Hi Alex, Mark,
Please consider following linaro-android pull request for "linux-linaro-lsk-v4.1-android" LSK branch.
I realised that my last pull request didn't get pulled in and I forgot to follow up with that too. So heads up for this pretty big pull request. Other than regular Android specific fixes, this pull request contain a lot of upstream feature/security backports from AOSP common kernel.
Build tested for arm64(defconfig + android configs), arm(vexpress + android configs) and boot tested on Qemu with Android M.
Regards, Amit Pundir
The following changes since commit 29b0ab10563704d864ecbd422ff05fd92275942c:
Merge branch 'linux-linaro-lsk-v4.1' into linux-linaro-lsk-v4.1-android (2016-10-25 12:30:40 +0800)
are available in the git repository at:
git://android.git.linaro.org/kernel/linaro-android lsk-v4.1-android
for you to fetch changes up to df6cb633a7a2af7ad86199599666c79862ac0aab:
BACKPORT: lib: harden strncpy_from_user (2016-10-28 21:11:13 +0800)
---------------------------------------------------------------- Al Viro (1): UPSTREAM: ecryptfs: fix handling of directory opening
Amit Pundir (3): ANDROID: net: fib: remove duplicate assignment ANDROID: net: core: fix UID-based routing ANDROID: base-cfg: drop SECCOMP_FILTER config
Andy Lutomirski (2): UPSTREAM: capabilities: ambient capabilities UPSTREAM: x86/uaccess: Tell the compiler that uaccess is unlikely to fault
Anson Jacob (1): usb: gadget: f_accessory: remove duplicate endpoint alloc
Ard Biesheuvel (1): BACKPORT: arm64: mm: fix location of _etext
Arnd Bergmann (1): UPSTREAM: arm64: mark cpus_have_hwcap as __maybe_unused
Arve Hjønnevåg (2): ANDROID: binder: Add strong ref checks ANDROID: binder: Clear binder and cookie when setting handle in flat binder struct
Badhri Jagan Sridharan (4): ANDROID: dm: android-verity: Verify header before fetching table ANDROID: dm: android-verity: Allow android-verity to be compiled as an independent module ANDROID: dm: Fix symbol exports for dm target callbacks ANDROID: dm: android-verity: Remove fec_header location constraint
Benjamin Tissoires (1): UPSTREAM: HID: core: prevent out-of-bound readings
Calvin Owens (1): UPSTREAM: sg: Fix double-free when drives detach during SG_IO
Dan Carpenter (1): UPSTREAM: [media] xc2028: unlock on error in xc2028_set_config()
Daniel Thompson (2): UPSTREAM: arm64: mm: Adopt new alternative assembler macros BACKPORT: arm64: kernel: Adopt new alternative assembler macros
David Ahern (2): net: diag: Add support to filter on device index net: diag: support SOCK_DESTROY for UDP sockets
David Howells (2): UPSTREAM: ASN.1: Fix non-match detection failure on data overrun UPSTREAM: KEYS: Fix ASN.1 indefinite length object parsing
Dmitry Shmidt (1): cpuset: Fix allow_attach hook for cpusets on android.
Eric Biggers (1): UPSTREAM: usercopy: avoid potentially undefined behavior in pointer math
Eric Dumazet (2): UPSTREAM: tcp: fix use after free in tcp_xmit_retransmit_queue() tun: use sk_fullsock() before reading sk->sk_tsflags
EunTaik Lee (1): UPSTREAM: staging/android/ion : fix a race condition in the ion driver
Feng Kan (1): BACKPORT: arm64: copy_to-from-in_user optimization using copy template
Hannes Frederic Sowa (1): ipv6: fix endianness error in icmpv6_err
Heiko Carstens (1): UPSTREAM: vmlinux.lds.h: allow arch specific handling of ro_after_init data section
Jaganath Kanakkassery (1): UPSTREAM: Bluetooth: Fix potential NULL dereference in RFCOMM bind callback
James Carr (1): Implement memory_state_time, used by qcom,cpubw
James Morse (2): BACKPORT: arm64: cpufeature: Change read_cpuid() to use sysreg's mrs_s macro UPSTREAM: arm64: add ARMv8.2 id_aa64mmfr2 boiler plate
Janet Liu (2): UPSTREAM: arm64: kernel thread don't need to save fpsimd context. UPSTREAM: arm64: fix bug for reloading FPSIMD state after CPU hotplug.
