Provide a script to parse an X.509 certificate and certain pieces of
information from it in order to generate a key identifier to be included within
a module signature.
The script takes the Subject Name and extracts (if present) the
organizationName (O), the commonName (CN) and the emailAddress and fabricates
the signer's name from them:
(1) If both O and CN exist, then the name will be "O: CN", unless:
(a) CN is prefixed by O, in which case only CN is used.
(b) CN and O share at least the first 7 characters, in which case only CN
is used.
(2) Otherwise, CN is used if present.
(3) Otherwise, O is used if present.
(4) Otherwise the emailAddress is used, if present.
(5) Otherwise a blank name is used.
The script emits a binary encoded identifier in the following form:
- 2 BE bytes indicating the length of the signer's name.
- 2 BE bytes indicating the length of the subject key identifier.
- The characters of the signer's name.
- The bytes of the subject key identifier.
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Check the signature on the module against the keys compiled into the kernel or
available in a hardware key store.
Currently, only RSA keys are supported - though that's easy enough to change,
and the signature is expected to contain raw components (so not a PGP or
PKCS#7 formatted blob).
The signature blob is expected to consist of the following pieces in order:
(1) The binary identifier for the key. This is expected to match the
SubjectKeyIdentifier from an X.509 certificate. Only X.509 type
identifiers are currently supported.
(2) The signature data, consisting of a series of MPIs in which each is in
the format of a 2-byte BE word sizes followed by the content data.
(3) A 12 byte information block of the form:
struct module_signature {
enum pkey_algo algo : 8;
enum pkey_hash_algo hash : 8;
enum pkey_id_type id_type : 8;
u8 __pad;
__be32 id_length;
__be32 sig_length;
};
The three enums are defined in crypto/public_key.h.
'algo' contains the public-key algorithm identifier (0->DSA, 1->RSA).
'hash' contains the digest algorithm identifier (0->MD4, 1->MD5, 2->SHA1,
etc.).
'id_type' contains the public-key identifier type (0->PGP, 1->X.509).
'__pad' should be 0.
'id_length' should contain in the binary identifier length in BE form.
'sig_length' should contain in the signature data length in BE form.
The lengths are in BE order rather than CPU order to make dealing with
cross-compilation easier.
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> (minor Kconfig fix)
Include a PGP keyring containing the public keys required to perform module
verification in the kernel image during build and create a special keyring
during boot which is then populated with keys of crypto type holding the public
keys found in the PGP keyring.
These can be seen by root:
[root@andromeda ~]# cat /proc/keys
07ad4ee0 I----- 1 perm 3f010000 0 0 crypto modsign.0: RSA 87b9b3bd []
15c7f8c3 I----- 1 perm 1f030000 0 0 keyring .module_sign: 1/4
...
It is probably worth permitting root to invalidate these keys, resulting in
their removal and preventing further modules from being loaded with that key.
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Automatically generate keys for module signing if they're absent so that
allyesconfig doesn't break. The builder should consider generating their own
key and certificate, however, so that the keys are appropriately named.
The private key for the module signer should be placed in signing_key.priv
(unencrypted!) and the public key in an X.509 certificate as signing_key.x509.
If a transient key is desired for signing the modules, a config file for
'openssl req' can be placed in x509.genkey, looking something like the
following:
[ req ]
default_bits = 4096
distinguished_name = req_distinguished_name
prompt = no
x509_extensions = myexts
[ req_distinguished_name ]
O = Magarathea
CN = Glacier signing key
emailAddress = slartibartfast@magrathea.h2g2
[ myexts ]
basicConstraints=critical,CA:FALSE
keyUsage=digitalSignature
subjectKeyIdentifier=hash
authorityKeyIdentifier=hash
The build process will use this to configure:
openssl req -new -nodes -utf8 -sha1 -days 36500 -batch \
-x509 -config x509.genkey \
-outform DER -out signing_key.x509 \
-keyout signing_key.priv
to generate the key.
Note that it is required that the X.509 certificate have a subjectKeyIdentifier
and an authorityKeyIdentifier. Without those, the certificate will be
rejected. These can be used to check the validity of a certificate.
Note that 'make distclean' will remove signing_key.{priv,x509} and x509.genkey,
whether or not they were generated automatically.
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Provide kernel configuration options for module signing.
The following configuration options are added:
CONFIG_MODULE_SIG_SHA1
CONFIG_MODULE_SIG_SHA224
CONFIG_MODULE_SIG_SHA256
CONFIG_MODULE_SIG_SHA384
CONFIG_MODULE_SIG_SHA512
These select the cryptographic hash used to digest the data prior to signing.
Additionally, the crypto module selected will be built into the kernel as it
won't be possible to load it as a module without incurring a circular
dependency when the kernel tries to check its signature.
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Provide gitignore and make clean rules for extra files to hide and clean up the
extra files produced by module signing stuff once it is added. Also add a
clean up rule for the module content extractor program used to extract the data
to be signed.
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
If we're in FIPS mode, we should panic if we fail to verify the signature on a
module or we're asked to load an unsigned module in signature enforcing mode.
