Commit 3c5af882 authored by Salvatore Bonaccorso's avatar Salvatore Bonaccorso Committed by Lorenzo "Palinuro" Faletra
Browse files

Import Debian changes 4.16.12-1

linux (4.16.12-1) unstable; urgency=medium

  * New upstream stable update:
    https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.6
    - Revert "pinctrl: intel: Initialize GPIO properly when used through
      irqchip"
    - [armhf] drm: bridge: dw-hdmi: Fix overflow workaround for Amlogic Meson
      GX SoCs
    - i40e: Fix attach VF to VM issue
    - tpm: cmd_ready command can be issued only after granting locality
    - tpm: tpm-interface: fix tpm_transmit/_cmd kdoc
    - tpm: add retry logic
    - Revert "ath10k: send (re)assoc peer command when NSS changed"
    - bonding: do not set slave_dev npinfo before slave_enable_netpoll in
      bond_enslave
    - docs: ip-sysctl.txt: fix name of some ipv6 variables
    - ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy
    - ipv6: sr: fix NULL pointer dereference in seg6_do_srh_encap()- v4 pkts
    - KEYS: DNS: limit the length of option strings
    - l2tp: check sockaddr length in pppol2tp_connect()
    - llc: delete timers synchronously in llc_sk_free()
    - net: af_packet: fix race in PACKET_{R|T}X_RING
    - net: fix deadlock while clearing neighbor proxy table
    - [arm64,armhf] net: mvpp2: Fix DMA address mask size
    - net: qmi_wwan: add Wistron Neweb D19Q1
    - net/smc: fix shutdown in state SMC_LISTEN
    - net: stmmac: Disable ACS Feature for GMAC >= 4
    - packet: fix bitfield update race
    - pppoe: check sockaddr length in pppoe_connect()
    - Revert "macsec: missing dev_put() on error in macsec_newlink()"
    - sctp: do not check port in sctp_inet6_cmp_addr
    - strparser: Do not call mod_delayed_work with a timeout of LONG_MAX
    - strparser: Fix incorrect strp->need_bytes value.
    - tcp: clear tp->packets_out when purging write queue
    - tcp: don't read out-of-bounds opsize
    - tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets
    - team: avoid adding twice the same option to the event list
    - team: fix netconsole setup over team
    - tipc: add policy for TIPC_NLA_NET_ADDR
    - vlan: Fix reading memory beyond skb->tail in skb_vlan_tagged_multi
    - vmxnet3: fix incorrect dereference when rxvlan is disabled
    - [amd64,arm64] amd-xgbe: Add pre/post auto-negotiation phy hooks
    - [amd64,arm64] amd-xgbe: Improve KR auto-negotiation and training
    - [amd64,arm64] amd-xgbe: Only use the SFP supported transceiver signals
    - net: sched: ife: signal not finding metaid
    - net: sched: ife: handle malformed tlv length
    - net: sched: ife: check on metadata length
    - l2tp: hold reference on tunnels in netlink dumps
    - l2tp: hold reference on tunnels printed in pppol2tp proc file
    - l2tp: hold reference on tunnels printed in l2tp/tunnels debugfs file
    - l2tp: fix {pppol2tp, l2tp_dfs}_seq_stop() in case of seq_file overflow
    - llc: hold llc_sap before release_sock()
    - llc: fix NULL pointer deref for SOCK_ZAPPED
    - [s390x] qeth: fix error handling in adapter command callbacks
    - [s390x] qeth: avoid control IO completion stalls
    - [s390x] qeth: handle failure on workqueue creation
    - [armhf] net: ethernet: ti: cpsw: fix tx vlan priority mapping
    - net: validate attribute sizes in neigh_dump_table()
    - bnxt_en: Fix memory fault in bnxt_ethtool_init()
    - virtio-net: add missing virtqueue kick when flushing packets
    - VSOCK: make af_vsock.ko removable again
    - net: aquantia: Regression on reset with 1.x firmware
    - tun: fix vlan packet truncation
    - net: aquantia: oops when shutdown on already stopped device
    - virtio_net: split out ctrl buffer
    - virtio_net: fix adding vids on big-endian
    - Revert "mm/hmm: fix header file if/else/endif maze"
    - commoncap: Handle memory allocation failure.