Jann Horn (1): UPSTREAM: sched: panic on corrupted stack end
Jeff Vander Stoep (1): android-recommended.cfg: enable fstack-protector-strong
Jiri Olsa (2): UPSTREAM: fs/proc/kcore.c: Make bounce buffer global for read UPSTREAM: fs/proc/kcore.c: Add bounce buffer for ktext data
Jisheng Zhang (1): BACKPORT: arm64: add __init/__initdata section marker to some functions/variables
Jonas Rabenstein (1): BACKPORT: arm64: remove dead-code depending on CONFIG_UP_LATE_INIT
Joonsoo Kim (1): UPSTREAM: mm/slub: support left redzone
Josh Poimboeuf (1): UPSTREAM: usercopy: fix overlap check for kernel text
Julia Lawall (1): ANDROID: sdcardfs: fix itnull.cocci warnings
Jungseung Lee (1): UPSTREAM: ARM: 8494/1: mm: Enable PXN when running non-LPAE kernel on LPAE processor
Kees Cook (12): BACKPORT: ARM: 8583/1: mm: fix location of _etext BACKPORT: mm: Implement stack frame object validation BACKPORT: mm: Hardened usercopy BACKPORT: x86/uaccess: Enable hardened usercopy BACKPORT: ARM: uaccess: Enable hardened usercopy BACKPORT: arm64/uaccess: Enable hardened usercopy UPSTREAM: mm: SLAB hardened usercopy support UPSTREAM: mm: SLUB hardened usercopy support UPSTREAM: x86/uaccess: force copy_*_user() to be inlined BACKPORT: usercopy: fold builtin_const check into inline function UPSTREAM: usercopy: force check_object_size() inline UPSTREAM: usercopy: remove page-spanning test for now
Laura Abbott (2): UPSTREAM: mm: Add is_migrate_cma_page BACKPORT: arm64: Correctly bounds check virt_addr_valid
Linus Torvalds (6): BACKPORT: Add 'unsafe' user access functions for batched accesses UPSTREAM: Use the new batched user accesses in generic user string handling UPSTREAM: unsafe_[get|put]_user: change interface to use a error target label UPSTREAM: Make the hardened user-copy code depend on having a hardened allocator UPSTREAM: x86: reorganize SMAP handling in user space accesses BACKPORT: x86: fix SMAP in 32-bit environments
Lorenzo Colitti (5): net: ipv6: Fix ping to link-local addresses. net: diag: slightly refactor the inet_diag_bc_audit error checks. net: diag: allow socket bytecode filters to match socket marks net: diag: make udp_diag_destroy work for mapped addresses. net: inet: diag: expose the socket mark to privileged processes.
Marc Zyngier (2): UPSTREAM: arm64: insn: Add aarch64_{get,set}_branch_offset UPSTREAM: arm64: alternative: Allow immediate branch as alternative instruction
Mark Rutland (1): BACKPORT: lib: harden strncpy_from_user
Mark Salyzyn (1): FROMLIST: pstore: drop pmsg bounce buffer
Mauro Carvalho Chehab (1): UPSTREAM: [media] xc2028: avoid use after free
Mohamad Ayyash (1): BACKPORT: Don't show empty tag stats for unprivileged uids
Mohan Srinivasan (4): Android: MMC/UFS IO Latency Histograms. Android: Fix build breakages. ANDROID: fs: FS tracepoints to track IO. ANDROID : MMC : Build failure fixes.
Paul Moore (1): BACKPORT: audit: consistently record PIDs with task_tgid_nr()
Peter Hurley (1): UPSTREAM: tty: Prevent ldisc drivers from re-using stale tty fields
Peter Zijlstra (1): UPSTREAM: perf: Fix race in swevent hash
Phil Turnbull (1): BACKPORT: netfilter: nfnetlink: correctly validate length of batch messages
Riley Andrews (2): cpuset: Add allow_attach hook for cpusets on android. cpuset: Make cpusets restore on hotplug
Sami Tolvanen (1): ANDROID: android-base: CONFIG_HARDENED_USERCOPY=y
Soheil Hassas Yeganeh (1): UPSTREAM: tun: fix transmit timestamp support