Possibly FIPS mode should automatically enable enforcing mode.
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
We do a very simple search for a particular string appended to the module
(which is cache-hot and about to be SHA'd anyway). There's both a config
option and a boot parameter which control whether we accept or fail with
unsigned modules and modules that are signed with an unknown key.
If module signing is enabled, the kernel will be tainted if a module is
loaded that is unsigned or has a signature for which we don't have the
key.
(Useful feedback and tweaks by David Howells <dhowells@redhat.com>)
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
It turned out that the COMBO position fix mode is rather more harmful,
and it got reverted (with the replacement of runtime->delay
calculation) recently. Hence we can get rid of AZX_DCAPS_POSFIX_COMBO
as well.
It's still possible to pass this mode via position_fix module option,
in case where this really helps on weird machines (who knows).
Signed-off-by: Takashi Iwai <tiwai@suse.de>
In the transition to the generic fixup code, the call of
snd_hda_gen_init() and snd_hda_gen_free() was missing.
Signed-off-by: Takashi Iwai <tiwai@suse.de>
The commit [4b527b65 ALSA: hda - limit internal mic boost for Asus
X202E] introduced the use of auto-parser code, but it forgot to add
struct hda_gen_spec at the head of codec->spec which the auto-parser
assumes silently. Without this record, it may result in memory
corruption.
This patch adds the missing piece.
Cc: <stable@vger.kernel.org> [v3.5+]
Signed-off-by: Takashi Iwai <tiwai@suse.de>
This alters the Nomadik pinctrl driver to:
- Call irqdomain_add_linear() for the DT case so we get
all independent from IRQ numbers in this case.
- Call irqdomain_add_simple() for the legacy case, which
allocates the IRQ descriptors for the Nomadik pin controller
dynamically.
Cc: Lee Jones <lee.jones@linaro.org>
Cc: Rob Herring <rob.herring@calxeda.com>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Currently we rely on all IRQ chip instances to dynamically
allocate their IRQ descriptors unless they use the linear
IRQ domain. So for irqdomain_add_legacy() and
irqdomain_add_simple() the caller need to make sure that
descriptors are allocated.
Let's slightly augment the yet unused irqdomain_add_simple()
to also allocate descriptors as a means to simplify usage
and avoid code duplication throughout the kernel.
We warn if descriptors cannot be allocated, e.g. if a
platform has the bad habit of hogging descriptors at boot
time.
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Grant Likely <grant.likely@secretlab.ca>
Cc: Paul Mundt <lethal@linux-sh.org>
Cc: Russell King <linux@arm.linux.org.uk>
Cc: Lee Jones <lee.jones@linaro.org>
Reviewed-by: Rob Herring <rob.herring@calxeda.com>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Upgrade nomadik pinctrl driver to enable selection of other
alternate-C[1-4] functions on some specific ux500 SoC pins.
Handling of those functions is done thanks to PRCM GPIOCR
registers. This was previously managed in PRCMU driver and
it was not really convenient. Idea is to provide a common
way to control all alternate functions.
Note that this improvement does not support the old-fashioned way
used to control nomadik pins, namely the "nmk_config_pin()" function
and its derivatives.
Signed-off-by: Jean-Nicolas Graux <jean-nicolas.graux@stericsson.com>
Reviewed-by: Philippe Langlais <philippe.langlais@stericsson.com>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Commit 1331e7a1bb ("rcu: Remove _rcu_barrier() dependency on
__stop_machine()") introduced slab_mutex -> cpu_hotplug.lock dependency
through kmem_cache_destroy() -> rcu_barrier() -> _rcu_barrier() ->
get_online_cpus().
Lockdep thinks that this might actually result in ABBA deadlock,
and reports it as below:
=== [ cut here ] ===
======================================================
[ INFO: possible circular locking dependency detected ]
3.6.0-rc5-00004-g0d8ee37 #143 Not tainted
-------------------------------------------------------
kworker/u:2/40 is trying to acquire lock:
(rcu_sched_state.barrier_mutex){+.+...}, at: [<ffffffff810f2126>] _rcu_barrier+0x26/0x1e0
but task is already holding lock:
(slab_mutex){+.+.+.}, at: [<ffffffff81176e15>] kmem_cache_destroy+0x45/0xe0
which lock already depends on the new lock.
