This is the start of the stable review cycle for the 4.19.120 release.
There are 46 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Sun, 03 May 2020 13:12:02 +0000.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.19.120-r…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.19.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 4.19.120-rc1
Ritesh Harjani <riteshh(a)linux.ibm.com>
ext4: check for non-zero journal inum in ext4_calculate_overhead
Yuval Basson <ybason(a)marvell.com>
qed: Fix use after free in qed_chain_free
Luke Nelson <lukenels(a)cs.washington.edu>
bpf, x86_32: Fix clobbering of dst for BPF_JSET
Sascha Hauer <s.hauer(a)pengutronix.de>
hwmon: (jc42) Fix name to have no illegal characters
Theodore Ts'o <tytso(a)mit.edu>
ext4: convert BUG_ON's to WARN_ON's in mballoc.c
Theodore Ts'o <tytso(a)mit.edu>
ext4: increase wait time needed before reuse of deleted inode numbers
yangerkun <yangerkun(a)huawei.com>
ext4: use matching invalidatepage in ext4_writepage
Fangrui Song <maskray(a)google.com>
arm64: Delete the space separator in __emit_inst
Hui Wang <hui.wang(a)canonical.com>
ALSA: hda: call runtime_allow() for all hda controllers
Juergen Gross <jgross(a)suse.com>
xen/xenbus: ensure xenbus_map_ring_valloc() returns proper grant status
Josh Poimboeuf <jpoimboe(a)redhat.com>
objtool: Support Clang non-section symbols in ORC dump
Josh Poimboeuf <jpoimboe(a)redhat.com>
objtool: Fix CONFIG_UBSAN_TRAP unreachable warnings
Bodo Stroesser <bstroesser(a)ts.fujitsu.com>
scsi: target: tcmu: reset_ring should reset TCMU_DEV_BIT_BROKEN
Bodo Stroesser <bstroesser(a)ts.fujitsu.com>
scsi: target: fix PR IN / READ FULL STATUS for FC
Roy Spliet <nouveau(a)spliet.org>
ALSA: hda: Explicitly permit using autosuspend if runtime PM is supported
Takashi Iwai <tiwai(a)suse.de>
ALSA: hda: Keep the controller initialization even if no codecs found
Darrick J. Wong <darrick.wong(a)oracle.com>
xfs: fix partially uninitialized structure in xfs_reflink_remap_extent
Olaf Hering <olaf(a)aepfle.de>
x86: hyperv: report value of misc_features
Martin Fuzzey <martin.fuzzey(a)flowbird.group>
net: fec: set GPR bit on suspend by DT configuration.
Luke Nelson <lukenels(a)cs.washington.edu>
bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B
Eric Biggers <ebiggers(a)google.com>
xfs: clear PF_MEMALLOC before exiting xfsaild thread
Yang Shi <yang.shi(a)linux.alibaba.com>
mm: shmem: disable interrupt when acquiring info->lock in userfaultfd_copy path
Luke Nelson <lukenels(a)cs.washington.edu>
bpf, x86_32: Fix incorrect encoding in BPF_LDX zero-extension
Ian Rogers <irogers(a)google.com>
perf/core: fix parent pid/tid in task exit events
Niklas Schnelle <schnelle(a)linux.ibm.com>
net/mlx5: Fix failing fw tracer allocation on s390
Toke Høiland-Jørgensen <toke(a)redhat.com>
cpumap: Avoid warning when CONFIG_DEBUG_PER_CPU_MAPS is enabled
Nicolas Saenz Julienne <nsaenzjulienne(a)suse.de>
ARM: dts: bcm283x: Disable dsi0 node
Bjorn Helgaas <bhelgaas(a)google.com>
PCI: Move Apex Edge TPU class quirk to fix BAR assignment
Kai-Heng Feng <kai.heng.feng(a)canonical.com>
PCI: Avoid ASMedia XHCI USB PME# from D0 defect
Chuck Lever <chuck.lever(a)oracle.com>
svcrdma: Fix leak of svc_rdma_recv_ctxt objects
Chuck Lever <chuck.lever(a)oracle.com>
svcrdma: Fix trace point use-after-free race
Brian Foster <bfoster(a)redhat.com>
xfs: acquire superblock freeze protection on eofblocks scans
Jason Gunthorpe <jgg(a)ziepe.ca>
net/cxgb4: Check the return from t4_query_params properly
David Howells <dhowells(a)redhat.com>
rxrpc: Fix DATA Tx to disable nofrag for UDP on AF_INET6 socket
