devices (rhbz 844750) +- Backport support for newer ALPS touchpads (rhbz 812111) + +* Tue Feb 19 2013 Peter Robinson +- Fix OMAP thermal driver by building it in (seems it doesn't auto load when a module) + +* Mon Feb 18 2013 Justin M. Forbes - 3.7.9-201 +- Linux v3.7.9 + +* Mon Feb 18 2013 Adam Jackson +- CVE-2013-0290 net: infinite loop in __skb_recv_datagram (rhbz 911479 911473) + +* Thu Feb 14 2013 Justin M. Forbes - 3.7.8-201 +- Linux v3.7.8 + +* Thu Feb 14 2013 Adam Jackson +- i915: Hush asserts during TV detection, just useless noise +- i915: Fix LVDS downclock to not cripple performance (#901951) + +* Thu Feb 14 2013 Josh Boyer +- Add patch to fix corruption on newer M6116 SATA bridges (rhbz 909591) +- CVE-2013-0228 xen: xen_iret() invalid %ds local DoS (rhbz 910848 906309) + +* Tue Feb 12 2013 Dave Jones +- Add networking queue for next stable release. + +* Tue Feb 12 2013 Dave Jones +- mm: Check if PUD is large when validating a kernel address + +* Tue Feb 12 2013 Dave Jones +- Silence brcmsmac warnings. (Fixed in 3.8, but not backporting to 3.7) + +* Tue Feb 12 2013 Justin M. Forbes +- Linux v3.7.7 + +* Mon Feb 11 2013 Josh Boyer +- Add patch from Kees Cook to restrict MSR writting in secure boot mode +- Add patch to honor MokSBState (rhbz 907406) + +* Thu Feb 7 2013 Peter Robinson +- Minor ARM build fixes + +* Wed Feb 06 2013 Josh Boyer +- Add patch to fix ath9k dma stop checks (rhbz 892811) + +* Mon Feb 04 2013 Josh Boyer +- Linux v3.7.6 +- Update secure-boot patchset +- Fix rtlwifi scheduling while atomic from Larry Finger (rhbz 903881) + +* Tue Jan 29 2013 Josh Boyer +- Backport driver for Cypress PS/2 trackpad (rhbz 799564) + +* Mon Jan 28 2013 Josh Boyer - 3.7.5-201 +- Linux v3.7.5 +- Add patch to fix iwlwifi issues (rhbz 863424) + +* Sun Jan 27 2013 Peter Robinson +- Build and package dtbs on ARM +- Enable FB options for qemu vexpress on unified + +* Fri Jan 25 2013 Justin M. Forbes +- Turn off THP for 32bit + +* Wed Jan 23 2013 Justin M. Forbes - 3.7.4-204 +- brcmsmac fixes from upstream (rhbz 892428) + +* Wed Jan 23 2013 Dave Jones +- Remove warnings about empty IPI masks. + +* Tue Jan 22 2013 Justin M. Forbes - 3.7.4-203 +- Add i915 bugfix from airlied + +* Tue Jan 22 2013 Peter Robinson +- Apply ARM errata fix +- disable HVC_DCC and VIRTIO_CONSOLE on ARM + +* Tue Jan 22 2013 Josh Boyer +- Fix libata settings bug (rhbz 902523) + +* Mon Jan 21 2013 Josh Boyer - 3.7.4-201 +- Linux v3.7.4 + +* Fri Jan 18 2013 Justin M. Forbes 3.7.3-201 +- Linux v3.7.3 + +* Thu Jan 17 2013 Peter Robinson +- Merge 3.7 ARM kernel including unified kernel +- Drop separate IMX and highbank kernels +- Disable ARM PL310 errata that crash highbank + +* Wed Jan 16 2013 Josh Boyer +- Fix power management sysfs on non-secure boot machines (rhbz 896243) + +* Wed Jan 16 2013 Justin M. Forbes 3.7.2-204 +- Fix for CVE-2013-0190 xen corruption with 32bit pvops (rhbz 896051 896038) + +* Wed Jan 16 2013 Josh Boyer +- Add patch from Stanislaw Gruszka to fix iwlegacy IBSS cleanup (rhbz 886946) + +* Tue Jan 15 2013 Justin M. Forbes 3.7.2-203 +- Turn off Intel IOMMU by default +- Stable queue from 3.7.3 with many relevant fixes + +* Tue Jan 15 2013 Josh Boyer +- Enable CONFIG_DVB_USB_V2 (rhbz 895460) + +* Mon Jan 14 2013 Josh Boyer +- Enable Orinoco drivers in kernel-modules-extra (rhbz 894069) + +* Fri Jan 11 2013 Justin M. Forbes 3.7.1-1 +- Linux v3.7.2 +- Enable Intel IOMMU by default + +* Thu Jan 10 2013 Dave Jones +- Add audit-libs-devel to perf build-deps to enable trace command. (rhbz 892893) + +* Tue Jan 08 2013 Josh Boyer +- Add patch to fix shutdown on some machines (rhbz 890547) + +* Mon Jan 07 2013 Josh Boyer +- Patch to fix efivarfs underflow from Lingzhu Xiang (rhbz 888163) + +* Sun Jan 06 2013 Josh Boyer +- Fix version.h include due to UAPI change in 3.7 (rhbz 892373) + +* Fri Jan 04 2013 Josh Boyer +- Fix oops on aoe module removal (rhbz 853064) + +* Thu Jan 03 2013 Josh Boyer - 3.7.1-2 +- Fixup secure boot patchset for 3.7 rebase +- Package bash completion script for perf + +* Thu Jan 03 2013 Dave Jones +- Rebase to 3.7.1 + +* Wed Jan 02 2013 Josh Boyer +- Fix autofs issue in 3.6 (rhbz 874372) +- BR the hostname package (rhbz 886113) + +* Mon Dec 17 2012 Josh Boyer - 3.6.11-3 +- Linux v3.6.11 + +* Mon Dec 17 2012 Dennis Gilmore +- disable gpiolib on vexpress + +* Mon Dec 17 2012 Josh Boyer +- Fix oops in sony-laptop setup (rhbz 873107) + +* Wed Dec 12 2012 Josh Boyer - 3.6.10-5 +- Fix infinite loop in efi signature parser +- Don't error out if db doesn't exist + +* Tue Dec 11 2012 Josh Boyer - 3.6.10-4 +- Update secure boot patches to include MoK support +- Fix IBSS scanning in mac80211 (rhbz 883414) + +* Tue Dec 11 2012 Justin M. Forbes 3.6.10-1 +- Linux 3.6.10 + +* Wed Dec 05 2012 Dave Jones +- Team driver updates (Jiri Pirko) + +* Mon Dec 03 2012 Josh Boyer - 3.6.9-2 +- Backport 3 upstream fixes to resolve radeon schedule IB errors (rhbz 855275) + +* Mon Dec 03 2012 Justin M. Forbes 3.6.9-1 +- Linux 3.6.9 + +* Thu Nov 29 2012 Peter Robinson +- Update some ARM GPIO and I2C configs + +* Tue Nov 27 2012 Josh Boyer +- Update patches for 8139cp issues from David Woodhouse (rhbz 851278) + +* Mon Nov 26 2012 Josh Boyer - 3.6.8-1 +- Linux v3.6.8 + +* Mon Nov 26 2012 Josh Boyer +- Fix regression in 8139cp driver, debugged by William J. Eaton (rhbz 851278) +- Fix ACPI video after _DOD errors (rhbz 869383) +- Fix ata command timeout oops in mvsas (rhbz 869629) +- Enable CONFIG_UIO_PDRV on ppc64 (rhbz 878180) +- CVE-2012-4530: stack disclosure binfmt_script load_script (rhbz 868285 880147) + +* Tue Nov 20 2012 Josh Boyer - 3.6.7-5 +- CVE-2012-4461: kvm: invalid opcode oops on SET_SREGS with OSXSAVE bit set (rhbz 878518 862900) +- Add VC_MUTE ioctl (rhbz 859485) +- Add support for BCM20702A0 (rhbz 874791) + +* Tue Nov 20 2012 Peter Robinson +- Change the minimum mmap address back to 32768 on ARM systems (thanks to Jon Masters) + +* Mon Nov 19 2012 Josh Boyer +- Apply patches from Jeff Moyer to fix direct-io oops (rhbz 812129) + +* Sat Nov 17 2012 Justin M. Forbes - 3.6.7-1 +- linux 3.6.7 + +* Fri Nov 16 2012 Josh Boyer - 3.6.6-9 +- Fix oops causing typo in keyspan driver (rhbz 870562) +- Don't WARN_ON empty queues in iwlwifi (rhbz 873001) + +* Thu Nov 15 2012 Justin M. Forbes +- Fix panic in panic in smp_irq_move_cleanup_interrupt (rhbz 869341) + +* Wed Nov 14 2012 Josh Boyer +- Fix module signing of kernel flavours + +* Mon Nov 12 2012 Justin M. Forbes +- fix list_del corruption warning on USB audio with twinkle (rhbz 871078) + +* Fri Nov 09 2012 Josh Boyer +- Fix vanilla kernel builds (reported by Thorsten Leemhuis) + +* Wed Nov 07 2012 Josh Boyer +- Add patch to not break modules_install for external module builds + +* Mon Nov 05 2012 Josh Boyer - 3.6.6-3 +- Backport efivarfs from efi/next for moktools +- Fix build break without CONFIG_EFI set (reported by Peter W. Bowey) +- Linux v3.6.6 + +* Mon Nov 05 2012 David Woodhouse - 3.6.5-3 +- Fix EFI framebuffer handling + +* Wed Oct 31 2012 Josh Boyer - 3.6.5-2 +- Update modsign to what is currently in 3.7-rc2 +- Update secure boot support for UEFI cert importing. + +* Wed Oct 31 2012 Josh Boyer - 3.6.5-1 +- Linux v3.6.5 +- CVE-2012-4565 net: divide by zero in tcp algorithm illinois (rhbz 871848 871923) + +* Tue Oct 30 2012 Josh Boyer +- Move power-x86-destdir.patch to apply on vanilla kernels (thanks knurd) + +* Mon Oct 29 2012 Justin M. Forbes +- Uprobes backports from upstream + +* Mon Oct 29 2012 Peter Robinson +- Update ARM alignment patch to upstream + +* Mon Oct 29 2012 Justin M. Forbes 3.6.4-1 +- Linux 3.6.4 + +* Thu Oct 25 2012 Justin M. Forbes +- CVE-2012-4508: ext4: AIO vs fallocate stale data exposure (rhbz 869904 869909) + +* Wed Oct 24 2012 Josh Boyer +- Remove patch added for rhbz 856863 +- Add patch to fix corrupted text with i915 (rhbz 852210) + +* Tue Oct 23 2012 Peter Robinson +- Update OMAP Video config options + +* Mon Oct 22 2012 Peter Robinson +- VIFO fails on ARM at the moment so disable it for the time being + +* Mon Oct 22 2012 Josh Boyer +- Add patch to fix CIFS oops from Jeff Layton (rhbz 867344) +- CVE-2012-0957: uts: stack memory leak in UNAME26 (rhbz 862877 864824) +- Fix rt2x00 usb reset resume (rhbz 856863) + +* Mon Oct 22 2012 Justin M. Forbes - 3.6.3-1 +- Linux 3.6.3 + +* Mon Oct 22 2012 Peter Robinson +- Revert ARM misaligned access check to stop kernel OOPS +- Actually apply highbank sata patch + +* Thu Oct 18 2012 Josh Boyer +- Patch to have mac80211 connect with HT20 if HT40 is not allowed (rhbz 866013) +- Enable VFIO (rhbz 867152) +- Apply patch from Stanislaw Gruszka to fix mac80211 issue (rhbz 862168) +- Apply patch to fix iwlwifi crash (rhbz 770484) + +* Tue Oct 16 2012 Mauro Carvalho Chehab - 3.6.2-2 +- Fix i82975x_edac OOPS + +* Tue Oct 16 2012 Justin M. Forbes +- Enable CONFIG_TCM_VHOST (rhbz 866981) + +* Mon Oct 15 2012 Justin M. Forbes 3.6.2-1 +- Linux 3.6.2 + +* Thu Oct 11 2012 Peter Robinson 3.6.1-2 +- Update ARM config for missing newoption items + +* Tue Oct 09 2012 Josh Boyer +- Drop unhandled irq polling patch + +* Mon Oct 08 2012 Justin M. Forbes 3.6.1-1 +- Linux 3.6.1 + +* Sat Oct 06 2012 Josh Boyer +- secure boot modsign depends on CONFIG_MODULE_SIG not CONFIG_MODULES + +* Fri Oct 05 2012 Josh Boyer +- Adjust secure boot modsign patch + +* Fri Oct 5 2012 Peter Robinson +- Build MMC in on OMAP and Tegra until we work out why modules don't work + +* Wed Oct 03 2012 Adam Jackson +- Drop vgem patches, not doing anything yet. + +* Wed Oct 03 2012 Josh Boyer +- Make sure kernel-tools-libs-devel provides kernel-tools-devel + +* Tue Oct 02 2012 Justin M. Forbes - 3.6.0-2 +- Power: Fix VMX fix for memcpy case (rhbz 862420) + +* Tue Oct 02 2012 Josh Boyer +- Patch from David Howells to fix overflow on 32-bit X.509 certs (rhbz 861322) + +* Tue Oct 2 2012 Peter Robinson +- Update ARM configs for 3.6 final +- Add highbank SATA driver for stability +- Build in OMAP MMC and DMA drivers to fix borkage for now + +* Mon Oct 01 2012 Justin M. Forbes - 3.6.0-1 +- Linux 3.6.0 - Disable debugging options. -* Thu Aug 02 2012 Josh Boyer - 3.6.0-0.rc0.git9.3 -- Update modsign and secure-boot patch sets - -* Thu Aug 02 2012 Josh Boyer -- Reenable cgroups memory controller (rhbz 845285) -- Add two patches from Seth Forshee to fix brcmsmac backtrace - -* Thu Aug 02 2012 Josh Boyer - 3.6.0-0.rc0.git9.1 -- Linux v3.5-9139-g1a9b499 - -* Wed Aug 01 2012 Josh Boyer - 3.6.0-0.rc0.git8.1 -- Linux v3.5-8833-g2d53492 - -* Wed Aug 01 2012 Josh Boyer - 3.6.0-0.rc0.git7.1 -- Linux v3.5-8367-g08843b7 - -* Tue Jul 31 2012 Josh Boyer - 3.6.0-0.rc0.git6.1 -- Linux v3.5-8197-g2e3ee61 - -* Wed Jul 31 2012 John W. Linville -- Enable batman-adv and add it to the list of "extra" modules - -* Tue Jul 31 2012 Dave Jones -- Change VM_BUG_ON's to be WARN_ONs instead. - -* Tue Jul 31 2012 Josh Boyer -- Move modules needed by Shorewall back to main kernel package (rhbz 844436) - -* Mon Jul 30 2012 Josh Boyer - 3.6.0-0.rc0.git5.2 -- Update config options - -* Mon Jul 30 2012 Josh Boyer - 3.6.0-0.rc0.git5.1 -- Linux v3.5-7815-g37cd960 - -* Mon Jul 30 2012 Josh Boyer - 3.6.0-0.rc0.git4.1 -- Linux v3.5-7078-gf7da9cd - -* Mon Jul 30 2012 Josh Boyer -- Fixup patches - -* Fri Jul 27 2012 Justin M. Forbes - 3.6.0-0.rc0.git3.1 -- Linux v3.5-6982-gb387e41 - -* Thu Jul 26 2012 Josh Boyer -- Apply patch to fix uvcvideo crash (rhbz 836742) -- Enable Intel MEI driver (rhbz 842444) - -* Wed Jul 25 2012 Justin M. Forbes - 3.6.0-0.rc0.git2.1 -- Linux v3.5-4773-gbdc0077 - -* Tue Jul 24 2012 Josh Boyer -- Update modsign patch to latest upstream -- Add initial UEFI Secure Boot patchset. Work in progress. - -* Tue Jul 24 2012 Justin M. Forbes - 3.6.0-0.rc0.git1.1 -- Linux v3.5-1643-gf0a08fc - -* Mon Jul 23 2012 Justin M. Forbes - 3.5.0-2 -- Reenable debugging options. - -* Mon Jul 23 2012 Justin M. Forbes - 3.5.0-1 -- Linux v3.5 -- Disable debugging options. - -* Fri Jul 20 2012 John W. Linville -- Enable NFC subsystem and drivers - -* Fri Jul 20 2012 Justin M. Forbes - 3.5.0-0.rc7.git4.1 -- Linux v3.5-rc7-141-g85efc72 - -* Thu Jul 19 2012 Justin M. Forbes - 3.5.0-0.rc7.git3.1 -- Linux v3.5-rc7-124-g8a7298b - -* Wed Jul 18 2012 Josh Boyer -- Update modsign patch to latest upstream - -* Wed Jul 18 2012 Justin M. Forbes - 3.5.0-0.rc7.git2.1 -- Linux v3.5-rc7-81-ga018540 - -* Wed Jul 18 2012 Josh Boyer -- check return value of power_supply_register from Lan Tianyu (rhbz 772730) - -* Tue Jul 17 2012 Justin M. Forbes - 3.5.0-0.rc7.git1.2 -- Reenable debugging options. - -* Tue Jul 17 2012 Justin M. Forbes - 3.5.0-0.rc7.git1.1 -- Linux v3.5-rc7-25-ge5254a6 - -* Mon Jul 16 2012 Justin M. Forbes - 3.5.0-0.rc7.git0.1 -- Linux v3.5-rc7 -- Disable debugging options. - -* Fri Jul 13 2012 Justin M. Forbes - 3.5.0-0.rc6.git4.1 -- Linux v3.5-rc6-186-gac7d181 - -* Fri Jul 13 2012 Josh Boyer -- Build CONFIG_HID and CONFIG_HID_GENERIC in - -* Thu Jul 12 2012 Justin M. Forbes - 3.5.0-0.rc6.git3.1 -- Linux v3.5-rc6-117-g918227b - -* Wed Jul 11 2012 Justin M. Forbes - 3.5.0-0.rc6.git2.1 -- Linux v3.5-rc6-40-g055c9fa -- Fix FIPS for aesni hardware (rhbz 839239) - -* Tue Jul 10 2012 Justin M. Forbes - 3.5.0-0.rc6.git1.1 -- Linux v3.5-rc6-22-g2437fcc - -* Mon Jul 09 2012 Justin M. Forbes - 3.5.0-0.rc6.git0.3 -- Reenable debugging options. - -* Mon Jul 09 2012 Justin M. Forbes - 3.5.0-0.rc6.git0.2 -- Linux v3.5-rc6 -- Disable debugging options. - -* Fri Jul 06 2012 Justin M. Forbes - 3.5.0-0.rc5.git3.1 -- Linux v3.5-rc5-149-gc4aed35 - -* Thu Jul 05 2012 Josh Boyer -- Move sch_htb module into main kernel package (rhbz 836185) - -* Thu Jul 05 2012 Dennis Gilmore -- enable cpu frequency scaling on omap systems - -* Thu Jul 05 2012 Justin M. Forbes - 3.5.0-0.rc5.git2.1 -- Linux v3.5-rc5-98-g9e85a6f - -* Wed Jul 4 2012 Josh Boyer -- Patch from Stanislaw Gruszka to fix rt2x00 USB access point (rhbz 828824) - -* Tue Jul 03 2012 Justin M. Forbes - 3.5.0-0.rc5.git1.1 -- Linux v3.5-rc5-6-g9d4056a - -* Tue Jul 03 2012 Justin M. Forbes - 3.5.0-0.rc5.git0.3 -- Reenable debugging options. - -* Mon Jul 02 2012 Justin M. Forbes - 3.5.0-0.rc5.git0.2 -- Linux 3.5-rc5 -- Disable debugging options. - -* Fri Jun 29 2012 Justin M. Forbes - 3.5.0-0.rc4.git4.1 -- Linux v3.5-rc4-211-g9acc7bd - -* Thu Jun 28 2012 Dennis Gilmore -- include the mach- headers on arm arches if they are available - -* Thu Jun 28 2012 Justin M. Forbes - 3.5.0-0.rc4.git3.1 -- Linux v3.5-rc4-98-g47b514c -- Team driver update - -* Wed Jun 27 2012 Justin M. Forbes - 3.5.0-0.rc4.git2.1 -- Linux v3.5-rc4-59-gd1346a6 - -* Tue Jun 26 2012 Justin M. Forbes - 3.5.0-0.rc4.git1.2 -- Reenable debugging options. - -* Tue Jun 26 2012 Justin M. Forbes - 3.5.0-0.rc4.git1.1 -- Linux v3.5-rc4-52-gaace99e - -* Mon Jun 25 2012 Peter Robinson -- Add patch to fix ARM OMAP build -- re-enable IMX kernel now it builds again - -* Mon Jun 25 2012 Justin M. Forbes - 3.5.0-0.rc4.git0.1 -- Disable debugging options. - -* Mon Jun 25 2012 Justin M. Forbes -- Linux 3.5-rc4 - -* Fri Jun 22 2012 Josh Boyer -- Add uprobe backports from -tip from Anton Arapov - -* Wed Jun 20 2012 Josh Boyer -- Fix incorrect logic in irqpoll patch - -* Mon Jun 18 2012 Josh Boyer - 3.5.0-0.rc3.git0.2 -- Disable debugging options. - -* Mon Jun 18 2012 Josh Boyer - -3.5.0-0.rc3.git0.1 -- Linux v3.5-rc3 - -* Tue Jun 12 2012 Peter Robinson -- ARM: build in rtc modules so time gets set right on boot - -* Mon Jun 11 2012 Josh Boyer -- Add virtual provides for kernel-module to kernel-modules-extra (rhbz 770444) - -* Mon Jun 11 2012 Josh Boyer - 3.5.0-0.rc2.git0.3 -- Add patch to fix xen domU 32bit (rhbz 829016) -- Reenable debugging options. - -* Mon Jun 11 2012 Josh Boyer -- Add two upstream commits to fix flaky iwlwifi (rhbz 825491) - -* Sun Jun 10 2012 Peter Robinson -- Temporarily disable ARM imx kernel due to missing clk patches -- Add patch to fix OMAP build -- Drop DTB mac patches as rejected upstream -- General ARM cleanups - -* Sat Jun 09 2012 Josh Boyer - 3.5.0-0.rc2.git0.1 -- Linux v3.5-rc2 - -* Fri Jun 08 2012 Josh Boyer -- Enable HV assisted KVM on ppc64 - -* Tue Jun 05 2012 Josh Boyer -- Disable MV643XX on ppc32 because ARM broke it (rhbz 828776) - -* Tue Jun 05 2012 Peter Robinson -- Update ARM config options for 3.5 -- Enable MTD/UBI/JFFS2 on ARM platforms - -* Mon Jun 04 2012 Dave Jones -- Remove 32bit NX emulation. - -* Mon Jun 04 2012 Josh Boyer -- Remove modules.{devname,softdep} to prevent RPM verify errors (rhbz 650807) - -* Sun Jun 03 2012 Josh Boyer - 3.5.0-0.rc1.git0.1 -- Linux v3.5-rc1 -- Disable debugging options. - -* Sat Jun 02 2012 Peter Robinson -- ARM OMAP updates - -* Sat Jun 02 2012 Josh Boyer - 3.5.0-0.rc0.git12.1 -- Linux v3.4-10115-g829f51d - -* Fri Jun 01 2012 Josh Boyer - 3.5.0-0.rc0.git11.1 -- Linux v3.4-9547-gfb21aff - -* Thu May 31 2012 Josh Boyer -- Per Adam Jackson, drop linux-2.6-intel-iommu-igfx.patch - -* Thu May 31 2012 Josh Boyer - 3.5.0-0.rc0.git10.2 -- Fix crash in cirrus qemu driver from Dave Airlie (rhbz 826983) - -* Thu May 31 2012 Josh Boyer - 3.5.0-0.rc0.git10.1 -- Linux v3.4-9208-gaf56e0a - -* Wed May 30 2012 Josh Boyer -- modsign: Fix 32bit ELF table interpretation from David Howells (rhbz 825944) - -* Tue May 29 2012 Josh Boyer - 3.5.0-0.rc0.git9.1 -- Linux v3.4-8261-ga01ee16 - -* Sun May 27 2012 Josh Boyer - 3.5.0-0.rc0.git8.1 -- Linux v3.4-8215-g1e2aec8 - -* Fri May 25 2012 Josh Boyer - 3.5.0-0.rc0.git7.1 -- Linux v3.4-7644-g07acfc2 - -* Fri May 25 2012 Mauro Carvalho Chehab -- Don't manually customise tuners/frontends (rhbz 825203) - -* Thu May 24 2012 Dennis Gilmore -- enable XGI_FB on kirkwood for openrd -- enable DeviceTree support on kirkwood -- enable dreamplug support on kerkwood - -* Thu May 24 2012 Josh Boyer - 3.5.0-0.rc0.git6.1 -- Linux v3.4-5722-gf936991 - -* Thu May 24 2012 Josh Boyer -- CVE-2012-2372 mm: 32bit PAE pmd walk vs populate SMP race (rhbz 822821 822825) - -* Thu May 24 2012 Peter Robinson -- Don't build Nokia ARM device support - -* Wed May 23 2012 Josh Boyer - 3.5.0-0.rc0.git5.1 -- Linux v3.4-5161-g56edab3 - -* Wed May 23 2012 Adam Jackson -- drm-i915-lvds-dual-channel.patch: Scrape LVDS dual-channel-ness from the - VBT instead of just making things up. (#819343) - -* Wed May 23 2012 Josh Boyer - 3.5.0-0.rc0.git4.1 -- Add patch to fix perf build -- Linux v3.4-4842-g61011677 - -* Wed May 23 2012 Dennis Gilmore -- add patch to fix ftbfs on tegra due to sdhci MODULE_DEVICE_TABLE mismatch -- dont make a arm config file we do not use it anywhere - -* Tue May 22 2012 Josh Boyer - 3.5.0-0.rc0.git3.1 -- Linux v3.4-2580-g72c04af - -* Tue May 22 2012 Josh Boyer - 3.5.0-0.rc0.git2.1 -- Linux v3.4-2285-g2e32180 - -* Mon May 21 2012 Josh Boyer -- Update the modsign patchset to the most recent version - -* Mon May 21 2012 Josh Boyer - 3.5.0-0.rc0.git1.2 -- Linux v3.4-1622-g31a6710 - -* Mon May 21 2012 Josh Boyer - 3.4.0-2 -- Reenable debugging options. - -* Mon May 21 2012 Josh Boyer - 3.4.0-1 -- Linux v3.4 - -* Mon May 21 2012 Josh Boyer - 3.4.0-0.rc7.git6.2 -- Disable debugging options. - -* Mon May 21 2012 Josh Boyer -- Bump NR_CPUS to 128 on x86_64 - -* Sun May 20 2012 Josh Boyer - 3.4.0-0.rc7.git6.1 -- Linux v3.4-rc7-124-gd6c77973 - -* Sat May 19 2012 Josh Boyer - 3.4.0-0.rc7.git5.1 -- Linux v3.4-rc7-106-gb1dab2f - -* Fri May 18 2012 Josh Boyer - 3.4.0-0.rc7.git4.1 -- Linux v3.4-rc7-92-g42ea7d7 - -* Thu May 17 2012 Josh Boyer - 3.4.0-0.rc7.git3.1 -- Linux v3.4-rc7-53-g0e93b4b - -* Thu May 17 2012 Josh Boyer -- Enable cpu_idle drivers for ppc64/pseries (requested by Ben Herrenschmidt) - -* Wed May 16 2012 Josh Boyer -- Update the vgaarb patches to pick up a small switcheroo fix from airlied - -* Wed May 16 2012 Josh Boyer - 3.4.0-0.rc7.git2.1 -- Linux v3.4-rc7-24-g568b445 - -* Tue May 15 2012 Josh Boyer -- Enable Nilfs2 and put it in modules-extra (rhbz 821702) - -* Tue May 15 2012 Dennis Gilmore -- dont build a up kernel on armv5tel - -* Tue May 15 2012 Josh Boyer - 3.4.0-0.rc7.git1.1 -- Fixup atl1c register programming (rhbz 749276) -- Linux v3.4-rc7-21-gb6255ee - -* Tue May 15 2012 Dennis Gilmore -- make sure smp is on in generic arm config -- tweak vexpress config - -* Mon May 14 2012 Josh Boyer -- Enable DRM_VIA again per Adam Jackson - -* Mon May 14 2012 Josh Boyer - 3.4.0-0.rc7.git0.2 -- Reenable debugging options. - -* Sun May 13 2012 Josh Boyer - 3.4.0-0.rc7.git0.1 -- Linux v3.4-rc7 -- Disable debugging options. - -* Fri May 11 2012 Josh Boyer -- Enable CONFIG_NFSD_FAULT_INJECTION on debug builds (suggested by Jeff Layton) -- Enable CONFIG_SUNRPC_DEBUG (pointed out by Jeff Layton) - -* Fri May 11 2012 Josh Boyer - 3.4.0-0.rc6.git3.1 -- Linux v3.4-rc6-76-gd60b9c1 - -* Thu May 10 2012 Josh Boyer - 3.4.0-0.rc6.git2.2 -- Fix normal kernel builds - -* Thu May 10 2012 Josh Boyer - 3.4.0-0.rc6.git2.1 -- Linux v3.4-rc6-41-g7ee94d9 - -* Thu May 10 2012 Peter Robinson -- Build in MMC on VExpress so we can boot using qemu - -* Tue May 8 2012 Peter Robinson -- Restructure ARM configs to minimise duplication and pull all generic options -- Spilt Versatile config and use Express chip into dedicated config for qemu - -* Tue May 08 2012 Josh Boyer - 3.4.0-0.rc6.git1.1 -- Linux v3.4-rc6-20-g789505b - -* Tue May 08 2012 Josh Boyer - 3.4.0-0.rc6.git0.2 -- Reenable debugging options. - -* Mon May 07 2012 Dave Jones -- Remove /proc/device-tree when openfirmware init fails. (rhbz 818378) - -* Mon May 07 2012 Josh Boyer - 3.4.0-0.rc6.git0.1 -- Linux v3.4-rc6 -- Disable debugging options. - -* Sat May 05 2012 Josh Boyer - 3.4.0-0.rc5.git5.1 -- Linux v3.4-rc5-208-g6f24f89 - -* Fri May 04 2012 Josh Boyer - 3.4.0-0.rc5.git4.1 -- Linux v3.4-rc5-183-g0a6ba09 - -* Thu May 03 2012 Dennis Gilmore -- enable omap KMS driver - -* Thu May 3 2012 Peter Robinson -- Patch for disconnect issues with storage attached to a tegra-ehci controller - -* Thu May 03 2012 Justin M. Forbes -- Reenable slip and add to module-extras (rhbz 818308) - -* Wed May 02 2012 Josh Boyer -- Disable PCIEPORTBUS on ppc64 per IBM request - -* Wed May 02 2012 Josh Boyer - 3.4.0-0.rc5.git3.1 -- Linux v3.4-rc5-62-g529acf5 - -* Tue May 01 2012 Josh Boyer - 3.4.0-0.rc5.git2.1 -- Drop merged patch. Drink coffee before doing build. -- Linux v3.4-rc5-34-g655861e - -* Mon Apr 30 2012 Josh Boyer - 3.4.0-0.rc5.git1.1 -- Linux v3.4-rc5-8-g8a7dc4b - -* Mon Apr 30 2012 Josh Boyer -- Backport ipw2x00 nl80211 cipher suite reporting (rhbz 817298) - -* Mon Apr 30 2012 Josh Boyer - 3.4.0-0.rc5.git0.3 -- Reenable debugging options. - -* Mon Apr 30 2012 Josh Boyer - 3.4.0-0.rc5.git0.2 -- Linux v3.4-rc5 -- Disable debugging options. - -* Sat Apr 28 2012 Josh Boyer - 3.4.0-0.rc4.git4.1 -- Linux v3.4-rc4-308-gf7b0069 - -* Fri Apr 27 2012 Josh Boyer - 3.4.0-0.rc4.git3.1 -- Linux v3.4-rc4-180-g82b7690 - -* Thu Apr 26 2012 Josh Boyer - 3.4.0-0.rc4.git2.1 -- Linux v3.4-rc4-135-g2300fd6 - -* Tue Apr 24 2012 Josh Boyer - 3.4.0-0.rc4.git1.1 -- Linux v3.4-rc4-95-g95f7147 - -* Tue Apr 24 2012 Josh Boyer -- Add patch to fix ipw2200 (rhbz 802106) - -* Mon Apr 23 2012 Peter Hutterer -- Fix regression on clickpads - -* Mon Apr 23 2012 Josh Boyer - 3.4.0-0.rc4.git0.2 -- Add GMA3600 (Cedarview) support (rhbz 810686) -- Reenable debugging options. - -* Mon Apr 23 2012 Josh Boyer - 3.4.0-0.rc4.git0.1 -- Disable debugging options. -- Linux v3.4-rc4 - -* Fri Apr 20 2012 Josh Boyer -- Move the dlm module to modules-extra and do additional cleanup (rhbz 811547) - -* Fri Apr 20 2012 Justin M. Forbes - 3.4.0-0.rc3.git4.1 -- Linux v3.4-rc3-89-gc6f5c93 - -* Thu Apr 19 2012 Justin M. Forbes - 3.4.0-0.rc3.git3.1 -- Linux v3.4-rc3-65-g9b7f43a - -* Thu Apr 19 2012 Justin M. Forbes -- CVE-2012-2119 macvtap: zerocopy: vector length is not validated before - pinning user pages (rhbz 814278 814289) - -* Thu Apr 19 2012 Justin M. Forbes -- CVE-2012-2121: Fix KVM device assignment page leak (rhbz 814149 814155) - -* Wed Apr 18 2012 Justin M. Forbes - 3.4.0-0.rc3.git2.1 -- Linux v3.4-rc3-36-g592fe89 - -* Wed Apr 18 2012 Josh Boyer -- Fix hfsplus bless ioctl with hardlinks (from Matthew Garrett) -- Change patch to resolve libata hotplug (rhbz 807632) - -* Tue Apr 17 2012 Josh Boyer -- Move the dlm module to modules-extra (rhbz 811547) - -* Tue Apr 17 2012 Justin M. Forbes - 3.4.0-0.rc3.git1.1 -- Linux v3.4-rc3-17-g4643b05 - -* Tue Apr 17 2012 Josh Boyer -- Fix oops on invalid AMD microcode load (rhbz 797559) - -* Mon Apr 16 2012 Josh Boyer -- Add and use vga_default_device patches (requested by Matthew Garrett) -- Enable Apple gmux driver - -* Mon Apr 16 2012 Justin M. Forbes - 3.4.0-0.rc3.git0.2 -- Reenable debugging options. - -* Mon Apr 16 2012 John W. Linville -- Disable CONFIG_WIRELESS_EXT_SYSFS (long deprecated upstream) - -* Mon Apr 16 2012 Justin M. Forbes - 3.4.0-0.rc3.git0.1 -- Linux v3.4-rc3 -- Disable debugging options. - -* Fri Apr 13 2012 Justin M. Forbes - 3.4.0-0.rc2.git3.1 -- Linux v3.4-rc2-269-g4166fb6 - -* Thu Apr 12 2012 Justin M. Forbes - 3.4.0-0.rc2.git2.1 -- Linux v3.4-rc2-174-gecca5c3 - -* Thu Apr 12 2012 Dennis Gilmore -- KALLSYMS_EXTRA_PASS=1 has to be passed in on the command line so do so only for arm - -* Wed Apr 11 2012 Peter Robinson -- update ARM configs, rename arm-omap - -* Wed Apr 11 2012 Dennis Gilmore -- set KALLSYMS_EXTRA_PASS=1 on arm arches - -* Wed Apr 11 2012 Justin M. Forbes -- enable HyperV drivers - -* Wed Apr 11 2012 Justin M. Forbes - 3.4.0-0.rc2.git1.1 -- Linux v3.4-rc2-23-g923e9a1 - -* Tue Apr 10 2012 Josh Boyer -- Disable the PMAC ide driver. PATA_MACIO seems to work (rhbz 810579) -- Backport fixes for correct register constraints in cmpxchg.h (rhbz 809014) - -* Mon Apr 09 2012 Justin M. Forbes - 3.4.0-0.rc2.git0.3 -- Reenable debugging options. - -* Mon Apr 09 2012 Justin M. Forbes -- SELinux apply a different permission to ptrace a child vs non-child - -* Mon Apr 09 2012 Justin M. Forbes - 3.4.0-0.rc2.git0.2 -- Disable debugging options. - -* Mon Apr 09 2012 Justin M. Forbes - 3.4.0-0.rc2 -- Linux v3.4-rc2 - -* Fri Apr 06 2012 Justin M. Forbes - 3.4.0-0.rc1.git3.1 -- Linux v3.4-rc1-349-g314489b - -* Thu Apr 05 2012 Justin M. Forbes - 3.4.0-0.rc1.git2.1 -- Linux v3.4-rc1-246-g6c216ec -- Turn off CONFIG_RCU_FAST_NO_HZ until it is fixed upstream - -* Thu Apr 05 2012 Dave Jones -- Better watermark the number of pages used by hibernation I/O (Bojan Smojver) (rhbz 785384) - -* Wed Apr 04 2012 Josh Boyer -- Disable runtime PM for hotpluggable ATA ports (rhbz 806676 807632) - -* Tue Apr 03 2012 Justin M. Forbes - 3.4.0-0.rc1.git1.2 -- BTRFS use after free patch - -* Tue Apr 03 2012 Justin M. Forbes - 3.4.0-0.rc1.git1.2 -- Reenable debugging options. - -* Tue Apr 03 2012 Justin M. Forbes - 3.4.0-0.rc1.git1.1 -- Linux v3.4-rc1-144-g01627d9 - -* Tue Apr 03 2012 Josh Boyer -- Fix crash in uvc_video_clock_update from Laurent Pinchart (rhbz 806433) - -* Mon Apr 02 2012 Justin M. Forbes - 3.4.0-0.rc1.git0.2 -- Fix config since koji preps as noarch - -* Mon Apr 02 2012 Justin M. Forbes - 3.4.0-0.rc1.git0.2 -- Disable debugging options. - -* Mon Apr 02 2012 Justin M. Forbes - 3.4.0-0.rc1 -- Linux v3.4-rc1 - -* Fri Mar 30 2012 Justin M. Forbes - 3.4.0-0.rc0.git5.1 -- Linux v3.3-9295-gf52b69f - -* Fri Mar 30 2012 Dave Jones -- Change config parsing to use {_target_cpu} (From Niels de Vos) - -* Thu Mar 29 2012 Justin M. Forbes - 3.4.0-0.rc0.git4.1 -- Linux v3.3-8839-gb5174fa - -* Thu Mar 29 2012 Josh Boyer -- Drop __cpuinitdata on disable_nx for x86_32 (rhbz 808075) - -* Wed Mar 28 2012 Josh Boyer -- Move 9p modules back to main package for KVM (rhbz 807733) - -* Wed Mar 28 2012 Justin M. Forbes - 3.4.0-0.rc0.git3.1 -- Linux v3.3-7919-g6658a69 - -* Mon Mar 26 2012 Justin M. Forbes - 3.4.0-0.rc0.git2.1 -- Linux v3.3-6972-ge22057c - -* Thu Mar 22 2012 Dave Jones 3.4.0-0.rc0.git1.2 -- Fix occasional EBADMSG from signed modules. (rhbz 804345) - -* Thu Mar 22 2012 Dave Jones -- Fix dentry hash collisions that prevented boot with selinux enabled (rhbz 805371) - -* Thu Mar 22 2012 Dave Jones 3.4.0-0.rc0.git1.1 -- Linux v3.3-4074-g5375871 - -* Wed Mar 21 2012 Josh Boyer -- Ship hmac file for vmlinuz for FIPS-140 (rhbz 805538) - -* Tue Mar 20 2012 Josh Boyer -- CVE-2012-1568: execshield: predictable ascii armour base address (rhbz 804957) -- mac80211: fix possible tid_rx->reorder_timer use after free - from Stanislaw Gruska (rhbz 804007) - -* Mon Mar 19 2012 Dave Jones - 3.3.0-3 -- Reenable debugging options. - -* Mon Mar 19 2012 Dave Jones - 3.3.0-2 -- Disable debugging options. - -* Sun Mar 18 2012 Dave Jones -- Linux 3.3 - -* Fri Mar 16 2012 Adam Jackson -- drm-i915-dp-stfu.patch: Muzzle a bunch of DP WARN()s. They're not wrong, - but they're not helpful at this point. - -* Fri Mar 16 2012 Dave Jones - 3.3.0-0.rc7.git2.1 -- Linux v3.3-rc7-103-g0c4d067 - -* Fri Mar 16 2012 Justin M. Forbes -- re-enable threading on hibernate compression/decompression - -* Fri Mar 16 2012 Josh Boyer -- Fix irqpoll patch to really only apply for ASM108x machines (rhbz 800520) - -* Thu Mar 15 2012 Justin M. Forbes -- CVE-2012-1179 fix pmd_bad() triggering in code paths holding mmap_sem read mode (rhbz 803809) - -* Wed Mar 14 2012 Josh Boyer -- Fixup irqpoll patch to only activate on machines with ASM108x PCI bridge - -* Tue Mar 13 2012 John W. Linville -- Remove infrastructure related to compat-wireless integration - -* Mon Mar 12 2012 Mark Langsdorf -- Re-enable highbank config option and add new config file to support it - -* Mon Mar 12 2012 Dave Jones - 3.3.0-0.rc7.git0.5 -- Reenable debugging options. - -* Mon Mar 12 2012 Dave Jones - 3.3.0-0.rc7.git0.4 -- Disable debugging options. - -* Mon Mar 12 2012 Dave Jones -- Linux 3.3-rc7 - -* Wed Mar 07 2012 Dave Jones -- Add debug patch for bugs 787171/766277 - -* Wed Mar 07 2012 Josh Boyer -- Add modsign for x86 builds - -* Wed Mar 07 2012 Dave Jones - 3.3.0-0.rc6.git2.2 -- Disable debugging options. - -* Wed Mar 07 2012 Dave Jones - 3.3.0-0.rc6.git2.1 -- Linux v3.3-rc6-132-g55062d0 - -* Wed Mar 07 2012 Dave Jones - 3.3.0-0.rc6.git1.1 -- Linux v3.3-rc6-131-g097d591 - -* Mon Mar 05 2012 Dave Jones -- Linux 3.3-rc6 - -* Mon Mar 05 2012 John W. Linville -- Turn-off CONFIG_B43_BCMA_EXTRA to avoid b43/brcmsmac overlap - -* Mon Mar 05 2012 Mark Wielaard -- Add -r to debuginfo_args to invoke eu-strip --reloc-debug-sections. - -* Fri Mar 02 2012 Justin M. Forbes -- Disable threading in hibernate compression/decompression - -* Fri Mar 02 2012 Adam Jackson -- drm-intel-crtc-dpms-fix.patch: Fix system hang on gen2 kit on DPMS (#730853) - -* Thu Mar 01 2012 Dave Jones -- temporarily switch to low-performance polling IRQ mode when - unexpected IRQs occur. - -* Wed Feb 29 2012 Dave Jones - 3.3.0-0.rc5.git3.1 -- Linux v3.3-rc5-101-g88ebdda - -* Wed Feb 29 2012 John W. Linville -- Disable with_backports (pending removal) -- Disable a number of drivers for ancient wireless LAN cards -- Disable iwm3200-related drivers (hardware never released) -- Disable "thin firmware" version of libertas driver (libertas_tf) - -* Tue Feb 28 2012 Josh Boyer -- Add patch to enable keyboard backlight on Sony laptops (rhbz 728478) - -* Tue Feb 28 2012 Dave Jones -- Disable CONFIG_USB_DEVICEFS (Deprecated). - -* Tue Feb 28 2012 Justin M. Forbes -- CVE-2012-1090 CIFS: fix dentry refcount leak when opening a FIFO on lookup (rhbz 798296) - -* Tue Feb 28 2012 Dave Jones - 3.3.0-0.rc5.git2.1 -- Linux v3.3-rc5-88-g586c6e7 - -* Mon Feb 27 2012 Josh Boyer -- Add patch to fix regression in FADT revision checks (rhbz 730007 727865) - -* Mon Feb 27 2012 Josh Boyer - 3.3.0-0.rc5.git1.1 -- Linux 3.3-rc5-git1 (upstream 500dd2370e77c9551ba298bdeeb91b02d8402199) -- Reenable debugging options. - -* Sun Feb 26 2012 Josh Boyer - 3.3.0-0.rc5.git0.3 -- Add patch from Linus Torvalds to fix 32-bit autofs4 build - -* Sat Feb 25 2012 Josh Boyer - 3.3.0-0.rc5.git0.2 -- Disable debugging options. - -* Sat Feb 25 2012 Josh Boyer - 3.3.0-0.rc5.git0.1 -- Linux 3.3-rc5 - -* Sat Feb 25 2012 Josh Boyer - 3.3.0-0.rc4.git5.1 -- Linux 3.3-rc4-git5 (upstream b52b80023f262ce8a0ffdcb490acb23e8678377a) - -* Fri Feb 24 2012 Josh Boyer -- Linux 3.3-rc4-git4 (upstream bb4c7e9a9908548b458f34afb2fee74dc0d49f90) - -* Thu Feb 23 2012 Peter Robinson -- Further ARM config updates - -* Wed Feb 22 2012 Josh Boyer - 3.3.0-0.rc4.git3.1 -- Linux 3.3-rc4-git3 (upstream 45196cee28a5bcfb6ddbe2bffa4270cbed66ae4b) - -* Wed Feb 22 2012 Josh Boyer - 3.3.0-0.rc4.git2.1 -- Linux 3.3-rc4-git2 (upstream 719741d9986572d64b47c35c09f5e7bb8d389400) - -* Tue Feb 21 2012 Josh Boyer - 3.3.0-0.rc4.git1.4 -- Drop x86-Avoid-invoking-RCU-when-CPU-is-idle.patch (rhbz 795050) - -* Tue Feb 21 2012 Peter Robinson -- update ARM configs to F-17 branch - -* Tue Feb 21 2012 Josh Boyer -- ext4: fix resize when resizing within single group (rhbz 786454) -- imon: don't wedge hardware after early callbacks (rhbz 781832) - -* Tue Feb 21 2012 Josh Boyer - 3.3.0-0.rc4.git1.2 -- Enable rtl8712 driver (rhbz 699618) -- Linux 3.3-rc4-git1 (upstream 27e74da9800289e69ba907777df1e2085231eff7) - -* Mon Feb 20 2012 Dave Jones -- Do not call drivers when invalidating partitions for -ENOMEDIUM - -* Mon Feb 20 2012 Josh Boyer -- Avoid using stack variables in ums_realtek (again) (rhbz 795544) - -* Mon Feb 20 2012 Dave Jones -- NFSv4: Fix an Oops in the NFSv4 getacl code - -* Mon Feb 20 2012 Josh Boyer - 3.3.0-0.rc4.git0.2 -- Reenable debugging options. - -* Sun Feb 19 2012 Josh Boyer - 3.3.0-0.rc4.git0.1 -- Linux 3.3-rc4 -- Disable debugging options. - -* Sun Feb 19 2012 Peter Robinson -- Further updates to ARM config -- Fix and re-enable Tegra NVEC patch - -* Fri Feb 17 2012 Dave Jones -- improve handling of null rate in LIS3LV02Dx accelerometer driver. (rhbz 785814) - -* Fri Feb 17 2012 Dave Jones -- Reenable radio drivers. (rhbz 784824) - -* Fri Feb 17 2012 Josh Boyer - 3.3.0-0.rc3.git7.2 -- Freeze all filesystems during system suspend/hibernate. - -* Fri Feb 17 2012 Josh Boyer - 3.3.0-0.rc3.git7.1 -- Linux 3.3-rc3-git7 (upstream 4903062b5485f0e2c286a23b44c9b59d9b017d53) - -* Wed Feb 15 2012 Peter Robinson -- Update ARM configs to 3.3 kernel -- use mainline cpu freq options - -* Wed Feb 15 2012 Josh Boyer - 3.3.0-0.rc3.git6.2 -- Linux 3.3-rc3-git6 (upstream c38e23456278e967f094b08247ffc3711b1029b2) -- Require newer linux-firmware package for updated bnx2/bnx2x drivers - -* Wed Feb 15 2012 Adam Jackson -- Add patch and config change for vgem.ko - -* Tue Feb 14 2012 Josh Boyer -- Add patch to fix RCU usage during cpu idle (rhbz 789641) -- Add patch to fix mce rcu splat (rhbz 789644) -- Patch to enable CONFIG_KEYS_COMPAT on s390 from David Howells (rhbz 790367) -- Modify sd_revalidate_disk patch to do a WARN_ONCE instead of silently skip -- Install perf examples as suggested by Jason Baron - -* Tue Feb 14 2012 Josh Boyer - 3.3.0-0.rc3.git5.1 -- Linux 3.3-rc3-git5 (upstream ce5afed937f0a823d3b00c9459409c3f5f2fbd5d) - -* Tue Feb 14 2012 Peter Robinson -- Update ARM components in Makefile.config - -* Mon Feb 13 2012 Josh Boyer -- Apply patch to fix autofs4 lockdep splat (rhbz 714828) - -* Mon Feb 13 2012 Josh Boyer - 3.3.0-0.rc3.git4.1 -- Linux 3.3-rc3-git4 (upstream 3ec1e88b33a3bdd852ce8e014052acec7a9da8b5) - -* Sat Feb 11 2012 Josh Boyer - 3.3.0-0.rc3.git3.1 -- Linux 3.3-rc3-git3 (upstream 8df54d622a120058ee8bec38743c9b8f091c8e58) - -* Fri Feb 10 2012 Josh Boyer -- Patch to prevent NULL pointer dereference in sd_revalidate_disk (rhbz 754518) - -* Fri Feb 10 2012 Josh Boyer - 3.3.0-0.rc3.git2.1 -- Linux 3.3-rc3-git2 (upstream 612b8507c5d545feed2437b3d2239929cac7688d) - -* Fri Feb 10 2012 Josh Boyer - 3.3.0-0.rc3.git1.2 -- Reenable debugging options. - -* Fri Feb 10 2012 Josh Boyer -- Linux 3.3-rc3-git1 (upstream 19e00f2f1d5273dbc52eab0ebc315cae3aa44b2a) - -* Thu Feb 09 2012 Dave Jones -- bsg: fix sysfs link remove warning (#787281) - -* Thu Feb 09 2012 Josh Boyer - 3.3.0-0.rc3.git0.2 -- Disable debugging options. - -* Thu Feb 09 2012 Josh Boyer -- Linux 3.3-rc3 - -* Wed Feb 08 2012 Josh Boyer -- Remove a bogus inline declaration that broke ARM and ppc builds (rhbz 787373) -- CVE-2011-4086 jbd2: unmapped buffer with _Unwritten or _Delay flags set can - lead to DoS (rhbz 788260) -- Add new upstream NFS id mapping patches from Steve Dickson - -* Tue Feb 07 2012 Josh Boyer -- Linux 3.3-rc2-git6 (upstream 6bd113f1f4a8c0d05c4dbadb300319e0e3526db4) - -* Tue Feb 07 2012 Chris Wright -- Enable Open vSwitch - -* Tue Feb 07 2012 Justin M. Forbes -- Add virtio-scsi support - -* Tue Feb 07 2012 Josh Boyer -- Make build/ point to /usr/src/kernels instead of being relative (rhbz 788125) - -* Tue Feb 07 2012 Josh Boyer -- Linux 3.3-rc2-git5 (upstream 8597559a78e1cde158b999212bc9543682638eb1) -- Add hfsplus file blessing patches from Matthew Garrett - -* Mon Feb 6 2012 Peter Robinson -- Build an ARM hardfp base versatile/qemu kernel - -* Mon Feb 06 2012 Josh Boyer - 3.3.0-0.rc2.git4.1 -- Linux 3.3-rc2-git4 (upstream 23783f817bceedd6d4e549385e3f400ea64059e5) -- Build and ship turbostat and x86_energy_perf_policy in kernel-tools - -* Mon Feb 06 2012 John W. Linville -- Update compat-wireless snapshot from 2012-02-05 - -* Fri Feb 03 2012 Josh Boyer -- Goodbye iSeries. Only sfr loved you and even he's moved on - -* Fri Feb 03 2012 Josh Boyer - 3.3.0-0.rc2.git3.2 -- Drop patch that was NAKed upstream (rhbz 783211) - -* Fri Feb 03 2012 Josh Boyer - 3.3.0-0.rc2.git3.1 -- Linux 3.3-rc2-git3 (upstream 7f06db34e55af8fc33cf3d6d46d869cb7a372b5d) -- Patch from Jakub Kicinski to fix rt2x00 MCU requests (rhbz 772772) - -* Thu Feb 02 2012 Dennis Gilmore -- disable TOUCHSCREEN_EGALAX on arm arches -- build in CACHE_L2X0 on the imx kernel -- dont build the module for imx21 usb since its not something we support - -* Thu Feb 02 2012 Josh Boyer - 3.3.0-0.rc2.git2.1 -- Linux 3.3-rc2-git2 (upstream 24b36da33c64368775f4ef9386d44dce1d2bc8cf) - -* Thu Feb 02 2012 Dennis Gilmore -- disable compat-wireless on arm arches - -* Wed Feb 01 2012 Josh Boyer - 3.3.0-0.rc2.git1.1 -- Linux 3.3-rc2-git1 (upstream ce106ad31016b5da1168496cd0454a6290555f84) - -* Wed Feb 01 2012 Josh Boyer - 3.3.0-0.rc2.git0.3 -- Reenable debugging options. - -* Tue Jan 31 2012 Josh Boyer - 3.3.0-0.rc2.git0.2 -- Disable debugging options. - -* Tue Jan 31 2012 Josh Boyer -- Linux 3.3-rc2 - -* Tue Jan 31 2012 Dave Jones -- Distributed switch architecture & drivers can be modular in 3.3. - -* Mon Jan 30 2012 Josh Boyer - 3.3.0-0.rc1.git6.1 -- Linux 3.3-rc1-git6 (upstream 6bc2b95ee602659c1be6fac0f6aadeb0c5c29a5d) -- Add patch from Kay Sievers for udlfb device removal -- utrace patch to allow calling internal functions from atomic context from - Oleg Nesterov - -* Mon Jan 30 2012 John W. Linville -- ath9k: use WARN_ON_ONCE in ath_rc_get_highest_rix - -* Sun Jan 29 2012 Josh Boyer - 3.3.0-0.rc1.git5.1 -- Linux 3.3-rc1-git5 (upstream 0a9626575400879d1d5e6bc8768188b938d7c501) - -* Fri Jan 27 2012 John W. Linville -- Update compat-wireless with snapshot from 2012-01-26 -- Drop brcmfmac GCC 4.7 compatibility patch (included in above) -- Include config.mk from compat-wireless build in files for installation - -* Fri Jan 27 2012 Josh Boyer - 3.3.0-0.rc1.git4.1 -- Linux 3.3-rc1-git4 (upstream 74ea15d909b31158f9b63190a95b52bc05586d4b) -- Enable the non-staging GMA500 driver (rhbz 785053) - -* Thu Jan 26 2012 Josh Boyer -- Drop revert-efi-rtclock.patch. Issue was fixed by upstream commit 47997d75 -- Enable CONFIG_EFI_STUB per Matthew Garrett - -* Wed Jan 25 2012 Peter Robinson -- Build perf/tools on ARM sfp/hfp not just sfp - -* Wed Jan 25 2012 Josh Boyer - 3.3.0-0.rc1.git3.1 -- Linux 3.3-rc1-git3 (upstream aaad641eadfd3e74b0fbb68fcf539b9cef0415d0) -- Update utrace.patch from Oleg Nesterov -- Add patch to invalidate parent cache when fsync is called on a partition - (rhbz 783211) - -* Wed Jan 25 2012 Josh Boyer - 3.3.0-0.rc1.git2.1 -- Linux 3.3-rc1-git2 (upstream f8275f9694b8adf9f3498e747ea4c3e8b984499b) - -* Tue Jan 24 2012 Josh Boyer -- Re-enable the ARCMSR module (rhbz 784287) -- Re-enable the LIRC_STAGING drivers (rhbz 784398) - -* Tue Jan 24 2012 Josh Boyer - 3.3.0-0.rc1.git1.1 -- Linux 3.3-rc1-git1 (upstream c1aab02dac690af7ff634d8e1cb3be6a04387eef) - -* Mon Jan 23 2012 Josh Boyer - 3.3.0-0.rc1.git0.4 -- Reenable debugging options. - -* Mon Jan 23 2012 Josh Boyer -- Add mac80211 deauth fix pointed out by Stanislaw Gruszka -- Add arch guards in files section for kernel-tools subpackage - -* Sun Jan 22 2012 Josh Boyer - 3.3.0-0.rc1.git0.3 -- Disable NVME as it doesn't build on 32-bit - -* Fri Jan 20 2012 Josh Boyer - 3.3.0-0.rc1.git0.2 -- Disable debugging options. - -* Fri Jan 20 2012 Josh Boyer -- Rebase to Linux 3.3-rc1 - -* Thu Jan 19 2012 John W. Linville -- Pass the same make options to compat-wireless as to the base kernel - -* Thu Jan 19 2012 Dennis Gilmore -- dont build TOUCHSCREEN_EETI on arm - -* Wed Jan 18 2012 Josh Boyer 3.2.1-8 -- Fix broken procfs backport (rhbz 782961) - -* Wed Jan 18 2012 Josh Boyer 3.2.1-7 -- /proc/pid/* information leak (rhbz 782686) -- CVE-2012-0056 proc: clean up and fix /proc//mem (rhbz 782681) -- CVE-2012-0058 Unused iocbs in a batch should not be accounted as active - (rhbz 782696) - -* Tue Jan 17 2012 Dave Jones -- Rawhide builds now use MAXSMP on x86. -- For release builds, set x86-64 to support 64 CPUs. - If larger systems become widespread, we can increase in an update. - -* Tue Jan 17 2012 Dave Jones 3.2.1-5 -- Give KMEMLEAK a try again. - -* Mon Jan 16 2012 Dave Jones -- Disable ISA - -* Mon Jan 16 2012 John W. Linville -- Re-enable CONFIG_BRCMFMAC builds (found work-around for GCC 4.7 builds) - -* Sun Jan 15 2012 Josh Boyer -- Avoid packaging symlinks for kernel-doc files (rhbz 767351) -- Apply mac80211 NULL ptr deref fix to compat-wireless too (rhbz 769766) - -* Fri Jan 13 2012 Dave Jones -- Disable NFC drivers. - -* Fri Jan 13 2012 Dave Jones -- Enable CONFIG_X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK - (On by default in rawhide/-debug) - -* Fri Jan 13 2012 Dave Jones -- Disable memory hotplug on x86-64 - -* Fri Jan 13 2012 Dave Jones -- Disable Calgary IOMMU - -* Fri Jan 13 2012 Dave Jones -- Disable MTD - -* Fri Jan 13 2012 Dave Jones -- Flannel shirts, Grunge music, IOMega ZIP drives, PCMCIA & ISA SCSI - controllers. The 90s were _awesome_. But it's time to move on. - -* Fri Jan 13 2012 Dave Jones -- Disable PLIP, Enable PPP BSDCOMP, Disable SLIP - -* Fri Jan 13 2012 Josh Boyer -- Fix verbose logging messages in the rtl8192cu driver (rhbz 728740) - -* Fri Jan 13 2012 Josh Boyer 3.2.1-2 -- CVE-2012-0045 kvm: syscall instruction induced guest panic (rhbz 773392) - -* Fri Jan 13 2012 Josh Boyer 3.2.1-1 -- Linux 3.2.1 -- Change stable patch compression format to xz - -* Wed Jan 11 2012 Josh Boyer -- Patch from Stanislaw Gruszka to fix NULL ptr deref in mac80211 (rhbz 769766) - -* Tue Jan 10 2012 John W. Linville -- Update compat-wireless snapshot with version from 2012-01-09 - -* Tue Jan 10 2012 Josh Boyer -- Add patch to fix ext4 compatibility with ext2 mount option (rhbz 770172) -- Fix ext4 corrupted bitmap error path (pointed out by Eric Sandeen) - -* Thu Jan 05 2012 Adam Jackson -- Disable unsupported DRI1-only DRM drivers: i810, r128, tdfx - -* Thu Jan 05 2012 John W. Linville -- Patch compat-wireless build to avoid "pr_fmt redefined" warnings -- Disable CONFIG_BRCMFMAC builds (needs unknown symbol __bad_udelay) -- Include compat-wireless in removal of files resulting from patch fuzz - -* Thu Jan 05 2012 Josh Boyer -- Move the depmod file removal below the compat-wireless build to make sure we - clean them all out - -* Thu Jan 05 2012 Dave Jones -- CONFIG_DEBUG_SET_MODULE_RONX should always be set. - -* Thu Jan 05 2012 Dave Jones - 3.2.0-3 -- Reenable debugging options. - -* Thu Jan 05 2012 Dave Jones - 3.2.0-2 -- Disable debugging options. - -* Wed Jan 04 2012 Dave Jones 3.2.0-1 -- Linux 3.2 - -* Wed Jan 04 2012 Dave Jones 3.2.0-0.rc7.git5.1 -- Linux 3.2-rc7-git5 (157e8bf8b4823bfcdefa6c1548002374b61f61df) - -* Tue Jan 03 2012 John W. Linville -- Avoid unnecessary modprobe invocations during compat-wireless build - -* Tue Jan 03 2012 Josh Boyer -- Add bluetooth support for BCM20102A0 21e3 (rhbz 770233) - -* Tue Jan 03 2012 John W. Linville -- Re-enable CONFIG_RT2800PCI_RT53XX in compat-wireless build (rhbz #720594) - -* Mon Jan 02 2012 Dave Jones - 3.2.0-0.rc7.git4.1 -- Linux 3.2-rc7-git4 (115e8e705e4be071b9e06ff72578e3b603f2ba65) - -* Sat Dec 31 2011 Dave Jones - 3.2.0-0.rc7.git3.1 -- Linux 3.2-rc7-git3 (06867fbb8abc936192195e5dcc4b63e12cc78f72) - -* Fri Dec 30 2011 Dave Jones - 3.2.0-0.rc7.git2.1 -- Linux 3.2-rc7-git2 (89307babf966165171547f105e2253dec261cfa5) - -* Wed Dec 28 2011 Dave Jones -- Disable unnecessary CONFIG_NET_DCCPPROBE - -* Wed Dec 28 2011 Dave Jones - 3.2.0-0.rc7.git1.1 -- Linux 3.2-rc7-git1 (371de6e4e0042adf4f9b54c414154f57414ddd37) - -* Sat Dec 24 2011 Kyle McMartin - 3.2.0-0.rc7.git0.1 -- Linux 3.2-rc7 - -* Fri Dec 23 2011 Dennis Gilmore -- build imx highbank and kirkwood kernels on arm -- clean up arm config options - -* Thu Dec 22 2011 Dave Jones - 3.2.0-0.rc6.git3.1 -- Linux 3.2-rc6-git3 (ecefc36b41ac0fe92d76273a23faf27b2da13411) - -* Tue Dec 20 2011 Dave Jones - 3.2.0-0.rc6.git2.1 -- Linux 3.2-rc6-git2 (a4a4923919f2d43583789b1f3603f4e5600d8321) - -* Tue Dec 20 2011 Josh Boyer -- Include crtsaves.o for ppc64 as well (rhbz #769415) -- Drop EDID headers patch from 751589 for now (rhbz #769103) - -* Mon Dec 19 2011 John W. Linville -- modpost: add option to allow external modules to avoid taint -- Make integrated compat-wireless take advantage of the above -- Turn-on backports again, since TAINT_OOT_MODULE issue is resolved -- Update compat-wireless snapshot from 2011-12-18 - -* Mon Dec 19 2011 Dave Jones -- Switch x86-code-dump-fix-truncation.patch to use the pending upstream fix. - -* Mon Dec 19 2011 Dave Jones -- Disable IMA. (Forces TPM on, which may be undesirable: See 733964, 746097) - Move TPM modules to modules-extra - -* Mon Dec 19 2011 Dave Jones - 3.2.0-0.rc6.git1.1 -- Linux 3.2-rc6-git1 (390f998509bf049019df0b078c0a6606e0d57fb4) - -* Sat Dec 17 2011 Josh Boyer - 3.2.0-0.rc6.git0.1 -- Linux 3.2-rc6 - -* Fri Dec 16 2011 Dave Jones - 3.2.0-0.rc5.git4.1 -- Linux 3.2-rc5-git4 (6f12d2ee52dcf97dcefdadbd500e7650311eaa6a) - -* Fri Dec 16 2011 Ben Skeggs -- Add patch to do a better job of dealing with busted EDID headers (rhbz#751589) - -* Thu Dec 15 2011 Josh Boyer - 3.2.0-0.rc5.git3.1 -- Linux 3.2-rc5-git3 (55b02d2f4445ad625213817a1736bf2884d32547) - -* Thu Dec 15 2011 Dave Jones - 3.2.0-0.rc5.git2.4 -- Disable Intel IOMMU by default. - -* Thu Dec 15 2011 Dave Jones - 3.2.0-0.rc5.git2.3 -- Change configfs to be built-in. (rhbz 767432) - -* Wed Dec 14 2011 Steve Dickson 3.2.0-0.rc5.git2.2.fc17 -- Enabled the in-kernel idmapper. -- keyring: allow special keyrings to be cleared - -* Wed Dec 14 2011 Dave Jones - 3.2.0-0.rc5.git2.1 -- Linux 3.2-rc5-git2 (373da0a2a33018d560afcb2c77f8842985d79594) - -* Tue Dec 13 2011 Dave Jones - 3.2.0-0.rc5.git1.1 -- Linux 3.2-rc5-git1 (442ee5a942834431ccf0b412e3cf7bb9ae97ff4e) - -* Tue Dec 13 2011 Dave Jones -- Disable FDDI/SKFP. - -* Tue Dec 13 2011 Josh Boyer -- mod-extras: Don't fail the build if a module is listed that isn't built -- Remove extraneous settings and enable Radeon KMS for powerpc (via Will Woods) - -* Mon Dec 12 2011 John W. Linville -- Turn-off backports until TAINT_OOT_MODULE issue is resolved - -* Mon Dec 12 2011 Josh Boyer -- Disable backports on arches where we don't actually build a kernel (or config) - -* Sun Dec 11 2011 Kyle McMartin - 3.0.0-0.rc5.git0.1 -- Linux 3.2-rc5 - -* Fri Dec 09 2011 John W. Linville -- Do a better job of cleaning-up compat-wireless between builds - -* Fri Dec 09 2011 Dave Jones - 3.2.0-0.rc4.git6.1 -- Linux 3.2-rc4-git6 (09d9673d53005fdf40de4c759425893904292236) - -* Thu Dec 08 2011 Josh Boyer -- Add patch from Jeff Layton to fix suspend with NFS (rhbz #717735) - -* Wed Dec 07 2011 Dave Jones - 3.2.0-0.rc4.git5.2 -- Linux 3.2-rc4-git5 (77a7300abad7fe01891b400e88d746f97307ee5a) - -* Wed Dec 07 2011 Dave Jones -- Turn DEBUG_PAGEALLOC back off. - -* Wed Dec 07 2011 Chuck Ebbert -- Attempt to fix rhbz #736815 by printing spaces before the brackets - -* Tue Dec 06 2011 Dave Jones 3.2.0-0.rc4.git4.2.fc17 -- Linux 3.2-rc4-git2 (b835c0f47f725d864bf2545f10c733b754bb6d51) - -* Tue Dec 06 2011 Dave Jones -- Turn on DEBUG_PAGEALLOC for a day. - -* Tue Dec 06 2011 Dave Jones -- Linux 3.2-rc4-git2 (45e713efe2fa574b6662e7fb63fae9497c5e03d4) - -* Tue Dec 06 2011 Josh Boyer -- Move 802.1q and yenta_socket back into the main kernel package - -* Mon Dec 05 2011 Josh Boyer -- Only print the apm_cpu_idle message once (rhbz #760341) - -* Mon Dec 05 2011 Dave Jones -- Enable CONFIG_BSD_ACCT_V3. Should be safe since psacct-6.5.4-4.fc14. - -* Mon Dec 05 2011 Dave Jones 3.2.0-0.rc4.git2.1.fc17 -- Linux 3.2-rc4-git2 (8e8da023f5af71662867729db5547dc54786093c) - -* Sat Dec 03 2011 John W. Linville -- Add compat-wireless patch to define module_usb_driver - -* Fri Dec 02 2011 John W. Linville -- Revise compat-wireless configuration -- Update compat-wireless snapshot -- Enable with-backports by default - -* Fri Dec 02 2011 Josh Boyer 3.2.0-0.rc4.git1.4.fc17 -- Backport ALPS touchpad patches from input/next branch (rhbz #590880) -- Apply patch from John Linville to reverse modules-extra dependency order -- Put ssb.ko back in the main kernel package - -* Fri Dec 02 2011 Dave Jones 3.2.0-0.rc4.git1.3.fc17 -- Enable Poulsbo DRM. - -* Fri Dec 02 2011 Dave Jones -- Linux 3.2-rc4-git1 (5983fe2b29df5885880d7fa3b91aca306c7564ef) - dropped: rtlwifi-fix-lps_lock-deadlock.patch (applied upstream) - -* Fri Dec 02 2011 Josh Boyer -- Adjust Requires for modules-extra pacakge to rely on kernel-uname-r - -* Thu Dec 01 2011 Dave Jones -- Linux 3.2-rc4 - -* Thu Dec 01 2011 Dave Jones -- Linux 3.2-rc3-git2 (b930c26416c4ea6855726fd977145ccea9afbdda) - -* Tue Nov 29 2011 Josh Boyer -- Add modules-extra subpackage -- Drop drm-intel-make-lvds-work.patch (rhbz #731296) -- Add patch to fix deadlock in rtlwifi (rhbz #755154) - -* Tue Nov 29 2011 Josh Boyer 3.2.0-0.rc3.git1.1 -- Linux 3.2-rc3-git1 - -* Thu Nov 24 2011 Josh Boyer 3.2.0-0.rc3.git0.1 -- Linux 3.2-rc3. Gobble. - -* Wed Nov 23 2011 Josh Boyer 3.2.0-0.rc2.git8.1 -- Linux 3.2-rc2-git8 - -* Tue Nov 22 2011 Josh Boyer 3.2.0-0.rc2.git7.1 -- Linux 3.2-rc2-git7 - -* Mon Nov 21 2011 Josh Boyer 3.2.0-0.rc2.git6.1 -- Linux 3.2-rc2-git6 -- Update utrace.patch from Oleg Nesterov - -* Mon Nov 21 2011 Josh Boyer 3.2.0-0.rc2.git5.1 -- Linux 3.2-rc2-git5 - -* Sun Nov 20 2011 Josh Boyer 3.2.0-0.rc2.git4.1 -- Linux 3.2-rc2-git4 - -* Fri Nov 18 2011 Josh Boyer 3.2.0-0.rc2.git3.1 -- Linux 3.2-rc2-git3 -- Disable various fb and drm drivers that don't have xorg equivalents per ajax -- Other minor config cleanup - -* Thu Nov 17 2011 Josh Boyer -- Linux 3.2-rc2-git2 - -* Thu Nov 17 2011 Kyle McMartin -- Drop Obsoletes/Provides from kernel-tools onto perf. - -* Wed Nov 16 2011 John W. Linville -- Add compat-wireless as an option for kernel build - -* Wed Nov 16 2011 Kyle McMartin -- Work around #663080 and restore building 'perf' on s390x (we don't need - kernel-tools since cpuspeed isn't needed on s390...) -- Restore %{perf_make} to ensure CFLAGS doesn't change across building - perf. - -* Wed Nov 16 2011 Josh Boyer -- Linux 3.2-rc2-git1 - -* Mon Nov 14 2011 Josh Boyer -- Patch from Joshua Roys to add rtl8192* to modules.networking (rhbz 753645) -- Add patch to fix ip6_tunnel naming (rhbz 751165) -- Quite warning in apm_cpu_idle (rhbz 753776) - -* Mon Nov 14 2011 Josh Boyer -- CVE-2011-4131: nfs4_getfacl decoding kernel oops (rhbz 753236) -- Linux 3.2-rc1-git4 - -* Sat Nov 12 2011 Josh Boyer -- Linux 3.2-rc1-git3 - -* Fri Nov 11 2011 Chuck Ebbert -- Use the same naming scheme as rawhide for -stable RC kernels - (e.g. 3.1.1-0.rc1.1 instead of 3.1.1-1.rc1) - -* Fri Nov 11 2011 Josh Boyer -- Add reworked pci ASPM patch from Matthew Garrett - -* Fri Nov 11 2011 John W. Linville -- Remove overlap between bcma/b43 and brcmsmac and reenable bcm4331 - -* Thu Nov 10 2011 Josh Boyer -- Linux 3.2-rc1-git2 - -* Wed Nov 09 2011 Josh Boyer -- Linux 3.2-rc1-git1 -- Enable the brcm80211 modules now that they have left staging - -* Tue Nov 08 2011 Josh Boyer -- Add python-perf-debuginfo package (rhbz 752140) - -* Tue Nov 08 2011 Neil Horman -- Add msi irq ennumeration per dev in sysfs (bz 744012) - -* Tue Nov 08 2011 Josh Boyer -- Linux 3.2-rc1 - -* Mon Nov 07 2011 Josh Boyer -- Linux 3.1-git7 -- Drop override for XEN_MAX_DOMAIN_MEMORY (rhbz 751789) -- Add fixes from git://openlinux.windriver.com/people/paulg/modsplit-post-merge -- Add two patches to fix mac80211 issues (rhbz 731365) - -* Fri Nov 04 2011 Josh Boyer -- Linux 3.1-git6 - -* Thu Nov 03 2011 Josh Boyer -- Linux 3.1-git5 - -* Tue Nov 01 2011 Josh Boyer -- Linux 3.1-git4 - -* Tue Nov 01 2011 Dave Jones -- allow building the perf rpm for ARM (rhbz 741325) - -* Tue Nov 01 2011 Dave Jones -- Add another Sony laptop to the nonvs blacklist. (rhbz 641789) - -* Tue Nov 01 2011 Kyle McMartin -- Restore perf sub-package so that sparc64 and s390x get their - perf back. - -* Mon Oct 31 2011 Josh Boyer --CVE-2011-4097: oom_badness() integer overflow (rhbz 750402) - -* Mon Oct 31 2011 Kyle McMartin -- Build a python-perf subpackage. - -* Mon Oct 31 2011 Josh Boyer -- Linux 3.1-git3. Happy Halloween. - -* Fri Oct 28 2011 Josh Boyer -- Linux 3.1-git2 - -* Thu Oct 27 2011 Josh Boyer -- Drop ia64 -- Drop alpha - -* Wed Oct 26 2011 Kyle McMartin -- Make some config changes caught during a review: - - CONFIG_SOC_CAMERA: disable, it's only for some ARM boards - - CONFIG_MEDIA_ALTERA_CI=m: needed for some DVB boards - - CONFIG_DEBUG_BLK_CGROUP: stop setting it twice... - -* Wed Oct 26 2011 Chuck Ebbert -- Add build option "--with=release" to build a non-debug kernel in rawhide. - -* Wed Oct 26 2011 Josh Boyer -- Linux 3.1-git1 - -* Wed Oct 26 2011 Fedora Release Engineering - 3.1.0-5 -- Rebuilt for glibc bug#747377 - -* Wed Oct 26 2011 Kyle McMartin -- Drop kernel-firmware subpackage. We've had linux-firmware around for - enough releases now. -- ppc64/ppc vdso patches have been upstream for ages. -- Install vdso on s390/s390x. -- Fedora 8 was a very long time ago... fancy_debuginfo turns into - with_debuginfo in the glorious future. -- Disable CONFIG_CC_OPTIMIZE_FOR_SIZE, upstream consensus is -O2 has - generated better code than -Os for a while - (https://lkml.org/lkml/2009/11/26/57) -- Drop vanilla-% targets, and other Makefile cruft which has been bit - rotting for years. -- Dump %rhel config bits which are not used in Fedora. -- Drop dead Source0 hacks from the 2.6->3.0 transition. - -* Wed Oct 26 2011 Josh Boyer -- CVE-2011-4077: xfs: potential buffer overflow in xfs_readlink() (rhbz 749166) - -* Tue Oct 25 2011 Josh Boyer -- CVE-2011-3347: be2net: promiscuous mode and non-member VLAN packets DoS (rhbz 748691) -- CVE-2011-1083: excessive in kernel CPU consumption when creating large nested epoll structures (rhbz 748668) - -* Mon Oct 24 2011 Josh Boyer -- Backport 3 fixed from linux-next to fix dib0700 playback (rhbz 733827) - -* Mon Oct 24 2011 Chuck Ebbert 3.1.0-1 -- Linux 3.1 - -* Sun Oct 23 2011 Chuck Ebbert -- Make rpmbuild option "without_debug" work properly on rawhide. - -* Fri Oct 21 2011 Chuck Ebbert 3.1.0-0.rc10.git1.1 -- Require grubby >= 8.3-1 like F16 does. -- Update to upstream HEAD (v3.1-rc10-42-g2efd7c0). - -* Fri Oct 21 2011 Dave Jones -- Lower severity of Radeon lockup messages. - -* Wed Oct 19 2011 Dave Jones -- Add Sony VGN-FW21E to nonvs blacklist. (rhbz 641789) - -* Wed Oct 19 2011 Chuck Ebbert -- Sync with F16 -- Linux 3.1-rc10 -- Copy nouveau updates patch from F16 -- Fix deadlock in POSIX cputimer code (rhbz #746485) - -* Tue Oct 18 2011 Josh Boyer -- Add patch to fix invalid EFI remap calls from Matt Fleming - -* Mon Oct 17 2011 Josh Boyer -- Add two patches to fix stalls in khugepaged (rhbz 735946) - -* Fri Oct 14 2011 Dave Jones -- Disable CONFIG_ACPI_PROCFS_POWER which is supposed to be going away soon. - -* Thu Oct 13 2011 Josh Boyer -- Update usb-add-quirk-for-logitech-webcams.patch with C600 ID (rhbz 742010) - -* Thu Oct 13 2011 Adam Jackson -- drm/i915: Treat SDVO LVDS as digital when parsing EDID (#729882) - -* Thu Oct 13 2011 Josh Boyer -- Add patch from Stanislaw Gruszka to fix iwlagn NULL dereference (rhbz 744155) - -* Tue Oct 11 2011 Josh Boyer -- Disable CONFIG_XEN_BALLOON_MEMORY_HOTPLUG (rhbz 744408) - -* Thu Oct 06 2011 Josh Boyer -- Add patch to fix base frequency check for Ricoh e823 devices (rhbz 722509) - -* Thu Oct 06 2011 Dave Jones -- Taint if virtualbox modules have been loaded. - -* Wed Oct 05 2011 Josh Boyer -- Linux 3.1-rc9 - -* Thu Sep 29 2011 Josh Boyer -- Update logitech USB quirk patch - -* Tue Sep 27 2011 Chuck Ebbert -- Linux 3.1-rc8 -- New option: CONFIG_ARM_ERRATA_764369 is not set -- Fix up utrace.patch to apply after commit f9d81f61c - -* Thu Sep 22 2011 Dave Jones -- Make CONFIG_XEN_PLATFORM_PCI=y (rhbz 740664) - -* Thu Sep 22 2011 Dennis Gilmore -- build a vmlinux image on sparc64 - -* Wed Sep 21 2011 Josh Boyer -- Linux 3.1-rc7 - -* Tue Sep 20 2011 Dave Jones -- Limit 32-bit x86 kernels to 32 processors. - -* Mon Sep 19 2011 Dave Jones -- Merge some improvements to the 32bit mmap randomisation from Kees Cook. - -* Wed Sep 14 2011 Josh Boyer -- Add patch to fix deadlock in ppc64 icswx (rhbz 737984) - -* Wed Sep 14 2011 Neil Horman -- Enable CONFIG_IP_VS_IPV6 (bz 738194) - -* Wed Sep 14 2011 Josh Boyer -- Add support for Macbook Air 4,1 keyboard, trackpad, and bluetooth -- Add patch to fix HVCS on ppc64 (rhbz 738096) -- Add various ibmveth driver fixes (rhbz 733766) - -* Mon Sep 12 2011 Josh Boyer -- Linux 3.1-rc6 -- Avoid false quiescent states in rcutree with CONFIG_RCU_FAST_NO_HZ. (rhbz 577968) - -* Fri Sep 09 2011 Josh Boyer -- Change to 64K page size for ppc64 kernels (rhbz 736751) - -* Wed Sep 07 2011 Josh Boyer -- Linux 3.1-rc5 (locally generated patch from git as kernel.org is down) -- Add patch to fix oops when linking entities in ucvideo (rhbz 735437) - -* Fri Sep 02 2011 Dave Jones -- utrace: s390: fix the compile problem with traps.c (rhbz 735118) - -* Tue Aug 30 2011 Dave Jones -- Revert "x86: Serialize EFI time accesses on rtc_lock" (rhbz 732755) - -* Tue Aug 30 2011 Josh Boyer -- Add patch to fix rhbz 606017 - -* Mon Aug 29 2011 Josh Boyer -- Linux 3.1-rc4 - -* Sat Aug 27 2011 Dave Jones -- Fix get_gate_vma usage in i386 NX emulation -- Bring back the 32bit mmap randomization patch for now. - NX emulation is still too dependant upon it. - -* Sat Aug 27 2011 Josh Boyer -- Linux 3.1-rc3-git6 - -* Fri Aug 26 2011 Dave Jones -- Enable CONFIG_DETECT_HUNG_TASK for debug builds & rawhide. - -* Fri Aug 26 2011 Dave Jones -- Drop linux-2.6-debug-vm-would-have-oomkilled.patch - The oom-killer heuristics have improved enough that this should - never be necessary (and it probably doesn't dtrt any more) - -* Fri Aug 26 2011 Dave Jones -- Drop linux-2.6-32bit-mmap-exec-randomization.patch - Outlived it's usefulness (and made of ugly) - -* Fri Aug 26 2011 Dave Jones -- Drop acpi-ec-add-delay-before-write.patch (rhbz 733690) - -* Fri Aug 26 2011 Josh Boyer -- Linux 3.1-rc3-git5 - -* Thu Aug 25 2011 Josh Boyer -- Linux 3.1-rc3-git3 - -* Wed Aug 24 2011 Josh Boyer -- Revert 'iwlwifi: advertise max aggregate size'. (rhbz 708747) - -* Mon Aug 22 2011 Josh Boyer -- Linux 3.1-rc3 -- Add patch to fix duplicate backlight registration (rhbz 732202) - -* Mon Aug 22 2011 Josh Boyer -- Linux 3.1-rc2-git9 - -* Sat Aug 20 2011 Josh Boyer -- Linux 3.1-rc2-git8 - -* Sat Aug 20 2011 Josh Boyer -- Linux 3.1-rc2-git7 -- Add a provides/obsoletes for cpupowerutils-devel - -* Fri Aug 19 2011 Josh Boyer -- Add patch from upstream to fix 64-bit divide error in btrfs - -* Fri Aug 19 2011 Josh Boyer -- Linux 3.1-rc2-git5 -- Change XHCI to builtin (rhbz 731706) -- Add patch to fix race between cryptd and aesni (rhbz 721002) - -* Thu Aug 18 2011 Josh Boyer -- Adjust provides/obsoletes to replace the cpupowerutils package - -* Thu Aug 18 2011 Josh Boyer -- Add patch to fix perf build against rawhide glibc -- Add BR for gettext for cpupower translations - -* Wed Aug 17 2011 Josh Boyer -- Linux 3.1-rc2-git4 -- Create the kernel-tools subpackages based on a start by davej - -* Tue Aug 16 2011 Dave Jones -- Prepare for packaging more of tools/ by renaming 'perf' subpackage - to kernel-tools - -* Tue Aug 16 2011 Dennis Gilmore -+- add config for arm tegra devices -+- setup kernel to build omap image (patch from David Marlin) -+- setup kernel to build tegra image based on omap work -+- add arm device tree patches - -* Tue Aug 16 2011 Josh Boyer -- Bring ARM config changes from David Marlin forward -- Sync a handful of patches from f16 - -* Mon Aug 15 2011 Josh Boyer -- Linux-3.1-rc2 -- Replace trial patch for rhbz 726877 with a better fix - -* Thu Aug 11 2011 Josh Boyer -- Linux-3.1-rc1-git6 -- Make ide_pmac a module (rhbz 730039) - -* Thu Aug 11 2011 Josh Boyer -- Linux-3.1-rc1-git3 - -* Wed Aug 10 2011 Josh Boyer -- Make sure all the config-* files are in Sources - -* Wed Aug 10 2011 Josh Boyer -- Linux-3.1-rc1-git2 - -* Tue Aug 09 2011 Dave Jones -- ptrace_report_syscall: check if TIF_SYSCALL_EMU is