the existing dependency chain (in reverse order) is:
-> #2 (slab_mutex){+.+.+.}:
[<ffffffff810ae1e2>] validate_chain+0x632/0x720
[<ffffffff810ae5d9>] __lock_acquire+0x309/0x530
[<ffffffff810ae921>] lock_acquire+0x121/0x190
[<ffffffff8155d4cc>] __mutex_lock_common+0x5c/0x450
[<ffffffff8155d9ee>] mutex_lock_nested+0x3e/0x50
[<ffffffff81558cb5>] cpuup_callback+0x2f/0xbe
[<ffffffff81564b83>] notifier_call_chain+0x93/0x140
[<ffffffff81076f89>] __raw_notifier_call_chain+0x9/0x10
[<ffffffff8155719d>] _cpu_up+0xba/0x14e
[<ffffffff815572ed>] cpu_up+0xbc/0x117
[<ffffffff81ae05e3>] smp_init+0x6b/0x9f
[<ffffffff81ac47d6>] kernel_init+0x147/0x1dc
[<ffffffff8156ab44>] kernel_thread_helper+0x4/0x10
-> #1 (cpu_hotplug.lock){+.+.+.}:
[<ffffffff810ae1e2>] validate_chain+0x632/0x720
[<ffffffff810ae5d9>] __lock_acquire+0x309/0x530
[<ffffffff810ae921>] lock_acquire+0x121/0x190
[<ffffffff8155d4cc>] __mutex_lock_common+0x5c/0x450
[<ffffffff8155d9ee>] mutex_lock_nested+0x3e/0x50
[<ffffffff81049197>] get_online_cpus+0x37/0x50
[<ffffffff810f21bb>] _rcu_barrier+0xbb/0x1e0
[<ffffffff810f22f0>] rcu_barrier_sched+0x10/0x20
[<ffffffff810f2309>] rcu_barrier+0x9/0x10
[<ffffffff8118c129>] deactivate_locked_super+0x49/0x90
[<ffffffff8118cc01>] deactivate_super+0x61/0x70
[<ffffffff811aaaa7>] mntput_no_expire+0x127/0x180
[<ffffffff811ab49e>] sys_umount+0x6e/0xd0
[<ffffffff81569979>] system_call_fastpath+0x16/0x1b
-> #0 (rcu_sched_state.barrier_mutex){+.+...}:
[<ffffffff810adb4e>] check_prev_add+0x3de/0x440
[<ffffffff810ae1e2>] validate_chain+0x632/0x720
[<ffffffff810ae5d9>] __lock_acquire+0x309/0x530
[<ffffffff810ae921>] lock_acquire+0x121/0x190
[<ffffffff8155d4cc>] __mutex_lock_common+0x5c/0x450
[<ffffffff8155d9ee>] mutex_lock_nested+0x3e/0x50
[<ffffffff810f2126>] _rcu_barrier+0x26/0x1e0
[<ffffffff810f22f0>] rcu_barrier_sched+0x10/0x20
[<ffffffff810f2309>] rcu_barrier+0x9/0x10
[<ffffffff81176ea1>] kmem_cache_destroy+0xd1/0xe0
[<ffffffffa04c3154>] nf_conntrack_cleanup_net+0xe4/0x110 [nf_conntrack]
[<ffffffffa04c31aa>] nf_conntrack_cleanup+0x2a/0x70 [nf_conntrack]
[<ffffffffa04c42ce>] nf_conntrack_net_exit+0x5e/0x80 [nf_conntrack]
[<ffffffff81454b79>] ops_exit_list+0x39/0x60
[<ffffffff814551ab>] cleanup_net+0xfb/0x1b0
[<ffffffff8106917b>] process_one_work+0x26b/0x4c0
[<ffffffff81069f3e>] worker_thread+0x12e/0x320
[<ffffffff8106f73e>] kthread+0x9e/0xb0
[<ffffffff8156ab44>] kernel_thread_helper+0x4/0x10
other info that might help us debug this:
Chain exists of:
rcu_sched_state.barrier_mutex --> cpu_hotplug.lock --> slab_mutex
Possible unsafe locking scenario:
CPU0 CPU1
---- ----
lock(slab_mutex);
lock(cpu_hotplug.lock);
lock(slab_mutex);
lock(rcu_sched_state.barrier_mutex);
*** DEADLOCK ***
=== [ cut here ] ===
This is actually a false positive. Lockdep has no way of knowing the fact
that the ABBA can actually never happen, because of special semantics of
cpu_hotplug.refcount and its handling in cpu_hotplug_begin(); the mutual
exclusion there is not achieved through mutex, but through
cpu_hotplug.refcount.
The "neither cpu_up() nor cpu_down() will proceed past cpu_hotplug_begin()
until everyone who called get_online_cpus() will call put_online_cpus()"
semantics is totally invisible to lockdep.
This patch therefore moves the unlock of slab_mutex so that rcu_barrier()
is being called with it unlocked. It has two advantages:
- it slightly reduces hold time of slab_mutex; as it's used to protect
the cachep list, it's not necessary to hold it over kmem_cache_free()
call any more
- it silences the lockdep false positive warning, as it avoids lockdep ever
learning about slab_mutex -> cpu_hotplug.lock dependency
Reviewed-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Reviewed-by: Srivatsa S. Bhat <srivatsa.bhat@linux.vnet.ibm.com>
Acked-by: David Rientjes <rientjes@google.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Pekka Enberg <penberg@kernel.org>
When the lglock doesn't need to be exported we can use
DEFINE_STATIC_LGLOCK().
Signed-off-by: Lai Jiangshan <laijs@cn.fujitsu.com>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Cc: Andi Kleen <ak@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
The per_cpu locks are not used outside the file which contains the
DEFINE_LGLOCK(), so we can make these symbols static.