Wolfram Sang <wsa+renesas(a)sang-engineering.com>
i2c: altera: use proper variable to hold errno
Vasily Averin <vvs(a)virtuozzo.com>
nfsd: memory corruption in nfsd4_lock()
Shengjiu Wang <shengjiu.wang(a)nxp.com>
ASoC: wm8960: Fix wrong clock after suspend & resume
Philipp Puschmann <p.puschmann(a)pironex.de>
ASoC: tas571x: disable regulators on failed probe
Stephan Gerhold <stephan(a)gerhold.net>
ASoC: q6dsp6: q6afe-dai: add missing channels to MI2S DAIs
YueHaibing <yuehaibing(a)huawei.com>
iio:ad7797: Use correct attribute_group
Nathan Chancellor <natechancellor(a)gmail.com>
usb: gadget: udc: bdc: Remove unnecessary NULL checks in bdc_req_complete
Thinh Nguyen <Thinh.Nguyen(a)synopsys.com>
usb: dwc3: gadget: Do link recovery for SS and SSP
Tyler Hicks <tyhicks(a)canonical.com>
binder: take read mode of mmap_sem in binder_alloc_free_page()
Christian Borntraeger <borntraeger(a)de.ibm.com>
include/uapi/linux/swab.h: fix userspace breakage, use __BITS_PER_LONG for swap
Liu Jian <liujian56(a)huawei.com>
mtd: cfi: fix deadloop in cfi_cmdset_0002.c do_write_buffer
Clement Leger <cleger(a)kalray.eu>
remoteproc: Fix wrong rvring index computation
-------------
Diffstat:
Makefile | 4 +-
arch/arm/boot/dts/bcm283x.dtsi | 1 +
arch/arm64/include/asm/sysreg.h | 4 +-
arch/x86/kernel/cpu/mshyperv.c | 4 +-
arch/x86/net/bpf_jit_comp.c | 18 ++-
arch/x86/net/bpf_jit_comp32.c | 24 +++-
drivers/android/binder_alloc.c | 8 +-
drivers/hwmon/jc42.c | 2 +-
drivers/i2c/busses/i2c-altera.c | 9 +-
drivers/iio/adc/ad7793.c | 2 +-
drivers/mtd/chips/cfi_cmdset_0002.c | 6 +-
drivers/net/ethernet/chelsio/cxgb4/t4_hw.c | 2 +-
drivers/net/ethernet/freescale/fec.h | 7 +
drivers/net/ethernet/freescale/fec_main.c | 149 +++++++++++++++++----
.../ethernet/mellanox/mlx5/core/diag/fw_tracer.c | 6 +-
drivers/net/ethernet/qlogic/qed/qed_dev.c | 38 +++---
drivers/pci/quirks.c | 18 +++
drivers/remoteproc/remoteproc_core.c | 2 +-
drivers/staging/gasket/apex_driver.c | 7 -
drivers/target/target_core_fabric_lib.c | 2 +-
drivers/target/target_core_user.c | 1 +
drivers/usb/dwc3/gadget.c | 8 +-
drivers/usb/gadget/udc/bdc/bdc_ep.c | 2 +-
drivers/xen/xenbus/xenbus_client.c | 9 +-
fs/ext4/ialloc.c | 2 +-
fs/ext4/inode.c | 2 +-
fs/ext4/mballoc.c | 6 +-
fs/ext4/super.c | 3 +-
fs/nfsd/nfs4state.c | 2 +
fs/xfs/xfs_icache.c | 10 ++
fs/xfs/xfs_ioctl.c | 5 +-
fs/xfs/xfs_reflink.c | 1 +
fs/xfs/xfs_trans_ail.c | 4 +-
include/linux/qed/qed_chain.h | 24 ++--
include/linux/sunrpc/svc_rdma.h | 1 +
include/trace/events/rpcrdma.h | 50 +++++--
include/uapi/linux/swab.h | 4 +-
kernel/bpf/cpumap.c | 2 +-
kernel/events/core.c | 13 +-
mm/shmem.c | 4 +-
net/rxrpc/local_object.c | 9 --
net/rxrpc/output.c | 44 ++----
net/sunrpc/svc_xprt.c | 3 -
net/sunrpc/svcsock.c | 4 +
net/sunrpc/xprtrdma/svc_rdma_recvfrom.c | 22 +++
net/sunrpc/xprtrdma/svc_rdma_rw.c | 3 +-
net/sunrpc/xprtrdma/svc_rdma_sendto.c | 29 ++--
net/sunrpc/xprtrdma/svc_rdma_transport.c | 5 -
sound/pci/hda/hda_intel.c | 17 ++-
sound/soc/codecs/tas571x.c | 20 ++-
sound/soc/codecs/wm8960.c | 3 +-
sound/soc/qcom/qdsp6/q6afe-dai.c | 16 +++
tools/objtool/check.c | 17 ++-
tools/objtool/orc_dump.c | 44 +++---
54 files changed, 467 insertions(+), 235 deletions(-)
From: Eric Biggers <ebiggers(a)google.com>
The AES library code (which originally came from crypto/aes_ti.c) is
supposed to be constant-time, to the extent possible for a C
implementation. But the hardening measure of disabling interrupts while
the S-box is loaded into cache was not included in the library version;
it was left only in the crypto API wrapper in crypto/aes_ti.c.