defined - -* Tue Aug 09 2011 Dave Jones -- Enable CONFIG_SAMSUNG_LAPTOP (rhbz 729363) - -* Mon Aug 08 2011 Josh Boyer -- Linux-3.1-rc1-git1 - -* Mon Aug 08 2011 Josh Boyer -- Linux-3.1-rc1 -- Adjust Makefile munging for new 3.x numbering scheme - -* Fri Aug 05 2011 Dave Jones -- Deselect CONFIG_DECNET. Unmaintained, and rubbish. - -* Fri Aug 05 2011 Josh Boyer -- Linux-3.0-git21 - -* Thu Aug 04 2011 Dave Jones -- Drop neuter_intel_microcode_load.patch (rhbz 690930) - -* Thu Aug 04 2011 Josh Boyer -- Linux 3.0-git19 -- Add patch to fix epoll backtrace (rhbz 722472) -- Add trial patch to fix rhbz 726877 - -* Wed Aug 03 2011 Dave Jones -- Re-apply the rebased utrace - -* Wed Aug 03 2011 John W. Linville -- Disable CONFIG_BCMA since no driver currently uses it (rhbz 727796) - -* Tue Aug 02 2011 Dave Jones -- Change USB_SERIAL_OPTION back to modular. (rhbz 727680) - -* Tue Aug 02 2011 Josh Boyer -- Linux 3.0-git17 -- Add patch to fix backtrace in cdc_ncm driver (rhbz 720128) -- Add patch to fix backtrace in usm-realtek driver (rhbz 720054) -- Add change from Yanko Kaneti to get the rt2x00 drivers in modules.networking - (rhbz 708314) - -* Tue Aug 02 2011 Josh Boyer -- Linux 3.0-git16 - -* Mon Aug 01 2011 Josh Boyer -- Linux 3.0-git14 - -* Sat Jul 30 2011 Josh Boyer -- Linux 3.0-git12 - -* Fri Jul 29 2011 Josh Boyer -- Adjust Makefile sedding to account for 3.x release style - -* Fri Jul 29 2011 Josh Boyer -- Linux 3.0-git11 -- Backport patch to correct udlfb removal events (rhbz 726163) - -* Thu Jul 28 2011 Dave Jones -- module-init-tools needs to be a prereq not a conflict. - -* Wed Jul 27 2011 Josh Boyer -- Linux 3.0-git9 -- Move CONFIG_JUMP_LABEL to config-generic now that powerpc has it too - -* Mon Jul 25 2011 Kyle McMartin -- Linux 3.0-git3 -- Drop hda_intel-prealloc-4mb-dmabuffer.patch, set new - CONFIG_SND_HDA_PREALLOC_SIZE=4096 for similar effect. - -* Fri Jul 22 2011 Dave Jones -- bootwrapper needs objcopy. Add it to requires: (wwoods) - -* Fri Jul 22 2011 Kyle McMartin 3.0.0-1 -- Linux 3.0, but really 3.0.0 (sigh) - -* Thu Jul 21 2011 Chuck Ebbert 3.0-0.rc7.git10.1 -- 3.0-rc7-git10 -- Use ext4 for ext2 and ext3 filesystems (CONFIG_EXT4_USE_FOR_EXT23=y) - -* Thu Jul 21 2011 Dave Jones -- Switch BLK_DEV_RAM to be modular (rhbz 720833) - -* Wed Jul 20 2011 Chuck Ebbert 3.0-0.rc7.git8.1 -- 3.0-rc7-git8 - -* Fri Jul 15 2011 Dave Jones 3.0-0.rc7.git3.1 -- 3.0-rc7-git3 - -* Fri Jul 15 2011 Dave Jones -- Bring back utrace until uprobes gets merged upstream. - -* Wed Jul 13 2011 Kyle McMartin 3.0-0.rc7.git1.1 -- Update to snapshot 3.0-rc7-git1 for intel drm fixes. - -* Tue Jul 12 2011 John W. Linville -- zd1211rw: fix invalid signal values from device (rhbz 720093) - -* Tue Jul 12 2011 John W. Linville -- rt2x00: Add device ID for RT539F device. (rhbz 720594) - -* Tue Jul 12 2011 Kyle McMartin 3.0-0.rc7.git0.1 -- Linux 3.0-rc7, hopefully the last before the Great Renumbering becomes - official. - -* Mon Jul 11 2011 Dave Jones -- Change BINFMT_MISC to be modular. (rhbz 695415) - -* Sun Jul 10 2011 Kyle McMartin 3.0-0.rc6.git6.1 -- Linux 3.0-rc6-git6 -- iwlagn-fix-dma-direction.patch: drop. -- Revert CONFIG_X86_RESERVE_LOW=640, it breaks booting on x86_64. - -* Thu Jul 07 2011 Dave Jones -- Centralise CPU_FREQ options into config-generic. - Switch to using ondemand by default. (rhbz 713572) - -* Wed Jul 06 2011 Chuck Ebbert -- Set CONFIG_X86_RESERVE_LOW=640 as requested by mjg - -* Mon Jul 04 2011 Kyle McMartin 3.0-0.rc6.git0.1 -- Linux 3.0-rc6 -- [generic] SCSI_ISCI=m, because why not - -* Sat Jul 02 2011 Kyle McMartin 3.0-0.rc5.git5.1 -- Linux 3.0-rc5-git5 - -* Mon Jun 27 2011 Kyle McMartin 3.0-0.rc5.git0.1 -- Linux 3.0-rc5 - -* Mon Jun 27 2011 Dave Jones -- Disable CONFIG_CRYPTO_MANAGER_DISABLE_TESTS, as this also disables FIPS (rhbz 716942) - -* Thu Jun 23 2011 Kyle McMartin 3.0-0.rc4.git3.1 -- Linux 3.0-rc4-git3 -- Drop linux-3.0-fix-uts-release.patch, and instead just perl the Makefile -- linux-2.6-silence-noise.patch: fix context -- iwlagn-fix-dma-direction.patch: fix DMAR errors (for me at least) - -* Wed Jun 22 2011 Kyle McMartin 3.0-0.rc4.git0.2 -- Re-enable debuginfo generation. Thanks to Richard Jones for noticing... no - wonder builds had been so quick lately. - -* Tue Jun 21 2011 Kyle McMartin 3.0-0.rc4.git0.1 -- Linux 3.0-rc4 (getting closer...) - -* Fri Jun 17 2011 Kyle McMartin 3.0-0.rc3.git6.1 -- Update to 3.0-rc3-git6 - -* Fri Jun 17 2011 Dave Jones -- drop qcserial 'compile fix' that was just duplicating an include. -- drop struct sizeof debug patch. (no real value. not upstreamable) -- drop linux-2.6-debug-always-inline-kzalloc.patch. - Can't recall why this was added. Can easily re-add if deemed necessary. - -* Fri Jun 17 2011 Kyle McMartin -- linux-2.6-defaults-pci_no_msi.patch: drop, haven't toggled the default - in many moons. -- linux-2.6-defaults-pci_use_crs.patch: ditto. -- linux-2.6-selinux-mprotect-checks.patch: upstream a while ago. -- drm-i915-gen4-has-non-power-of-two-strides.patch: drop buggy bugfix -- drop some more unapplied crud. -- We haven't applied firewire patches in a dogs age. - -* Fri Jun 17 2011 Kyle McMartin 3.0-0.rc3.git5.1 -- Try updating to a git snapshot for the first time in 3.0-rc, - update to 3.0-rc3-git5 -- Fix a subtle bug I introduced in 3.0-rc1, "patch-3." is 9 letters, not 10. - -* Thu Jun 16 2011 Kyle McMartin -- Disable mm patches which had been submitted against 2.6.39, as Rik reports - they seem to aggravate a VM_BUG_ON. More investigation is necessary. - -* Wed Jun 15 2011 Kyle McMartin -- Conflict with pre-3.2.1-5 versions of mdadm. (#710646) - -* Wed Jun 15 2011 Kyle McMartin -- Build in aesni-intel on i686 for symmetry with 64-bit. - -* Tue Jun 14 2011 Kyle McMartin 3.0-0.rc3.git0.3 -- Fix libdm conflict (whose bright idea was it to give subpackages differing - version numbers?) - -* Tue Jun 14 2011 Kyle McMartin -- Update to 3.0-rc3, add another conflicts to deal with 2 digit - versions (libdm.) -- Simplify linux-3.0-fix-uts-release.patch now that SUBLEVEL is optional. -- revert-ftrace-remove-unnecessary-disabling-of-irqs.patch: drop upstreamed - patch. -- drm-intel-eeebox-eb1007-quirk.patch: ditto. -- ath5k-disable-fast-channel-switching-by-default.patch: ditto. - -* Thu Jun 09 2011 Kyle McMartin -- ath5k-disable-fast-channel-switching-by-default.patch (rhbz#709122) - (korgbz#34992) [a99168ee in wireless-next] - -* Thu Jun 09 2011 Kyle McMartin 3.0-0.rc2.git0.2 -- rhbz#710921: revert-ftrace-remove-unnecessary-disabling-of-irqs.patch - -* Wed Jun 08 2011 Kyle McMartin 3.0-0.rc2.git0.1 -- Update to 3.0-rc2, rebase utsname fix. -- Build IPv6 into the kernel for a variety of reasons - (http://lists.fedoraproject.org/pipermail/kernel/2011-June/003105.html) - -* Mon Jun 06 2011 Kyle McMartin 3.0-0.rc1.git0.3 -- Conflict with module-init-tools older than 3.13 to ensure the - 3.0 transition is handled correctly. - -* Wed Jun 01 2011 Kyle McMartin 3.0-0.rc1.git0.2 -- Fix utsname for 3.0-rc1 - -* Mon May 30 2011 Kyle McMartin 3.0-0.rc1.git0.1 -- Linux 3.0-rc1 (won't build until module-init-tools gets an update.) - -* Mon May 30 2011 Kyle McMartin -- Trimmed changelog, see fedpkg git for earlier history. - ### # The following Emacs magic makes C-c C-e use UTC dates. # Local Variables: diff --git a/linux-2.6-acpi-video-dos.patch b/linux-2.6-acpi-video-dos.patch deleted file mode 100644 index 3e2085193..000000000 --- a/linux-2.6-acpi-video-dos.patch +++ /dev/null @@ -1,17 +0,0 @@ -Disable firmware video brightness change on AC/Battery switch by default - --- mjg59 - -diff --git a/drivers/acpi/video.c b/drivers/acpi/video.c -index bac2901..93b1a9e 100644 ---- a/drivers/acpi/video.c -+++ b/drivers/acpi/video.c -@@ -1818,7 +1818,7 @@ static int acpi_video_bus_put_devices(struct acpi_video_bus *video) - - static int acpi_video_bus_start_devices(struct acpi_video_bus *video) - { -- return acpi_video_bus_DOS(video, 0, 0); -+ return acpi_video_bus_DOS(video, 0, 1); - } - - static int acpi_video_bus_stop_devices(struct acpi_video_bus *video) diff --git a/linux-2.6-e1000-ich9-montevina.patch b/linux-2.6-e1000-ich9-montevina.patch deleted file mode 100644 index ec38a3902..000000000 --- a/linux-2.6-e1000-ich9-montevina.patch +++ /dev/null @@ -1,46 +0,0 @@ -From 802e6d8c8477a553a677b23a247d6d2638e01958 Mon Sep 17 00:00:00 2001 -From: Dave Jones -Date: Wed, 26 Oct 2011 13:31:47 -0400 -Subject: [PATCH] e1000e: ich9 montevina - -This only showed up in one SDV (Montevina). -The PCIE slots don't seem to like network cards, so this is the only hope -to get networking working. It's never going upstream, but it's low impact -enough to carry just to keep those SDVs working. ---- - drivers/net/ethernet/intel/e1000e/ich8lan.c | 6 ++++++ - drivers/net/ethernet/intel/e1000e/netdev.c | 1 + - 2 files changed, 7 insertions(+), 0 deletions(-) - -diff --git a/drivers/net/ethernet/intel/e1000e/ich8lan.c b/drivers/net/ethernet/intel/e1000e/ich8lan.c -index 6a17c62..0e40975 100644 ---- a/drivers/net/ethernet/intel/e1000e/ich8lan.c -+++ b/drivers/net/ethernet/intel/e1000e/ich8lan.c -@@ -452,6 +452,12 @@ static s32 e1000_init_phy_params_ich8lan(struct e1000_hw *hw) - - /* Verify phy id */ - switch (phy->id) { -+ case 0: -+ if (hw->adapter->pdev->device == 0x10be) -+ e_dbg("got 0 phy id, trying anyway"); -+ /* Fall through to IGP03E1000 case below */ -+ else -+ return -E1000_ERR_PHY; - case IGP03E1000_E_PHY_ID: - phy->type = e1000_phy_igp_3; - phy->autoneg_mask = AUTONEG_ADVERTISE_SPEED_DEFAULT; -diff --git a/drivers/net/ethernet/intel/e1000e/netdev.c b/drivers/net/ethernet/intel/e1000e/netdev.c -index a855db1..edac30b 100644 ---- a/drivers/net/ethernet/intel/e1000e/netdev.c -+++ b/drivers/net/ethernet/intel/e1000e/netdev.c -@@ -6359,6 +6359,7 @@ static DEFINE_PCI_DEVICE_TABLE(e1000_pci_tbl) = { - { PCI_VDEVICE(INTEL, E1000_DEV_ID_ICH9_IGP_M), board_ich9lan }, - { PCI_VDEVICE(INTEL, E1000_DEV_ID_ICH9_IGP_M_AMT), board_ich9lan }, - { PCI_VDEVICE(INTEL, E1000_DEV_ID_ICH9_IGP_M_V), board_ich9lan }, -+ { PCI_VDEVICE(INTEL, 0x10be), board_ich9lan }, - - { PCI_VDEVICE(INTEL, E1000_DEV_ID_ICH10_R_BM_LM), board_ich9lan }, - { PCI_VDEVICE(INTEL, E1000_DEV_ID_ICH10_R_BM_LF), board_ich9lan }, --- -1.7.6.4 - diff --git a/lis3-improve-handling-of-null-rate.patch b/lis3-improve-handling-of-null-rate.patch index 98512564a..30ed26d80 100644 --- a/lis3-improve-handling-of-null-rate.patch +++ b/lis3-improve-handling-of-null-rate.patch @@ -28,9 +28,9 @@ index 35c67e0..42dce2a 100644 -static int lis3_3dc_rates[16] = {0, 1, 10, 25, 50, 100, 200, 400, 1600, 5000}; +/* LIS3DC: 0 = power off, above 9 = undefined */ +static int lis3_3dc_rates[16] = {0, 1, 10, 25, 50, 100, 200, 400, 1600, 5000, -1, -1, -1, -1, -1, -1}; + static int lis3_3dlh_rates[4] = {50, 100, 400, 1000}; /* ODR is Output Data Rate */ - static int lis3lv02d_get_odr(struct lis3lv02d *lis3) @@ -202,12 +203,11 @@ static int lis3lv02d_get_odr(struct lis3lv02d *lis3) return lis3->odrs[(ctrl >> shift)]; } diff --git a/linux-2.6-makefile-after_link.patch b/makefile-after_link.patch similarity index 100% rename from linux-2.6-makefile-after_link.patch rename to makefile-after_link.patch diff --git a/media-cx23885-Fix-TeVii-S471-regression-since-introduction-of-ts2020.patch b/media-cx23885-Fix-TeVii-S471-regression-since-introduction-of-ts2020.patch new file mode 100644 index 000000000..2a28a2fe1 --- /dev/null +++ b/media-cx23885-Fix-TeVii-S471-regression-since-introduction-of-ts2020.patch @@ -0,0 +1,30 @@ +From b43ea8068d2090cb1e44632c8a938ab40d2c7419 Mon Sep 17 00:00:00 2001 +From: Johannes Koch +Date: Wed, 17 Jul 2013 17:28:16 +0000 +Subject: [media] cx23885: Fix TeVii S471 regression since introduction of ts2020 + +Patch to make TeVii S471 cards use the ts2020 tuner, since ds3000 driver no +longer contains tuning code. + +Signed-off-by: Johannes Koch +Signed-off-by: Mauro Carvalho Chehab +--- +(limited to 'drivers/media/pci/cx23885/cx23885-dvb.c') + +diff --git a/drivers/media/pci/cx23885/cx23885-dvb.c b/drivers/media/pci/cx23885/cx23885-dvb.c +index 9c5ed10..bb291c6 100644 +--- a/drivers/media/pci/cx23885/cx23885-dvb.c ++++ b/drivers/media/pci/cx23885/cx23885-dvb.c +@@ -1249,6 +1249,10 @@ static int dvb_register(struct cx23885_tsport *port) + fe0->dvb.frontend = dvb_attach(ds3000_attach, + &tevii_ds3000_config, + &i2c_bus->i2c_adap); ++ if (fe0->dvb.frontend != NULL) { ++ dvb_attach(ts2020_attach, fe0->dvb.frontend, ++ &tevii_ts2020_config, &i2c_bus->i2c_adap); ++ } + break; + case CX23885_BOARD_PROF_8000: + i2c_bus = &dev->i2c_bus[0]; +-- +cgit v0.9.2 diff --git a/mod-extra-sign.sh b/mod-extra-sign.sh new file mode 100755 index 000000000..a6db8b5eb --- /dev/null +++ b/mod-extra-sign.sh @@ -0,0 +1,28 @@ +#! /bin/bash + +# We need to sign modules we've moved from /kernel/ to /extra/ +# during mod-extra processing by hand. The 'modules_sign' Kbuild target can +# "handle" out-of-tree modules, but it does that by not signing them. Plus, +# the modules we've moved aren't actually out-of-tree. We've just shifted +# them to a different location behind Kbuild's back because we are mean. + +# This essentially duplicates the 'modules_sign' Kbuild target and runs the +# same commands for those modules. + +moddir=$1 + +modules=`find $moddir -name *.ko` + +MODSECKEY="./signing_key.priv" +MODPUBKEY="./signing_key.x509" + +for mod in $modules +do + dir=`dirname $mod` + file=`basename $mod` + + ./scripts/sign-file sha256 ${MODSECKEY} ${MODPUBKEY} ${dir}/${file} \ + ${dir}/${file}.signed + mv ${dir}/${file}.signed ${dir}/${file} + rm -f ${dir}/${file}.{sig,dig} +done diff --git a/mod-extra.list b/mod-extra.list index c35fb625f..53f8c36b9 100644 --- a/mod-extra.list +++ b/mod-extra.list @@ -172,3 +172,25 @@ tpm_tis.ko slip.ko nilfs2.ko batman-adv.ko +wire.ko +ds1wm.ko +ds2490.ko +ds2482.ko +w1_ds2780.ko +w1_therm.ko +w1_ds2433.ko +w1_ds2760.ko +w1_ds28e04.ko +w1_ds2408.ko +w1_ds2781.ko +w1_smem.ko +w1_ds2431.ko +w1_ds2423.ko +w1_bq27000.ko +ubifs.ko +orinoco.ko +orinoco_cs.ko +orinoco_plx.ko +orinoco_pci.ko +orinoco_nortel.ko +orinoco_usb.ko diff --git a/mod-extra.sh b/mod-extra.sh new file mode 100755 index 000000000..d121bd0b1 --- /dev/null +++ b/mod-extra.sh @@ -0,0 +1,80 @@ +#! /bin/bash + +Dir=$1 +List=$2 + +pushd $Dir +rm -rf modnames +find . -name "*.ko" -type f > modnames +# Look through all of the modules, and throw any that have a dependency in +# our list into the list as well. +rm -rf dep.list dep2.list +rm -rf req.list req2.list +touch dep.list req.list +cp $2 . + +for dep in `cat modnames` +do + depends=`modinfo $dep | grep depends| cut -f2 -d":" | sed -e 's/^[ \t]*//'` + [ -z "$depends" ] && continue; + for mod in `echo $depends | sed -e 's/,/ /g'` + do + match=`grep "^$mod.ko" mod-extra.list` ||: + if [ -z "$match" ] + then + continue + else + # check if the module we're looking at is in mod-extra too. if so + # we don't need to mark the dep as required + mod2=`basename $dep` + match2=`grep "^$mod2" mod-extra.list` ||: + if [ -n "$match2" ] + then + continue + #echo $mod2 >> notreq.list + else + echo $mod.ko >> req.list + fi + fi + done +done + +sort -u req.list > req2.list +sort -u mod-extra.list > mod-extra2.list +join -v 1 mod-extra2.list req2.list > mod-extra3.list + +for mod in `cat mod-extra3.list` +do + # get the path for the module + modpath=`grep /$mod modnames` ||: + [ -z "$modpath" ] && continue; + echo $modpath >> dep.list +done + +sort -u dep.list > dep2.list + +# now move the modules into the extra/ directory +for mod in `cat dep2.list` +do + newpath=`dirname $mod | sed -e 's/kernel\//extra\//'` + mkdir -p $newpath + mv $mod $newpath +done + +popd + +# If we're signing modules, we can't leave the .mod files for the .ko files +# we've moved in .tmp_versions/. Remove them so the Kbuild 'modules_sign' +# target doesn't try to sign a non-existent file. This is kinda ugly, but +# so is modules-extra. + +for mod in `cat ${Dir}/dep2.list` +do + modfile=`basename $mod | sed -e 's/.ko/.mod/'` + rm .tmp_versions/$modfile +done + +pushd $Dir +rm modnames dep.list dep2.list req.list req2.list +rm mod-extra.list mod-extra2.list mod-extra3.list +popd diff --git a/modsign-20120814.patch b/modsign-20120814.patch deleted file mode 100644 index deb6ccb98..000000000 --- a/modsign-20120814.patch +++ /dev/null @@ -1,8746 +0,0 @@ -From 711fd460b3d44d666fbddd80a91ae5f825c7ebb6 Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 13:59:15 +0100 -Subject: [PATCH 01/28] MPILIB: Provide count_leading/trailing_zeros() based - on arch functions - -Provide count_leading/trailing_zeros() macros based on extant arch bit scanning -functions rather than reimplementing from scratch in MPILIB. - -Whilst we're at it, turn count_foo_zeros(n, x) into n = count_foo_zeros(x). - -Also move the definition to asm-generic as other people may be interested in -using it. - -Signed-off-by: David Howells -Cc: David S. Miller -Cc: Dmitry Kasatkin -Cc: Arnd Bergmann ---- - include/asm-generic/bitops/count_zeros.h | 57 +++++++++++++ - lib/mpi/longlong.h | 138 +------------------------------ - lib/mpi/mpi-bit.c | 2 +- - lib/mpi/mpi-pow.c | 4 +- - 4 files changed, 62 insertions(+), 139 deletions(-) - create mode 100644 include/asm-generic/bitops/count_zeros.h - -diff --git a/include/asm-generic/bitops/count_zeros.h b/include/asm-generic/bitops/count_zeros.h -new file mode 100644 -index 0000000..97520d2 ---- /dev/null -+++ b/include/asm-generic/bitops/count_zeros.h -@@ -0,0 +1,57 @@ -+/* Count leading and trailing zeros functions -+ * -+ * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. -+ * Written by David Howells (dhowells@redhat.com) -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public Licence -+ * as published by the Free Software Foundation; either version -+ * 2 of the Licence, or (at your option) any later version. -+ */ -+ -+#ifndef _ASM_GENERIC_BITOPS_COUNT_ZEROS_H_ -+#define _ASM_GENERIC_BITOPS_COUNT_ZEROS_H_ -+ -+#include -+ -+/** -+ * count_leading_zeros - Count the number of zeros from the MSB back -+ * @x: The value -+ * -+ * Count the number of leading zeros from the MSB going towards the LSB in @x. -+ * -+ * If the MSB of @x is set, the result is 0. -+ * If only the LSB of @x is set, then the result is BITS_PER_LONG-1. -+ * If @x is 0 then the result is COUNT_LEADING_ZEROS_0. -+ */ -+static inline int count_leading_zeros(unsigned long x) -+{ -+ if (sizeof(x) == 4) -+ return BITS_PER_LONG - fls(x); -+ else -+ return BITS_PER_LONG - fls64(x); -+} -+ -+#define COUNT_LEADING_ZEROS_0 BITS_PER_LONG -+ -+/** -+ * count_trailing_zeros - Count the number of zeros from the LSB forwards -+ * @x: The value -+ * -+ * Count the number of trailing zeros from the LSB going towards the MSB in @x. -+ * -+ * If the LSB of @x is set, the result is 0. -+ * If only the MSB of @x is set, then the result is BITS_PER_LONG-1. -+ * If @x is 0 then the result is COUNT_TRAILING_ZEROS_0. -+ */ -+static inline int count_trailing_zeros(unsigned long x) -+{ -+#define COUNT_TRAILING_ZEROS_0 (-1) -+ -+ if (sizeof(x) == 4) -+ return ffs(x); -+ else -+ return (x != 0) ? __ffs(x) : COUNT_TRAILING_ZEROS_0; -+} -+ -+#endif /* _ASM_GENERIC_BITOPS_COUNT_ZEROS_H_ */ -diff --git a/lib/mpi/longlong.h b/lib/mpi/longlong.h -index 29f9862..678ce4f 100644 ---- a/lib/mpi/longlong.h -+++ b/lib/mpi/longlong.h -@@ -19,6 +19,8 @@ - * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, - * MA 02111-1307, USA. */ - -+#include -+ - /* You have to define the following before including this file: - * - * UWtype -- An unsigned type, default type for operations (typically a "word") -@@ -146,12 +148,6 @@ do { \ - : "1" ((USItype)(n1)), \ - "r" ((USItype)(n0)), \ - "r" ((USItype)(d))) -- --#define count_leading_zeros(count, x) \ -- __asm__ ("clz %0,%1" \ -- : "=r" ((USItype)(count)) \ -- : "r" ((USItype)(x))) --#define COUNT_LEADING_ZEROS_0 32 - #endif /* __a29k__ */ - - #if defined(__alpha) && W_TYPE_SIZE == 64 -@@ -298,11 +294,6 @@ extern UDItype __udiv_qrnnd(); - : "1" ((USItype)(nh)), \ - "0" ((USItype)(nl)), \ - "g" ((USItype)(d))) --#define count_leading_zeros(count, x) \ -- __asm__ ("bsch/1 %1,%0" \ -- : "=g" (count) \ -- : "g" ((USItype)(x)), \ -- "0" ((USItype)0)) - #endif - - /*************************************** -@@ -354,27 +345,6 @@ do { USItype __r; \ - } while (0) - extern USItype __udiv_qrnnd(); - #endif /* LONGLONG_STANDALONE */ --#define count_leading_zeros(count, x) \ --do { \ -- USItype __tmp; \ -- __asm__ ( \ -- "ldi 1,%0\n" \ -- "extru,= %1,15,16,%%r0 ; Bits 31..16 zero?\n" \ -- "extru,tr %1,15,16,%1 ; No. Shift down, skip add.\n" \ -- "ldo 16(%0),%0 ; Yes. Perform add.\n" \ -- "extru,= %1,23,8,%%r0 ; Bits 15..8 zero?\n" \ -- "extru,tr %1,23,8,%1 ; No. Shift down, skip add.\n" \ -- "ldo 8(%0),%0 ; Yes. Perform add.\n" \ -- "extru,= %1,27,4,%%r0 ; Bits 7..4 zero?\n" \ -- "extru,tr %1,27,4,%1 ; No. Shift down, skip add.\n" \ -- "ldo 4(%0),%0 ; Yes. Perform add.\n" \ -- "extru,= %1,29,2,%%r0 ; Bits 3..2 zero?\n" \ -- "extru,tr %1,29,2,%1 ; No. Shift down, skip add.\n" \ -- "ldo 2(%0),%0 ; Yes. Perform add.\n" \ -- "extru %1,30,1,%1 ; Extract bit 1.\n" \ -- "sub %0,%1,%0 ; Subtract it. " \ -- : "=r" (count), "=r" (__tmp) : "1" (x)); \ --} while (0) - #endif /* hppa */ - - /*************************************** -@@ -457,15 +427,6 @@ do { \ - : "0" ((USItype)(n0)), \ - "1" ((USItype)(n1)), \ - "rm" ((USItype)(d))) --#define count_leading_zeros(count, x) \ --do { \ -- USItype __cbtmp; \ -- __asm__ ("bsrl %1,%0" \ -- : "=r" (__cbtmp) : "rm" ((USItype)(x))); \ -- (count) = __cbtmp ^ 31; \ --} while (0) --#define count_trailing_zeros(count, x) \ -- __asm__ ("bsfl %1,%0" : "=r" (count) : "rm" ((USItype)(x))) - #ifndef UMUL_TIME - #define UMUL_TIME 40 - #endif -@@ -536,15 +497,6 @@ do { \ - "dI" ((USItype)(d))); \ - (r) = __rq.__i.__l; (q) = __rq.__i.__h; \ - } while (0) --#define count_leading_zeros(count, x) \ --do { \ -- USItype __cbtmp; \ -- __asm__ ("scanbit %1,%0" \ -- : "=r" (__cbtmp) \ -- : "r" ((USItype)(x))); \ -- (count) = __cbtmp ^ 31; \ --} while (0) --#define COUNT_LEADING_ZEROS_0 (-32) /* sic */ - #if defined(__i960mx) /* what is the proper symbol to test??? */ - #define rshift_rhlc(r, h, l, c) \ - do { \ -@@ -603,11 +555,6 @@ do { \ - : "0" ((USItype)(n0)), \ - "1" ((USItype)(n1)), \ - "dmi" ((USItype)(d))) --#define count_leading_zeros(count, x) \ -- __asm__ ("bfffo %1{%b2:%b2},%0" \ -- : "=d" ((USItype)(count)) \ -- : "od" ((USItype)(x)), "n" (0)) --#define COUNT_LEADING_ZEROS_0 32 - #else /* not mc68020 */ - #define umul_ppmm(xh, xl, a, b) \ - do { USItype __umul_tmp1, __umul_tmp2; \ -@@ -664,15 +611,6 @@ do { USItype __umul_tmp1, __umul_tmp2; \ - "rJ" ((USItype)(bh)), \ - "rJ" ((USItype)(al)), \ - "rJ" ((USItype)(bl))) --#define count_leading_zeros(count, x) \ --do { \ -- USItype __cbtmp; \ -- __asm__ ("ff1 %0,%1" \ -- : "=r" (__cbtmp) \ -- : "r" ((USItype)(x))); \ -- (count) = __cbtmp ^ 31; \ --} while (0) --#define COUNT_LEADING_ZEROS_0 63 /* sic */ - #if defined(__m88110__) - #define umul_ppmm(wh, wl, u, v) \ - do { \ -@@ -779,12 +717,6 @@ do { \ - : "0" (__xx.__ll), \ - "g" ((USItype)(d))); \ - (r) = __xx.__i.__l; (q) = __xx.__i.__h; }) --#define count_trailing_zeros(count, x) \ --do { \ -- __asm__("ffsd %2,%0" \ -- : "=r"((USItype) (count)) \ -- : "0"((USItype) 0), "r"((USItype) (x))); \ -- } while (0) - #endif /* __ns32000__ */ - - /*************************************** -@@ -855,11 +787,6 @@ do { \ - "rI" ((USItype)(al)), \ - "r" ((USItype)(bl))); \ - } while (0) --#define count_leading_zeros(count, x) \ -- __asm__ ("{cntlz|cntlzw} %0,%1" \ -- : "=r" ((USItype)(count)) \ -- : "r" ((USItype)(x))) --#define COUNT_LEADING_ZEROS_0 32 - #if defined(_ARCH_PPC) - #define umul_ppmm(ph, pl, m0, m1) \ - do { \ -@@ -1001,19 +928,6 @@ do { \ - } while (0) - #define UMUL_TIME 20 - #define UDIV_TIME 200 --#define count_leading_zeros(count, x) \ --do { \ -- if ((x) >= 0x10000) \ -- __asm__ ("clz %0,%1" \ -- : "=r" ((USItype)(count)) \ -- : "r" ((USItype)(x) >> 16)); \ -- else { \ -- __asm__ ("clz %0,%1" \ -- : "=r" ((USItype)(count)) \ -- : "r" ((USItype)(x))); \ -- (count) += 16; \ -- } \ --} while (0) - #endif /* RT/ROMP */ - - /*************************************** -@@ -1142,13 +1056,6 @@ do { \ - "rI" ((USItype)(d)) \ - : "%g1" __AND_CLOBBER_CC) - #define UDIV_TIME 37 --#define count_leading_zeros(count, x) \ -- __asm__ ("scan %1,0,%0" \ -- : "=r" ((USItype)(x)) \ -- : "r" ((USItype)(count))) --/* Early sparclites return 63 for an argument of 0, but they warn that future -- implementations might change this. Therefore, leave COUNT_LEADING_ZEROS_0 -- undefined. */ - #endif /* __sparclite__ */ - #endif /* __sparc_v8__ */ - /* Default to sparc v7 versions of umul_ppmm and udiv_qrnnd. */ -@@ -1454,47 +1361,6 @@ do { \ - #define udiv_qrnnd __udiv_qrnnd_c - #endif - --#undef count_leading_zeros --#if !defined(count_leading_zeros) -- extern --#ifdef __STDC__ -- const --#endif -- unsigned char __clz_tab[]; --#define count_leading_zeros(count, x) \ --do { \ -- UWtype __xr = (x); \ -- UWtype __a; \ -- \ -- if (W_TYPE_SIZE <= 32) { \ -- __a = __xr < ((UWtype) 1 << 2*__BITS4) \ -- ? (__xr < ((UWtype) 1 << __BITS4) ? 0 : __BITS4) \ -- : (__xr < ((UWtype) 1 << 3*__BITS4) ? 2*__BITS4 : 3*__BITS4); \ -- } \ -- else { \ -- for (__a = W_TYPE_SIZE - 8; __a > 0; __a -= 8) \ -- if (((__xr >> __a) & 0xff) != 0) \ -- break; \ -- } \ -- \ -- (count) = W_TYPE_SIZE - (__clz_tab[__xr >> __a] + __a); \ --} while (0) -- /* This version gives a well-defined value for zero. */ --#define COUNT_LEADING_ZEROS_0 W_TYPE_SIZE --#endif -- --#if !defined(count_trailing_zeros) --/* Define count_trailing_zeros using count_leading_zeros. The latter might be -- defined in asm, but if it is not, the C version above is good enough. */ --#define count_trailing_zeros(count, x) \ --do { \ -- UWtype __ctz_x = (x); \ -- UWtype __ctz_c; \ -- count_leading_zeros(__ctz_c, __ctz_x & -__ctz_x); \ -- (count) = W_TYPE_SIZE - 1 - __ctz_c; \ --} while (0) --#endif -- - #ifndef UDIV_NEEDS_NORMALIZATION - #define UDIV_NEEDS_NORMALIZATION 0 - #endif -diff --git a/lib/mpi/mpi-bit.c b/lib/mpi/mpi-bit.c -index 5687248..503537e 100644 ---- a/lib/mpi/mpi-bit.c -+++ b/lib/mpi/mpi-bit.c -@@ -45,7 +45,7 @@ unsigned mpi_get_nbits(MPI a) - if (a->nlimbs) { - mpi_limb_t alimb = a->d[a->nlimbs - 1]; - if (alimb) -- count_leading_zeros(n, alimb); -+ n = count_leading_zeros(alimb); - else - n = BITS_PER_MPI_LIMB; - n = BITS_PER_MPI_LIMB - n + (a->nlimbs - 1) * BITS_PER_MPI_LIMB; -diff --git a/lib/mpi/mpi-pow.c b/lib/mpi/mpi-pow.c -index 67f3e79..5464c87 100644 ---- a/lib/mpi/mpi-pow.c -+++ b/lib/mpi/mpi-pow.c -@@ -77,7 +77,7 @@ int mpi_powm(MPI res, MPI base, MPI exp, MPI mod) - mp = mp_marker = mpi_alloc_limb_space(msize); - if (!mp) - goto enomem; -- count_leading_zeros(mod_shift_cnt, mod->d[msize - 1]); -+ mod_shift_cnt = count_leading_zeros(mod->d[msize - 1]); - if (mod_shift_cnt) - mpihelp_lshift(mp, mod->d, msize, mod_shift_cnt); - else -@@ -169,7 +169,7 @@ int mpi_powm(MPI res, MPI base, MPI exp, MPI mod) - - i = esize - 1; - e = ep[i]; -- count_leading_zeros(c, e); -+ c = count_leading_zeros(e); - e = (e << c) << 1; /* shift the exp bits to the left, lose msb */ - c = BITS_PER_MPI_LIMB - 1 - c; - --- -1.7.11.2 - - -From 1d6e2f2b87e6651bead1c0ccca699681f92dd52c Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 13:59:51 +0100 -Subject: [PATCH 02/28] KEYS: Create a key type that can be used for general - cryptographic operations - -Create a key type that can be used for general cryptographic operations, such -as encryption, decryption, signature generation and signature verification. - -The key type is "crypto" and can provide access to a variety of cryptographic -algorithms. - -Signed-off-by: David Howells ---- - Documentation/security/keys-crypto.txt | 181 ++++++++++++++++++++++++++ - include/keys/crypto-subtype.h | 56 ++++++++ - include/keys/crypto-type.h | 25 ++++ - security/keys/Kconfig | 2 + - security/keys/Makefile | 1 + - security/keys/crypto/Kconfig | 7 + - security/keys/crypto/Makefile | 7 + - security/keys/crypto/crypto_keys.h | 28 ++++ - security/keys/crypto/crypto_type.c | 228 +++++++++++++++++++++++++++++++++ - 9 files changed, 535 insertions(+) - create mode 100644 Documentation/security/keys-crypto.txt - create mode 100644 include/keys/crypto-subtype.h - create mode 100644 include/keys/crypto-type.h - create mode 100644 security/keys/crypto/Kconfig - create mode 100644 security/keys/crypto/Makefile - create mode 100644 security/keys/crypto/crypto_keys.h - create mode 100644 security/keys/crypto/crypto_type.c - -diff --git a/Documentation/security/keys-crypto.txt b/Documentation/security/keys-crypto.txt -new file mode 100644 -index 0000000..97dee80 ---- /dev/null -+++ b/Documentation/security/keys-crypto.txt -@@ -0,0 +1,181 @@ -+ ====================== -+ CRYPTOGRAPHIC KEY TYPE -+ ====================== -+ -+Contents: -+ -+ - Overview. -+ - Key identification. -+ - Accessing crypto keys. -+ - Implementing crypto parsers. -+ - Implementing crypto subtypes. -+ -+ -+======== -+OVERVIEW -+======== -+ -+The "crypto" key type is designed to be a container for cryptographic keys, -+without imposing any particular restrictions on the form of the cryptography or -+the key. -+ -+The crypto key is given a subtype that defines what sort of data is associated -+with the key and provides operations to describe and destroy it. However, no -+requirement is made that the key data actually be loaded into the key. -+ -+The crypto key also has a number of data parsers registered with it. The data -+parsers are responsible for extracing information the blobs of data passed to -+the instantiator function. The first data parser that recognises the blob gets -+to set the subtype of the key and define the operations that can be done on -+that key. -+ -+Completely in-kernel key retention and operation subtypes and parsers can be -+defined, but it would also be possible to provide access to cryptographic -+hardware (such as a TPM) that might be used to both retain the relevant key and -+perform operations using that key. In such a case, the crypto key would then -+merely be an interface to the TPM driver. -+ -+ -+================== -+KEY IDENTIFICATION -+================== -+ -+Because the identity of a key is not necessarily known and may not be easily -+calculated when a crypto key is allocated, it may not be a simple matter to set -+a key description to something that's useful for determining whether this is -+the key you're looking for. Furthermore, it may be necessary to perform a -+partial match upon the key identity. -+ -+To help with this, when a key is loaded, the parser calculates the key -+fingerprint and stores a copy in the key structure. -+ -+The crypto key type's key matching function then performs more checks than just -+the straightforward comparison of the description with the criterion string: -+ -+ (1) If the criterion string is of the form "id:" then the match -+ function will examine a key's fingerprint to see if the hex digits given -+ after the "id:" match the tail. For instance: -+ -+ keyctl search @s crypto id:5acc2142 -+ -+ will match a key with fingerprint: -+ -+ 1A00 2040 7601 7889 DE11 882C 3823 04AD 5ACC 2142 -+ -+ (2) If the criterion string is of the form ":" then the -+ match will match the ID as in (1), but with the added restriction that -+ only keys of the specified subtype (e.g. dsa or rsa) will be matched. For -+ instance: -+ -+ keyctl search @s crypto dsa:5acc2142 -+ -+Looking in /proc/keys, the last 8 hex digits of the key fingerprint are -+displayed, along with the subtype: -+ -+ 1a39e171 I----- 1 perm 3f010000 0 0 crypto modsign.0: DSA 5acc2142 [] -+ -+ -+===================== -+ACCESSING CRYPTO KEYS -+===================== -+ -+To access crypto keys from within the kernel, the following inclusion is -+required: -+ -+ #include -+ -+This gives access to the key type: -+ -+ struct key_type key_type_crypto; -+ -+ -+=========================== -+IMPLEMENTING CRYPTO PARSERS -+=========================== -+ -+The crypto key type keeps a list of registered data parsers. An example of -+such a parser is one that parses OpenPGP packet formatted data [RFC 4880]. -+ -+During key instantiation each parser in the list is tried until one doesn't -+return -EBADMSG. -+ -+The parser definition structure looks like the following: -+ -+ struct crypto_key_parser { -+ struct module *owner; -+ const char *name; -+ -+ int (*instantiate)(struct key *key, -+ const void *data, size_t datalen); -+ }; -+ -+The owner and name fields should be set to the owning module and the name of -+the parser. -+ -+There are a number of operations defined by the parser. They are all optional, -+but it is expected that at least one will be defined. -+ -+ (1) instantiate(). -+ -+ The arguments are the same as for the instantiate function in the key -+ type. 'key' is the crypto key being instantiated; data and datalen are -+ the instantiation data, presumably containing cryptographic key data, and -+ the length of that data. -+ -+ If the data format is not recognised, -EBADMSG should be returned. If it -+ is recognised, but the key cannot for some reason be set up, some other -+ negative error code should be returned. -+ -+ If the key can be successfully set up, then key->payload should be set to -+ point to the retained data, key->type_data.p[0] should be set to point to -+ the subtype chosen and key->type_data.p[1] should be set to point to a -+ copy of the key's identity string and 0 should be returned. -+ -+ The key's identity string may be partially matched upon. For a public-key -+ algorithm such as RSA and DSA this will likely be a printable hex version -+ of the key's fingerprint. -+ -+Functions are provided to register and unregister parsers: -+ -+ int register_crypto_key_parser(struct crypto_key_parser *parser); -+ void unregister_crypto_key_parser(struct crypto_key_parser *subtype); -+ -+Parsers may not have the same name. The names are only used for displaying in -+debugging messages. -+ -+ -+============================ -+IMPLEMENTING CRYPTO SUBTYPES -+============================ -+ -+The parser selects the appropriate subtype directly and sets it on the key; the -+crypto key then retains a reference on the subtype module (which means the -+parser can be removed thereafter). -+ -+The subtype definition structure looks like the following: -+ -+ struct crypto_key_subtype { -+ struct module *owner; -+ const char *name; -+ -+ void (*describe)(const struct key *key, struct seq_file *m); -+ void (*destroy)(void *payload); -+ }; -+ -+The owner and name fields should be set to the owning module and the name of -+the subtype. -+ -+There are a number of operations defined by the subtype: -+ -+ (1) describe(). -+ -+ Mandatory. This allows the subtype to display something in /proc/keys -+ against the key. For instance the name of the public key algorithm type -+ could be displayed. The key type will display the tail of the key -+ identity string after this. -+ -+ (2) destroy(). -+ -+ Mandatory. This should free the memory associated with the key. The -+ crypto key will look after freeing the fingerprint and releasing the -+ reference on the subtype module. -diff --git a/include/keys/crypto-subtype.h b/include/keys/crypto-subtype.h -new file mode 100644 -index 0000000..fa87555 ---- /dev/null -+++ b/include/keys/crypto-subtype.h -@@ -0,0 +1,56 @@ -+/* Cryptographic key subtype -+ * -+ * Copyright (C) 2011 Red Hat, Inc. All Rights Reserved. -+ * Written by David Howells (dhowells@redhat.com) -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public Licence -+ * as published by the Free Software Foundation; either version -+ * 2 of the Licence, or (at your option) any later version. -+ * -+ * See Documentation/security/keys-crypto.txt -+ */ -+ -+#ifndef _KEYS_CRYPTO_SUBTYPE_H -+#define _KEYS_CRYPTO_SUBTYPE_H -+ -+#include -+#include -+ -+extern struct key_type key_type_crypto; -+ -+/* -+ * Keys of this type declare a subtype that indicates the handlers and -+ * capabilities. -+ */ -+struct crypto_key_subtype { -+ struct module *owner; -+ const char *name; -+ unsigned short name_len; /* length of name */ -+ -+ void (*describe)(const struct key *key, struct seq_file *m); -+ -+ void (*destroy)(void *payload); -+}; -+ -+/* -+ * Data parser. Called during instantiation and signature verification -+ * initiation. -+ */ -+struct crypto_key_parser { -+ struct list_head link; -+ struct module *owner; -+ const char *name; -+ -+ /* Attempt to instantiate a key from the data blob passed to add_key() -+ * or keyctl_instantiate(). -+ * -+ * Return EBADMSG if not recognised. -+ */ -+ int (*instantiate)(struct key *key, const void *data, size_t datalen); -+}; -+ -+extern int register_crypto_key_parser(struct crypto_key_parser *); -+extern void unregister_crypto_key_parser(struct crypto_key_parser *); -+ -+#endif /* _KEYS_CRYPTO_SUBTYPE_H */ -diff --git a/include/keys/crypto-type.h b/include/keys/crypto-type.h -new file mode 100644 -index 0000000..47c00c7 ---- /dev/null -+++ b/include/keys/crypto-type.h -@@ -0,0 +1,25 @@ -+/* Cryptographic key type interface -+ * -+ * Copyright (C) 2011 Red Hat, Inc. All Rights Reserved. -+ * Written by David Howells (dhowells@redhat.com) -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public Licence -+ * as published by the Free Software Foundation; either version -+ * 2 of the Licence, or (at your option) any later version. -+ * -+ * See Documentation/security/keys-crypto.txt -+ */ -+ -+#ifndef _KEYS_CRYPTO_TYPE_H -+#define _KEYS_CRYPTO_TYPE_H -+ -+#include -+ -+extern struct key_type key_type_crypto; -+ -+/* -+ * The payload is at the discretion of the subtype. -+ */ -+ -+#endif /* _KEYS_CRYPTO_TYPE_H */ -diff --git a/security/keys/Kconfig b/security/keys/Kconfig -index a90d6d3..992fe52 100644 ---- a/security/keys/Kconfig -+++ b/security/keys/Kconfig -@@ -69,3 +69,5 @@ config KEYS_DEBUG_PROC_KEYS - the resulting table. - - If you are unsure as to whether this is required, answer N. -+ -+source security/keys/crypto/Kconfig -diff --git a/security/keys/Makefile b/security/keys/Makefile -index 504aaa0..67dae73 100644 ---- a/security/keys/Makefile -+++ b/security/keys/Makefile -@@ -24,3 +24,4 @@ obj-$(CONFIG_SYSCTL) += sysctl.o - # - obj-$(CONFIG_TRUSTED_KEYS) += trusted.o - obj-$(CONFIG_ENCRYPTED_KEYS) += encrypted-keys/ -+obj-$(CONFIG_CRYPTO_KEY_TYPE) += crypto/ -diff --git a/security/keys/crypto/Kconfig b/security/keys/crypto/Kconfig -new file mode 100644 -index 0000000..3d15710 ---- /dev/null -+++ b/security/keys/crypto/Kconfig -@@ -0,0 +1,7 @@ -+config CRYPTO_KEY_TYPE -+ tristate "Cryptographic key type" -+ depends on KEYS -+ help -+ This option provides support for a type of key that holds the keys -+ required for cryptographic operations such as encryption, decryption, -+ signature generation and signature verification. -diff --git a/security/keys/crypto/Makefile b/security/keys/crypto/Makefile -new file mode 100644 -index 0000000..36db1d5 ---- /dev/null -+++ b/security/keys/crypto/Makefile -@@ -0,0 +1,7 @@ -+# -+# Makefile for cryptographic keys -+# -+ -+obj-$(CONFIG_CRYPTO_KEY_TYPE) += crypto_keys.o -+ -+crypto_keys-y := crypto_type.o -diff --git a/security/keys/crypto/crypto_keys.h b/security/keys/crypto/crypto_keys.h -new file mode 100644 -index 0000000..a339ce0 ---- /dev/null -+++ b/security/keys/crypto/crypto_keys.h -@@ -0,0 +1,28 @@ -+/* Internal crypto type stuff -+ * -+ * Copyright (C) 2011 Red Hat, Inc. All Rights Reserved. -+ * Written by David Howells (dhowells@redhat.com) -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public Licence -+ * as published by the Free Software Foundation; either version -+ * 2 of the Licence, or (at your option) any later version. -+ */ -+ -+static inline -+struct crypto_key_subtype *crypto_key_subtype(const struct key *key) -+{ -+ return key->type_data.p[0]; -+} -+ -+static inline char *crypto_key_id(const struct key *key) -+{ -+ return key->type_data.p[1]; -+} -+ -+ -+/* -+ * crypto_type.c -+ */ -+extern struct list_head crypto_key_parsers; -+extern struct rw_semaphore crypto_key_parsers_sem; -diff --git a/security/keys/crypto/crypto_type.c b/security/keys/crypto/crypto_type.c -new file mode 100644 -index 0000000..33d279b ---- /dev/null -+++ b/security/keys/crypto/crypto_type.c -@@ -0,0 +1,228 @@ -+/* Cryptographic key type -+ * -+ * Copyright (C) 2011 Red Hat, Inc. All Rights Reserved. -+ * Written by David Howells (dhowells@redhat.com) -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public Licence -+ * as published by the Free Software Foundation; either version -+ * 2 of the Licence, or (at your option) any later version. -+ * -+ * See Documentation/security/keys-crypto.txt -+ */ -+#include -+#include -+#include -+#include -+#include "crypto_keys.h" -+ -+MODULE_LICENSE("GPL"); -+ -+LIST_HEAD(crypto_key_parsers); -+DECLARE_RWSEM(crypto_key_parsers_sem); -+ -+/* -+ * Match crypto_keys on (part of) their name -+ * We have some shorthand methods for matching keys. We allow: -+ * -+ * "" - request a key by description -+ * "id:" - request a key matching the ID -+ * ":" - request a key of a subtype -+ */ -+static int crypto_key_match(const struct key *key, const void *description) -+{ -+ const struct crypto_key_subtype *subtype = crypto_key_subtype(key); -+ const char *spec = description; -+ const char *id, *kid; -+ ptrdiff_t speclen; -+ size_t idlen, kidlen; -+ -+ if (!subtype || !spec || !*spec) -+ return 0; -+ -+ /* See if the full key description matches as is */ -+ if (key->description && strcmp(key->description, description) == 0) -+ return 1; -+ -+ /* All tests from here on break the criterion description into a -+ * specifier, a colon and then an identifier. -+ */ -+ id = strchr(spec, ':'); -+ if (!id) -+ return 0; -+ -+ speclen = id - spec; -+ id++; -+ -+ /* Anything after here requires a partial match on the ID string */ -+ kid = crypto_key_id(key); -+ if (!kid) -+ return 0; -+ -+ idlen = strlen(id); -+ kidlen = strlen(kid); -+ if (idlen > kidlen) -+ return 0; -+ -+ kid += kidlen - idlen; -+ if (strcasecmp(id, kid) != 0) -+ return 0; -+ -+ if (speclen == 2 && -+ memcmp(spec, "id", 2) == 0) -+ return 1; -+ -+ if (speclen == subtype->name_len && -+ memcmp(spec, subtype->name, speclen) == 0) -+ return 1; -+ -+ return 0; -+} -+ -+/* -+ * Describe the crypto key -+ */ -+static void crypto_key_describe(const struct key *key, struct seq_file *m) -+{ -+ const struct crypto_key_subtype *subtype = crypto_key_subtype(key); -+ const char *kid = crypto_key_id(key); -+ size_t n; -+ -+ seq_puts(m, key->description); -+ -+ if (subtype) { -+ seq_puts(m, ": "); -+ subtype->describe(key, m); -+ -+ if (kid) { -+ seq_putc(m, ' '); -+ n = strlen(kid); -+ if (n <= 8) -+ seq_puts(m, kid); -+ else -+ seq_puts(m, kid + n - 8); -+ } -+ -+ seq_puts(m, " ["); -+ /* put something here to indicate the key's capabilities */ -+ seq_putc(m, ']'); -+ } -+} -+ -+/* -+ * Instantiate a crypto_key defined key -+ */ -+static int crypto_key_instantiate(struct key *key, -+ const void *data, size_t datalen) -+{ -+ struct crypto_key_parser *parser; -+ int ret; -+ -+ pr_devel("==>%s()\n", __func__); -+ -+ if (datalen == 0) -+ return -EINVAL; -+ -+ down_read(&crypto_key_parsers_sem); -+ -+ ret = -EBADMSG; -+ list_for_each_entry(parser, &crypto_key_parsers, link) { -+ pr_debug("Trying parser '%s'\n", parser->name); -+ -+ ret = parser->instantiate(key, data, datalen); -+ if (ret != -EBADMSG) { -+ pr_debug("Parser recognised the format (ret %d)\n", -+ ret); -+ break; -+ } -+ } -+ -+ up_read(&crypto_key_parsers_sem); -+ pr_devel("<==%s() = %d\n", __func__, ret); -+ return ret; -+} -+ -+/* -+ * dispose of the data dangling from the corpse of a crypto key -+ */ -+static void crypto_key_destroy(struct key *key) -+{ -+ struct crypto_key_subtype *subtype = crypto_key_subtype(key); -+ if (subtype) { -+ subtype->destroy(key->payload.data); -+ module_put(subtype->owner); -+ key->type_data.p[0] = NULL; -+ } -+ kfree(key->type_data.p[1]); -+ key->type_data.p[1] = NULL; -+} -+ -+struct key_type key_type_crypto = { -+ .name = "crypto", -+ .instantiate = crypto_key_instantiate, -+ .match = crypto_key_match, -+ .destroy = crypto_key_destroy, -+ .describe = crypto_key_describe, -+}; -+EXPORT_SYMBOL_GPL(key_type_crypto); -+ -+/** -+ * register_crypto_key_parser - Register a crypto key blob parser -+ * @parser: The parser to register -+ */ -+int register_crypto_key_parser(struct crypto_key_parser *parser) -+{ -+ struct crypto_key_parser *cursor; -+ int ret; -+ -+ down_write(&crypto_key_parsers_sem); -+ -+ list_for_each_entry(cursor, &crypto_key_parsers, link) { -+ if (strcmp(cursor->name, parser->name) == 0) { -+ pr_err("Crypto key parser '%s' already registered\n", -+ parser->name); -+ ret = -EEXIST; -+ goto out; -+ } -+ } -+ -+ list_add_tail(&parser->link, &crypto_key_parsers); -+ -+ pr_notice("Crypto key parser '%s' registered\n", parser->name); -+ ret = 0; -+ -+out: -+ up_write(&crypto_key_parsers_sem); -+ return ret; -+} -+EXPORT_SYMBOL_GPL(register_crypto_key_parser); -+ -+/** -+ * unregister_crypto_key_parser - Unregister a crypto key blob parser -+ * @parser: The parser to unregister -+ */ -+void unregister_crypto_key_parser(struct crypto_key_parser *parser) -+{ -+ down_write(&crypto_key_parsers_sem); -+ list_del(&parser->link); -+ up_write(&crypto_key_parsers_sem); -+ -+ pr_notice("Crypto key parser '%s' unregistered\n", parser->name); -+} -+EXPORT_SYMBOL_GPL(unregister_crypto_key_parser); -+ -+/* -+ * Module stuff -+ */ -+static int __init crypto_key_init(void) -+{ -+ return register_key_type(&key_type_crypto); -+} -+ -+static void __exit crypto_key_cleanup(void) -+{ -+ unregister_key_type(&key_type_crypto); -+} -+ -+module_init(crypto_key_init); -+module_exit(crypto_key_cleanup); --- -1.7.11.2 - - -From 24d9655ce0fc046012078867baaedd3bf2eaedd2 Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 13:59:51 +0100 -Subject: [PATCH 03/28] KEYS: Add signature verification facility - -Add a facility whereby a key subtype may be asked to verify a signature against -the data it is purported to have signed. - -This adds four routines: - - (1) struct crypto_key_verify_context * - verify_sig_begin(struct key *keyring, const void *sig, size_t siglen); - - This sets up a verification context for the given signature using - information in that signature to select a key from the specified keyring - and to request a hash algorithm from the crypto layer. - - (2) int verify_sig_add_data(struct crypto_key_verify_context *ctx, - const void *data, size_t datalen); - - Incrementally supply data to be signed. May be called multiple times. - - (3) int verify_sig_end(struct crypto_key_verify_context *ctx, - const void *sig, size_t siglen); - - Complete the verification process and return the result. -EKEYREJECTED - will indicate that the verification failed and 0 will indicate success. - Other errors are also possible. - - (4) void verify_sig_cancel(struct crypto_key_verify_context *ctx); - - Cancel the verification process. - -Signed-off-by: David Howells ---- - Documentation/security/keys-crypto.txt | 101 +++++++++++++++++++++++++++++ - include/keys/crypto-subtype.h | 21 +++++++ - include/keys/crypto-type.h | 9 +++ - security/keys/crypto/Makefile | 2 +- - security/keys/crypto/crypto_verify.c | 112 +++++++++++++++++++++++++++++++++ - 5 files changed, 244 insertions(+), 1 deletion(-) - create mode 100644 security/keys/crypto/crypto_verify.c - -diff --git a/Documentation/security/keys-crypto.txt b/Documentation/security/keys-crypto.txt -index 97dee80..a964717 100644 ---- a/Documentation/security/keys-crypto.txt -+++ b/Documentation/security/keys-crypto.txt -@@ -7,6 +7,7 @@ Contents: - - Overview. - - Key identification. - - Accessing crypto keys. -+ - Signature verification. - - Implementing crypto parsers. - - Implementing crypto subtypes. - -@@ -89,6 +90,65 @@ This gives access to the key type: - struct key_type key_type_crypto; - - -+SIGNATURE VERIFICATION -+---------------------- -+ -+The four operations that can perform cryptographic signature verification, -+using one of a set of keys to provide the public key: -+ -+ (1) Begin verification procedure. -+ -+ struct crypto_key_verify_context * -+ verify_sig_begin(struct key *keyring, const void *sig, size_t siglen); -+ -+ This function sets up a verification context from the information in the -+ signature and looks for a suitable key in the keyring. The signature blob -+ must be presented again at the end of the procedure. The keys will be -+ checked against parameters in the signature, and if the matching one is -+ not found then -ENOKEY will be returned. -+ -+ The hashing algorithm, if such a thing applies, will be determined from -+ information in the signature and the appropriate crypto module will be -+ used. -ENOPKG will be returned if the hash algorithm is unavailable. -+ -+ The return value is an opaque pointer to be passed to the other functions, -+ or a negative error code. -+ -+ (2) Indicate data to be verified. -+ -+ int verify_sig_add_data(struct crypto_key_verify_context *ctx, -+ const void *data, size_t datalen); -+ -+ This function is used to shovel data to the verification procedure so that -+ it can load it into the hash, pass it to hardware or whatever is -+ appropriate for the algorithm being employed. -+ -+ The data is not canonicalised for the document type specified in the -+ signature. The caller must do that. -+ -+ It will return 0 if successful and a negative error code if not. -+ -+ (3) Complete the verification process. -+ -+ int verify_sig_end(struct crypto_key_verify_context *ctx, -+ const void *sig, size_t siglen); -+ -+ This function performs the actual signature verification step and cleans -+ up the resources allocated at the beginning. The signature must be -+ presented again as some of the data therein may need to be added to the -+ internal hash. -+ -+ It will return -EKEYREJECTED if the signature didn't match, 0 if -+ successful and may return other errors as appropriate. -+ -+ (4) Cancel the verification process. -+ -+ void verify_sig_cancel(struct crypto_key_verify_context *ctx); -+ -+ This function cleans up the resources allocated at the beginning. This is -+ not necessary if verify_sig_end() was called. -+ -+ - =========================== - IMPLEMENTING CRYPTO PARSERS - =========================== -@@ -96,6 +156,7 @@ IMPLEMENTING CRYPTO PARSERS - The crypto key type keeps a list of registered data parsers. An example of - such a parser is one that parses OpenPGP packet formatted data [RFC 4880]. - -+ - During key instantiation each parser in the list is tried until one doesn't - return -EBADMSG. - -@@ -107,6 +168,8 @@ The parser definition structure looks like the following: - - int (*instantiate)(struct key *key, - const void *data, size_t datalen); -+ struct crypto_key_verify_context *(*verify_sig_begin)( -+ struct key *keyring, const u8 *sig, size_t siglen); - }; - - The owner and name fields should be set to the owning module and the name of -@@ -135,6 +198,44 @@ but it is expected that at least one will be defined. - algorithm such as RSA and DSA this will likely be a printable hex version - of the key's fingerprint. - -+ (2) verify_sig_begin(). -+ -+ This is similar in concept to the instantiate() function, except that it -+ is given a signature blob to parse rather than a key data blob. -+ -+ If the data format is not recognised, -EBADMSG should be returned. If it -+ is recognised, but the signature verification process cannot for some -+ reason be set up, some other negative error code should be returned. -+ -ENOKEY should be used to indicate that no matching key is available and -+ -ENOPKG should be returned if the hash algorithm or the verification -+ algorithm are unavailable. -+ -+ If successful, the parser should allocate a verification context and embed -+ the following struct in it: -+ -+ struct crypto_key_verify_context { -+ struct key *key; -+ int (*add_data)(struct crypto_key_verify_context *ctx, -+ const void *data, size_t datalen); -+ int (*end)(struct crypto_key_verify_context *ctx, -+ const u8 *sig, size_t siglen); -+ void (*cancel)(struct crypto_key_verify_context *ctx); -+ }; -+ -+ and return a pointer to this to the caller, who will then pass it to the -+ verification operation wrappers described in the "Signature Verification" -+ section. The three operation pointers here correspond exactly to those -+ wrappers and are all mandatory. container_of() should be used to retrieve -+ the actual context. -+ -+ Note that the crypto key type retains a reference on the parser module for -+ the lifetime of this context, though the operation pointers need not point -+ into this module. -+ -+ The parser should also record a pointer to the key selected and take a -+ reference on that key with key_get(). -+ -+ - Functions are provided to register and unregister parsers: - - int register_crypto_key_parser(struct crypto_key_parser *parser); -diff --git a/include/keys/crypto-subtype.h b/include/keys/crypto-subtype.h -index fa87555..f2b927a 100644 ---- a/include/keys/crypto-subtype.h -+++ b/include/keys/crypto-subtype.h -@@ -20,6 +20,20 @@ - extern struct key_type key_type_crypto; - - /* -+ * Context base for signature verification methods. Allocated by the subtype -+ * and presumably embedded in something appropriate. -+ */ -+struct crypto_key_verify_context { -+ struct key *key; -+ struct crypto_key_parser *parser; -+ int (*add_data)(struct crypto_key_verify_context *ctx, -+ const void *data, size_t datalen); -+ int (*end)(struct crypto_key_verify_context *ctx, -+ const u8 *sig, size_t siglen); -+ void (*cancel)(struct crypto_key_verify_context *ctx); -+}; -+ -+/* - * Keys of this type declare a subtype that indicates the handlers and - * capabilities. - */ -@@ -48,6 +62,13 @@ struct crypto_key_parser { - * Return EBADMSG if not recognised. - */ - int (*instantiate)(struct key *key, const void *data, size_t datalen); -+ -+ /* Attempt to recognise a signature blob and find a matching key. -+ * -+ * Return EBADMSG if not recognised. -+ */ -+ struct crypto_key_verify_context *(*verify_sig_begin)( -+ struct key *keyring, const u8 *sig, size_t siglen); - }; - - extern int register_crypto_key_parser(struct crypto_key_parser *); -diff --git a/include/keys/crypto-type.h b/include/keys/crypto-type.h -index 47c00c7..6b93366 100644 ---- a/include/keys/crypto-type.h -+++ b/include/keys/crypto-type.h -@@ -18,6 +18,15 @@ - - extern struct key_type key_type_crypto; - -+struct crypto_key_verify_context; -+extern struct crypto_key_verify_context *verify_sig_begin( -+ struct key *key, const void *sig, size_t siglen); -+extern int verify_sig_add_data(struct crypto_key_verify_context *ctx, -+ const void *data, size_t datalen); -+extern int verify_sig_end(struct crypto_key_verify_context *ctx, -+ const void *sig, size_t siglen); -+extern void verify_sig_cancel(struct crypto_key_verify_context *ctx); -+ - /* - * The payload is at the discretion of the subtype. - */ -diff --git a/security/keys/crypto/Makefile b/security/keys/crypto/Makefile -index 36db1d5..67001bc 100644 ---- a/security/keys/crypto/Makefile -+++ b/security/keys/crypto/Makefile -@@ -4,4 +4,4 @@ - - obj-$(CONFIG_CRYPTO_KEY_TYPE) += crypto_keys.o - --crypto_keys-y := crypto_type.o -+crypto_keys-y := crypto_type.o crypto_verify.o -diff --git a/security/keys/crypto/crypto_verify.c b/security/keys/crypto/crypto_verify.c -new file mode 100644 -index 0000000..3f2964b ---- /dev/null -+++ b/security/keys/crypto/crypto_verify.c -@@ -0,0 +1,112 @@ -+/* Signature verification with a crypto key -+ * -+ * Copyright (C) 2011 Red Hat, Inc. All Rights Reserved. -+ * Written by David Howells (dhowells@redhat.com) -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public Licence -+ * as published by the Free Software Foundation; either version -+ * 2 of the Licence, or (at your option) any later version. -+ * -+ * See Documentation/security/keys-crypto.txt -+ */ -+ -+#include -+#include -+#include -+#include "crypto_keys.h" -+ -+/** -+ * verify_sig_begin - Initiate the use of a crypto key to verify a signature -+ * @keyring: The public keys to verify against -+ * @sig: The signature data -+ * @siglen: The signature length -+ * -+ * Returns a context or an error. -+ */ -+struct crypto_key_verify_context *verify_sig_begin( -+ struct key *keyring, const void *sig, size_t siglen) -+{ -+ struct crypto_key_verify_context *ret; -+ struct crypto_key_parser *parser; -+ -+ pr_devel("==>%s()\n", __func__); -+ -+ if (siglen == 0 || !sig) -+ return ERR_PTR(-EINVAL); -+ -+ down_read(&crypto_key_parsers_sem); -+ -+ ret = ERR_PTR(-EBADMSG); -+ list_for_each_entry(parser, &crypto_key_parsers, link) { -+ if (parser->verify_sig_begin) { -+ if (!try_module_get(parser->owner)) -+ continue; -+ -+ pr_debug("Trying parser '%s'\n", parser->name); -+ -+ ret = parser->verify_sig_begin(keyring, sig, siglen); -+ if (IS_ERR(ret)) -+ module_put(parser->owner); -+ else -+ ret->parser = parser; -+ if (ret != ERR_PTR(-EBADMSG)) { -+ pr_debug("Parser recognised the format" -+ " (ret %ld)\n", -+ PTR_ERR(ret)); -+ break; -+ } -+ } -+ } -+ -+ up_read(&crypto_key_parsers_sem); -+ pr_devel("<==%s() = %p\n", __func__, ret); -+ return ret; -+} -+EXPORT_SYMBOL_GPL(verify_sig_begin); -+ -+/** -+ * verify_sig_add_data - Incrementally provide data to be verified -+ * @ctx: The context from verify_sig_begin() -+ * @data: Data -+ * @datalen: The amount of @data -+ * -+ * This may be called multiple times. -+ */ -+int verify_sig_add_data(struct crypto_key_verify_context *ctx, -+ const void *data, size_t datalen) -+{ -+ return ctx->add_data(ctx, data, datalen); -+} -+EXPORT_SYMBOL_GPL(verify_sig_add_data); -+ -+/** -+ * verify_sig_end - Finalise signature verification and return result -+ * @ctx: The context from verify_sig_begin() -+ * @sig: The signature data -+ * @siglen: The signature length -+ */ -+int verify_sig_end(struct crypto_key_verify_context *ctx, -+ const void *sig, size_t siglen) -+{ -+ struct crypto_key_parser *parser = ctx->parser; -+ int ret; -+ -+ ret = ctx->end(ctx, sig, siglen); -+ module_put(parser->owner); -+ return ret; -+} -+EXPORT_SYMBOL_GPL(verify_sig_end); -+ -+/** -+ * verify_sig_end - Cancel signature verification -+ * @ctx: The context from verify_sig_begin() -+ */ -+void verify_sig_cancel(struct crypto_key_verify_context *ctx) -+{ -+ struct crypto_key_parser *parser = ctx->parser; -+ -+ ctx->cancel(ctx); -+ module_put(parser->owner); -+} -+EXPORT_SYMBOL_GPL(verify_sig_cancel); --- -1.7.11.2 - - -From a0fe6700fba7b7497cf137dc6a969d299ee59c67 Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 13:59:52 +0100 -Subject: [PATCH 04/28] KEYS: Asymmetric public-key algorithm crypto key - subtype - -Add a subtype for supporting asymmetric public-key encryption algorithms such -as DSA (FIPS-186) and RSA (PKCS#1 / RFC1337). - -Signed-off-by: David Howells ---- - security/keys/crypto/Kconfig | 10 ++++ - security/keys/crypto/Makefile | 3 +- - security/keys/crypto/public_key.c | 55 ++++++++++++++++++++ - security/keys/crypto/public_key.h | 106 ++++++++++++++++++++++++++++++++++++++ - 4 files changed, 173 insertions(+), 1 deletion(-) - create mode 100644 security/keys/crypto/public_key.c - create mode 100644 security/keys/crypto/public_key.h - -diff --git a/security/keys/crypto/Kconfig b/security/keys/crypto/Kconfig -index 3d15710..5f2b8ac 100644 ---- a/security/keys/crypto/Kconfig -+++ b/security/keys/crypto/Kconfig -@@ -5,3 +5,13 @@ config CRYPTO_KEY_TYPE - This option provides support for a type of key that holds the keys - required for cryptographic operations such as encryption, decryption, - signature generation and signature verification. -+ -+config CRYPTO_KEY_PUBLIC_KEY_SUBTYPE -+ tristate "Asymmetric public-key crypto algorithm subtype" -+ depends on CRYPTO_KEY_TYPE -+ select MPILIB -+ help -+ This option provides support for asymmetric public key type handling. -+ If signature generation and/or verification are to be used, -+ appropriate hash algorithms (such as SHA-1) must be available. -+ ENOPKG will be reported if the requisite algorithm is unavailable. -diff --git a/security/keys/crypto/Makefile b/security/keys/crypto/Makefile -index 67001bc..6384306 100644 ---- a/security/keys/crypto/Makefile -+++ b/security/keys/crypto/Makefile -@@ -3,5 +3,6 @@ - # - - obj-$(CONFIG_CRYPTO_KEY_TYPE) += crypto_keys.o -- - crypto_keys-y := crypto_type.o crypto_verify.o -+ -+obj-$(CONFIG_CRYPTO_KEY_PUBLIC_KEY_SUBTYPE) += public_key.o -diff --git a/security/keys/crypto/public_key.c b/security/keys/crypto/public_key.c -new file mode 100644 -index 0000000..c00ddac ---- /dev/null -+++ b/security/keys/crypto/public_key.c -@@ -0,0 +1,55 @@ -+/* Asymmetric public key crypto subtype -+ * -+ * Copyright (C) 2011 Red Hat, Inc. All Rights Reserved. -+ * Written by David Howells (dhowells@redhat.com) -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public Licence -+ * as published by the Free Software Foundation; either version -+ * 2 of the Licence, or (at your option) any later version. -+ */ -+ -+#define pr_fmt(fmt) "PKEY: "fmt -+#include -+#include -+#include "public_key.h" -+ -+MODULE_LICENSE("GPL"); -+ -+/* -+ * Provide a part of a description of the key for /proc/keys. -+ */ -+static void public_key_describe(const struct key *crypto_key, -+ struct seq_file *m) -+{ -+ struct public_key *key = crypto_key->payload.data; -+ -+ if (key) -+ seq_puts(m, key->algo->name); -+} -+ -+/* -+ * Destroy a public key algorithm key -+ */ -+static void public_key_destroy(void *payload) -+{ -+ struct public_key *key = payload; -+ int i; -+ -+ if (key) { -+ for (i = 0; i < ARRAY_SIZE(key->mpi); i++) -+ mpi_free(key->mpi[i]); -+ kfree(key); -+ } -+} -+ -+/* -+ * Public key algorithm crypto key subtype -+ */ -+struct crypto_key_subtype public_key_crypto_key_subtype = { -+ .owner = THIS_MODULE, -+ .name = "public_key", -+ .describe = public_key_describe, -+ .destroy = public_key_destroy, -+}; -+EXPORT_SYMBOL_GPL(public_key_crypto_key_subtype); -diff --git a/security/keys/crypto/public_key.h b/security/keys/crypto/public_key.h -new file mode 100644 -index 0000000..81ed603 ---- /dev/null -+++ b/security/keys/crypto/public_key.h -@@ -0,0 +1,106 @@ -+/* Asymmetric public-key algorithm definitions -+ * -+ * Copyright (C) 2011 Red Hat, Inc. All Rights Reserved. -+ * Written by David Howells (dhowells@redhat.com) -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public Licence -+ * as published by the Free Software Foundation; either version -+ * 2 of the Licence, or (at your option) any later version. -+ */ -+ -+#ifndef _LINUX_PUBLIC_KEY_H -+#define _LINUX_PUBLIC_KEY_H -+ -+#include -+#include -+#include -+ -+struct public_key; -+struct public_key_signature; -+ -+enum pkey_hash_algo { -+ PKEY_HASH_MD5, -+ PKEY_HASH_SHA1, -+ PKEY_HASH_RIPE_MD_160, -+ PKEY_HASH_SHA256, -+ PKEY_HASH_SHA384, -+ PKEY_HASH_SHA512, -+ PKEY_HASH_SHA224, -+ PKEY_HASH__LAST -+}; -+ -+/* -+ * Public key type definition -+ */ -+struct public_key_algorithm { -+ const char *name; -+ u8 n_pub_mpi; /* Number of MPIs in public key */ -+ u8 n_sec_mpi; /* Number of MPIs in secret key */ -+ u8 n_sig_mpi; /* Number of MPIs in a signature */ -+ int (*verify)(const struct public_key *key, -+ const struct public_key_signature *sig); -+}; -+ -+/* -+ * Asymmetric public key data -+ */ -+struct public_key { -+ const struct public_key_algorithm *algo; -+ u8 capabilities; -+#define PKEY_CAN_ENCRYPT 0x01 -+#define PKEY_CAN_DECRYPT 0x02 -+#define PKEY_CAN_ENCDEC (PKEY_CAN_ENCRYPT | PKEY_CAN_DECRYPT) -+#define PKEY_CAN_SIGN 0x04 -+#define PKEY_CAN_VERIFY 0x08 -+#define PKEY_CAN_SIGVER (PKEY_CAN_SIGN | PKEY_CAN_VERIFY) -+ union { -+ MPI mpi[5]; -+ struct { -+ MPI p; /* DSA prime */ -+ MPI q; /* DSA group order */ -+ MPI g; /* DSA group generator */ -+ MPI y; /* DSA public-key value = g^x mod p */ -+ MPI x; /* DSA secret exponent (if present) */ -+ } dsa; -+ struct { -+ MPI n; /* RSA public modulus */ -+ MPI e; /* RSA public encryption exponent */ -+ MPI d; /* RSA secret encryption exponent (if present) */ -+ MPI p; /* RSA secret prime (if present) */ -+ MPI q; /* RSA secret prime (if present) */ -+ } rsa; -+ }; -+ -+ u8 key_id[8]; /* ID of this key pair */ -+ u8 key_id_size; /* Number of bytes in key_id */ -+}; -+ -+/* -+ * Asymmetric public key algorithm signature data -+ */ -+struct public_key_signature { -+ struct crypto_key_verify_context base; -+ u8 *digest; -+ enum pkey_hash_algo pkey_hash_algo : 8; -+ u8 signed_hash_msw[2]; -+ u8 digest_size; /* Number of bytes in digest */ -+ union { -+ MPI mpi[2]; -+ struct { -+ MPI s; /* m^d mod n */ -+ } rsa; -+ struct { -+ MPI r; -+ MPI s; -+ } dsa; -+ }; -+ struct shash_desc hash; /* This must go last! */ -+}; -+ -+extern struct crypto_key_verify_context *pgp_pkey_verify_sig_begin( -+ struct key *crypto_key, const u8 *sigdata, size_t siglen); -+ -+extern struct crypto_key_subtype public_key_crypto_key_subtype; -+ -+#endif /* _LINUX_PUBLIC_KEY_H */ --- -1.7.11.2 - - -From 39eaf7c28e0ca07dcb5e1e2a12db62815890f0e7 Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 14:10:37 +0100 -Subject: [PATCH 05/28] MPILIB: Reinstate mpi_cmp[_ui]() and export for RSA - signature verification - -Reinstate and export mpi_cmp() and mpi_cmp_ui() from the MPI library for use by -RSA signature verification as per RFC3447 section 5.2.2 step 1. - -Signed-off-by: David Howells ---- - lib/mpi/Makefile | 1 + - lib/mpi/mpi-cmp.c | 70 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ - 2 files changed, 71 insertions(+) - create mode 100644 lib/mpi/mpi-cmp.c - -diff --git a/lib/mpi/Makefile b/lib/mpi/Makefile -index 45ca90a..019a68c 100644 ---- a/lib/mpi/Makefile -+++ b/lib/mpi/Makefile -@@ -14,6 +14,7 @@ mpi-y = \ - generic_mpih-add1.o \ - mpicoder.o \ - mpi-bit.o \ -+ mpi-cmp.o \ - mpih-cmp.o \ - mpih-div.o \ - mpih-mul.o \ -diff --git a/lib/mpi/mpi-cmp.c b/lib/mpi/mpi-cmp.c -new file mode 100644 -index 0000000..1871e7b ---- /dev/null -+++ b/lib/mpi/mpi-cmp.c -@@ -0,0 +1,70 @@ -+/* mpi-cmp.c - MPI functions -+ * Copyright (C) 1998, 1999 Free Software Foundation, Inc. -+ * -+ * This file is part of GnuPG. -+ * -+ * GnuPG is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 2 of the License, or -+ * (at your option) any later version. -+ * -+ * GnuPG is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA -+ */ -+ -+#include "mpi-internal.h" -+ -+int mpi_cmp_ui(MPI u, unsigned long v) -+{ -+ mpi_limb_t limb = v; -+ -+ mpi_normalize(u); -+ if (!u->nlimbs && !limb) -+ return 0; -+ if (u->sign) -+ return -1; -+ if (u->nlimbs > 1) -+ return 1; -+ -+ if (u->d[0] == limb) -+ return 0; -+ else if (u->d[0] > limb) -+ return 1; -+ else -+ return -1; -+} -+EXPORT_SYMBOL_GPL(mpi_cmp_ui); -+ -+int mpi_cmp(MPI u, MPI v) -+{ -+ mpi_size_t usize, vsize; -+ int cmp; -+ -+ mpi_normalize(u); -+ mpi_normalize(v); -+ usize = u->nlimbs; -+ vsize = v->nlimbs; -+ if (!u->sign && v->sign) -+ return 1; -+ if (u->sign && !v->sign) -+ return -1; -+ if (usize != vsize && !u->sign && !v->sign) -+ return usize - vsize; -+ if (usize != vsize && u->sign && v->sign) -+ return vsize + usize; -+ if (!usize) -+ return 0; -+ cmp = mpihelp_cmp(u->d, v->d, usize); -+ if (!cmp) -+ return 0; -+ if ((cmp < 0 ? 