Signed-off-by: Lai Jiangshan <laijs@cn.fujitsu.com>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Cc: Andi Kleen <ak@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
struct lglocks use their own lock_key/lock_dep_map which are defined in
struct lglock. DEFINE_LGLOCK_LOCKDEP() is unused, so remove it and save a
small piece of memory.
Signed-off-by: Lai Jiangshan <laijs@cn.fujitsu.com>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Cc: Andi Kleen <ak@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Fuzzing with trinity oopsed on the 1st instruction of shmem_fh_to_dentry(),
u64 inum = fid->raw[2];
which is unhelpfully reported as at the end of shmem_alloc_inode():
BUG: unable to handle kernel paging request at ffff880061cd3000
IP: [<ffffffff812190d0>] shmem_alloc_inode+0x40/0x40
Oops: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
Call Trace:
[<ffffffff81488649>] ? exportfs_decode_fh+0x79/0x2d0
[<ffffffff812d77c3>] do_handle_open+0x163/0x2c0
[<ffffffff812d792c>] sys_open_by_handle_at+0xc/0x10
[<ffffffff83a5f3f8>] tracesys+0xe1/0xe6
Right, tmpfs is being stupid to access fid->raw[2] before validating that
fh_len includes it: the buffer kmalloc'ed by do_sys_name_to_handle() may
fall at the end of a page, and the next page not be present.
But some other filesystems (ceph, gfs2, isofs, reiserfs, xfs) are being
careless about fh_len too, in fh_to_dentry() and/or fh_to_parent(), and
could oops in the same way: add the missing fh_len checks to those.
Reported-by: Sasha Levin <levinsasha928@gmail.com>
Signed-off-by: Hugh Dickins <hughd@google.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Sage Weil <sage@inktank.com>
Cc: Steven Whitehouse <swhiteho@redhat.com>
Cc: Christoph Hellwig <hch@infradead.org>
Cc: stable@vger.kernel.org
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Removed s_lock from super_block and removed lock/unlock super.
Signed-off-by: Marco Stornelli <marco.stornelli@gmail.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Removed lock/unlock super. Added a new private s_lock mutex.
Signed-off-by: Marco Stornelli <marco.stornelli@gmail.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Removed lock/unlock super. Added a new private s_lock mutex.
Signed-off-by: Marco Stornelli <marco.stornelli@gmail.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Removed lock/unlock super. Added a new private s_lock mutex.
Signed-off-by: Marco Stornelli <marco.stornelli@gmail.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Removed lock/unlock super.
Signed-off-by: Marco Stornelli <marco.stornelli@gmail.com>
Reviewed-by: Jan Kara <jack@suse.cz>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
I have tested the attached patch to fix the dup3 regression.
Rich.
From 0944e30e12dec6544b3602626b60ff412375c78f Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 9 Oct 2012 14:42:45 +0100
Subject: [PATCH] dup3: Return an error when oldfd == newfd.
The following commit:
commit fe17f22d7f
Author: Al Viro <viro@zeniv.linux.org.uk>
Date: Tue Aug 21 11:48:11 2012 -0400
take purely descriptor-related stuff from fcntl.c to file.c
was supposed to be just code motion, but it dropped the following two
lines:
if (unlikely(oldfd == newfd))
return -EINVAL;
from the dup3 system call. dup3 is not specified by POSIX, so Linux
can do what it likes. However the POSIX proposal for dup3 [1] states
that it should return an error if oldfd == newfd.
[1] http://austingroupbugs.net/view.php?id=411
Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
Tested-by: Richard W.M. Jones <rjones@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
audit_log_start() may return NULL, this is unchecked by the caller in
audit_log_link_denied() and could cause a NULL ptr deref.
Introduced by commit a51d9eaa ("fs: add link restriction audit reporting").
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Commit "fs: add link restriction audit reporting" has added auditing of failed
attempts to follow symlinks. Unfortunately, the auditing was being done after
the struct path structure was released earlier.
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Pull generic execve() changes from Al Viro:
"This introduces the generic kernel_thread() and kernel_execve()
functions, and switches x86, arm, alpha, um and s390 over to them."
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/signal: (26 commits)
s390: convert to generic kernel_execve()
s390: switch to generic kernel_thread()
s390: fold kernel_thread_helper() into ret_from_fork()
s390: fold execve_tail() into start_thread(), convert to generic sys_execve()
um: switch to generic kernel_thread()
x86, um/x86: switch to generic sys_execve and kernel_execve
x86: split ret_from_fork
alpha: introduce ret_from_kernel_execve(), switch to generic kernel_execve()
alpha: switch to generic kernel_thread()
alpha: switch to generic sys_execve()
arm: get rid of execve wrapper, switch to generic execve() implementation
arm: optimized current_pt_regs()
arm: introduce ret_from_kernel_execve(), switch to generic kernel_execve()
arm: split ret_from_fork, simplify kernel_thread() [based on patch by rmk]
generic sys_execve()
generic kernel_execve()
new helper: current_pt_regs()
preparation for generic kernel_thread()
um: kill thread->forking
um: let signal_delivered() do SIGTRAP on singlestepping into handler
...