    - scsi: mptsas: Disable WRITE SAME
    - cdrom: information leak in cdrom_ioctl_media_changed() (CVE-2018-10940)
    - fsnotify: Fix fsnotify_mark_connector race
    - [m68k] mac: Don't remap SWIM MMIO region
    - [m68k] block/swim: Check drive type
    - [m68k] block/swim: Don't log an error message for an invalid ioctl
    - [m68k] block/swim: Remove extra put_disk() call from error path
    - [m68k] block/swim: Rename macros to avoid inconsistent inverted logic
    - [m68k] block/swim: Select appropriate drive on device open
    - [m68k] block/swim: Fix array bounds check
    - [m68k] block/swim: Fix IO error at end of medium
    - tracing: Fix missing tab for hwlat_detector print format
    - hwmon: (k10temp) Add temperature offset for Ryzen 2700X
    - hwmon: (k10temp) Add support for AMD Ryzen w/ Vega graphics
    - [s390x] cio: update chpid descriptor after resource accessibility event
    - [s390x] dasd: fix IO error for newly defined devices
    - [s390x] uprobes: implement arch_uretprobe_is_alive()
    - [s390x] cpum_cf: rename IBM z13/z14 counter names
    - kprobes: Fix random address output of blacklist file
    - ACPI / video: Only default only_lcd to true on Win8-ready _desktops_
    https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.7
    - ext4: prevent right-shifting extents beyond EXT_MAX_BLOCKS
    - ext4: set h_journal if there is a failure starting a reserved handle
    - ext4: add MODULE_SOFTDEP to ensure crc32c is included in the initramfs
    - random: set up the NUMA crng instances after the CRNG is fully
      initialized
    - random: fix possible sleeping allocation from irq context
    - random: rate limit unseeded randomness warnings
    - usbip: usbip_event: fix to not print kernel pointer address
    - usbip: usbip_host: fix to hold parent lock for device_attach() calls
    - usbip: vhci_hcd: Fix usb device and sockfd leaks
    - usbip: vhci_hcd: check rhport before using in vhci_hub_control()
    - Revert "xhci: plat: Register shutdown for xhci_plat"
    - xhci: Fix USB ports for Dell Inspiron 5775
    - USB: serial: simple: add libtransistor console
    - USB: serial: ftdi_sio: use jtag quirk for Arrow USB Blaster
    - USB: serial: cp210x: add ID for NI USB serial console
    - [arm64] serial: mvebu-uart: Fix local flags handling on termios update
    - usb: typec: ucsi: Increase command completion timeout value
    - usb: core: Add quirk for HP v222w 16GB Mini
    - USB: Increment wakeup count on remote wakeup.
    - ALSA: usb-audio: Skip broken EU on Dell dock USB-audio
    - virtio: add ability to iterate over vqs
    - virtio_console: don't tie bufs to a vq
    - virtio_console: free buffers after reset
    - virtio_console: drop custom control queue cleanup
    - virtio_console: move removal code
    - virtio_console: reset on out of memory
    - drm/virtio: fix vq wait_event condition
    - tty: Don't call panic() at tty_ldisc_init()
    - tty: n_gsm: Fix long delays with control frame timeouts in ADM mode
    - tty: n_gsm: Fix DLCI handling for ADM mode if debug & 2 is not set
    - tty: Avoid possible error pointer dereference at tty_ldisc_restore().
    - tty: Use __GFP_NOFAIL for tty_ldisc_get()
    - ALSA: dice: fix OUI for TC group
    - ALSA: dice: fix error path to destroy initialized stream data
    - ALSA: hda - Skip jack and others for non-existing PCM streams
    - ALSA: opl3: Hardening for potential Spectre v1
    - ALSA: asihpi: Hardening for potential Spectre v1
    - ALSA: hdspm: Hardening for potential Spectre v1
    - ALSA: rme9652: Hardening for potential Spectre v1
    - ALSA: control: Hardening for potential Spectre v1
    - ALSA: pcm: Return negative delays from SNDRV_PCM_IOCTL_DELAY.
    - ALSA: core: Report audio_tstamp in snd_pcm_sync_ptr
    - ALSA: seq: oss: Fix unbalanced use lock for synth MIDI device
    - ALSA: seq: oss: Hardening for potential Spectre v1
    - ALSA: hda: Hardening for potential Spectre v1
    - ALSA: hda/realtek - Add some fixes for ALC233
    - ALSA: hda/realtek - Update ALC255 depop optimize
    - ALSA: hda/realtek - change the location for one of two front mics
    - mtd: spi-nor: cadence-quadspi: Fix page fault kernel panic
    - mtd: cfi: cmdset_0001: Do not allow read/write to suspend erase block.
    - mtd: cfi: cmdset_0001: Workaround Micron Erase suspend bug.
    - mtd: cfi: cmdset_0002: Do not allow read/write to suspend erase block.