1 : 0) == (u->sign ? 1 : 0)) -+ return 1; -+ return -1; -+} -+EXPORT_SYMBOL_GPL(mpi_cmp); --- -1.7.11.2 - - -From c995ac0765cfffe9b293327717e080c2cd253779 Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 14:10:39 +0100 -Subject: [PATCH 06/28] KEYS: RSA: Implement signature verification algorithm - [PKCS#1 / RFC3447] - -Implement RSA public key cryptography [PKCS#1 / RFC3447]. At this time, only -the signature verification algorithm is supported. This uses the asymmetric -public key subtype to hold its key data. - -Signed-off-by: David Howells ---- - security/keys/crypto/Kconfig | 7 + - security/keys/crypto/Makefile | 1 + - security/keys/crypto/crypto_rsa.c | 264 ++++++++++++++++++++++++++++++++++++++ - security/keys/crypto/public_key.h | 2 + - 4 files changed, 274 insertions(+) - create mode 100644 security/keys/crypto/crypto_rsa.c - -diff --git a/security/keys/crypto/Kconfig b/security/keys/crypto/Kconfig -index 5f2b8ac..4e3777e 100644 ---- a/security/keys/crypto/Kconfig -+++ b/security/keys/crypto/Kconfig -@@ -15,3 +15,10 @@ config CRYPTO_KEY_PUBLIC_KEY_SUBTYPE - If signature generation and/or verification are to be used, - appropriate hash algorithms (such as SHA-1) must be available. - ENOPKG will be reported if the requisite algorithm is unavailable. -+ -+config CRYPTO_KEY_PKEY_ALGO_RSA -+ tristate "RSA public-key algorithm" -+ depends on CRYPTO_KEY_PUBLIC_KEY_SUBTYPE -+ select MPILIB_EXTRA -+ help -+ This option enables support for the RSA algorithm (PKCS#1, RFC3447). -diff --git a/security/keys/crypto/Makefile b/security/keys/crypto/Makefile -index 6384306..b6b1a5a 100644 ---- a/security/keys/crypto/Makefile -+++ b/security/keys/crypto/Makefile -@@ -6,3 +6,4 @@ obj-$(CONFIG_CRYPTO_KEY_TYPE) += crypto_keys.o - crypto_keys-y := crypto_type.o crypto_verify.o - - obj-$(CONFIG_CRYPTO_KEY_PUBLIC_KEY_SUBTYPE) += public_key.o -+obj-$(CONFIG_CRYPTO_KEY_PKEY_ALGO_RSA) += crypto_rsa.o -diff --git a/security/keys/crypto/crypto_rsa.c b/security/keys/crypto/crypto_rsa.c -new file mode 100644 -index 0000000..845285c ---- /dev/null -+++ b/security/keys/crypto/crypto_rsa.c -@@ -0,0 +1,264 @@ -+/* RSA asymmetric public-key algorithm [RFC3447] -+ * -+ * Copyright (C) 2011 Red Hat, Inc. All Rights Reserved. -+ * Written by David Howells (dhowells@redhat.com) -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public Licence -+ * as published by the Free Software Foundation; either version -+ * 2 of the Licence, or (at your option) any later version. -+ */ -+ -+#define pr_fmt(fmt) "RSA: "fmt -+#include -+#include -+#include "public_key.h" -+ -+MODULE_LICENSE("GPL"); -+ -+#define kenter(FMT, ...) \ -+ pr_devel("==> %s("FMT")\n", __func__, ##__VA_ARGS__) -+#define kleave(FMT, ...) \ -+ pr_devel("<== %s()"FMT"\n", __func__, ##__VA_ARGS__) -+ -+/* -+ * Hash algorithm OIDs plus ASN.1 DER wrappings [RFC4880 sec 5.2.2]. -+ */ -+static const u8 RSA_digest_info_MD5[] = { -+ 0x30, 0x20, 0x30, 0x0C, 0x06, 0x08, -+ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x05, /* OID */ -+ 0x05, 0x00, 0x04, 0x10 -+}; -+ -+static const u8 RSA_digest_info_SHA1[] = { -+ 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, -+ 0x2B, 0x0E, 0x03, 0x02, 0x1A, -+ 0x05, 0x00, 0x04, 0x14 -+}; -+ -+static const u8 RSA_digest_info_RIPE_MD_160[] = { -+ 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, -+ 0x2B, 0x24, 0x03, 0x02, 0x01, -+ 0x05, 0x00, 0x04, 0x14 -+}; -+ -+static const u8 RSA_digest_info_SHA224[] = { -+ 0x30, 0x2d, 0x30, 0x0d, 0x06, 0x09, -+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04, -+ 0x05, 0x00, 0x04, 0x1C -+}; -+ -+static const u8 RSA_digest_info_SHA256[] = { -+ 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, -+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, -+ 0x05, 0x00, 0x04, 0x20 -+}; -+ -+static const u8 RSA_digest_info_SHA384[] = { -+ 0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, -+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, -+ 0x05, 0x00, 0x04, 0x30 -+}; -+ -+static const u8 RSA_digest_info_SHA512[] = { -+ 0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, -+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, -+ 0x05, 0x00, 0x04, 0x40 -+}; -+ -+static const struct { -+ const u8 *data; -+ size_t size; -+} RSA_ASN1_templates[PKEY_HASH__LAST] = { -+#define _(X) { RSA_digest_info_##X, sizeof(RSA_digest_info_##X) } -+ [PKEY_HASH_MD5] = _(MD5), -+ [PKEY_HASH_SHA1] = _(SHA1), -+ [PKEY_HASH_RIPE_MD_160] = _(RIPE_MD_160), -+ [PKEY_HASH_SHA256] = _(SHA256), -+ [PKEY_HASH_SHA384] = _(SHA384), -+ [PKEY_HASH_SHA512] = _(SHA512), -+ [PKEY_HASH_SHA224] = _(SHA224), -+#undef _ -+}; -+ -+/* -+ * RSAVP1() function [RFC3447 sec 5.2.2] -+ */ -+static int RSAVP1(const struct public_key *key, MPI s, MPI *_m) -+{ -+ MPI m; -+ int ret; -+ -+ /* (1) Validate 0 <= s < n */ -+ if (mpi_cmp_ui(s, 0) < 0) { -+ kleave(" = -EBADMSG [s < 0]"); -+ return -EBADMSG; -+ } -+ if (mpi_cmp(s, key->rsa.n) >= 0) { -+ kleave(" = -EBADMSG [s >= n]"); -+ return -EBADMSG; -+ } -+ -+ m = mpi_alloc(0); -+ if (!m) -+ return -ENOMEM; -+ -+ /* (2) m = s^e mod n */ -+ ret = mpi_powm(m, s, key->rsa.e, key->rsa.n); -+ if (ret < 0) { -+ mpi_free(m); -+ return ret; -+ } -+ -+ *_m = m; -+ return 0; -+} -+ -+/* -+ * Integer to Octet String conversion [RFC3447 sec 4.1] -+ */ -+static int RSA_I2OSP(MPI x, size_t xLen, u8 **_X) -+{ -+ unsigned X_size, x_size; -+ int X_sign; -+ u8 *X; -+ -+ /* Make sure the string is the right length. The number should begin -+ * with { 0x00, 0x01, ... } so we have to account for 15 leading zero -+ * bits not being reported by MPI. -+ */ -+ x_size = mpi_get_nbits(x); -+ pr_devel("size(x)=%u xLen*8=%zu\n", x_size, xLen * 8); -+ if (x_size != xLen * 8 - 15) -+ return -ERANGE; -+ -+ X = mpi_get_buffer(x, &X_size, &X_sign); -+ if (!X) -+ return -ENOMEM; -+ if (X_sign < 0) { -+ kfree(X); -+ return -EBADMSG; -+ } -+ if (X_size != xLen - 1) { -+ kfree(X); -+ return -EBADMSG; -+ } -+ -+ *_X = X; -+ return 0; -+} -+ -+/* -+ * Perform the RSA signature verification. -+ * @H: Value of hash of data and metadata -+ * @EM: The computed signature value -+ * @k: The size of EM (EM[0] is an invalid location but should hold 0x00) -+ * @hash_size: The size of H -+ * @asn1_template: The DigestInfo ASN.1 template -+ * @asn1_size: Size of asm1_template[] -+ */ -+static int RSA_verify(const u8 *H, const u8 *EM, size_t k, size_t hash_size, -+ const u8 *asn1_template, size_t asn1_size) -+{ -+ unsigned PS_end, T_offset, i; -+ -+ kenter(",,%zu,%zu,%zu", k, hash_size, asn1_size); -+ -+ if (k < 2 + 1 + asn1_size + hash_size) -+ return -EBADMSG; -+ -+ /* Decode the EMSA-PKCS1-v1_5 */ -+ if (EM[1] != 0x01) { -+ kleave(" = -EBADMSG [EM[1] == %02u]", EM[1]); -+ return -EBADMSG; -+ } -+ -+ T_offset = k - (asn1_size + hash_size); -+ PS_end = T_offset - 1; -+ if (EM[PS_end] != 0x00) { -+ kleave(" = -EBADMSG [EM[T-1] == %02u]", EM[PS_end]); -+ return -EBADMSG; -+ } -+ -+ for (i = 2; i < PS_end; i++) { -+ if (EM[i] != 0xff) { -+ kleave(" = -EBADMSG [EM[PS%x] == %02u]", i - 2, EM[i]); -+ return -EBADMSG; -+ } -+ } -+ -+ if (memcmp(asn1_template, EM + T_offset, asn1_size) != 0) { -+ kleave(" = -EBADMSG [EM[T] ASN.1 mismatch]"); -+ return -EBADMSG; -+ } -+ -+ if (memcmp(H, EM + T_offset + asn1_size, hash_size) != 0) { -+ kleave(" = -EKEYREJECTED [EM[T] hash mismatch]"); -+ return -EKEYREJECTED; -+ } -+ -+ kleave(" = 0"); -+ return 0; -+} -+ -+/* -+ * Perform the verification step [RFC3447 sec 8.2.2]. -+ */ -+static int RSA_verify_signature(const struct public_key *key, -+ const struct public_key_signature *sig) -+{ -+ size_t tsize; -+ int ret; -+ -+ /* Variables as per RFC3447 sec 8.2.2 */ -+ const u8 *H = sig->digest; -+ u8 *EM = NULL; -+ MPI m = NULL; -+ size_t k; -+ -+ kenter(""); -+ -+ /* (1) Check the signature size against the public key modulus size */ -+ k = (mpi_get_nbits(key->rsa.n) + 7) / 8; -+ -+ tsize = (mpi_get_nbits(sig->rsa.s) + 7) / 8; -+ pr_devel("step 1: k=%zu size(S)=%zu\n", k, tsize); -+ if (tsize != k) { -+ ret = -EBADMSG; -+ goto error; -+ } -+ -+ /* (2b) Apply the RSAVP1 verification primitive to the public key */ -+ ret = RSAVP1(key, sig->rsa.s, &m); -+ if (ret < 0) -+ goto error; -+ -+ /* (2c) Convert the message representative (m) to an encoded message -+ * (EM) of length k octets. -+ * -+ * NOTE! The leading zero byte is suppressed by MPI, so we pass a -+ * pointer to the _preceding_ byte to RSA_verify()! -+ */ -+ ret = RSA_I2OSP(m, k, &EM); -+ if (ret < 0) -+ goto error; -+ -+ ret = RSA_verify(H, EM - 1, k, sig->digest_size, -+ RSA_ASN1_templates[sig->pkey_hash_algo].data, -+ RSA_ASN1_templates[sig->pkey_hash_algo].size); -+ -+error: -+ kfree(EM); -+ mpi_free(m); -+ kleave(" = %d", ret); -+ return ret; -+} -+ -+const struct public_key_algorithm RSA_public_key_algorithm = { -+ .name = "RSA", -+ .n_pub_mpi = 2, -+ .n_sec_mpi = 3, -+ .n_sig_mpi = 1, -+ .verify = RSA_verify_signature, -+}; -+EXPORT_SYMBOL_GPL(RSA_public_key_algorithm); -diff --git a/security/keys/crypto/public_key.h b/security/keys/crypto/public_key.h -index 81ed603..7913615 100644 ---- a/security/keys/crypto/public_key.h -+++ b/security/keys/crypto/public_key.h -@@ -42,6 +42,8 @@ struct public_key_algorithm { - const struct public_key_signature *sig); - }; - -+extern const struct public_key_algorithm RSA_public_key_algorithm; -+ - /* - * Asymmetric public key data - */ --- -1.7.11.2 - - -From d9acf3806acdc9ab5e26a1c604989070a7ae6840 Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 14:11:19 +0100 -Subject: [PATCH 07/28] KEYS: RSA: Fix signature verification for shorter - signatures - -gpg can produce a signature file where length of signature is less than the -modulus size because the amount of space an MPI takes up is kept as low as -possible by discarding leading zeros. This regularly happens for several -modules during the build. - -Fix it by relaxing check in RSA verification code. - -Thanks to Tomas Mraz and Miloslav Trmac for help. - -Signed-off-by: Milan Broz -Signed-off-by: David Howells ---- - security/keys/crypto/crypto_rsa.c | 14 +++++++++++--- - 1 file changed, 11 insertions(+), 3 deletions(-) - -diff --git a/security/keys/crypto/crypto_rsa.c b/security/keys/crypto/crypto_rsa.c -index 845285c..a4a63be 100644 ---- a/security/keys/crypto/crypto_rsa.c -+++ b/security/keys/crypto/crypto_rsa.c -@@ -219,15 +219,23 @@ static int RSA_verify_signature(const struct public_key *key, - kenter(""); - - /* (1) Check the signature size against the public key modulus size */ -- k = (mpi_get_nbits(key->rsa.n) + 7) / 8; -+ k = mpi_get_nbits(key->rsa.n); -+ tsize = mpi_get_nbits(sig->rsa.s); - -- tsize = (mpi_get_nbits(sig->rsa.s) + 7) / 8; -+ /* According to RFC 4880 sec 3.2, length of MPI is computed starting -+ * from most significant bit. So the RFC 3447 sec 8.2.2 size check -+ * must be relaxed to conform with shorter signatures - so we fail here -+ * only if signature length is longer than modulus size. -+ */ - pr_devel("step 1: k=%zu size(S)=%zu\n", k, tsize); -- if (tsize != k) { -+ if (k < tsize) { - ret = -EBADMSG; - goto error; - } - -+ /* Round up and convert to octets */ -+ k = (k + 7) / 8; -+ - /* (2b) Apply the RSAVP1 verification primitive to the public key */ - ret = RSAVP1(key, sig->rsa.s, &m); - if (ret < 0) --- -1.7.11.2 - - -From 9a2a2b1faa27be883b3aa2c47bbc367bd1a1f653 Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 14:11:19 +0100 -Subject: [PATCH 08/28] PGPLIB: PGP definitions (RFC 4880) - -Provide some useful PGP definitions from RFC 4880. These describe details of -public key crypto as used by crypto keys for things like signature -verification. - -Signed-off-by: David Howells ---- - include/linux/pgp.h | 206 ++++++++++++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 206 insertions(+) - create mode 100644 include/linux/pgp.h - -diff --git a/include/linux/pgp.h b/include/linux/pgp.h -new file mode 100644 -index 0000000..1359f64 ---- /dev/null -+++ b/include/linux/pgp.h -@@ -0,0 +1,206 @@ -+/* PGP definitions (RFC 4880) -+ * -+ * Copyright (C) 2011 Red Hat, Inc. All Rights Reserved. -+ * Written by David Howells (dhowells@redhat.com) -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public Licence -+ * as published by the Free Software Foundation; either version -+ * 2 of the Licence, or (at your option) any later version. -+ */ -+ -+#ifndef _LINUX_PGP_H -+#define _LINUX_PGP_H -+ -+#include -+ -+struct pgp_key_ID { -+ u8 id[8]; -+}; -+ -+struct pgp_time { -+ u8 time[4]; -+}; -+ -+/* -+ * PGP public-key algorithm identifiers [RFC4880: 9.1] -+ */ -+enum pgp_pubkey_algo { -+ PGP_PUBKEY_RSA_ENC_OR_SIG = 1, -+ PGP_PUBKEY_RSA_ENC_ONLY = 2, -+ PGP_PUBKEY_RSA_SIG_ONLY = 3, -+ PGP_PUBKEY_ELGAMAL = 16, -+ PGP_PUBKEY_DSA = 17, -+ PGP_PUBKEY__LAST -+}; -+ -+/* -+ * PGP symmetric-key algorithm identifiers [RFC4880: 9.2] -+ */ -+enum pgp_symkey_algo { -+ PGP_SYMKEY_PLAINTEXT = 0, -+ PGP_SYMKEY_IDEA = 1, -+ PGP_SYMKEY_3DES = 2, -+ PGP_SYMKEY_CAST5 = 3, -+ PGP_SYMKEY_BLOWFISH = 4, -+ PGP_SYMKEY_AES_128KEY = 7, -+ PGP_SYMKEY_AES_192KEY = 8, -+ PGP_SYMKEY_AES_256KEY = 9, -+ PGP_SYMKEY_TWOFISH_256KEY = 10, -+}; -+ -+/* -+ * PGP compression algorithm identifiers [RFC4880: 9.3] -+ */ -+enum pgp_compr_algo { -+ PGP_COMPR_UNCOMPRESSED = 0, -+ PGP_COMPR_ZIP = 1, -+ PGP_COMPR_ZLIB = 2, -+ PGP_COMPR_BZIP2 = 3, -+}; -+ -+/* -+ * PGP hash algorithm identifiers [RFC4880: 9.4] -+ */ -+enum pgp_hash_algo { -+ PGP_HASH_MD5 = 1, -+ PGP_HASH_SHA1 = 2, -+ PGP_HASH_RIPE_MD_160 = 3, -+ PGP_HASH_SHA256 = 8, -+ PGP_HASH_SHA384 = 9, -+ PGP_HASH_SHA512 = 10, -+ PGP_HASH_SHA224 = 11, -+ PGP_HASH__LAST -+}; -+ -+extern const char *const pgp_hash_algorithms[PGP_HASH__LAST]; -+ -+/* -+ * PGP packet type tags [RFC4880: 4.3]. -+ */ -+enum pgp_packet_tag { -+ PGP_PKT_RESERVED = 0, -+ PGP_PKT_PUBKEY_ENC_SESSION_KEY = 1, -+ PGP_PKT_SIGNATURE = 2, -+ PGP_PKT_SYMKEY_ENC_SESSION_KEY = 3, -+ PGP_PKT_ONEPASS_SIGNATURE = 4, -+ PGP_PKT_SECRET_KEY = 5, -+ PGP_PKT_PUBLIC_KEY = 6, -+ PGP_PKT_SECRET_SUBKEY = 7, -+ PGP_PKT_COMPRESSED_DATA = 8, -+ PGP_PKT_SYM_ENC_DATA = 9, -+ PGP_PKT_MARKER = 10, -+ PGP_PKT_LITERAL_DATA = 11, -+ PGP_PKT_TRUST = 12, -+ PGP_PKT_USER_ID = 13, -+ PGP_PKT_PUBLIC_SUBKEY = 14, -+ PGP_PKT_USER_ATTRIBUTE = 17, -+ PGP_PKT_SYM_ENC_AND_INTEG_DATA = 18, -+ PGP_PKT_MODIFY_DETECT_CODE = 19, -+ PGP_PKT_PRIVATE_0 = 60, -+ PGP_PKT_PRIVATE_3 = 63, -+ PGP_PKT__HIGHEST = 63 -+}; -+ -+/* -+ * Signature (tag 2) packet [RFC4880: 5.2]. -+ */ -+enum pgp_signature_version { -+ PGP_SIG_VERSION_3 = 3, -+ PGP_SIG_VERSION_4 = 4, -+}; -+ -+enum pgp_signature_type { -+ PGP_SIG_BINARY_DOCUMENT_SIG = 0x00, -+ PGP_SIG_CANONICAL_TEXT_DOCUMENT_SIG = 0x01, -+ PGP_SIG_STANDALONE_SIG = 0x02, -+ PGP_SIG_GENERAL_CERT_OF_UID_PUBKEY = 0x10, -+ PGP_SIG_PERSONAL_CERT_OF_UID_PUBKEY = 0x11, -+ PGP_SIG_CASUAL_CERT_OF_UID_PUBKEY = 0x12, -+ PGP_SIG_POSTITIVE_CERT_OF_UID_PUBKEY = 0x13, -+ PGP_SIG_SUBKEY_BINDING_SIG = 0x18, -+ PGP_SIG_PRIMARY_KEY_BINDING_SIG = 0x19, -+ PGP_SIG_DIRECTLY_ON_KEY = 0x1F, -+ PGP_SIG_KEY_REVOCATION_SIG = 0x20, -+ PGP_SIG_SUBKEY_REVOCATION_SIG = 0x28, -+ PGP_SIG_CERT_REVOCATION_SIG = 0x30, -+ PGP_SIG_TIMESTAMP_SIG = 0x40, -+ PGP_SIG_THIRD_PARTY_CONFIRM_SIG = 0x50, -+}; -+ -+struct pgp_signature_v3_packet { -+ enum pgp_signature_version version : 8; /* == PGP_SIG_VERSION_3 */ -+ u8 length_of_hashed; /* == 5 */ -+ struct { -+ enum pgp_signature_type signature_type : 8; -+ struct pgp_time creation_time; -+ } hashed; -+ struct pgp_key_ID issuer; -+ enum pgp_pubkey_algo pubkey_algo : 8; -+ enum pgp_hash_algo hash_algo : 8; -+} __packed; -+ -+struct pgp_signature_v4_packet { -+ enum pgp_signature_version version : 8; /* == PGP_SIG_VERSION_4 */ -+ enum pgp_signature_type signature_type : 8; -+ enum pgp_pubkey_algo pubkey_algo : 8; -+ enum pgp_hash_algo hash_algo : 8; -+} __packed; -+ -+/* -+ * V4 signature subpacket types [RFC4880: 5.2.3.1]. -+ */ -+enum pgp_sig_subpkt_type { -+ PGP_SIG_CREATION_TIME = 2, -+ PGP_SIG_EXPIRATION_TIME = 3, -+ PGP_SIG_EXPORTABLE_CERT = 4, -+ PGP_SIG_TRUST_SIG = 5, -+ PGP_SIG_REGEXP = 6, -+ PGP_SIG_REVOCABLE = 7, -+ PGP_SIG_KEY_EXPIRATION_TIME = 9, -+ PGP_SIG_PREF_SYM_ALGO = 11, -+ PGP_SIG_REVOCATION_KEY = 12, -+ PGP_SIG_ISSUER = 16, -+ PGP_SIG_NOTATION_DATA = 20, -+ PGP_SIG_PREF_HASH_ALGO = 21, -+ PGP_SIG_PREF_COMPR_ALGO = 22, -+ PGP_SIG_KEY_SERVER_PREFS = 23, -+ PGP_SIG_PREF_KEY_SERVER = 24, -+ PGP_SIG_PRIMARY_USER_ID = 25, -+ PGP_SIG_POLICY_URI = 26, -+ PGP_SIG_KEY_FLAGS = 27, -+ PGP_SIG_SIGNERS_USER_ID = 28, -+ PGP_SIG_REASON_FOR_REVOCATION = 29, -+ PGP_SIG_FEATURES = 30, -+ PGP_SIG_TARGET = 31, -+ PGP_SIG_EMBEDDED_SIG = 32, -+ PGP_SIG__LAST -+}; -+ -+#define PGP_SIG_SUBPKT_TYPE_CRITICAL_MASK 0x80 -+ -+/* -+ * Key (tag 5, 6, 7 and 14) packet -+ */ -+enum pgp_key_version { -+ PGP_KEY_VERSION_2 = 2, -+ PGP_KEY_VERSION_3 = 3, -+ PGP_KEY_VERSION_4 = 4, -+}; -+ -+struct pgp_key_v3_packet { -+ enum pgp_key_version version : 8; -+ struct pgp_time creation_time; -+ u8 expiry[2]; /* 0 or time in days till expiry */ -+ enum pgp_pubkey_algo pubkey_algo : 8; -+ u8 key_material[0]; -+} __packed; -+ -+struct pgp_key_v4_packet { -+ enum pgp_key_version version : 8; -+ struct pgp_time creation_time; -+ enum pgp_pubkey_algo pubkey_algo : 8; -+ u8 key_material[0]; -+} __packed; -+ -+#endif /* _LINUX_PGP_H */ --- -1.7.11.2 - - -From 0b8ec95fe7220288c143a820b8d8996c356129f1 Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 14:11:20 +0100 -Subject: [PATCH 09/28] PGPLIB: Basic packet parser - -Provide a simple parser that extracts the packets from a PGP packet blob and -passes the desirous ones to the given processor function: - - struct pgp_parse_context { - u64 types_of_interest; - int (*process_packet)(struct pgp_parse_context *context, - enum pgp_packet_tag type, - u8 headerlen, - const u8 *data, - size_t datalen); - }; - - int pgp_parse_packets(const u8 *data, size_t datalen, - struct pgp_parse_context *ctx); - -This is configured on with CONFIG_PGP_LIBRARY. - -Signed-off-by: David Howells ---- - include/linux/pgplib.h | 47 +++++++ - security/keys/crypto/Kconfig | 6 + - security/keys/crypto/Makefile | 1 + - security/keys/crypto/pgp_library.c | 268 +++++++++++++++++++++++++++++++++++++ - 4 files changed, 322 insertions(+) - create mode 100644 include/linux/pgplib.h - create mode 100644 security/keys/crypto/pgp_library.c - -diff --git a/include/linux/pgplib.h b/include/linux/pgplib.h -new file mode 100644 -index 0000000..a045b3a ---- /dev/null -+++ b/include/linux/pgplib.h -@@ -0,0 +1,47 @@ -+/* PGP library definitions (RFC 4880) -+ * -+ * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. -+ * Written by David Howells (dhowells@redhat.com) -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public Licence -+ * as published by the Free Software Foundation; either version -+ * 2 of the Licence, or (at your option) any later version. -+ */ -+ -+#ifndef _LINUX_PGPLIB_H -+#define _LINUX_PGPLIB_H -+ -+#if defined(CONFIG_PGP_LIBRARY) || defined(CONFIG_PGP_LIBRARY_MODULE) -+ -+#include -+ -+/* -+ * PGP library packet parser -+ */ -+struct pgp_parse_context { -+ u64 types_of_interest; -+ int (*process_packet)(struct pgp_parse_context *context, -+ enum pgp_packet_tag type, -+ u8 headerlen, -+ const u8 *data, -+ size_t datalen); -+}; -+ -+extern int pgp_parse_packets(const u8 *data, size_t datalen, -+ struct pgp_parse_context *ctx); -+ -+struct pgp_parse_pubkey { -+ enum pgp_key_version version : 8; -+ enum pgp_pubkey_algo pubkey_algo : 8; -+ time_t creation_time; -+ time_t expires_at; -+}; -+ -+extern int pgp_parse_public_key(const u8 **_data, size_t *_datalen, -+ struct pgp_parse_pubkey *pk); -+ -+ -+#endif /* CONFIG_PGP_LIBRARY */ -+ -+#endif /* _LINUX_PGPLIB_H */ -diff --git a/security/keys/crypto/Kconfig b/security/keys/crypto/Kconfig -index 4e3777e..88ce0e2 100644 ---- a/security/keys/crypto/Kconfig -+++ b/security/keys/crypto/Kconfig -@@ -22,3 +22,9 @@ config CRYPTO_KEY_PKEY_ALGO_RSA - select MPILIB_EXTRA - help - This option enables support for the RSA algorithm (PKCS#1, RFC3447). -+ -+config PGP_LIBRARY -+ tristate "PGP parsing library" -+ help -+ This option enables a library that provides a number of simple -+ utility functions for parsing PGP (RFC 4880) packet-based messages. -diff --git a/security/keys/crypto/Makefile b/security/keys/crypto/Makefile -index b6b1a5a..5fbe54e 100644 ---- a/security/keys/crypto/Makefile -+++ b/security/keys/crypto/Makefile -@@ -7,3 +7,4 @@ crypto_keys-y := crypto_type.o crypto_verify.o - - obj-$(CONFIG_CRYPTO_KEY_PUBLIC_KEY_SUBTYPE) += public_key.o - obj-$(CONFIG_CRYPTO_KEY_PKEY_ALGO_RSA) += crypto_rsa.o -+obj-$(CONFIG_PGP_LIBRARY) += pgp_library.o -diff --git a/security/keys/crypto/pgp_library.c b/security/keys/crypto/pgp_library.c -new file mode 100644 -index 0000000..af396d6 ---- /dev/null -+++ b/security/keys/crypto/pgp_library.c -@@ -0,0 +1,268 @@ -+/* PGP packet parser (RFC 4880) -+ * -+ * Copyright (C) 2011 Red Hat, Inc. All Rights Reserved. -+ * Written by David Howells (dhowells@redhat.com) -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public Licence -+ * as published by the Free Software Foundation; either version -+ * 2 of the Licence, or (at your option) any later version. -+ */ -+#define pr_fmt(fmt) "PGP: "fmt -+#include -+#include -+#include -+#include -+ -+MODULE_LICENSE("GPL"); -+ -+const char *const pgp_hash_algorithms[PGP_HASH__LAST] = { -+ [PGP_HASH_MD5] = "md5", -+ [PGP_HASH_SHA1] = "sha1", -+ [PGP_HASH_RIPE_MD_160] = "rmd160", -+ [PGP_HASH_SHA256] = "sha256", -+ [PGP_HASH_SHA384] = "sha384", -+ [PGP_HASH_SHA512] = "sha512", -+ [PGP_HASH_SHA224] = "sha224", -+}; -+EXPORT_SYMBOL_GPL(pgp_hash_algorithms); -+ -+/** -+ * pgp_parse_packet_header - Parse a PGP packet header -+ * @_data: Start of the PGP packet (updated to PGP packet data) -+ * @_datalen: Amount of data remaining in buffer (decreased) -+ * @_type: Where the packet type will be returned -+ * @_headerlen: Where the header length will be returned -+ * -+ * Parse a set of PGP packet header [RFC 4880: 4.2]. -+ * -+ * Returns packet data size on success; non-zero on error. If successful, -+ * *_data and *_datalen will have been updated and *_headerlen will be set to -+ * hold the length of the packet header. -+ */ -+static ssize_t pgp_parse_packet_header(const u8 **_data, size_t *_datalen, -+ enum pgp_packet_tag *_type, -+ u8 *_headerlen) -+{ -+ enum pgp_packet_tag type; -+ const u8 *data = *_data; -+ size_t size, datalen = *_datalen; -+ -+ pr_devel("-->pgp_parse_packet_header(,%zu,,)", datalen); -+ -+ if (datalen < 2) -+ goto short_packet; -+ -+ pr_devel("pkthdr %02x, %02x\n", data[0], data[1]); -+ -+ type = *data++; -+ datalen--; -+ if (!(type & 0x80)) { -+ pr_debug("Packet type does not have MSB set\n"); -+ return -EBADMSG; -+ } -+ type &= ~0x80; -+ -+ if (type & 0x40) { -+ /* New packet length format */ -+ type &= ~0x40; -+ pr_devel("new format: t=%u\n", type); -+ switch (data[0]) { -+ case 0x00 ... 0xbf: -+ /* One-byte length */ -+ size = data[0]; -+ data++; -+ datalen--; -+ *_headerlen = 2; -+ break; -+ case 0xc0 ... 0xdf: -+ /* Two-byte length */ -+ if (datalen < 2) -+ goto short_packet; -+ size = (data[0] - 192) * 256; -+ size += data[1] + 192; -+ data += 2; -+ datalen -= 2; -+ *_headerlen = 3; -+ break; -+ case 0xff: -+ /* Five-byte length */ -+ if (datalen < 5) -+ goto short_packet; -+ size = data[1] << 24; -+ size |= data[2] << 16; -+ size |= data[3] << 8; -+ size |= data[4]; -+ data += 5; -+ datalen -= 5; -+ *_headerlen = 6; -+ break; -+ default: -+ pr_debug("Partial body length packet not supported\n"); -+ return -EBADMSG; -+ } -+ } else { -+ /* Old packet length format */ -+ u8 length_type = type & 0x03; -+ type >>= 2; -+ pr_devel("old format: t=%u lt=%u\n", type, length_type); -+ -+ switch (length_type) { -+ case 0: -+ /* One-byte length */ -+ size = data[0]; -+ data++; -+ datalen--; -+ *_headerlen = 2; -+ break; -+ case 1: -+ /* Two-byte length */ -+ if (datalen < 2) -+ goto short_packet; -+ size = data[0] << 8; -+ size |= data[1]; -+ data += 2; -+ datalen -= 2; -+ *_headerlen = 3; -+ break; -+ case 2: -+ /* Four-byte length */ -+ if (datalen < 4) -+ goto short_packet; -+ size = data[0] << 24; -+ size |= data[1] << 16; -+ size |= data[2] << 8; -+ size |= data[3]; -+ data += 4; -+ datalen -= 4; -+ *_headerlen = 5; -+ break; -+ default: -+ pr_debug("Indefinite length packet not supported\n"); -+ return -EBADMSG; -+ } -+ } -+ -+ pr_devel("datalen=%zu size=%zu", datalen, size); -+ if (datalen < size) -+ goto short_packet; -+ if ((int)size < 0) -+ goto too_big; -+ -+ *_data = data; -+ *_datalen = datalen; -+ *_type = type; -+ pr_devel("Found packet type=%u size=%zd\n", type, size); -+ return size; -+ -+short_packet: -+ pr_debug("Attempt to parse short packet\n"); -+ return -EBADMSG; -+too_big: -+ pr_debug("Signature subpacket size >2G\n"); -+ return -EMSGSIZE; -+} -+ -+/** -+ * pgp_parse_packets - Parse a set of PGP packets -+ * @_data: Data to be parsed (updated) -+ * @_datalen: Amount of data (updated) -+ * @ctx: Parsing context -+ * -+ * Parse a set of PGP packets [RFC 4880: 4]. -+ */ -+int pgp_parse_packets(const u8 *data, size_t datalen, -+ struct pgp_parse_context *ctx) -+{ -+ enum pgp_packet_tag type; -+ ssize_t pktlen; -+ u8 headerlen; -+ int ret; -+ -+ while (datalen > 2) { -+ pktlen = pgp_parse_packet_header(&data, &datalen, &type, -+ &headerlen); -+ if (pktlen < 0) -+ return pktlen; -+ -+ if ((ctx->types_of_interest >> type) & 1) { -+ ret = ctx->process_packet(ctx, type, headerlen, -+ data, pktlen); -+ if (ret < 0) -+ return ret; -+ } -+ data += pktlen; -+ datalen -= pktlen; -+ } -+ -+ if (datalen != 0) { -+ pr_debug("Excess octets in packet stream\n"); -+ return -EBADMSG; -+ } -+ -+ return 0; -+} -+EXPORT_SYMBOL_GPL(pgp_parse_packets); -+ -+/** -+ * pgp_parse_public_key - Parse the common part of a PGP pubkey packet -+ * @_data: Content of packet (updated) -+ * @_datalen: Length of packet remaining (updated) -+ * @pk: Public key data -+ * -+ * Parse the common data struct for a PGP pubkey packet [RFC 4880: 5.5.2]. -+ */ -+int pgp_parse_public_key(const u8 **_data, size_t *_datalen, -+ struct pgp_parse_pubkey *pk) -+{ -+ const u8 *data = *_data; -+ size_t datalen = *_datalen; -+ __be32 tmp; -+ -+ if (datalen < 12) { -+ pr_debug("Public key packet too short\n"); -+ return -EBADMSG; -+ } -+ -+ pk->version = *data++; -+ switch (pk->version) { -+ case PGP_KEY_VERSION_2: -+ case PGP_KEY_VERSION_3: -+ case PGP_KEY_VERSION_4: -+ break; -+ default: -+ pr_debug("Public key packet with unhandled version %d\n", -+ pk->version); -+ return -EBADMSG; -+ } -+ -+ tmp = *data++ << 24; -+ tmp |= *data++ << 16; -+ tmp |= *data++ << 8; -+ tmp |= *data++; -+ pk->creation_time = tmp; -+ if (pk->version == PGP_KEY_VERSION_4) { -+ pk->expires_at = 0; /* Have to get it from the selfsignature */ -+ } else { -+ unsigned short ndays; -+ ndays = *data++ << 8; -+ ndays |= *data++; -+ if (ndays) -+ pk->expires_at = pk->creation_time + ndays * 86400UL; -+ else -+ pk->expires_at = 0; -+ datalen -= 2; -+ } -+ -+ pk->pubkey_algo = *data++; -+ datalen -= 6; -+ -+ pr_devel("%x,%x,%lx,%lx", -+ pk->version, pk->pubkey_algo, pk->creation_time, -+ pk->expires_at); -+ -+ *_data = data; -+ *_datalen = datalen; -+ return 0; -+} -+EXPORT_SYMBOL_GPL(pgp_parse_public_key); --- -1.7.11.2 - - -From a3673ac73f4634bcdd97d642b3bdd87998eb2100 Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 14:11:20 +0100 -Subject: [PATCH 10/28] PGPLIB: Signature parser - -Provide some PGP signature parsing helpers: - - (1) A function to parse V4 signature subpackets and pass the desired ones to - a processor function: - - int pgp_parse_sig_subpkts(const u8 *data, size_t datalen, - struct pgp_parse_sig_context *ctx); - - (2) A function to parse out basic signature parameters from any PGP signature - such that the algorithms and public key can be selected: - - int pgp_parse_sig_params(const u8 **_data, size_t *_datalen, - struct pgp_sig_parameters *p); - -Signed-off-by: David Howells ---- - include/linux/pgplib.h | 25 ++++ - security/keys/crypto/pgp_library.c | 280 +++++++++++++++++++++++++++++++++++++ - 2 files changed, 305 insertions(+) - -diff --git a/include/linux/pgplib.h b/include/linux/pgplib.h -index a045b3a..34594a9 100644 ---- a/include/linux/pgplib.h -+++ b/include/linux/pgplib.h -@@ -41,6 +41,31 @@ struct pgp_parse_pubkey { - extern int pgp_parse_public_key(const u8 **_data, size_t *_datalen, - struct pgp_parse_pubkey *pk); - -+struct pgp_parse_sig_context { -+ unsigned long types_of_interest[128 / BITS_PER_LONG]; -+ int (*process_packet)(struct pgp_parse_sig_context *context, -+ enum pgp_sig_subpkt_type type, -+ const u8 *data, -+ size_t datalen); -+}; -+ -+extern int pgp_parse_sig_packets(const u8 *data, size_t datalen, -+ struct pgp_parse_sig_context *ctx); -+ -+struct pgp_sig_parameters { -+ enum pgp_signature_version version : 8; -+ enum pgp_signature_type signature_type : 8; -+ enum pgp_pubkey_algo pubkey_algo : 8; -+ enum pgp_hash_algo hash_algo : 8; -+ union { -+ struct pgp_key_ID issuer; -+ __be32 issuer32[2]; -+ }; -+}; -+ -+extern int pgp_parse_sig_params(const u8 **_data, size_t *_datalen, -+ struct pgp_sig_parameters *p); -+ - - #endif /* CONFIG_PGP_LIBRARY */ - -diff --git a/security/keys/crypto/pgp_library.c b/security/keys/crypto/pgp_library.c -index af396d6..c9218df 100644 ---- a/security/keys/crypto/pgp_library.c -+++ b/security/keys/crypto/pgp_library.c -@@ -266,3 +266,283 @@ int pgp_parse_public_key(const u8 **_data, size_t *_datalen, - return 0; - } - EXPORT_SYMBOL_GPL(pgp_parse_public_key); -+ -+/** -+ * pgp_parse_sig_subpkt_header - Parse a PGP V4 signature subpacket header -+ * @_data: Start of the subpacket (updated to subpacket data) -+ * @_datalen: Amount of data remaining in buffer (decreased) -+ * @_type: Where the subpacket type will be returned -+ * -+ * Parse a PGP V4 signature subpacket header [RFC 4880: 5.2.3.1]. -+ * -+ * Returns packet data size on success; non-zero on error. If successful, -+ * *_data and *_datalen will have been updated and *_headerlen will be set to -+ * hold the length of the packet header. -+ */ -+static ssize_t pgp_parse_sig_subpkt_header(const u8 **_data, size_t *_datalen, -+ enum pgp_sig_subpkt_type *_type) -+{ -+ enum pgp_sig_subpkt_type type; -+ const u8 *data = *_data; -+ size_t size, datalen = *_datalen; -+ -+ pr_devel("-->pgp_parse_sig_subpkt_header(,%zu,,)", datalen); -+ -+ if (datalen < 2) -+ goto short_subpacket; -+ -+ pr_devel("subpkt hdr %02x, %02x\n", data[0], data[1]); -+ -+ switch (data[0]) { -+ case 0x00 ... 0xbf: -+ /* One-byte length */ -+ size = data[0]; -+ data++; -+ datalen--; -+ break; -+ case 0xc0 ... 0xfe: -+ /* Two-byte length */ -+ if (datalen < 3) -+ goto short_subpacket; -+ size = (data[0] - 192) * 256; -+ size += data[1] + 192; -+ data += 2; -+ datalen -= 2; -+ break; -+ case 0xff: -+ if (datalen < 6) -+ goto short_subpacket; -+ size = data[1] << 24; -+ size |= data[2] << 16; -+ size |= data[3] << 8; -+ size |= data[4]; -+ data += 5; -+ datalen -= 5; -+ break; -+ } -+ -+ /* The type octet is included in the size */ -+ pr_devel("datalen=%zu size=%zu", datalen, size); -+ if (datalen < size) -+ goto short_subpacket; -+ if (size == 0) -+ goto very_short_subpacket; -+ if ((int)size < 0) -+ goto too_big; -+ -+ type = *data++ & ~PGP_SIG_SUBPKT_TYPE_CRITICAL_MASK; -+ datalen--; -+ size--; -+ -+ *_data = data; -+ *_datalen = datalen; -+ *_type = type; -+ pr_devel("Found subpkt type=%u size=%zd\n", type, size); -+ return size; -+ -+very_short_subpacket: -+ pr_debug("Signature subpacket size can't be zero\n"); -+ return -EBADMSG; -+short_subpacket: -+ pr_debug("Attempt to parse short signature subpacket\n"); -+ return -EBADMSG; -+too_big: -+ pr_debug("Signature subpacket size >2G\n"); -+ return -EMSGSIZE; -+} -+ -+/** -+ * pgp_parse_sig_subpkts - Parse a set of PGP V4 signatute subpackets -+ * @_data: Data to be parsed (updated) -+ * @_datalen: Amount of data (updated) -+ * @ctx: Parsing context -+ * -+ * Parse a set of PGP signature subpackets [RFC 4880: 5.2.3]. -+ */ -+static int pgp_parse_sig_subpkts(const u8 *data, size_t datalen, -+ struct pgp_parse_sig_context *ctx) -+{ -+ enum pgp_sig_subpkt_type type; -+ ssize_t pktlen; -+ int ret; -+ -+ pr_devel("-->pgp_parse_sig_subpkts(,%zu,,)", datalen); -+ -+ while (datalen > 2) { -+ pktlen = pgp_parse_sig_subpkt_header(&data, &datalen, &type); -+ if (pktlen < 0) -+ return pktlen; -+ if (test_bit(type, ctx->types_of_interest)) { -+ ret = ctx->process_packet(ctx, type, data, pktlen); -+ if (ret < 0) -+ return ret; -+ } -+ data += pktlen; -+ datalen -= pktlen; -+ } -+ -+ if (datalen != 0) { -+ pr_debug("Excess octets in signature subpacket stream\n"); -+ return -EBADMSG; -+ } -+ -+ return 0; -+} -+ -+struct pgp_parse_sig_params_ctx { -+ struct pgp_parse_sig_context base; -+ struct pgp_sig_parameters *params; -+ bool got_the_issuer; -+}; -+ -+/* -+ * Process a V4 signature subpacket. -+ */ -+static int pgp_process_sig_params_subpkt(struct pgp_parse_sig_context *context, -+ enum pgp_sig_subpkt_type type, -+ const u8 *data, -+ size_t datalen) -+{ -+ struct pgp_parse_sig_params_ctx *ctx = -+ container_of(context, struct pgp_parse_sig_params_ctx, base); -+ -+ if (ctx->got_the_issuer) { -+ pr_debug("V4 signature packet has multiple issuers\n"); -+ return -EBADMSG; -+ } -+ -+ if (datalen != 8) { -+ pr_debug("V4 signature issuer subpkt not 8 long (%zu)\n", -+ datalen); -+ return -EBADMSG; -+ } -+ -+ memcpy(&ctx->params->issuer, data, 8); -+ ctx->got_the_issuer = true; -+ return 0; -+} -+ -+/** -+ * pgp_parse_sig_params - Parse basic parameters from a PGP signature packet -+ * @_data: Content of packet (updated) -+ * @_datalen: Length of packet remaining (updated) -+ * @p: The basic parameters -+ * -+ * Parse the basic parameters from a PGP signature packet [RFC 4880: 5.2] that -+ * are needed to start off a signature verification operation. The only ones -+ * actually necessary are the signature type (which affects how the data is -+ * transformed) and the hash algorithm. -+ * -+ * We also extract the public key algorithm and the issuer's key ID as we'll -+ * need those to determine if we actually have the public key available. If -+ * not, then we can't verify the signature anyway. -+ * -+ * Returns 0 if successful or a negative error code. *_data and *_datalen are -+ * updated to point to the 16-bit subset of the hash value and the set of MPIs. -+ */ -+int pgp_parse_sig_params(const u8 **_data, size_t *_datalen, -+ struct pgp_sig_parameters *p) -+{ -+ const u8 *data = *_data; -+ size_t datalen = *_datalen; -+ int ret; -+ -+ pr_devel("-->pgp_parse_sig_params(,%zu,,)", datalen); -+ -+ if (datalen < 1) -+ return -EBADMSG; -+ p->version = *data; -+ -+ if (p->version == PGP_SIG_VERSION_3) { -+ const struct pgp_signature_v3_packet *v3 = (const void *)data; -+ -+ if (datalen < sizeof(*v3)) { -+ pr_debug("Short V3 signature packet\n"); -+ return -EBADMSG; -+ } -+ datalen -= sizeof(*v3); -+ data += sizeof(*v3); -+ -+ /* V3 has everything we need in the header */ -+ p->signature_type = v3->hashed.signature_type; -+ p->issuer = v3->issuer; -+ p->pubkey_algo = v3->pubkey_algo; -+ p->hash_algo = v3->hash_algo; -+ -+ } else if (p->version == PGP_SIG_VERSION_4) { -+ const struct pgp_signature_v4_packet *v4 = (const void *)data; -+ struct pgp_parse_sig_params_ctx ctx = { -+ .base.process_packet = pgp_process_sig_params_subpkt, -+ .params = p, -+ .got_the_issuer = false, -+ }; -+ size_t subdatalen; -+ -+ if (datalen < sizeof(*v4) + 2 + 2 + 2) { -+ pr_debug("Short V4 signature packet\n"); -+ return -EBADMSG; -+ } -+ datalen -= sizeof(*v4); -+ data += sizeof(*v4); -+ -+ /* V4 has most things in the header... */ -+ p->signature_type = v4->signature_type; -+ p->pubkey_algo = v4->pubkey_algo; -+ p->hash_algo = v4->hash_algo; -+ -+ /* ... but we have to get the key ID from the subpackets, of -+ * which there are two sets. */ -+ __set_bit(PGP_SIG_ISSUER, ctx.base.types_of_interest); -+ -+ subdatalen = *data++ << 8; -+ subdatalen |= *data++; -+ datalen -= 2; -+ if (subdatalen) { -+ /* Hashed subpackets */ -+ pr_devel("hashed data: %zu (after %zu)\n", -+ subdatalen, sizeof(*v4)); -+ if (subdatalen > datalen + 2 + 2) { -+ pr_debug("Short V4 signature packet [hdata]\n"); -+ return -EBADMSG; -+ } -+ ret = pgp_parse_sig_subpkts(data, subdatalen, -+ &ctx.base); -+ if (ret < 0) -+ return ret; -+ data += subdatalen; -+ datalen -= subdatalen; -+ } -+ -+ subdatalen = *data++ << 8; -+ subdatalen |= *data++; -+ datalen -= 2; -+ if (subdatalen) { -+ /* Unhashed subpackets */ -+ pr_devel("unhashed data: %zu\n", subdatalen); -+ if (subdatalen > datalen + 2) { -+ pr_debug("Short V4 signature packet [udata]\n"); -+ return -EBADMSG; -+ } -+ ret = pgp_parse_sig_subpkts(data, subdatalen, -+ &ctx.base); -+ if (ret < 0) -+ return ret; -+ data += subdatalen; -+ datalen -= subdatalen; -+ } -+ -+ if (!ctx.got_the_issuer) { -+ pr_debug("V4 signature packet lacks issuer\n"); -+ return -EBADMSG; -+ } -+ } else { -+ pr_debug("Signature packet with unhandled version %d\n", -+ p->version); -+ return -EBADMSG; -+ } -+ -+ *_data = data; -+ *_datalen = datalen; -+ return 0; -+} -+EXPORT_SYMBOL_GPL(pgp_parse_sig_params); --- -1.7.11.2 - - -From dd59f49ce7179b145f55bdca3b43f4761ae0769d Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 14:11:21 +0100 -Subject: [PATCH 11/28] KEYS: PGP data parser - -Implement a PGP data parser for the crypto key type to use when instantiating a -key. - -This parser attempts to parse the instantiation data as a PGP packet sequence -(RFC 4880) and if it parses okay, attempts to extract a public-key algorithm -key or subkey from it. - -If it finds such a key, it will set up a public_key subtype payload with -appropriate handler routines (DSA or RSA) and attach it to the key. - -Thanks to Tetsuo Handa for pointing out -some errors. - -Signed-off-by: David Howells ---- - security/keys/crypto/Kconfig | 12 ++ - security/keys/crypto/Makefile | 4 + - security/keys/crypto/pgp_parser.h | 23 +++ - security/keys/crypto/pgp_public_key.c | 348 ++++++++++++++++++++++++++++++++++ - 4 files changed, 387 insertions(+) - create mode 100644 security/keys/crypto/pgp_parser.h - create mode 100644 security/keys/crypto/pgp_public_key.c - -diff --git a/security/keys/crypto/Kconfig b/security/keys/crypto/Kconfig -index 88ce0e2..1c2ae55 100644 ---- a/security/keys/crypto/Kconfig -+++ b/security/keys/crypto/Kconfig -@@ -28,3 +28,15 @@ config PGP_LIBRARY - help - This option enables a library that provides a number of simple - utility functions for parsing PGP (RFC 4880) packet-based messages. -+ -+config CRYPTO_KEY_PGP_PARSER -+ tristate "PGP key blob parser" -+ depends on CRYPTO_KEY_TYPE -+ select CRYPTO_KEY_PUBLIC_KEY_SUBTYPE -+ select PGP_LIBRARY -+ select MD5 # V3 fingerprint generation -+ select SHA1 # V4 fingerprint generation -+ help -+ This option provides support for parsing PGP (RFC 4880) format blobs -+ for key data and provides the ability to instantiate a crypto key -+ from a public key packet found inside the blob. -diff --git a/security/keys/crypto/Makefile b/security/keys/crypto/Makefile -index 5fbe54e..35733fc 100644 ---- a/security/keys/crypto/Makefile -+++ b/security/keys/crypto/Makefile -@@ -8,3 +8,7 @@ crypto_keys-y := crypto_type.o crypto_verify.o - obj-$(CONFIG_CRYPTO_KEY_PUBLIC_KEY_SUBTYPE) += public_key.o - obj-$(CONFIG_CRYPTO_KEY_PKEY_ALGO_RSA) += crypto_rsa.o - obj-$(CONFIG_PGP_LIBRARY) += pgp_library.o -+ -+obj-$(CONFIG_CRYPTO_KEY_PGP_PARSER) += pgp_key_parser.o -+pgp_key_parser-y := \ -+ pgp_public_key.o -diff --git a/security/keys/crypto/pgp_parser.h b/security/keys/crypto/pgp_parser.h -new file mode 100644 -index 0000000..1cda231 ---- /dev/null -+++ b/security/keys/crypto/pgp_parser.h -@@ -0,0 +1,23 @@ -+/* PGP crypto data parser internal definitions -+ * -+ * Copyright (C) 2011 Red Hat, Inc. All Rights Reserved. -+ * Written by David Howells (dhowells@redhat.com) -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public Licence -+ * as published by the Free Software Foundation; either version -+ * 2 of the Licence, or (at your option) any later version. -+ */ -+ -+#include -+ -+#define kenter(FMT, ...) \ -+ pr_devel("==> %s("FMT")\n", __func__, ##__VA_ARGS__) -+#define kleave(FMT, ...) \ -+ pr_devel("<== %s()"FMT"\n", __func__, ##__VA_ARGS__) -+ -+/* -+ * pgp_key_parser.c -+ */ -+extern const -+struct public_key_algorithm *pgp_public_key_algorithms[PGP_PUBKEY__LAST]; -diff --git a/security/keys/crypto/pgp_public_key.c b/security/keys/crypto/pgp_public_key.c -new file mode 100644 -index 0000000..8a8b7c0 ---- /dev/null -+++ b/security/keys/crypto/pgp_public_key.c -@@ -0,0 +1,348 @@ -+/* Instantiate a public key crypto key from PGP format data [RFC 4880] -+ * -+ * Copyright (C) 2011 Red Hat, Inc. All Rights Reserved. -+ * Written by David Howells (dhowells@redhat.com) -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public Licence -+ * as published by the Free Software Foundation; either version -+ * 2 of the Licence, or (at your option) any later version. -+ */ -+ -+#define pr_fmt(fmt) "PGP: "fmt -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include "public_key.h" -+#include "pgp_parser.h" -+ -+MODULE_LICENSE("GPL"); -+ -+const -+struct public_key_algorithm *pgp_public_key_algorithms[PGP_PUBKEY__LAST] = { -+#if defined(CONFIG_CRYPTO_KEY_PKEY_ALGO_RSA) || \ -+ defined(CONFIG_CRYPTO_KEY_PKEY_ALGO_RSA_MODULE) -+ [PGP_PUBKEY_RSA_ENC_OR_SIG] = &RSA_public_key_algorithm, -+ [PGP_PUBKEY_RSA_ENC_ONLY] = &RSA_public_key_algorithm, -+ [PGP_PUBKEY_RSA_SIG_ONLY] = &RSA_public_key_algorithm, -+#endif -+ [PGP_PUBKEY_ELGAMAL] = NULL, -+ [PGP_PUBKEY_DSA] = NULL, -+}; -+ -+static const u8 pgp_public_key_capabilities[PGP_PUBKEY__LAST] = { -+ [PGP_PUBKEY_RSA_ENC_OR_SIG] = PKEY_CAN_ENCDEC | PKEY_CAN_SIGVER, -+ [PGP_PUBKEY_RSA_ENC_ONLY] = PKEY_CAN_ENCDEC, -+ [PGP_PUBKEY_RSA_SIG_ONLY] = PKEY_CAN_SIGVER, -+ [PGP_PUBKEY_ELGAMAL] = 0, -+ [PGP_PUBKEY_DSA] = 0, -+}; -+ -+static inline void digest_putc(struct shash_desc *digest, uint8_t ch) -+{ -+ crypto_shash_update(digest, &ch, 1); -+} -+ -+struct pgp_key_data_parse_context { -+ struct pgp_parse_context pgp; -+ struct crypto_key_subtype *subtype; -+ char *fingerprint; -+ void *payload; -+}; -+ -+/* -+ * Calculate the public key ID (RFC4880 12.2) -+ */ -+static int pgp_calc_pkey_keyid(struct shash_desc *digest, -+ struct pgp_parse_pubkey *pgp, -+ struct public_key *key) -+{ -+ unsigned nb[ARRAY_SIZE(key->mpi)]; -+ unsigned nn[ARRAY_SIZE(key->mpi)]; -+ unsigned n; -+ u8 *pp[ARRAY_SIZE(key->mpi)]; -+ u32 a32; -+ int npkey = key->algo->n_pub_mpi; -+ int i, ret = -ENOMEM; -+ -+ kenter(""); -+ -+ for (i = 0; i < ARRAY_SIZE(pp); i++) -+ pp[i] = NULL; -+ -+ n = (pgp->version < PGP_KEY_VERSION_4) ? 8 : 6; -+ for (i = 0; i < npkey; i++) { -+ nb[i] = mpi_get_nbits(key->mpi[i]); -+ pp[i] = mpi_get_buffer(key->mpi[i], nn + i, NULL); -+ if (!pp[i]) -+ goto error; -+ n += 2 + nn[i]; -+ } -+ -+ digest_putc(digest, 0x99); /* ctb */ -+ digest_putc(digest, n >> 8); /* 16-bit header length */ -+ digest_putc(digest, n); -+ digest_putc(digest, pgp->version); -+ -+ a32 = pgp->creation_time; -+ digest_putc(digest, a32 >> 24); -+ digest_putc(digest, a32 >> 16); -+ digest_putc(digest, a32 >> 8); -+ digest_putc(digest, a32 >> 0); -+ -+ if (pgp->version < PGP_KEY_VERSION_4) { -+ u16 a16; -+ -+ if (pgp->expires_at) -+ a16 = (pgp->expires_at - pgp->creation_time) / 86400UL; -+ else -+ a16 = 0; -+ digest_putc(digest, a16 >> 8); -+ digest_putc(digest, a16 >> 0); -+ } -+ -+ digest_putc(digest, pgp->pubkey_algo); -+ -+ for (i = 0; i < npkey; i++) { -+ digest_putc(digest, nb[i] >> 8); -+ digest_putc(digest, nb[i]); -+ crypto_shash_update(digest, pp[i], nn[i]); -+ } -+ ret = 0; -+ -+error: -+ for (i = 0; i < npkey; i++) -+ kfree(pp[i]); -+ kleave(" = %d", ret); -+ return ret; -+} -+ -+/* -+ * Calculate the public key ID fingerprint -+ */ -+static int pgp_generate_fingerprint(struct pgp_key_data_parse_context *ctx, -+ struct pgp_parse_pubkey *pgp, -+ struct public_key *key) -+{ -+ struct crypto_shash *tfm; -+ struct shash_desc *digest; -+ char *fingerprint; -+ u8 *raw_fingerprint; -+ int digest_size, offset; -+ int ret, i; -+ -+ ret = -ENOMEM; -+ tfm = crypto_alloc_shash(pgp->version < PGP_KEY_VERSION_4 ? -+ "md5" : "sha1", 0, 0); -+ if (!tfm) -+ goto cleanup; -+ -+ digest = kmalloc(sizeof(*digest) + crypto_shash_descsize(tfm), -+ GFP_KERNEL); -+ if (!digest) -+ goto cleanup_tfm; -+ -+ digest->tfm = tfm; -+ digest->flags = CRYPTO_TFM_REQ_MAY_SLEEP; -+ ret = crypto_shash_init(digest); -+ if (ret < 0) -+ goto cleanup_hash; -+ -+ ret = pgp_calc_pkey_keyid(digest, pgp, key); -+ if (ret < 0) -+ goto cleanup_hash; -+ -+ digest_size = crypto_shash_digestsize(tfm); -+ -+ raw_fingerprint = kmalloc(digest_size, GFP_KERNEL); -+ if (!raw_fingerprint) -+ goto cleanup_hash; -+ -+ ret = crypto_shash_final(digest, raw_fingerprint); -+ if (ret < 0) -+ goto cleanup_raw_fingerprint; -+ -+ fingerprint = kmalloc(digest_size * 2 + 1, GFP_KERNEL); -+ if (!fingerprint) -+ goto cleanup_raw_fingerprint; -+ -+ offset = digest_size - 8; -+ pr_debug("offset %u/%u\n", offset, digest_size); -+ -+ for (i = 0; i < digest_size; i++) -+ sprintf(fingerprint + i * 2, "%02x", raw_fingerprint[i]); -+ pr_debug("fingerprint %s\n", fingerprint); -+ -+ memcpy(&key->key_id, raw_fingerprint + offset, 8); -+ key->key_id_size = 8; -+ -+ ctx->fingerprint = fingerprint; -+ ret = 0; -+cleanup_raw_fingerprint: -+ kfree(raw_fingerprint); -+cleanup_hash: -+ kfree(digest); -+cleanup_tfm: -+ crypto_free_shash(tfm); -+cleanup: -+ kleave(" = %d", ret); -+ return ret; -+} -+ -+/* -+ * Extract a public key or public subkey from the PGP stream. -+ */ -+static int pgp_process_public_key(struct pgp_parse_context *context, -+ enum pgp_packet_tag type, -+ u8 headerlen, -+ const u8 *data, -+ size_t datalen) -+{ -+ const struct public_key_algorithm *algo; -+ struct pgp_key_data_parse_context *ctx = -+ container_of(context, struct pgp_key_data_parse_context, pgp); -+ struct pgp_parse_pubkey pgp; -+ struct public_key *key; -+ int i, ret; -+ -+ kenter(",%u,%u,,%zu", type, headerlen, datalen); -+ -+ if (ctx->subtype) { -+ kleave(" = -ENOKEY [already]"); -+ return -EBADMSG; -+ } -+ -+ key = kzalloc(sizeof(struct public_key), GFP_KERNEL); -+ if (!key) -+ return -ENOMEM; -+ -+ ret = pgp_parse_public_key(&data, &datalen, &pgp); -+ if (ret < 0) -+ goto cleanup; -+ -+ if (pgp.pubkey_algo >= PGP_PUBKEY__LAST || -+ !pgp_public_key_algorithms[pgp.pubkey_algo]) { -+ pr_debug("Unsupported public key algorithm %u\n", -+ pgp.pubkey_algo); -+ ret = -ENOPKG; -+ goto cleanup; -+ } -+ -+ algo = key->algo = pgp_public_key_algorithms[pgp.pubkey_algo]; -+ -+ /* It's a public key, so that only gives us encrypt and verify -+ * capabilities. -+ */ -+ key->capabilities = pgp_public_key_capabilities[pgp.pubkey_algo] & -+ (PKEY_CAN_ENCRYPT | PKEY_CAN_VERIFY); -+ -+ for (i = 0; i < algo->n_pub_mpi; i++) { -+ unsigned int remaining = datalen; -+ if (remaining == 0) { -+ pr_debug("short %zu mpi %d\n", datalen, i); -+ goto cleanup_badmsg; -+ } -+ key->mpi[i] = mpi_read_from_buffer(data, &remaining); -+ if (!key->mpi[i]) -+ goto cleanup_nomem; -+ data += remaining; -+ datalen -= remaining; -+ } -+ -+ if (datalen != 0) { -+ pr_debug("excess %zu\n", datalen); -+ goto cleanup_badmsg; -+ } -+ -+ ret = pgp_generate_fingerprint(ctx, &pgp, key); -+ if (ret < 0) -+ goto cleanup; -+ -+ /* We're pinning the module by being linked against it */ -+ __module_get(public_key_crypto_key_subtype.owner); -+ ctx->subtype = &public_key_crypto_key_subtype; -+ ctx->payload = key; -+ kleave(" = 0 [use]"); -+ return 0; -+ -+cleanup_nomem: -+ ret = -ENOMEM; -+ goto cleanup; -+cleanup_badmsg: -+ ret = -EBADMSG; -+cleanup: -+ pr_devel("cleanup"); -+ if (key) { -+ for (i = 0; i < ARRAY_SIZE(key->mpi); i++) -+ mpi_free(key->mpi[i]); -+ kfree(key); -+ } -+ kleave(" = %d", ret); -+ return ret; -+} -+ -+/* -+ * Attempt to parse the instantiation data blob for a key as a PGP packet -+ * message holding a key. -+ */ -+static int pgp_key_instantiate(struct key *key, -+ const void *data, size_t datalen) -+{ -+ struct pgp_key_data_parse_context ctx; -+ int ret; -+ -+ kenter(""); -+ -+ ret = key_payload_reserve(key, datalen); -+ if (ret < 0) -+ return ret; -+ -+ ctx.pgp.types_of_interest = -+ (1 << PGP_PKT_PUBLIC_KEY) | (1 << PGP_PKT_PUBLIC_SUBKEY); -+ ctx.pgp.process_packet = pgp_process_public_key; -+ ctx.subtype = NULL; -+ ctx.fingerprint = NULL; -+ ctx.payload = NULL; -+ -+ ret = pgp_parse_packets(data, datalen, &ctx.pgp); -+ if (ret < 0) { -+ if (ctx.payload) -+ ctx.subtype->destroy(ctx.payload); -+ if (ctx.subtype) -+ module_put(ctx.subtype->owner); -+ kfree(ctx.fingerprint); -+ key_payload_reserve(key, 0); -+ return ret; -+ } -+ -+ key->type_data.p[0] = ctx.subtype; -+ key->type_data.p[1] = ctx.fingerprint; -+ key->payload.data = ctx.payload; -+ return 0; -+} -+ -+static struct crypto_key_parser pgp_key_parser = { -+ .owner = THIS_MODULE, -+ .name = "pgp", -+ .instantiate = pgp_key_instantiate, -+}; -+ -+/* -+ * Module stuff -+ */ -+static int __init pgp_key_init(void) -+{ -+ return register_crypto_key_parser(&pgp_key_parser); -+} -+ -+static void __exit pgp_key_exit(void) -+{ -+ unregister_crypto_key_parser(&pgp_key_parser); -+} -+ -+module_init(pgp_key_init); -+module_exit(pgp_key_exit); --- -1.7.11.2 - - -From 80437db0342877f06d689d33babcc99175d34b82 Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 14:11:21 +0100 -Subject: [PATCH 12/28] KEYS: PGP-based public key signature verification - -Provide handlers for PGP-based public-key algorithm signature verification. -This does most of the work involved in signature verification as most of it is -public-key algorithm agnostic. The public-key verification algorithm itself -is just the last little bit and is supplied the complete hash data to process. - -This requires glue logic putting on top to make use of it - something the next -patch provides. - -Signed-off-by: David Howells ---- - security/keys/crypto/Makefile | 3 +- - security/keys/crypto/pgp_parser.h | 6 + - security/keys/crypto/pgp_sig_verify.c | 325 ++++++++++++++++++++++++++++++++++ - 3 files changed, 333 insertions(+), 1 deletion(-) - create mode 100644 security/keys/crypto/pgp_sig_verify.c - -diff --git a/security/keys/crypto/Makefile b/security/keys/crypto/Makefile -index 35733fc..0c8b8a1 100644 ---- a/security/keys/crypto/Makefile -+++ b/security/keys/crypto/Makefile -@@ -11,4 +11,5 @@ obj-$(CONFIG_PGP_LIBRARY) += pgp_library.o - - obj-$(CONFIG_CRYPTO_KEY_PGP_PARSER) += pgp_key_parser.o - pgp_key_parser-y := \ -- pgp_public_key.o -+ pgp_public_key.o \ -+ pgp_sig_verify.o -diff --git a/security/keys/crypto/pgp_parser.h b/security/keys/crypto/pgp_parser.h -index 1cda231..a6192ce 100644 ---- a/security/keys/crypto/pgp_parser.h -+++ b/security/keys/crypto/pgp_parser.h -@@ -21,3 +21,9 @@ - */ - extern const - struct public_key_algorithm *pgp_public_key_algorithms[PGP_PUBKEY__LAST]; -+ -+/* -+ * pgp_pubkey_sig.c -+ */ -+extern struct crypto_key_verify_context *pgp_pkey_verify_sig_begin( -+ struct key *crypto_key, const u8 *sigdata, size_t siglen); -diff --git a/security/keys/crypto/pgp_sig_verify.c b/security/keys/crypto/pgp_sig_verify.c -new file mode 100644 -index 0000000..82c89da ---- /dev/null -+++ b/security/keys/crypto/pgp_sig_verify.c -@@ -0,0 +1,325 @@ -+/* PGP public key signature verification [RFC 4880] -+ * -+ * Copyright (C) 2011 Red Hat, Inc. All Rights Reserved. -+ * Written by David Howells (dhowells@redhat.com) -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public Licence -+ * as published by the Free Software Foundation; either version -+ * 2 of the Licence, or (at your option) any later version. -+ */ -+ -+#define pr_fmt(fmt) "PGPSIG: "fmt -+#include -+#include -+#include -+#include -+#include -+#include "public_key.h" -+#include "pgp_parser.h" -+ -+static const struct { -+ enum pkey_hash_algo algo : 8; -+} pgp_pubkey_hash[PGP_HASH__LAST] = { -+ [PGP_HASH_MD5].algo = PKEY_HASH_MD5, -+ [PGP_HASH_SHA1].algo = PKEY_HASH_SHA1, -+ [PGP_HASH_RIPE_MD_160].algo = PKEY_HASH_RIPE_MD_160, -+ [PGP_HASH_SHA256].algo = PKEY_HASH_SHA256, -+ [PGP_HASH_SHA384].algo = PKEY_HASH_SHA384, -+ [PGP_HASH_SHA512].algo = PKEY_HASH_SHA512, -+ [PGP_HASH_SHA224].algo = PKEY_HASH_SHA224, -+}; -+ -+static int pgp_pkey_verify_sig_add_data(struct crypto_key_verify_context *ctx, -+ const void *data, size_t datalen); -+static int pgp_pkey_verify_sig_end(struct crypto_key_verify_context *ctx, -+ const u8 *sig, size_t siglen); -+static void pgp_pkey_verify_sig_cancel(struct crypto_key_verify_context *ctx); -+ -+struct pgp_pkey_sig_parse_context { -+ struct pgp_parse_context pgp; -+ struct pgp_sig_parameters params; -+}; -+ -+static int pgp_pkey_parse_signature(struct pgp_parse_context *context, -+ enum pgp_packet_tag type, -+ u8 headerlen, -+ const u8 *data, -+ size_t datalen) -+{ -+ struct pgp_pkey_sig_parse_context *ctx = -+ container_of(context, struct pgp_pkey_sig_parse_context, pgp); -+ -+ return pgp_parse_sig_params(&data, &datalen, &ctx->params); -+} -+ -+/* -+ * Begin the process of verifying a DSA signature. -+ * -+ * This involves allocating the hash into which first the data and then the -+ * metadata will be put, and parsing the signature to check that it matches the -+ * key. -+ */ -+struct crypto_key_verify_context *pgp_pkey_verify_sig_begin( -+ struct key *crypto_key, const u8 *sigdata, size_t siglen) -+{ -+ struct pgp_pkey_sig_parse_context p; -+ struct public_key_signature *sig; -+ struct crypto_shash *tfm; -+ const struct public_key *key = crypto_key->payload.data; -+ size_t digest_size, desc_size; -+ int ret; -+ -+ kenter("{%d},,%zu", key_serial(crypto_key), siglen); -+ -+ if (!key) { -+ kleave(" = -ENOKEY [no public key]"); -+ return ERR_PTR(-ENOKEY); -+ } -+ -+ p.pgp.types_of_interest = (1 << PGP_PKT_SIGNATURE); -+ p.pgp.process_packet = pgp_pkey_parse_signature; -+ ret = pgp_parse_packets(sigdata, siglen, &p.pgp); -+ if (ret < 0) -+ return ERR_PTR(ret); -+ -+ if (p.params.pubkey_algo >= PGP_PUBKEY__LAST || -+ !pgp_public_key_algorithms[p.params.pubkey_algo]) { -+ pr_debug("Unsupported public key algorithm %u\n", -+ p.params.pubkey_algo); -+ return ERR_PTR(-ENOPKG); -+ } -+ -+ if (pgp_public_key_algorithms[p.params.pubkey_algo] != key->algo) { -+ kleave(" = -EKEYREJECTED [wrong pk algo]"); -+ return ERR_PTR(-EKEYREJECTED); -+ } -+ -+ if (!