Notable changes:
* Basic writeback support for DISPC level. Writeback is not yet usable, though,
as we need higher level code to actually expose the writeback feature to
userspace.
* Rewriting the omapdss output drivers. We're trying to remove the hard links
between the omapdss and the panels, and this rewrite work moves us closer to
that goal.
* Cleanup and restructuring patches that have been made while working on device
tree support for omapdss. Device tree support is still some way ahead, but
these patches are good cleanups in themselves.
* Basic OMAP5 DSS support for DPI and DSI outputs.
* Workaround for the problem that GFX overlay's fifo is too small for high
resolution scenarios, causing underflows.
* Cleanups that remove dependencies to omap platform code.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABAgAGBQJQae8PAAoJEPo9qoy8lh71l6EP/1ot2bJ1+8zkTO/N73SiMn/3
+6yGfX411Z9GNsEiDqgGKMboDpU7+Fqi0nO5mgPbbE936Lu92TA6DF/S6rr79iaQ
2faxqRiWYXkVfXo806fo0BMeprB6ieQNBaEXtRmMK+tlviZtgFfCy5+9oq4AxP64
zWuFl/lPuSkhzjU2hHygETHpccsxtNI7EiJf7UoBLBCKi/eU/E5XJKUJUBwhX68R
SA7SrpLfTNErAgdY4aMeLKprreN8VhJ7gp9+FCdnD7u4sawGpDIcF577EEc50Fjy
aZbDkQkL8p7zw8g/ejBsY9zlsZZk7LFOSkXhfZCstnhTvF9ugm9S6Ax2rqu3tVfd
M5B8n/I4njSFyQOxXyILfrGJdP/Fnpu6wlYKv+pNDQWspxo1saCu4Uju041A2lHy
HaanqxCvpiHAIjqzfOvtLDfGxqZs37QEER0mDlg7CR2iErw5aAyjfy/CHpjTJ6Ib
2X0ho0y5+ndxkuVhFp3+fZaDQ7Y2HVc0EduzaY6OvzqouTWq4pBgeLIoXXYdHtsp
wXfEPKghSZ6lA4wHYBRJppTLk3e56V6lVmC2/N+7PQkPm+Sfde1OAd8iqI0Ytm12
oL780L4XoWIbQml1ZZ6ZFwEO/2QnAqufzD7djMGkwm4BJb/04m4M2W2xWOEZ/R7T
0Xh/yWRDzQyrnzmyqg7K
=lcyJ
-----END PGP SIGNATURE-----
Merge tag 'omapdss-for-3.7' of git://gitorious.org/linux-omap-dss2/linux into fbdev-next
Omapdss driver changes for the 3.7 merge window.
Notable changes:
* Basic writeback support for DISPC level. Writeback is not yet usable, though,
as we need higher level code to actually expose the writeback feature to
userspace.
* Rewriting the omapdss output drivers. We're trying to remove the hard links
between the omapdss and the panels, and this rewrite work moves us closer to
that goal.
* Cleanup and restructuring patches that have been made while working on device
tree support for omapdss. Device tree support is still some way ahead, but
these patches are good cleanups in themselves.
* Basic OMAP5 DSS support for DPI and DSI outputs.
* Workaround for the problem that GFX overlay's fifo is too small for high
resolution scenarios, causing underflows.
* Cleanups that remove dependencies to omap platform code.
Pull UML changes from Richard Weinberger:
"UML receives this time only cleanups.
The most outstanding change is the 'include "foo.h"' do 'include
<foo.h>' conversion done by Al Viro.
It touches many files, that's why the diffstat is rather big."
* 'for-linus-37rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rw/uml:
typo in UserModeLinux-HOWTO
hppfs: fix the return value of get_inode()
hostfs: drop vmtruncate
um: get rid of pointless include "..." where include <...> will do
um: move sysrq.h out of include/shared
um/x86: merge 32 and 64 bit variants of ptrace.h
um/x86: merge 32 and 64bit variants of checksum.h
Pull networking updates from David Miller:
1) UAPI changes for networking from David Howells
2) A netlink dump is an operation we can sleep within, and therefore we
need to make sure the dump provider module doesn't disappear on us
meanwhile. Fix from Gao Feng.
3) Now that tunnels support GRO, we have to be more careful in
skb_gro_reset_offset() otherwise we OOPS, from Eric Dumazet.
4) We can end up processing packets for VLANs we aren't actually
configured to be on, fix from Florian Zumbiehl.
5) Fix routing cache removal regression in redirects and IPVS. The
core issue on the IPVS side is that it wants to rewrite who the
nexthop is and we have to explicitly accomodate that case. From
Julian Anastasov.
6) Error code return fixes all over the networking drivers from Peter
Senna Tschudin.
7) Fix routing cache removal regressions in IPSEC, from Steffen
Klassert.
8) Fix deadlock in RDS during pings, from Jeff Liu.
9) Neighbour packet queue can trigger skb_under_panic() because we do
not reset the network header of the SKB in the right spot. From
Ramesh Nagappa.