Suzuki K. Poulose (19): UPSTREAM: arm64: Delay ELF HWCAP initialisation until all CPUs are up BACKPORT: arm64: Delay cpuinfo_store_boot_cpu BACKPORT: arm64: Move cpu feature detection code BACKPORT: arm64: Move mixed endian support detection BACKPORT: arm64: Move /proc/cpuinfo handling code UPSTREAM: arm64: Handle width of a cpuid feature BACKPORT: arm64: Keep track of CPU feature registers UPSTREAM: arm64: Consolidate CPU Sanity check to CPU Feature infrastructure UPSTREAM: arm64: Read system wide CPUID value UPSTREAM: arm64: Cleanup mixed endian support detection UPSTREAM: arm64: Refactor check_cpu_capabilities UPSTREAM: arm64: Delay cpu feature capability checks BACKPORT: arm64/capabilities: Make use of system wide safe value UPSTREAM: arm64/HWCAP: Use system wide safe values UPSTREAM: arm64: Move FP/ASIMD hwcap handling to common code UPSTREAM: arm64: cpufeature: Add helpers for extracting unsigned values UPSTREAM: arm64: cpufeature: Track unsigned fields BACKPORT: arm64/debug: Make use of the system wide safe value UPSTREAM: arm64/kvm: Make use of the system wide safe values
WANG Cong (1): UPSTREAM: ppp: defer netns reference release for ppp channel
Will Deacon (6): UPSTREAM: arm64: cpufeature.h: add missing #include of kernel.h BACKPORT: arm64: kconfig: group the v8.1 features together BACKPORT: arm64: lse: use generic cpufeature detection for LSE atomics BACKPORT: arm64: elf: use cpuid_feature_extract_field for hwcap detection UPSTREAM: arm64: alternative: put secondary CPUs into polling loop during patch UPSTREAM: arm64: cpufeature: declare enable_cpu_capabilities as static
Winter Wang (1): UPSTREAM: usb: gadget: configfs: add mutex lock before unregister gadget
Yongqin Liu (1): ANDROID: base-cfg: enable SECCOMP config
Documentation/devicetree/bindings/misc/memory-state-time.txt | 8 + android/configs/android-base.cfg | 2 + android/configs/android-recommended.cfg | 2 + arch/Kconfig | 9 ++ arch/arm/Kconfig | 1 + arch/arm/include/asm/uaccess.h | 11 +- arch/arm/kernel/setup.c | 2 +- arch/arm/kernel/vmlinux.lds.S | 4 +- arch/arm/mm/mmu.c | 2 +- arch/arm64/Kconfig | 33 ++-- arch/arm64/include/asm/alternative.h | 3 +- arch/arm64/include/asm/cpu.h | 5 + arch/arm64/include/asm/cpufeature.h | 111 ++++++++++++- arch/arm64/include/asm/cputype.h | 35 ++-- arch/arm64/include/asm/hwcap.h | 8 + arch/arm64/include/asm/insn.h | 3 + arch/arm64/include/asm/memory.h | 6 +- arch/arm64/include/asm/processor.h | 2 +- arch/arm64/include/asm/smp_plat.h | 2 - arch/arm64/include/asm/sysreg.h | 140 +++++++++++++++- arch/arm64/include/asm/uaccess.h | 29 +++- arch/arm64/kernel/alternative.c | 100 ++++++++++-- arch/arm64/kernel/arm64ksyms.c | 4 +- arch/arm64/kernel/armv8_deprecated.c | 6 +- arch/arm64/kernel/cpu_errata.c | 2 +- arch/arm64/kernel/cpufeature.c | 858 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--- arch/arm64/kernel/cpuinfo.c | 315 ++++++++++++++++++------------------ arch/arm64/kernel/debug-monitors.c | 6 +- arch/arm64/kernel/entry.S | 26 +-- arch/arm64/kernel/fpsimd.c | 47 ++++-- arch/arm64/kernel/hw_breakpoint.c | 10 +- arch/arm64/kernel/insn.c | 60 +++++++ arch/arm64/kernel/perf_event.c | 4 +- arch/arm64/kernel/process.c | 3 +- arch/arm64/kernel/setup.c | 262 +----------------------------- arch/arm64/kernel/smp.c | 24 ++- arch/arm64/kernel/vmlinux.lds.S | 3 +- arch/arm64/kvm/reset.c | 2 +- arch/arm64/kvm/sys_regs.c | 12 +- arch/arm64/lib/copy_from_user.S | 82 +++++----- arch/arm64/lib/copy_in_user.S | 67 ++++---- arch/arm64/lib/copy_to_user.S | 71 +++++---- arch/arm64/mm/cache.S | 7 +- arch/arm64/mm/context.c | 2 +- arch/arm64/mm/dma-mapping.c | 2 +- arch/arm64/mm/fault.c | 2 +- arch/arm64/mm/init.c | 6 +- arch/arm64/mm/mmu.c | 4 +- arch/x86/Kconfig | 2 + arch/x86/include/asm/thread_info.h | 44 +++++ arch/x86/include/asm/uaccess.h | 100 ++++++++---- arch/x86/include/asm/uaccess_32.h | 26 +++ arch/x86/include/asm/uaccess_64.h | 96 +++++++---- block/blk-core.c | 84 ++++++++++ drivers/android/binder.c | 31 ++-- drivers/hid/hid-core.c | 3 + drivers/md/Kconfig | 3 +- drivers/md/Makefile | 5 +- drivers/md/dm-android-verity.c | 145 +++++++++-------- drivers/md/dm-linear.c | 7 + drivers/md/dm-verity-target.c | 8 + drivers/media/tuners/tuner-xc2028.c | 6 +- drivers/misc/Kconfig | 6 + drivers/misc/Makefile | 1 + drivers/misc/memory_state_time.c | 454 ++++++++++++++++++++++++++++++++++++++++++++++++++++ drivers/mmc/card/block.c | 1 - drivers/mmc/core/core.c | 72 ++++++++- drivers/mmc/core/host.c | 6 +- drivers/mmc/core/host.h | 5 + drivers/net/ppp/ppp_generic.c | 5 +- drivers/net/tun.c | 5 +- drivers/scsi/sg.c | 8 +- drivers/scsi/ufs/ufshcd.c | 81 ++++++++++ drivers/scsi/ufs/ufshcd.h | 3 + drivers/staging/android/ion/ion.c | 55 +++++-- drivers/tty/tty_ldisc.c | 7 + drivers/usb/gadget/configfs.c | 2 + drivers/usb/gadget/function/f_accessory.c | 9 -- fs/ecryptfs/file.c | 71 +++++++-- fs/ext4/inline.c | 6 + fs/ext4/inode.c | 27 ++++ fs/ext4/readpage.c | 41 ++++- fs/f2fs/data.c | 21 +++ fs/f2fs/inline.c | 11 ++ fs/mpage.c | 30 ++++ fs/proc/array.c | 5 +- fs/proc/kcore.c | 31 ++-- fs/pstore/platform.c | 36 +++++ fs/pstore/pmsg.c | 35 +--- fs/pstore/ram.c | 19 +++ fs/pstore/ram_core.c | 47 +++++- fs/sdcardfs/derived_perm.c | 2 +- include/asm-generic/vmlinux.lds.h | 10 +- include/linux/blkdev.h | 76 +++++++++ include/linux/cred.h | 8 + include/linux/inet_diag.h | 2 +- include/linux/memory-state-time.h | 42 +++++ include/linux/mmc/core.h | 2 + include/linux/mmc/host.h | 6 + include/linux/mmzone.h | 2 + include/linux/pstore.h | 11 +- include/linux/pstore_ram.h | 7 +- include/linux/slab.h | 12 ++ include/linux/slub_def.h | 1 + include/linux/thread_info.h | 25 +++ include/linux/uaccess.h | 7 + include/net/fib_rules.h | 1 - include/net/tcp.h | 2 + include/net/udp.h | 1 + include/trace/events/android_fs.h | 31 ++++ include/trace/events/android_fs_template.h | 79 +++++++++ include/uapi/linux/inet_diag.h | 15 +- include/uapi/linux/prctl.h | 7 + include/uapi/linux/rtnetlink.h | 2 +- init/Kconfig | 2 + kernel/audit.c | 8 +- kernel/auditsc.c | 12 +- kernel/cpuset.c | 51 ++++-- kernel/events/core.c | 20 +-- kernel/sched/core.c | 3 +- kernel/user_namespace.c | 1 + lib/asn1_decoder.c | 21 +-- lib/strncpy_from_user.c | 17 +- lib/strnlen_user.c | 21 ++- mm/Makefile | 4 + mm/slab.c | 30 ++++ mm/slub.c | 140 ++++++++++++---- mm/usercopy.c | 278 ++++++++++++++++++++++++++++++++ net/bluetooth/rfcomm/sock.c | 20 ++- net/ipv4/inet_diag.c | 136 ++++++++++++---- net/ipv4/udp.c | 15 ++ net/ipv4/udp_diag.c | 90 ++++++++++- net/ipv6/icmp.c | 2 +- net/ipv6/ping.c | 38 ++--- net/ipv6/udp.c | 1 + net/netfilter/nfnetlink.c | 10 +- net/netfilter/xt_qtaguid.c | 5 +- security/Kconfig | 40 +++++ security/commoncap.c | 102 ++++++++++-- security/keys/process_keys.c | 1 + security/lsm_audit.c | 4 +- 141 files changed, 4396 insertions(+), 1092 deletions(-) create mode 100644 Documentation/devicetree/bindings/misc/memory-state-time.txt create mode 100644 drivers/misc/memory_state_time.c create mode 100644 include/linux/memory-state-time.h create mode 100644 include/trace/events/android_fs.h create mode 100644 include/trace/events/android_fs_template.h create mode 100644 mm/usercopy.c