(key->capabilities & PKEY_CAN_VERIFY)) { -+ kleave(" = -EKEYREJECTED [key can't verify]"); -+ return ERR_PTR(-EKEYREJECTED); -+ } -+ -+ if (p.params.hash_algo >= PGP_HASH__LAST || -+ !pgp_hash_algorithms[p.params.hash_algo]) { -+ pr_debug("Unsupported hash algorithm %u\n", -+ p.params.hash_algo); -+ return ERR_PTR(-ENOPKG); -+ } -+ -+ pr_debug("Signature generated with %s hash\n", -+ pgp_hash_algorithms[p.params.hash_algo]); -+ -+ if (memcmp(&p.params.issuer, key->key_id, 8) != 0) { -+ kleave(" = -ENOKEY [wrong key ID]"); -+ return ERR_PTR(-ENOKEY); -+ } -+ -+ if (p.params.signature_type != PGP_SIG_BINARY_DOCUMENT_SIG && -+ p.params.signature_type != PGP_SIG_STANDALONE_SIG) { -+ /* We don't want to canonicalise */ -+ kleave(" = -EOPNOTSUPP [canon]"); -+ return ERR_PTR(-EOPNOTSUPP); -+ } -+ -+ /* Allocate the hashing algorithm we're going to need and find out how -+ * big the hash operational data will be. -+ */ -+ tfm = crypto_alloc_shash(pgp_hash_algorithms[p.params.hash_algo], 0, 0); -+ if (IS_ERR(tfm)) -+ return PTR_ERR(tfm) == -ENOENT ? -+ ERR_PTR(-ENOPKG) : ERR_CAST(tfm); -+ -+ desc_size = crypto_shash_descsize(tfm); -+ digest_size = crypto_shash_digestsize(tfm); -+ -+ /* We allocate the hash operational data storage on the end of our -+ * context data. -+ */ -+ sig = kzalloc(sizeof(*sig) + desc_size + digest_size, GFP_KERNEL); -+ if (!sig) { -+ crypto_free_shash(tfm); -+ return ERR_PTR(-ENOMEM); -+ } -+ -+ sig->base.key = crypto_key; -+ sig->base.add_data = pgp_pkey_verify_sig_add_data; -+ sig->base.end = pgp_pkey_verify_sig_end; -+ sig->base.cancel = pgp_pkey_verify_sig_cancel; -+ sig->pkey_hash_algo = pgp_pubkey_hash[p.params.hash_algo].algo; -+ sig->digest = (u8 *)sig + sizeof(*sig) + desc_size; -+ sig->digest_size = digest_size; -+ sig->hash.tfm = tfm; -+ sig->hash.flags = CRYPTO_TFM_REQ_MAY_SLEEP; -+ -+ ret = crypto_shash_init(&sig->hash); -+ if (ret < 0) { -+ crypto_free_shash(sig->hash.tfm); -+ kfree(sig); -+ return ERR_PTR(ret); -+ } -+ -+ key_get(sig->base.key); -+ kleave(" = %p", sig); -+ return &sig->base; -+} -+ -+/* -+ * Load data into the hash -+ */ -+static int pgp_pkey_verify_sig_add_data(struct crypto_key_verify_context *ctx, -+ const void *data, size_t datalen) -+{ -+ struct public_key_signature *sig = -+ container_of(ctx, struct public_key_signature, base); -+ -+ return crypto_shash_update(&sig->hash, data, datalen); -+} -+ -+struct pgp_pkey_sig_digest_context { -+ struct pgp_parse_context pgp; -+ const struct public_key *key; -+ struct public_key_signature *sig; -+}; -+ -+/* -+ * Extract required metadata from the signature packet and add what we need to -+ * to the hash. -+ */ -+static int pgp_pkey_digest_signature(struct pgp_parse_context *context, -+ enum pgp_packet_tag type, -+ u8 headerlen, -+ const u8 *data, -+ size_t datalen) -+{ -+ struct pgp_pkey_sig_digest_context *ctx = -+ container_of(context, struct pgp_pkey_sig_digest_context, pgp); -+ enum pgp_signature_version version; -+ int i; -+ -+ kenter(",%u,%u,,%zu", type, headerlen, datalen); -+ -+ version = *data; -+ if (version == PGP_SIG_VERSION_3) { -+ /* We just include an excerpt of the metadata from a V3 -+ * signature. -+ */ -+ crypto_shash_update(&ctx->sig->hash, data + 1, 5); -+ data += sizeof(struct pgp_signature_v3_packet); -+ datalen -= sizeof(struct pgp_signature_v3_packet); -+ } else if (version == PGP_SIG_VERSION_4) { -+ /* We add the whole metadata header and some of the hashed data -+ * for a V4 signature, plus a trailer. -+ */ -+ size_t hashedsz, unhashedsz; -+ u8 trailer[6]; -+ -+ hashedsz = 4 + 2 + (data[4] << 8) + data[5]; -+ crypto_shash_update(&ctx->sig->hash, data, hashedsz); -+ -+ trailer[0] = version; -+ trailer[1] = 0xffU; -+ trailer[2] = hashedsz >> 24; -+ trailer[3] = hashedsz >> 16; -+ trailer[4] = hashedsz >> 8; -+ trailer[5] = hashedsz; -+ -+ crypto_shash_update(&ctx->sig->hash, trailer, 6); -+ data += hashedsz; -+ datalen -= hashedsz; -+ -+ unhashedsz = 2 + (data[0] << 8) + data[1]; -+ data += unhashedsz; -+ datalen -= unhashedsz; -+ } -+ -+ if (datalen <= 2) { -+ kleave(" = -EBADMSG"); -+ return -EBADMSG; -+ } -+ -+ /* There's a quick check on the hash available. */ -+ ctx->sig->signed_hash_msw[0] = *data++; -+ ctx->sig->signed_hash_msw[1] = *data++; -+ datalen -= 2; -+ -+ /* And then the cryptographic data, which we'll need for the -+ * algorithm. -+ */ -+ for (i = 0; i < ctx->key->algo->n_sig_mpi; i++) { -+ unsigned int remaining = datalen; -+ if (remaining == 0) { -+ pr_debug("short %zu mpi %d\n", datalen, i); -+ return -EBADMSG; -+ } -+ ctx->sig->mpi[i] = mpi_read_from_buffer(data, &remaining); -+ if (!ctx->sig->mpi[i]) -+ return -ENOMEM; -+ data += remaining; -+ datalen -= remaining; -+ } -+ -+ if (datalen != 0) { -+ kleave(" = -EBADMSG [trailer %zu]", datalen); -+ return -EBADMSG; -+ } -+ -+ kleave(" = 0"); -+ return 0; -+} -+ -+/* -+ * The data is now all loaded into the hash; load the metadata, finalise the -+ * hash and perform the verification step. -+ */ -+static int pgp_pkey_verify_sig_end(struct crypto_key_verify_context *ctx, -+ const u8 *sigdata, size_t siglen) -+{ -+ struct public_key_signature *sig = -+ container_of(ctx, struct public_key_signature, base); -+ const struct public_key *key = sig->base.key->payload.data; -+ struct pgp_pkey_sig_digest_context p; -+ int ret; -+ -+ kenter(""); -+ -+ /* Firstly we add metadata, starting with some of the data from the -+ * signature packet */ -+ p.pgp.types_of_interest = (1 << PGP_PKT_SIGNATURE); -+ p.pgp.process_packet = pgp_pkey_digest_signature; -+ p.key = key; -+ p.sig = sig; -+ ret = pgp_parse_packets(sigdata, siglen, &p.pgp); -+ if (ret < 0) -+ goto error_free_ctx; -+ -+ crypto_shash_final(&sig->hash, sig->digest); -+ -+ ret = key->algo->verify(key, sig); -+ -+error_free_ctx: -+ pgp_pkey_verify_sig_cancel(ctx); -+ kleave(" = %d", ret); -+ return ret; -+} -+ -+/* -+ * Cancel an in-progress data loading -+ */ -+static void pgp_pkey_verify_sig_cancel(struct crypto_key_verify_context *ctx) -+{ -+ struct public_key_signature *sig = -+ container_of(ctx, struct public_key_signature, base); -+ int i; -+ -+ kenter(""); -+ -+ /* !!! Do we need to tell the crypto layer to cancel too? */ -+ crypto_free_shash(sig->hash.tfm); -+ key_put(sig->base.key); -+ for (i = 0; i < ARRAY_SIZE(sig->mpi); i++) -+ mpi_free(sig->mpi[i]); -+ kfree(sig); -+ -+ kleave(""); -+} --- -1.7.11.2 - - -From 1826f7b562237c008c66ad63b7d7d4c7c44b98fb Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 14:11:21 +0100 -Subject: [PATCH 13/28] KEYS: PGP format signature parser - -Implement a signature parser that will attempt to parse a signature blob as a -PGP packet format message. If it can, it will find an appropriate crypto key -and set the public-key algorithm according to the data in the signature. - -Signed-off-by: David Howells ---- - security/keys/crypto/Makefile | 1 + - security/keys/crypto/pgp_parser.h | 6 ++ - security/keys/crypto/pgp_public_key.c | 1 + - security/keys/crypto/pgp_sig_parser.c | 114 ++++++++++++++++++++++++++++++++++ - 4 files changed, 122 insertions(+) - create mode 100644 security/keys/crypto/pgp_sig_parser.c - -diff --git a/security/keys/crypto/Makefile b/security/keys/crypto/Makefile -index 0c8b8a1..a9a34c6 100644 ---- a/security/keys/crypto/Makefile -+++ b/security/keys/crypto/Makefile -@@ -12,4 +12,5 @@ obj-$(CONFIG_PGP_LIBRARY) += pgp_library.o - obj-$(CONFIG_CRYPTO_KEY_PGP_PARSER) += pgp_key_parser.o - pgp_key_parser-y := \ - pgp_public_key.o \ -+ pgp_sig_parser.o \ - pgp_sig_verify.o -diff --git a/security/keys/crypto/pgp_parser.h b/security/keys/crypto/pgp_parser.h -index a6192ce..73c900e 100644 ---- a/security/keys/crypto/pgp_parser.h -+++ b/security/keys/crypto/pgp_parser.h -@@ -23,6 +23,12 @@ extern const - struct public_key_algorithm *pgp_public_key_algorithms[PGP_PUBKEY__LAST]; - - /* -+ * pgp_sig_parser.c -+ */ -+extern struct crypto_key_verify_context *pgp_verify_sig_begin( -+ struct key *keyring, const u8 *sig, size_t siglen); -+ -+/* - * pgp_pubkey_sig.c - */ - extern struct crypto_key_verify_context *pgp_pkey_verify_sig_begin( -diff --git a/security/keys/crypto/pgp_public_key.c b/security/keys/crypto/pgp_public_key.c -index 8a8b7c0..5ab926d 100644 ---- a/security/keys/crypto/pgp_public_key.c -+++ b/security/keys/crypto/pgp_public_key.c -@@ -329,6 +329,7 @@ static struct crypto_key_parser pgp_key_parser = { - .owner = THIS_MODULE, - .name = "pgp", - .instantiate = pgp_key_instantiate, -+ .verify_sig_begin = pgp_verify_sig_begin, - }; - - /* -diff --git a/security/keys/crypto/pgp_sig_parser.c b/security/keys/crypto/pgp_sig_parser.c -new file mode 100644 -index 0000000..f5feb2b ---- /dev/null -+++ b/security/keys/crypto/pgp_sig_parser.c -@@ -0,0 +1,114 @@ -+/* Handling for PGP public key signature data [RFC 4880] -+ * -+ * Copyright (C) 2011 Red Hat, Inc. All Rights Reserved. -+ * Written by David Howells (dhowells@redhat.com) -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public Licence -+ * as published by the Free Software Foundation; either version -+ * 2 of the Licence, or (at your option) any later version. -+ */ -+ -+#define pr_fmt(fmt) "PGPSIG: "fmt -+#include -+#include -+#include -+#include -+#include "public_key.h" -+#include "pgp_parser.h" -+ -+struct PGP_sig_parse_context { -+ struct pgp_parse_context pgp; -+ struct pgp_sig_parameters params; -+ bool found_sig; -+}; -+ -+/* -+ * Look inside signature sections for a key ID -+ */ -+static int pgp_process_signature(struct pgp_parse_context *context, -+ enum pgp_packet_tag type, -+ u8 headerlen, -+ const u8 *data, -+ size_t datalen) -+{ -+ struct PGP_sig_parse_context *ctx = -+ container_of(context, struct PGP_sig_parse_context, pgp); -+ -+ ctx->found_sig = true; -+ return pgp_parse_sig_params(&data, &datalen, &ctx->params); -+} -+ -+/* -+ * Attempt to find a key to use for PGP signature verification, starting off by -+ * looking in the supplied keyring. -+ * -+ * The function may also look for other key sources such as a TPM. If an -+ * alternative key is found it can be added to the keyring for future -+ * reference. -+ */ -+static struct key *find_key_for_pgp_sig(struct key *keyring, -+ const u8 *sig, size_t siglen) -+{ -+ struct PGP_sig_parse_context p; -+ key_ref_t key; -+ char criterion[3 + 8 * 2 + 1]; -+ int ret; -+ -+ if (!keyring) -+ return ERR_PTR(-ENOKEY); -+ -+ /* Need to find the key ID */ -+ p.pgp.types_of_interest = (1 << PGP_PKT_SIGNATURE); -+ p.pgp.process_packet = pgp_process_signature; -+ p.found_sig = false; -+ ret = pgp_parse_packets(sig, siglen, &p.pgp); -+ if (ret < 0) -+ return ERR_PTR(ret); -+ -+ if (!p.found_sig) -+ return ERR_PTR(-ENOMSG); -+ -+ sprintf(criterion, "id:%08x%08x", -+ be32_to_cpu(p.params.issuer32[0]), -+ be32_to_cpu(p.params.issuer32[1])); -+ -+ pr_debug("Look up: %s\n", criterion); -+ -+ key = keyring_search(make_key_ref(keyring, 1), -+ &key_type_crypto, criterion); -+ if (IS_ERR(key)) { -+ switch (PTR_ERR(key)) { -+ /* Hide some search errors */ -+ case -EACCES: -+ case -ENOTDIR: -+ case -EAGAIN: -+ return ERR_PTR(-ENOKEY); -+ default: -+ return ERR_CAST(key); -+ } -+ } -+ -+ pr_debug("Found key %x\n", key_serial(key_ref_to_ptr(key))); -+ return key_ref_to_ptr(key); -+} -+ -+/* -+ * Attempt to parse a signature as a PGP packet format blob and find a -+ * matching key. -+ */ -+struct crypto_key_verify_context *pgp_verify_sig_begin( -+ struct key *keyring, const u8 *sig, size_t siglen) -+{ -+ struct crypto_key_verify_context *ctx; -+ struct key *key; -+ -+ key = find_key_for_pgp_sig(keyring, sig, siglen); -+ if (IS_ERR(key)) -+ return ERR_CAST(key); -+ -+ /* We only handle in-kernel public key signatures for the moment */ -+ ctx = pgp_pkey_verify_sig_begin(key, sig, siglen); -+ key_put(key); -+ return ctx; -+} --- -1.7.11.2 - - -From 68b4585107d4d014b4de3536c972c63f617c48f5 Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 14:11:21 +0100 -Subject: [PATCH 14/28] KEYS: Provide a function to load keys from a PGP - keyring blob - -Provide a function to load keys from a PGP keyring blob for use in initialising -the module signing key keyring: - - int load_PGP_keys(const u8 *pgpdata, size_t pgpdatalen, - struct key *keyring, const char *descprefix); - -The keys are labelled with descprefix plus a number to uniquify them. The keys -will actually be identified by the ID calculated from the PGP data rather than -by the description, so this shouldn't be a problem. - -The keys are attached to the keyring supplied. - -Looking as root in /proc/keys after the module signing keyring has been loaded: - -24460d1c I----- 1 perm 3f010000 0 0 crypto modsign.0: dsa 5acc2142 [] -3ca85723 I----- 1 perm 1f010000 0 0 keyring .module_sign: 1/4 - -Thanks to Tetsuo Handa for some pointing -out some errors. - -Signed-off-by: David Howells ---- - Documentation/security/keys-crypto.txt | 20 +++++++ - include/keys/crypto-type.h | 3 ++ - security/keys/crypto/Kconfig | 9 ++++ - security/keys/crypto/Makefile | 1 + - security/keys/crypto/pgp_preload.c | 96 ++++++++++++++++++++++++++++++++++ - 5 files changed, 129 insertions(+) - create mode 100644 security/keys/crypto/pgp_preload.c - -diff --git a/Documentation/security/keys-crypto.txt b/Documentation/security/keys-crypto.txt -index a964717..ba2ab55 100644 ---- a/Documentation/security/keys-crypto.txt -+++ b/Documentation/security/keys-crypto.txt -@@ -10,6 +10,7 @@ Contents: - - Signature verification. - - Implementing crypto parsers. - - Implementing crypto subtypes. -+ - Initial PGP key preloading. - - - ======== -@@ -280,3 +281,22 @@ There are a number of operations defined by the subtype: - Mandatory. This should free the memory associated with the key. The - crypto key will look after freeing the fingerprint and releasing the - reference on the subtype module. -+ -+ -+======================= -+INITIAL PGP KEY LOADING -+======================= -+ -+A function is provided to perform an initial load of a set of public keys bound -+into a PGP packet format blob: -+ -+ int preload_pgp_keys(const u8 *pgpdata, size_t pgpdatalen, -+ struct key *keyring, const char *descprefix); -+ -+This takes the blob of data defined by pgpdata and pgpdatalen, extracts keys -+from them and adds them to the specified keyring. The keys are labelled with -+descprefix plus a simple uniquifier - it is not expected that the description -+will be used to identify the key. The description is required to prevent all -+but the last key being discarded when the keys are linked into the keyring. -+ -+This function is only available during initial kernel set up. -diff --git a/include/keys/crypto-type.h b/include/keys/crypto-type.h -index 6b93366..710e77f 100644 ---- a/include/keys/crypto-type.h -+++ b/include/keys/crypto-type.h -@@ -31,4 +31,7 @@ extern void verify_sig_cancel(struct crypto_key_verify_context *ctx); - * The payload is at the discretion of the subtype. - */ - -+extern __init int preload_pgp_keys(const u8 *pgpdata, size_t pgpdatalen, -+ struct key *keyring, const char *descprefix); -+ - #endif /* _KEYS_CRYPTO_TYPE_H */ -diff --git a/security/keys/crypto/Kconfig b/security/keys/crypto/Kconfig -index 1c2ae55..8af0155 100644 ---- a/security/keys/crypto/Kconfig -+++ b/security/keys/crypto/Kconfig -@@ -40,3 +40,12 @@ config CRYPTO_KEY_PGP_PARSER - This option provides support for parsing PGP (RFC 4880) format blobs - for key data and provides the ability to instantiate a crypto key - from a public key packet found inside the blob. -+ -+config PGP_PRELOAD -+ bool "PGP public key preloading facility" -+ select PGP_LIBRARY -+ select CRYPTO_KEY_PGP_PARSER -+ help -+ This option provides a facility for the kernel to preload PGP-wrapped -+ bundles of keys during boot. It is used by module signing to load -+ the module signing keys for example. -diff --git a/security/keys/crypto/Makefile b/security/keys/crypto/Makefile -index a9a34c6..c873674 100644 ---- a/security/keys/crypto/Makefile -+++ b/security/keys/crypto/Makefile -@@ -8,6 +8,7 @@ crypto_keys-y := crypto_type.o crypto_verify.o - obj-$(CONFIG_CRYPTO_KEY_PUBLIC_KEY_SUBTYPE) += public_key.o - obj-$(CONFIG_CRYPTO_KEY_PKEY_ALGO_RSA) += crypto_rsa.o - obj-$(CONFIG_PGP_LIBRARY) += pgp_library.o -+obj-$(CONFIG_PGP_PRELOAD) += pgp_preload.o - - obj-$(CONFIG_CRYPTO_KEY_PGP_PARSER) += pgp_key_parser.o - pgp_key_parser-y := \ -diff --git a/security/keys/crypto/pgp_preload.c b/security/keys/crypto/pgp_preload.c -new file mode 100644 -index 0000000..9028788 ---- /dev/null -+++ b/security/keys/crypto/pgp_preload.c -@@ -0,0 +1,96 @@ -+/* Cryptographic key request handling -+ * -+ * Copyright (C) 2011 Red Hat, Inc. All Rights Reserved. -+ * Written by David Howells (dhowells@redhat.com) -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public Licence -+ * as published by the Free Software Foundation; either version -+ * 2 of the Licence, or (at your option) any later version. -+ * -+ * See Documentation/security/keys-crypto.txt -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include "crypto_keys.h" -+ -+struct preload_pgp_keys_context { -+ struct pgp_parse_context pgp; -+ key_ref_t keyring; -+ char descbuf[20]; -+ u8 key_n; -+ u8 dsize; -+}; -+ -+/* -+ * Extract a public key or subkey from the PGP stream. -+ */ -+static int __init found_pgp_key(struct pgp_parse_context *context, -+ enum pgp_packet_tag type, u8 headerlen, -+ const u8 *data, size_t datalen) -+{ -+ struct preload_pgp_keys_context *ctx = -+ container_of(context, struct preload_pgp_keys_context, pgp); -+ key_ref_t key; -+ -+ if (ctx->key_n >= 255) -+ return 0; /* Don't overrun descbuf */ -+ -+ sprintf(ctx->descbuf + ctx->dsize, "%d", ctx->key_n++); -+ -+ key = key_create_or_update(ctx->keyring, "crypto", ctx->descbuf, -+ data - headerlen, datalen + headerlen, -+ KEY_POS_ALL | KEY_USR_VIEW, -+ KEY_ALLOC_NOT_IN_QUOTA); -+ -+ if (IS_ERR(key)) -+ return PTR_ERR(key); -+ -+ pr_notice("Loaded %s key: %s\n", -+ key_ref_to_ptr(key)->description, -+ crypto_key_id(key_ref_to_ptr(key))); -+ -+ key_ref_put(key); -+ return 0; -+} -+ -+/** -+ * preload_pgp_keys - Load keys from a PGP keyring blob -+ * @pgpdata: The PGP keyring blob containing the keys. -+ * @pgpdatalen: The size of the @pgpdata blob. -+ * @keyring: The keyring to add the new keys to. -+ * @descprefix: The key description prefix. -+ * -+ * Preload a pack of keys from a PGP keyring blob. -+ * -+ * The keys are given description of @descprefix + the number of the key in the -+ * list. Since keys can be matched on their key IDs independently of the key -+ * description, the description is mostly irrelevant apart from the fact that -+ * keys of the same description displace one another from a keyring. -+ * -+ * The caller should override the current creds if they want the keys to be -+ * owned by someone other than the current process's owner. Keys will not be -+ * accounted towards the owner's quota. -+ * -+ * This function may only be called whilst the kernel is booting. -+ */ -+int __init preload_pgp_keys(const u8 *pgpdata, size_t pgpdatalen, -+ struct key *keyring, const char *descprefix) -+{ -+ struct preload_pgp_keys_context ctx; -+ -+ ctx.pgp.types_of_interest = -+ (1 << PGP_PKT_PUBLIC_KEY) | (1 << PGP_PKT_PUBLIC_SUBKEY); -+ ctx.pgp.process_packet = found_pgp_key; -+ ctx.keyring = make_key_ref(keyring, 1); -+ ctx.key_n = 0; -+ ctx.dsize = strlen(descprefix); -+ BUG_ON(ctx.dsize > sizeof(ctx.descbuf) - 4); -+ strcpy(ctx.descbuf, descprefix); -+ -+ return pgp_parse_packets(pgpdata, pgpdatalen, &ctx.pgp); -+} --- -1.7.11.2 - - -From c9455441e0482bb5eb0ea8f1e2cfbe2e7d630560 Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 14:13:56 +0100 -Subject: [PATCH 15/28] Make most arch asm/module.h files use - asm-generic/module.h - -Use the mapping of Elf_[SPE]hdr, Elf_Addr, Elf_Sym, Elf_Dyn, Elf_Rel/Rela, -ELF_R_TYPE() and ELF_R_SYM() to either the 32-bit version or the 64-bit version -into asm-generic/module.h for all arches bar MIPS. - -Also, use the generic definition mod_arch_specific where possible. - -To this end, I've defined three new config bools: - - (*) HAVE_MOD_ARCH_SPECIFIC - - Arches define this if they don't want to use the empty generic - mod_arch_specific struct. - - (*) MODULES_USE_ELF_RELA - - Arches define this if their modules can contain RELA records. This causes - the Elf_Rela mapping to be emitted and allows apply_relocate_add() to be - defined by the arch rather than have the core emit an error message. - - (*) MODULES_USE_ELF_REL - - Arches define this if their modules can contain REL records. This causes - the Elf_Rel mapping to be emitted and allows apply_relocate() to be - defined by the arch rather than have the core emit an error message. - -Note that it is possible to allow both REL and RELA records: m68k and mips are -two arches that do this. - -With this, some arch asm/module.h files can be deleted entirely and replaced -with a generic-y marker in the arch Kbuild file. - -Additionally, I have removed the bits from m32r and score that handle the -unsupported type of relocation record as that's now handled centrally. - -Signed-off-by: David Howells ---- - arch/Kconfig | 19 ++++++++++++++++++ - arch/alpha/Kconfig | 2 ++ - arch/alpha/include/asm/module.h | 10 ++-------- - arch/arm/Kconfig | 2 ++ - arch/arm/include/asm/module.h | 8 ++------ - arch/avr32/Kconfig | 2 ++ - arch/avr32/include/asm/module.h | 6 ++---- - arch/blackfin/Kconfig | 2 ++ - arch/blackfin/include/asm/module.h | 4 +--- - arch/c6x/Kconfig | 1 + - arch/c6x/include/asm/module.h | 12 +----------- - arch/cris/Kconfig | 1 + - arch/cris/include/asm/Kbuild | 2 ++ - arch/cris/include/asm/module.h | 9 --------- - arch/frv/include/asm/module.h | 8 +------- - arch/h8300/Kconfig | 1 + - arch/h8300/include/asm/Kbuild | 2 ++ - arch/h8300/include/asm/module.h | 11 ----------- - arch/hexagon/Kconfig | 1 + - arch/ia64/Kconfig | 2 ++ - arch/ia64/include/asm/module.h | 6 ++---- - arch/m32r/Kconfig | 1 + - arch/m32r/include/asm/Kbuild | 2 ++ - arch/m32r/include/asm/module.h | 10 ---------- - arch/m32r/kernel/module.c | 15 -------------- - arch/m68k/Kconfig | 4 ++++ - arch/m68k/include/asm/module.h | 6 ++---- - arch/microblaze/Kconfig | 1 + - arch/mips/Kconfig | 3 +++ - arch/mips/include/asm/module.h | 10 ++++++++-- - arch/mips/kernel/module.c | 2 ++ - arch/mn10300/Kconfig | 1 + - arch/mn10300/include/asm/module.h | 7 +------ - arch/openrisc/Kconfig | 1 + - arch/parisc/Kconfig | 2 ++ - arch/parisc/include/asm/module.h | 16 +++------------ - arch/powerpc/Kconfig | 2 ++ - arch/powerpc/include/asm/module.h | 7 +------ - arch/s390/Kconfig | 2 ++ - arch/s390/include/asm/module.h | 18 +++-------------- - arch/score/Kconfig | 2 ++ - arch/score/include/asm/module.h | 6 +----- - arch/score/kernel/module.c | 10 ---------- - arch/sh/Kconfig | 2 ++ - arch/sh/include/asm/module.h | 14 +++---------- - arch/sparc/Kconfig | 1 + - arch/sparc/include/asm/Kbuild | 1 + - arch/sparc/include/asm/module.h | 24 ----------------------- - arch/tile/Kconfig | 1 + - arch/unicore32/Kconfig | 1 + - arch/x86/Kconfig | 2 ++ - arch/xtensa/Kconfig | 1 + - arch/xtensa/include/asm/module.h | 9 +-------- - include/asm-generic/module.h | 40 +++++++++++++++++++++++++++++++------- - include/linux/moduleloader.h | 36 ++++++++++++++++++++++++++++++---- - kernel/module.c | 20 ------------------- - 56 files changed, 168 insertions(+), 223 deletions(-) - delete mode 100644 arch/cris/include/asm/module.h - delete mode 100644 arch/h8300/include/asm/module.h - delete mode 100644 arch/m32r/include/asm/module.h - delete mode 100644 arch/sparc/include/asm/module.h - -diff --git a/arch/Kconfig b/arch/Kconfig -index 72f2fa1..3450115 100644 ---- a/arch/Kconfig -+++ b/arch/Kconfig -@@ -281,4 +281,23 @@ config SECCOMP_FILTER - - See Documentation/prctl/seccomp_filter.txt for details. - -+config HAVE_MOD_ARCH_SPECIFIC -+ bool -+ help -+ The arch uses struct mod_arch_specific to store data. Many arches -+ just need a simple module loader without arch specific data - those -+ should not enable this. -+ -+config MODULES_USE_ELF_RELA -+ bool -+ help -+ Modules only use ELF RELA relocations. Modules with ELF REL -+ relocations will give an error. -+ -+config MODULES_USE_ELF_REL -+ bool -+ help -+ Modules only use ELF REL relocations. Modules with ELF RELA -+ relocations will give an error. -+ - source "kernel/gcov/Kconfig" -diff --git a/arch/alpha/Kconfig b/arch/alpha/Kconfig -index d5b9b5e..e73a1a7 100644 ---- a/arch/alpha/Kconfig -+++ b/arch/alpha/Kconfig -@@ -18,6 +18,8 @@ config ALPHA - select ARCH_HAVE_NMI_SAFE_CMPXCHG - select GENERIC_SMP_IDLE_THREAD - select GENERIC_CMOS_UPDATE -+ select HAVE_MOD_ARCH_SPECIFIC -+ select MODULES_USE_ELF_RELA - help - The Alpha is a 64-bit general-purpose processor designed and - marketed by the Digital Equipment Corporation of blessed memory, -diff --git a/arch/alpha/include/asm/module.h b/arch/alpha/include/asm/module.h -index 7b63743..9cd13b5 100644 ---- a/arch/alpha/include/asm/module.h -+++ b/arch/alpha/include/asm/module.h -@@ -1,19 +1,13 @@ - #ifndef _ALPHA_MODULE_H - #define _ALPHA_MODULE_H - -+#include -+ - struct mod_arch_specific - { - unsigned int gotsecindex; - }; - --#define Elf_Sym Elf64_Sym --#define Elf_Shdr Elf64_Shdr --#define Elf_Ehdr Elf64_Ehdr --#define Elf_Phdr Elf64_Phdr --#define Elf_Dyn Elf64_Dyn --#define Elf_Rel Elf64_Rel --#define Elf_Rela Elf64_Rela -- - #define ARCH_SHF_SMALL SHF_ALPHA_GPREL - - #ifdef MODULE -diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig -index 7980873..f447a89 100644 ---- a/arch/arm/Kconfig -+++ b/arch/arm/Kconfig -@@ -50,6 +50,8 @@ config ARM - select GENERIC_STRNCPY_FROM_USER - select GENERIC_STRNLEN_USER - select DCACHE_WORD_ACCESS if (CPU_V6 || CPU_V6K || CPU_V7) && !CPU_BIG_ENDIAN -+ select HAVE_MOD_ARCH_SPECIFIC if ARM_UNWIND -+ select MODULES_USE_ELF_REL - help - The ARM series is a line of low-power-consumption RISC chip designs - licensed by ARM Ltd and targeted at embedded applications and -diff --git a/arch/arm/include/asm/module.h b/arch/arm/include/asm/module.h -index 6c6809f..0d3a28d 100644 ---- a/arch/arm/include/asm/module.h -+++ b/arch/arm/include/asm/module.h -@@ -1,9 +1,7 @@ - #ifndef _ASM_ARM_MODULE_H - #define _ASM_ARM_MODULE_H - --#define Elf_Shdr Elf32_Shdr --#define Elf_Sym Elf32_Sym --#define Elf_Ehdr Elf32_Ehdr -+#include - - struct unwind_table; - -@@ -16,13 +14,11 @@ enum { - ARM_SEC_DEVEXIT, - ARM_SEC_MAX, - }; --#endif - - struct mod_arch_specific { --#ifdef CONFIG_ARM_UNWIND - struct unwind_table *unwind[ARM_SEC_MAX]; --#endif - }; -+#endif - - /* - * Add the ARM architecture version to the version magic string -diff --git a/arch/avr32/Kconfig b/arch/avr32/Kconfig -index 5ade51c..06e73bf 100644 ---- a/arch/avr32/Kconfig -+++ b/arch/avr32/Kconfig -@@ -15,6 +15,8 @@ config AVR32 - select ARCH_WANT_IPC_PARSE_VERSION - select ARCH_HAVE_NMI_SAFE_CMPXCHG - select GENERIC_CLOCKEVENTS -+ select HAVE_MOD_ARCH_SPECIFIC -+ select MODULES_USE_ELF_RELA - help - AVR32 is a high-performance 32-bit RISC microprocessor core, - designed for cost-sensitive embedded applications, with particular -diff --git a/arch/avr32/include/asm/module.h b/arch/avr32/include/asm/module.h -index 4514445..3f083d3 100644 ---- a/arch/avr32/include/asm/module.h -+++ b/arch/avr32/include/asm/module.h -@@ -1,6 +1,8 @@ - #ifndef __ASM_AVR32_MODULE_H - #define __ASM_AVR32_MODULE_H - -+#include -+ - struct mod_arch_syminfo { - unsigned long got_offset; - int got_initialized; -@@ -17,10 +19,6 @@ struct mod_arch_specific { - struct mod_arch_syminfo *syminfo; - }; - --#define Elf_Shdr Elf32_Shdr --#define Elf_Sym Elf32_Sym --#define Elf_Ehdr Elf32_Ehdr -- - #define MODULE_PROC_FAMILY "AVR32v1" - - #define MODULE_ARCH_VERMAGIC MODULE_PROC_FAMILY -diff --git a/arch/blackfin/Kconfig b/arch/blackfin/Kconfig -index f348619..a48d8be 100644 ---- a/arch/blackfin/Kconfig -+++ b/arch/blackfin/Kconfig -@@ -41,6 +41,8 @@ config BLACKFIN - select HAVE_NMI_WATCHDOG if NMI_WATCHDOG - select GENERIC_SMP_IDLE_THREAD - select ARCH_USES_GETTIMEOFFSET if !GENERIC_CLOCKEVENTS -+ select HAVE_MOD_ARCH_SPECIFIC -+ select MODULES_USE_ELF_RELA - - config GENERIC_CSUM - def_bool y -diff --git a/arch/blackfin/include/asm/module.h b/arch/blackfin/include/asm/module.h -index ed5689b..231a149 100644 ---- a/arch/blackfin/include/asm/module.h -+++ b/arch/blackfin/include/asm/module.h -@@ -7,9 +7,7 @@ - #ifndef _ASM_BFIN_MODULE_H - #define _ASM_BFIN_MODULE_H - --#define Elf_Shdr Elf32_Shdr --#define Elf_Sym Elf32_Sym --#define Elf_Ehdr Elf32_Ehdr -+#include - - struct mod_arch_specific { - Elf_Shdr *text_l1; -diff --git a/arch/c6x/Kconfig b/arch/c6x/Kconfig -index 052f81a..8f3a304 100644 ---- a/arch/c6x/Kconfig -+++ b/arch/c6x/Kconfig -@@ -16,6 +16,7 @@ config C6X - select OF - select OF_EARLY_FLATTREE - select GENERIC_CLOCKEVENTS -+ select MODULES_USE_ELF_RELA - - config MMU - def_bool n -diff --git a/arch/c6x/include/asm/module.h b/arch/c6x/include/asm/module.h -index a453f97..5c7269c 100644 ---- a/arch/c6x/include/asm/module.h -+++ b/arch/c6x/include/asm/module.h -@@ -13,17 +13,7 @@ - #ifndef _ASM_C6X_MODULE_H - #define _ASM_C6X_MODULE_H - --#define Elf_Shdr Elf32_Shdr --#define Elf_Sym Elf32_Sym --#define Elf_Ehdr Elf32_Ehdr --#define Elf_Addr Elf32_Addr --#define Elf_Word Elf32_Word -- --/* -- * This file contains the C6x architecture specific module code. -- */ --struct mod_arch_specific { --}; -+#include - - struct loaded_sections { - unsigned int new_vaddr; -diff --git a/arch/cris/Kconfig b/arch/cris/Kconfig -index e922154..7bb8cf9 100644 ---- a/arch/cris/Kconfig -+++ b/arch/cris/Kconfig -@@ -47,6 +47,7 @@ config CRIS - select GENERIC_IOMAP - select GENERIC_SMP_IDLE_THREAD if ETRAX_ARCH_V32 - select GENERIC_CMOS_UPDATE -+ select MODULES_USE_ELF_RELA - - config HZ - int -diff --git a/arch/cris/include/asm/Kbuild b/arch/cris/include/asm/Kbuild -index 04d02a5..28b690d 100644 ---- a/arch/cris/include/asm/Kbuild -+++ b/arch/cris/include/asm/Kbuild -@@ -7,3 +7,5 @@ header-y += ethernet.h - header-y += etraxgpio.h - header-y += rs485.h - header-y += sync_serial.h -+ -+generic-y += module.h -diff --git a/arch/cris/include/asm/module.h b/arch/cris/include/asm/module.h -deleted file mode 100644 -index 7ee7231..0000000 ---- a/arch/cris/include/asm/module.h -+++ /dev/null -@@ -1,9 +0,0 @@ --#ifndef _ASM_CRIS_MODULE_H --#define _ASM_CRIS_MODULE_H --/* cris is simple */ --struct mod_arch_specific { }; -- --#define Elf_Shdr Elf32_Shdr --#define Elf_Sym Elf32_Sym --#define Elf_Ehdr Elf32_Ehdr --#endif /* _ASM_CRIS_MODULE_H */ -diff --git a/arch/frv/include/asm/module.h b/arch/frv/include/asm/module.h -index 3d5c636..a8848f0 100644 ---- a/arch/frv/include/asm/module.h -+++ b/arch/frv/include/asm/module.h -@@ -11,13 +11,7 @@ - #ifndef _ASM_MODULE_H - #define _ASM_MODULE_H - --struct mod_arch_specific --{ --}; -- --#define Elf_Shdr Elf32_Shdr --#define Elf_Sym Elf32_Sym --#define Elf_Ehdr Elf32_Ehdr -+#include - - /* - * Include the architecture version. -diff --git a/arch/h8300/Kconfig b/arch/h8300/Kconfig -index 5e8a0d9..c149d3b29 100644 ---- a/arch/h8300/Kconfig -+++ b/arch/h8300/Kconfig -@@ -6,6 +6,7 @@ config H8300 - select ARCH_WANT_IPC_PARSE_VERSION - select GENERIC_IRQ_SHOW - select GENERIC_CPU_DEVICES -+ select MODULES_USE_ELF_RELA - - config SYMBOL_PREFIX - string -diff --git a/arch/h8300/include/asm/Kbuild b/arch/h8300/include/asm/Kbuild -index c68e168..871382d 100644 ---- a/arch/h8300/include/asm/Kbuild -+++ b/arch/h8300/include/asm/Kbuild -@@ -1 +1,3 @@ - include include/asm-generic/Kbuild.asm -+ -+generic-y += module.h -diff --git a/arch/h8300/include/asm/module.h b/arch/h8300/include/asm/module.h -deleted file mode 100644 -index 8e46724..0000000 ---- a/arch/h8300/include/asm/module.h -+++ /dev/null -@@ -1,11 +0,0 @@ --#ifndef _ASM_H8300_MODULE_H --#define _ASM_H8300_MODULE_H --/* -- * This file contains the H8/300 architecture specific module code. -- */ --struct mod_arch_specific { }; --#define Elf_Shdr Elf32_Shdr --#define Elf_Sym Elf32_Sym --#define Elf_Ehdr Elf32_Ehdr -- --#endif /* _ASM_H8/300_MODULE_H */ -diff --git a/arch/hexagon/Kconfig b/arch/hexagon/Kconfig -index b2fdfb7..0744f7d 100644 ---- a/arch/hexagon/Kconfig -+++ b/arch/hexagon/Kconfig -@@ -30,6 +30,7 @@ config HEXAGON - select KTIME_SCALAR - select GENERIC_CLOCKEVENTS - select GENERIC_CLOCKEVENTS_BROADCAST -+ select MODULES_USE_ELF_RELA - ---help--- - Qualcomm Hexagon is a processor architecture designed for high - performance and low power across a wide variety of applications. -diff --git a/arch/ia64/Kconfig b/arch/ia64/Kconfig -index 310cf57..6881464 100644 ---- a/arch/ia64/Kconfig -+++ b/arch/ia64/Kconfig -@@ -39,6 +39,8 @@ config IA64 - select ARCH_THREAD_INFO_ALLOCATOR - select ARCH_CLOCKSOURCE_DATA - select GENERIC_TIME_VSYSCALL -+ select HAVE_MOD_ARCH_SPECIFIC -+ select MODULES_USE_ELF_RELA - default y - help - The Itanium Processor Family is Intel's 64-bit successor to -diff --git a/arch/ia64/include/asm/module.h b/arch/ia64/include/asm/module.h -index 908eaef..dfba22a 100644 ---- a/arch/ia64/include/asm/module.h -+++ b/arch/ia64/include/asm/module.h -@@ -1,6 +1,8 @@ - #ifndef _ASM_IA64_MODULE_H - #define _ASM_IA64_MODULE_H - -+#include -+ - /* - * IA-64-specific support for kernel module loader. - * -@@ -29,10 +31,6 @@ struct mod_arch_specific { - unsigned int next_got_entry; /* index of next available got entry */ - }; - --#define Elf_Shdr Elf64_Shdr --#define Elf_Sym Elf64_Sym --#define Elf_Ehdr Elf64_Ehdr -- - #define MODULE_PROC_FAMILY "ia64" - #define MODULE_ARCH_VERMAGIC MODULE_PROC_FAMILY \ - "gcc-" __stringify(__GNUC__) "." __stringify(__GNUC_MINOR__) -diff --git a/arch/m32r/Kconfig b/arch/m32r/Kconfig -index 49498bb..fc61533 100644 ---- a/arch/m32r/Kconfig -+++ b/arch/m32r/Kconfig -@@ -13,6 +13,7 @@ config M32R - select GENERIC_IRQ_SHOW - select GENERIC_ATOMIC64 - select ARCH_USES_GETTIMEOFFSET -+ select MODULES_USE_ELF_RELA - - config SBUS - bool -diff --git a/arch/m32r/include/asm/Kbuild b/arch/m32r/include/asm/Kbuild -index c68e168..871382d 100644 ---- a/arch/m32r/include/asm/Kbuild -+++ b/arch/m32r/include/asm/Kbuild -@@ -1 +1,3 @@ - include include/asm-generic/Kbuild.asm -+ -+generic-y += module.h -diff --git a/arch/m32r/include/asm/module.h b/arch/m32r/include/asm/module.h -deleted file mode 100644 -index eb73ee0..0000000 ---- a/arch/m32r/include/asm/module.h -+++ /dev/null -@@ -1,10 +0,0 @@ --#ifndef _ASM_M32R_MODULE_H --#define _ASM_M32R_MODULE_H -- --struct mod_arch_specific { }; -- --#define Elf_Shdr Elf32_Shdr --#define Elf_Sym Elf32_Sym --#define Elf_Ehdr Elf32_Ehdr -- --#endif /* _ASM_M32R_MODULE_H */ -diff --git a/arch/m32r/kernel/module.c b/arch/m32r/kernel/module.c -index 3071fe8..38233b6 100644 ---- a/arch/m32r/kernel/module.c -+++ b/arch/m32r/kernel/module.c -@@ -201,18 +201,3 @@ int apply_relocate_add(Elf32_Shdr *sechdrs, - } - return 0; - } -- --int apply_relocate(Elf32_Shdr *sechdrs, -- const char *strtab, -- unsigned int symindex, -- unsigned int relsec, -- struct module *me) --{ --#if 0 -- printk(KERN_ERR "module %s: REL RELOCATION unsupported\n", -- me->name); -- return -ENOEXEC; --#endif -- return 0; -- --} -diff --git a/arch/m68k/Kconfig b/arch/m68k/Kconfig -index 0b0f8b8..fcc5a65 100644 ---- a/arch/m68k/Kconfig -+++ b/arch/m68k/Kconfig -@@ -12,6 +12,10 @@ config M68K - select FPU if MMU - select ARCH_WANT_IPC_PARSE_VERSION - select ARCH_USES_GETTIMEOFFSET if MMU && !COLDFIRE -+ select HAVE_MOD_ARCH_SPECIFIC -+ select MODULES_USE_ELF_REL -+ select MODULES_USE_ELF_RELA -+ - - config RWSEM_GENERIC_SPINLOCK - bool -diff --git a/arch/m68k/include/asm/module.h b/arch/m68k/include/asm/module.h -index edffe66..8b58fce 100644 ---- a/arch/m68k/include/asm/module.h -+++ b/arch/m68k/include/asm/module.h -@@ -1,6 +1,8 @@ - #ifndef _ASM_M68K_MODULE_H - #define _ASM_M68K_MODULE_H - -+#include -+ - enum m68k_fixup_type { - m68k_fixup_memoffset, - m68k_fixup_vnode_shift, -@@ -36,8 +38,4 @@ struct module; - extern void module_fixup(struct module *mod, struct m68k_fixup_info *start, - struct m68k_fixup_info *end); - --#define Elf_Shdr Elf32_Shdr --#define Elf_Sym Elf32_Sym --#define Elf_Ehdr Elf32_Ehdr -- - #endif /* _ASM_M68K_MODULE_H */ -diff --git a/arch/microblaze/Kconfig b/arch/microblaze/Kconfig -index ab9afca..b4f409f 100644 ---- a/arch/microblaze/Kconfig -+++ b/arch/microblaze/Kconfig -@@ -24,6 +24,7 @@ config MICROBLAZE - select GENERIC_CPU_DEVICES - select GENERIC_ATOMIC64 - select GENERIC_CLOCKEVENTS -+ select MODULES_USE_ELF_RELA - - config SWAP - def_bool n -diff --git a/arch/mips/Kconfig b/arch/mips/Kconfig -index 331d574..5ff52db 100644 ---- a/arch/mips/Kconfig -+++ b/arch/mips/Kconfig -@@ -36,6 +36,9 @@ config MIPS - select BUILDTIME_EXTABLE_SORT - select GENERIC_CLOCKEVENTS - select GENERIC_CMOS_UPDATE -+ select HAVE_MOD_ARCH_SPECIFIC -+ select MODULES_USE_ELF_REL -+ select MODULES_USE_ELF_RELA if 64BIT - - menu "Machine selection" - -diff --git a/arch/mips/include/asm/module.h b/arch/mips/include/asm/module.h -index 7531ecd..c93b62b 100644 ---- a/arch/mips/include/asm/module.h -+++ b/arch/mips/include/asm/module.h -@@ -34,11 +34,14 @@ typedef struct { - } Elf64_Mips_Rela; - - #ifdef CONFIG_32BIT -- - #define Elf_Shdr Elf32_Shdr - #define Elf_Sym Elf32_Sym - #define Elf_Ehdr Elf32_Ehdr - #define Elf_Addr Elf32_Addr -+#define Elf_Rel Elf32_Rel -+#define Elf_Rela Elf32_Rela -+#define ELF_R_TYPE(X) ELF32_R_TYPE(X) -+#define ELF_R_SYM(X) ELF32_R_SYM(X) - - #define Elf_Mips_Rel Elf32_Rel - #define Elf_Mips_Rela Elf32_Rela -@@ -49,11 +52,14 @@ typedef struct { - #endif - - #ifdef CONFIG_64BIT -- - #define Elf_Shdr Elf64_Shdr - #define Elf_Sym Elf64_Sym - #define Elf_Ehdr Elf64_Ehdr - #define Elf_Addr Elf64_Addr -+#define Elf_Rel Elf64_Rel -+#define Elf_Rela Elf64_Rela -+#define ELF_R_TYPE(X) ELF64_R_TYPE(X) -+#define ELF_R_SYM(X) ELF64_R_SYM(X) - - #define Elf_Mips_Rel Elf64_Mips_Rel - #define Elf_Mips_Rela Elf64_Mips_Rela -diff --git a/arch/mips/kernel/module.c b/arch/mips/kernel/module.c -index a5066b1..1500c80 100644 ---- a/arch/mips/kernel/module.c -+++ b/arch/mips/kernel/module.c -@@ -299,6 +299,7 @@ int apply_relocate(Elf_Shdr *sechdrs, const char *strtab, - return 0; - } - -+#ifdef CONFIG_MODULES_USE_ELF_RELA - int apply_relocate_add(Elf_Shdr *sechdrs, const char *strtab, - unsigned int symindex, unsigned int relsec, - struct module *me) -@@ -338,6 +339,7 @@ int apply_relocate_add(Elf_Shdr *sechdrs, const char *strtab, - - return 0; - } -+#endif - - /* Given an address, look for it in the module exception tables. */ - const struct exception_table_entry *search_module_dbetables(unsigned long addr) -diff --git a/arch/mn10300/Kconfig b/arch/mn10300/Kconfig -index 5cfb086..aa03f2e 100644 ---- a/arch/mn10300/Kconfig -+++ b/arch/mn10300/Kconfig -@@ -8,6 +8,7 @@ config MN10300 - select HAVE_ARCH_KGDB - select HAVE_NMI_WATCHDOG if MN10300_WD_TIMER - select GENERIC_CLOCKEVENTS -+ select MODULES_USE_ELF_RELA - - config AM33_2 - def_bool n -diff --git a/arch/mn10300/include/asm/module.h b/arch/mn10300/include/asm/module.h -index 5d7057d..6571103 100644 ---- a/arch/mn10300/include/asm/module.h -+++ b/arch/mn10300/include/asm/module.h -@@ -12,12 +12,7 @@ - #ifndef _ASM_MODULE_H - #define _ASM_MODULE_H - --struct mod_arch_specific { --}; -- --#define Elf_Shdr Elf32_Shdr --#define Elf_Sym Elf32_Sym --#define Elf_Ehdr Elf32_Ehdr -+#include - - /* - * Include the MN10300 architecture version. -diff --git a/arch/openrisc/Kconfig b/arch/openrisc/Kconfig -index 49765b5..05f2ba4 100644 ---- a/arch/openrisc/Kconfig -+++ b/arch/openrisc/Kconfig -@@ -21,6 +21,7 @@ config OPENRISC - select GENERIC_CLOCKEVENTS - select GENERIC_STRNCPY_FROM_USER - select GENERIC_STRNLEN_USER -+ select MODULES_USE_ELF_RELA - - config MMU - def_bool y -diff --git a/arch/parisc/Kconfig b/arch/parisc/Kconfig -index 3ff21b5..166d991 100644 ---- a/arch/parisc/Kconfig -+++ b/arch/parisc/Kconfig -@@ -19,6 +19,8 @@ config PARISC - select ARCH_HAVE_NMI_SAFE_CMPXCHG - select GENERIC_SMP_IDLE_THREAD - select GENERIC_STRNCPY_FROM_USER -+ select HAVE_MOD_ARCH_SPECIFIC -+ select MODULES_USE_ELF_RELA - - help - The PA-RISC microprocessor is designed by Hewlett-Packard and used -diff --git a/arch/parisc/include/asm/module.h b/arch/parisc/include/asm/module.h -index 1f41234..bab37e9 100644 ---- a/arch/parisc/include/asm/module.h -+++ b/arch/parisc/include/asm/module.h -@@ -1,21 +1,11 @@ - #ifndef _ASM_PARISC_MODULE_H - #define _ASM_PARISC_MODULE_H -+ -+#include -+ - /* - * This file contains the parisc architecture specific module code. - */ --#ifdef CONFIG_64BIT --#define Elf_Shdr Elf64_Shdr --#define Elf_Sym Elf64_Sym --#define Elf_Ehdr Elf64_Ehdr --#define Elf_Addr Elf64_Addr --#define Elf_Rela Elf64_Rela --#else --#define Elf_Shdr Elf32_Shdr --#define Elf_Sym Elf32_Sym --#define Elf_Ehdr Elf32_Ehdr --#define Elf_Addr Elf32_Addr --#define Elf_Rela Elf32_Rela --#endif - - struct unwind_table; - -diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig -index 352f416..74f8478 100644 ---- a/arch/powerpc/Kconfig -+++ b/arch/powerpc/Kconfig -@@ -139,6 +139,8 @@ config PPC - select GENERIC_CLOCKEVENTS - select GENERIC_STRNCPY_FROM_USER - select GENERIC_STRNLEN_USER -+ select HAVE_MOD_ARCH_SPECIFIC -+ select MODULES_USE_ELF_RELA - - config EARLY_PRINTK - bool -diff --git a/arch/powerpc/include/asm/module.h b/arch/powerpc/include/asm/module.h -index 0192a4e..c1df590 100644 ---- a/arch/powerpc/include/asm/module.h -+++ b/arch/powerpc/include/asm/module.h -@@ -11,6 +11,7 @@ - - #include - #include -+#include - - - #ifndef __powerpc64__ -@@ -60,16 +61,10 @@ struct mod_arch_specific { - */ - - #ifdef __powerpc64__ --# define Elf_Shdr Elf64_Shdr --# define Elf_Sym Elf64_Sym --# define Elf_Ehdr Elf64_Ehdr - # ifdef MODULE - asm(".section .stubs,\"ax\",@nobits; .align 3; .previous"); - # endif - #else --# define Elf_Shdr Elf32_Shdr --# define Elf_Sym Elf32_Sym --# define Elf_Ehdr Elf32_Ehdr - # ifdef MODULE - asm(".section .plt,\"ax\",@nobits; .align 3; .previous"); - asm(".section .init.plt,\"ax\",@nobits; .align 3; .previous"); -diff --git a/arch/s390/Kconfig b/arch/s390/Kconfig -index 107610e..c76a052 100644 ---- a/arch/s390/Kconfig -+++ b/arch/s390/Kconfig -@@ -125,6 +125,8 @@ config S390 - select GENERIC_CLOCKEVENTS - select KTIME_SCALAR if 32BIT - select HAVE_ARCH_SECCOMP_FILTER -+ select HAVE_MOD_ARCH_SPECIFIC -+ select MODULES_USE_ELF_RELA - - config SCHED_OMIT_FRAME_POINTER - def_bool y -diff --git a/arch/s390/include/asm/module.h b/arch/s390/include/asm/module.h -index f0b6b26..df1f861 100644 ---- a/arch/s390/include/asm/module.h -+++ b/arch/s390/include/asm/module.h -@@ -1,5 +1,8 @@ - #ifndef _ASM_S390_MODULE_H - #define _ASM_S390_MODULE_H -+ -+#include -+ - /* - * This file contains the s390 architecture specific module code. - */ -@@ -28,19 +31,4 @@ struct mod_arch_specific - struct mod_arch_syminfo *syminfo; - }; - --#ifdef CONFIG_64BIT --#define ElfW(x) Elf64_ ## x --#define ELFW(x) ELF64_ ## x --#else --#define ElfW(x) Elf32_ ## x --#define ELFW(x) ELF32_ ## x --#endif -- --#define Elf_Addr ElfW(Addr) --#define Elf_Rela ElfW(Rela) --#define Elf_Shdr ElfW(Shdr) --#define Elf_Sym ElfW(Sym) --#define Elf_Ehdr ElfW(Ehdr) --#define ELF_R_SYM ELFW(R_SYM) --#define ELF_R_TYPE ELFW(R_TYPE) - #endif /* _ASM_S390_MODULE_H */ -diff --git a/arch/score/Kconfig b/arch/score/Kconfig -index ba0f412..e2c8db4 100644 ---- a/arch/score/Kconfig -+++ b/arch/score/Kconfig -@@ -10,6 +10,8 @@ config SCORE - select ARCH_DISCARD_MEMBLOCK - select GENERIC_CPU_DEVICES - select GENERIC_CLOCKEVENTS -+ select HAVE_MOD_ARCH_SPECIFIC -+ select MODULES_USE_ELF_REL - - choice - prompt "System type" -diff --git a/arch/score/include/asm/module.h b/arch/score/include/asm/module.h -index f0b5dc0..abf395b 100644 ---- a/arch/score/include/asm/module.h -+++ b/arch/score/include/asm/module.h -@@ -3,6 +3,7 @@ - - #include - #include -+#include - - struct mod_arch_specific { - /* Data Bus Error exception tables */ -@@ -13,11 +14,6 @@ struct mod_arch_specific { - - typedef uint8_t Elf64_Byte; /* Type for a 8-bit quantity. */ - --#define Elf_Shdr Elf32_Shdr --#define Elf_Sym Elf32_Sym --#define Elf_Ehdr Elf32_Ehdr --#define Elf_Addr Elf32_Addr -- - /* Given an address, look for it in the exception tables. */ - #ifdef CONFIG_MODULES - const struct exception_table_entry *search_module_dbetables(unsigned long addr); -diff --git a/arch/score/kernel/module.c b/arch/score/kernel/module.c -index 469e3b6..1378d99 100644 ---- a/arch/score/kernel/module.c -+++ b/arch/score/kernel/module.c -@@ -125,16 +125,6 @@ int apply_relocate(Elf_Shdr *sechdrs, const char *strtab, - return 0; - } - --int apply_relocate_add(Elf_Shdr *sechdrs, const char *strtab, -- unsigned int symindex, unsigned int relsec, -- struct module *me) --{ -- /* Non-standard return value... most other arch's return -ENOEXEC -- * for an unsupported relocation variant -- */ -- return 0; --} -- - /* Given an address, look for it in the module exception tables. */ - const struct exception_table_entry *search_module_dbetables(unsigned long addr) - { -diff --git a/arch/sh/Kconfig b/arch/sh/Kconfig -index 36f5141..656329a 100644 ---- a/arch/sh/Kconfig -+++ b/arch/sh/Kconfig -@@ -35,6 +35,8 @@ config SUPERH - select GENERIC_CMOS_UPDATE if SH_SH03 || SH_DREAMCAST - select GENERIC_STRNCPY_FROM_USER - select GENERIC_STRNLEN_USER -+ select HAVE_MOD_ARCH_SPECIFIC if DWARF_UNWINDER -+ select MODULES_USE_ELF_RELA - help - The SuperH is a RISC processor targeted for use in embedded systems - and consumer electronics; it was also used in the Sega Dreamcast -diff --git a/arch/sh/include/asm/module.h b/arch/sh/include/asm/module.h -index b7927de..81300d8b 100644 ---- a/arch/sh/include/asm/module.h -+++ b/arch/sh/include/asm/module.h -@@ -1,21 +1,13 @@ - #ifndef _ASM_SH_MODULE_H - #define _ASM_SH_MODULE_H - --struct mod_arch_specific { -+#include -+ - #ifdef CONFIG_DWARF_UNWINDER -+struct mod_arch_specific { - struct list_head fde_list; - struct list_head cie_list; --#endif - }; -- --#ifdef CONFIG_64BIT --#define Elf_Shdr Elf64_Shdr --#define Elf_Sym Elf64_Sym --#define Elf_Ehdr Elf64_Ehdr --#else --#define Elf_Shdr Elf32_Shdr --#define Elf_Sym Elf32_Sym --#define Elf_Ehdr Elf32_Ehdr - #endif - - #ifdef CONFIG_CPU_LITTLE_ENDIAN -diff --git a/arch/sparc/Kconfig b/arch/sparc/Kconfig -index 67f1f6f..a244e70 100644 ---- a/arch/sparc/Kconfig -+++ b/arch/sparc/Kconfig -@@ -37,6 +37,7 @@ config SPARC - select GENERIC_CLOCKEVENTS - select GENERIC_STRNCPY_FROM_USER - select GENERIC_STRNLEN_USER -+ select MODULES_USE_ELF_RELA - - config SPARC32 - def_bool !64BIT -diff --git a/arch/sparc/include/asm/Kbuild b/arch/sparc/include/asm/Kbuild -index 67f83e0..fbe1cb5 100644 ---- a/arch/sparc/include/asm/Kbuild -+++ b/arch/sparc/include/asm/Kbuild -@@ -21,4 +21,5 @@ generic-y += div64.h - generic-y += local64.h - generic-y += irq_regs.h - generic-y += local.h -+generic-y += module.h - generic-y += word-at-a-time.h -diff --git a/arch/sparc/include/asm/module.h b/arch/sparc/include/asm/module.h -deleted file mode 100644 -index ff8e02d..0000000 ---- a/arch/sparc/include/asm/module.h -+++ /dev/null -@@ -1,24 +0,0 @@ --#ifndef __SPARC_MODULE_H --#define __SPARC_MODULE_H --struct mod_arch_specific { }; -- --/* -- * Use some preprocessor magic to define the correct symbol -- * for sparc32 and sparc64. -- * Elf_Addr becomes Elf32_Addr for sparc32 and Elf64_Addr for sparc64 -- */ --#define ___ELF(a, b, c) a##b##c --#define __ELF(a, b, c) ___ELF(a, b, c) --#define _Elf(t) __ELF(Elf, CONFIG_BITS, t) --#define _ELF(t) __ELF(ELF, CONFIG_BITS, t) -- --#define Elf_Shdr _Elf(_Shdr) --#define Elf_Sym _Elf(_Sym) --#define Elf_Ehdr _Elf(_Ehdr) --#define Elf_Rela _Elf(_Rela) --#define Elf_Addr _Elf(_Addr) -- --#define ELF_R_SYM _ELF(_R_SYM) --#define ELF_R_TYPE _ELF(_R_TYPE) -- --#endif /* __SPARC_MODULE_H */ -diff --git a/arch/tile/Kconfig b/arch/tile/Kconfig -index 932e443..1603f30 100644 ---- a/arch/tile/Kconfig -+++ b/arch/tile/Kconfig -@@ -17,6 +17,7 @@ config TILE - select SYS_HYPERVISOR - select ARCH_HAVE_NMI_SAFE_CMPXCHG - select GENERIC_CLOCKEVENTS -+ select MODULES_USE_ELF_RELA - - # FIXME: investigate whether we need/want these options. - # select HAVE_IOREMAP_PROT -diff --git a/arch/unicore32/Kconfig b/arch/unicore32/Kconfig -index b0a4743..5ef0814 100644 ---- a/arch/unicore32/Kconfig -+++ b/arch/unicore32/Kconfig -@@ -14,6 +14,7 @@ config UNICORE32 - select GENERIC_IRQ_SHOW - select ARCH_WANT_FRAME_POINTERS - select GENERIC_IOMAP -+ select MODULES_USE_ELF_REL - help - UniCore-32 is 32-bit Instruction Set Architecture, - including a series of low-power-consumption RISC chip -diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig -index ba2657c..afea8c7 100644 ---- a/arch/x86/Kconfig -+++ b/arch/x86/Kconfig -@@ -97,6 +97,8 @@ config X86 - select KTIME_SCALAR if X86_32 - select GENERIC_STRNCPY_FROM_USER - select GENERIC_STRNLEN_USER -+ select MODULES_USE_ELF_REL if X86_32 -+ select MODULES_USE_ELF_RELA if X86_64 - - config INSTRUCTION_DECODER - def_bool (KPROBES || PERF_EVENTS || UPROBES) -diff --git a/arch/xtensa/Kconfig b/arch/xtensa/Kconfig -index 8ed64cf..4816e44 100644 ---- a/arch/xtensa/Kconfig -+++ b/arch/xtensa/Kconfig -@@ -11,6 +11,7 @@ config XTENSA - select HAVE_GENERIC_HARDIRQS - select GENERIC_IRQ_SHOW - select GENERIC_CPU_DEVICES -+ select MODULES_USE_ELF_RELA - help - Xtensa processors are 32-bit RISC machines designed by Tensilica - primarily for embedded systems. These processors are both -diff --git a/arch/xtensa/include/asm/module.h b/arch/xtensa/include/asm/module.h -index d9b34be..488b40c 100644 ---- a/arch/xtensa/include/asm/module.h -+++ b/arch/xtensa/include/asm/module.h -@@ -13,15 +13,8 @@ - #ifndef _XTENSA_MODULE_H - #define _XTENSA_MODULE_H - --struct mod_arch_specific --{ -- /* No special elements, yet. */ --}; -- - #define MODULE_ARCH_VERMAGIC "xtensa-" __stringify(XCHAL_CORE_ID) " " - --#define Elf_Shdr Elf32_Shdr --#define Elf_Sym Elf32_Sym --#define Elf_Ehdr Elf32_Ehdr -+#include - - #endif /* _XTENSA_MODULE_H */ -diff --git a/include/asm-generic/module.h b/include/asm-generic/module.h -index ed5b44d..14dc41d 100644 ---- a/include/asm-generic/module.h -+++ b/include/asm-generic/module.h -@@ -5,18 +5,44 @@ - * Many architectures just need a simple module - * loader without arch specific data. - */ -+#ifndef CONFIG_HAVE_MOD_ARCH_SPECIFIC - struct mod_arch_specific - { - }; -+#endif - - #ifdef CONFIG_64BIT --#define Elf_Shdr Elf64_Shdr --#define Elf_Sym Elf64_Sym --#define Elf_Ehdr Elf64_Ehdr --#else --#define Elf_Shdr Elf32_Shdr --#define Elf_Sym Elf32_Sym --#define Elf_Ehdr Elf32_Ehdr -+#define Elf_Shdr Elf64_Shdr -+#define Elf_Phdr Elf64_Phdr -+#define Elf_Sym Elf64_Sym -+#define Elf_Dyn Elf64_Dyn -+#define Elf_Ehdr Elf64_Ehdr -+#define Elf_Addr Elf64_Addr -+#ifdef CONFIG_MODULES_USE_ELF_REL -+#define Elf_Rel Elf64_Rel -+#endif -+#ifdef CONFIG_MODULES_USE_ELF_RELA -+#define Elf_Rela Elf64_Rela -+#endif -+#define ELF_R_TYPE(X) ELF64_R_TYPE(X) -+#define ELF_R_SYM(X) ELF64_R_SYM(X) -+ -+#else /* CONFIG_64BIT */ -+ -+#define Elf_Shdr Elf32_Shdr -+#define Elf_Phdr Elf32_Phdr -+#define Elf_Sym Elf32_Sym -+#define Elf_Dyn Elf32_Dyn -+#define Elf_Ehdr Elf32_Ehdr -+#define Elf_Addr Elf32_Addr -+#ifdef CONFIG_MODULES_USE_ELF_REL -+#define Elf_Rel Elf32_Rel -+#endif -+#ifdef CONFIG_MODULES_USE_ELF_RELA -+#define Elf_Rela Elf32_Rela -+#endif -+#define ELF_R_TYPE(X) ELF32_R_TYPE(X) -+#define ELF_R_SYM(X) ELF32_R_SYM(X) - #endif - - #endif /* __ASM_GENERIC_MODULE_H */ -diff --git a/include/linux/moduleloader.h b/include/linux/moduleloader.h -index b2be02e..560ca53 100644 ---- a/include/linux/moduleloader.h -+++ b/include/linux/moduleloader.h -@@ -28,21 +28,49 @@ void *module_alloc(unsigned long size); - /* Free memory returned from module_alloc. */ - void module_free(struct module *mod, void *module_region); - --/* Apply the given relocation to the (simplified) ELF. Return -error -- or 0. */ -+/* -+ * Apply the given relocation to the (simplified) ELF. Return -error -+ * or 0. -+ */ -+#ifdef CONFIG_MODULES_USE_ELF_REL - int apply_relocate(Elf_Shdr *sechdrs, - const char *strtab, - unsigned int symindex, - unsigned int relsec, - struct module *mod); -+#else -+static inline int apply_relocate(Elf_Shdr *sechdrs, -+ const char *strtab, -+ unsigned int symindex, -+ unsigned int relsec, -+ struct module *me) -+{ -+ printk(KERN_ERR "module %s: REL relocation unsupported\n", me->name); -+ return -ENOEXEC; -+} -+#endif - --/* Apply the given add relocation to the (simplified) ELF. Return -- -error or 0 */ -+/* -+ * Apply the given add relocation to the (simplified) ELF. Return -+ * -error or 0 -+ */ -+#ifdef CONFIG_MODULES_USE_ELF_RELA - int apply_relocate_add(Elf_Shdr *sechdrs, - const char *strtab, - unsigned int symindex, - unsigned int relsec, - struct module *mod); -+#else -+static inline int apply_relocate_add(Elf_Shdr *sechdrs, -+ const char *strtab, -+ unsigned int symindex, -+ unsigned int relsec, -+ struct module *me) -+{ -+ printk(KERN_ERR "module %s: REL relocation unsupported\n", me->name); -+ return -ENOEXEC; -+} -+#endif - - /* Any final processing of module before access. Return -error or 0. */ - int module_finalize(const Elf_Ehdr *hdr, -diff --git a/kernel/module.c b/kernel/module.c -index 4edbd9c..087aeed 100644 ---- a/kernel/module.c -+++ b/kernel/module.c -@@ -1949,26 +1949,6 @@ static int simplify_symbols(struct module *mod, const struct load_info *info) - return ret; - } - --int __weak apply_relocate(Elf_Shdr *sechdrs, -- const char *strtab, -- unsigned int symindex, -- unsigned int relsec, -- struct module *me) --{ -- pr_err("module %s: REL relocation unsupported\n", me->name); -- return -ENOEXEC; --} -- --int __weak apply_relocate_add(Elf_Shdr *sechdrs, -- const char *strtab, -- unsigned int symindex, -- unsigned int relsec, -- struct module *me) --{ -- pr_err("module %s: RELA relocation unsupported\n", me->name); -- return -ENOEXEC; --} -- - static int apply_relocations(struct module *mod, const struct load_info *info) - { - unsigned int i; --- -1.7.11.2 - - -From 45c9f5b2992c100a9183f753d933d3141ae4e951 Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 14:13:57 +0100 -Subject: [PATCH 16/28] Provide macros for forming the name of an ELF note and - its section - -Provide macros for stringifying the name of an ELF note and its section -appropriately so that the macro can be used in both C and assembly. - -Signed-off-by: David Howells ---- - include/linux/elfnote.h | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/include/linux/elfnote.h b/include/linux/elfnote.h -index 278e3ef..949d494 100644 ---- a/include/linux/elfnote.h -+++ b/include/linux/elfnote.h -@@ -58,6 +58,7 @@ - ELFNOTE_END - - #else /* !__ASSEMBLER__ */ -+#include - #include - /* - * Use an anonymous structure which matches the shape of -@@ -93,6 +94,9 @@ - - #define ELFNOTE32(name, type, desc) ELFNOTE(32, name, type, desc) - #define ELFNOTE64(name, type, desc) ELFNOTE(64, name, type, desc) -+ -+#define ELFNOTE_NAME(name) __stringify(name) -+#define ELFNOTE_SECTION(name) ".note."ELFNOTE_NAME(name) - #endif /* __ASSEMBLER__ */ - - #endif /* _LINUX_ELFNOTE_H */ --- -1.7.11.2 - - -From 1d83fa4cf20b3b6f7ffd471459dcad47d6e2ac64 Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 14:14:00 +0100 -Subject: [PATCH 17/28] MODSIGN: Provide gitignore and make clean rules for - extra files - -Provide gitignore and make clean rules for extra files to hide and clean up the -extra files produced by module signing stuff once it is added. Also add a -clean up rule for the module content extractor program used to extract the data -to be signed. - -Signed-off-by: David Howells ---- - .gitignore | 12 ++++++++++++ - Makefile | 1 + - scripts/mod/.gitignore | 1 + - 3 files changed, 14 insertions(+) - -diff --git a/.gitignore b/.gitignore -index 57af07c..7948eeb 100644 ---- a/.gitignore -+++ b/.gitignore -@@ -14,6 +14,9 @@ - *.o.* - *.a - *.s -+*.ko.unsigned -+*.ko.digest -+*.ko.digest.sig - *.ko - *.so - *.so.dbg -@@ -84,3 +87,12 @@ GTAGS - *.orig - *~ - \#*# -+ -+# -+# GPG leavings from module signing -+# -+genkey -+modsign.pub -+modsign.sec -+random_seed -+trustdb.gpg -diff --git a/Makefile b/Makefile -index 8e4c0a7..4db9629 100644 ---- a/Makefile -+++ b/Makefile -@@ -1239,6 +1239,7 @@ clean: $(clean-dirs) - $(call cmd,rmfiles) - @find $(if $(KBUILD_EXTMOD), $(KBUILD_EXTMOD), .) $(RCS_FIND_IGNORE) \ - \( -name '*.[oas]' -o -name '*.ko' -o -name '.*.cmd' \ -+ -o -name '*.ko.*' \ - -o -name '.*.d' -o -name '.*.tmp' -o -name '*.mod.c' \ - -o -name '*.symtypes' -o -name 'modules.order' \ - -o -name modules.builtin -o -name '.tmp_*.o.