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (61 commits)
RDS: fix rds-ping spinlock recursion
netdev/phy: Prototype of_mdio_find_bus()
farsync: fix support for over 30 cards
be2net: Remove code that stops further access to BE NIC based on UE bits
pch_gbe: Fix build error by selecting all the possible dependencies.
e1000e: add device IDs for i218
ixgbe/ixgbevf: Limit maximum jumbo frame size to 9.5K to avoid Tx hangs
ixgbevf: Set the netdev number of Tx queues
UAPI: (Scripted) Disintegrate include/linux/tc_ematch
UAPI: (Scripted) Disintegrate include/linux/tc_act
UAPI: (Scripted) Disintegrate include/linux/netfilter_ipv6
UAPI: (Scripted) Disintegrate include/linux/netfilter_ipv4
UAPI: (Scripted) Disintegrate include/linux/netfilter_bridge
UAPI: (Scripted) Disintegrate include/linux/netfilter_arp
UAPI: (Scripted) Disintegrate include/linux/netfilter/ipset
UAPI: (Scripted) Disintegrate include/linux/netfilter
UAPI: (Scripted) Disintegrate include/linux/isdn
UAPI: (Scripted) Disintegrate include/linux/caif
net: fix typo in freescale/ucc_geth.c
vxlan: fix more sparse warnings
...
Pull sparc update from David Miller:
"This is just the UAPI commits for sparc via David Howells."
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc:
UAPI: (Scripted) Disintegrate arch/sparc/include/asm
Pull slave-dmaengine updates from Vinod Koul:
"This time we have Andy updates on dw_dmac which is attempting to make
this IP block available as PCI and platform device though not fully
complete this time.
We also have TI EDMA moving the dma driver to use dmaengine APIs, also
have a new driver for mmp-tdma, along with bunch of small updates.
Now for your excitement the merge is little unusual here, while
merging the auto merge on linux-next picks wrong choice for pl330
(drivers/dma/pl330.c) and this causes build failure. The correct
resolution is in linux-next. (DMA: PL330: Fix build error) I didn't
back merge your tree this time as you are better than me so no point
in doing that for me :)"
Fixed the pl330 conflict as in linux-next, along with trivial header
file conflicts due to changed includes.
* 'next' of git://git.infradead.org/users/vkoul/slave-dma: (29 commits)
dma: tegra: fix interrupt name issue with apb dma.
dw_dmac: fix a regression in dwc_prep_dma_memcpy
dw_dmac: introduce software emulation of LLP transfers
dw_dmac: autoconfigure data_width or get it via platform data
dw_dmac: autoconfigure block_size or use platform data
dw_dmac: get number of channels from hardware if possible
dw_dmac: fill optional encoded parameters in register structure
dw_dmac: mark dwc_dump_chan_regs as inline
DMA: PL330: return ENOMEM instead of 0 from pl330_alloc_chan_resources
DMA: PL330: Remove redundant runtime_suspend/resume functions
DMA: PL330: Remove controller clock enable/disable
dmaengine: use kmem_cache_zalloc instead of kmem_cache_alloc/memset
DMA: PL330: Set the capability of pdm0 and pdm1 as DMA_PRIVATE
ARM: EXYNOS: Set the capability of pdm0 and pdm1 as DMA_PRIVATE
dma: tegra: use list_move_tail instead of list_del/list_add_tail
mxs/dma: Enlarge the CCW descriptor area to 4 pages
dw_dmac: utilize slave_id to pass request line
dmaengine: mmp_tdma: add dt support
dmaengine: mmp-pdma support
spi: davici - make davinci select edma
...
nuc900fb_map_video_memory is called by an devinit function
that may be called at run-time, but the function itself is
marked __init and will be discarded after boot.
To avoid calling into a function that may have been overwritten,
mark nuc900fb_map_video_memory itself as __devinit.
Without this patch, building nuc950_defconfig results in:
WARNING: drivers/video/built-in.o(.devinit.text+0x26c): Section mismatch in reference from the function nuc900fb_probe() to the function .init.text:nuc900fb_map_video_memory()
The function __devinit nuc900fb_probe() references
a function __init nuc900fb_map_video_memory().
If nuc900fb_map_video_memory is only used by nuc900fb_probe then
annotate nuc900fb_map_video_memory with a matching annotation.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Wan ZongShun <mcuos.com@gmail.com>
Signed-off-by: Florian Tobias Schandinat <FlorianSchandinat@gmx.de>
Convert clk_enable/clk_disable to clk_prepare_enable/clk_disable_unprepare
calls as required by common clock framework.
Signed-off-by: Jingoo Han <jg1.han@samsung.com>
Signed-off-by: Florian Tobias Schandinat <FlorianSchandinat@gmx.de>
Convert a nonnegative error return code to a negative one, as returned
elsewhere in the function.
A simplified version of the semantic match that finds this problem is as
follows: (http://coccinelle.lip6.fr/)
// <smpl>
(
if@p1 (\(ret < 0\|ret != 0\))
{ ... return ret; }
|
ret@p1 = 0
)
... when != ret = e1
when != &ret
*if(...)