Move this logic into the library version so that everyone gets it.
Fixes: e59c1c987456 ("crypto: aes - create AES library based on the fixed time AES code")
Cc: <stable(a)vger.kernel.org> # v5.4+
Cc: Ard Biesheuvel <ardb(a)kernel.org>
Signed-off-by: Eric Biggers <ebiggers(a)google.com>
---
crypto/aes_ti.c | 18 ------------------
lib/crypto/aes.c | 18 ++++++++++++++++++
2 files changed, 18 insertions(+), 18 deletions(-)
diff --git a/crypto/aes_ti.c b/crypto/aes_ti.c
index 205c2c257d4926..121f36621d6dcf 100644
--- a/crypto/aes_ti.c
+++ b/crypto/aes_ti.c
@@ -20,33 +20,15 @@ static int aesti_set_key(struct crypto_tfm *tfm, const u8 *in_key,
static void aesti_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
{
const struct crypto_aes_ctx *ctx = crypto_tfm_ctx(tfm);
- unsigned long flags;
-
- /*
- * Temporarily disable interrupts to avoid races where cachelines are
- * evicted when the CPU is interrupted to do something else.
- */
- local_irq_save(flags);
aes_encrypt(ctx, out, in);
-
- local_irq_restore(flags);
}
static void aesti_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
{
const struct crypto_aes_ctx *ctx = crypto_tfm_ctx(tfm);
- unsigned long flags;
-
- /*
- * Temporarily disable interrupts to avoid races where cachelines are
- * evicted when the CPU is interrupted to do something else.
- */
- local_irq_save(flags);
aes_decrypt(ctx, out, in);
-
- local_irq_restore(flags);
}
static struct crypto_alg aes_alg = {
diff --git a/lib/crypto/aes.c b/lib/crypto/aes.c
index 827fe89922fff0..029d8d0eac1f6e 100644
--- a/lib/crypto/aes.c
+++ b/lib/crypto/aes.c
@@ -260,6 +260,7 @@ void aes_encrypt(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in)
const u32 *rkp = ctx->key_enc + 4;
int rounds = 6 + ctx->key_length / 4;
u32 st0[4], st1[4];
+ unsigned long flags;
int round;
st0[0] = ctx->key_enc[0] ^ get_unaligned_le32(in);
@@ -267,6 +268,12 @@ void aes_encrypt(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in)
st0[2] = ctx->key_enc[2] ^ get_unaligned_le32(in + 8);
st0[3] = ctx->key_enc[3] ^ get_unaligned_le32(in + 12);
+ /*
+ * Temporarily disable interrupts to avoid races where cachelines are
+ * evicted when the CPU is interrupted to do something else.
+ */
+ local_irq_save(flags);
+
/*
* Force the compiler to emit data independent Sbox references,
* by xoring the input with Sbox values that are known to add up
@@ -297,6 +304,8 @@ void aes_encrypt(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in)
put_unaligned_le32(subshift(st1, 1) ^ rkp[5], out + 4);
put_unaligned_le32(subshift(st1, 2) ^ rkp[6], out + 8);
put_unaligned_le32(subshift(st1, 3) ^ rkp[7], out + 12);
+
+ local_irq_restore(flags);
}
EXPORT_SYMBOL(aes_encrypt);
@@ -311,6 +320,7 @@ void aes_decrypt(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in)
const u32 *rkp = ctx->key_dec + 4;
int rounds = 6 + ctx->key_length / 4;
u32 st0[4], st1[4];
+ unsigned long flags;
int round;
st0[0] = ctx->key_dec[0] ^ get_unaligned_le32(in);
@@ -318,6 +328,12 @@ void aes_decrypt(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in)
st0[2] = ctx->key_dec[2] ^ get_unaligned_le32(in + 8);
st0[3] = ctx->key_dec[3] ^ get_unaligned_le32(in + 12);
+ /*
+ * Temporarily disable interrupts to avoid races where cachelines are
+ * evicted when the CPU is interrupted to do something else.
+ */
+ local_irq_save(flags);
+
/*
* Force the compiler to emit data independent Sbox references,
* by xoring the input with Sbox values that are known to add up
@@ -348,6 +364,8 @@ void aes_decrypt(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in)
put_unaligned_le32(inv_subshift(st1, 1) ^ rkp[5], out + 4);
put_unaligned_le32(inv_subshift(st1, 2) ^ rkp[6], out + 8);
put_unaligned_le32(inv_subshift(st1, 3) ^ rkp[7], out + 12);
+
+ local_irq_restore(flags);
}
EXPORT_SYMBOL(aes_decrypt);
--
2.26.2