*' \ -diff --git a/scripts/mod/.gitignore b/scripts/mod/.gitignore -index e9b7abe..223dfd6 100644 ---- a/scripts/mod/.gitignore -+++ b/scripts/mod/.gitignore -@@ -1,4 +1,5 @@ - elfconfig.h - mk_elfconfig - modpost -+mod-extract - --- -1.7.11.2 - - -From a284aee7526543a96a6e5694425ec7a2001d5c32 Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 14:14:01 +0100 -Subject: [PATCH 18/28] MODSIGN: Provide Documentation and Kconfig options - -Provide documentation and kernel configuration options for module signing. - -The documentation can be found in: - - Documentation/module-signing.txt - -The following configuration options are added: - - (1) CONFIG_MODULE_SIG - - Enable module signing. This will both cause the build process to sign - modules and the kernel to check modules when they're loaded. - - (2) CONFIG_MODULE_SIG_SHA1 - CONFIG_MODULE_SIG_SHA224 - CONFIG_MODULE_SIG_SHA256 - CONFIG_MODULE_SIG_SHA384 - CONFIG_MODULE_SIG_SHA512 - - Select the cryptographic hash used to digest the data prior to signing. - Additionally, the crypto module selected will be built into the kernel as - it won't be possible to load it as a module without incurring a circular - dependency when the kernel tries to check its signature. - - (3) CONFIG_MODULE_SIG_FORCE - - Require that any module loaded must be signed with a key compiled into - the kernel. All other modules are rejected with EKEYREJECTED. - -Signed-off-by: David Howells ---- - Documentation/module-signing.txt | 194 +++++++++++++++++++++++++++++++++++++++ - include/linux/modsign.h | 27 ++++++ - init/Kconfig | 54 +++++++++++ - 3 files changed, 275 insertions(+) - create mode 100644 Documentation/module-signing.txt - create mode 100644 include/linux/modsign.h - -diff --git a/Documentation/module-signing.txt b/Documentation/module-signing.txt -new file mode 100644 -index 0000000..d75d473 ---- /dev/null -+++ b/Documentation/module-signing.txt -@@ -0,0 +1,194 @@ -+ ============================== -+ KERNEL MODULE SIGNING FACILITY -+ ============================== -+ -+The module signing facility applies cryptographic signature checking to modules -+on module load, checking the signature against a ring of public keys compiled -+into the kernel. GPG is used to do the cryptographic work and determines the -+format of the signature and key data. The facility uses GPG's MPI library to -+handle the huge numbers involved. -+ -+This facility is enabled through CONFIG_MODULE_SIG. Turning on signature -+checking will also force the module's ELF metadata to be verified before the -+signature is checked. -+ -+The signature checker in the kernel is capable of handling multiple keys of -+either DSA or RSA type, and can support any of MD5, RIPE-MD-160, SHA-1, -+SHA-224, SHA-256, SHA-384 and SHA-512 hashes - PROVIDED(!) the requisite -+algorithms are compiled into the kernel. -+ -+(!) NOTE: Modules may only be verified initially with algorithms compiled into -+the kernel. Further algorithm modules may be loaded and used - but these must -+first pass a verification step using already loaded/compiled-in algorithms. -+ -+ -+===================== -+SUPPLYING PUBLIC KEYS -+===================== -+ -+A set of public keys must be supplied at kernel image build time. This is done -+by taking a GPG public key file and placing it in the base of the kernel -+directory in a file called modsign.pub. -+ -+For example, a throwaway key could be generated automatically by something like -+the following: -+ -+ cat >genkey < -+ -+ This indicates the whereabouts of the GPG keyring that is the source of -+ the public key to be used. The default is "./modsign.pub". -+ -+ (*) MODKEYNAME= -+ -+ The name of the key pair to be used from the aforementioned keyrings. -+ This defaults to being unset, thus leaving the choice of default key to -+ gpg. -+ -+ (*) KEYFLAGS="gpg-options" -+ -+ Override the complete gpg command line, including the preceding three -+ options. The default options supplied to gpg are: -+ -+ --no-default-keyring -+ --secret-keyring $(MODSECKEY) -+ --keyring $(MODPUBKEY) -+ --no-default-keyring -+ --homedir . -+ --no-options -+ --no-auto-check-trustdb -+ --no-permission-warning -+ --digest-algo= -+ -+ with: -+ -+ --default-key $(MODKEYNAME) -+ -+ being added if requested. -+ -+The resulting module.ko file will be the signed module. -+ -+ -+======================== -+STRIPPING SIGNED MODULES -+======================== -+ -+Signed modules may be safely stripped with any of the following: -+ -+ strip -x -+ strip -g -+ eu-strip -+ -+as the signature only covers those parts of the module the kernel actually uses -+and any ELF metadata required to deal with them. Any necessary ELF metadata -+that is affected by stripping is canonicalised by the sig generator and the sig -+checker to hide strip effects. -+ -+This permits the debuginfo to be detached from the module and placed in another -+spot so that gdb can find it when referring to that module without the need for -+multiple signed versions of the module. Such is done by rpmbuild when -+producing RPMs. -+ -+It also permits the module to be stripped as far as possible for when modules -+are being reduced prior to being included in an initial ramdisk composition. -+ -+Note that "strip" and "strip -s" may not be used on a module, signed or -+otherwise, as they remove the symbol table and render the relocation tables -+unusable. -+ -+ -+====================== -+LOADING SIGNED MODULES -+====================== -+ -+Modules are loaded with insmod, exactly as for unsigned modules. The signature -+is inserted into the module object file during the build process as an ELF note -+called "module.sig" in an ELF section called ".note.module.sig". The signature -+checker will detect it and apply signature checking. -+ -+ -+========================================= -+NON-VALID SIGNATURES AND UNSIGNED MODULES -+========================================= -+ -+If CONFIG_MODULE_SIG_FORCE is enabled or "enforcemodulesig=1" is supplied on -+the kernel command line, the kernel will _only_ load validly signed modules -+for which it has a public key. Otherwise, it will also load modules that are -+unsigned. Any module for which the kernel has a key, but which proves to have -+a signature mismatch will not be permitted to load (returning EKEYREJECTED). -+ -+This table indicates the behaviours of the various situations: -+ -+ MODULE STATE PERMISSIVE MODE ENFORCING MODE -+ ======================================= =============== =============== -+ Unsigned Ok EKEYREJECTED -+ Signed, no public key ENOKEY ENOKEY -+ Validly signed, public key Ok Ok -+ Invalidly signed, public key EKEYREJECTED EKEYREJECTED -+ Validly signed, expired key EKEYEXPIRED EKEYEXPIRED -+ Signed, hash algorithm unavailable ENOPKG ENOPKG -+ Corrupt signature EBADMSG EBADMSG -+ Corrupt ELF ELIBBAD ELIBBAD -diff --git a/include/linux/modsign.h b/include/linux/modsign.h -new file mode 100644 -index 0000000..c5ac87a ---- /dev/null -+++ b/include/linux/modsign.h -@@ -0,0 +1,27 @@ -+/* Module signing definitions -+ * -+ * Copyright (C) 2009 Red Hat, Inc. All Rights Reserved. -+ * Written by David Howells (dhowells@redhat.com) -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public Licence -+ * as published by the Free Software Foundation; either version -+ * 2 of the Licence, or (at your option) any later version. -+ */ -+ -+#ifndef _LINUX_MODSIGN_H -+#define _LINUX_MODSIGN_H -+ -+#ifdef CONFIG_MODULE_SIG -+ -+#include -+ -+/* -+ * The parameters of the ELF note used to carry the signature -+ */ -+#define MODSIGN_NOTE_NAME module.sig -+#define MODSIGN_NOTE_TYPE 100 -+ -+#endif -+ -+#endif /* _LINUX_MODSIGN_H */ -diff --git a/init/Kconfig b/init/Kconfig -index af6c7f8..e23ed83 100644 ---- a/init/Kconfig -+++ b/init/Kconfig -@@ -1585,6 +1585,60 @@ config MODULE_SRCVERSION_ALL - the version). With this option, such a "srcversion" field - will be created for all modules. If unsure, say N. - -+config MODULE_SIG -+ bool "Module signature verification" -+ depends on MODULES -+ select KEYS -+ select CRYPTO_KEY_TYPE -+ select CRYPTO_KEY_PKEY_ALGO_DSA -+ select CRYPTO_KEY_PKEY_ALGO_RSA -+ select PGP_PARSER -+ select PGP_PRELOAD -+ help -+ Check modules for valid signatures upon load. For more information -+ see: -+ -+ Documentation/module-signing.txt -+ -+choice -+ prompt "Which hash algorithm should modules be signed with?" -+ depends on MODULE_SIG -+ help -+ This determines which sort of hashing algorithm will be used during -+ signature generation. This algorithm _must_ be built into the kernel -+ directly so that signature verification can take place. It is not -+ possible to load a signed module containing the algorithm to check -+ the signature on that module. -+ -+config MODULE_SIG_SHA1 -+ bool "Sign modules with SHA-1" -+ select CRYPTO_SHA1 -+ -+config MODULE_SIG_SHA224 -+ bool "Sign modules with SHA-224" -+ select CRYPTO_SHA224 -+ -+config MODULE_SIG_SHA256 -+ bool "Sign modules with SHA-256" -+ select CRYPTO_SHA256 -+ -+config MODULE_SIG_SHA384 -+ bool "Sign modules with SHA-384" -+ select CRYPTO_SHA384 -+ -+config MODULE_SIG_SHA512 -+ bool "Sign modules with SHA-512" -+ select CRYPTO_SHA512 -+ -+endchoice -+ -+config MODULE_SIG_FORCE -+ bool "Required modules to be validly signed (EXPERIMENTAL)" -+ depends on MODULE_SIG -+ help -+ Reject unsigned modules or signed modules for which we don't have a -+ key. -+ - endif # MODULES - - config INIT_ALL_POSSIBLE --- -1.7.11.2 - - -From 509093b115e362fd50584c5852c922926c2395bd Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 14:14:01 +0100 -Subject: [PATCH 19/28] MODSIGN: Sign modules during the build process - -If CONFIG_MODULE_SIG is set, then this patch will cause the module to get a -signature installed. The following steps will occur: - - (1) The module will be linked to foo.ko.unsigned instead of foo.ko - - (2) The module's signable content will be extracted to foo.ko.digest by the - mod-extract program. - - (3) The signature will be generated on foo.ko.digest by gpg and placed in - foo.ko.digest.sig - - (4) The signature will be encapsulated into an ELF note and placed into a file - called foo.ko.note.o using the output from modsign-note.sh piped into the - assembler. - - (5) The unsigned module from (1) and the signature ELF note from (4) will be - linked together to produce foo.ko - -Step (3) requires private and public keys to be available. By default these -are expected to be found in PGP keyring files called modsign.sec (the secret -key) and modsign.pub (the public key) in the build root. - -If the secret key is not found then signing will be skipped and the unsigned -module from (1) will just be copied to foo.ko. - -If signing occurs, lines like the following will be seen: - - LD [M] fs/foo/foo.ko.unsigned - SIGN [M] fs/foo/foo.ko - -will appear in the build log. If it is skipped, the following will be seen: - - LD [M] fs/foo/foo.ko.unsigned - NO SIGN [M] fs/foo/foo.ko - -Signed-off-by: David Howells ---- - scripts/Makefile.modpost | 87 ++++- - scripts/mod/Makefile | 2 +- - scripts/mod/mod-extract.c | 913 ++++++++++++++++++++++++++++++++++++++++++++ - scripts/mod/modsign-note.sh | 16 + - 4 files changed, 1016 insertions(+), 2 deletions(-) - create mode 100644 scripts/mod/mod-extract.c - create mode 100644 scripts/mod/modsign-note.sh - -diff --git a/scripts/Makefile.modpost b/scripts/Makefile.modpost -index 08dce14..17465d8 100644 ---- a/scripts/Makefile.modpost -+++ b/scripts/Makefile.modpost -@@ -14,7 +14,8 @@ - # 3) create one .mod.c file pr. module - # 4) create one Module.symvers file with CRC for all exported symbols - # 5) compile all .mod.c files --# 6) final link of the module to a file -+# 6) final link of the module to a (or ) file -+# 7) signs the modules to a file - - # Step 3 is used to place certain information in the module's ELF - # section, including information such as: -@@ -32,6 +33,8 @@ - # Step 4 is solely used to allow module versioning in external modules, - # where the CRC of each module is retrieved from the Module.symvers file. - -+# Step 7 is dependent on CONFIG_MODULE_SIG being enabled. -+ - # KBUILD_MODPOST_WARN can be set to avoid error out in case of undefined - # symbols in the final module linking stage - # KBUILD_MODPOST_NOFINAL can be set to skip the final link of modules. -@@ -116,6 +119,7 @@ $(modules:.ko=.mod.o): %.mod.o: %.mod.c FORCE - targets += $(modules:.ko=.mod.o) - - # Step 6), final link of the modules -+ifneq ($(CONFIG_MODULE_SIG),y) - quiet_cmd_ld_ko_o = LD [M] $@ - cmd_ld_ko_o = $(LD) -r $(LDFLAGS) \ - $(KBUILD_LDFLAGS_MODULE) $(LDFLAGS_MODULE) \ -@@ -125,7 +129,88 @@ $(modules): %.ko :%.o %.mod.o FORCE - $(call if_changed,ld_ko_o) - - targets += $(modules) -+else -+quiet_cmd_ld_ko_unsigned_o = LD [M] $@ -+ cmd_ld_ko_unsigned_o = \ -+ $(LD) -r $(LDFLAGS) \ -+ $(KBUILD_LDFLAGS_MODULE) $(LDFLAGS_MODULE) \ -+ -o $@ $(filter-out FORCE,$^) \ -+ $(if $(AFTER_LINK),; $(AFTER_LINK)) -+ -+$(modules:.ko=.ko.unsigned): %.ko.unsigned :%.o %.mod.o FORCE -+ $(call if_changed,ld_ko_unsigned_o) -+ -+targets += $(modules:.ko=.ko.unsigned) -+ -+# Step 7), sign the modules -+MODSECKEY = ./modsign.sec -+MODPUBKEY = ./modsign.pub -+KEYFLAGS = --no-default-keyring --secret-keyring $(MODSECKEY) --keyring $(MODPUBKEY) --no-default-keyring --homedir . --no-options --no-auto-check-trustdb --no-permission-warning -+ -+ifdef CONFIG_MODULE_SIG_SHA1 -+KEYFLAGS += --digest-algo=SHA1 -+else -+ifdef CONFIG_MODULE_SIG_SHA224 -+KEYFLAGS += --digest-algo=SHA224 -+else -+ifdef CONFIG_MODULE_SIG_SHA256 -+KEYFLAGS += --digest-algo=SHA256 -+else -+ifdef CONFIG_MODULE_SIG_SHA384 -+KEYFLAGS += --digest-algo=SHA384 -+else -+ifdef CONFIG_MODULE_SIG_SHA512 -+KEYFLAGS += --digest-algo=SHA512 -+else -+endif -+endif -+endif -+endif -+endif -+ -+ifdef MODKEYNAME -+KEYFLAGS += --default-key $(MODKEYNAME) -+endif - -+ifeq ($(wildcard $(MODSECKEY))+$(wildcard $(MODPUBKEY)),$(MODSECKEY)+$(MODPUBKEY)) -+ifeq ($(KBUILD_SRC),) -+ # no O= is being used -+ SCRIPTS_DIR := scripts -+else -+ SCRIPTS_DIR := $(KBUILD_SRC)/scripts -+endif -+SIGN_MODULES := 1 -+else -+SIGN_MODULES := 0 -+endif -+ -+# only sign if it's an in-tree module -+ifneq ($(KBUILD_EXTMOD),) -+SIGN_MODULES := 0 -+endif -+ -+ifeq ($(SIGN_MODULES),1) -+KEYRING_DEP := modsign.sec modsign.pub -+quiet_cmd_sign_ko_ko_unsigned = SIGN [M] $@ -+ cmd_sign_ko_ko_unsigned = \ -+ scripts/mod/mod-extract $< $@.digest && \ -+ rm -f $@.digest.sig && \ -+ gpg --batch --no-greeting $(KEYFLAGS) -b $@.digest && \ -+ sh $(SCRIPTS_DIR)/mod/modsign-note.sh $@.digest.sig | \ -+ $(CC) -x assembler-with-cpp $(c_flags) $(CFLAGS_MODULE) -c -o $@.note.o - && \ -+ $(LD) -r $(LDFLAGS) -o $@ $< $@.note.o -+else -+KEYRING_DEP := -+quiet_cmd_sign_ko_ko_unsigned = NO SIGN [M] $@ -+ cmd_sign_ko_ko_unsigned = \ -+ cp $< $@ -+endif -+ -+$(modules): %.ko :%.ko.unsigned $(KEYRING_DEP) FORCE -+ $(call if_changed,sign_ko_ko_unsigned) -+ -+targets += $(modules) -+endif - - # Add FORCE to the prequisites of a target to force it to be always rebuilt. - # --------------------------------------------------------------------------- -diff --git a/scripts/mod/Makefile b/scripts/mod/Makefile -index ff954f8..4654e3b 100644 ---- a/scripts/mod/Makefile -+++ b/scripts/mod/Makefile -@@ -1,4 +1,4 @@ --hostprogs-y := modpost mk_elfconfig -+hostprogs-y := modpost mk_elfconfig mod-extract - always := $(hostprogs-y) empty.o - - modpost-objs := modpost.o file2alias.o sumversion.o -diff --git a/scripts/mod/mod-extract.c b/scripts/mod/mod-extract.c -new file mode 100644 -index 0000000..0c0e3e3 ---- /dev/null -+++ b/scripts/mod/mod-extract.c -@@ -0,0 +1,913 @@ -+/* mod-extract.c: module extractor for signing -+ * -+ * Copyright (C) 2004 Red Hat, Inc. All Rights Reserved. -+ * Written by David Howells (dhowells@redhat.com) -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public License -+ * as published by the Free Software Foundation; either version -+ * 2 of the License, or (at your option) any later version. -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+static void extract_elf64(void *buffer, size_t size, Elf64_Ehdr *hdr); -+static void extract_elf32(void *buffer, size_t size, Elf32_Ehdr *hdr); -+ -+struct byteorder { -+ uint16_t (*get16)(const uint16_t *); -+ uint32_t (*get32)(const uint32_t *); -+ uint64_t (*get64)(const uint64_t *); -+ void (*set16)(uint16_t *, uint16_t); -+ void (*set32)(uint32_t *, uint32_t); -+ void (*set64)(uint64_t *, uint64_t); -+}; -+ -+static uint16_t get16_le(const uint16_t *p) { return __le16_to_cpu(*p); } -+static uint32_t get32_le(const uint32_t *p) { return __le32_to_cpu(*p); } -+static uint64_t get64_le(const uint64_t *p) { return __le64_to_cpu(*p); } -+static uint16_t get16_be(const uint16_t *p) { return __be16_to_cpu(*p); } -+static uint32_t get32_be(const uint32_t *p) { return __be32_to_cpu(*p); } -+static uint64_t get64_be(const uint64_t *p) { return __be64_to_cpu(*p); } -+ -+static void set16_le(uint16_t *p, uint16_t n) { *p = __cpu_to_le16(n); } -+static void set32_le(uint32_t *p, uint32_t n) { *p = __cpu_to_le32(n); } -+static void set64_le(uint64_t *p, uint64_t n) { *p = __cpu_to_le64(n); } -+static void set16_be(uint16_t *p, uint16_t n) { *p = __cpu_to_be16(n); } -+static void set32_be(uint32_t *p, uint32_t n) { *p = __cpu_to_be32(n); } -+static void set64_be(uint64_t *p, uint64_t n) { *p = __cpu_to_be64(n); } -+ -+static const struct byteorder byteorder_le = { -+ get16_le, get32_le, get64_le, -+ set16_le, set32_le, set64_le -+}; -+static const struct byteorder byteorder_be = { -+ get16_be, get32_be, get64_be, -+ set16_be, set32_be, set64_be -+}; -+static const struct byteorder *order; -+ -+static inline uint16_t get16(const uint16_t *p) { return order->get16(p); } -+static inline uint32_t get32(const uint32_t *p) { return order->get32(p); } -+static inline uint64_t get64(const uint64_t *p) { return order->get64(p); } -+static inline void set16(uint16_t *p, uint16_t n) { order->set16(p, n); } -+static inline void set32(uint32_t *p, uint32_t n) { order->set32(p, n); } -+static inline void set64(uint64_t *p, uint64_t n) { order->set64(p, n); } -+ -+static FILE *outfd; -+static uint8_t csum, xcsum; -+ -+static void write_out(const void *data, size_t size) -+{ -+ const uint8_t *p = data; -+ size_t loop; -+ -+ for (loop = 0; loop < size; loop++) { -+ csum += p[loop]; -+ xcsum += p[loop]; -+ } -+ -+ if (fwrite(data, 1, size, outfd) != size) { -+ perror("write"); -+ exit(1); -+ } -+} -+ -+#define write_out_val(VAL) write_out(&(VAL), sizeof(VAL)) -+ -+static int is_verbose; -+ -+static __attribute__((format(printf, 1, 2))) -+void verbose(const char *fmt, ...) -+{ -+ va_list va; -+ -+ if (is_verbose) { -+ va_start(va, fmt); -+ vprintf(fmt, va); -+ va_end(va); -+ } -+} -+ -+static __attribute__((noreturn)) -+void usage(void) -+{ -+ fprintf(stderr, "Usage: mod-extract [-v] \n"); -+ exit(2); -+} -+ -+/* -+ * -+ */ -+int main(int argc, char **argv) -+{ -+ struct stat st; -+ Elf32_Ehdr *hdr32; -+ Elf64_Ehdr *hdr64; -+ size_t len; -+ void *buffer; -+ int fd, be, b64; -+ -+ while (argc > 1 && strcmp("-v", argv[1]) == 0) { -+ argv++; -+ argc--; -+ is_verbose++; -+ } -+ -+ if (argc != 3) -+ usage(); -+ -+ /* map the module into memory */ -+ fd = open(argv[1], O_RDONLY); -+ if (fd < 0) { -+ perror("open input"); -+ exit(1); -+ } -+ -+ if (fstat(fd, &st) < 0) { -+ perror("fstat"); -+ exit(1); -+ } -+ -+ len = st.st_size; -+ -+ buffer = mmap(NULL, len, PROT_READ|PROT_WRITE, MAP_PRIVATE, fd, 0); -+ if (buffer == MAP_FAILED) { -+ perror("mmap"); -+ exit(1); -+ } -+ -+ if (close(fd) < 0) { -+ perror("close input"); -+ exit(1); -+ } -+ -+ /* check it's an ELF object */ -+ hdr32 = buffer; -+ hdr64 = buffer; -+ -+ if (hdr32->e_ident[EI_MAG0] != ELFMAG0 || -+ hdr32->e_ident[EI_MAG1] != ELFMAG1 || -+ hdr32->e_ident[EI_MAG2] != ELFMAG2 || -+ hdr32->e_ident[EI_MAG3] != ELFMAG3 -+ ) { -+ fprintf(stderr, "Module does not appear to be ELF\n"); -+ exit(3); -+ } -+ -+ /* determine endianness and word size */ -+ b64 = (hdr32->e_ident[EI_CLASS] == ELFCLASS64); -+ be = (hdr32->e_ident[EI_DATA] == ELFDATA2MSB); -+ order = be ? &byteorder_be : &byteorder_le; -+ -+ verbose("Module is %s-bit %s-endian\n", -+ b64 ? "64" : "32", -+ be ? "big" : "little"); -+ -+ /* open the output file */ -+ outfd = fopen(argv[2], "w"); -+ if (!outfd) { -+ perror("open output"); -+ exit(1); -+ } -+ -+ /* perform the extraction */ -+ if (b64) -+ extract_elf64(buffer, len, hdr64); -+ else -+ extract_elf32(buffer, len, hdr32); -+ -+ /* done */ -+ if (fclose(outfd) == EOF) { -+ perror("close output"); -+ exit(1); -+ } -+ -+ return 0; -+} -+ -+/* -+ * extract a RELA table -+ * - need to canonicalise the entries in case section addition/removal has -+ * rearranged the symbol table and the section table -+ */ -+static void extract_elf64_rela(const void *buffer, int secix, int targetix, -+ const Elf64_Rela *relatab, size_t nrels, -+ const Elf64_Sym *symbols, size_t nsyms, -+ const Elf64_Shdr *sections, size_t nsects, int *canonmap, -+ const char *strings, size_t nstrings, -+ const char *sh_name) -+{ -+ struct { -+ uint64_t r_offset; -+ uint64_t r_addend; -+ uint64_t st_value; -+ uint64_t st_size; -+ uint32_t r_type; -+ uint16_t st_shndx; -+ uint8_t st_info; -+ uint8_t st_other; -+ -+ } __attribute__((packed)) relocation; -+ -+ const Elf64_Sym *symbol; -+ size_t loop; -+ -+ /* contribute the relevant bits from a join of { RELA, SYMBOL, SECTION } */ -+ for (loop = 0; loop < nrels; loop++) { -+ Elf64_Section st_shndx; -+ Elf64_Xword r_info; -+ -+ /* decode the relocation */ -+ r_info = get64(&relatab[loop].r_info); -+ relocation.r_offset = relatab[loop].r_offset; -+ relocation.r_addend = relatab[loop].r_addend; -+ set32(&relocation.r_type, ELF64_R_TYPE(r_info)); -+ -+ if (ELF64_R_SYM(r_info) >= nsyms) { -+ fprintf(stderr, "Invalid symbol ID %zx in relocation %zu\n", -+ (size_t)ELF64_R_SYM(r_info), loop); -+ exit(1); -+ } -+ -+ /* decode the symbol referenced by the relocation */ -+ symbol = &symbols[ELF64_R_SYM(r_info)]; -+ relocation.st_info = symbol->st_info; -+ relocation.st_other = symbol->st_other; -+ relocation.st_value = symbol->st_value; -+ relocation.st_size = symbol->st_size; -+ relocation.st_shndx = symbol->st_shndx; -+ st_shndx = get16(&symbol->st_shndx); -+ -+ /* canonicalise the section used by the symbol */ -+ if (st_shndx > SHN_UNDEF && st_shndx < nsects) -+ set16(&relocation.st_shndx, canonmap[st_shndx]); -+ -+ write_out_val(relocation); -+ -+ /* undefined symbols must be named if referenced */ -+ if (st_shndx == SHN_UNDEF) { -+ const char *name = strings + get32(&symbol->st_name); -+ write_out(name, strlen(name) + 1); -+ } -+ } -+ -+ verbose("%02x %4d %s [canon]\n", csum, secix, sh_name); -+} -+ -+/* -+ * extract a REL table -+ * - need to canonicalise the entries in case section addition/removal has -+ * rearranged the symbol table and the section table -+ */ -+static void extract_elf64_rel(const void *buffer, int secix, int targetix, -+ const Elf64_Rel *relatab, size_t nrels, -+ const Elf64_Sym *symbols, size_t nsyms, -+ const Elf64_Shdr *sections, size_t nsects, int *canonmap, -+ const char *strings, size_t nstrings, -+ const char *sh_name) -+{ -+ struct { -+ uint64_t r_offset; -+ uint64_t st_value; -+ uint64_t st_size; -+ uint32_t r_type; -+ uint16_t st_shndx; -+ uint8_t st_info; -+ uint8_t st_other; -+ -+ } __attribute__((packed)) relocation; -+ -+ const Elf64_Sym *symbol; -+ size_t loop; -+ -+ /* contribute the relevant bits from a join of { RELA, SYMBOL, SECTION } */ -+ for (loop = 0; loop < nrels; loop++) { -+ Elf64_Section st_shndx; -+ Elf64_Xword r_info; -+ -+ /* decode the relocation */ -+ r_info = get64(&relatab[loop].r_info); -+ relocation.r_offset = relatab[loop].r_offset; -+ set32(&relocation.r_type, ELF64_R_TYPE(r_info)); -+ -+ if (ELF64_R_SYM(r_info) >= nsyms) { -+ fprintf(stderr, "Invalid symbol ID %zx in relocation %zu\n", -+ (size_t)ELF64_R_SYM(r_info), loop); -+ exit(1); -+ } -+ -+ /* decode the symbol referenced by the relocation */ -+ symbol = &symbols[ELF64_R_SYM(r_info)]; -+ relocation.st_info = symbol->st_info; -+ relocation.st_other = symbol->st_other; -+ relocation.st_value = symbol->st_value; -+ relocation.st_size = symbol->st_size; -+ relocation.st_shndx = symbol->st_shndx; -+ st_shndx = get16(&symbol->st_shndx); -+ -+ /* canonicalise the section used by the symbol */ -+ if (st_shndx > SHN_UNDEF && st_shndx < nsects) -+ set16(&relocation.st_shndx, canonmap[st_shndx]); -+ -+ write_out_val(relocation); -+ -+ /* undefined symbols must be named if referenced */ -+ if (st_shndx == SHN_UNDEF) { -+ const char *name = strings + get32(&symbol->st_name); -+ write_out(name, strlen(name) + 1); -+ } -+ } -+ -+ verbose("%02x %4d %s [canon]\n", csum, secix, sh_name); -+} -+ -+/* -+ * extract the data from a 64-bit module -+ */ -+static void extract_elf64(void *buffer, size_t len, Elf64_Ehdr *hdr) -+{ -+ const Elf64_Sym *symbols; -+ Elf64_Shdr *sections; -+ const char *secstrings, *strings; -+ size_t nsyms, nstrings; -+ int loop, shnum, *canonlist, *canonmap, canon, changed, tmp; -+ -+ sections = buffer + get64(&hdr->e_shoff); -+ secstrings = buffer + get64(§ions[get16(&hdr->e_shstrndx)].sh_offset); -+ shnum = get16(&hdr->e_shnum); -+ -+ /* find the symbol table and the string table and produce a list of -+ * index numbers of sections that contribute to the kernel's module -+ * image -+ */ -+ canonlist = calloc(sizeof(int), shnum * 2); -+ if (!canonlist) { -+ perror("calloc"); -+ exit(1); -+ } -+ canonmap = canonlist + shnum; -+ canon = 0; -+ -+ symbols = NULL; -+ strings = NULL; -+ nstrings = 0; -+ nsyms = 0; -+ -+ for (loop = 1; loop < shnum; loop++) { -+ const char *sh_name = secstrings + get32(§ions[loop].sh_name); -+ Elf64_Word sh_type = get32(§ions[loop].sh_type); -+ Elf64_Xword sh_size = get64(§ions[loop].sh_size); -+ Elf64_Xword sh_flags = get64(§ions[loop].sh_flags); -+ Elf64_Word sh_info = get32(§ions[loop].sh_info); -+ Elf64_Off sh_offset = get64(§ions[loop].sh_offset); -+ void *data = buffer + sh_offset; -+ -+ /* quick sanity check */ -+ if (sh_type != SHT_NOBITS && len < sh_offset + sh_size) { -+ fprintf(stderr, "Section goes beyond EOF\n"); -+ exit(3); -+ } -+ -+ /* we only need to canonicalise allocatable sections */ -+ if (sh_flags & SHF_ALLOC) -+ canonlist[canon++] = loop; -+ else if ((sh_type == SHT_REL || sh_type == SHT_RELA) && -+ get64(§ions[sh_info].sh_flags) & SHF_ALLOC) -+ canonlist[canon++] = loop; -+ -+ /* keep track of certain special sections */ -+ switch (sh_type) { -+ case SHT_SYMTAB: -+ if (strcmp(sh_name, ".symtab") == 0) { -+ symbols = data; -+ nsyms = sh_size / sizeof(Elf64_Sym); -+ } -+ break; -+ -+ case SHT_STRTAB: -+ if (strcmp(sh_name, ".strtab") == 0) { -+ strings = data; -+ nstrings = sh_size; -+ } -+ break; -+ -+ default: -+ break; -+ } -+ } -+ -+ if (!symbols) { -+ fprintf(stderr, "Couldn't locate symbol table\n"); -+ exit(3); -+ } -+ -+ if (!strings) { -+ fprintf(stderr, "Couldn't locate strings table\n"); -+ exit(3); -+ } -+ -+ /* canonicalise the index numbers of the contributing section */ -+ do { -+ changed = 0; -+ -+ for (loop = 0; loop < canon - 1; loop++) { -+ const char *x = secstrings + get32(§ions[canonlist[loop + 0]].sh_name); -+ const char *y = secstrings + get32(§ions[canonlist[loop + 1]].sh_name); -+ if (strcmp(x, y) > 0) { -+ tmp = canonlist[loop + 0]; -+ canonlist[loop + 0] = canonlist[loop + 1]; -+ canonlist[loop + 1] = tmp; -+ changed = 1; -+ } -+ } -+ -+ } while (changed); -+ -+ for (loop = 0; loop < canon; loop++) -+ canonmap[canonlist[loop]] = loop + 1; -+ -+ if (is_verbose > 1) { -+ printf("\nSection canonicalisation map:\n"); -+ for (loop = 1; loop < shnum; loop++) { -+ const char *x = secstrings + get32(§ions[loop].sh_name); -+ printf("%4d %s\n", canonmap[loop], x); -+ } -+ -+ printf("\nAllocated section list in canonical order:\n"); -+ for (loop = 0; loop < canon; loop++) { -+ const char *x = secstrings + get32(§ions[canonlist[loop]].sh_name); -+ printf("%4d %s\n", canonlist[loop], x); -+ } -+ } -+ -+ /* iterate through the section table looking for sections we want to -+ * contribute to the signature */ -+ verbose("\n"); -+ verbose("CAN FILE POS CS SECT NAME\n"); -+ verbose("=== ======== == ==== ==============================\n"); -+ -+ for (loop = 0; loop < canon; loop++) { -+ int sect = canonlist[loop]; -+ const char *sh_name = secstrings + get32(§ions[sect].sh_name); -+ Elf64_Word sh_type = get32(§ions[sect].sh_type); -+ Elf64_Xword sh_size = get64(§ions[sect].sh_size); -+ Elf64_Xword sh_flags = get64(§ions[sect].sh_flags); -+ Elf64_Word sh_info = get32(§ions[sect].sh_info); -+ Elf64_Off sh_offset = get64(§ions[sect].sh_offset); -+ void *data = buffer + sh_offset; -+ -+ csum = 0; -+ -+ /* include canonicalised relocation sections */ -+ if (sh_type == SHT_REL || sh_type == SHT_RELA) { -+ Elf32_Word canon_sh_info; -+ -+ if (sh_info <= 0 && sh_info >= hdr->e_shnum) { -+ fprintf(stderr, -+ "Invalid ELF - REL/RELA sh_info does" -+ " not refer to a valid section\n"); -+ exit(3); -+ } -+ -+ verbose("%3u %08lx ", loop, ftell(outfd)); -+ -+ set32(&canon_sh_info, canonmap[sh_info]); -+ -+ /* write out selected portions of the section header */ -+ write_out(sh_name, strlen(sh_name)); -+ write_out_val(sections[sect].sh_type); -+ write_out_val(sections[sect].sh_flags); -+ write_out_val(sections[sect].sh_size); -+ write_out_val(sections[sect].sh_addralign); -+ write_out_val(canon_sh_info); -+ -+ if (sh_type == SHT_RELA) -+ extract_elf64_rela(buffer, sect, sh_info, -+ data, sh_size / sizeof(Elf64_Rela), -+ symbols, nsyms, -+ sections, shnum, canonmap, -+ strings, nstrings, -+ sh_name); -+ else -+ extract_elf64_rel(buffer, sect, sh_info, -+ data, sh_size / sizeof(Elf64_Rel), -+ symbols, nsyms, -+ sections, shnum, canonmap, -+ strings, nstrings, -+ sh_name); -+ continue; -+ } -+ -+ /* include the headers of BSS sections */ -+ if (sh_type == SHT_NOBITS && sh_flags & SHF_ALLOC) { -+ verbose("%3u %08lx ", loop, ftell(outfd)); -+ -+ /* write out selected portions of the section header */ -+ write_out(sh_name, strlen(sh_name)); -+ write_out_val(sections[sect].sh_type); -+ write_out_val(sections[sect].sh_flags); -+ write_out_val(sections[sect].sh_size); -+ write_out_val(sections[sect].sh_addralign); -+ -+ verbose("%02x %4d %s\n", csum, sect, sh_name); -+ } -+ -+ /* include allocatable loadable sections */ -+ if (sh_type != SHT_NOBITS && sh_flags & SHF_ALLOC) -+ goto include_section; -+ -+ /* not this section */ -+ continue; -+ -+ include_section: -+ verbose("%3u %08lx ", loop, ftell(outfd)); -+ -+ /* write out selected portions of the section header */ -+ write_out(sh_name, strlen(sh_name)); -+ write_out_val(sections[sect].sh_type); -+ write_out_val(sections[sect].sh_flags); -+ write_out_val(sections[sect].sh_size); -+ write_out_val(sections[sect].sh_addralign); -+ -+ /* write out the section data */ -+ write_out(data, sh_size); -+ -+ verbose("%02x %4d %s\n", csum, sect, sh_name); -+ } -+ -+ verbose("%08lx (%lu bytes csum 0x%02x)\n", -+ ftell(outfd), ftell(outfd), xcsum); -+} -+ -+/* -+ * extract a RELA table -+ * - need to canonicalise the entries in case section addition/removal has -+ * rearranged the symbol table and the section table -+ */ -+static void extract_elf32_rela(const void *buffer, int secix, int targetix, -+ const Elf32_Rela *relatab, size_t nrels, -+ const Elf32_Sym *symbols, size_t nsyms, -+ const Elf32_Shdr *sections, size_t nsects, -+ int *canonmap, -+ const char *strings, size_t nstrings, -+ const char *sh_name) -+{ -+ struct { -+ uint32_t r_offset; -+ uint32_t r_addend; -+ uint32_t st_value; -+ uint32_t st_size; -+ uint16_t st_shndx; -+ uint8_t r_type; -+ uint8_t st_info; -+ uint8_t st_other; -+ -+ } __attribute__((packed)) relocation; -+ -+ const Elf32_Sym *symbol; -+ size_t loop; -+ -+ /* contribute the relevant bits from a join of { RELA, SYMBOL, SECTION } */ -+ for (loop = 0; loop < nrels; loop++) { -+ Elf32_Section st_shndx; -+ Elf32_Word r_info; -+ -+ /* decode the relocation */ -+ r_info = get32(&relatab[loop].r_info); -+ relocation.r_offset = relatab[loop].r_offset; -+ relocation.r_addend = relatab[loop].r_addend; -+ relocation.r_type = ELF32_R_TYPE(r_info); -+ -+ if (ELF32_R_SYM(r_info) >= nsyms) { -+ fprintf(stderr, "Invalid symbol ID %x in relocation %zu\n", -+ ELF32_R_SYM(r_info), loop); -+ exit(1); -+ } -+ -+ /* decode the symbol referenced by the relocation */ -+ symbol = &symbols[ELF32_R_SYM(r_info)]; -+ relocation.st_info = symbol->st_info; -+ relocation.st_other = symbol->st_other; -+ relocation.st_value = symbol->st_value; -+ relocation.st_size = symbol->st_size; -+ relocation.st_shndx = symbol->st_shndx; -+ st_shndx = get16(&symbol->st_shndx); -+ -+ /* canonicalise the section used by the symbol */ -+ if (st_shndx > SHN_UNDEF && st_shndx < nsects) -+ set16(&relocation.st_shndx, canonmap[st_shndx]); -+ -+ write_out_val(relocation); -+ -+ /* undefined symbols must be named if referenced */ -+ if (st_shndx == SHN_UNDEF) { -+ const char *name = strings + get32(&symbol->st_name); -+ write_out(name, strlen(name) + 1); -+ } -+ } -+ -+ verbose("%02x %4d %s [canon]\n", csum, secix, sh_name); -+} -+ -+/* -+ * extract a REL table -+ * - need to canonicalise the entries in case section addition/removal has -+ * rearranged the symbol table and the section table -+ */ -+static void extract_elf32_rel(const void *buffer, int secix, int targetix, -+ const Elf32_Rel *relatab, size_t nrels, -+ const Elf32_Sym *symbols, size_t nsyms, -+ const Elf32_Shdr *sections, size_t nsects, -+ int *canonmap, -+ const char *strings, size_t nstrings, -+ const char *sh_name) -+{ -+ struct { -+ uint32_t r_offset; -+ uint32_t st_value; -+ uint32_t st_size; -+ uint16_t st_shndx; -+ uint8_t r_type; -+ uint8_t st_info; -+ uint8_t st_other; -+ -+ } __attribute__((packed)) relocation; -+ -+ const Elf32_Sym *symbol; -+ size_t loop; -+ -+ /* contribute the relevant bits from a join of { RELA, SYMBOL, SECTION } */ -+ for (loop = 0; loop < nrels; loop++) { -+ Elf32_Section st_shndx; -+ Elf32_Word r_info; -+ -+ /* decode the relocation */ -+ r_info = get32(&relatab[loop].r_info); -+ relocation.r_offset = relatab[loop].r_offset; -+ relocation.r_type = ELF32_R_TYPE(r_info); -+ -+ if (ELF32_R_SYM(r_info) >= nsyms) { -+ fprintf(stderr, "Invalid symbol ID %x in relocation %zu\n", -+ ELF32_R_SYM(r_info), loop); -+ exit(1); -+ } -+ -+ /* decode the symbol referenced by the relocation */ -+ symbol = &symbols[ELF32_R_SYM(r_info)]; -+ relocation.st_info = symbol->st_info; -+ relocation.st_other = symbol->st_other; -+ relocation.st_value = symbol->st_value; -+ relocation.st_size = symbol->st_size; -+ relocation.st_shndx = symbol->st_shndx; -+ st_shndx = get16(&symbol->st_shndx); -+ -+ /* canonicalise the section used by the symbol */ -+ if (st_shndx > SHN_UNDEF && st_shndx < nsects) -+ set16(&relocation.st_shndx, canonmap[st_shndx]); -+ -+ write_out_val(relocation); -+ -+ /* undefined symbols must be named if referenced */ -+ if (st_shndx == SHN_UNDEF) { -+ const char *name = strings + get32(&symbol->st_name); -+ write_out(name, strlen(name) + 1); -+ } -+ } -+ -+ verbose("%02x %4d %s [canon]\n", csum, secix, sh_name); -+} -+ -+/* -+ * extract the data from a 32-bit module -+ */ -+static void extract_elf32(void *buffer, size_t len, Elf32_Ehdr *hdr) -+{ -+ const Elf32_Sym *symbols; -+ Elf32_Shdr *sections; -+ const char *secstrings, *strings; -+ size_t nsyms, nstrings; -+ int loop, shnum, *canonlist, *canonmap, canon, changed, tmp; -+ -+ sections = buffer + get32(&hdr->e_shoff); -+ secstrings = buffer + get32(§ions[get16(&hdr->e_shstrndx)].sh_offset); -+ shnum = get16(&hdr->e_shnum); -+ -+ /* find the symbol table and the string table and produce a list of -+ * index numbers of sections that contribute to the kernel's module -+ * image -+ */ -+ canonlist = calloc(sizeof(int), shnum * 2); -+ if (!canonlist) { -+ perror("calloc"); -+ exit(1); -+ } -+ canonmap = canonlist + shnum; -+ canon = 0; -+ -+ symbols = NULL; -+ strings = NULL; -+ nstrings = 0; -+ nsyms = 0; -+ -+ for (loop = 1; loop < shnum; loop++) { -+ const char *sh_name = secstrings + get32(§ions[loop].sh_name); -+ Elf32_Word sh_type = get32(§ions[loop].sh_type); -+ Elf32_Xword sh_size = get32(§ions[loop].sh_size); -+ Elf32_Xword sh_flags = get32(§ions[loop].sh_flags); -+ Elf64_Word sh_info = get32(§ions[loop].sh_info); -+ Elf32_Off sh_offset = get32(§ions[loop].sh_offset); -+ void *data = buffer + sh_offset; -+ -+ /* quick sanity check */ -+ if (sh_type != SHT_NOBITS && len < sh_offset + sh_size) { -+ fprintf(stderr, "Section goes beyond EOF\n"); -+ exit(3); -+ } -+ -+ /* we only need to canonicalise allocatable sections */ -+ if (sh_flags & SHF_ALLOC) -+ canonlist[canon++] = loop; -+ else if ((sh_type == SHT_REL || sh_type == SHT_RELA) && -+ get32(§ions[sh_info].sh_flags) & SHF_ALLOC) -+ canonlist[canon++] = loop; -+ -+ /* keep track of certain special sections */ -+ switch (sh_type) { -+ case SHT_SYMTAB: -+ if (strcmp(sh_name, ".symtab") == 0) { -+ symbols = data; -+ nsyms = sh_size / sizeof(Elf32_Sym); -+ } -+ break; -+ -+ case SHT_STRTAB: -+ if (strcmp(sh_name, ".strtab") == 0) { -+ strings = data; -+ nstrings = sh_size; -+ } -+ break; -+ -+ default: -+ break; -+ } -+ } -+ -+ if (!symbols) { -+ fprintf(stderr, "Couldn't locate symbol table\n"); -+ exit(3); -+ } -+ -+ if (!strings) { -+ fprintf(stderr, "Couldn't locate strings table\n"); -+ exit(3); -+ } -+ -+ /* canonicalise the index numbers of the contributing section */ -+ do { -+ changed = 0; -+ -+ for (loop = 0; loop < canon - 1; loop++) { -+ const char *x = secstrings + get32(§ions[canonlist[loop + 0]].sh_name); -+ const char *y = secstrings + get32(§ions[canonlist[loop + 1]].sh_name); -+ if (strcmp(x, y) > 0) { -+ tmp = canonlist[loop + 0]; -+ canonlist[loop + 0] = canonlist[loop + 1]; -+ canonlist[loop + 1] = tmp; -+ changed = 1; -+ } -+ } -+ -+ } while (changed); -+ -+ for (loop = 0; loop < canon; loop++) -+ canonmap[canonlist[loop]] = loop + 1; -+ -+ if (is_verbose > 1) { -+ printf("\nSection canonicalisation map:\n"); -+ for (loop = 1; loop < shnum; loop++) { -+ const char *x = secstrings + get32(§ions[loop].sh_name); -+ printf("%4d %s\n", canonmap[loop], x); -+ } -+ -+ printf("\nAllocated section list in canonical order:\n"); -+ for (loop = 0; loop < canon; loop++) { -+ const char *x = secstrings + get32(§ions[canonlist[loop]].sh_name); -+ printf("%4d %s\n", canonlist[loop], x); -+ } -+ } -+ -+ /* iterate through the section table looking for sections we want to -+ * contribute to the signature */ -+ verbose("\n"); -+ verbose("CAN FILE POS CS SECT NAME\n"); -+ verbose("=== ======== == ==== ==============================\n"); -+ -+ for (loop = 0; loop < canon; loop++) { -+ int sect = canonlist[loop]; -+ const char *sh_name = secstrings + get32(§ions[sect].sh_name); -+ Elf32_Word sh_type = get32(§ions[sect].sh_type); -+ Elf32_Xword sh_size = get32(§ions[sect].sh_size); -+ Elf32_Xword sh_flags = get32(§ions[sect].sh_flags); -+ Elf32_Word sh_info = get32(§ions[sect].sh_info); -+ Elf32_Off sh_offset = get32(§ions[sect].sh_offset); -+ void *data = buffer + sh_offset; -+ -+ csum = 0; -+ -+ /* quick sanity check */ -+ if (sh_type != SHT_NOBITS && len < sh_offset + sh_size) { -+ fprintf(stderr, "section goes beyond EOF\n"); -+ exit(3); -+ } -+ -+ /* include canonicalised relocation sections */ -+ if (sh_type == SHT_REL || sh_type == SHT_RELA) { -+ Elf32_Word canon_sh_info; -+ -+ if (sh_info <= 0 && sh_info >= hdr->e_shnum) { -+ fprintf(stderr, -+ "Invalid ELF - REL/RELA sh_info does" -+ " not refer to a valid section\n"); -+ exit(3); -+ } -+ -+ verbose("%3u %08lx ", loop, ftell(outfd)); -+ -+ set32(&canon_sh_info, canonmap[sh_info]); -+ -+ /* write out selected portions of the section header */ -+ write_out(sh_name, strlen(sh_name)); -+ write_out_val(sections[sect].sh_type); -+ write_out_val(sections[sect].sh_flags); -+ write_out_val(sections[sect].sh_size); -+ write_out_val(sections[sect].sh_addralign); -+ write_out_val(canon_sh_info); -+ -+ if (sh_type == SHT_RELA) -+ extract_elf32_rela(buffer, sect, sh_info, -+ data, sh_size / sizeof(Elf32_Rela), -+ symbols, nsyms, -+ sections, shnum, canonmap, -+ strings, nstrings, -+ sh_name); -+ else -+ extract_elf32_rel(buffer, sect, sh_info, -+ data, sh_size / sizeof(Elf32_Rel), -+ symbols, nsyms, -+ sections, shnum, canonmap, -+ strings, nstrings, -+ sh_name); -+ continue; -+ } -+ -+ /* include the headers of BSS sections */ -+ if (sh_type == SHT_NOBITS && sh_flags & SHF_ALLOC) { -+ verbose("%3u %08lx ", loop, ftell(outfd)); -+ -+ /* write out selected portions of the section header */ -+ write_out(sh_name, strlen(sh_name)); -+ write_out_val(sections[sect].sh_type); -+ write_out_val(sections[sect].sh_flags); -+ write_out_val(sections[sect].sh_size); -+ write_out_val(sections[sect].sh_addralign); -+ -+ verbose("%02x %4d %s\n", csum, sect, sh_name); -+ } -+ -+ /* include allocatable loadable sections */ -+ if (sh_type != SHT_NOBITS && sh_flags & SHF_ALLOC) -+ goto include_section; -+ -+ /* not this section */ -+ continue; -+ -+ include_section: -+ verbose("%3u %08lx ", loop, ftell(outfd)); -+ -+ /* write out selected portions of the section header */ -+ write_out(sh_name, strlen(sh_name)); -+ write_out_val(sections[sect].sh_type); -+ write_out_val(sections[sect].sh_flags); -+ write_out_val(sections[sect].sh_size); -+ write_out_val(sections[sect].sh_addralign); -+ -+ /* write out the section data */ -+ write_out(data, sh_size); -+ -+ verbose("%02x %4d %s\n", csum, sect, sh_name); -+ } -+ -+ verbose("%08lx (%lu bytes csum 0x%02x)\n", -+ ftell(outfd), ftell(outfd), xcsum); -+} -diff --git a/scripts/mod/modsign-note.sh b/scripts/mod/modsign-note.sh -new file mode 100644 -index 0000000..bca67c0 ---- /dev/null -+++ b/scripts/mod/modsign-note.sh -@@ -0,0 +1,16 @@ -+#!/bin/sh -+# -+# Generate a module signature note source file -+# -+# mod-sign.sh > -+# -+ -+SIG=$1 -+ -+cat < -+ -+ELFNOTE(MODSIGN_NOTE_NAME, MODSIGN_NOTE_TYPE, .incbin "$SIG") -+EOF -+ -+exit 0 --- -1.7.11.2 - - -From 6a2e8f0245dadda42c355eda278110f496e3a6d5 Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 14:14:01 +0100 -Subject: [PATCH 20/28] MODSIGN: Module signature verification stub - -Create a stub for the module signature verifier and link it into module.c so -that it gets called. A field is added to struct module to record whether or -not a valid module signature was detected. - -The stub also implements the policy for handling unsigned modules and the -printing of error messages to indicate various problems with the module. - -If CONFIG_MODULE_SIG_FORCE is enabled or "enforcemodulesig=1" is supplied on -the kernel command line, the kernel will _only_ load validly signed modules -for which it has a public key. Otherwise, it will also load modules that are -unsigned. Any module for which the kernel has a key, but which proves to have -a signature mismatch will not be permitted to load. - -This table indicates the behaviours in the various situations: - - MODULE STATE PERMISSIVE MODE ENFORCING MODE - ======================================= =============== =============== - Unsigned Ok EKEYREJECTED - Signed, no public key ENOKEY ENOKEY - Validly signed, public key Ok Ok - Invalidly signed, public key EKEYREJECTED EKEYREJECTED - Validly signed, expired key EKEYEXPIRED EKEYEXPIRED - Signed, hash algorithm unavailable ENOPKG ENOPKG - Corrupt signature EBADMSG EBADMSG - Corrupt ELF ELIBBAD ELIBBAD - -Signed-off-by: David Howells ---- - include/linux/module.h | 3 ++ - kernel/Makefile | 1 + - kernel/module-verify-defs.h | 77 +++++++++++++++++++++++++++++++ - kernel/module-verify.c | 110 ++++++++++++++++++++++++++++++++++++++++++++ - kernel/module-verify.h | 20 ++++++++ - kernel/module.c | 26 +++++++++-- - 6 files changed, 232 insertions(+), 5 deletions(-) - create mode 100644 kernel/module-verify-defs.h - create mode 100644 kernel/module-verify.c - create mode 100644 kernel/module-verify.h - -diff --git a/include/linux/module.h b/include/linux/module.h -index fbcafe2..7391833 100644 ---- a/include/linux/module.h -+++ b/include/linux/module.h -@@ -227,6 +227,9 @@ struct module - /* Unique handle for this module */ - char name[MODULE_NAME_LEN]; - -+ /* Is this module GPG signed */ -+ bool gpgsig_ok; -+ - /* Sysfs stuff. */ - struct module_kobject mkobj; - struct module_attribute *modinfo_attrs; -diff --git a/kernel/Makefile b/kernel/Makefile -index c0cc67a..cec222a 100644 ---- a/kernel/Makefile -+++ b/kernel/Makefile -@@ -55,6 +55,7 @@ obj-$(CONFIG_DEBUG_SPINLOCK) += spinlock.o - obj-$(CONFIG_PROVE_LOCKING) += spinlock.o - obj-$(CONFIG_UID16) += uid16.o - obj-$(CONFIG_MODULES) += module.o -+obj-$(CONFIG_MODULE_SIG) += module-verify.o - obj-$(CONFIG_KALLSYMS) += kallsyms.o - obj-$(CONFIG_BSD_PROCESS_ACCT) += acct.o - obj-$(CONFIG_KEXEC) += kexec.o -diff --git a/kernel/module-verify-defs.h b/kernel/module-verify-defs.h -new file mode 100644 -index 0000000..141ddab ---- /dev/null -+++ b/kernel/module-verify-defs.h -@@ -0,0 +1,77 @@ -+/* Module verification internal definitions -+ * -+ * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. -+ * Written by David Howells (dhowells@redhat.com) -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public Licence -+ * as published by the Free Software Foundation; either version -+ * 2 of the Licence, or (at your option) any later version. -+ */ -+ -+#ifdef CONFIG_MODULE_SIG -+ -+/* -+ * Internal state -+ */ -+struct module_verify_data { -+ struct crypto_key_verify_context *mod_sig; /* Module signing context */ -+ union { -+ const void *buffer; /* module buffer */ -+ const Elf_Ehdr *hdr; /* ELF header */ -+ }; -+ const Elf_Shdr *sections; /* ELF section table */ -+ const char *secstrings; /* ELF section string table */ -+ const void *sig; /* Signature note content */ -+ size_t size; /* module object size */ -+ size_t nsects; /* number of sections */ -+ size_t sig_size; /* Size of signature */ -+ size_t signed_size; /* count of bytes contributed to digest */ -+ unsigned *canonlist; /* list of canonicalised sections */ -+ unsigned *canonmap; /* section canonicalisation map */ -+ unsigned ncanon; /* number of canonicalised sections */ -+ unsigned sig_index; /* module signature section index */ -+ uint8_t xcsum; /* checksum of bytes contributed to digest */ -+ uint8_t csum; /* checksum of bytes representing a section */ -+}; -+ -+/* -+ * Whether or not we support various types of ELF relocation record -+ */ -+#if defined(MODULE_HAS_ELF_REL_ONLY) -+#define is_elf_rel(sh_type) ((sh_type) == SHT_REL) -+#define is_elf_rela(sh_type) (0) -+#elif defined(MODULE_HAS_ELF_RELA_ONLY) -+#define is_elf_rel(sh_type) (0) -+#define is_elf_rela(sh_type) ((sh_type) == SHT_RELA) -+#else -+#define is_elf_rel(sh_type) ((sh_type) == SHT_REL) -+#define is_elf_rela(sh_type) ((sh_type) == SHT_RELA) -+#endif -+ -+/* -+ * Debugging. Define DEBUG to enable. -+ */ -+#define _debug(FMT, ...) \ -+ do { \ -+ if (unlikely(modsign_debug)) \ -+ pr_debug(FMT, ##__VA_ARGS__); \ -+ } while (0) -+ -+#ifdef DEBUG -+#define count_and_csum(C, __p, __n) \ -+ do { \ -+ int __loop; \ -+ for (__loop = 0; __loop < __n; __loop++) { \ -+ (C)->csum += __p[__loop]; \ -+ (C)->xcsum += __p[__loop]; \ -+ } \ -+ (C)->signed_size += __n; \ -+ } while (0) -+#else -+#define count_and_csum(C, __p, __n) \ -+ do { \ -+ } while (0) -+#endif -+ -+#endif /* CONFIG_MODULE_SIG */ -diff --git a/kernel/module-verify.c b/kernel/module-verify.c -new file mode 100644 -index 0000000..4bf857e ---- /dev/null -+++ b/kernel/module-verify.c -@@ -0,0 +1,110 @@ -+/* Module signature verification -+ * -+ * The code in this file examines a signed kernel module and attempts to -+ * determine if the PGP signature inside the module matches a digest of the -+ * allocatable sections and the canonicalised relocation tables for those -+ * allocatable sections. -+ * -+ * The module signature is included in an ELF note within the ELF structure of -+ * the module blob. This, combined with the minimal canonicalisation performed -+ * here, permits the module to pass through "strip -x", "strip -g" and -+ * "eu-strip" without becoming corrupt. "strip" and "strip -s" will render a -+ * module unusable by removing the symbol table. -+ * -+ * Copyright (C) 2004, 2011, 2012 Red Hat, Inc. All Rights Reserved. -+ * Written by David Howells (dhowells@redhat.com) -+ * - Derived from GregKH's RSA module signer -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public License -+ * as published by the Free Software Foundation; either version -+ * 2 of the License, or (at your option) any later version. -+ */ -+ -+#undef DEBUG -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include "module-verify.h" -+#include "module-verify-defs.h" -+ -+#ifdef DEBUG -+static int modsign_debug; -+core_param(modsign_debug, modsign_debug, int, 0644); -+#else -+#define modsign_debug false -+#endif -+ -+#ifdef CONFIG_MODULE_SIG_FORCE -+#define modsign_signedonly true -+#else -+static bool modsign_signedonly; -+#endif -+ -+static const char modsign_note_name[] = ELFNOTE_NAME(MODSIGN_NOTE_NAME); -+static const char modsign_note_section[] = ELFNOTE_SECTION(MODSIGN_NOTE_NAME); -+ -+/* -+ * Verify a module's integrity -+ */ -+int module_verify(const Elf_Ehdr *hdr, size_t size, bool *_gpgsig_ok) -+{ -+ struct module_verify_data mvdata; -+ int ret; -+ -+ memset(&mvdata, 0, sizeof(mvdata)); -+ mvdata.buffer = hdr; -+ mvdata.size = size; -+ -+ if (mvdata.sig_index <= 0) { -+ /* Deal with an unsigned module */ -+ if (modsign_signedonly) { -+ pr_err("An attempt to load unsigned module was rejected\n"); -+ return -EKEYREJECTED; -+ } else { -+ return 0; -+ } -+ goto out; -+ } -+ -+ ret = 0; -+ -+out: -+ switch (ret) { -+ case 0: /* Good signature */ -+ *_gpgsig_ok = true; -+ break; -+ case -ELIBBAD: -+ pr_err("Module format error encountered\n"); -+ break; -+ case -EBADMSG: -+ pr_err("Module signature error encountered\n"); -+ break; -+ case -EKEYREJECTED: /* Signature mismatch or number format error */ -+ pr_err("Module signature verification failed\n"); -+ break; -+ case -ENOKEY: /* Signed, but we don't have the public key */ -+ pr_err("Module signed with unknown public key\n"); -+ break; -+ default: /* Other error (probably ENOMEM) */ -+ break; -+ } -+ return ret; -+} -+ -+static int __init sign_setup(char *str) -+{ -+#ifndef CONFIG_MODULE_SIG_FORCE -+ modsign_signedonly = true; -+#endif -+ return 0; -+} -+__setup("enforcemodulesig", sign_setup); -diff --git a/kernel/module-verify.h b/kernel/module-verify.h -new file mode 100644 -index 0000000..c640634 ---- /dev/null -+++ b/kernel/module-verify.h -@@ -0,0 +1,20 @@ -+/* Module verification definitions -+ * -+ * Copyright (C) 2004, 2012 Red Hat, Inc. All Rights Reserved. -+ * Written by David Howells (dhowells@redhat.com) -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public License -+ * as published by the Free Software Foundation; either version -+ * 2 of the License, or (at your option) any later version. -+ */ -+ -+#ifdef CONFIG_MODULE_SIG -+extern int module_verify(const Elf_Ehdr *hdr, size_t size, bool *_gpgsig_ok); -+#else -+static inline int module_verify(const Elf_Ehdr *hdr, size_t size, -+ bool *_gpgsig_ok) -+{ -+ return 0; -+} -+#endif -diff --git a/kernel/module.c b/kernel/module.c -index 087aeed..a59a9da 100644 ---- a/kernel/module.c -+++ b/kernel/module.c -@@ -58,6 +58,7 @@ - #include - #include - #include -+#include "module-verify.h" - - #define CREATE_TRACE_POINTS - #include -@@ -2382,7 +2383,8 @@ static inline void kmemleak_load_module(const struct module *mod, - /* Sets info->hdr and info->len. */ - static int copy_and_check(struct load_info *info, - const void __user *umod, unsigned long len, -- const char __user *uargs) -+ const char __user *uargs, -+ bool *_gpgsig_ok) - { - int err; - Elf_Ehdr *hdr; -@@ -2415,6 +2417,12 @@ static int copy_and_check(struct load_info *info, - goto free_hdr; - } - -+ /* Verify the module's contents */ -+ *_gpgsig_ok = false; -+ err = module_verify(hdr, len, _gpgsig_ok); -+ if (err < 0) -+ goto free_hdr; -+ - info->hdr = hdr; - info->len = len; - return 0; -@@ -2757,7 +2765,8 @@ int __weak module_frob_arch_sections(Elf_Ehdr *hdr, - return 0; - } - --static struct module *layout_and_allocate(struct load_info *info) -+static struct module *layout_and_allocate(struct load_info *info, -+ bool gpgsig_ok) - { - /* Module within temporary copy. */ - struct module *mod; -@@ -2767,6 +2776,7 @@ static struct module *layout_and_allocate(struct load_info *info) - mod = setup_load_info(info); - if (IS_ERR(mod)) - return mod; -+ mod->gpgsig_ok = gpgsig_ok; - - err = check_modinfo(mod, info); - if (err) -@@ -2850,17 +2860,18 @@ static struct module *load_module(void __user *umod, - struct load_info info = { NULL, }; - struct module *mod; - long err; -+ bool gpgsig_ok; - - pr_debug("load_module: umod=%p, len=%lu, uargs=%p\n", - umod, len, uargs); - - /* Copy in the blobs from userspace, check they are vaguely sane. */ -- err = copy_and_check(&info, umod, len, uargs); -+ err = copy_and_check(&info, umod, len, uargs, &gpgsig_ok); - if (err) - return ERR_PTR(err); - - /* Figure out module layout, and allocate all the memory. */ -- mod = layout_and_allocate(&info); -+ mod = layout_and_allocate(&info, gpgsig_ok); - if (IS_ERR(mod)) { - err = PTR_ERR(mod); - goto free_copy; -@@ -3497,8 +3508,13 @@ void print_modules(void) - printk(KERN_DEFAULT "Modules linked in:"); - /* Most callers should already have preempt disabled, but make sure */ - preempt_disable(); -- list_for_each_entry_rcu(mod, &modules, list) -+ list_for_each_entry_rcu(mod, &modules, list) { - printk(" %s%s", mod->name, module_flags(mod, buf)); -+#ifdef CONFIG_MODULE_SIG -+ if (!mod->gpgsig_ok) -+ printk("(U)"); -+#endif -+ } - preempt_enable(); - if (last_unloaded_module[0]) - printk(" [last unloaded: %s]", last_unloaded_module); --- -1.7.11.2 - - -From 62c90369e58486688303c4803e39d7df44a932f9 Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 14:14:02 +0100 -Subject: [PATCH 21/28] MODSIGN: Automatically generate module signing keys if - missing - -Automatically generate keys for module signing if they're absent so that -allyesconfig doesn't break. The builder should consider generating their own -keyrings, however, so that the keys are appropriately named and any extra keys -required get imported. - -Also change the names of the keyring files to modsign.pub and modsign.sec so -that they are then a more obvious what they're about and add a dependency for -the signing rules on the keyring files so that the signatures get regenerated -if the keyrings change. - -Signed-off-by: David Howells ---- - kernel/Makefile | 49 +++++++++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 49 insertions(+) - -diff --git a/kernel/Makefile b/kernel/Makefile -index cec222a..28cd248 100644 ---- a/kernel/Makefile -+++ b/kernel/Makefile -@@ -132,3 +132,52 @@ quiet_cmd_timeconst = TIMEC $@ - targets += timeconst.h - $(obj)/timeconst.h: $(src)/timeconst.pl FORCE - $(call if_changed,timeconst) -+ -+############################################################################### -+# -+# If module signing is requested, say by allyesconfig, but a key has not been -+# supplied, then one will need to be generated to make sure the build does not -+# fail and that the kernel may be used afterwards. -+# -+############################################################################### -+ifeq ($(CONFIG_MODULE_SIG),y) -+modsign.pub modsign.sec: genkey -+ @echo "###" -+ @echo "### Now generating a PGP key pair to be used for signing modules." -+ @echo "###" -+ @echo "### If this takes a long time, you might wish to run rngd in the" -+ @echo "### background to keep the supply of entropy topped up. It" -+ @echo "### needs to be run as root and should use a hardware random" -+ @echo "### number generator if one is available, eg:" -+ @echo "###" -+ @echo "### rngd -r /dev/hwrandom" -+ @echo "###" -+ gpg --homedir . --batch --gen-key genkey -+ @echo "###" -+ @echo "### Key pair generated." -+ @echo "###" -+ rm -f pubring.gpg secring.gpg trustdb.gpg -+ -+genkey: -+ @echo "###" >&2 -+ @echo "### Now generating a sample key generation script." >&2 -+ @echo "###" >&2 -+ @echo "### IT IS STRONGLY RECOMMENDED THAT YOU SUPPLY YOUR OWN" >&2 -+ @echo "### SCRIPT WITH APPROPRIATE NAME FIELDS FILLED IN." >&2 -+ @echo "###" >&2 -+ @echo "### If you have a hardware random number generator feeding" >&2 -+ @echo "### into /dev/random, you should drop the %no-protection" >&2 -+ @echo "### and %transient-key lines from the script." >&2 -+ @echo "###" >&2 -+ echo "%pubring modsign.pub" >genkey -+ echo "%secring modsign.sec" >>genkey -+ echo "%no-protection: yes" >> genkey -+ echo "%transient-key: yes" >>genkey -+ echo "Key-Type: RSA" >>genkey -+ echo "Key-Length: 4096" >>genkey -+ echo "Name-Real: Sample kernel key" >>genkey -+ echo "Name-Comment: Sample kernel module signing key" >>genkey -+ echo "%commit" >>genkey -+ -+endif -+CLEAN_FILES += modsign.pub modsign.sec genkey random_seed --- -1.7.11.2 - - -From 00ce30147994ed4a503bdb051350a4601c565dcc Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 14:14:02 +0100 -Subject: [PATCH 22/28] MODSIGN: Provide module signing public keys to the - kernel - -Include a PGP keyring containing the public keys required to perform module -verification in the kernel image during build and create a special keyring -during boot which is then populated with keys of crypto type holding the public -keys found in the PGP keyring. - -These can be seen by root: - -[root@andromeda ~]# cat /proc/keys -07ad4ee0 I----- 1 perm 3f010000 0 0 crypto modsign.0: RSA 87b9b3bd [] -15c7f8c3 I----- 1 perm 1f030000 0 0 keyring .module_sign: 1/4 -... - -It is probably worth permitting root to invalidate these keys, resulting in -their removal and preventing further modules from being loaded with that key. - -Signed-off-by: David Howells ---- - kernel/Makefile | 25 ++++++++------- - kernel/modsign-pubkey.c | 75 +++++++++++++++++++++++++++++++++++++++++++++ - kernel/module-verify-defs.h | 4 +++ - kernel/module-verify.c | 2 -- - 4 files changed, 93 insertions(+), 13 deletions(-) - create mode 100644 kernel/modsign-pubkey.c - -diff --git a/kernel/Makefile b/kernel/Makefile -index 28cd248..1d20704 100644 ---- a/kernel/Makefile -+++ b/kernel/Makefile -@@ -55,7 +55,8 @@ obj-$(CONFIG_DEBUG_SPINLOCK) += spinlock.o - obj-$(CONFIG_PROVE_LOCKING) += spinlock.o - obj-$(CONFIG_UID16) += uid16.o - obj-$(CONFIG_MODULES) += module.o --obj-$(CONFIG_MODULE_SIG) += module-verify.o -+obj-$(CONFIG_MODULE_SIG) += module-verify.o modsign-pubkey.o -+kernel/modsign-pubkey.o: modsign.pub - obj-$(CONFIG_KALLSYMS) += kallsyms.o - obj-$(CONFIG_BSD_PROCESS_ACCT) += acct.o - obj-$(CONFIG_KEXEC) += kexec.o -@@ -159,16 +160,18 @@ modsign.pub modsign.sec: genkey - rm -f pubring.gpg secring.gpg trustdb.gpg - - genkey: -- @echo "###" >&2 -- @echo "### Now generating a sample key generation script." >&2 -- @echo "###" >&2 -- @echo "### IT IS STRONGLY RECOMMENDED THAT YOU SUPPLY YOUR OWN" >&2 -- @echo "### SCRIPT WITH APPROPRIATE NAME FIELDS FILLED IN." >&2 -- @echo "###" >&2 -- @echo "### If you have a hardware random number generator feeding" >&2 -- @echo "### into /dev/random, you should drop the %no-protection" >&2 -- @echo "### and %transient-key lines from the script." >&2 -- @echo "###" >&2 -+ @echo "kernel/Makefile:163: ###" >&2 -+ @echo "kernel/Makefile:163: ### CONFIG_MODULE_SIG is enabled so a public key is needed." >&2 -+ @echo "kernel/Makefile:163: ###" >&2 -+ @echo "kernel/Makefile:163: ### Now generating a sample key generation script." >&2 -+ @echo "kernel/Makefile:163: ###" >&2 -+ @echo "kernel/Makefile:163: ### IT IS STRONGLY RECOMMENDED THAT YOU SUPPLY YOUR OWN" >&2 -+ @echo "kernel/Makefile:163: ### SCRIPT WITH APPROPRIATE NAME FIELDS FILLED IN." >&2 -+ @echo "kernel/Makefile:163: ###" >&2 -+ @echo "kernel/Makefile:163: ### If you have a hardware random number generator feeding" >&2 -+ @echo "kernel/Makefile:163: ### into /dev/random, you should drop the %no-protection" >&2 -+ @echo "kernel/Makefile:163: ### and %transient-key lines from the script." >&2 -+ @echo "kernel/Makefile:163: ###" >&2 - echo "%pubring modsign.pub" >genkey - echo "%secring modsign.sec" >>genkey - echo "%no-protection: yes" >> genkey -diff --git a/kernel/modsign-pubkey.c b/kernel/modsign-pubkey.c -new file mode 100644 -index 0000000..17e02f5 ---- /dev/null -+++ b/kernel/modsign-pubkey.c -@@ -0,0 +1,75 @@ -+/* Public keys for module signature verification -+ * -+ * Copyright (C) 2011 Red Hat, Inc. All Rights Reserved. -+ * Written by David Howells (dhowells@redhat.com) -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public Licence -+ * as published by the Free Software Foundation; either version -+ * 2 of the Licence, or (at your option) any later version. -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include "module-verify-defs.h" -+ -+struct key *modsign_keyring; -+ -+extern __initdata const u8 modsign_public_keys[]; -+extern __initdata const u8 modsign_public_keys_end[]; -+asm(".section .init.data,\"aw\"\n" -+ "modsign_public_keys:\n" -+ ".incbin \"modsign.pub\"\n" -+ "modsign_public_keys_end:" -+ ); -+ -+/* -+ * We need to make sure ccache doesn't cache the .o file as it doesn't notice -+ * if modsign.pub changes. -+ */ -+static __initdata const char annoy_ccache[] = __TIME__ "foo"; -+ -+/* -+ * Load the compiled-in keys -+ */ -+static __init int module_verify_init(void) -+{ -+ pr_notice("Initialise module verification\n"); -+ -+ modsign_keyring = key_alloc(&key_type_keyring, ".module_sign", -+ 0, 0, current_cred(), -+ (KEY_POS_ALL & ~KEY_POS_SETATTR) | -+ KEY_USR_VIEW | KEY_USR_READ, -+ KEY_ALLOC_NOT_IN_QUOTA); -+ if (IS_ERR(modsign_keyring)) -+ panic("Can't allocate module signing keyring\n"); -+ -+ if (key_instantiate_and_link(modsign_keyring, NULL, 0, NULL, NULL) < 0) -+ panic("Can't instantiate module signing keyring\n"); -+ -+ return 0; -+} -+ -+/* -+ * Must be initialised before we try and load the keys into the keyring. -+ */ -+device_initcall(module_verify_init); -+ -+/* -+ * Load the compiled-in keys -+ */ -+static __init int modsign_pubkey_init(void) -+{ -+ pr_notice("Load module verification keys\n"); -+ -+ if (preload_pgp_keys(modsign_public_keys, -+ modsign_public_keys_end - modsign_public_keys, -+ modsign_keyring, "modsign.") < 0) -+ panic("Can't load module signing keys\n"); -+ -+ return 0; -+} -+late_initcall(modsign_pubkey_init); -diff --git a/kernel/module-verify-defs.h b/kernel/module-verify-defs.h -index 141ddab..2fe31e1 100644 ---- a/kernel/module-verify-defs.h -+++ b/kernel/module-verify-defs.h -@@ -11,6 +11,10 @@ - - #ifdef CONFIG_MODULE_SIG - -+#include -+ -+extern struct key *modsign_keyring; -+ - /* - * Internal state - */ -diff --git a/kernel/module-verify.c b/kernel/module-verify.c -index 4bf857e..05473e6 100644 ---- a/kernel/module-verify.c -+++ b/kernel/module-verify.c -@@ -28,8 +28,6 @@ - #include - #include - #include --#include --#include - #include - #include - #include --- -1.7.11.2 - - -From 9b94f77eea94d028df6a041e6772f9f142eb89e7 Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 14:14:02 +0100 -Subject: [PATCH 23/28] MODSIGN: Check the ELF container - -Check the ELF container of the kernel module to prevent the kernel from -crashing or getting corrupted whilst trying to use it and locate the module -signature note if present. - -We try to check as little as possible. We check the metadata that the -signature checker actually has to use, and leave anything that it doesn't -actually need to the signature to catch. - -The stuff we need to check is: - - (1) The locations and offsets in the ELF header of important parts like the - section table. - - (2) The section table. Note that we only check sh_info for section types that - we're actually interested in (string, symbol and relocation tables). We - also check that alignments are what we expect for those tables. - - (3) That non-empty string tables have the required NUL at the end so that we - can be sure that all strings therein are NUL-terminated. We don't bother - checking for the required NUL at the beginning as it shouldn't cause a - problem to us. - - (4) The name offset and section index in each symbol. We could defer this to - when we deal with the relocation tables so that we only check symbols that - are used by relocations - but we would then end up checking some symbols - multiple times. - - (5) The module signature note section and the first note in it if present. - - (6) That relocations applied to an allocatable section only refer to - symbols in allocatable sections and absolute symbols (done in the module - signing code rather than here). - -Note that these checks survive "strip -x", "strip -g" and "eu-strip" being -applied to a module and detect if the module was given to "strip" or "strip -s" -and report an error. - -We can skip some direct checks that turn out unnecessary or redundant: - - (1) That sh_link has a greater than 0 value for symbol tables and relocation - tables. These require the index of a string table and a symbol table - respectively - and since we have already checked section 0 is of SHT_NULL - type, checking the symbol type renders the sh_link > 0 check redundant. - - (2) That a non-empty string table begins with a NUL. Since we check the - string table ends with a NUL, any string in there will be NUL-terminated - and shouldn't cause us to transgress beyond the bounds of the string table - when using strlen(). - - (3) That strings in a string table actually make sense. We don't care, so - long as it is NUL terminated. Any string that refers to an undefined - symbol is added to the crypto digest and will be checked that way. - Strings that we directly look for (such as ".modinfo") will be validated - by that. - - (4) That sections don't overlap. We don't actually care if sections overlap - in the file, provided we don't see bad metadata. If the sections holding - the allocatable content overlap, then the signature check is likely to - fail. - - (5) That symbol values and relocation offsets and addends make sense. We just - add this data to the digest if it pertains to an allocatable section. - - (6) That allocatable note sections, other than the signature note, make sense. - The contents of these get added to the digest in their entirety, so we - don't need to check them manually. - -If bad ELF is detected, ELIBBAD is indicated. - -Note! The "noinline" attribute on the module_verify_elf() function results in -somewhat smaller code. Similarly, having separate loops to check basic section -parameters and to check type-specific features of sections results in smaller -code, presumably because some local variables can be discarded. - -Signed-off-by: David Howells ---- - kernel/module-verify.c | 230 +++++++++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 230 insertions(+) - -diff --git a/kernel/module-verify.c b/kernel/module-verify.c -index 05473e6..2161d11 100644 ---- a/kernel/module-verify.c -+++ b/kernel/module-verify.c -@@ -51,6 +51,228 @@ static const char modsign_note_name[] = ELFNOTE_NAME(MODSIGN_NOTE_NAME); - static const char modsign_note_section[] = ELFNOTE_SECTION(MODSIGN_NOTE_NAME); - - /* -+ * Verify the minimum amount of ELF structure of a module needed to check the -+ * module's signature without bad ELF crashing the kernel. -+ */ -+static noinline int module_verify_elf(struct module_verify_data *mvdata) -+{ -+ const struct elf_note *note; -+ const Elf_Ehdr *hdr = mvdata->hdr; -+ const Elf_Shdr *section, *secstop; -+ const Elf_Sym *symbols, *symbol, *symstop; -+ const char *strtab; -+ size_t size, secstrsize, strsize, notesize, notemetasize; -+ unsigned line; -+ -+ size = mvdata->size; -+ -+#define elfcheck(X) \ -+do { if (unlikely(!