{
... when != ret = e2
when forall
return ret;
}
// </smpl>
Signed-off-by: Peter Senna Tschudin <peter.senna@gmail.com>
Acked-by: Donghwa Lee <dh09.lee@samsung.com>
Signed-off-by: Florian Tobias Schandinat <FlorianSchandinat@gmx.de>
Convert a nonnegative error return code to a negative one, as returned
elsewhere in the function.
A simplified version of the semantic match that finds this problem is as
follows: (http://coccinelle.lip6.fr/)
// <smpl>
(
if@p1 (\(ret < 0\|ret != 0\))
{ ... return ret; }
|
ret@p1 = 0
)
... when != ret = e1
when != &ret
*if(...)
{
... when != ret = e2
when forall
return ret;
}
// </smpl>
Signed-off-by: Peter Senna Tschudin <peter.senna@gmail.com>
Signed-off-by: Florian Tobias Schandinat <FlorianSchandinat@gmx.de>
Convert clk_enable/clk_disable to clk_prepare_enable/clk_disable_unprepare
calls as required by common clock framework.
Signed-off-by: Thomas Abraham <thomas.abraham@linaro.org>
Acked-by: Jingoo Han <jg1.han@samsung.com>
Signed-off-by: Florian Tobias Schandinat <FlorianSchandinat@gmx.de>
Save and restore register context of LCDC respectively
before suspend and after resume.
Signed-off-by: Manjunathappa, Prakash <prakash.pm@ti.com>
Signed-off-by: Florian Tobias Schandinat <FlorianSchandinat@gmx.de>
Line 0 and 1 were both written to line 0 (on the display) and all subsequent
lines had an offset of -1. The result was that the last line on the display
was never overwritten by writes to /dev/fbN.
Cc: stable@vger.kernel.org
Signed-off-by: Alexander Holler <holler@ahsoftware.de>
Acked-by: Bernie Thompson <bernie@plugable.com>
Signed-off-by: Florian Tobias Schandinat <FlorianSchandinat@gmx.de>
Core:
- Add DT properties for card detection (broken-cd, cd-gpios, non-removable)
- Don't poll non-removable devices
- Fixup/rework eMMC sleep mode/"power off notify" feature
- Support eMMC background operations (BKOPS). To set the one-time
programmable fuse that enables bkops on an eMMC that doesn't already
have it set, you can use the "mmc bkops enable" command in:
git://git.kernel.org/pub/scm/linux/kernel/git/cjb/mmc-utils.git
Drivers:
- atmel-mci, dw_mmc, pxa-mci, dove, s3c, spear: Add device tree support
- bfin_sdh: Add support for the controller in bf60x
- dw_mmc: Support Samsung Exynos SoCs
- eSDHC: Add ADMA support
- sdhci: Support testing a cd-gpio (from slot-gpio) instead of presence bit
- sdhci-pltfm: Support broken-cd DT property
- tegra: Convert to only supporting DT (mach-tegra has gone DT-only)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAABAgAGBQJQcfc/AAoJEHNBYZ7TNxYMB3wQALPObZUjKBsR38N2llPUOz5M
nTMNYa99Pg3/Du5EgXKwYDkoYG1M9yjNTdxBmz3Sz9cIkLueZHoDmqvpgZJv9vRn
5l0TncExC+T2Tn7qjE5axgM7fus5r9SLKCOtbE+V8jATTWeG0d/X0DdzvKPpJLmb
uLPmqNG50LdQQUoCkcDU3hiDONqQnOx4tDq4C7rTlf+Cr8pJXRoBPEF0C1PTvs64
0AP8oXDtirz+RIR5xTELy08o4SVS4Wcn63PH1H56kmAIjdT5FeVnAOeyF9Aer/+R
Sz3qMrN/sNSEEkbgCGQLJVVYACNdgB1WXdxhqk2d996iwtEQgkVB8S2ziyhpZTZ2
SxgCMvfYf5ySOIuzvyEScGdKjw6DSV01HDr9eyFJqIYaDOBp+kUJkbM2O8ISf+Kb
rudrc58mdfPPhX5rqjEYBKGtyC6q+LvRGOwO8QJNvZ0wAFAg4nCzcD9btAl65QR1
7aM0qp+55pyc2xyUO9q5AvOwiaBU2sYYuBCUm1zzK3HQ8x5ZKpueQwa2KBmEa2f+
Qp6oflWNeG/X53WHCurl/ECZY5Y4w4esHPMWXVXJP8Ao+3D2Wofkp4CSGcQClZSd
/OBGSw9g70BIKwOTUvU9tD3ALQsG+A9UHmG7RQBhmcQFaKY709bfhzSG3/jHymSg
AKr0VSezE/DTj6URvxaq
=qyY5
-----END PGP SIGNATURE-----
Merge tag 'mmc-merge-for-3.7-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/cjb/mmc
Pull MMC updates from Chris Ball:
"Core:
- Add DT properties for card detection (broken-cd, cd-gpios,
non-removable)
- Don't poll non-removable devices
- Fixup/rework eMMC sleep mode/"power off notify" feature
- Support eMMC background operations (BKOPS). To set the one-time
programmable fuse that enables bkops on an eMMC that doesn't
already have it set, you can use the "mmc bkops enable" command in:
git://git.kernel.org/pub/scm/linux/kernel/git/cjb/mmc-utils.git
Drivers:
- atmel-mci, dw_mmc, pxa-mci, dove, s3c, spear: Add device tree
support
- bfin_sdh: Add support for the controller in bf60x
- dw_mmc: Support Samsung Exynos SoCs