(X))) { line = __LINE__; goto elfcheck_error; } } while (0) -+ -+#define seccheck(X) \ -+do { if (unlikely(!(X))) { line = __LINE__; goto seccheck_error; } } while (0) -+ -+#define symcheck(X) \ -+do { if (unlikely(!(X))) { line = __LINE__; goto symcheck_error; } } while (0) -+ -+ /* Validate the ELF header */ -+ elfcheck(size > sizeof(Elf_Ehdr)); -+ elfcheck(hdr->e_ehsize < size); -+ -+ elfcheck(hdr->e_shnum < SHN_LORESERVE); -+ elfcheck(hdr->e_shstrndx < hdr->e_shnum); -+ elfcheck(hdr->e_shentsize == sizeof(Elf_Shdr)); -+ elfcheck(hdr->e_shoff < size); -+ elfcheck(hdr->e_shoff >= hdr->e_ehsize); -+ elfcheck(hdr->e_shoff % sizeof(long) == 0); -+ elfcheck(hdr->e_shnum * sizeof(Elf_Shdr) <= size - hdr->e_shoff); -+ -+ /* Validate the section table contents */ -+ mvdata->nsects = hdr->e_shnum; -+ mvdata->sections = mvdata->buffer + hdr->e_shoff; -+ secstop = mvdata->sections + mvdata->nsects; -+ -+ /* Section 0 is special, usually indicating an undefined symbol */ -+ section = &mvdata->sections[SHN_UNDEF]; -+ seccheck(section->sh_type == SHT_NULL); -+ -+ /* We also want access to the section name table */ -+ section = &mvdata->sections[hdr->e_shstrndx]; -+ seccheck(section->sh_type == SHT_STRTAB); -+ secstrsize = mvdata->sections[hdr->e_shstrndx].sh_size; -+ -+ for (section = mvdata->sections + 1; section < secstop; section++) { -+ seccheck(section->sh_name < secstrsize); -+ seccheck(section->sh_link < hdr->e_shnum); -+ -+ /* Section file offsets must reside within the file, though -+ * they don't have to actually consume file space (.bss for -+ * example). -+ */ -+ seccheck(section->sh_offset >= hdr->e_ehsize); -+ if (section->sh_addralign > 1) -+ seccheck((section->sh_offset & -+ (section->sh_addralign - 1)) == 0); -+ seccheck(section->sh_offset <= size); -+ if (section->sh_type != SHT_NOBITS) -+ seccheck(section->sh_size <= size - section->sh_offset); -+ -+ /* Some types of section should contain arrays of fixed-length -+ * records of a predetermined size and mustn't contain partial -+ * records. Also, records we're going to access directly must -+ * have appropriate alignment that we don't get a misalignment -+ * exception. -+ */ -+ if (section->sh_entsize > 1) -+ seccheck(section->sh_size % section->sh_entsize == 0); -+ -+ switch (section->sh_type) { -+ case SHT_SYMTAB: -+ seccheck(section->sh_entsize == sizeof(Elf_Sym)); -+ seccheck(section->sh_addralign % sizeof(long) == 0); -+ break; -+ case SHT_REL: -+#ifdef Elf_Rel -+ seccheck(section->sh_entsize == sizeof(Elf_Rel)); -+ seccheck(section->sh_addralign % sizeof(long) == 0); -+ break; -+#else -+ seccheck(false); -+ break; -+#endif -+ case SHT_RELA: -+#ifdef Elf_Rela -+ seccheck(section->sh_entsize == sizeof(Elf_Rela)); -+ seccheck(section->sh_addralign % sizeof(long) == 0); -+ break; -+#else -+ seccheck(false); -+ break; -+#endif -+ case SHT_NOTE: -+ seccheck(section->sh_addralign % 4 == 0); -+ break; -+ case SHT_STRTAB: -+ /* We require all string tables to be non-empty. If -+ * not empty, a string table must end in a NUL (it -+ * should also begin with a NUL, but it's not a problem -+ * for us if it doesn't). -+ */ -+ seccheck(section->sh_size >= 2); -+ strtab = mvdata->buffer + section->sh_offset; -+ seccheck(strtab[section->sh_size - 1] == '\0'); -+ break; -+ } -+ } -+ -+ /* Check features specific to the type of each section. -+ * -+ * Note that having a separate loop here allows the compiler to discard -+ * some local variables used in the above loop thus making the code -+ * smaller. -+ */ -+ for (section = mvdata->sections + 1; section < secstop; section++) { -+ switch (section->sh_type) { -+ case SHT_SYMTAB: -+ /* Symbol tables nominate a string table. */ -+ seccheck(mvdata->sections[section->sh_link].sh_type == -+ SHT_STRTAB); -+ -+ /* Validate the symbols in the table. The first symbol -+ * (STN_UNDEF) is special. -+ */ -+ symbol = symbols = mvdata->buffer + section->sh_offset; -+ symstop = mvdata->buffer + -+ (section->sh_offset + section->sh_size); -+ -+ symcheck(ELF_ST_TYPE(symbols[0].st_info) == STT_NOTYPE); -+ symcheck(symbol[0].st_shndx == SHN_UNDEF); -+ -+ strsize = mvdata->sections[section->sh_link].sh_size; -+ for (symbol++; symbol < symstop; symbol++) { -+ symcheck(symbol->st_name < strsize); -+ symcheck(symbol->st_shndx < hdr->e_shnum || -+ symbol->st_shndx >= SHN_LORESERVE); -+ } -+ break; -+ -+#ifdef Elf_Rel -+ case SHT_REL: -+#endif -+#ifdef Elf_Rela -+ case SHT_RELA: -+#endif -+ /* Relocation tables nominate a symbol table and a -+ * target section to which the relocations will be -+ * applied. -+ */ -+ seccheck(mvdata->sections[section->sh_link].sh_type == -+ SHT_SYMTAB); -+ seccheck(section->sh_info > 0); -+ seccheck(section->sh_info < hdr->e_shnum); -+ break; -+ } -+ } -+ -+ /* We can now use section name string table section as we checked its -+ * bounds in the loop above. -+ * -+ * Each name is NUL-terminated, and the table as a whole should have a -+ * NUL at either end as there to be at least one named section for the -+ * module information. -+ */ -+ section = &mvdata->sections[hdr->e_shstrndx]; -+ mvdata->secstrings = mvdata->buffer + section->sh_offset; -+ -+ for (section = mvdata->sections + 1; section < secstop; section++) { -+ const char *name = mvdata->secstrings + section->sh_name; -+ -+ switch (section->sh_type) { -+ case SHT_NOTE: -+ if (strcmp(name, modsign_note_section) != 0) -+ continue; -+ -+ /* We've found a note purporting to contain a signature -+ * so we should check the structure of that. -+ */ -+ notemetasize = sizeof(struct elf_note) + -+ roundup(sizeof(modsign_note_name), 4); -+ -+ seccheck(mvdata->sig_index == 0); -+ seccheck(section->sh_size > notemetasize); -+ note = mvdata->buffer + section->sh_offset; -+ seccheck(note->n_type == MODSIGN_NOTE_TYPE); -+ seccheck(note->n_namesz == sizeof(modsign_note_name)); -+ -+ notesize = section->sh_size - notemetasize; -+ seccheck(note->n_descsz <= notesize); -+ -+ seccheck(memcmp(note + 1, modsign_note_name, -+ note->n_namesz) == 0); -+ -+ mvdata->sig_size = note->n_descsz; -+ mvdata->sig = (void *)note + notemetasize; -+ mvdata->sig_index = section - mvdata->sections; -+ break; -+ } -+ } -+ -+ return 0; -+ -+elfcheck_error: -+ _debug("Verify ELF error (check %u)\n", line); -+ return -ELIBBAD; -+seccheck_error: -+ _debug("Verify ELF error [sec %ld] (check %u)\n", -+ (long)(section - mvdata->sections), line); -+ return -ELIBBAD; -+symcheck_error: -+ _debug("Verify ELF error [sym %ld] (check %u)\n", -+ (long)(symbol - symbols), line); -+ return -ELIBBAD; -+} -+ -+/* - * Verify a module's integrity - */ - int module_verify(const Elf_Ehdr *hdr, size_t size, bool *_gpgsig_ok) -@@ -62,6 +284,14 @@ int module_verify(const Elf_Ehdr *hdr, size_t size, bool *_gpgsig_ok) - mvdata.buffer = hdr; - mvdata.size = size; - -+ /* Minimally check the ELF to make sure building the signature digest -+ * won't crash the kernel. -+ */ -+ ret = module_verify_elf(&mvdata); -+ if (ret < 0) -+ goto out; -+ -+ /* The ELF checker found the sig for us if it exists */ - if (mvdata.sig_index <= 0) { - /* Deal with an unsigned module */ - if (modsign_signedonly) { --- -1.7.11.2 - - -From 60ca7dc263084abcf68325ed86d2765148f60225 Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 14:14:02 +0100 -Subject: [PATCH 24/28] MODSIGN: Produce a filtered and canonicalised section - list - -Build a list of the sections in which we're interested and canonicalise the -section indices to avoid the problems of the section table being altered by ld -when the signature is linked into the binary and by strip. - -The only sections in which we're actually interested are those that are marked -allocatable (which will be kept in memory) and relocation tables that are -applicable to those sections. - -Canonicalisation is done by sorting the filtered list in order of section name. - -Signed-off-by: David Howells ---- - kernel/module-verify.c | 80 ++++++++++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 80 insertions(+) - -diff --git a/kernel/module-verify.c b/kernel/module-verify.c -index 2161d11..646b104 100644 ---- a/kernel/module-verify.c -+++ b/kernel/module-verify.c -@@ -273,6 +273,80 @@ symcheck_error: - } - - /* -+ * Canonicalise the section table index numbers. -+ * -+ * We build a list of the sections we want to add to the digest and sort it by -+ * name. We're only interested in adding two types of section: -+ * -+ * (1) Allocatable sections. These should have no references to other -+ * sections. -+ * -+ * (2) Relocation tables for allocatable sections. The section table entry -+ * has a reference to the target section to which the relocations will be -+ * applied. The relocation entries have references to symbols in -+ * non-allocatable sections. Symbols can be replaced by their contents, -+ * but do include a further reference to a section - which must be -+ * canonicalised. -+ * -+ * We also build a map of raw section index to canonical section index. -+ */ -+static int module_verify_canonicalise(struct module_verify_data *mvdata) -+{ -+ const Elf_Shdr *sechdrs = mvdata->sections; -+ unsigned *canonlist, canon, loop, tmp; -+ bool changed; -+ -+ canonlist = kmalloc(sizeof(unsigned) * mvdata->nsects * 2, GFP_KERNEL); -+ if (!canonlist) -+ return -ENOMEM; -+ -+ mvdata->canonlist = canonlist; -+ mvdata->canonmap = canonlist + mvdata->nsects; -+ canon = 0; -+ -+ for (loop = 1; loop < mvdata->nsects; loop++) { -+ const Elf_Shdr *section = mvdata->sections + loop; -+ -+ if (loop == mvdata->sig_index) -+ continue; -+ -+ /* We only want allocatable sections and relocation tables */ -+ if (section->sh_flags & SHF_ALLOC) -+ canonlist[canon++] = loop; -+ else if ((is_elf_rel(section->sh_type) || -+ is_elf_rela(section->sh_type)) && -+ mvdata->sections[section->sh_info].sh_flags & SHF_ALLOC) -+ canonlist[canon++] = loop; -+ } -+ -+ /* Sort the canonicalisation list */ -+ do { -+ changed = false; -+ -+ for (loop = 0; loop < canon - 1; loop++) { -+ const char *x, *y; -+ -+ x = mvdata->secstrings + sechdrs[canonlist[loop + 0]].sh_name; -+ y = mvdata->secstrings + sechdrs[canonlist[loop + 1]].sh_name; -+ -+ if (strcmp(x, y) > 0) { -+ tmp = canonlist[loop + 0]; -+ canonlist[loop + 0] = canonlist[loop + 1]; -+ canonlist[loop + 1] = tmp; -+ changed = true; -+ } -+ } -+ } while (changed); -+ -+ /* What we really want is a raw-to-canon lookup table */ -+ memset(mvdata->canonmap, 0xff, mvdata->nsects * sizeof(unsigned)); -+ for (loop = 0; loop < canon; loop++) -+ mvdata->canonmap[mvdata->canonlist[loop]] = loop + 1; -+ mvdata->ncanon = canon; -+ return 0; -+} -+ -+/* - * Verify a module's integrity - */ - int module_verify(const Elf_Ehdr *hdr, size_t size, bool *_gpgsig_ok) -@@ -303,7 +377,13 @@ int module_verify(const Elf_Ehdr *hdr, size_t size, bool *_gpgsig_ok) - goto out; - } - -+ /* Produce a canonicalisation map for the sections */ -+ ret = module_verify_canonicalise(&mvdata); -+ if (ret < 0) -+ goto out; -+ - ret = 0; -+ kfree(mvdata.canonlist); - - out: - switch (ret) { --- -1.7.11.2 - - -From b847c539c4fb7d71ab7383e79b3e6c0683a23a7e Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 14:14:03 +0100 -Subject: [PATCH 25/28] MODSIGN: Create digest of module content and check - signature - -Apply signature checking to modules on module load, checking the signature -against the ring of public keys compiled into the kernel (if enabled by -CONFIG_MODULE_SIG). Turning on signature checking will also force the module's -ELF metadata to be verified first. - -There are several reasons why these patches are useful, amongst which are: - - (1) to prevent accidentally corrupted modules from causing damage; - - (2) to prevent maliciously modified modules from causing damage; - - (3) to allow a sysadmin (or more likely an IT department) to enforce a policy - that only known and approved modules shall be loaded onto machines which - they're expected to support; - - (4) to allow other support providers to do likewise, or at least to _detect_ - the fact that unsupported modules are loaded; - - (5) to allow the detection of modules replaced by a second-order distro or a - preloaded Linux purveyor. - -These patches have two main appeals: (a) preventing malicious modules from -being loaded, and (b) reducing support workload by pointing out modules on a -crashing box that aren't what they're expected to be. - -Note that this is not a complete solution by any means: the core kernel is not -protected, and nor are /dev/mem or /dev/kmem, but it denies (or at least -controls) one relatively simple attack vector. To protect the kernel image -would be the responsibility of the boot loader or the system BIOS. - -This facility is optional: the builder of a kernel is by no means under any -requirement to actually enable it, let alone force the set of loadable modules -to be restricted to just those that the builder provides (there are degrees of -restriction available). - -Note! The "noinline" attribute on module_verify_signature() results in -somewhat smaller code. - -Signed-off-by: David Howells ---- - kernel/module-verify-defs.h | 11 +- - kernel/module-verify.c | 332 +++++++++++++++++++++++++++++++++++++++++++- - 2 files changed, 337 insertions(+), 6 deletions(-) - -diff --git a/kernel/module-verify-defs.h b/kernel/module-verify-defs.h -index 2fe31e1..82952b0 100644 ---- a/kernel/module-verify-defs.h -+++ b/kernel/module-verify-defs.h -@@ -42,15 +42,16 @@ struct module_verify_data { - /* - * Whether or not we support various types of ELF relocation record - */ --#if defined(MODULE_HAS_ELF_REL_ONLY) -+#ifdef Elf_Rel - #define is_elf_rel(sh_type) ((sh_type) == SHT_REL) --#define is_elf_rela(sh_type) (0) --#elif defined(MODULE_HAS_ELF_RELA_ONLY) -+#else - #define is_elf_rel(sh_type) (0) -+#endif -+ -+#ifdef Elf_Rela - #define is_elf_rela(sh_type) ((sh_type) == SHT_RELA) - #else --#define is_elf_rel(sh_type) ((sh_type) == SHT_REL) --#define is_elf_rela(sh_type) ((sh_type) == SHT_RELA) -+#define is_elf_rela(sh_type) (0) - #endif - - /* -diff --git a/kernel/module-verify.c b/kernel/module-verify.c -index 646b104..e275759 100644 ---- a/kernel/module-verify.c -+++ b/kernel/module-verify.c -@@ -50,6 +50,22 @@ static bool modsign_signedonly; - static const char modsign_note_name[] = ELFNOTE_NAME(MODSIGN_NOTE_NAME); - static const char modsign_note_section[] = ELFNOTE_SECTION(MODSIGN_NOTE_NAME); - -+#define crypto_digest_update_data(C, PTR, N) \ -+do { \ -+ uint8_t *__p = (uint8_t *)(PTR); \ -+ size_t __n = (N); \ -+ count_and_csum((C), __p, __n); \ -+ verify_sig_add_data((C)->mod_sig, __p, __n); \ -+} while (0) -+ -+#define crypto_digest_update_val(C, VAL) \ -+do { \ -+ uint8_t *__p = (uint8_t *)&(VAL); \ -+ size_t __n = sizeof(VAL); \ -+ count_and_csum((C), __p, __n); \ -+ verify_sig_add_data((C)->mod_sig, __p, __n); \ -+} while (0) -+ - /* - * Verify the minimum amount of ELF structure of a module needed to check the - * module's signature without bad ELF crashing the kernel. -@@ -346,6 +362,320 @@ static int module_verify_canonicalise(struct module_verify_data *mvdata) - return 0; - } - -+#ifdef Elf_Rel -+/* -+ * Extract an ELF REL table -+ * -+ * We need to canonicalise the entries in case section/symbol addition/removal -+ * has rearranged the symbol table and the section table. -+ */ -+static int extract_elf_rel(struct module_verify_data *mvdata, -+ unsigned secix, -+ const Elf_Rel *reltab, size_t nrels, -+ const char *sh_name) -+{ -+ struct { -+#ifdef CONFIG_64BIT -+ uint64_t r_offset; -+ uint64_t st_value; -+ uint64_t st_size; -+ uint32_t r_type; -+ uint16_t st_shndx; -+ uint8_t st_info; -+ uint8_t st_other; -+#else -+ uint32_t r_offset; -+ uint32_t st_value; -+ uint32_t st_size; -+ uint16_t st_shndx; -+ uint8_t r_type; -+ uint8_t st_info; -+ uint8_t st_other; -+#endif -+ } __packed relocation; -+ -+ const Elf_Shdr *relsec, *symsec, *strsec; -+ const Elf_Rel *reloc; -+ const Elf_Sym *symbols, *symbol; -+ const char *strings; -+ unsigned long r_sym; -+ size_t nsyms, loop; -+ -+ relsec = &mvdata->sections[secix]; -+ symsec = &mvdata->sections[relsec->sh_link]; -+ strsec = &mvdata->sections[symsec->sh_link]; -+ nsyms = symsec->sh_size / sizeof(Elf_Sym); -+ symbols = mvdata->buffer + symsec->sh_offset; -+ strings = mvdata->buffer + strsec->sh_offset; -+ -+ /* Contribute the relevant bits from a join of -+ * { REL, SYMBOL, SECTION } -+ */ -+ for (loop = 0; loop < nrels; loop++) { -+ unsigned st_shndx; -+ -+ reloc = &reltab[loop]; -+ -+ /* Decode the relocation */ -+ relocation.r_offset = reloc->r_offset; -+ relocation.r_type = ELF_R_TYPE(reloc->r_info); -+ -+ /* Decode the symbol referenced by the relocation */ -+ r_sym = ELF_R_SYM(reloc->r_info); -+ if (r_sym >= nsyms) -+ return -ELIBBAD; -+ symbol = &symbols[r_sym]; -+ relocation.st_info = symbol->st_info; -+ relocation.st_other = symbol->st_other; -+ relocation.st_value = symbol->st_value; -+ relocation.st_size = symbol->st_size; -+ relocation.st_shndx = symbol->st_shndx; -+ st_shndx = symbol->st_shndx; -+ -+ /* Canonicalise the section used by the symbol */ -+ if (st_shndx > SHN_UNDEF && st_shndx < mvdata->nsects) { -+ if (!(mvdata->sections[st_shndx].sh_flags & SHF_ALLOC)) -+ return -ELIBBAD; -+ relocation.st_shndx = mvdata->canonmap[st_shndx]; -+ } -+ -+ crypto_digest_update_val(mvdata, relocation); -+ -+ /* Undefined symbols must be named if referenced */ -+ if (st_shndx == SHN_UNDEF) { -+ const char *name = strings + symbol->st_name; -+ crypto_digest_update_data(mvdata, -+ name, strlen(name) + 1); -+ } -+ } -+ -+ _debug("%08zx %02x digested the %s section, nrels %zu\n", -+ mvdata->signed_size, mvdata->csum, sh_name, nrels); -+ -+ return 0; -+} -+#endif -+ -+#ifdef Elf_Rela -+/* -+ * Extract an ELF RELA table -+ * -+ * We need to canonicalise the entries in case section/symbol addition/removal -+ * has rearranged the symbol table and the section table. -+ */ -+static int extract_elf_rela(struct module_verify_data *mvdata, -+ unsigned secix, -+ const Elf_Rela *relatab, size_t nrels, -+ const char *sh_name) -+{ -+ struct { -+#ifdef CONFIG_64BIT -+ uint64_t r_offset; -+ uint64_t r_addend; -+ uint64_t st_value; -+ uint64_t st_size; -+ uint32_t r_type; -+ uint16_t st_shndx; -+ uint8_t st_info; -+ uint8_t st_other; -+#else -+ uint32_t r_offset; -+ uint32_t r_addend; -+ uint32_t st_value; -+ uint32_t st_size; -+ uint16_t st_shndx; -+ uint8_t r_type; -+ uint8_t st_info; -+ uint8_t st_other; -+#endif -+ } __packed relocation; -+ -+ const Elf_Shdr *relsec, *symsec, *strsec; -+ const Elf_Rela *reloc; -+ const Elf_Sym *symbols, *symbol; -+ unsigned long r_sym; -+ const char *strings; -+ size_t nsyms, loop; -+ -+ relsec = &mvdata->sections[secix]; -+ symsec = &mvdata->sections[relsec->sh_link]; -+ strsec = &mvdata->sections[symsec->sh_link]; -+ nsyms = symsec->sh_size / sizeof(Elf_Sym); -+ symbols = mvdata->buffer + symsec->sh_offset; -+ strings = mvdata->buffer + strsec->sh_offset; -+ -+ /* Contribute the relevant bits from a join of -+ * { RELA, SYMBOL, SECTION } -+ */ -+ for (loop = 0; loop < nrels; loop++) { -+ unsigned st_shndx; -+ -+ reloc = &relatab[loop]; -+ -+ /* Decode the relocation */ -+ relocation.r_offset = reloc->r_offset; -+ relocation.r_addend = reloc->r_addend; -+ relocation.r_type = ELF_R_TYPE(reloc->r_info); -+ -+ /* Decode the symbol referenced by the relocation */ -+ r_sym = ELF_R_SYM(reloc->r_info); -+ if (r_sym >= nsyms) -+ return -ELIBBAD; -+ symbol = &symbols[r_sym]; -+ relocation.st_info = symbol->st_info; -+ relocation.st_other = symbol->st_other; -+ relocation.st_value = symbol->st_value; -+ relocation.st_size = symbol->st_size; -+ relocation.st_shndx = 0; -+ st_shndx = symbol->st_shndx; -+ -+ /* Canonicalise the section used by the symbol */ -+ if (st_shndx > SHN_UNDEF && st_shndx < mvdata->nsects) { -+ if (!(mvdata->sections[st_shndx].sh_flags & SHF_ALLOC)) -+ return -ELIBBAD; -+ relocation.st_shndx = mvdata->canonmap[st_shndx]; -+ } -+ -+ crypto_digest_update_val(mvdata, relocation); -+ -+ /* Undefined symbols must be named if referenced */ -+ if (st_shndx == SHN_UNDEF) { -+ const char *name = strings + symbol->st_name; -+ crypto_digest_update_data(mvdata, -+ name, strlen(name) + 1); -+ } -+ } -+ -+ _debug("%08zx %02x digested the %s section, nrels %zu\n", -+ mvdata->signed_size, mvdata->csum, sh_name, nrels); -+ -+ return 0; -+} -+#endif -+ -+/* -+ * Verify a module's signature -+ */ -+static noinline int module_verify_signature(struct module_verify_data *mvdata) -+{ -+ struct crypto_key_verify_context *mod_sig; -+ const Elf_Shdr *sechdrs = mvdata->sections; -+ const char *secstrings = mvdata->secstrings; -+ const u8 *sig = mvdata->sig; -+ size_t sig_size = mvdata->sig_size; -+ int loop, ret; -+ -+ _debug("sig in section %u (size %zu)\n", -+ mvdata->sig_index, mvdata->sig_size); -+ _debug("%02x%02x%02x%02x%02x%02x%02x%02x\n", -+ sig[0], sig[1], sig[2], sig[3], -+ sig[4], sig[5], sig[6], sig[7]); -+ -+ /* Find the crypto key for the module signature -+ * - !!! if this tries to load the required hash algorithm module, -+ * we will deadlock!!! -+ */ -+ mod_sig = verify_sig_begin(modsign_keyring, sig, sig_size); -+ if (IS_ERR(mod_sig)) { -+ pr_err("Couldn't initiate module signature verification: %ld\n", -+ PTR_ERR(mod_sig)); -+ return PTR_ERR(mod_sig); -+ } -+ -+ mvdata->mod_sig = mod_sig; -+#ifdef DEBUG -+ mvdata->xcsum = 0; -+#endif -+ -+ /* Load data from each relevant section into the digest. Note that -+ * canonlist[] is a filtered list and only contains the sections we -+ * actually want. -+ */ -+ for (loop = 0; loop < mvdata->ncanon; loop++) { -+ int sect = mvdata->canonlist[loop]; -+ unsigned long sh_type = sechdrs[sect].sh_type; -+ unsigned long sh_info = sechdrs[sect].sh_info; -+ unsigned long sh_size = sechdrs[sect].sh_size; -+ const char *sh_name = secstrings + sechdrs[sect].sh_name; -+ const void *data = mvdata->buffer + sechdrs[sect].sh_offset; -+ -+#ifdef DEBUG -+ mvdata->csum = 0; -+#endif -+ -+ /* Digest the headers of any section we include. */ -+ crypto_digest_update_data(mvdata, sh_name, strlen(sh_name)); -+ crypto_digest_update_val(mvdata, sechdrs[sect].sh_type); -+ crypto_digest_update_val(mvdata, sechdrs[sect].sh_flags); -+ crypto_digest_update_val(mvdata, sechdrs[sect].sh_size); -+ crypto_digest_update_val(mvdata, sechdrs[sect].sh_addralign); -+ -+ /* Relocation record sections refer to the section to be -+ * relocated, but this needs to be canonicalised to survive -+ * stripping. -+ */ -+ if (is_elf_rel(sh_type) || is_elf_rela(sh_type)) -+ crypto_digest_update_val(mvdata, -+ mvdata->canonmap[sh_info]); -+ -+ /* Since relocation records give details of how we have to -+ * alter the allocatable sections, we need to digest these too. -+ * -+ * These, however, refer to metadata (symbols and sections) -+ * that may have been altered by the process of adding the -+ * signature section or the process of being stripped. -+ * -+ * To deal with this, we substitute the referenced metadata for -+ * the references to that metadata. So, for instance, the -+ * symbol ref from the relocation record is replaced with the -+ * contents of the symbol to which it refers, and the symbol's -+ * section ref is replaced with a canonicalised section number. -+ */ -+#ifdef Elf_Rel -+ if (is_elf_rel(sh_type)) { -+ ret = extract_elf_rel(mvdata, sect, -+ data, -+ sh_size / sizeof(Elf_Rel), -+ sh_name); -+ if (ret < 0) -+ goto format_error; -+ continue; -+ } -+#endif -+ -+#ifdef Elf_Rela -+ if (is_elf_rela(sh_type)) { -+ ret = extract_elf_rela(mvdata, sect, -+ data, -+ sh_size / sizeof(Elf_Rela), -+ sh_name); -+ if (ret < 0) -+ goto format_error; -+ continue; -+ } -+#endif -+ -+ /* Include allocatable loadable sections */ -+ if (sh_type != SHT_NOBITS) -+ crypto_digest_update_data(mvdata, data, sh_size); -+ -+ _debug("%08zx %02x digested the %s section, size %ld\n", -+ mvdata->signed_size, mvdata->csum, sh_name, sh_size); -+ } -+ -+ _debug("Contributed %zu bytes to the digest (csum 0x%02x)\n", -+ mvdata->signed_size, mvdata->xcsum); -+ -+ /* Do the actual signature verification */ -+ ret = verify_sig_end(mvdata->mod_sig, sig, sig_size); -+ _debug("verify-sig : %d\n", ret); -+ return ret; -+ -+format_error: -+ verify_sig_cancel(mvdata->mod_sig); -+ return -ELIBBAD; -+} -+ - /* - * Verify a module's integrity - */ -@@ -382,7 +712,7 @@ int module_verify(const Elf_Ehdr *hdr, size_t size, bool *_gpgsig_ok) - if (ret < 0) - goto out; - -- ret = 0; -+ ret = module_verify_signature(&mvdata); - kfree(mvdata.canonlist); - - out: --- -1.7.11.2 - - -From 86969bc531b37c88b499311abae41e0116666dcc Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 14:14:03 +0100 -Subject: [PATCH 26/28] MODSIGN: Suppress some redundant ELF checks - -Suppress some redundant ELF checks in module_verify_elf() that are also done -by copy_and_check() in the core module loader code prior to calling -module_verify(). - -Signed-off-by: David Howells ---- - kernel/module-verify.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/kernel/module-verify.c b/kernel/module-verify.c -index e275759..bfd1286 100644 ---- a/kernel/module-verify.c -+++ b/kernel/module-verify.c -@@ -97,11 +97,11 @@ do { if (unlikely(!(X))) { line = __LINE__; goto symcheck_error; } } while (0) - - elfcheck(hdr->e_shnum < SHN_LORESERVE); - elfcheck(hdr->e_shstrndx < hdr->e_shnum); -- elfcheck(hdr->e_shentsize == sizeof(Elf_Shdr)); -- elfcheck(hdr->e_shoff < size); -+ /* elfcheck(hdr->e_shentsize == sizeof(Elf_Shdr)); */ -+ /* elfcheck(hdr->e_shoff < size); */ - elfcheck(hdr->e_shoff >= hdr->e_ehsize); - elfcheck(hdr->e_shoff % sizeof(long) == 0); -- elfcheck(hdr->e_shnum * sizeof(Elf_Shdr) <= size - hdr->e_shoff); -+ /* elfcheck(hdr->e_shnum * sizeof(Elf_Shdr) <= size - hdr->e_shoff); */ - - /* Validate the section table contents */ - mvdata->nsects = hdr->e_shnum; --- -1.7.11.2 - - -From 4d5a1f0360ce04a24b847eee2da84d9618375ce8 Mon Sep 17 00:00:00 2001 -From: David Howells -Date: Tue, 24 Jul 2012 14:14:03 +0100 -Subject: [PATCH 27/28] MODSIGN: Panic the kernel if FIPS is enabled upon - module signing failure - -If module signing fails when the kernel is running with FIPS enabled then the -kernel should panic lest the crypto layer be compromised. Possibly a panic -shouldn't happen on cases like ENOMEM. - -Reported-by: Stephan Mueller -Signed-off-by: David Howells ---- - kernel/module-verify.c | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/kernel/module-verify.c b/kernel/module-verify.c -index bfd1286..b9c3955 100644 ---- a/kernel/module-verify.c -+++ b/kernel/module-verify.c -@@ -30,6 +30,7 @@ - #include - #include - #include -+#include - #include - #include "module-verify.h" - #include "module-verify-defs.h" -@@ -716,6 +717,10 @@ int module_verify(const Elf_Ehdr *hdr, size_t size, bool *_gpgsig_ok) - kfree(mvdata.canonlist); - - out: -+ if (ret < 0 && fips_enabled) -+ panic("Module verification failed with error %d in FIPS mode\n", -+ ret); -+ - switch (ret) { - case 0: /* Good signature */ - *_gpgsig_ok = true; --- -1.7.11.2 - - -From dd6e65be6a8f225018259b16161decc26c09c300 Mon Sep 17 00:00:00 2001 -From: Josh Boyer -Date: Thu, 2 Aug 2012 14:35:44 +0100 -Subject: [PATCH 28/28] MODSIGN: Allow modules to be signed with an unknown - key unless enforcing - -Currently we fail the loading of modules that are signed with a public key -that is not in the modsign keyring even if we are not in enforcing mode. -This is somewhat at odds with the fact that we allow a completely unsigned -module to load in such a case. - -We should allow modules signed with an unknown key to load in cases -where we are not enforcing and not in FIPS mode. - -Signed-off-by: Josh Boyer -Signed-off-by: David Howells ---- - kernel/module-verify.c | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/kernel/module-verify.c b/kernel/module-verify.c -index b9c3955..22036d4 100644 ---- a/kernel/module-verify.c -+++ b/kernel/module-verify.c -@@ -736,6 +736,13 @@ out: - break; - case -ENOKEY: /* Signed, but we don't have the public key */ - pr_err("Module signed with unknown public key\n"); -+ if (!modsign_signedonly) { -+ /* Allow a module to be signed with an unknown public -+ * key unless we're enforcing. -+ */ -+ pr_info("Allowing\n"); -+ ret = 0; -+ } - break; - default: /* Other error (probably ENOMEM) */ - break; --- -1.7.11.2 - -From bccd1bfe487e1f4df543f7a160cc9876d7d96fb7 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 2 Aug 2012 23:09:19 +0100 -Subject: [PATCH] MODSIGN: Fix documentation of signed-nokey behavior when not - enforcing. - -jwboyer's previous commit changes the behavior of module signing when -there's a valid signature but we don't know the public key and are in -permissive mode. This updates the documentation to match. - -Signed-off-by: Peter Jones -Acked-by: Josh Boyer -Signed-off-by: David Howells ---- - Documentation/module-signing.txt | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/Documentation/module-signing.txt b/Documentation/module-signing.txt -index d75d473..8c4bef9 100644 ---- a/Documentation/module-signing.txt -+++ b/Documentation/module-signing.txt -@@ -185,7 +185,7 @@ This table indicates the behaviours of the various situations: - MODULE STATE PERMISSIVE MODE ENFORCING MODE - ======================================= =============== =============== - Unsigned Ok EKEYREJECTED -- Signed, no public key ENOKEY ENOKEY -+ Signed, no public key Ok ENOKEY - Validly signed, public key Ok Ok - Invalidly signed, public key EKEYREJECTED EKEYREJECTED - Validly signed, expired key EKEYEXPIRED EKEYEXPIRED --- -1.7.11.2 - diff --git a/net-rework-recvmsg-handler-msg_name-and-msg_namelen-.patch b/net-rework-recvmsg-handler-msg_name-and-msg_namelen-.patch new file mode 100644 index 000000000..3ec6d0194 --- /dev/null +++ b/net-rework-recvmsg-handler-msg_name-and-msg_namelen-.patch @@ -0,0 +1,774 @@ +Bugzilla: 1039874 +Upstream-status: 3.13 and 3.12.4 + +From 9cb9fb275f8794546dc31a79f2f02127fed5baf2 Mon Sep 17 00:00:00 2001 +From: Hannes Frederic Sowa +Date: Thu, 21 Nov 2013 03:14:22 +0100 +Subject: [PATCH] net: rework recvmsg handler msg_name and msg_namelen logic + +[ Upstream commit f3d3342602f8bcbf37d7c46641cb9bca7618eb1c ] + +This patch now always passes msg->msg_namelen as 0. recvmsg handlers must +set msg_namelen to the proper size <= sizeof(struct sockaddr_storage) +to return msg_name to the user. + +This prevents numerous uninitialized memory leaks we had in the +recvmsg handlers and makes it harder for new code to accidentally leak +uninitialized memory. + +Optimize for the case recvfrom is called with NULL as address. We don't +need to copy the address at all, so set it to NULL before invoking the +recvmsg handler. We can do so, because all the recvmsg handlers must +cope with the case a plain read() is called on them. read() also sets +msg_name to NULL. + +Also document these changes in include/linux/net.h as suggested by David +Miller. + +Changes since RFC: + +Set msg->msg_name = NULL if user specified a NULL in msg_name but had a +non-null msg_namelen in verify_iovec/verify_compat_iovec. This doesn't +affect sendto as it would bail out earlier while trying to copy-in the +address. It also more naturally reflects the logic by the callers of +verify_iovec. + +With this change in place I could remove " +if (!uaddr || msg_sys->msg_namelen == 0) + msg->msg_name = NULL +". + +This change does not alter the user visible error logic as we ignore +msg_namelen as long as msg_name is NULL. + +Also remove two unnecessary curly brackets in ___sys_recvmsg and change +comments to netdev style. + +Cc: David Miller +Suggested-by: Eric Dumazet +Signed-off-by: Hannes Frederic Sowa +Signed-off-by: David S. Miller +Signed-off-by: Greg Kroah-Hartman +--- + crypto/algif_hash.c | 2 -- + crypto/algif_skcipher.c | 1 - + drivers/isdn/mISDN/socket.c | 13 ++++--------- + drivers/net/ppp/pppoe.c | 2 -- + include/linux/net.h | 8 ++++++++ + net/appletalk/ddp.c | 16 +++++++--------- + net/atm/common.c | 2 -- + net/ax25/af_ax25.c | 4 ++-- + net/bluetooth/af_bluetooth.c | 4 ---- + net/bluetooth/hci_sock.c | 2 -- + net/bluetooth/rfcomm/sock.c | 1 - + net/bluetooth/sco.c | 1 - + net/caif/caif_socket.c | 4 ---- + net/compat.c | 3 ++- + net/core/iovec.c | 3 ++- + net/ipx/af_ipx.c | 3 +-- + net/irda/af_irda.c | 4 ---- + net/iucv/af_iucv.c | 2 -- + net/key/af_key.c | 1 - + net/l2tp/l2tp_ppp.c | 2 -- + net/llc/af_llc.c | 2 -- + net/netlink/af_netlink.c | 2 -- + net/netrom/af_netrom.c | 3 +-- + net/nfc/llcp_sock.c | 2 -- + net/nfc/rawsock.c | 2 -- + net/packet/af_packet.c | 32 +++++++++++++++----------------- + net/rds/recv.c | 2 -- + net/rose/af_rose.c | 8 +++++--- + net/rxrpc/ar-recvmsg.c | 9 ++++++--- + net/socket.c | 19 +++++++++++-------- + net/tipc/socket.c | 6 ------ + net/unix/af_unix.c | 5 ----- + net/vmw_vsock/af_vsock.c | 2 -- + net/vmw_vsock/vmci_transport.c | 2 -- + net/x25/af_x25.c | 3 +-- + 35 files changed, 65 insertions(+), 112 deletions(-) + +diff --git a/crypto/algif_hash.c b/crypto/algif_hash.c +index 0262210..ef5356c 100644 +--- a/crypto/algif_hash.c ++++ b/crypto/algif_hash.c +@@ -161,8 +161,6 @@ static int hash_recvmsg(struct kiocb *unused, struct socket *sock, + else if (len < ds) + msg->msg_flags |= MSG_TRUNC; + +- msg->msg_namelen = 0; +- + lock_sock(sk); + if (ctx->more) { + ctx->more = 0; +diff --git a/crypto/algif_skcipher.c b/crypto/algif_skcipher.c +index a1c4f0a..6a6dfc0 100644 +--- a/crypto/algif_skcipher.c ++++ b/crypto/algif_skcipher.c +@@ -432,7 +432,6 @@ static int skcipher_recvmsg(struct kiocb *unused, struct socket *sock, + long copied = 0; + + lock_sock(sk); +- msg->msg_namelen = 0; + for (iov = msg->msg_iov, iovlen = msg->msg_iovlen; iovlen > 0; + iovlen--, iov++) { + unsigned long seglen = iov->iov_len; +diff --git a/drivers/isdn/mISDN/socket.c b/drivers/isdn/mISDN/socket.c +index e47dcb9..5cefb47 100644 +--- a/drivers/isdn/mISDN/socket.c ++++ b/drivers/isdn/mISDN/socket.c +@@ -117,7 +117,6 @@ mISDN_sock_recvmsg(struct kiocb *iocb, struct socket *sock, + { + struct sk_buff *skb; + struct sock *sk = sock->sk; +- struct sockaddr_mISDN *maddr; + + int copied, err; + +@@ -135,9 +134,9 @@ mISDN_sock_recvmsg(struct kiocb *iocb, struct socket *sock, + if (!skb) + return err; + +- if (msg->msg_namelen >= sizeof(struct sockaddr_mISDN)) { +- msg->msg_namelen = sizeof(struct sockaddr_mISDN); +- maddr = (struct sockaddr_mISDN *)msg->msg_name; ++ if (msg->msg_name) { ++ struct sockaddr_mISDN *maddr = msg->msg_name; ++ + maddr->family = AF_ISDN; + maddr->dev = _pms(sk)->dev->id; + if ((sk->sk_protocol == ISDN_P_LAPD_TE) || +@@ -150,11 +149,7 @@ mISDN_sock_recvmsg(struct kiocb *iocb, struct socket *sock, + maddr->sapi = _pms(sk)->ch.addr & 0xFF; + maddr->tei = (_pms(sk)->ch.addr >> 8) & 0xFF; + } +- } else { +- if (msg->msg_namelen) +- printk(KERN_WARNING "%s: too small namelen %d\n", +- __func__, msg->msg_namelen); +- msg->msg_namelen = 0; ++ msg->msg_namelen = sizeof(*maddr); + } + + copied = skb->len + MISDN_HEADER_LEN; +diff --git a/drivers/net/ppp/pppoe.c b/drivers/net/ppp/pppoe.c +index 5f66e30..82ee6ed 100644 +--- a/drivers/net/ppp/pppoe.c ++++ b/drivers/net/ppp/pppoe.c +@@ -979,8 +979,6 @@ static int pppoe_recvmsg(struct kiocb *iocb, struct socket *sock, + if (error < 0) + goto end; + +- m->msg_namelen = 0; +- + if (skb) { + total_len = min_t(size_t, total_len, skb->len); + error = skb_copy_datagram_iovec(skb, 0, m->msg_iov, total_len); +diff --git a/include/linux/net.h b/include/linux/net.h +index 4f27575..8bd9d92 100644 +--- a/include/linux/net.h ++++ b/include/linux/net.h +@@ -163,6 +163,14 @@ struct proto_ops { + #endif + int (*sendmsg) (struct kiocb *iocb, struct socket *sock, + struct msghdr *m, size_t total_len); ++ /* Notes for implementing recvmsg: ++ * =============================== ++ * msg->msg_namelen should get updated by the recvmsg handlers ++ * iff msg_name != NULL. It is by default 0 to prevent ++ * returning uninitialized memory to user space. The recvfrom ++ * handlers can assume that msg.msg_name is either NULL or has ++ * a minimum size of sizeof(struct sockaddr_storage). ++ */ + int (*recvmsg) (struct kiocb *iocb, struct socket *sock, + struct msghdr *m, size_t total_len, + int flags); +diff --git a/net/appletalk/ddp.c b/net/appletalk/ddp.c +index 7fee50d..7d424ac 100644 +--- a/net/appletalk/ddp.c ++++ b/net/appletalk/ddp.c +@@ -1735,7 +1735,6 @@ static int atalk_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr + size_t size, int flags) + { + struct sock *sk = sock->sk; +- struct sockaddr_at *sat = (struct sockaddr_at *)msg->msg_name; + struct ddpehdr *ddp; + int copied = 0; + int offset = 0; +@@ -1764,14 +1763,13 @@ static int atalk_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr + } + err = skb_copy_datagram_iovec(skb, offset, msg->msg_iov, copied); + +- if (!err) { +- if (sat) { +- sat->sat_family = AF_APPLETALK; +- sat->sat_port = ddp->deh_sport; +- sat->sat_addr.s_node = ddp->deh_snode; +- sat->sat_addr.s_net = ddp->deh_snet; +- } +- msg->msg_namelen = sizeof(*sat); ++ if (!err && msg->msg_name) { ++ struct sockaddr_at *sat = msg->msg_name; ++ sat->sat_family = AF_APPLETALK; ++ sat->sat_port = ddp->deh_sport; ++ sat->sat_addr.s_node = ddp->deh_snode; ++ sat->sat_addr.s_net = ddp->deh_snet; ++ msg->msg_namelen = sizeof(*sat); + } + + skb_free_datagram(sk, skb); /* Free the datagram. */ +diff --git a/net/atm/common.c b/net/atm/common.c +index 737bef5..7b49100 100644 +--- a/net/atm/common.c ++++ b/net/atm/common.c +@@ -531,8 +531,6 @@ int vcc_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, + struct sk_buff *skb; + int copied, error = -EINVAL; + +- msg->msg_namelen = 0; +- + if (sock->state != SS_CONNECTED) + return -ENOTCONN; + +diff --git a/net/ax25/af_ax25.c b/net/ax25/af_ax25.c +index 4b4d2b7..78c474f 100644 +--- a/net/ax25/af_ax25.c ++++ b/net/ax25/af_ax25.c +@@ -1636,11 +1636,11 @@ static int ax25_recvmsg(struct kiocb *iocb, struct socket *sock, + + skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied); + +- if (msg->msg_namelen != 0) { +- struct sockaddr_ax25 *sax = (struct sockaddr_ax25 *)msg->msg_name; ++ if (msg->msg_name) { + ax25_digi digi; + ax25_address src; + const unsigned char *mac = skb_mac_header(skb); ++ struct sockaddr_ax25 *sax = msg->msg_name; + + memset(sax, 0, sizeof(struct full_sockaddr_ax25)); + ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL, +diff --git a/net/bluetooth/af_bluetooth.c b/net/bluetooth/af_bluetooth.c +index 9096137..6629cdc 100644 +--- a/net/bluetooth/af_bluetooth.c ++++ b/net/bluetooth/af_bluetooth.c +@@ -221,8 +221,6 @@ int bt_sock_recvmsg(struct kiocb *iocb, struct socket *sock, + if (flags & (MSG_OOB)) + return -EOPNOTSUPP; + +- msg->msg_namelen = 0; +- + skb = skb_recv_datagram(sk, flags, noblock, &err); + if (!skb) { + if (sk->sk_shutdown & RCV_SHUTDOWN) +@@ -287,8 +285,6 @@ int bt_sock_stream_recvmsg(struct kiocb *iocb, struct socket *sock, + if (flags & MSG_OOB) + return -EOPNOTSUPP; + +- msg->msg_namelen = 0; +- + BT_DBG("sk %p size %zu", sk, size); + + lock_sock(sk); +diff --git a/net/bluetooth/hci_sock.c b/net/bluetooth/hci_sock.c +index 9bd7d95..fa4bf66 100644 +--- a/net/bluetooth/hci_sock.c ++++ b/net/bluetooth/hci_sock.c +@@ -752,8 +752,6 @@ static int hci_sock_recvmsg(struct kiocb *iocb, struct socket *sock, + if (!skb) + return err; + +- msg->msg_namelen = 0; +- + copied = skb->len; + if (len < copied) { + msg->msg_flags |= MSG_TRUNC; +diff --git a/net/bluetooth/rfcomm/sock.c b/net/bluetooth/rfcomm/sock.c +index 30b3721..c1c6028 100644 +--- a/net/bluetooth/rfcomm/sock.c ++++ b/net/bluetooth/rfcomm/sock.c +@@ -608,7 +608,6 @@ static int rfcomm_sock_recvmsg(struct kiocb *iocb, struct socket *sock, + + if (test_and_clear_bit(RFCOMM_DEFER_SETUP, &d->flags)) { + rfcomm_dlc_accept(d); +- msg->msg_namelen = 0; + return 0; + } + +diff --git a/net/bluetooth/sco.c b/net/bluetooth/sco.c +index e7bd4ee..2bb1d3a 100644 +--- a/net/bluetooth/sco.c ++++ b/net/bluetooth/sco.c +@@ -700,7 +700,6 @@ static int sco_sock_recvmsg(struct kiocb *iocb, struct socket *sock, + test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) { + sco_conn_defer_accept(pi->conn->hcon, 0); + sk->sk_state = BT_CONFIG; +- msg->msg_namelen = 0; + + release_sock(sk); + return 0; +diff --git a/net/caif/caif_socket.c b/net/caif/caif_socket.c +index 05a41c7..d6be3ed 100644 +--- a/net/caif/caif_socket.c ++++ b/net/caif/caif_socket.c +@@ -286,8 +286,6 @@ static int caif_seqpkt_recvmsg(struct kiocb *iocb, struct socket *sock, + if (m->msg_flags&MSG_OOB) + goto read_error; + +- m->msg_namelen = 0; +- + skb = skb_recv_datagram(sk, flags, 0 , &ret); + if (!skb) + goto read_error; +@@ -361,8 +359,6 @@ static int caif_stream_recvmsg(struct kiocb *iocb, struct socket *sock, + if (flags&MSG_OOB) + goto out; + +- msg->msg_namelen = 0; +- + /* + * Lock the socket to prevent queue disordering + * while sleeps in memcpy_tomsg +diff --git a/net/compat.c b/net/compat.c +index 8903258..618c6a8 100644 +--- a/net/compat.c ++++ b/net/compat.c +@@ -93,7 +93,8 @@ int verify_compat_iovec(struct msghdr *kern_msg, struct iovec *kern_iov, + if (err < 0) + return err; + } +- kern_msg->msg_name = kern_address; ++ if (kern_msg->msg_name) ++ kern_msg->msg_name = kern_address; + } else + kern_msg->msg_name = NULL; + +diff --git a/net/core/iovec.c b/net/core/iovec.c +index de178e4..9a31515 100644 +--- a/net/core/iovec.c ++++ b/net/core/iovec.c +@@ -48,7 +48,8 @@ int verify_iovec(struct msghdr *m, struct iovec *iov, struct sockaddr_storage *a + if (err < 0) + return err; + } +- m->msg_name = address; ++ if (m->msg_name) ++ m->msg_name = address; + } else { + m->msg_name = NULL; + } +diff --git a/net/ipx/af_ipx.c b/net/ipx/af_ipx.c +index 7a1e0fc..e096025 100644 +--- a/net/ipx/af_ipx.c ++++ b/net/ipx/af_ipx.c +@@ -1823,8 +1823,6 @@ static int ipx_recvmsg(struct kiocb *iocb, struct socket *sock, + if (skb->tstamp.tv64) + sk->sk_stamp = skb->tstamp; + +- msg->msg_namelen = sizeof(*sipx); +- + if (sipx) { + sipx->sipx_family = AF_IPX; + sipx->sipx_port = ipx->ipx_source.sock; +@@ -1832,6 +1830,7 @@ static int ipx_recvmsg(struct kiocb *iocb, struct socket *sock, + sipx->sipx_network = IPX_SKB_CB(skb)->ipx_source_net; + sipx->sipx_type = ipx->ipx_type; + sipx->sipx_zero = 0; ++ msg->msg_namelen = sizeof(*sipx); + } + rc = copied; + +diff --git a/net/irda/af_irda.c b/net/irda/af_irda.c +index 0578d4f..a5e62ef5 100644 +--- a/net/irda/af_irda.c ++++ b/net/irda/af_irda.c +@@ -1385,8 +1385,6 @@ static int irda_recvmsg_dgram(struct kiocb *iocb, struct socket *sock, + + IRDA_DEBUG(4, "%s()\n", __func__); + +- msg->msg_namelen = 0; +- + skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT, + flags & MSG_DONTWAIT, &err); + if (!skb) +@@ -1451,8 +1449,6 @@ static int irda_recvmsg_stream(struct kiocb *iocb, struct socket *sock, + target = sock_rcvlowat(sk, flags & MSG_WAITALL, size); + timeo = sock_rcvtimeo(sk, noblock); + +- msg->msg_namelen = 0; +- + do { + int chunk; + struct sk_buff *skb = skb_dequeue(&sk->sk_receive_queue); +diff --git a/net/iucv/af_iucv.c b/net/iucv/af_iucv.c +index 168aff5..c4b7218 100644 +--- a/net/iucv/af_iucv.c ++++ b/net/iucv/af_iucv.c +@@ -1324,8 +1324,6 @@ static int iucv_sock_recvmsg(struct kiocb *iocb, struct socket *sock, + int err = 0; + u32 offset; + +- msg->msg_namelen = 0; +- + if ((sk->sk_state == IUCV_DISCONN) && + skb_queue_empty(&iucv->backlog_skb_q) && + skb_queue_empty(&sk->sk_receive_queue) && +diff --git a/net/key/af_key.c b/net/key/af_key.c +index ab8bd2c..66f51c5 100644 +--- a/net/key/af_key.c ++++ b/net/key/af_key.c +@@ -3623,7 +3623,6 @@ static int pfkey_recvmsg(struct kiocb *kiocb, + if (flags & ~(MSG_PEEK|MSG_DONTWAIT|MSG_TRUNC|MSG_CMSG_COMPAT)) + goto out; + +- msg->msg_namelen = 0; + skb = skb_recv_datagram(sk, flags, flags & MSG_DONTWAIT, &err); + if (skb == NULL) + goto out; +diff --git a/net/l2tp/l2tp_ppp.c b/net/l2tp/l2tp_ppp.c +index 8c46b27..44441c0 100644 +--- a/net/l2tp/l2tp_ppp.c ++++ b/net/l2tp/l2tp_ppp.c +@@ -197,8 +197,6 @@ static int pppol2tp_recvmsg(struct kiocb *iocb, struct socket *sock, + if (sk->sk_state & PPPOX_BOUND) + goto end; + +- msg->msg_namelen = 0; +- + err = 0; + skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT, + flags & MSG_DONTWAIT, &err); +diff --git a/net/llc/af_llc.c b/net/llc/af_llc.c +index 48aaa89..8870988 100644 +--- a/net/llc/af_llc.c ++++ b/net/llc/af_llc.c +@@ -720,8 +720,6 @@ static int llc_ui_recvmsg(struct kiocb *iocb, struct socket *sock, + int target; /* Read at least this many bytes */ + long timeo; + +- msg->msg_namelen = 0; +- + lock_sock(sk); + copied = -ENOTCONN; + if (unlikely(sk->sk_type == SOCK_STREAM && sk->sk_state == TCP_LISTEN)) +diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c +index 0c61b59..90b654b 100644 +--- a/net/netlink/af_netlink.c ++++ b/net/netlink/af_netlink.c +@@ -2317,8 +2317,6 @@ static int netlink_recvmsg(struct kiocb *kiocb, struct socket *sock, + } + #endif + +- msg->msg_namelen = 0; +- + copied = data_skb->len; + if (len < copied) { + msg->msg_flags |= MSG_TRUNC; +diff --git a/net/netrom/af_netrom.c b/net/netrom/af_netrom.c +index 698814b..53c19a3 100644 +--- a/net/netrom/af_netrom.c ++++ b/net/netrom/af_netrom.c +@@ -1179,10 +1179,9 @@ static int nr_recvmsg(struct kiocb *iocb, struct socket *sock, + sax->sax25_family = AF_NETROM; + skb_copy_from_linear_data_offset(skb, 7, sax->sax25_call.ax25_call, + AX25_ADDR_LEN); ++ msg->msg_namelen = sizeof(*sax); + } + +- msg->msg_namelen = sizeof(*sax); +- + skb_free_datagram(sk, skb); + + release_sock(sk); +diff --git a/net/nfc/llcp_sock.c b/net/nfc/llcp_sock.c +index d308402..824c605 100644 +--- a/net/nfc/llcp_sock.c ++++ b/net/nfc/llcp_sock.c +@@ -807,8 +807,6 @@ static int llcp_sock_recvmsg(struct kiocb *iocb, struct socket *sock, + + pr_debug("%p %zu\n", sk, len); + +- msg->msg_namelen = 0; +- + lock_sock(sk); + + if (sk->sk_state == LLCP_CLOSED && +diff --git a/net/nfc/rawsock.c b/net/nfc/rawsock.c +index 313bf1b..5d11f4a 100644 +--- a/net/nfc/rawsock.c ++++ b/net/nfc/rawsock.c +@@ -241,8 +241,6 @@ static int rawsock_recvmsg(struct kiocb *iocb, struct socket *sock, + if (!skb) + return rc; + +- msg->msg_namelen = 0; +- + copied = skb->len; + if (len < copied) { + msg->msg_flags |= MSG_TRUNC; +diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c +index 75c8bbf..739c50d 100644 +--- a/net/packet/af_packet.c ++++ b/net/packet/af_packet.c +@@ -2694,7 +2694,6 @@ static int packet_recvmsg(struct kiocb *iocb, struct socket *sock, + struct sock *sk = sock->sk; + struct sk_buff *skb; + int copied, err; +- struct sockaddr_ll *sll; + int vnet_hdr_len = 0; + + err = -EINVAL; +@@ -2777,22 +2776,10 @@ static int packet_recvmsg(struct kiocb *iocb, struct socket *sock, + goto out_free; + } + +- /* +- * If the address length field is there to be filled in, we fill +- * it in now. +- */ +- +- sll = &PACKET_SKB_CB(skb)->sa.ll; +- if (sock->type == SOCK_PACKET) +- msg->msg_namelen = sizeof(struct sockaddr_pkt); +- else +- msg->msg_namelen = sll->sll_halen + offsetof(struct sockaddr_ll, sll_addr); +- +- /* +- * You lose any data beyond the buffer you gave. If it worries a +- * user program they can ask the device for its MTU anyway. ++ /* You lose any data beyond the buffer you gave. If it worries ++ * a user program they can ask the device for its MTU ++ * anyway. + */ +- + copied = skb->len; + if (copied > len) { + copied = len; +@@ -2805,9 +2792,20 @@ static int packet_recvmsg(struct kiocb *iocb, struct socket *sock, + + sock_recv_ts_and_drops(msg, sk, skb); + +- if (msg->msg_name) ++ if (msg->msg_name) { ++ /* If the address length field is there to be filled ++ * in, we fill it in now. ++ */ ++ if (sock->type == SOCK_PACKET) { ++ msg->msg_namelen = sizeof(struct sockaddr_pkt); ++ } else { ++ struct sockaddr_ll *sll = &PACKET_SKB_CB(skb)->sa.ll; ++ msg->msg_namelen = sll->sll_halen + ++ offsetof(struct sockaddr_ll, sll_addr); ++ } + memcpy(msg->msg_name, &PACKET_SKB_CB(skb)->sa, + msg->msg_namelen); ++ } + + if (pkt_sk(sk)->auxdata) { + struct tpacket_auxdata aux; +diff --git a/net/rds/recv.c b/net/rds/recv.c +index 9f0f17c..de339b2 100644 +--- a/net/rds/recv.c ++++ b/net/rds/recv.c +@@ -410,8 +410,6 @@ int rds_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, + + rdsdebug("size %zu flags 0x%x timeo %ld\n", size, msg_flags, timeo); + +- msg->msg_namelen = 0; +- + if (msg_flags & MSG_OOB) + goto out; + +diff --git a/net/rose/af_rose.c b/net/rose/af_rose.c +index e98fcfb..33af772 100644 +--- a/net/rose/af_rose.c ++++ b/net/rose/af_rose.c +@@ -1216,7 +1216,6 @@ static int rose_recvmsg(struct kiocb *iocb, struct socket *sock, + { + struct sock *sk = sock->sk; + struct rose_sock *rose = rose_sk(sk); +- struct sockaddr_rose *srose = (struct sockaddr_rose *)msg->msg_name; + size_t copied; + unsigned char *asmptr; + struct sk_buff *skb; +@@ -1252,8 +1251,11 @@ static int rose_recvmsg(struct kiocb *iocb, struct socket *sock, + + skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied); + +- if (srose != NULL) { +- memset(srose, 0, msg->msg_namelen); ++ if (msg->msg_name) { ++ struct sockaddr_rose *srose; ++ ++ memset(msg->msg_name, 0, sizeof(struct full_sockaddr_rose)); ++ srose = msg->msg_name; + srose->srose_family = AF_ROSE; + srose->srose_addr = rose->dest_addr; + srose->srose_call = rose->dest_call; +diff --git a/net/rxrpc/ar-recvmsg.c b/net/rxrpc/ar-recvmsg.c +index 4b48687..898492a 100644 +--- a/net/rxrpc/ar-recvmsg.c ++++ b/net/rxrpc/ar-recvmsg.c +@@ -143,10 +143,13 @@ int rxrpc_recvmsg(struct kiocb *iocb, struct socket *sock, + + /* copy the peer address and timestamp */ + if (!continue_call) { +- if (msg->msg_name && msg->msg_namelen > 0) ++ if (msg->msg_name) { ++ size_t len = ++ sizeof(call->conn->trans->peer->srx); + memcpy(msg->msg_name, +- &call->conn->trans->peer->srx, +- sizeof(call->conn->trans->peer->srx)); ++ &call->conn->trans->peer->srx, len); ++ msg->msg_namelen = len; ++ } + sock_recv_ts_and_drops(msg, &rx->sk, skb); + } + +diff --git a/net/socket.c b/net/socket.c +index 4b94643..5158ff7 100644 +--- a/net/socket.c ++++ b/net/socket.c +@@ -1849,8 +1849,10 @@ SYSCALL_DEFINE6(recvfrom, int, fd, void __user *, ubuf, size_t, size, + msg.msg_iov = &iov; + iov.iov_len = size; + iov.iov_base = ubuf; +- msg.msg_name = (struct sockaddr *)&address; +- msg.msg_namelen = sizeof(address); ++ /* Save some cycles and don't copy the address if not needed */ ++ msg.msg_name = addr ? (struct sockaddr *)&address : NULL; ++ /* We assume all kernel code knows the size of sockaddr_storage */ ++ msg.msg_namelen = 0; + if (sock->file->f_flags & O_NONBLOCK) + flags |= MSG_DONTWAIT; + err = sock_recvmsg(sock, &msg, size, flags); +@@ -2230,16 +2232,14 @@ static int ___sys_recvmsg(struct socket *sock, struct msghdr __user *msg, + goto out; + } + +- /* +- * Save the user-mode address (verify_iovec will change the +- * kernel msghdr to use the kernel address space) ++ /* Save the user-mode address (verify_iovec will change the ++ * kernel msghdr to use the kernel address space) + */ +- + uaddr = (__force void __user *)msg_sys->msg_name; + uaddr_len = COMPAT_NAMELEN(msg); +- if (MSG_CMSG_COMPAT & flags) { ++ if (MSG_CMSG_COMPAT & flags) + err = verify_compat_iovec(msg_sys, iov, &addr, VERIFY_WRITE); +- } else ++ else + err = verify_iovec(msg_sys, iov, &addr, VERIFY_WRITE); + if (err < 0) + goto out_freeiov; +@@ -2248,6 +2248,9 @@ static int ___sys_recvmsg(struct socket *sock, struct msghdr __user *msg, + cmsg_ptr = (unsigned long)msg_sys->msg_control; + msg_sys->msg_flags = flags & (MSG_CMSG_CLOEXEC|MSG_CMSG_COMPAT); + ++ /* We assume all kernel code knows the size of sockaddr_storage */ ++ msg_sys->msg_namelen = 0; ++ + if (sock->file->f_flags & O_NONBLOCK) + flags |= MSG_DONTWAIT; + err = (nosec ? sock_recvmsg_nosec : sock_recvmsg)(sock, msg_sys, +diff --git a/net/tipc/socket.c b/net/tipc/socket.c +index 6cc7ddd..dffdbea 100644 +--- a/net/tipc/socket.c ++++ b/net/tipc/socket.c +@@ -984,9 +984,6 @@ static int recv_msg(struct kiocb *iocb, struct socket *sock, + goto exit; + } + +- /* will be updated in set_orig_addr() if needed */ +- m->msg_namelen = 0; +- + timeout = sock_rcvtimeo(sk, flags & MSG_DONTWAIT); + restart: + +@@ -1095,9 +1092,6 @@ static int recv_stream(struct kiocb *iocb, struct socket *sock, + goto exit; + } + +- /* will be updated in set_orig_addr() if needed */ +- m->msg_namelen = 0; +- + target = sock_rcvlowat(sk, flags & MSG_WAITALL, buf_len); + timeout = sock_rcvtimeo(sk, flags & MSG_DONTWAIT); + +diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c +index e64bbcf..6c66e8d 100644 +--- a/net/unix/af_unix.c ++++ b/net/unix/af_unix.c +@@ -1762,7 +1762,6 @@ static void unix_copy_addr(struct msghdr *msg, struct sock *sk) + { + struct unix_sock *u = unix_sk(sk); + +- msg->msg_namelen = 0; + if (u->addr) { + msg->msg_namelen = u->addr->len; + memcpy(msg->msg_name, u->addr->name, u->addr->len); +@@ -1786,8 +1785,6 @@ static int unix_dgram_recvmsg(struct kiocb *iocb, struct socket *sock, + if (flags&MSG_OOB) + goto out; + +- msg->msg_namelen = 0; +- + err = mutex_lock_interruptible(&u->readlock); + if (err) { + err = sock_intr_errno(sock_rcvtimeo(sk, noblock)); +@@ -1927,8 +1924,6 @@ static int unix_stream_recvmsg(struct kiocb *iocb, struct socket *sock, + target = sock_rcvlowat(sk, flags&MSG_WAITALL, size); + timeo = sock_rcvtimeo(sk, flags&MSG_DONTWAIT); + +- msg->msg_namelen = 0; +- + /* Lock the socket to prevent queue disordering + * while sleeps in memcpy_tomsg + */ +diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vsock.c +index 4d93346..16f721c 100644 +--- a/net/vmw_vsock/af_vsock.c ++++ b/net/vmw_vsock/af_vsock.c +@@ -1663,8 +1663,6 @@ vsock_stream_recvmsg(struct kiocb *kiocb, + vsk = vsock_sk(sk); + err = 0; + +- msg->msg_namelen = 0; +- + lock_sock(sk); + + if (sk->sk_state != SS_CONNECTED) { +diff --git a/net/vmw_vsock/vmci_transport.c b/net/vmw_vsock/vmci_transport.c +index ffc11df..73ca104 100644 +--- a/net/vmw_vsock/vmci_transport.c ++++ b/net/vmw_vsock/vmci_transport.c +@@ -1746,8 +1746,6 @@ static int vmci_transport_dgram_dequeue(struct kiocb *kiocb, + if (flags & MSG_OOB || flags & MSG_ERRQUEUE) + return -EOPNOTSUPP; + +- msg->msg_namelen = 0; +- + /* Retrieve the head sk_buff from the socket's receive queue. */ + err = 0; + skb = skb_recv_datagram(&vsk->sk, flags, noblock, &err); +diff --git a/net/x25/af_x25.c b/net/x25/af_x25.c +index 45a3ab5..7622789 100644 +--- a/net/x25/af_x25.c ++++ b/net/x25/af_x25.c +@@ -1340,10 +1340,9 @@ static int x25_recvmsg(struct kiocb *iocb, struct socket *sock, + if (sx25) { + sx25->sx25_family = AF_X25; + sx25->sx25_addr = x25->dest_addr; ++ msg->msg_namelen = sizeof(*sx25); + } + +- msg->msg_namelen = sizeof(struct sockaddr_x25); +- + x25_check_rbuf(sk); + rc = copied; + out_free_dgram: +-- +1.8.3.1 + diff --git a/netfilter-nf_conntrack-use-RCU-safe-kfree-for-conntr.patch b/netfilter-nf_conntrack-use-RCU-safe-kfree-for-conntr.patch new file mode 100644 index 000000000..fd8351fa4 --- /dev/null +++ b/netfilter-nf_conntrack-use-RCU-safe-kfree-for-conntr.patch @@ -0,0 +1,35 @@ +From c13a84a830a208fb3443628773c8ca0557773cc7 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Michal=20Kube=C4=8Dek?= +Date: Wed, 11 Sep 2013 10:17:27 +0200 +Subject: [PATCH] netfilter: nf_conntrack: use RCU safe kfree for conntrack + extensions + +Commit 68b80f11 (netfilter: nf_nat: fix RCU races) introduced +RCU protection for freeing extension data when reallocation +moves them to a new location. We need the same protection when +freeing them in nf_ct_ext_free() in order to prevent a +use-after-free by other threads referencing a NAT extension data +via bysource list. + +Signed-off-by: Michal Kubecek +Signed-off-by: Pablo Neira Ayuso +--- + include/net/netfilter/nf_conntrack_extend.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/include/net/netfilter/nf_conntrack_extend.h b/include/net/netfilter/nf_conntrack_extend.h +index ff95434..88a1d40 100644 +--- a/include/net/netfilter/nf_conntrack_extend.h ++++ b/include/net/netfilter/nf_conntrack_extend.h +@@ -86,7 +86,7 @@ static inline void nf_ct_ext_destroy(struct nf_conn *ct) + static inline void nf_ct_ext_free(struct nf_conn *ct) + { + if (ct->ext) +- kfree(ct->ext); ++ kfree_rcu(ct->ext, rcu); + } + + /* Add this type, returns pointer to data or NULL. */ +-- +1.8.3.1 + diff --git a/nfs-check-gssd-running-before-krb5i-auth.patch b/nfs-check-gssd-running-before-krb5i-auth.patch new file mode 100644 index 000000000..be81fec76 --- /dev/null +++ b/nfs-check-gssd-running-before-krb5i-auth.patch @@ -0,0 +1,48 @@ +Bugzilla: N/A +Upstream-status: queued in NFS git tree (for 3.13/3.14?) + +Currently, the client will attempt to use krb5i in the SETCLIENTID call +even if rpc.gssd isn't running. When that fails, it'll then fall back to +RPC_AUTH_UNIX. This introduced a delay when mounting if rpc.gssd isn't +running, and causes warning messages to pop up in the ring buffer. + +Check to see if rpc.gssd is running before even attempting to use krb5i +auth, and just silently skip trying to do so if it isn't. In the event +that the admin is actually trying to mount with krb5*, it will still +fail at a later stage of the mount attempt. + +Signed-off-by: Jeff Layton +Signed-off-by: Trond Myklebust +--- + fs/nfs/nfs4client.c | 7 ++++++- + 1 files changed, 6 insertions(+), 1 deletions(-) + +diff -up linux-3.11.9-200.fc19.x86_64/fs/nfs/nfs4client.c.orig linux-3.11.9-200.fc19.x86_64/fs/nfs/nfs4client.c +--- linux-3.11.9-200.fc19.x86_64/fs/nfs/nfs4client.c.orig 2013-09-02 16:46:10.000000000 -0400 ++++ linux-3.11.9-200.fc19.x86_64/fs/nfs/nfs4client.c 2013-11-21 10:20:27.288286000 -0500 +@@ -10,6 +10,7 @@ + #include + #include + #include ++#include + #include "internal.h" + #include "callback.h" + #include "delegation.h" +@@ -206,7 +207,11 @@ struct nfs_client *nfs4_init_client(stru + if (clp->cl_minorversion != 0) + __set_bit(NFS_CS_INFINITE_SLOTS, &clp->cl_flags); + __set_bit(NFS_CS_DISCRTRY, &clp->cl_flags); +- error = nfs_create_rpc_client(clp, timeparms, RPC_AUTH_GSS_KRB5I); ++ ++ error = -EINVAL; ++ if (gssd_running(clp->cl_net)) ++ error = nfs_create_rpc_client(clp, timeparms, ++ RPC_AUTH_GSS_KRB5I); + if (error == -EINVAL) + error = nfs_create_rpc_client(clp, timeparms, RPC_AUTH_UNIX); + if (error < 0) + +_______________________________________________ +kernel mailing list +kernel@lists.fedoraproject.org +https://admin.fedoraproject.org/mailman/listinfo/kernel diff --git a/linux-2.6.30-no-pcspkr-modalias.patch b/no-pcspkr-modalias.patch similarity index 100% rename from linux-2.6.30-no-pcspkr-modalias.patch rename to no-pcspkr-modalias.patch diff --git a/nowatchdog-on-virt.patch b/nowatchdog-on-virt.patch new file mode 100644 index 000000000..87ab11a0f --- /dev/null +++ b/nowatchdog-on-virt.patch @@ -0,0 +1,67 @@ +Disable watchdog on virtual machines. + +For various reasons, VMs seem to trigger the soft lockup detector a lot, +in cases where it's just not possible for a lockup to occur. +(Example: https://bugzilla.redhat.com/show_bug.cgi?id=971139) + +In some cases it seems that the host just never scheduled the app running +the VM for a very long time (Could be the host was under heavy load). + +Just disable the detector on VMs. + +Signed-off-by: Dave Jones + +diff --git a/kernel/watchdog.c b/kernel/watchdog.c +index 1241d8c..b2dc4e4 100644 +--- a/kernel/watchdog.c ++++ b/kernel/watchdog.c +@@ -24,6 +24,7 @@ + #include + #include + #include ++#include + + #include + #include +@@ -96,6 +97,32 @@ static int __init nosoftlockup_setup(char *str) + __setup("nosoftlockup", nosoftlockup_setup); + /* */ + ++static int disable_watchdog(const struct dmi_system_id *d) ++{ ++ printk(KERN_INFO "watchdog: disabled (inside virtual machine)\n"); ++ watchdog_user_enabled = 0; ++ return 0; ++} ++ ++static const struct dmi_system_id watchdog_virt_dmi_table[] = { ++ { ++ .callback = disable_watchdog, ++ .ident = "VMware", ++ .matches = { ++ DMI_MATCH(DMI_SYS_VENDOR, "VMware, Inc."), ++ }, ++ }, ++ { ++ .callback = disable_watchdog, ++ .ident = "Bochs", ++ .matches = { ++ DMI_MATCH(DMI_SYS_VENDOR, "Bochs Bochs"), ++ }, ++ }, ++ {} ++}; ++ ++ + /* + * Hard-lockup warnings should be triggered after just a few seconds. Soft- + * lockups can have false positives under extreme conditions. So we generally +@@ -551,6 +578,8 @@ int proc_dowatchdog(struct ctl_table *table, int write, + + void __init lockup_detector_init(void) + { ++ dmi_check_system(watchdog_virt_dmi_table); ++ + set_sample_period(); + + #ifdef CONFIG_NO_HZ_FULL diff --git a/ntp-Make-periodic-RTC-update-more-reliable.patch b/ntp-Make-periodic-RTC-update-more-reliable.patch new file mode 100644 index 000000000..59179e719 --- /dev/null +++ b/ntp-Make-periodic-RTC-update-more-reliable.patch @@ -0,0 +1,44 @@ +From a97ad0c4b447a132a322cedc3a5f7fa4cab4b304 Mon Sep 17 00:00:00 2001 +From: Miroslav Lichvar +Date: Thu, 1 Aug 2013 19:31:35 +0200 +Subject: [PATCH] ntp: Make periodic RTC update more reliable + +The current code requires that the scheduled update of the RTC happens +in the closest tick to the half of the second. This seems to be +difficult to achieve reliably. The scheduled work may be missing the +target time by a tick or two and be constantly rescheduled every second. + +Relax the limit to 10 ticks. As a typical RTC drifts in the 11-minute +update interval by several milliseconds, this shouldn't affect the +overall accuracy of the RTC much. + +Signed-off-by: Miroslav Lichvar +Signed-off-by: John Stultz +--- + kernel/time/ntp.