- eSDHC: Add ADMA support
- sdhci: Support testing a cd-gpio (from slot-gpio) instead of
presence bit
- sdhci-pltfm: Support broken-cd DT property
- tegra: Convert to only supporting DT (mach-tegra has gone DT-only)"
* tag 'mmc-merge-for-3.7-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/cjb/mmc: (67 commits)
mmc: core: Fixup broken suspend and eMMC4.5 power off notify
mmc: sdhci-spear: Add clk_{un}prepare() support
mmc: sdhci-spear: add device tree bindings
mmc: sdhci-s3c: Add clk_(enable/disable) in runtime suspend/resume
mmc: core: Replace MMC_CAP2_BROKEN_VOLTAGE with test for fixed regulator
mmc: sdhci-pxav3: Use sdhci_get_of_property for parsing DT quirks
mmc: dt: Support "broken-cd" property in sdhci-pltfm
mmc: sdhci-s3c: fix the wrong number of max bus clocks
mmc: sh-mmcif: avoid oops on spurious interrupts
mmc: sh-mmcif: properly handle MMC_WRITE_MULTIPLE_BLOCK completion IRQ
mmc: sdhci-s3c: Fix crash on module insertion for second time
mmc: sdhci-s3c: Enable only required bus clock
mmc: Revert "mmc: dw_mmc: Add check for IDMAC configuration"
mmc: mxcmmc: fix bug that may block a data transfer forever
mmc: omap_hsmmc: Pass on the suspend failure to the PM core
mmc: atmel-mci: AP700x PDC is not connected to MCI
mmc: atmel-mci: DMA can be used with other controllers
mmc: mmci: use clk_prepare_enable and clk_disable_unprepare
mmc: sdhci-s3c: Add device tree support
mmc: dw_mmc: add support for exynos specific implementation of dw-mshc
...
- Disable broken mtdchar mmap() on MMU systems
- Additional ECC tests for NAND flash, and some test cleanups
- New NAND and SPI chip support
- Fixes/cleanup for SH FLCTL NAND controller driver
- Improved hardware support for GPMI NAND controller
- Conversions to device-tree support for various drivers
- Removal of obsolete drivers (sbc8xxx, bcmring, etc.)
- New LPC32xx drivers for MLC and SLC NAND
- Further cleanup of NAND OOB/ECC handling
- UAPI cleanup merge from David Howells (just moving files, since MTD
headers were sorted out long ago to separate user-visible from kernel
bits)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEABECAAYFAlB0OosACgkQdwG7hYl686OSPACeKLrlHmyG8KXgAqcGZwAj1RM+
X9YAoI2Kd6Sz8v6sLbJidnxUBr/oJVa8
=/kFV
-----END PGP SIGNATURE-----
Merge tag 'for-linus-20121009' of git://git.infradead.org/mtd-2.6
Pull MTD updates from David Woodhouse:
- Disable broken mtdchar mmap() on MMU systems
- Additional ECC tests for NAND flash, and some test cleanups
- New NAND and SPI chip support
- Fixes/cleanup for SH FLCTL NAND controller driver
- Improved hardware support for GPMI NAND controller
- Conversions to device-tree support for various drivers
- Removal of obsolete drivers (sbc8xxx, bcmring, etc.)
- New LPC32xx drivers for MLC and SLC NAND
- Further cleanup of NAND OOB/ECC handling
- UAPI cleanup merge from David Howells (just moving files, since MTD
headers were sorted out long ago to separate user-visible from kernel
bits)
* tag 'for-linus-20121009' of git://git.infradead.org/mtd-2.6: (168 commits)
mtd: Disable mtdchar mmap on MMU systems
UAPI: (Scripted) Disintegrate include/mtd
mtd: nand: detect Samsung K9GBG08U0A, K9GAG08U0F ID
mtd: nand: decode Hynix MLC, 6-byte ID length
mtd: nand: increase max OOB size to 640
mtd: nand: add generic READ ID length calculation functions
mtd: nand: split simple ID decode into its own function
mtd: nand: split extended ID decoding into its own function
mtd: nand: split BB marker options decoding into its own function
mtd: nand: remove redundant ID read
mtd: nand: remove unnecessary variable
mtd: docg4: add missing HAS_IOMEM dependency
mtd: gpmi: initialize the timing registers only one time
mtd: gpmi: add EDO feature for imx6q
mtd: gpmi: do not set the default values for the extra clocks
mtd: gpmi: simplify the DLL setting code
mtd: gpmi: add a new field for HW_GPMI_CTRL1
mtd: gpmi: do not get the clock frequency in gpmi_begin()
mtd: gpmi: add a new field for HW_GPMI_TIMING1
mtd: add helpers to get the supportted ONFI timing mode
...