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/kernel/time/ntp.c b/kernel/time/ntp.c +index 8f5b3b9..ab1fa7c 100644 +--- a/kernel/time/ntp.c ++++ b/kernel/time/ntp.c +@@ -475,6 +475,7 @@ static void sync_cmos_clock(struct work_struct *work) + * called as close as possible to 500 ms before the new second starts. + * This code is run on a timer. If the clock is set, that timer + * may not expire at the correct time. Thus, we adjust... ++ * We want the clock to be within a couple of ticks from the target. + */ + if (!ntp_synced()) { + /* +@@ -485,7 +486,7 @@ static void sync_cmos_clock(struct work_struct *work) + } + + getnstimeofday(&now); +- if (abs(now.tv_nsec - (NSEC_PER_SEC / 2)) <= tick_nsec / 2) { ++ if (abs(now.tv_nsec - (NSEC_PER_SEC / 2)) <= tick_nsec * 5) { + struct timespec adjust = now; + + fail = -ENODEV; +-- +1.7.9.5 + diff --git a/power-x86-destdir.patch b/power-x86-destdir.patch deleted file mode 100644 index 97665314f..000000000 --- a/power-x86-destdir.patch +++ /dev/null @@ -1,35 +0,0 @@ -diff --git a/tools/power/x86/turbostat/Makefile b/tools/power/x86/turbostat/Makefile -index f856495..984cc00 100644 ---- a/tools/power/x86/turbostat/Makefile -+++ b/tools/power/x86/turbostat/Makefile -@@ -1,3 +1,5 @@ -+DESTDIR ?= -+ - turbostat : turbostat.c - CFLAGS += -Wall - -@@ -5,5 +7,5 @@ clean : - rm -f turbostat - - install : -- install turbostat /usr/bin/turbostat -- install turbostat.8 /usr/share/man/man8 -+ install turbostat ${DESTDIR}/usr/bin/turbostat -+ install turbostat.8 ${DESTDIR}/usr/share/man/man8 -diff --git a/tools/power/x86/x86_energy_perf_policy/Makefile b/tools/power/x86/x86_energy_perf_policy/Makefile -index f458237..f9824f0 100644 ---- a/tools/power/x86/x86_energy_perf_policy/Makefile -+++ b/tools/power/x86/x86_energy_perf_policy/Makefile -@@ -1,8 +1,10 @@ -+DESTDIR ?= -+ - x86_energy_perf_policy : x86_energy_perf_policy.c - - clean : - rm -f x86_energy_perf_policy - - install : -- install x86_energy_perf_policy /usr/bin/ -- install x86_energy_perf_policy.8 /usr/share/man/man8/ -+ install x86_energy_perf_policy ${DESTDIR}/usr/bin/ -+ install x86_energy_perf_policy.8 ${DESTDIR}/usr/share/man/man8/ diff --git a/powerpc-3.9.5-fix.patch b/powerpc-3.9.5-fix.patch new file mode 100644 index 000000000..5cc7e4fa0 --- /dev/null +++ b/powerpc-3.9.5-fix.patch @@ -0,0 +1,13 @@ +diff --git a/arch/powerpc/kernel/traps.c b/arch/powerpc/kernel/traps.c +index 1c22b2d..29857c6 100644 +--- a/arch/powerpc/kernel/traps.c ++++ b/arch/powerpc/kernel/traps.c +@@ -1151,7 +1151,7 @@ void alignment_exception(struct pt_regs *regs) + local_irq_enable(); + + if (tm_abort_check(regs, TM_CAUSE_ALIGNMENT | TM_CAUSE_PERSISTENT)) +- goto bail; ++ return; + + /* we don't implement logging of alignment exceptions */ + if (!(current->thread.align_ctl & PR_UNALIGN_SIGBUS)) diff --git a/quite-apm.patch b/quite-apm.patch deleted file mode 100644 index c38511c41..000000000 --- a/quite-apm.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/arch/x86/kernel/apm_32.c b/arch/x86/kernel/apm_32.c -index a46bd38..416dd12 100644 ---- a/arch/x86/kernel/apm_32.c -+++ b/arch/x86/kernel/apm_32.c -@@ -903,7 +903,7 @@ static void apm_cpu_idle(void) - unsigned int jiffies_since_last_check = jiffies - last_jiffies; - unsigned int bucket; - -- WARN_ONCE(1, "deprecated apm_cpu_idle will be deleted in 2012"); -+ printk_once(KERN_INFO "deprecated apm_cpu_idle will be deleted in 2012"); - recalc: - if (jiffies_since_last_check > IDLE_CALC_LIMIT) { - use_apm_idle = 0; diff --git a/rt2800-add-support-for-rf3070.patch b/rt2800-add-support-for-rf3070.patch new file mode 100644 index 000000000..24c16cb9c --- /dev/null +++ b/rt2800-add-support-for-rf3070.patch @@ -0,0 +1,80 @@ +diff --git a/drivers/net/wireless/rt2x00/rt2800.h b/drivers/net/wireless/rt2x00/rt2800.h +index d78c495..2132830 100644 +--- a/drivers/net/wireless/rt2x00/rt2800.h ++++ b/drivers/net/wireless/rt2x00/rt2800.h +@@ -65,6 +65,7 @@ + #define RF3021 0x0007 + #define RF3022 0x0008 + #define RF3052 0x0009 ++#define RF3070 0x3070 + #define RF2853 0x000a + #define RF3320 0x000b + #define RF3322 0x000c +diff --git a/drivers/net/wireless/rt2x00/rt2800lib.c b/drivers/net/wireless/rt2x00/rt2800lib.c +index 1b41c8e..2958265 100644 +--- a/drivers/net/wireless/rt2x00/rt2800lib.c ++++ b/drivers/net/wireless/rt2x00/rt2800lib.c +@@ -2597,6 +2597,7 @@ static void rt2800_config_channel(struct rt2x00_dev *rt2x00dev, + case RF3322: + rt2800_config_channel_rf3322(rt2x00dev, conf, rf, info); + break; ++ case RF3070: + case RF5360: + case RF5370: + case RF5372: +@@ -2611,7 +2612,8 @@ static void rt2800_config_channel(struct rt2x00_dev *rt2x00dev, + rt2800_config_channel_rf2xxx(rt2x00dev, conf, rf, info); + } + +- if (rt2x00_rf(rt2x00dev, RF3290) || ++ if (rt2x00_rf(rt2x00dev, RF3070) || ++ rt2x00_rf(rt2x00dev, RF3290) || + rt2x00_rf(rt2x00dev, RF3322) || + rt2x00_rf(rt2x00dev, RF5360) || + rt2x00_rf(rt2x00dev, RF5370) || +@@ -3219,6 +3221,7 @@ void rt2800_vco_calibration(struct rt2x00_dev *rt2x00dev) + rt2x00_set_field8(&rfcsr, RFCSR7_RF_TUNING, 1); + rt2800_rfcsr_write(rt2x00dev, 7, rfcsr); + break; ++ case RF3070: + case RF3290: + case RF5360: + case RF5370: +@@ -5731,6 +5734,7 @@ static int rt2800_init_eeprom(struct rt2x00_dev *rt2x00dev) + case RF3021: + case RF3022: + case RF3052: ++ case RF3070: + case RF3290: + case RF3320: + case RF3322: +@@ -6186,6 +6190,7 @@ static int rt2800_probe_hw_mode(struct rt2x00_dev *rt2x00dev) + rt2x00_rf(rt2x00dev, RF2020) || + rt2x00_rf(rt2x00dev, RF3021) || + rt2x00_rf(rt2x00dev, RF3022) || ++ rt2x00_rf(rt2x00dev, RF3070) || + rt2x00_rf(rt2x00dev, RF3290) || + rt2x00_rf(rt2x00dev, RF3320) || + rt2x00_rf(rt2x00dev, RF3322) || +@@ -6219,10 +6224,11 @@ static int rt2800_probe_hw_mode(struct rt2x00_dev *rt2x00dev) + /* + * Initialize HT information. + */ +- if (!rt2x00_rf(rt2x00dev, RF2020)) ++ if (!rt2x00_rf(rt2x00dev, RF2020)) { + spec->ht.ht_supported = true; +- else ++ } else { + spec->ht.ht_supported = false; ++ } + + spec->ht.cap = + IEEE80211_HT_CAP_SUP_WIDTH_20_40 | +@@ -6290,6 +6296,7 @@ static int rt2800_probe_hw_mode(struct rt2x00_dev *rt2x00dev) + case RF3022: + case RF3320: + case RF3052: ++ case RF3070: + case RF3290: + case RF5360: + case RF5370: diff --git a/rt2800usb-slow-down-TX-status-polling.patch b/rt2800usb-slow-down-TX-status-polling.patch new file mode 100644 index 000000000..a76f9b847 --- /dev/null +++ b/rt2800usb-slow-down-TX-status-polling.patch @@ -0,0 +1,53 @@ +Polling TX statuses too frequently has two negative effects. First is +randomly peek CPU usage, causing overall system functioning delays. +Second bad effect is that device is not able to fill TX statuses in +H/W register on some workloads and we get lot of timeouts like below: + +ieee80211 phy4: rt2800usb_entry_txstatus_timeout: Warning - TX status timeout for entry 7 in queue 2 +ieee80211 phy4: rt2800usb_entry_txstatus_timeout: Warning - TX status timeout for entry 7 in queue 2 +ieee80211 phy4: rt2800usb_txdone: Warning - Got TX status for an empty queue 2, dropping + +This not only cause flood of messages in dmesg, but also bad throughput, +since rate scaling algorithm can not work optimally. + +In the future, we should probably make polling interval be adjusted +automatically, but for now just increase values, this make mentioned +problems gone. + +Resolve: +https://bugzilla.kernel.org/show_bug.cgi?id=62781 + +Cc: stable@vger.kernel.org +Signed-off-by: Stanislaw Gruszka +--- + drivers/net/wireless/rt2x00/rt2800usb.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/drivers/net/wireless/rt2x00/rt2800usb.c b/drivers/net/wireless/rt2x00/rt2800usb.c +index 96677ce5..e095e61 100644 +--- a/drivers/net/wireless/rt2x00/rt2800usb.c ++++ b/drivers/net/wireless/rt2x00/rt2800usb.c +@@ -176,8 +176,8 @@ static bool rt2800usb_tx_sta_fifo_read_completed(struct rt2x00_dev *rt2x00dev, + queue_work(rt2x00dev->workqueue, &rt2x00dev->txdone_work); + + if (rt2800usb_txstatus_pending(rt2x00dev)) { +- /* Read register after 250 us */ +- hrtimer_start(&rt2x00dev->txstatus_timer, ktime_set(0, 250000), ++ /* Read register after 1 ms */ ++ hrtimer_start(&rt2x00dev->txstatus_timer, ktime_set(0, 1000000), + HRTIMER_MODE_REL); + return false; + } +@@ -202,8 +202,8 @@ static void rt2800usb_async_read_tx_status(struct rt2x00_dev *rt2x00dev) + if (test_and_set_bit(TX_STATUS_READING, &rt2x00dev->flags)) + return; + +- /* Read TX_STA_FIFO register after 500 us */ +- hrtimer_start(&rt2x00dev->txstatus_timer, ktime_set(0, 500000), ++ /* Read TX_STA_FIFO register after 2 ms */ ++ hrtimer_start(&rt2x00dev->txstatus_timer, ktime_set(0, 2000000), + HRTIMER_MODE_REL); + } + +-- +1.8.3.1 diff --git a/rtlwifi-Fix-scheduling-while-atomic-bug.patch b/rtlwifi-Fix-scheduling-while-atomic-bug.patch new file mode 100644 index 000000000..d05b104b5 --- /dev/null +++ b/rtlwifi-Fix-scheduling-while-atomic-bug.patch @@ -0,0 +1,65 @@ +Kernel commits 41affd5 and 6539306 changed the locking in rtl_lps_leave() +from a spinlock to a mutex by doing the calls indirectly from a work queue +to reduce the time that interrupts were disabled. This change was fine for +most systems; however a scheduling while atomic bug was reported in +https://bugzilla.redhat.com/show_bug.cgi?id=903881. The backtrace indicates +that routine rtl_is_special(), which calls rtl_lps_leave() in three places +was entered in atomic context. These direct calls are replaced by putting a +request on the appropriate work queue. + +Signed-off-by: Larry Finger +Reported-and-tested-by: Nathaniel Doherty +Cc: Nathaniel Doherty +Cc: Stanislaw Gruszka +Cc: Stable +--- + +John, + +If DaveM will still accept bug fixes for 3.8, please push this one. It +is unlikely to have any side effects. + +Thanks, + +Larry +--- + + base.c | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +Index: wireless-testing-new/drivers/net/wireless/rtlwifi/base.c +=================================================================== +--- wireless-testing-new.orig/drivers/net/wireless/rtlwifi/base.c ++++ wireless-testing-new/drivers/net/wireless/rtlwifi/base.c +@@ -1004,7 +1004,8 @@ u8 rtl_is_special_data(struct ieee80211_ + is_tx ? "Tx" : "Rx"); + + if (is_tx) { +- rtl_lps_leave(hw); ++ schedule_work(&rtlpriv-> ++ works.lps_leave_work); + ppsc->last_delaylps_stamp_jiffies = + jiffies; + } +@@ -1014,7 +1015,7 @@ u8 rtl_is_special_data(struct ieee80211_ + } + } else if (ETH_P_ARP == ether_type) { + if (is_tx) { +- rtl_lps_leave(hw); ++ schedule_work(&rtlpriv->works.lps_leave_work); + ppsc->last_delaylps_stamp_jiffies = jiffies; + } + +@@ -1024,7 +1025,7 @@ u8 rtl_is_special_data(struct ieee80211_ + "802.1X %s EAPOL pkt!!\n", is_tx ? "Tx" : "Rx"); + + if (is_tx) { +- rtl_lps_leave(hw); ++ schedule_work(&rtlpriv->works.lps_leave_work); + ppsc->last_delaylps_stamp_jiffies = jiffies; + } + +-- +To unsubscribe from this list: send the line "unsubscribe linux-wireless" in +the body of a message to majordomo@vger.kernel.org +More majordomo info at http://vger.kernel.org/majordomo-info.html \ No newline at end of file diff --git a/secure-boot-20120809.patch b/secure-boot-20120809.patch deleted file mode 100644 index 0d6a837cf..000000000 --- a/secure-boot-20120809.patch +++ /dev/null @@ -1,734 +0,0 @@ -From 617309bdd75bbce794ae2d41d44e7b76fb8c6d8b Mon Sep 17 00:00:00 2001 -From: Matthew Garrett -Date: Thu, 8 Mar 2012 09:56:33 -0500 -Subject: [PATCH 01/13] Secure boot: Add new capability - -Secure boot adds certain policy requirements, including that root must not -be able to do anything that could cause the kernel to execute arbitrary code. -The simplest way to handle this would seem to be to add a new capability -and gate various functionality on that. We'll then strip it from the initial -capability set if required. - -Signed-off-by: Matthew Garrett ---- - include/linux/capability.h | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/include/linux/capability.h b/include/linux/capability.h -index d10b7ed..6a39163 100644 ---- a/include/linux/capability.h -+++ b/include/linux/capability.h -@@ -364,7 +364,11 @@ struct cpu_vfs_cap_data { - - #define CAP_BLOCK_SUSPEND 36 - --#define CAP_LAST_CAP CAP_BLOCK_SUSPEND -+/* Allow things that are dangerous under secure boot */ -+ -+#define CAP_SECURE_FIRMWARE 37 -+ -+#define CAP_LAST_CAP CAP_SECURE_FIRMWARE - - #define cap_valid(x) ((x) >= 0 && (x) <= CAP_LAST_CAP) - --- -1.7.11.2 - - -From ac892cb2320872717005736c8ef88208c12e61ee Mon Sep 17 00:00:00 2001 -From: Matthew Garrett -Date: Thu, 8 Mar 2012 10:10:38 -0500 -Subject: [PATCH 02/13] PCI: Lock down BAR access in secure boot environments - -Any hardware that can potentially generate DMA has to be locked down from -userspace in order to avoid it being possible for an attacker to cause -arbitrary kernel behaviour. Default to paranoid - in future we can -potentially relax this for sufficiently IOMMU-isolated devices. - -Signed-off-by: Matthew Garrett ---- - drivers/pci/pci-sysfs.c | 9 +++++++++ - drivers/pci/proc.c | 8 +++++++- - drivers/pci/syscall.c | 2 +- - 3 files changed, 17 insertions(+), 2 deletions(-) - -diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c -index 6869009..a1ad0f7 100644 ---- a/drivers/pci/pci-sysfs.c -+++ b/drivers/pci/pci-sysfs.c -@@ -542,6 +542,9 @@ pci_write_config(struct file* filp, struct kobject *kobj, - loff_t init_off = off; - u8 *data = (u8*) buf; - -+ if (!capable(CAP_SECURE_FIRMWARE)) -+ return -EPERM; -+ - if (off > dev->cfg_size) - return 0; - if (off + count > dev->cfg_size) { -@@ -844,6 +847,9 @@ pci_mmap_resource(struct kobject *kobj, struct bin_attribute *attr, - resource_size_t start, end; - int i; - -+ if (!capable(CAP_SECURE_FIRMWARE)) -+ return -EPERM; -+ - for (i = 0; i < PCI_ROM_RESOURCE; i++) - if (res == &pdev->resource[i]) - break; -@@ -951,6 +957,9 @@ pci_write_resource_io(struct file *filp, struct kobject *kobj, - struct bin_attribute *attr, char *buf, - loff_t off, size_t count) - { -+ if (!capable(CAP_SECURE_FIRMWARE)) -+ return -EPERM; -+ - return pci_resource_io(filp, kobj, attr, buf, off, count, true); - } - -diff --git a/drivers/pci/proc.c b/drivers/pci/proc.c -index 27911b5..01d4753 100644 ---- a/drivers/pci/proc.c -+++ b/drivers/pci/proc.c -@@ -135,6 +135,9 @@ proc_bus_pci_write(struct file *file, const char __user *buf, size_t nbytes, lof - int size = dp->size; - int cnt; - -+ if (!capable(CAP_SECURE_FIRMWARE)) -+ return -EPERM; -+ - if (pos >= size) - return 0; - if (nbytes >= size) -@@ -211,6 +214,9 @@ static long proc_bus_pci_ioctl(struct file *file, unsigned int cmd, - #endif /* HAVE_PCI_MMAP */ - int ret = 0; - -+ if (!capable(CAP_SECURE_FIRMWARE)) -+ return -EPERM; -+ - switch (cmd) { - case PCIIOC_CONTROLLER: - ret = pci_domain_nr(dev->bus); -@@ -251,7 +257,7 @@ static int proc_bus_pci_mmap(struct file *file, struct vm_area_struct *vma) - struct pci_filp_private *fpriv = file->private_data; - int i, ret; - -- if (!capable(CAP_SYS_RAWIO)) -+ if (!capable(CAP_SYS_RAWIO) || !capable(CAP_SECURE_FIRMWARE)) - return -EPERM; - - /* Make sure the caller is mapping a real resource for this device */ -diff --git a/drivers/pci/syscall.c b/drivers/pci/syscall.c -index e1c1ec5..a778ba9 100644 ---- a/drivers/pci/syscall.c -+++ b/drivers/pci/syscall.c -@@ -92,7 +92,7 @@ SYSCALL_DEFINE5(pciconfig_write, unsigned long, bus, unsigned long, dfn, - u32 dword; - int err = 0; - -- if (!capable(CAP_SYS_ADMIN)) -+ if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SECURE_FIRMWARE)) - return -EPERM; - - dev = pci_get_bus_and_slot(bus, dfn); --- -1.7.11.2 - - -From 4c02feefb934d587f03c74cc48e8d58904416c68 Mon Sep 17 00:00:00 2001 -From: Matthew Garrett -Date: Thu, 8 Mar 2012 10:35:59 -0500 -Subject: [PATCH 03/13] x86: Lock down IO port access in secure boot - environments - -IO port access would permit users to gain access to PCI configuration -registers, which in turn (on a lot of hardware) give access to MMIO register -space. This would potentially permit root to trigger arbitrary DMA, so lock -it down by default. - -Signed-off-by: Matthew Garrett ---- - arch/x86/kernel/ioport.c | 4 ++-- - drivers/char/mem.c | 3 +++ - 2 files changed, 5 insertions(+), 2 deletions(-) - -diff --git a/arch/x86/kernel/ioport.c b/arch/x86/kernel/ioport.c -index 8c96897..c3a1bb2 100644 ---- a/arch/x86/kernel/ioport.c -+++ b/arch/x86/kernel/ioport.c -@@ -28,7 +28,7 @@ asmlinkage long sys_ioperm(unsigned long from, unsigned long num, int turn_on) - - if ((from + num <= from) || (from + num > IO_BITMAP_BITS)) - return -EINVAL; -- if (turn_on && !capable(CAP_SYS_RAWIO)) -+ if (turn_on && (!capable(CAP_SYS_RAWIO) || !capable(CAP_SECURE_FIRMWARE))) - return -EPERM; - - /* -@@ -102,7 +102,7 @@ long sys_iopl(unsigned int level, struct pt_regs *regs) - return -EINVAL; - /* Trying to gain more privileges? */ - if (level > old) { -- if (!capable(CAP_SYS_RAWIO)) -+ if (!capable(CAP_SYS_RAWIO) || !capable(CAP_SECURE_FIRMWARE)) - return -EPERM; - } - regs->flags = (regs->flags & ~X86_EFLAGS_IOPL) | (level << 12); -diff --git a/drivers/char/mem.c b/drivers/char/mem.c -index e5eedfa..8f5f872 100644 ---- a/drivers/char/mem.c -+++ b/drivers/char/mem.c -@@ -597,6 +597,9 @@ static ssize_t write_port(struct file *file, const char __user *buf, - unsigned long i = *ppos; - const char __user * tmp = buf; - -+ if (!capable(CAP_SECURE_FIRMWARE)) -+ return -EPERM; -+ - if (!access_ok(VERIFY_READ, buf, count)) - return -EFAULT; - while (count-- > 0 && i < 65536) { --- -1.7.11.2 - - -From d379d102316075d51011b81748433530d294a70c Mon Sep 17 00:00:00 2001 -From: Matthew Garrett -Date: Fri, 9 Mar 2012 08:39:37 -0500 -Subject: [PATCH 04/13] ACPI: Limit access to custom_method - -It must be impossible for even root to get code executed in kernel context -under a secure boot environment. custom_method effectively allows arbitrary -access to system memory, so it needs to have a capability check here. - -Signed-off-by: Matthew Garrett ---- - drivers/acpi/custom_method.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/drivers/acpi/custom_method.c b/drivers/acpi/custom_method.c -index 5d42c24..3e78014 100644 ---- a/drivers/acpi/custom_method.c -+++ b/drivers/acpi/custom_method.c -@@ -29,6 +29,9 @@ static ssize_t cm_write(struct file *file, const char __user * user_buf, - struct acpi_table_header table; - acpi_status status; - -+ if (!capable(CAP_SECURE_FIRMWARE)) -+ return -EPERM; -+ - if (!(*ppos)) { - /* parse the table header to get the table length */ - if (count <= sizeof(struct acpi_table_header)) --- -1.7.11.2 - - -From afc7c002eb264fc745a38fb6ec322be4928338dd Mon Sep 17 00:00:00 2001 -From: Matthew Garrett -Date: Fri, 9 Mar 2012 08:46:50 -0500 -Subject: [PATCH 05/13] asus-wmi: Restrict debugfs interface - -We have no way of validating what all of the Asus WMI methods do on a -given machine, and there's a risk that some will allow hardware state to -be manipulated in such a way that arbitrary code can be executed in the -kernel. Add a capability check to prevent that. - -Signed-off-by: Matthew Garrett ---- - drivers/platform/x86/asus-wmi.c | 9 +++++++++ - 1 file changed, 9 insertions(+) - -diff --git a/drivers/platform/x86/asus-wmi.c b/drivers/platform/x86/asus-wmi.c -index c7a36f6..0fb58bc 100644 ---- a/drivers/platform/x86/asus-wmi.c -+++ b/drivers/platform/x86/asus-wmi.c -@@ -1509,6 +1509,9 @@ static int show_dsts(struct seq_file *m, void *data) - int err; - u32 retval = -1; - -+ if (!capable(CAP_SECURE_FIRMWARE)) -+ return -EPERM; -+ - err = asus_wmi_get_devstate(asus, asus->debug.dev_id, &retval); - - if (err < 0) -@@ -1525,6 +1528,9 @@ static int show_devs(struct seq_file *m, void *data) - int err; - u32 retval = -1; - -+ if (!capable(CAP_SECURE_FIRMWARE)) -+ return -EPERM; -+ - err = asus_wmi_set_devstate(asus->debug.dev_id, asus->debug.ctrl_param, - &retval); - -@@ -1549,6 +1555,9 @@ static int show_call(struct seq_file *m, void *data) - union acpi_object *obj; - acpi_status status; - -+ if (!capable(CAP_SECURE_FIRMWARE)) -+ return -EPERM; -+ - status = wmi_evaluate_method(ASUS_WMI_MGMT_GUID, - 1, asus->debug.method_id, - &input, &output); --- -1.7.11.2 - - -From 21bd1f0da09b40a0ba50636267f7eac8f839a336 Mon Sep 17 00:00:00 2001 -From: Matthew Garrett -Date: Fri, 9 Mar 2012 09:28:15 -0500 -Subject: [PATCH 06/13] Restrict /dev/mem and /dev/kmem in secure boot setups - -Allowing users to write to address space makes it possible for the kernel -to be subverted. Restrict this when we need to protect the kernel. - -Signed-off-by: Matthew Garrett ---- - drivers/char/mem.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/drivers/char/mem.c b/drivers/char/mem.c -index 8f5f872..c1de8e1 100644 ---- a/drivers/char/mem.c -+++ b/drivers/char/mem.c -@@ -158,6 +158,9 @@ static ssize_t write_mem(struct file *file, const char __user *buf, - unsigned long copied; - void *ptr; - -+ if (!capable(CAP_SECURE_FIRMWARE)) -+ return -EPERM; -+ - if (!valid_phys_addr_range(p, count)) - return -EFAULT; - -@@ -530,6 +533,9 @@ static ssize_t write_kmem(struct file *file, const char __user *buf, - char * kbuf; /* k-addr because vwrite() takes vmlist_lock rwlock */ - int err = 0; - -+ if (!capable(CAP_SECURE_FIRMWARE)) -+ return -EPERM; -+ - if (p < (unsigned long) high_memory) { - unsigned long to_write = min_t(unsigned long, count, - (unsigned long)high_memory - p); --- -1.7.11.2 - - -From 1940a18cd651113f5b46f5a41290065963d6fbad Mon Sep 17 00:00:00 2001 -From: Matthew Garrett -Date: Fri, 9 Mar 2012 11:47:56 -0500 -Subject: [PATCH 07/13] kexec: Disable in a secure boot environment - -kexec could be used as a vector for a malicious user to use a signed kernel -to circumvent the secure boot trust model. In the long run we'll want to -support signed kexec payloads, but for the moment we should just disable -loading entirely in that situation. - -Signed-off-by: Matthew Garrett ---- - kernel/kexec.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/kernel/kexec.c b/kernel/kexec.c -index 0668d58..48852ec 100644 ---- a/kernel/kexec.c -+++ b/kernel/kexec.c -@@ -944,7 +944,7 @@ SYSCALL_DEFINE4(kexec_load, unsigned long, entry, unsigned long, nr_segments, - int result; - - /* We only trust the superuser with rebooting the system. */ -- if (!capable(CAP_SYS_BOOT)) -+ if (!capable(CAP_SYS_BOOT) || !capable(CAP_SECURE_FIRMWARE)) - return -EPERM; - - /* --- -1.7.11.2 - - -From c83bad5d60b8f02ebbedf9b4c4b69cdee49a7976 Mon Sep 17 00:00:00 2001 -From: Josh Boyer -Date: Mon, 25 Jun 2012 19:45:15 -0400 -Subject: [PATCH 08/13] Secure boot: Add a dummy kernel parameter that will - switch on Secure Boot mode - -This forcibly drops CAP_SECURE_FIRMWARE from both cap_permitted and cap_bset -in the init_cred struct, which everything else inherits from. This works on -any machine and can be used to develop even if the box doesn't have UEFI. - -Signed-off-by: Josh Boyer ---- - kernel/cred.c | 14 ++++++++++++++ - 1 file changed, 14 insertions(+) - -diff --git a/kernel/cred.c b/kernel/cred.c -index de728ac..0d71d02 100644 ---- a/kernel/cred.c -+++ b/kernel/cred.c -@@ -623,6 +623,20 @@ void __init cred_init(void) - 0, SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL); - } - -+/* Dummy Secure Boot enable option to fake out UEFI SB=1 */ -+static int __init secureboot_enable(char *str) -+{ -+ -+ int sb_enable = !!simple_strtol(str, NULL, 0); -+ pr_info("Secure Boot mode %s\n", (sb_enable ? "enabled" : "disabled")); -+ if (sb_enable) { -+ cap_lower((&init_cred)->cap_bset, CAP_SECURE_FIRMWARE); -+ cap_lower((&init_cred)->cap_permitted, CAP_SECURE_FIRMWARE); -+ } -+ return 1; -+} -+__setup("secureboot_enable=", secureboot_enable); -+ - /** - * prepare_kernel_cred - Prepare a set of credentials for a kernel service - * @daemon: A userspace daemon to be used as a reference --- -1.7.11.2 - - -From b70595f1523ecadc4ce9d43e9a0c465436ed1007 Mon Sep 17 00:00:00 2001 -From: Matthew Garrett -Date: Wed, 18 Jul 2012 11:28:00 -0400 -Subject: [PATCH 09/13] efi: Enable secure boot lockdown automatically when - enabled in firmware - -The firmware has a set of flags that indicate whether secure boot is enabled -and enforcing. Use them to indicate whether the kernel should lock itself -down. - -Signed-off-by: Matthew Garrett ---- - arch/x86/boot/compressed/eboot.c | 32 ++++++++++++++++++++++++++++++++ - arch/x86/include/asm/bootparam.h | 3 ++- - arch/x86/kernel/setup.c | 3 +++ - include/linux/cred.h | 2 ++ - kernel/cred.c | 18 +++++++++++------- - 5 files changed, 50 insertions(+), 8 deletions(-) - -diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c -index b3e0227..3789356 100644 ---- a/arch/x86/boot/compressed/eboot.c -+++ b/arch/x86/boot/compressed/eboot.c -@@ -724,6 +724,36 @@ fail: - return status; - } - -+static int get_secure_boot(efi_system_table_t *_table) -+{ -+ u8 sb, setup; -+ unsigned long datasize = sizeof(sb); -+ efi_guid_t var_guid = EFI_GLOBAL_VARIABLE_GUID; -+ efi_status_t status; -+ -+ status = efi_call_phys5(sys_table->runtime->get_variable, -+ L"SecureBoot", &var_guid, NULL, &datasize, &sb); -+ -+ if (status != EFI_SUCCESS) -+ return 0; -+ -+ if (sb == 0) -+ return 0; -+ -+ -+ status = efi_call_phys5(sys_table->runtime->get_variable, -+ L"SetupMode", &var_guid, NULL, &datasize, -+ &setup); -+ -+ if (status != EFI_SUCCESS) -+ return 0; -+ -+ if (setup == 1) -+ return 0; -+ -+ return 1; -+} -+ - /* - * Because the x86 boot code expects to be passed a boot_params we - * need to create one ourselves (usually the bootloader would create -@@ -1018,6 +1048,8 @@ struct boot_params *efi_main(void *handle, efi_system_table_t *_table, - if (sys_table->hdr.signature != EFI_SYSTEM_TABLE_SIGNATURE) - goto fail; - -+ boot_params->secure_boot = get_secure_boot(sys_table); -+ - setup_graphics(boot_params); - - status = efi_call_phys3(sys_table->boottime->allocate_pool, -diff --git a/arch/x86/include/asm/bootparam.h b/arch/x86/include/asm/bootparam.h -index 2ad874c..c7338e0 100644 ---- a/arch/x86/include/asm/bootparam.h -+++ b/arch/x86/include/asm/bootparam.h -@@ -114,7 +114,8 @@ struct boot_params { - __u8 eddbuf_entries; /* 0x1e9 */ - __u8 edd_mbr_sig_buf_entries; /* 0x1ea */ - __u8 kbd_status; /* 0x1eb */ -- __u8 _pad6[5]; /* 0x1ec */ -+ __u8 secure_boot; /* 0x1ec */ -+ __u8 _pad6[4]; /* 0x1ed */ - struct setup_header hdr; /* setup header */ /* 0x1f1 */ - __u8 _pad7[0x290-0x1f1-sizeof(struct setup_header)]; - __u32 edd_mbr_sig_buffer[EDD_MBR_SIG_MAX]; /* 0x290 */ -diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c -index f4b9b80..239bf2a 100644 ---- a/arch/x86/kernel/setup.c -+++ b/arch/x86/kernel/setup.c -@@ -947,6 +947,9 @@ void __init setup_arch(char **cmdline_p) - - io_delay_init(); - -+ if (boot_params.secure_boot) -+ secureboot_enable(); -+ - /* - * Parse the ACPI tables for possible boot-time SMP configuration. - */ -diff --git a/include/linux/cred.h b/include/linux/cred.h -index ebbed2c..a24faf1 100644 ---- a/include/linux/cred.h -+++ b/include/linux/cred.h -@@ -170,6 +170,8 @@ extern int set_security_override_from_ctx(struct cred *, const char *); - extern int set_create_files_as(struct cred *, struct inode *); - extern void __init cred_init(void); - -+extern void secureboot_enable(void); -+ - /* - * check for validity of credentials - */ -diff --git a/kernel/cred.c b/kernel/cred.c -index 0d71d02..c43e2b0 100644 ---- a/kernel/cred.c -+++ b/kernel/cred.c -@@ -623,19 +623,23 @@ void __init cred_init(void) - 0, SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL); - } - -+void __init secureboot_enable() -+{ -+ pr_info("Secure boot enabled\n"); -+ cap_lower((&init_cred)->cap_bset, CAP_SECURE_FIRMWARE); -+ cap_lower((&init_cred)->cap_permitted, CAP_SECURE_FIRMWARE); -+} -+ - /* Dummy Secure Boot enable option to fake out UEFI SB=1 */ --static int __init secureboot_enable(char *str) -+static int __init secureboot_enable_opt(char *str) - { - - int sb_enable = !!simple_strtol(str, NULL, 0); -- pr_info("Secure Boot mode %s\n", (sb_enable ? "enabled" : "disabled")); -- if (sb_enable) { -- cap_lower((&init_cred)->cap_bset, CAP_SECURE_FIRMWARE); -- cap_lower((&init_cred)->cap_permitted, CAP_SECURE_FIRMWARE); -- } -+ if (sb_enable) -+ secureboot_enable(); - return 1; - } --__setup("secureboot_enable=", secureboot_enable); -+__setup("secureboot_enable=", secureboot_enable_opt); - - /** - * prepare_kernel_cred - Prepare a set of credentials for a kernel service --- -1.7.11.2 - - -From 411c18c35ccacb1a9e3f3dc67383a6431e110e17 Mon Sep 17 00:00:00 2001 -From: Josh Boyer -Date: Mon, 25 Jun 2012 19:57:30 -0400 -Subject: [PATCH 10/13] acpi: Ignore acpi_rsdp kernel parameter in a secure - boot environment - -This option allows userspace to pass the RSDP address to the kernel. This -could potentially be used to circumvent the secure boot trust model. -We ignore the setting if we don't have the CAP_SECURE_FIRMWARE capability. - -Signed-off-by: Josh Boyer ---- - drivers/acpi/osl.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/drivers/acpi/osl.c b/drivers/acpi/osl.c -index 9eaf708..50c94e4 100644 ---- a/drivers/acpi/osl.c -+++ b/drivers/acpi/osl.c -@@ -246,7 +246,7 @@ early_param("acpi_rsdp", setup_acpi_rsdp); - acpi_physical_address __init acpi_os_get_root_pointer(void) - { - #ifdef CONFIG_KEXEC -- if (acpi_rsdp) -+ if (acpi_rsdp && capable(CAP_SECURE_FIRMWARE)) - return acpi_rsdp; - #endif - --- -1.7.11.2 - - -From 7bf87e8da8c7b57ba7f9448855c8ec84c684fb65 Mon Sep 17 00:00:00 2001 -From: Josh Boyer -Date: Mon, 25 Jun 2012 21:29:46 -0400 -Subject: [PATCH 11/13] Documentation: kernel-parameters.txt remove - capability.disable - -Remove the documentation for capability.disable. The code supporting this -parameter was removed with: - - commit 5915eb53861c5776cfec33ca4fcc1fd20d66dd27 - Author: Miklos Szeredi - Date: Thu Jul 3 20:56:05 2008 +0200 - - security: remove dummy module - -Signed-off-by: Josh Boyer ---- - Documentation/kernel-parameters.txt | 6 ------ - 1 file changed, 6 deletions(-) - -diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt -index ad7e2e5..33c4029 100644 ---- a/Documentation/kernel-parameters.txt -+++ b/Documentation/kernel-parameters.txt -@@ -446,12 +446,6 @@ bytes respectively. Such letter suffixes can also be entirely omitted. - possible to determine what the correct size should be. - This option provides an override for these situations. - -- capability.disable= -- [SECURITY] Disable capabilities. This would normally -- be used only if an alternative security model is to be -- configured. Potentially dangerous and should only be -- used if you are entirely sure of the consequences. -- - ccw_timeout_log [S390] - See Documentation/s390/CommonIO for details. - --- -1.7.11.2 - - -From ec0ca55ba3d1c2a59b0c0b6e38f7ae9966d676aa Mon Sep 17 00:00:00 2001 -From: Josh Boyer -Date: Tue, 26 Jun 2012 14:15:51 -0400 -Subject: [PATCH 12/13] SELinux: define mapping for new Secure Boot capability - -Add the name of the new Secure Boot capability. This allows SELinux -policies to properly map CAP_SECURE_FIRMWARE to the appropriate -capability class. - -Signed-off-by: Josh Boyer ---- - security/selinux/include/classmap.h | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/security/selinux/include/classmap.h b/security/selinux/include/classmap.h -index df2de54..0a1e348 100644 ---- a/security/selinux/include/classmap.h -+++ b/security/selinux/include/classmap.h -@@ -146,8 +146,8 @@ struct security_class_mapping secclass_map[] = { - { "memprotect", { "mmap_zero", NULL } }, - { "peer", { "recv", NULL } }, - { "capability2", -- { "mac_override", "mac_admin", "syslog", "wake_alarm", "block_suspend", -- NULL } }, -+ { "mac_override", "mac_admin", "syslog", "wake_alarm", -+ "block_suspend", "secure_firmware", NULL } }, - { "kernel_service", { "use_as_override", "create_files_as", NULL } }, - { "tun_socket", - { COMMON_SOCK_PERMS, NULL } }, --- -1.7.11.2 - - -From 0a90e99e45f5c8eddd3b8cfcd63a4c6355c5688d Mon Sep 17 00:00:00 2001 -From: Josh Boyer -Date: Tue, 26 Jun 2012 16:27:26 -0400 -Subject: [PATCH 13/13] modsign: Reject unsigned modules in a Secure Boot - environment - -If a machine is booted into a Secure Boot environment, we need to -protect the trust model. This requires that all modules be signed -with a key that is in the kernel's _modsign keyring. We add a -capability check and reject modules that are not signed. - -Signed-off-by: Josh Boyer ---- - kernel/module-verify.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/kernel/module-verify.c b/kernel/module-verify.c -index 22036d4..f6821b3 100644 ---- a/kernel/module-verify.c -+++ b/kernel/module-verify.c -@@ -31,6 +31,7 @@ - #include - #include - #include -+#include - #include - #include "module-verify.h" - #include "module-verify-defs.h" -@@ -699,7 +700,7 @@ int module_verify(const Elf_Ehdr *hdr, size_t size, bool *_gpgsig_ok) - /* The ELF checker found the sig for us if it exists */ - if (mvdata.sig_index <= 0) { - /* Deal with an unsigned module */ -- if (modsign_signedonly) { -+ if (modsign_signedonly || !capable(CAP_SECURE_FIRMWARE)) { - pr_err("An attempt to load unsigned module was rejected\n"); - return -EKEYREJECTED; - } else { -@@ -736,7 +737,7 @@ out: - break; - case -ENOKEY: /* Signed, but we don't have the public key */ - pr_err("Module signed with unknown public key\n"); -- if (!modsign_signedonly) { -+ if (!modsign_signedonly && capable(CAP_SECURE_FIRMWARE)) { - /* Allow a module to be signed with an unknown public - * key unless we're enforcing. - */ --- -1.7.11.2 - -From: Matthew Garrett -To: matt.fleming@intel.com -Cc: linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org, - x86@kernel.org, Matthew Garrett -Date: Thu, 26 Jul 2012 18:00:00 -0400 -Message-Id: <1343340000-7587-1-git-send-email-mjg@redhat.com> -Subject: [PATCH] efi: Build EFI stub with EFI-appropriate options - -We can't assume the presence of the red zone while we're still in a boot -services environment, so we should build with -fno-red-zone to avoid -problems. Change the size of wchar at the same time to make string handling -simpler. - -Signed-off-by: Matthew Garrett ---- - arch/x86/boot/compressed/Makefile | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile -index e398bb5..8a84501 100644 ---- a/arch/x86/boot/compressed/Makefile -+++ b/arch/x86/boot/compressed/Makefile -@@ -28,6 +28,9 @@ VMLINUX_OBJS = $(obj)/vmlinux.lds $(obj)/head_$(BITS).o $(obj)/misc.o \ - $(obj)/string.o $(obj)/cmdline.o $(obj)/early_serial_console.o \ - $(obj)/piggy.o - -+$(obj)/eboot.o: KBUILD_CFLAGS += -fshort-wchar -mno-red-zone -+$(obj)/efi_stub_$(BITS).o: KBUILD_CLFAGS += -fshort-wchar -mno-red-zone -+ - ifeq ($(CONFIG_EFI_STUB), y) - VMLINUX_OBJS += $(obj)/eboot.o $(obj)/efi_stub_$(BITS).o - endif - diff --git a/selinux-apply-different-permission-to-ptrace-child.patch b/selinux-apply-different-permission-to-ptrace-child.patch deleted file mode 100644 index 90baad840..000000000 --- a/selinux-apply-different-permission-to-ptrace-child.patch +++ /dev/null @@ -1,162 +0,0 @@ -Some applications, like gdb, are able to ptrace both children or other -completely unrelated tasks. We would like to be able to discern these two -things and to be able to allow gdb to ptrace it's children, but not to be -able to ptrace unrelated tasks for security reasons. - -Upstream is a bit weary of this patch as it may be incomplete. They are -not fundamentally opposed to the patch, I was just ask to see if I could -flush out any needed refinement in Fedora where we already had the -problem. We may find that we need to emulate the YAMA non-child -registration module in order to completely deal with 'normal' ptrace on -a system. At the moment however, this patch will at least let us get -gdb working for many users in Fedora (See fedora-devel-list for a -discussion of the current issues people are complaining about in F17 -without this) - ---- - - security/selinux/hooks.c | 38 +++++++++++++++++++++++++++++++++++ - security/selinux/include/classmap.h | 2 +- - security/selinux/include/security.h | 2 ++ - security/selinux/selinuxfs.c | 3 ++- - security/selinux/ss/services.c | 3 +++ - 5 files changed, 46 insertions(+), 2 deletions(-) - -diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c -index 1a4acf4..b226f26 100644 ---- a/security/selinux/hooks.c -+++ b/security/selinux/hooks.c -@@ -1805,6 +1805,39 @@ static inline u32 open_file_to_av(struct file *file) - - /* Hook functions begin here. */ - -+/** -+ * task_is_descendant - walk up a process family tree looking for a match -+ * @parent: the process to compare against while walking up from child -+ * @child: the process to start from while looking upwards for parent -+ * -+ * Returns 1 if child is a descendant of parent, 0 if not. -+ */ -+static int task_is_descendant(struct task_struct *parent, -+ struct task_struct *child) -+{ -+ int rc = 0; -+ struct task_struct *walker = child; -+ -+ if (!parent || !child) -+ return 0; -+ -+ rcu_read_lock(); -+ if (!thread_group_leader(parent)) -+ parent = rcu_dereference(parent->group_leader); -+ while (walker->pid > 0) { -+ if (!thread_group_leader(walker)) -+ walker = rcu_dereference(walker->group_leader); -+ if (walker == parent) { -+ rc = 1; -+ break; -+ } -+ walker = rcu_dereference(walker->real_parent); -+ } -+ rcu_read_unlock(); -+ -+ return rc; -+} -+ - static int selinux_ptrace_access_check(struct task_struct *child, - unsigned int mode) - { -@@ -1820,6 +1853,9 @@ static int selinux_ptrace_access_check(struct task_struct *child, - return avc_has_perm(sid, csid, SECCLASS_FILE, FILE__READ, NULL); - } - -+ -+ if (selinux_policycap_ptrace_child && task_is_descendant(current, child)) -+ return current_has_perm(child, PROCESS__PTRACE_CHILD); - return current_has_perm(child, PROCESS__PTRACE); - } - -@@ -1831,6 +1867,8 @@ static int selinux_ptrace_traceme(struct task_struct *parent) - if (rc) - return rc; - -+ if (selinux_policycap_ptrace_child && task_is_descendant(parent, current)) -+ return task_has_perm(parent, current, PROCESS__PTRACE_CHILD); - return task_has_perm(parent, current, PROCESS__PTRACE); - } - -diff --git a/security/selinux/include/classmap.h b/security/selinux/include/classmap.h -index 39e678c..72c08b9 100644 ---- a/security/selinux/include/classmap.h -+++ b/security/selinux/include/classmap.h -@@ -29,7 +29,7 @@ struct security_class_mapping secclass_map[] = { - "getattr", "setexec", "setfscreate", "noatsecure", "siginh", - "setrlimit", "rlimitinh", "dyntransition", "setcurrent", - "execmem", "execstack", "execheap", "setkeycreate", -- "setsockcreate", NULL } }, -+ "setsockcreate", "ptrace_child", NULL } }, - { "system", - { "ipc_info", "syslog_read", "syslog_mod", - "syslog_console", "module_request", NULL } }, -diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h -index dde2005..ac14b0a 100644 ---- a/security/selinux/include/security.h -+++ b/security/selinux/include/security.h -@@ -68,12 +68,14 @@ extern int selinux_enabled; - enum { - POLICYDB_CAPABILITY_NETPEER, - POLICYDB_CAPABILITY_OPENPERM, -+ POLICYDB_CAPABILITY_PTRACE_CHILD, - __POLICYDB_CAPABILITY_MAX - }; - #define POLICYDB_CAPABILITY_MAX (__POLICYDB_CAPABILITY_MAX - 1) - - extern int selinux_policycap_netpeer; - extern int selinux_policycap_openperm; -+extern int selinux_policycap_ptrace_child; - - /* - * type_datum properties -diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c -index 4e93f9e..3379765 100644 ---- a/security/selinux/selinuxfs.c -+++ b/security/selinux/selinuxfs.c -@@ -44,7 +44,8 @@ - /* Policy capability filenames */ - static char *policycap_names[] = { - "network_peer_controls", -- "open_perms" -+ "open_perms", -+ "ptrace_child", - }; - - unsigned int selinux_checkreqprot = CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE; -diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c -index 9b7e7ed..4d12a6e 100644 ---- a/security/selinux/ss/services.c -+++ b/security/selinux/ss/services.c -@@ -72,6 +72,7 @@ - - int selinux_policycap_netpeer; - int selinux_policycap_openperm; -+int selinux_policycap_ptrace_child; - - static DEFINE_RWLOCK(policy_rwlock); - -@@ -1812,6 +1813,8 @@ static void security_load_policycaps(void) - POLICYDB_CAPABILITY_NETPEER); - selinux_policycap_openperm = ebitmap_get_bit(&policydb.policycaps, - POLICYDB_CAPABILITY_OPENPERM); -+ selinux_policycap_ptrace_child = ebitmap_get_bit(&policydb.policycaps, -+ POLICYDB_CAPABILITY_PTRACE_CHILD); - } - - static int security_preserve_bools(struct policydb *p); - - - - -_______________________________________________ -kernel mailing list -kernel@lists.fedoraproject.org -https://admin.fedoraproject.org/mailman/listinfo/kernel diff --git a/linux-2.6-serial-460800.patch b/serial-460800.patch similarity index 93% rename from linux-2.6-serial-460800.patch rename to serial-460800.patch index 979b248d5..bdae70e31 100644 --- a/linux-2.6-serial-460800.patch +++ b/serial-460800.patch @@ -1,7 +1,7 @@ diff --git a/drivers/serial/8250.c b/drivers/serial/8250.c index 2209620..659c1bb 100644 ---- a/drivers/tty/serial/8250/8250.c -+++ b/drivers/tty/serial/8250/8250.c +--- a/drivers/tty/serial/8250/8250_core.c ++++ b/drivers/tty/serial/8250/8250_core.c @@ -7,6 +7,9 @@ * * Copyright (C) 2001 Russell King. @@ -28,14 +28,14 @@ index 2209620..659c1bb 100644 quot = uart_get_divisor(port, baud); @@ -2240,7 +2251,7 @@ serial8250_set_termios(struct uart_port *port, struct ktermios *termios, - struct uart_8250_port *up = (struct uart_8250_port *)port; + container_of(port, struct uart_8250_port, port); unsigned char cval, fcr = 0; unsigned long flags; - unsigned int baud, quot; + unsigned int baud, quot, max_baud; + int fifo_bug = 0; switch (termios->c_cflag & CSIZE) { - case CS5: @@ -2272,9 +2283,10 @@ serial8250_set_termios(struct uart_port *port, struct ktermios *termios, /* * Ask the core to calculate the divisor for us. diff --git a/linux-2.6-silence-acpi-blacklist.patch b/silence-acpi-blacklist.patch similarity index 100% rename from linux-2.6-silence-acpi-blacklist.patch rename to silence-acpi-blacklist.patch diff --git a/linux-2.6-silence-fbcon-logo.patch b/silence-fbcon-logo.patch similarity index 100% rename from linux-2.6-silence-fbcon-logo.patch rename to silence-fbcon-logo.patch diff --git a/linux-2.6-silence-noise.patch b/silence-noise.patch similarity index 97% rename from linux-2.6-silence-noise.patch rename to silence-noise.patch index 1e4d7c57f..bcd5baa0b 100644 --- a/linux-2.6-silence-noise.patch +++ b/silence-noise.patch @@ -14,7 +14,7 @@ diff --git a/drivers/input/serio/i8042.c b/drivers/input/serio/i8042.c index 170f71e..4f3e632 100644 --- a/drivers/input/serio/i8042.c +++ b/drivers/input/serio/i8042.c -@@ -701,10 +701,8 @@ static int __devinit i8042_check_aux(void) +@@ -701,10 +701,8 @@ static int i8042_check_aux(void) static int i8042_controller_check(void) { diff --git a/slab_common-Do-not-check-for-duplicate-slab-names.patch b/slab_common-Do-not-check-for-duplicate-slab-names.patch new file mode 100644 index 000000000..c99303cc0 --- /dev/null +++ b/slab_common-Do-not-check-for-duplicate-slab-names.patch @@ -0,0 +1,71 @@ +Bugzilla: 1031086 +Upstream-status: 3.12 + +From cd8fa0170867ce6e6e2d7edba1dc1a0b87485854 Mon Sep 17 00:00:00 2001 +From: Christoph Lameter +Date: Sat, 21 Sep 2013 21:56:34 +0000 +Subject: [PATCH] slab_common: Do not check for duplicate slab names + +SLUB can alias multiple slab kmem_create_requests to one slab cache to save +memory and increase the cache hotness. As a result the name of the slab can be +stale. Only check the name for duplicates if we are in debug mode where we do +not merge multiple caches. + +This fixes the following problem reported by Jonathan Brassow: + + The problem with kmem_cache* is this: + + *) Assume CONFIG_SLUB is set + 1) kmem_cache_create(name="foo-a") + - creates new kmem_cache structure + 2) kmem_cache_create(name="foo-b") + - If identical cache characteristics, it will be merged with the previously + created cache associated with "foo-a". The cache's refcount will be + incremented and an alias will be created via sysfs_slab_alias(). + 3) kmem_cache_destroy() + - Attempting to destroy cache associated with "foo-a", but instead the + refcount is simply decremented. I don't even think the sysfs aliases are + ever removed... + 4) kmem_cache_create(name="foo-a") + - This FAILS because kmem_cache_sanity_check colides with the existing + name ("foo-a") associated with the non-removed cache. + + This is a problem for RAID (specifically dm-raid) because the name used + for the kmem_cache_create is ("raid%d-%p", level, mddev). If the cache + persists for long enough, the memory address of an old mddev will be + reused for a new mddev - causing an identical formulation of the cache + name. Even though kmem_cache_destory had long ago been used to delete + the old cache, the merging of caches has cause the name and cache of that + old instance to be preserved and causes a colision (and thus failure) in + kmem_cache_create(). I see this regularly in my testing. + +Reported-by: Jonathan Brassow +Signed-off-by: Christoph Lameter +Signed-off-by: Pekka Enberg +--- + mm/slab_common.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/mm/slab_common.c b/mm/slab_common.c +index 538bade..d434771 100644 +--- a/mm/slab_common.c ++++ b/mm/slab_common.c +@@ -55,6 +55,7 @@ static int kmem_cache_sanity_check(struct mem_cgroup *memcg, const char *name, + continue; + } + ++#if !defined(CONFIG_SLUB) || !defined(CONFIG_SLUB_DEBUG_ON) + /* + * For simplicity, we won't check this in the list of memcg + * caches. We have control over memcg naming, and if there +@@ -68,6 +69,7 @@ static int kmem_cache_sanity_check(struct mem_cgroup *memcg, const char *name, + s = NULL; + return -EINVAL; + } ++#endif + } + + WARN_ON(strchr(name, ' ')); /* It confuses parsers */ +-- +1.8.3.1 + diff --git a/sources b/sources index 80d0bc7fe..c634d10c0 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -24153eaaa81dedc9481ada8cd9c3b83d linux-3.5.tar.xz -5f0ec612b5364c18386c1b8155c271ac patch-3.6-rc2.xz +fea363551ff45fbe4cb88497b863b261 linux-3.11.tar.xz +c918da07cf5ad4240945ae56c4de3bc0 patch-3.11.10.xz diff --git a/sunrpc-create-a-new-dummy-pipe-for-gssd-to-hold-open.patch b/sunrpc-create-a-new-dummy-pipe-for-gssd-to-hold-open.patch new file mode 100644 index 000000000..805498a70 --- /dev/null +++ b/sunrpc-create-a-new-dummy-pipe-for-gssd-to-hold-open.patch @@ -0,0 +1,233 @@ +Bugzilla: N/A +Upstream-status: queued in NFS git tree (for 3.13/3.14?) + +rpc.gssd will naturally hold open any pipe named */clnt*/gssd that shows +up under rpc_pipefs. That behavior gives us a reliable mechanism to tell +whether it's actually running or not. + +Create a new toplevel "gssd" directory in rpc_pipefs when it's mounted. +Under that directory create another directory called "clntXX", and then +within that a pipe called "gssd". + +We'll never send an upcall along that pipe, and any downcall written to +it will just return -EINVAL. + +Signed-off-by: Jeff Layton +Signed-off-by: Trond Myklebust +--- + include/linux/sunrpc/rpc_pipe_fs.h | 3 +- + net/sunrpc/netns.h | 1 + + net/sunrpc/rpc_pipe.c | 93 ++++++++++++++++++++++++++++++++++- + net/sunrpc/sunrpc_syms.c | 8 +++- + 4 files changed, 100 insertions(+), 5 deletions(-) + +diff -up linux-3.11.9-200.fc19.x86_64/include/linux/sunrpc/rpc_pipe_fs.h.orig linux-3.11.9-200.fc19.x86_64/include/linux/sunrpc/rpc_pipe_fs.h +--- linux-3.11.9-200.fc19.x86_64/include/linux/sunrpc/rpc_pipe_fs.h.orig 2013-09-02 16:46:10.000000000 -0400 ++++ linux-3.11.9-200.fc19.x86_64/include/linux/sunrpc/rpc_pipe_fs.h 2013-11-21 10:11:17.893026000 -0500 +@@ -64,7 +64,8 @@ enum { + + extern struct dentry *rpc_d_lookup_sb(const struct super_block *sb, + const unsigned char *dir_name); +-extern void rpc_pipefs_init_net(struct net *net); ++extern int rpc_pipefs_init_net(struct net *net); ++extern void rpc_pipefs_exit_net(struct net *net); + extern struct super_block *rpc_get_sb_net(const struct net *net); + extern void rpc_put_sb_net(const struct net *net); + +diff -up linux-3.11.9-200.fc19.x86_64/net/sunrpc/netns.h.orig linux-3.11.9-200.fc19.x86_64/net/sunrpc/netns.h +--- linux-3.11.9-200.fc19.x86_64/net/sunrpc/netns.h.orig 2013-09-02 16:46:10.000000000 -0400 ++++ linux-3.11.9-200.fc19.x86_64/net/sunrpc/netns.h 2013-11-21 10:11:17.897029000 -0500 +@@ -14,6 +14,7 @@ struct sunrpc_net { + struct cache_detail *rsi_cache; + + struct super_block *pipefs_sb; ++ struct rpc_pipe *gssd_dummy; + struct mutex pipefs_sb_lock; + + struct list_head all_clients; +diff -up linux-3.11.9-200.fc19.x86_64/net/sunrpc/rpc_pipe.c.orig linux-3.11.9-200.fc19.x86_64/net/sunrpc/rpc_pipe.c +--- linux-3.11.9-200.fc19.x86_64/net/sunrpc/rpc_pipe.c.orig 2013-09-02 16:46:10.000000000 -0400 ++++ linux-3.11.9-200.fc19.x86_64/net/sunrpc/rpc_pipe.c 2013-11-21 10:11:17.903026000 -0500 +@@ -38,7 +38,7 @@ + #define NET_NAME(net) ((net == &init_net) ? " (init_net)" : "") + + static struct file_system_type rpc_pipe_fs_type; +- ++static const struct rpc_pipe_ops gssd_dummy_pipe_ops; + + static struct kmem_cache *rpc_inode_cachep __read_mostly; + +@@ -1019,6 +1019,7 @@ enum { + RPCAUTH_nfsd4_cb, + RPCAUTH_cache, + RPCAUTH_nfsd, ++ RPCAUTH_gssd, + RPCAUTH_RootEOF + }; + +@@ -1055,6 +1056,10 @@ static const struct rpc_filelist files[] + .name = "nfsd", + .mode = S_IFDIR | S_IRUGO | S_IXUGO, + }, ++ [RPCAUTH_gssd] = { ++ .name = "gssd", ++ .mode = S_IFDIR | S_IRUGO | S_IXUGO, ++ }, + }; + + /* +@@ -1068,13 +1073,25 @@ struct dentry *rpc_d_lookup_sb(const str + } + EXPORT_SYMBOL_GPL(rpc_d_lookup_sb); + +-void rpc_pipefs_init_net(struct net *net) ++int rpc_pipefs_init_net(struct net *net) + { + struct sunrpc_net *sn = net_generic(net, sunrpc_net_id); + ++ sn->gssd_dummy = rpc_mkpipe_data(&gssd_dummy_pipe_ops, 0); ++ if (IS_ERR(sn->gssd_dummy)) ++ return PTR_ERR(sn->gssd_dummy); ++ + mutex_init(&sn->pipefs_sb_lock); + sn->gssd_running = 1; + sn->pipe_version = -1; ++ return 0; ++} ++ ++void rpc_pipefs_exit_net(struct net *net) ++{ ++ struct sunrpc_net *sn = net_generic(net, sunrpc_net_id); ++ ++ rpc_destroy_pipe_data(sn->gssd_dummy); + } + + /* +@@ -1104,11 +1121,73 @@ void rpc_put_sb_net(const struct net *ne + } + EXPORT_SYMBOL_GPL(rpc_put_sb_net); + ++static const struct rpc_filelist gssd_dummy_clnt_dir[] = { ++ [0] = { ++ .name = "clntXX", ++ .mode = S_IFDIR | S_IRUGO | S_IXUGO, ++ }, ++}; ++ ++static ssize_t ++dummy_downcall(struct file *filp, const char __user *src, size_t len) ++{ ++ return -EINVAL; ++} ++ ++static const struct rpc_pipe_ops gssd_dummy_pipe_ops = { ++ .upcall = rpc_pipe_generic_upcall, ++ .downcall = dummy_downcall, ++}; ++ ++/** ++ * rpc_gssd_dummy_populate - create a dummy gssd pipe ++ * @root: root of the rpc_pipefs filesystem ++ * @pipe_data: pipe data created when netns is initialized ++ * ++ * Create a dummy set of directories and a pipe that gssd can hold open to ++ * indicate that it is up and running. ++ */ ++static struct dentry * ++rpc_gssd_dummy_populate(struct dentry *root, struct rpc_pipe *pipe_data) ++{ ++ int ret = 0; ++ struct dentry *gssd_dentry; ++ struct dentry *clnt_dentry = NULL; ++ struct dentry *pipe_dentry = NULL; ++ struct qstr q = QSTR_INIT(files[RPCAUTH_gssd].name, ++ strlen(files[RPCAUTH_gssd].name)); ++ ++ /* We should never get this far if "gssd" doesn't exist */ ++ gssd_dentry = d_hash_and_lookup(root, &q); ++ if (!gssd_dentry) ++ return ERR_PTR(-ENOENT); ++ ++ ret = rpc_populate(gssd_dentry, gssd_dummy_clnt_dir, 0, 1, NULL); ++ if (ret) { ++ pipe_dentry = ERR_PTR(ret); ++ goto out; ++ } ++ ++ q.name = gssd_dummy_clnt_dir[0].name; ++ q.len = strlen(gssd_dummy_clnt_dir[0].name); ++ clnt_dentry = d_hash_and_lookup(gssd_dentry, &q); ++ if (!clnt_dentry) { ++ pipe_dentry = ERR_PTR(-ENOENT); ++ goto out; ++ } ++ ++ pipe_dentry = rpc_mkpipe_dentry(clnt_dentry, "gssd", NULL, pipe_data); ++out: ++ dput(clnt_dentry); ++ dput(gssd_dentry); ++ return pipe_dentry; ++} ++ + static int + rpc_fill_super(struct super_block *sb, void *data, int silent) + { + struct inode *inode; +- struct dentry *root; ++ struct dentry *root, *gssd_dentry; + struct net *net = data; + struct sunrpc_net *sn = net_generic(net, sunrpc_net_id); + int err; +@@ -1126,6 +1205,13 @@ rpc_fill_super(struct super_block *sb, v + return -ENOMEM; + if (rpc_populate(root, files, RPCAUTH_lockd, RPCAUTH_RootEOF, NULL)) + return -ENOMEM; ++ ++ gssd_dentry = rpc_gssd_dummy_populate(root, sn->gssd_dummy); ++ if (IS_ERR(gssd_dentry)) { ++ __rpc_depopulate(root, files, RPCAUTH_lockd, RPCAUTH_RootEOF); ++ return PTR_ERR(gssd_dentry); ++ } ++ + dprintk("RPC: sending pipefs MOUNT notification for net %p%s\n", + net, NET_NAME(net)); + mutex_lock(&sn->pipefs_sb_lock); +@@ -1140,6 +1226,7 @@ rpc_fill_super(struct super_block *sb, v + return 0; + + err_depopulate: ++ dput(gssd_dentry); + blocking_notifier_call_chain(&rpc_pipefs_notifier_list, + RPC_PIPEFS_UMOUNT, + sb); +diff -up linux-3.11.9-200.fc19.x86_64/net/sunrpc/sunrpc_syms.c.orig linux-3.11.9-200.fc19.x86_64/net/sunrpc/sunrpc_syms.c +--- linux-3.11.9-200.fc19.x86_64/net/sunrpc/sunrpc_syms.c.orig 2013-09-02 16:46:10.000000000 -0400 ++++ linux-3.11.9-200.fc19.x86_64/net/sunrpc/sunrpc_syms.c 2013-11-21 10:11:17.908026000 -0500 +@@ -44,12 +44,17 @@ static __net_init int sunrpc_init_net(st + if (err) + goto err_unixgid; + +- rpc_pipefs_init_net(net); ++ err = rpc_pipefs_init_net(net); ++ if (err) ++ goto err_pipefs; ++ + INIT_LIST_HEAD(&sn->all_clients); + spin_lock_init(&sn->rpc_client_lock); + spin_lock_init(&sn->rpcb_clnt_lock); + return 0; + ++err_pipefs: ++ unix_gid_cache_destroy(net); + err_unixgid: + ip_map_cache_destroy(net); + err_ipmap: +@@ -60,6 +65,7 @@ err_proc: + + static __net_exit void sunrpc_exit_net(struct net *net) + { ++ rpc_pipefs_exit_net(net); + unix_gid_cache_destroy(net); + ip_map_cache_destroy(net); + rpc_proc_exit(net); + diff --git a/sunrpc-replace-gssd_running-with-more-reliable-check.patch b/sunrpc-replace-gssd_running-with-more-reliable-check.patch new file mode 100644 index 000000000..f2ca18555 --- /dev/null +++ b/sunrpc-replace-gssd_running-with-more-reliable-check.patch @@ -0,0 +1,134 @@ +Bugzilla: N/A +Upstream-status: queued in NFS git tree (for 3.13/3.14?) + +Now that we have a more reliable method to tell if gssd is running, we +can replace the sn->gssd_running flag with a function that will query to +see if it's up and running. + +There's also no need to attempt an upcall that we know will fail, so +just return -EACCES if gssd isn't running. Finally, fix the warn_gss() +message not to claim that that the upcall timed out since we don't +necesarily perform one now when gssd isn't running, and remove the +extraneous newline from the message. + +Signed-off-by: Jeff Layton +Signed-off-by: Trond Myklebust +--- + include/linux/sunrpc/rpc_pipe_fs.h | 2 ++ + net/sunrpc/auth_gss/auth_gss.c | 17 +++++++---------- + net/sunrpc/netns.h | 2 -- + net/sunrpc/rpc_pipe.c | 14 ++++++++++---- + 4 files changed, 19 insertions(+), 16 deletions(-) + +diff -up linux-3.11.9-200.fc19.x86_64/include/linux/sunrpc/rpc_pipe_fs.h.orig linux-3.11.9-200.fc19.x86_64/include/linux/sunrpc/rpc_pipe_fs.h +--- linux-3.11.9-200.fc19.x86_64/include/linux/sunrpc/rpc_pipe_fs.h.orig 2013-11-21 10:11:17.893026000 -0500 ++++ linux-3.11.9-200.fc19.x86_64/include/linux/sunrpc/rpc_pipe_fs.h 2013-11-21 10:14:17.709348000 -0500 +@@ -94,5 +94,7 @@ extern int rpc_unlink(struct dentry *); + extern int register_rpc_pipefs(void); + extern void unregister_rpc_pipefs(void); + ++extern bool gssd_running(struct net *net); ++ + #endif + #endif +diff -up linux-3.11.9-200.fc19.x86_64/net/sunrpc/auth_gss/auth_gss.c.orig linux-3.11.9-200.fc19.x86_64/net/sunrpc/auth_gss/auth_gss.c +--- linux-3.11.9-200.fc19.x86_64/net/sunrpc/auth_gss/auth_gss.c.orig 2013-09-02 16:46:10.000000000 -0400 ++++ linux-3.11.9-200.fc19.x86_64/net/sunrpc/auth_gss/auth_gss.c 2013-11-21 10:18:33.681923000 -0500 +@@ -507,8 +507,7 @@ static void warn_gssd(void) + unsigned long now = jiffies; + + if (time_after(now, ratelimit)) { +- printk(KERN_WARNING "RPC: AUTH_GSS upcall timed out.\n" +- "Please check user daemon is running.\n"); ++ pr_warn("RPC: AUTH_GSS upcall failed. Please check user daemon is running.\n"); + ratelimit = now + 15*HZ; + } + } +@@ -571,7 +570,6 @@ gss_create_upcall(struct gss_auth *gss_a + struct rpc_pipe *pipe; + struct rpc_cred *cred = &gss_cred->gc_base; + struct gss_upcall_msg *gss_msg; +- unsigned long timeout; + DEFINE_WAIT(wait); + int err; + +@@ -579,17 +577,16 @@ gss_create_upcall(struct gss_auth *gss_a + __func__, from_kuid(&init_user_ns, cred->cr_uid)); + retry: + err = 0; +- /* Default timeout is 15s unless we know that gssd is not running */ +- timeout = 15 * HZ; +- if (!sn->gssd_running) +- timeout = HZ >> 2; ++ /* if gssd is down, just skip upcalling altogether */ ++ if (!gssd_running(net)) { ++ warn_gssd(); ++ return -EACCES; ++ } + gss_msg = gss_setup_upcall(gss_auth->client, gss_auth, cred); + if (PTR_ERR(gss_msg) == -EAGAIN) { + err = wait_event_interruptible_timeout(pipe_version_waitqueue, +- sn->pipe_version >= 0, timeout); ++ sn->pipe_version >= 0, 15 * HZ); + if (sn->pipe_version < 0) { +- if (err == 0) +- sn->gssd_running = 0; + warn_gssd(); + err = -EACCES; + } +diff -up linux-3.11.9-200.fc19.x86_64/net/sunrpc/netns.h.orig linux-3.11.9-200.fc19.x86_64/net/sunrpc/netns.h +--- linux-3.11.9-200.fc19.x86_64/net/sunrpc/netns.h.orig 2013-11-21 10:11:17.897029000 -0500 ++++ linux-3.11.9-200.fc19.x86_64/net/sunrpc/netns.h 2013-11-21 10:14:17.722351000 -0500 +@@ -33,8 +33,6 @@ struct sunrpc_net { + int pipe_version; + atomic_t pipe_users; + struct proc_dir_entry *use_gssp_proc; +- +- unsigned int gssd_running; + }; + + extern int sunrpc_net_id; +diff -up linux-3.11.9-200.fc19.x86_64/net/sunrpc/rpc_pipe.c.orig linux-3.11.9-200.fc19.x86_64/net/sunrpc/rpc_pipe.c +--- linux-3.11.9-200.fc19.x86_64/net/sunrpc/rpc_pipe.c.orig 2013-11-21 10:11:17.903026000 -0500 ++++ linux-3.11.9-200.fc19.x86_64/net/sunrpc/rpc_pipe.c 2013-11-21 10:14:17.727348000 -0500 +@@ -216,14 +216,11 @@ rpc_destroy_inode(struct inode *inode) + static int + rpc_pipe_open(struct inode *inode, struct file *filp) + { +- struct net *net = inode->i_sb->s_fs_info; +- struct sunrpc_net *sn = net_generic(net, sunrpc_net_id); + struct rpc_pipe *pipe; + int first_open; + int res = -ENXIO; + + mutex_lock(&inode->i_mutex); +- sn->gssd_running = 1; + pipe = RPC_I(inode)->pipe; + if (pipe == NULL) + goto out; +@@ -1082,7 +1079,6 @@ int rpc_pipefs_init_net(struct net *net) + return PTR_ERR(sn->gssd_dummy); + + mutex_init(&sn->pipefs_sb_lock); +- sn->gssd_running = 1; + sn->pipe_version = -1; + return 0; + } +@@ -1236,6 +1232,16 @@ err_depopulate: + return err; + } + ++bool ++gssd_running(struct net *net) ++{ ++ struct sunrpc_net *sn = net_generic(net, sunrpc_net_id); ++ struct rpc_pipe *pipe = sn->gssd_dummy; ++ ++ return pipe->nreaders || pipe->nwriters; ++} ++EXPORT_SYMBOL_GPL(gssd_running); ++ + static struct dentry * + rpc_mount(struct file_system_type *fs_type, + int flags, const char *dev_name, void *data) + diff --git a/taint-vbox.patch b/taint-vbox.patch index 5cb3e47c9..5cde0ce28 100644 --- a/taint-vbox.patch +++ b/taint-vbox.patch @@ -1,15 +1,13 @@ -diff --git a/kernel/module.c b/kernel/module.c -index 04379f92..d26c9a3 100644 ---- a/kernel/module.c -+++ b/kernel/module.c -@@ -2653,6 +2653,10 @@ static int check_module_license_and_versions(struct module *mod) +--- linux-3.9.0-200.fc18.x86_64/kernel/module.c~ 2013-05-06 15:01:57.589631369 -0400 ++++ linux-3.9.0-200.fc18.x86_64/kernel/module.c 2013-05-06 15:02:30.635583966 -0400 +@@ -2873,6 +2873,10 @@ static int check_module_license_and_vers if (strcmp(mod->name, "ndiswrapper") == 0) - add_taint(TAINT_PROPRIETARY_MODULE); + add_taint(TAINT_PROPRIETARY_MODULE, LOCKDEP_NOW_UNRELIABLE); + /* vbox is garbage. */ + if (strcmp(mod->name, "vboxdrv") == 0) -+ add_taint(TAINT_CRAP); ++ add_taint(TAINT_CRAP, LOCKDEP_NOW_UNRELIABLE); + /* driverloader was caught wrongly pretending to be under GPL */ if (strcmp(mod->name, "driverloader") == 0) - add_taint_module(mod, TAINT_PROPRIETARY_MODULE); + add_taint_module(mod, TAINT_PROPRIETARY_MODULE, diff --git a/team-net-next-20120808.patch b/team-net-next-20120808.patch deleted file mode 100644 index c738a4724..000000000 --- a/team-net-next-20120808.patch +++ /dev/null @@ -1,499 +0,0 @@ -Update team driver to latest net-next. - -Split patches available here: -http://people.redhat.com/jpirko/f18_team_update_2/ - -Jiri Pirko (4): - netlink: add signed types - team: add signed 32-bit team option type - team: add per port priority option - team: add support for queue override by setting queue_id for port - - drivers/net/team/team.c | 200 ++++++++++++++++++++++++++++++++++++++++++++++- - include/linux/if_team.h | 7 ++ - include/net/netlink.h | 98 +++++++++++++++++++++++ - 3 files changed, 303 insertions(+), 2 deletions(-) - -Signed-off-by: Jiri Pirko - -diff --git a/drivers/net/team/team.c b/drivers/net/team/team.c -index 87707ab..ba10c46 100644 ---- a/drivers/net/team/team.c -+++ b/drivers/net/team/team.c -@@ -658,6 +658,122 @@ static rx_handler_result_t team_handle_frame(struct sk_buff **pskb) - } - - -+/************************************* -+ * Multiqueue Tx port select override -+ *************************************/ -+ -+static int team_queue_override_init(struct team *team) -+{ -+ struct list_head *listarr; -+ unsigned int queue_cnt = team->dev->num_tx_queues - 1; -+ unsigned int i; -+ -+ if (!queue_cnt) -+ return 0; -+ listarr = kmalloc(sizeof(struct list_head) * queue_cnt, GFP_KERNEL); -+ if (!listarr) -+ return -ENOMEM; -+ team->qom_lists = listarr; -+ for (i = 0; i < queue_cnt; i++) -+ INIT_LIST_HEAD(listarr++); -+ return 0; -+} -+ -+static void team_queue_override_fini(struct team *team) -+{ -+ kfree(team->qom_lists); -+} -+ -+static struct list_head *__team_get_qom_list(struct team *team, u16 queue_id) -+{ -+ return &team->qom_lists[queue_id - 1]; -+} -+ -+/* -+ * note: already called with rcu_read_lock -+ */ -+static bool team_queue_override_transmit(struct team *team, struct sk_buff *skb) -+{ -+ struct list_head *qom_list; -+ struct team_port *port; -+ -+ if (!team->queue_override_enabled || !skb->queue_mapping) -+ return false; -+ qom_list = __team_get_qom_list(team, skb->queue_mapping); -+ list_for_each_entry_rcu(port, qom_list, qom_list) { -+ if (!team_dev_queue_xmit(team, port, skb)) -+ return true; -+ } -+ return false; -+} -+ -+static void __team_queue_override_port_del(struct team *team, -+ struct team_port *port) -+{ -+ list_del_rcu(&port->qom_list); -+ synchronize_rcu(); -+ INIT_LIST_HEAD(&port->qom_list); -+} -+ -+static bool team_queue_override_port_has_gt_prio_than(struct team_port *port, -+ struct team_port *cur) -+{ -+ if (port->priority < cur->priority) -+ return true; -+ if (port->priority > cur->priority) -+ return false; -+ if (port->index < cur->index) -+ return true; -+ return false; -+} -+ -+static void __team_queue_override_port_add(struct team *team, -+ struct team_port *port) -+{ -+ struct team_port *cur; -+ struct list_head *qom_list; -+ struct list_head *node; -+ -+ if (!port->queue_id || !team_port_enabled(port)) -+ return; -+ -+ qom_list = __team_get_qom_list(team, port->queue_id); -+ node = qom_list; -+ list_for_each_entry(cur, qom_list, qom_list) { -+ if (team_queue_override_port_has_gt_prio_than(port, cur)) -+ break; -+ node = &cur->qom_list; -+ } -+ list_add_tail_rcu(&port->qom_list, node); -+} -+ -+static void __team_queue_override_enabled_check(struct team *team) -+{ -+ struct team_port *port; -+ bool enabled = false; -+ -+ list_for_each_entry(port, &team->port_list, list) { -+ if (!list_empty(&port->qom_list)) { -+ enabled = true; -+ break; -+ } -+ } -+ if (enabled == team->queue_override_enabled) -+ return; -+ netdev_dbg(team->dev, "%s queue override\n", -+ enabled ? "Enabling" : "Disabling"); -+ team->queue_override_enabled = enabled; -+} -+ -+static void team_queue_override_port_refresh(struct team *team, -+ struct team_port *port) -+{ -+ __team_queue_override_port_del(team, port); -+ __team_queue_override_port_add(team, port); -+ __team_queue_override_enabled_check(team); -+} -+ -+ - /**************** - * Port handling - ****************/ -@@ -688,6 +804,7 @@ static void team_port_enable(struct team *team, - hlist_add_head_rcu(&port->hlist, - team_port_index_hash(team, port->index)); - team_adjust_ops(team); -+ team_queue_override_port_refresh(team, port); - if (team->ops.port_enabled) - team->ops.port_enabled(team, port); - } -@@ -716,6 +833,7 @@ static void team_port_disable(struct team *team, - hlist_del_rcu(&port->hlist); - __reconstruct_port_hlist(team, port->index); - port->index = -1; -+ team_queue_override_port_refresh(team, port); - __team_adjust_ops(team, team->en_port_count - 1); - /* - * Wait until readers see adjusted ops. This ensures that -@@ -881,6 +999,7 @@ static int team_port_add(struct team *team, struct net_device *port_dev) - - port->dev = port_dev; - port->team = team; -+ INIT_LIST_HEAD(&port->qom_list); - - port->orig.mtu = port_dev->mtu; - err = dev_set_mtu(port_dev, dev->mtu); -@@ -1092,6 +1211,49 @@ static int team_user_linkup_en_option_set(struct team *team, - return 0; - } - -+static int team_priority_option_get(struct team *team, -+ struct team_gsetter_ctx *ctx) -+{ -+ struct team_port *port = ctx->info->port; -+ -+ ctx->data.s32_val = port->priority; -+ return 0; -+} -+ -+static int team_priority_option_set(struct team *team, -+ struct team_gsetter_ctx *ctx) -+{ -+ struct team_port *port = ctx->info->port; -+ -+ port->priority = ctx->data.s32_val; -+ team_queue_override_port_refresh(team, port); -+ return 0; -+} -+ -+static int team_queue_id_option_get(struct team *team, -+ struct team_gsetter_ctx *ctx) -+{ -+ struct team_port *port = ctx->info->port; -+ -+ ctx->data.u32_val = port->queue_id; -+ return 0; -+} -+ -+static int team_queue_id_option_set(struct team *team, -+ struct team_gsetter_ctx *ctx) -+{ -+ struct team_port *port = ctx->info->port; -+ -+ if (port->queue_id == ctx->data.u32_val) -+ return 0; -+ if (ctx->data.u32_val >= team->dev->real_num_tx_queues) -+ return -EINVAL; -+ port->queue_id = ctx->data.u32_val; -+ team_queue_override_port_refresh(team, port); -+ return 0; -+} -+ -+ - static const struct team_option team_options[] = { - { - .name = "mode", -@@ -1120,6 +1282,20 @@ static const struct team_option team_options[] = { - .getter = team_user_linkup_en_option_get, - .setter = team_user_linkup_en_option_set, - }, -+ { -+ .name = "priority", -+ .type = TEAM_OPTION_TYPE_S32, -+ .per_port = true, -+ .getter = team_priority_option_get, -+ .setter = team_priority_option_set, -+ }, -+ { -+ .name = "queue_id", -+ .type = TEAM_OPTION_TYPE_U32, -+ .per_port = true, -+ .getter = team_queue_id_option_get, -+ .setter = team_queue_id_option_set, -+ }, - }; - - static struct lock_class_key team_netdev_xmit_lock_key; -@@ -1155,6 +1331,9 @@ static int team_init(struct net_device *dev) - for (i = 0; i < TEAM_PORT_HASHENTRIES; i++) - INIT_HLIST_HEAD(&team->en_port_hlist[i]); - INIT_LIST_HEAD(&team->port_list); -+ err = team_queue_override_init(team); -+ if (err) -+ goto err_team_queue_override_init; - - team_adjust_ops(team); - -@@ -1170,6 +1349,8 @@ static int team_init(struct net_device *dev) - return 0; - - err_options_register: -+ team_queue_override_fini(team); -+err_team_queue_override_init: - free_percpu(team->pcpu_stats); - - return err; -@@ -1187,6 +1368,7 @@ static void team_uninit(struct net_device *dev) - - __team_change_mode(team, NULL); /* cleanup */ - __team_options_unregister(team, team_options, ARRAY_SIZE(team_options)); -+ team_queue_override_fini(team); - mutex_unlock(&team->lock); - } - -@@ -1216,10 +1398,12 @@ static int team_close(struct net_device *dev) - static netdev_tx_t team_xmit(struct sk_buff *skb, struct net_device *dev) - { - struct team *team = netdev_priv(dev); -- bool tx_success = false; -+ bool tx_success; - unsigned int len = skb->len; - -- tx_success = team->ops.transmit(team, skb); -+ tx_success = team_queue_override_transmit(team, skb); -+ if (!tx_success) -+ tx_success = team->ops.transmit(team, skb); - if (tx_success) { - struct team_pcpu_stats *pcpu_stats; - -@@ -1787,6 +1971,12 @@ static int team_nl_fill_one_option_get(struct sk_buff *skb, struct team *team, - nla_put_flag(skb, TEAM_ATTR_OPTION_DATA)) - goto nest_cancel; - break; -+ case TEAM_OPTION_TYPE_S32: -+ if (nla_put_u8(skb, TEAM_ATTR_OPTION_TYPE, NLA_S32)) -+ goto nest_cancel; -+ if (nla_put_s32(skb, TEAM_ATTR_OPTION_DATA, ctx.data.s32_val)) -+ goto nest_cancel; -+ break; - default: - BUG(); - } -@@ -1975,6 +2165,9 @@ static int team_nl_cmd_options_set(struct sk_buff *skb, struct genl_info *info) - case NLA_FLAG: - opt_type = TEAM_OPTION_TYPE_BOOL; - break; -+ case NLA_S32: -+ opt_type = TEAM_OPTION_TYPE_S32; -+ break; - default: - goto team_put; - } -@@ -2031,6 +2224,9 @@ static int team_nl_cmd_options_set(struct sk_buff *skb, struct genl_info *info) - case TEAM_OPTION_TYPE_BOOL: - ctx.data.bool_val = attr_data ? true : false; - break; -+ case TEAM_OPTION_TYPE_S32: -+ ctx.data.s32_val = nla_get_s32(attr_data); -+ break; - default: - BUG(); - } -diff --git a/include/linux/if_team.h b/include/linux/if_team.h -index 6960fc1..33fcc20 100644 ---- a/include/linux/if_team.h -+++ b/include/linux/if_team.h -@@ -67,6 +67,9 @@ struct team_port { - struct netpoll *np; - #endif - -+ s32 priority; /* lower number ~ higher priority */ -+ u16 queue_id; -+ struct list_head qom_list; /* node in queue override mapping list */ - long mode_priv[0]; - }; - -@@ -130,6 +133,7 @@ enum team_option_type { - TEAM_OPTION_TYPE_STRING, - TEAM_OPTION_TYPE_BINARY, - TEAM_OPTION_TYPE_BOOL, -+ TEAM_OPTION_TYPE_S32, - }; - - struct team_option_inst_info { -@@ -146,6 +150,7 @@ struct team_gsetter_ctx { - u32 len; - } bin_val; - bool bool_val; -+ s32 s32_val; - } data; - struct team_option_inst_info *info; - }; -@@ -197,6 +202,8 @@ struct team { - - const struct team_mode *mode; - struct team_mode_ops ops; -+ bool queue_override_enabled; -+ struct list_head *qom_lists; /* array of queue override mapping lists */ - long mode_priv[TEAM_MODE_PRIV_LONGS]; - }; - -diff --git a/include/net/netlink.h b/include/net/netlink.h -index 785f37a..09175d5 100644 ---- a/include/net/netlink.h -+++ b/include/net/netlink.h -@@ -98,6 +98,10 @@ - * nla_put_u16(skb, type, value) add u16 attribute to skb - * nla_put_u32(skb, type, value) add u32 attribute to skb - * nla_put_u64(skb, type, value) add u64 attribute to skb -+ * nla_put_s8(skb, type, value) add s8 attribute to skb -+ * nla_put_s16(skb, type, value) add s16 attribute to skb -+ * nla_put_s32(skb, type, value) add s32 attribute to skb -+ * nla_put_s64(skb, type, value) add s64 attribute to skb - * nla_put_string(skb, type, str) add string attribute to skb - * nla_put_flag(skb, type) add flag attribute to skb - * nla_put_msecs(skb, type, jiffies) add msecs attribute to skb -@@ -121,6 +125,10 @@ - * nla_get_u16(nla) get payload for a u16 attribute - * nla_get_u32(nla) get payload for a u32 attribute - * nla_get_u64(nla) get payload for a u64 attribute -+ * nla_get_s8(nla) get payload for a s8 attribute -+ * nla_get_s16(nla) get payload for a s16 attribute -+ * nla_get_s32(nla) get payload for a s32 attribute -+ * nla_get_s64(nla) get payload for a s64 attribute - * nla_get_flag(nla) return 1 if flag is true - * nla_get_msecs(nla) get payload for a msecs attribute - * -@@ -160,6 +168,10 @@ enum { - NLA_NESTED_COMPAT, - NLA_NUL_STRING, - NLA_BINARY, -+ NLA_S8, -+ NLA_S16, -+ NLA_S32, -+ NLA_S64, - __NLA_TYPE_MAX, - }; - -@@ -183,6 +195,8 @@ enum { - * NLA_NESTED_COMPAT Minimum length of structure payload - * NLA_U8, NLA_U16, - * NLA_U32, NLA_U64, -+ * NLA_S8, NLA_S16, -+ * NLA_S32, NLA_S64, - * NLA_MSECS Leaving the length field zero will verify the - * given type fits, using it verifies minimum length - * just like "All other" -@@ -879,6 +893,50 @@ static inline int nla_put_le64(struct sk_buff *skb, int attrtype, __le64 value) - } - - /** -+ * nla_put_s8 - Add a s8 netlink attribute to a socket buffer -+ * @skb: socket buffer to add attribute to -+ * @attrtype: attribute type -+ * @value: numeric value -+ */ -+static inline int nla_put_s8(struct sk_buff *skb, int attrtype, s8 value) -+{ -+ return nla_put(skb, attrtype, sizeof(s8), &value); -+} -+ -+/** -+ * nla_put_s16 - Add a s16 netlink attribute to a socket buffer -+ * @skb: socket buffer to add attribute to -+ * @attrtype: attribute type -+ * @value: numeric value -+ */ -+static inline int nla_put_s16(struct sk_buff *skb, int attrtype, s16 value) -+{ -+ return nla_put(skb, attrtype, sizeof(s16), &value); -+} -+ -+/** -+ * nla_put_s32 - Add a s32 netlink attribute to a socket buffer -+ * @skb: socket buffer to add attribute to -+ * @attrtype: attribute type -+ * @value: numeric value -+ */ -+static inline int nla_put_s32(struct sk_buff *skb, int attrtype, s32 value) -+{ -+ return nla_put(skb, attrtype, sizeof(s32), &value); -+} -+ -+/** -+ * nla_put_s64 - Add a s64 netlink attribute to a socket buffer -+ * @skb: socket buffer to add attribute to -+ * @attrtype: attribute type -+ * @value: numeric value -+ */ -+static inline int nla_put_s64(struct sk_buff *skb, int attrtype, s64 value) -+{ -+ return nla_put(skb, attrtype, sizeof(s64), &value); -+} -+ -+/** - * nla_put_string - Add a string netlink attribute to a socket buffer - * @skb: socket buffer to add attribute to - * @attrtype: attribute type -@@ -994,6 +1052,46 @@ static inline __be64 nla_get_be64(const struct nlattr *nla) - } - - /** -+ * nla_get_s32 - return payload of s32 attribute -+ * @nla: s32 netlink attribute -+ */ -+static inline s32 nla_get_s32(const struct nlattr *nla) -+{ -+ return *(s32 *) nla_data(nla); -+} -+ -+/** -+ * nla_get_s16 - return payload of s16 attribute -+ * @nla: s16 netlink attribute -+ */ -+static inline s16 nla_get_s16(const struct nlattr *nla) -+{ -+ return *(s16 *) nla_data(nla); -+} -+ -+/** -+ * nla_get_s8 - return payload of s8 attribute -+ * @nla: s8 netlink attribute -+ */ -+static inline s8 nla_get_s8(const struct nlattr *nla) -+{ -+ return *(s8 *) nla_data(nla); -+} -+ -+/** -+ * nla_get_s64 - return payload of s64 attribute -+ * @nla: s64 netlink attribute -+ */ -+static inline s64 nla_get_s64(const struct nlattr *nla) -+{ -+ s64 tmp; -+ -+ nla_memcpy(&tmp, nla, sizeof(tmp)); -+ -+ return tmp; -+} -+ -+/** - * nla_get_flag - return payload of flag attribute - * @nla: flag netlink attribute - */ - diff --git a/tmpfs-fix-use-after-free-of-mempolicy-object.patch b/tmpfs-fix-use-after-free-of-mempolicy-object.patch new file mode 100644 index 000000000..56dbf8e80 --- /dev/null +++ b/tmpfs-fix-use-after-free-of-mempolicy-object.patch @@ -0,0 +1,107 @@ +From 5f00110f7273f9ff04ac69a5f85bb535a4fd0987 Mon Sep 17 00:00:00 2001 +From: Greg Thelen +Date: Fri, 22 Feb 2013 16:36:01 -0800 +Subject: [PATCH] tmpfs: fix use-after-free of mempolicy object + +The tmpfs remount logic preserves filesystem mempolicy if the mpol=M +option is not specified in the remount request. A new policy can be +specified if mpol=M is given. + +Before this patch remounting an mpol bound tmpfs without specifying +mpol= mount option in the remount request would set the filesystem's +mempolicy object to a freed mempolicy object. + +To reproduce the problem boot a DEBUG_PAGEALLOC kernel and run: + # mkdir /tmp/x + + # mount -t tmpfs -o size=100M,mpol=interleave nodev /tmp/x + + # grep /tmp/x /proc/mounts + nodev /tmp/x tmpfs rw,relatime,size=102400k,mpol=interleave:0-3 0 0 + + # mount -o remount,size=200M nodev /tmp/x + + # grep /tmp/x /proc/mounts + nodev /tmp/x tmpfs rw,relatime,size=204800k,mpol=??? 0 0 + # note ? garbage in mpol=... output above + + # dd if=/dev/zero of=/tmp/x/f count=1 + # panic here + +Panic: + BUG: unable to handle kernel NULL pointer dereference at (null) + IP: [< (null)>] (null) + [...] + Oops: 0010 [#1] SMP DEBUG_PAGEALLOC + Call Trace: + mpol_shared_policy_init+0xa5/0x160 + shmem_get_inode+0x209/0x270 + shmem_mknod+0x3e/0xf0 + shmem_create+0x18/0x20 + vfs_create+0xb5/0x130 + do_last+0x9a1/0xea0 + path_openat+0xb3/0x4d0 + do_filp_open+0x42/0xa0 + do_sys_open+0xfe/0x1e0 + compat_sys_open+0x1b/0x20 + cstar_dispatch+0x7/0x1f + +Non-debug kernels will not crash immediately because referencing the +dangling mpol will not cause a fault. Instead the filesystem will +reference a freed mempolicy object, which will cause unpredictable +behavior. + +The problem boils down to a dropped mpol reference below if +shmem_parse_options() does not allocate a new mpol: + + config = *sbinfo + shmem_parse_options(data, &config, true) + mpol_put(sbinfo->mpol) + sbinfo->mpol = config.mpol /* BUG: saves unreferenced mpol */ + +This patch avoids the crash by not releasing the mempolicy if +shmem_parse_options() doesn't create a new mpol. + +How far back does this issue go? I see it in both 2.6.36 and 3.3. I did +not look back further. + +Signed-off-by: Greg Thelen +Acked-by: Hugh Dickins +Cc: +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +--- + mm/shmem.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/mm/shmem.c b/mm/shmem.c +index 7162c58..5e2ff59 100644 +--- a/mm/shmem.c ++++ b/mm/shmem.c +@@ -2486,6 +2486,7 @@ static int shmem_remount_fs(struct super_block *sb, int *flags, char *data) + unsigned long inodes; + int error = -EINVAL; + ++ config.mpol = NULL; + if (shmem_parse_options(data, &config, true)) + return error; + +@@ -2510,8 +2511,13 @@ static int shmem_remount_fs(struct super_block *sb, int *flags, char *data) + sbinfo->max_inodes = config.max_inodes; + sbinfo->free_inodes = config.max_inodes - inodes; + +- mpol_put(sbinfo->mpol); +- sbinfo->mpol = config.mpol; /* transfers initial ref */ ++ /* ++ * Preserve previous mempolicy unless mpol remount option was specified. ++ */ ++ if (config.mpol) { ++ mpol_put(sbinfo->mpol); ++ sbinfo->mpol = config.mpol; /* transfers initial ref */ ++ } + out: + spin_unlock(&sbinfo->stat_lock); + return error; +-- +1.8.1.2 + diff --git a/unhandled-irqs-switch-to-polling.patch b/unhandled-irqs-switch-to-polling.patch deleted file mode 100644 index 0fc4d080e..000000000 --- a/unhandled-irqs-switch-to-polling.patch +++ /dev/null @@ -1,245 +0,0 @@ -From f9b32cd97783f2be14386f1347439e86109050b9 Mon Sep 17 00:00:00 2001 -From: Jeroen Van den Keybus -Date: Mon, 30 Jan 2012 22:37:28 +0100 -Subject: [PATCH] Unhandled IRQs on AMD E-450: temporarily switch to - low-performance polling IRQ mode - -It seems that some motherboard designs using the ASM1083 PCI/PCIe -bridge (PCI device ID 1b21:1080, Rev. 01) suffer from stuck IRQ lines -on the PCI bus (causing the kernel to emit 'IRQxx: nobody cared' and -disable the IRQ). The following patch is an attempt to mitigate the -serious impact of permanently disabling an IRQ in that case and -actually make PCI devices better usable on this platform. - -It seems that the bridge fails to issue a IRQ deassertion message on -the PCIe bus, when the relevant driver causes the interrupting PCI -device to deassert its IRQ line. To solve this issue, it was tried to -re-issue an IRQ on a PCI device being able to do so (e1000 in this -case), but we suspect that the attempt to re-assert/deassert may have -occurred too soon after the initial IRQ for the ASM1083. Anyway, it -didn't work but if, after some delay, a new IRQ occurred, the related -IRQ deassertion message eventually did clear the IOAPIC IRQ. It would -be useful to re-enable the IRQ here. - -Therefore the patch below to poll_spurious_irqs() in spurious.c is -proposed, It does the following: - -1. lets the kernel decide that an IRQ is unhandled after only 10 -positives (instead of 100,000); -2. briefly (a few seconds or so, currently 1 s) switches to polling -IRQ at a higher rate than usual (100..1,000Hz instead of 10Hz, -currently 100Hz), but not too high to avoid excessive CPU load. Any -device drivers 'see' their interrupts handled with a higher latency -than usual, but they will still operate properly; -3. afterwards, simply reenable the IRQ. - -If proper operation of the PCIe legacy IRQ line emulation is restored -after 3, the system operates again at normal performance. If the IRQ -is still stuck after this procedure, the sequence repeats. - -If a genuinely stuck IRQ is used with this solution, the system would -simply sustain short bursts of 10 unhandled IRQs per second, and use -polling mode indefinitely at a moderate 100Hz rate. It seemed a good -alternative to the default irqpoll behaviour to me, which is why I -left it in poll_spurious_irqs() (instead of creating a new kernel -option). Additionally, if any device happens to share an IRQ with a -faulty one, that device is no longer banned forever. - -Debugging output is still present and may be removed. Bad IRQ -reporting is also commented out now. - -I have now tried it for about 2 months and I can conclude the following: - -1. The patch works and, judging from my Firewire card interrupt on -IRQ16, which repeats every 64 secs, I can confirm that the IRQ usually -gets reset when a new IRQ arrives (polling mode runs for 64 seconds -every time). -2. When testing a SiL-3114 SATA PCI card behind the ASM1083, I could -keep this running at fairly high speeds (50..70MB/s) for an hour or -so, but eventually the SiL driver crashed. In such conditions the PCI -system had to deal with a few hundred IRQs per second / polling mode -kicking in every 5..10 seconds). - -I would like to thank Clemens Ladisch for his invaluable help in -finding a solution (and providing a patch to avoid my SATA going down -every time during debugging). - -Signed-off-by: Jeroen Van den Keybus - -Make it less chatty. Only kick it in if we detect an ASM1083 PCI bridge. -Fix logic error due to lack of braces - -Josh Boyer -====== ---- - drivers/pci/quirks.c | 16 +++++++++++ - kernel/irq/spurious.c | 73 +++++++++++++++++++++++++++++++++++++++--------- - 2 files changed, 75 insertions(+), 14 deletions(-) - -diff --git a/drivers/pci/quirks.c b/drivers/pci/quirks.c -index 78fda9c..6ba5dbf 100644 ---- a/drivers/pci/quirks.c -+++ b/drivers/pci/quirks.c -@@ -1677,6 +1677,22 @@ DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_INTEL, 0x2609, quirk_intel_pcie_pm); - DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_INTEL, 0x260a, quirk_intel_pcie_pm); - DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_INTEL, 0x260b, quirk_intel_pcie_pm); - -+/* ASM108x transparent PCI bridges apparently have broken IRQ deassert -+ * handling. This causes interrupts to get "stuck" and eventually disabled. -+ * However, the interrupts are often shared and disabling them is fairly bad. -+ * It's been somewhat successful to switch to polling mode and retry after -+ * a bit, so let's do that. -+ */ -+extern int irq_poll_and_retry; -+static void quirk_asm108x_poll_interrupts(struct pci_dev *dev) -+{ -+ dev_info(&dev->dev, "Buggy bridge found [%04x:%04x]\n", -+ dev->vendor, dev->device); -+ dev_info(&dev->dev, "Stuck interrupts will be polled and retried\n"); -+ irq_poll_and_retry = 1; -+} -+DECLARE_PCI_FIXUP_EARLY(PCI_VENDOR_ID_ASMEDIA, 0x1080, quirk_asm108x_poll_interrupts); -+ - #ifdef CONFIG_X86_IO_APIC - /* - * Boot interrupts on some chipsets cannot be turned off. For these chipsets, -diff --git a/kernel/irq/spurious.c b/kernel/irq/spurious.c -index 611cd60..f722eb6 100644 ---- a/kernel/irq/spurious.c -+++ b/kernel/irq/spurious.c -@@ -18,6 +18,8 @@ - - static int irqfixup __read_mostly; - -+int irq_poll_and_retry = 0; -+ - #define POLL_SPURIOUS_IRQ_INTERVAL (HZ/10) - static void poll_spurious_irqs(unsigned long dummy); - static DEFINE_TIMER(poll_spurious_irq_timer, poll_spurious_irqs, 0, 0); -@@ -141,12 +143,13 @@ out: - static void poll_spurious_irqs(unsigned long dummy) - { - struct irq_desc *desc; -- int i; -+ int i, poll_again; - - if (atomic_inc_return(&irq_poll_active) != 1) - goto out; - irq_poll_cpu = smp_processor_id(); - -+ poll_again = 0; /* Will stay false as long as no polling candidate is found */ - for_each_irq_desc(i, desc) { - unsigned int state; - -@@ -159,14 +162,33 @@ static void poll_spurious_irqs(unsigned long dummy) - if (!(state & IRQS_SPURIOUS_DISABLED)) - continue; - -- local_irq_disable(); -- try_one_irq(i, desc, true); -- local_irq_enable(); -+ /* We end up here with a disabled spurious interrupt. -+ desc->irqs_unhandled now tracks the number of times -+ the interrupt has been polled */ -+ if (irq_poll_and_retry) { -+ if (desc->irqs_unhandled < 100) { /* 1 second delay with poll frequency 100 Hz */ -+ local_irq_disable(); -+ try_one_irq(i, desc, true); -+ local_irq_enable(); -+ desc->irqs_unhandled++; -+ poll_again = 1; -+ } else { -+ irq_enable(desc); /* Reenable the interrupt line */ -+ desc->depth--; -+ desc->istate &= (~IRQS_SPURIOUS_DISABLED); -+ desc->irqs_unhandled = 0; -+ } -+ } else { -+ local_irq_disable(); -+ try_one_irq(i, desc, true); -+ local_irq_enable(); -+ } - } -+ if (poll_again) -+ mod_timer(&poll_spurious_irq_timer, -+ jiffies + POLL_SPURIOUS_IRQ_INTERVAL); - out: - atomic_dec(&irq_poll_active); -- mod_timer(&poll_spurious_irq_timer, -- jiffies + POLL_SPURIOUS_IRQ_INTERVAL); - } - - static inline int bad_action_ret(irqreturn_t action_ret) -@@ -177,11 +199,19 @@ static inline int bad_action_ret(irqreturn_t action_ret) - } - - /* -- * If 99,900 of the previous 100,000 interrupts have not been handled -+ * If 9 of the previous 10 interrupts have not been handled - * then assume that the IRQ is stuck in some manner. Drop a diagnostic - * and try to turn the IRQ off. - * -- * (The other 100-of-100,000 interrupts may have been a correctly -+ * Although this may cause early deactivation of a sporadically -+ * malfunctioning IRQ line, the poll system will: -+ * a) Poll it for 100 cycles at a 100 Hz rate -+ * b) Reenable it afterwards -+ * -+ * In worst case, with current settings, this will cause short bursts -+ * of 10 interrupts every second. -+ * -+ * (The other single interrupt may have been a correctly - * functioning device sharing an IRQ with the failing one) - */ - static void -@@ -269,6 +299,8 @@ try_misrouted_irq(unsigned int irq, struct irq_desc *desc, - void note_interrupt(unsigned int irq, struct irq_desc *desc, - irqreturn_t action_ret) - { -+ int unhandled_thresh = 999000; -+ - if (desc->istate & IRQS_POLL_INPROGRESS) - return; - -@@ -302,19 +334,32 @@ void note_interrupt(unsigned int irq, struct irq_desc *desc, - } - - desc->irq_count++; -- if (likely(desc->irq_count < 100000)) -- return; -+ if (!irq_poll_and_retry) { -+ if (likely(desc->irq_count < 100000)) -+ return; -+ } else { -+ if (likely(desc->irq_count < 10)) -+ return; -+ } - - desc->irq_count = 0; -- if (unlikely(desc->irqs_unhandled > 99900)) { -+ if (irq_poll_and_retry) -+ unhandled_thresh = 9; -+ -+ if (unlikely(desc->irqs_unhandled >= unhandled_thresh)) { - /* -- * The interrupt is stuck -+ * The interrupt might be stuck - */ -- __report_bad_irq(irq, desc, action_ret); -+ if (!irq_poll_and_retry) { -+ __report_bad_irq(irq, desc, action_ret); -+ printk(KERN_EMERG "Disabling IRQ %d\n", irq); -+ } else { -+ printk(KERN_INFO "IRQ %d might be stuck. Polling\n", -+ irq); -+ } - /* - * Now kill the IRQ - */ -- printk(KERN_EMERG "Disabling IRQ #%d\n", irq); - desc->istate |= IRQS_SPURIOUS_DISABLED; - desc->depth++; - irq_disable(desc); --- -1.7.7.6 - diff --git a/linux-2.6-upstream-reverts.patch b/upstream-reverts.patch similarity index 100% rename from linux-2.6-upstream-reverts.patch rename to upstream-reverts.patch diff --git a/usbnet-fix-status-interrupt-urb-handling.patch b/usbnet-fix-status-interrupt-urb-handling.patch new file mode 100644 index 000000000..74bf3978d --- /dev/null +++ b/usbnet-fix-status-interrupt-urb-handling.patch @@ -0,0 +1,37 @@ +From 52f48d0d9aaa621ffa5e08d79da99a3f8c93b848 Mon Sep 17 00:00:00 2001 +From: Felix Fietkau +Date: Tue, 12 Nov 2013 16:34:41 +0100 +Subject: [PATCH] usbnet: fix status interrupt urb handling + +Since commit 7b0c5f21f348a66de495868b8df0284e8dfd6bbf +"sierra_net: keep status interrupt URB active", sierra_net triggers +status interrupt polling before the net_device is opened (in order to +properly receive the sync message response). + +To be able to receive further interrupts, the interrupt urb needs to be +re-submitted, so this patch removes the bogus check for netif_running(). + +Signed-off-by: Felix Fietkau +Tested-by: Dan Williams +Signed-off-by: David S. Miller +--- + drivers/net/usb/usbnet.c | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/drivers/net/usb/usbnet.c b/drivers/net/usb/usbnet.c +index 90a429b..8494bb5 100644 +--- a/drivers/net/usb/usbnet.c ++++ b/drivers/net/usb/usbnet.c +@@ -204,9 +204,6 @@ static void intr_complete (struct urb *urb) + break; + } + +- if (!netif_running (dev->net)) +- return; +- + status = usb_submit_urb (urb, GFP_ATOMIC); + if (status != 0) + netif_err(dev, timer, dev->net, +-- +1.8.3.1 + diff --git a/uvcvideo-Reset-bytesused-field-when-recycling-erroneous-buffer.patch b/uvcvideo-Reset-bytesused-field-when-recycling-erroneous-buffer.patch deleted file mode 100644 index 6606b7d3d..000000000 --- a/uvcvideo-Reset-bytesused-field-when-recycling-erroneous-buffer.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 3771973542a4807b251352253ed22c50e688e573 Mon Sep 17 00:00:00 2001 -From: Jayakrishnan Memana -Date: Sun, 15 Jul 2012 15:54:03 +0200 -Subject: [PATCH] uvcvideo: Reset the bytesused field when recycling an erroneous buffer - -Buffers marked as erroneous are recycled immediately by the driver if -the nodrop module parameter isn't set. The buffer payload size is reset -to 0, but the buffer bytesused field isn't. This results in the buffer -being immediately considered as complete, leading to an infinite loop in -interrupt context. - -Fix the problem by resetting the bytesused field when recycling the -buffer. - -Cc: -Signed-off-by: Jayakrishnan Memana -Signed-off-by: Laurent Pinchart ---- - drivers/media/video/uvc/uvc_queue.c | 1 + - 1 files changed, 1 insertions(+), 0 deletions(-) - -diff --git a/drivers/media/video/uvc/uvc_queue.c b/drivers/media/video/uvc/uvc_queue.c -index 9288fbd..5577381 100644 ---- a/drivers/media/video/uvc/uvc_queue.c -+++ b/drivers/media/video/uvc/uvc_queue.c -@@ -338,6 +338,7 @@ struct uvc_buffer *uvc_queue_next_buffer(struct uvc_video_queue *queue, - if ((queue->flags & UVC_QUEUE_DROP_CORRUPTED) && buf->error) { - buf->error = 0; - buf->state = UVC_BUF_STATE_QUEUED; -+ buf->bytesused = 0; - vb2_set_plane_payload(&buf->buf, 0, 0); - return buf; - } --- -1.7.2.5 - diff --git a/linux-2.6-v4l-dvb-experimental.patch b/v4l-dvb-experimental.patch similarity index 100% rename from linux-2.6-v4l-dvb-experimental.patch rename to v4l-dvb-experimental.patch diff --git a/linux-2.6-v4l-dvb-fixes.patch b/v4l-dvb-fixes.patch similarity index 100% rename from linux-2.6-v4l-dvb-fixes.patch rename to v4l-dvb-fixes.patch diff --git a/linux-2.6-v4l-dvb-update.patch b/v4l-dvb-update.patch similarity index 100% rename from linux-2.6-v4l-dvb-update.patch rename to v4l-dvb-update.patch diff --git a/vfio-iommu-Fixed-interaction-of-VFIO_IOMMU_MAP_DMA.patch b/vfio-iommu-Fixed-interaction-of-VFIO_IOMMU_MAP_DMA.patch new file mode 100644 index 000000000..0b5fa8a7a --- /dev/null +++ b/vfio-iommu-Fixed-interaction-of-VFIO_IOMMU_MAP_DMA.patch @@ -0,0 +1,39 @@ +From: Julian Stecklina +Subject: [PATCH] vfio, iommu: Fixed interaction of VFIO_IOMMU_MAP_DMA with IOMMU address limits + +The BUG_ON in drivers/iommu/intel-iommu.c:785 can be triggered from userspace via +VFIO by calling the VFIO_IOMMU_MAP_DMA ioctl on a vfio device with any address +beyond the addressing capabilities of the IOMMU. The problem is that the ioctl code +calls iommu_iova_to_phys before it calls iommu_map. iommu_map handles the case that +it gets addresses beyond the addressing capabilities of its IOMMU. +intel_iommu_iova_to_phys does not. + +This patch fixes iommu_iova_to_phys to return NULL for addresses beyond what the +IOMMU can handle. This in turn causes the ioctl call to fail in iommu_map and +(correctly) return EFAULT to the user with a helpful warning message in the kernel +log. + +Signed-off-by: Julian Stecklina +--- + drivers/iommu/intel-iommu.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/drivers/iommu/intel-iommu.c b/drivers/iommu/intel-iommu.c +index eec0d3e..61303db 100644 +--- a/drivers/iommu/intel-iommu.c ++++ b/drivers/iommu/intel-iommu.c +@@ -782,7 +782,11 @@ static struct dma_pte *pfn_to_dma_pte(struct dmar_domain *domain, + int offset; + + BUG_ON(!domain->pgd); +- BUG_ON(addr_width < BITS_PER_LONG && pfn >> addr_width); ++ ++ if (addr_width < BITS_PER_LONG && pfn >> addr_width) ++ /* Address beyond IOMMU's addressing capabilities. */ ++ return NULL; ++ + parent = domain->pgd; + + while (level > 0) { +-- +1.8.3.1 diff --git a/vfs-fix-file-creation-bugs.patch b/vfs-fix-file-creation-bugs.patch deleted file mode 100644 index b4e621645..000000000 --- a/vfs-fix-file-creation-bugs.patch +++ /dev/null @@ -1,393 +0,0 @@ -Path: news.gmane.org!not-for-mail -From: Miklos Szeredi -Newsgroups: gmane.linux.kernel,gmane.linux.file-systems,gmane.linux.kernel.stable -Subject: [PATCH 1/4] vfs: canonicalize create mode in build_open_flags() -Date: Tue, 7 Aug 2012 14:45:46 +0200 -Lines: 37 -Approved: news@gmane.org -Message-ID: <1344343549-11887-2-git-send-email-miklos@szeredi.hu> -References: <1344343549-11887-1-git-send-email-miklos@szeredi.hu> -NNTP-Posting-Host: plane.gmane.org -X-Trace: dough.gmane.org 1344343547 29032 80.91.229.3 (7 Aug 2012 12:45:47 GMT) -X-Complaints-To: usenet@dough.gmane.org -NNTP-Posting-Date: Tue, 7 Aug 2012 12:45:47 +0000 (UTC) -Cc: linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, - rjones@redhat.com, steveamigauk@yahoo.co.uk, mszeredi@suse.cz, - stable@vger.kernel.org -To: viro@ZenIV.linux.org.uk -Original-X-From: linux-kernel-owner@vger.kernel.org Tue Aug 07 14:45:47 2012 -Return-path: -Envelope-to: glk-linux-kernel-3@plane.gmane.org -Original-Received: from vger.kernel.org ([209.132.180.67]) - by plane.gmane.org with esmtp (Exim 4.69) - (envelope-from ) - id 1SyjAQ-0007sm-7c - for glk-linux-kernel-3@plane.gmane.org; Tue, 07 Aug 2012 14:45:46 +0200 -Original-Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand - id S1754555Ab2HGMpi (ORCPT ); - Tue, 7 Aug 2012 08:45:38 -0400 -Original-Received: from mail-we0-f174.google.com ([74.125.82.174]:58092 "EHLO - mail-we0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org - with ESMTP id S1754305Ab2HGMoe (ORCPT - ); - Tue, 7 Aug 2012 08:44:34 -0400 -Original-Received: by weyx8 with SMTP id x8so2645788wey.19 - for ; Tue, 07 Aug 2012 05:44:32 -0700 (PDT) -DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; - d=szeredi.hu; s=google; - h=from:to:cc:subject:date:message-id:x-mailer:in-reply-to:references; - bh=1qjbKUe4PMMa48XDr0iiAZbSQDjKIFlASvIcoWSByLY=; - b=Btq8S/0RNrAMDqIuqkWxTXUBX1CBdRNl9d47rqc2ZXzMxnyHfqOTM+/GYZBQkM5Fm7 - W11AcmLVTWQ6e6Av98QIpw4aiC35KI1NQwyEGs3+QmzJE+nO706XT4QK+TW7ynd6Rssq - UC+GVbxB6Ix7QdVmtgZO6EfXEJ4sxLMqeatuc= -X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; - d=google.com; s=20120113; - h=from:to:cc:subject:date:message-id:x-mailer:in-reply-to:references - :x-gm-message-state; - bh=1qjbKUe4PMMa48XDr0iiAZbSQDjKIFlASvIcoWSByLY=; - b=LNbJeP9fTZ3nOJiZO4BWNTuTQ5G5tmcNb1TwWGPxerdYqKYQTyEop2fUJPOQBftC5R - t34Oi+kpvLRUhjyAAkTefiqaNupAQVXdg2kV2PgRYWDjFR9acKHnmzhbEsozi98G+Xp/ - UsERBlNsx3CYLBhuuWK70HIZ8Zp1Pg8YzhhmXO2sW4bGDRa8/ZCeTTmJ5owb7zuZugAT - I+blTuEakAco+9SubhMh9XR0T3us/2LcUxv0KIA0GK/CzBlig5iBTFH1IU9EhS6ZkBpL - rRsM1o14L6POmPxH9J5GolEUjCBfBet54Y0pPp8hytWrOGCz7cbejS++c4/Lu8mOvQfS - FgXw== -Original-Received: by 10.216.54.146 with SMTP id i18mr7274525wec.187.1344343472653; - Tue, 07 Aug 2012 05:44:32 -0700 (PDT) -Original-Received: from localhost.localdomain (77-234-87-236.pool.digikabel.hu. [77.234.87.236]) - by mx.google.com with ESMTPS id b7sm31225742wiz.9.2012.08.07.05.44.30 - (version=TLSv1/SSLv3 cipher=OTHER); - Tue, 07 Aug 2012 05:44:31 -0700 (PDT) -X-Mailer: git-send-email 1.7.7 -In-Reply-To: <1344343549-11887-1-git-send-email-miklos@szeredi.hu> -X-Gm-Message-State: ALoCoQlBs8Zo4YKrYg/AUMfG82CQVVCikUAknZuRKPe9oykBM4fMvZfn22FIif3NtkSoDwAQss82 -Original-Sender: linux-kernel-owner@vger.kernel.org -Precedence: bulk -List-ID: -X-Mailing-List: linux-kernel@vger.kernel.org -Xref: news.gmane.org gmane.linux.kernel:1339000 gmane.linux.file-systems:66449 gmane.linux.kernel.stable:29234 -Archived-At: - -From: Miklos Szeredi - -Userspace can pass weird create mode in open(2) that we canonicalize to -"(mode & S_IALLUGO) | S_IFREG" in vfs_create(). - -The problem is that we use the uncanonicalized mode before calling vfs_create() -with unforseen consequences. - -So do the canonicalization early in build_open_flags(). - -Signed-off-by: Miklos Szeredi -CC: stable@vger.kernel.org ---- - fs/open.c | 7 ++++--- - 1 files changed, 4 insertions(+), 3 deletions(-) - -diff --git a/fs/open.c b/fs/open.c -index bc132e1..e1f2cdb 100644 ---- a/fs/open.c -+++ b/fs/open.c -@@ -852,9 +852,10 @@ static inline int build_open_flags(int flags, umode_t mode, struct open_flags *o - int lookup_flags = 0; - int acc_mode; - -- if (!(flags & O_CREAT)) -- mode = 0; -- op->mode = mode; -+ if (flags & O_CREAT) -+ op->mode = (mode & S_IALLUGO) | S_IFREG; -+ else -+ op->mode = 0; - - /* Must never be set by userspace */ - flags &= ~FMODE_NONOTIFY; --- -1.7.7 - -Path: news.gmane.org!not-for-mail -From: Miklos Szeredi -Newsgroups: gmane.linux.kernel,gmane.linux.file-systems -Subject: [PATCH 2/4] vfs: atomic_open(): fix create mode usage -Date: Tue, 7 Aug 2012 14:45:47 +0200 -Lines: 29 -Approved: news@gmane.org -Message-ID: <1344343549-11887-3-git-send-email-miklos@szeredi.hu> -References: <1344343549-11887-1-git-send-email-miklos@szeredi.hu> -NNTP-Posting-Host: plane.gmane.org -X-Trace: dough.gmane.org 1344343484 28394 80.91.229.3 (7 Aug 2012 12:44:44 GMT) -X-Complaints-To: usenet@dough.gmane.org -NNTP-Posting-Date: Tue, 7 Aug 2012 12:44:44 +0000 (UTC) -Cc: linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, - rjones@redhat.com, steveamigauk@yahoo.co.uk, mszeredi@suse.cz -To: viro@ZenIV.linux.org.uk -Original-X-From: linux-kernel-owner@vger.kernel.org Tue Aug 07 14:44:43 2012 -Return-path: -Envelope-to: glk-linux-kernel-3@plane.gmane.org -Original-Received: from vger.kernel.org ([209.132.180.67]) - by plane.gmane.org with esmtp (Exim 4.69) - (envelope-from ) - id 1Syj9O-0006lB-Q1 - for glk-linux-kernel-3@plane.gmane.org; Tue, 07 Aug 2012 14:44:43 +0200 -Original-Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand - id S1754569Ab2HGMoi (ORCPT ); - Tue, 7 Aug 2012 08:44:38 -0400 -Original-Received: from mail-we0-f174.google.com ([74.125.82.174]:42649 "EHLO - mail-we0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org - with ESMTP id S1754511Ab2HGMof (ORCPT - ); - Tue, 7 Aug 2012 08:44:35 -0400 -Original-Received: by mail-we0-f174.google.com with SMTP id x8so2645765wey.19 - for ; Tue, 07 Aug 2012 05:44:34 -0700 (PDT) -DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; - d=szeredi.hu; s=google; - h=from:to:cc:subject:date:message-id:x-mailer:in-reply-to:references; - bh=AdrwH4TefuleTVZB4XFHvywWtuGocoaapFFX4/PnPN0=; - b=ZSz4WBTINxIVhKr/eL2BAQWxfdNF5XH0PEKbSlALRQbOHT4yZ8w+3/NNDp8DjUhydl - vQQijSva0g32a2N3dORJtNjcoplZyqzo4SKSTBFbaUfXvlHIxJaOq0KcDSS5huMe/yk8 - XU1djDAt7kma9A3oTQh59ASLumUpCeVqOue6g= -X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; - d=google.com; s=20120113; - h=from:to:cc:subject:date:message-id:x-mailer:in-reply-to:references - :x-gm-message-state; - bh=AdrwH4TefuleTVZB4XFHvywWtuGocoaapFFX4/PnPN0=; - b=Js4PjFw+6ckXxUvsGO/Sz2QTTxEdZsRF4SvTScOgL6ugRFWnK+U/4t1c+rRfHkfDfD - i5G2afUaZB0JRnPIxmpSkly92cu/sI+fdeFDpuls3m5GPQ4CMmXHbl1Ev42BTqTB6y1G - UsXYw14QYf+XbnrJgJ1MKMX+hJlBMfyu8A3kh54RtJsBYBYd4u7vWnDKRhCGudhj9XGY - s19MCkfJDyhWl7k84NjzlLUEN1LLwFF+ZDd086+95BrtlO7ta35r7WjTrj7eIz/JQ2wf - RBmbh2SHh1BplRm20j0YRNvWvrUUn0CDwCOx2PpN+zQsMRmYwAMh/cfJHbrf6sEtWmDU - HPuQ== -Original-Received: by 10.180.83.106 with SMTP id p10mr27242596wiy.21.1344343474226; - Tue, 07 Aug 2012 05:44:34 -0700 (PDT) -Original-Received: from localhost.localdomain (77-234-87-236.pool.digikabel.hu. [77.234.87.236]) - by mx.google.com with ESMTPS id b7sm31225742wiz.9.2012.08.07.05.44.32 - (version=TLSv1/SSLv3 cipher=OTHER); - Tue, 07 Aug 2012 05:44:33 -0700 (PDT) -X-Mailer: git-send-email 1.7.7 -In-Reply-To: <1344343549-11887-1-git-send-email-miklos@szeredi.hu> -X-Gm-Message-State: ALoCoQn5VhymZvNT7mcpKezP10+ERZVrDOUy6d1v5xWL8OcMf7YtYh9K43mLEBvJE7elSPegM6gs -Original-Sender: linux-kernel-owner@vger.kernel.org -Precedence: bulk -List-ID: -X-Mailing-List: linux-kernel@vger.kernel.org -Xref: news.gmane.org gmane.linux.kernel:1338997 gmane.linux.file-systems:66446 -Archived-At: - -From: Miklos Szeredi - -Don't mask S_ISREG off the create mode before passing to ->atomic_open(). Other -methods (->create, ->mknod) also get the complete file mode and filesystems -expect it. - -Reported-by: Steve -Reported-by: Richard W.M. Jones -Signed-off-by: Miklos Szeredi ---- - fs/namei.c | 2 +- - 1 files changed, 1 insertions(+), 1 deletions(-) - -diff --git a/fs/namei.c b/fs/namei.c -index 1b46439..5bac1bb 100644 ---- a/fs/namei.c -+++ b/fs/namei.c -@@ -2414,7 +2414,7 @@ static int atomic_open(struct nameidata *nd, struct dentry *dentry, - goto out; - } - -- mode = op->mode & S_IALLUGO; -+ mode = op->mode; - if ((open_flag & O_CREAT) && !IS_POSIXACL(dir)) - mode &= ~current_umask(); - --- -1.7.7 - -Path: news.gmane.org!not-for-mail -From: Miklos Szeredi -Newsgroups: gmane.linux.kernel,gmane.linux.file-systems -Subject: [PATCH 3/4] vfs: pass right create mode to may_o_create() -Date: Tue, 7 Aug 2012 14:45:48 +0200 -Lines: 25 -Approved: news@gmane.org -Message-ID: <1344343549-11887-4-git-send-email-miklos@szeredi.hu> -References: <1344343549-11887-1-git-send-email-miklos@szeredi.hu> -NNTP-Posting-Host: plane.gmane.org -X-Trace: dough.gmane.org 1344343526 28841 80.91.229.3 (7 Aug 2012 12:45:26 GMT) -X-Complaints-To: usenet@dough.gmane.org -NNTP-Posting-Date: Tue, 7 Aug 2012 12:45:26 +0000 (UTC) -Cc: linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, - rjones@redhat.com, steveamigauk@yahoo.co.uk, mszeredi@suse.cz -To: viro@ZenIV.linux.org.uk -Original-X-From: linux-kernel-owner@vger.kernel.org Tue Aug 07 14:45:24 2012 -Return-path: -Envelope-to: glk-linux-kernel-3@plane.gmane.org -Original-Received: from vger.kernel.org ([209.132.180.67]) - by plane.gmane.org with esmtp (Exim 4.69) - (envelope-from ) - id 1Syj9z-0007QH-Q3 - for glk-linux-kernel-3@plane.gmane.org; Tue, 07 Aug 2012 14:45:20 +0200 -Original-Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand - id S1754608Ab2HGMpK (ORCPT ); - Tue, 7 Aug 2012 08:45:10 -0400 -Original-Received: from mail-we0-f174.google.com ([74.125.82.174]:58092 "EHLO - mail-we0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org - with ESMTP id S1754059Ab2HGMog (ORCPT - ); - Tue, 7 Aug 2012 08:44:36 -0400 -Original-Received: by mail-we0-f174.google.com with SMTP id x8so2645788wey.19 - for ; Tue, 07 Aug 2012 05:44:35 -0700 (PDT) -DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; - d=szeredi.hu; s=google; - h=from:to:cc:subject:date:message-id:x-mailer:in-reply-to:references; - bh=nl2pPzHwW8KM+I7iQTOh9PYtYJohI6BIhk/K8K5LBQo=; - b=LseVfH0Fqa0ZLiIt9+N/ozV8rHtd85QSg6ixoDjgzR5Mh28J5FMzUVGjcnJzGDrMqJ - iTGbA8CSMcE2WykswC+5rJUKFxPw9u7mjaPutqcV8aAc6Ii2i1D7oIUO7O6qhyiiPWnZ - 2fFGR2LPOOrPF/tzVZX/9Rcwc6nNJLdlr6PU0= -X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; - d=google.com; s=20120113; - h=from:to:cc:subject:date:message-id:x-mailer:in-reply-to:references - :x-gm-message-state; - bh=nl2pPzHwW8KM+I7iQTOh9PYtYJohI6BIhk/K8K5LBQo=; - b=MkUpj/XL8pOrHQYqjessDHSpc3Cn3OK8rTtvlzSLRA7ktxqXk1w4mVGrI3SVSrat+V - eu5OziG+pXw/+SVENp5VBksJuvbeq791pBjXINPJLh/Wv4c3kRCHyymT5lIDam24tBJQ - xgvurY4/P9r5vfxHQiG6/SOltCvldN+QyHeXDfEwlvxr4GDovGJ0VvUp3t70oCPh6TnQ - w8XhnTrnaa02wThfpz7RYtCIxyDMAnZTX6vxKlzURVxcdmVjMu4kPA8CMWgizOi/S9l0 - 6ZDGhqqY0jdtbdncf6MkL25vulJvCF5Uf4WfyR8+REGS5f8V8sMWFFurp1S2LYEdLJ5o - 7WtQ== -Original-Received: by 10.180.20.11 with SMTP id j11mr27275578wie.12.1344343475796; - Tue, 07 Aug 2012 05:44:35 -0700 (PDT) -Original-Received: from localhost.localdomain (77-234-87-236.pool.digikabel.hu. [77.234.87.236]) - by mx.google.com with ESMTPS id b7sm31225742wiz.9.2012.08.07.05.44.34 - (version=TLSv1/SSLv3 cipher=OTHER); - Tue, 07 Aug 2012 05:44:35 -0700 (PDT) -X-Mailer: git-send-email 1.7.7 -In-Reply-To: <1344343549-11887-1-git-send-email-miklos@szeredi.hu> -X-Gm-Message-State: ALoCoQkO1sLF/IsgU7JMCP9gmfCSYZh8gUPun3lkVeiAXebgfb+UIaib3NfgHI+ihXW0gPxiVeOq -Original-Sender: linux-kernel-owner@vger.kernel.org -Precedence: bulk -List-ID: -X-Mailing-List: linux-kernel@vger.kernel.org -Xref: news.gmane.org gmane.linux.kernel:1338999 gmane.linux.file-systems:66448 -Archived-At: - -From: Miklos Szeredi - -Pass the umask-ed create mode to may_o_create() instead of the original one. - -Signed-off-by: Miklos Szeredi ---- - fs/namei.c | 2 +- - 1 files changed, 1 insertions(+), 1 deletions(-) - -diff --git a/fs/namei.c b/fs/namei.c -index 5bac1bb..26c28ec 100644 ---- a/fs/namei.c -+++ b/fs/namei.c -@@ -2452,7 +2452,7 @@ static int atomic_open(struct nameidata *nd, struct dentry *dentry, - } - - if (open_flag & O_CREAT) { -- error = may_o_create(&nd->path, dentry, op->mode); -+ error = may_o_create(&nd->path, dentry, mode); - if (error) { - create_error = error; - if (open_flag & O_EXCL) --- -1.7.7 - -Path: news.gmane.org!not-for-mail -From: Miklos Szeredi -Newsgroups: gmane.linux.kernel,gmane.linux.file-systems -Subject: [PATCH 4/4] fuse: check create mode in atomic open -Date: Tue, 7 Aug 2012 14:45:49 +0200 -Lines: 29 -Approved: news@gmane.org -Message-ID: <1344343549-11887-5-git-send-email-miklos@szeredi.hu> -References: <1344343549-11887-1-git-send-email-miklos@szeredi.hu> -NNTP-Posting-Host: plane.gmane.org -X-Trace: dough.gmane.org 1344343501 28616 80.91.229.3 (7 Aug 2012 12:45:01 GMT) -X-Complaints-To: usenet@dough.gmane.org -NNTP-Posting-Date: Tue, 7 Aug 2012 12:45:01 +0000 (UTC) -Cc: linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, - rjones@redhat.com, steveamigauk@yahoo.co.uk, mszeredi@suse.cz -To: viro@ZenIV.linux.org.uk -Original-X-From: linux-kernel-owner@vger.kernel.org Tue Aug 07 14:45:01 2012 -Return-path: -Envelope-to: glk-linux-kernel-3@plane.gmane.org -Original-Received: from vger.kernel.org ([209.132.180.67]) - by plane.gmane.org with esmtp (Exim 4.69) - (envelope-from ) - id 1Syj9g-000751-AP - for glk-linux-kernel-3@plane.gmane.org; Tue, 07 Aug 2012 14:45:01 +0200 -Original-Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand - id S1753956Ab2HGMol (ORCPT ); - Tue, 7 Aug 2012 08:44:41 -0400 -Original-Received: from mail-wg0-f44.google.com ([74.125.82.44]:49113 "EHLO - mail-wg0-f44.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org - with ESMTP id S1754550Ab2HGMoi (ORCPT - ); - Tue, 7 Aug 2012 08:44:38 -0400 -Original-Received: by wgbdr13 with SMTP id dr13so3821771wgb.1 - for ; Tue, 07 Aug 2012 05:44:37 -0700 (PDT) -DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; - d=szeredi.hu; s=google; - h=from:to:cc:subject:date:message-id:x-mailer:in-reply-to:references; - bh=2z/lG+dElZX1BvzqKB7l/eTdQWJupcJMEPoo3E7WIkA=; - b=OSiFNFL8gGKzfQF4uTbT4uuk+FiRJFon3esY5HKXETPIldNkm2zTGUf0pTSAFKp+UG - nR1uDMgw8M+lY8aSepjpSqty+93LvJBEn5N2L+7hZeMPZHw/dvkjHpV/GvbqLI++oeHY - h5H4AqTI/51xQvAZP0fid7hVJh2leMo1lGtMc= -X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; - d=google.com; s=20120113; - h=from:to:cc:subject:date:message-id:x-mailer:in-reply-to:references - :x-gm-message-state; - bh=2z/lG+dElZX1BvzqKB7l/eTdQWJupcJMEPoo3E7WIkA=; - b=f5PRamaleMoVfPo7U0JjEgSltuT3/8qDvNRrgagcbsxz99IsBh5XZBfdcIX4BbAGYR - NNS0XMJEHgZSVE6O+imPLvlj3Oc7e4+NPYcfZTIeq3RdCpXeX5/X6woK4PJcOXIRMHML - U3L0o3trwK6EZTxyuThoOdptBVHQh+IyxzGJoHCSyoZki5ZMdjJUCnbLuOvY4A1xfaxM - a4v33nCxXl8B/698Hjm/U+Q5wIO2yloqCYTjzBeKquRsprxmLGfqErEqQSP7N7n2yGiV - cdiHfHOA2S0RbP+FTw9MRrW5he8tpeVbXodbYfrUazI0XruNSm3x09gttO8KhR0ehCSD - gshg== -Original-Received: by 10.216.134.101 with SMTP id r79mr6493496wei.60.1344343477315; - Tue, 07 Aug 2012 05:44:37 -0700 (PDT) -Original-Received: from localhost.localdomain (77-234-87-236.pool.digikabel.hu. [77.234.87.236]) - by mx.google.com with ESMTPS id b7sm31225742wiz.9.2012.08.07.05.44.35 - (version=TLSv1/SSLv3 cipher=OTHER); - Tue, 07 Aug 2012 05:44:36 -0700 (PDT) -X-Mailer: git-send-email 1.7.7 -In-Reply-To: <1344343549-11887-1-git-send-email-miklos@szeredi.hu> -X-Gm-Message-State: ALoCoQmdZRlhlKJWBzIDpgy+1szkaUFmK1NUhSopmYGukU6PHpk7xwsXWx0v+JWsNJdT/Aeqwz5M -Original-Sender: linux-kernel-owner@vger.kernel.org -Precedence: bulk -List-ID: -X-Mailing-List: linux-kernel@vger.kernel.org -Xref: news.gmane.org gmane.linux.kernel:1338998 gmane.linux.file-systems:66447 -Archived-At: - -From: Miklos Szeredi - -Verify that the VFS is passing us a complete create mode with the S_IFREG to -atomic open. - -Reported-by: Steve -Reported-by: Richard W.M. Jones -Signed-off-by: Miklos Szeredi ---- - fs/fuse/dir.c | 3 +++ - 1 files changed, 3 insertions(+), 0 deletions(-) - -diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c -index 8964cf3..324bc08 100644 ---- a/fs/fuse/dir.c -+++ b/fs/fuse/dir.c -@@ -383,6 +383,9 @@ static int fuse_create_open(struct inode *dir, struct dentry *entry, - struct fuse_entry_out outentry; - struct fuse_file *ff; - -+ /* Userspace expects S_IFREG in create mode */ -+ BUG_ON((mode & S_IFMT) != S_IFREG); -+ - forget = fuse_alloc_forget(); - err = -ENOMEM; - if (!forget) --- -1.7.7 - diff --git a/via-velocity-fix-netif_receive_skb-use-in-irq-disable.patch b/via-velocity-fix-netif_receive_skb-use-in-irq-disable.patch new file mode 100644 index 000000000..820f47056 --- /dev/null +++ b/via-velocity-fix-netif_receive_skb-use-in-irq-disable.patch @@ -0,0 +1,121 @@ +Bugzilla: 1022733 +Upstream: Submitted for 3.13 and 3.12.y stable +Delivered-To: jwboyer@gmail.com +Received: by 10.76.104.107 with SMTP id gd11csp116929oab; + Mon, 25 Nov 2013 15:45:36 -0800 (PST) +X-Received: by 10.68.254.105 with SMTP id ah9mr20726084pbd.87.1385423136297; + Mon, 25 Nov 2013 15:45:36 -0800 (PST) +Return-Path: +Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) + by mx.google.com with ESMTP id am2si28999873pad.96.2013.11.25.15.44.53 + for ; + Mon, 25 Nov 2013 15:45:36 -0800 (PST) +Received-SPF: pass (google.com: best guess record for domain of netdev-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; +Authentication-Results: mx.google.com; + spf=pass (google.com: best guess record for domain of netdev-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mail=netdev-owner@vger.kernel.org +Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand + id S1753536Ab3KYXl6 (ORCPT + 99 others); + Mon, 25 Nov 2013 18:41:58 -0500 +Received: from violet.fr.zoreil.com ([92.243.8.30]:57806 "EHLO + violet.fr.zoreil.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org + with ESMTP id S1751913Ab3KYXlz (ORCPT + ); Mon, 25 Nov 2013 18:41:55 -0500 +Received: from violet.fr.zoreil.com (localhost [127.0.0.1]) + by violet.fr.zoreil.com (8.14.5/8.14.5) with ESMTP id rAPNewrt012676; + Tue, 26 Nov 2013 00:40:58 +0100 +Received: (from romieu@localhost) + by violet.fr.zoreil.com (8.14.5/8.14.5/Submit) id rAPNewbX012675; + Tue, 26 Nov 2013 00:40:58 +0100 +Date: Tue, 26 Nov 2013 00:40:58 +0100 +From: Francois Romieu +To: netdev@vger.kernel.org +Cc: David Miller , + "Alex A. Schmidt" , + Michele Baldessari , + Jamie Heilman , + Julia Lawall +Subject: [PATCH net 1/1] via-velocity: fix netif_receive_skb use in irq + disabled section. +Message-ID: <20131125234058.GA12566@electric-eye.fr.zoreil.com> +MIME-Version: 1.0 +Content-Type: text/plain; charset=us-ascii +Content-Disposition: inline +X-Organisation: Land of Sunshine Inc. +User-Agent: Mutt/1.5.21 (2010-09-15) +Sender: netdev-owner@vger.kernel.org +Precedence: bulk +List-ID: +X-Mailing-List: netdev@vger.kernel.org + +2fdac010bdcf10a30711b6924612dfc40daf19b8 ("via-velocity.c: update napi +implementation") overlooked an irq disabling spinlock when the Rx part +of the NAPI poll handler was converted from netif_rx to netif_receive_skb. + +NAPI Rx processing can be taken out of the locked section with a pair of +napi_{disable / enable} since it only races with the MTU change function. + +An heavier rework of the NAPI locking would be able to perform NAPI Tx +before Rx where I simply removed one of velocity_tx_srv calls. + +References: https://bugzilla.redhat.com/show_bug.cgi?id=1022733 +Fixes: 2fdac010bdcf (via-velocity.c: update napi implementation) +Signed-off-by: Francois Romieu +Tested-by: Alex A. Schmidt +Cc: Jamie Heilman +Cc: Michele Baldessari +Cc: Julia Lawall +--- + + It is relevant for stable 3.11.x and 3.12.y. + + drivers/net/ethernet/via/via-velocity.c | 11 ++++++----- + 1 file changed, 6 insertions(+), 5 deletions(-) + +diff --git a/drivers/net/ethernet/via/via-velocity.c b/drivers/net/ethernet/via/via-velocity.c +index d022bf9..ad61d26 100644 +--- a/drivers/net/ethernet/via/via-velocity.c ++++ b/drivers/net/ethernet/via/via-velocity.c +@@ -2172,16 +2172,13 @@ static int velocity_poll(struct napi_struct *napi, int budget) + unsigned int rx_done; + unsigned long flags; + +- spin_lock_irqsave(&vptr->lock, flags); + /* + * Do rx and tx twice for performance (taken from the VIA + * out-of-tree driver). + */ +- rx_done = velocity_rx_srv(vptr, budget / 2); +- velocity_tx_srv(vptr); +- rx_done += velocity_rx_srv(vptr, budget - rx_done); ++ rx_done = velocity_rx_srv(vptr, budget); ++ spin_lock_irqsave(&vptr->lock, flags); + velocity_tx_srv(vptr); +- + /* If budget not fully consumed, exit the polling mode */ + if (rx_done < budget) { + napi_complete(napi); +@@ -2342,6 +2339,8 @@ static int velocity_change_mtu(struct net_device *dev, int new_mtu) + if (ret < 0) + goto out_free_tmp_vptr_1; + ++ napi_disable(&vptr->napi); ++ + spin_lock_irqsave(&vptr->lock, flags); + + netif_stop_queue(dev); +@@ -2362,6 +2361,8 @@ static int velocity_change_mtu(struct net_device *dev, int new_mtu) + + velocity_give_many_rx_descs(vptr); + ++ napi_enable(&vptr->napi); ++ + mac_enable_int(vptr->mac_regs); + netif_start_queue(dev); + +-- +1.8.3.1 + +-- +To unsubscribe from this list: send the line "unsubscribe netdev" in +the body of a message to majordomo@vger.kernel.org +More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/x509.genkey b/x509.genkey new file mode 100644 index 000000000..2f90e1bce --- /dev/null +++ b/x509.genkey @@ -0,0 +1,16 @@ +[ req ] +default_bits = 4096 +distinguished_name = req_distinguished_name +prompt = no +x509_extensions = myexts + +[ req_distinguished_name ] +O = Fedora +CN = Fedora kernel signing key +emailAddress = kernel-team@fedoraproject.org + +[ myexts ] +basicConstraints=critical,CA:FALSE +keyUsage=digitalSignature +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid diff --git a/xfs-underflow-bug-in-xfs_attrlist_by_handle.patch b/xfs-underflow-bug-in-xfs_attrlist_by_handle.patch new file mode 100644 index 000000000..6c7f60dd9 --- /dev/null +++ b/xfs-underflow-bug-in-xfs_attrlist_by_handle.patch @@ -0,0 +1,149 @@ +Bugzilla: 1033603 +Upstream-status: Submitted but not queued http://thread.gmane.org/gmane.comp.file-systems.xfs.general/57654 + +Path: news.gmane.org!not-for-mail +From: Dan Carpenter +Newsgroups: gmane.comp.file-systems.xfs.general +Subject: [patch] xfs: underflow bug in xfs_attrlist_by_handle() +Date: Thu, 31 Oct 2013 21:00:10 +0300 +Lines: 43 +Approved: news@gmane.org +Message-ID: <20131031180010.GA24839@longonot.mountain> +References: <20131025144452.GA28451@ngolde.de> +NNTP-Posting-Host: plane.gmane.org +Mime-Version: 1.0 +Content-Type: text/plain; charset="us-ascii" +Content-Transfer-Encoding: 7bit +X-Trace: ger.gmane.org 1383242609 27303 80.91.229.3 (31 Oct 2013 18:03:29 GMT) +X-Complaints-To: usenet@ger.gmane.org +NNTP-Posting-Date: Thu, 31 Oct 2013 18:03:29 +0000 (UTC) +Cc: Fabian Yamaguchi , security@kernel.org, + Alex Elder , Nico Golde , xfs@oss.sgi.com +To: Ben Myers +Original-X-From: xfs-bounces@oss.sgi.com Thu Oct 31 19:03:33 2013 +Return-path: +Envelope-to: sgi-linux-xfs@gmane.org +Original-Received: from oss.sgi.com ([192.48.182.195]) + by plane.gmane.org with esmtp (Exim 4.69) + (envelope-from ) + id 1Vbwag-0001Ow-Sv + for sgi-linux-xfs@gmane.org; Thu, 31 Oct 2013 19:03:31 +0100 +Original-Received: from oss.sgi.com (localhost [IPv6:::1]) + by oss.sgi.com (Postfix) with ESMTP id DB14A7F85; + Thu, 31 Oct 2013 13:03:28 -0500 (CDT) +X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com +X-Spam-Level: +X-Spam-Status: No, score=0.0 required=5.0 tests=UNPARSEABLE_RELAY + autolearn=ham version=3.3.1 +X-Original-To: xfs@oss.sgi.com +Delivered-To: xfs@oss.sgi.com +Original-Received: from relay.sgi.com (relay1.corp.sgi.com [137.38.102.111]) + by oss.sgi.com (Postfix) with ESMTP id A0ED87F83 + for ; Thu, 31 Oct 2013 13:03:27 -0500 (CDT) +Original-Received: from cuda.sgi.com (cuda1.sgi.com [192.48.157.11]) + by relay1.corp.sgi.com (Postfix) with ESMTP id 71E0A8F804B + for ; Thu, 31 Oct 2013 11:03:24 -0700 (PDT) +X-ASG-Debug-ID: 1383242599-04bdf0789a41ef30001-NocioJ +Original-Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) by + cuda.sgi.com with ESMTP id CWKetu2Mc6MhJZij (version=TLSv1 + cipher=AES256-SHA bits=256 verify=NO); + Thu, 31 Oct 2013 11:03:20 -0700 (PDT) +X-Barracuda-Envelope-From: dan.carpenter@oracle.com +X-Barracuda-Apparent-Source-IP: 156.151.31.81 +Original-Received: from acsinet22.oracle.com (acsinet22.oracle.com [141.146.126.238]) + by userp1040.oracle.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with + ESMTP id r9VI3AZn009606 + (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); + Thu, 31 Oct 2013 18:03:11 GMT +Original-Received: from aserz7022.oracle.com (aserz7022.oracle.com [141.146.126.231]) + by acsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id + r9VI39qG016923 + (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); + Thu, 31 Oct 2013 18:03:10 GMT +Original-Received: from abhmt101.oracle.com (abhmt101.oracle.com [141.146.116.53]) + by aserz7022.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id + r9VI395m016915; Thu, 31 Oct 2013 18:03:09 GMT +Original-Received: from longonot.mountain (/105.160.144.228) + by default (Oracle Beehive Gateway v4.0) + with ESMTP ; Thu, 31 Oct 2013 11:03:08 -0700 +X-ASG-Orig-Subj: [patch] xfs: underflow bug in xfs_attrlist_by_handle() +Content-Disposition: inline +In-Reply-To: <20131025144452.GA28451@ngolde.de> +User-Agent: Mutt/1.5.21 (2010-09-15) +X-Source-IP: acsinet22.oracle.com [141.146.126.238] +X-Barracuda-Connect: userp1040.oracle.com[156.151.31.81] +X-Barracuda-Start-Time: 1383242600 +X-Barracuda-Encrypted: AES256-SHA +X-Barracuda-URL: http://192.48.157.11:80/cgi-mod/mark.cgi +X-Virus-Scanned: by bsmtpd at sgi.com +X-Barracuda-BRTS-Status: 1 +X-Barracuda-Spam-Score: 0.00 +X-Barracuda-Spam-Status: No, + SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 + QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests=UNPARSEABLE_RELAY +X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.141937 + Rule breakdown below + pts rule name description + ---- ---------------------- + -------------------------------------------------- + 0.00 UNPARSEABLE_RELAY Informational: message has unparseable relay + lines +X-BeenThere: xfs@oss.sgi.com +X-Mailman-Version: 2.1.14 +Precedence: list +List-Id: XFS Filesystem from SGI +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Errors-To: xfs-bounces@oss.sgi.com +Original-Sender: xfs-bounces@oss.sgi.com +Xref: news.gmane.org gmane.comp.file-systems.xfs.general:57654 +Archived-At: + +If we allocate less than sizeof(struct attrlist) then we end up +corrupting memory or doing a ZERO_PTR_SIZE dereference. + +This can only be triggered with CAP_SYS_ADMIN. + +Reported-by: Nico Golde +Reported-by: Fabian Yamaguchi +Signed-off-by: Dan Carpenter + +diff --git a/fs/xfs/xfs_ioctl.c b/fs/xfs/xfs_ioctl.c +index 4d61340..33ad9a7 100644 +--- a/fs/xfs/xfs_ioctl.c ++++ b/fs/xfs/xfs_ioctl.c +@@ -442,7 +442,8 @@ xfs_attrlist_by_handle( + return -XFS_ERROR(EPERM); + if (copy_from_user(&al_hreq, arg, sizeof(xfs_fsop_attrlist_handlereq_t))) + return -XFS_ERROR(EFAULT); +- if (al_hreq.buflen > XATTR_LIST_MAX) ++ if (al_hreq.buflen < sizeof(struct attrlist) || ++ al_hreq.buflen > XATTR_LIST_MAX) + return -XFS_ERROR(EINVAL); + + /* +diff --git a/fs/xfs/xfs_ioctl32.c b/fs/xfs/xfs_ioctl32.c +index e8fb123..a7992f8 100644 +--- a/fs/xfs/xfs_ioctl32.c ++++ b/fs/xfs/xfs_ioctl32.c +@@ -356,7 +356,8 @@ xfs_compat_attrlist_by_handle( + if (copy_from_user(&al_hreq, arg, + sizeof(compat_xfs_fsop_attrlist_handlereq_t))) + return -XFS_ERROR(EFAULT); +- if (al_hreq.buflen > XATTR_LIST_MAX) ++ if (al_hreq.buflen < sizeof(struct attrlist) || ++ al_hreq.buflen > XATTR_LIST_MAX) + return -XFS_ERROR(EINVAL); + + /* + +_______________________________________________ +xfs mailing list +xfs@oss.sgi.com +http://oss.sgi.com/mailman/listinfo/xfs +