    - mtd: rawnand: tango: Fix struct clk memory leak
    - mtd: rawnand: marvell: fix the chip-select DT parsing logic
    - kobject: don't use WARN for registration failures
    - scsi: sd_zbc: Avoid that resetting a zone fails sporadically
    - scsi: sd: Defer spinning up drive while SANITIZE is in progress
    - blk-mq: start request gstate with gen 1
    - bfq-iosched: ensure to clear bic/bfqq pointers when preparing request
    - block: do not use interruptible wait anywhere
    - [s390x] vfio: ccw: process ssch with interrupts disabled
    - [arm64] PCI: aardvark: Fix logic in advk_pcie_{rd,wr}_conf()
    - [arm64] PCI: aardvark: Set PIO_ADDR_LS correctly in advk_pcie_rd_conf()
    - [arm64] PCI: aardvark: Use ISR1 instead of ISR0 interrupt in legacy irq
      mode
    - [arm64] PCI: aardvark: Fix PCIe Max Read Request Size setting
    - [armhf,arm64] KVM: Close VMID generation race
    - [powerpc*] mm: Flush cache on memory hot(un)plug
    - [powerpc*] mce: Fix a bug where mce loops on memory UE.
    - [powerpc*] powernv/npu: Do a PID GPU TLB flush when invalidating a large
      address range
    - crypto: drbg - set freed buffers to NULL
    - libceph: un-backoff on tick when we have a authenticated session
    - libceph: reschedule a tick in finish_hunting()
    - libceph: validate con->state at the top of try_write()
    - PCI / PM: Do not clear state_saved in pci_pm_freeze() when smart suspend
      is set
    - module: Fix display of wrong module .text address
    - earlycon: Use a pointer table to fix __earlycon_table stride
    - [powerpc*] cpufreq: powernv: Fix hardlockup due to synchronous smp_call
      in timer interrupt
    - [powerpc*] rtc: opal: Fix OPAL RTC driver OPAL_BUSY loops
    - drm/edid: Reset more of the display info
    - drm/amdgpu: set COMPUTE_PGM_RSRC1 for SGPR/VGPR clearing shaders
    - [x86] drm/i915/fbdev: Enable late fbdev initial configuration
    - [x86] drm/i915/audio: set minimum CD clock to twice the BCLK
    - [x86] drm/i915: Enable display WA#1183 from its correct spot
    - drm/amd/display: Fix deadlock when flushing irq
    - drm/amd/display: Don't read EDID in atomic_check
    - drm/amd/display: Disallow enabling CRTC without primary plane with FB
    - objtool, perf: Fix GCC 8 -Wrestrict error
    - [x86] ipc: Fix x32 version of shmid64_ds and msqid64_ds
    - [x86] smpboot: Don't use mwait_play_dead() on AMD systems
    - [x86] microcode/intel: Save microcode patch unconditionally
    - [x86] microcode: Do not exit early from __reload_late()
    - tick/sched: Do not mess with an enqueued hrtimer
    - [x86] crypto: ccp - add check to get PSP master only when PSP is
      detected
    - [armhf,arm64] KVM: Add PSCI version selection API
    https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.8
    - ACPI / button: make module loadable when booted in non-ACPI mode
    - [arm64] Add work around for Arm Cortex-A55 Erratum 1024718
    - ALSA: hda - Fix incorrect usage of IS_REACHABLE()
    - ALSA: pcm: Check PCM state at xfern compat ioctl
    - ALSA: seq: Fix races at MIDI encoding in snd_virmidi_output_trigger()
    - ALSA: dice: fix kernel NULL pointer dereference due to invalid
      calculation for array index
    - ALSA: aloop: Mark paused device as inactive
    - ALSA: aloop: Add missing cable lock to ctl API callbacks
    - errseq: Always report a writeback error once
    - tracepoint: Do not warn on ENOMEM
    - scsi: target: Fix fortify_panic kernel exception
    - Input: leds - fix out of bound access
    - Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook
      Pro
    - swiotlb: fix inversed DMA_ATTR_NO_WARN test
    - rtlwifi: cleanup 8723be ant_sel definition
    - xfs: prevent creating negative-sized file via INSERT_RANGE
    - RDMA/cxgb4: release hw resources on device removal
    - RDMA/ucma: Allow resolving address w/o specifying source address
    - RDMA/mlx5: Fix multiple NULL-ptr deref errors in rereg_mr flow
    - RDMA/mlx4: Add missed RSS hash inner header flag
    - RDMA/mlx5: Protect from shift operand overflow
    - NET: usb: qmi_wwan: add support for ublox R410M PID 0x90b2
    - IB/mlx5: Use unlimited rate when static rate is not supported
    - infiniband: mlx5: fix build errors when INFINIBAND_USER_ACCESS=m
    - IB/hfi1: Fix handling of FECN marked multicast packet
    - IB/hfi1: Fix loss of BECN with AHG
    - IB/hfi1: Fix NULL pointer dereference when invalid num_vls is used
    - iw_cxgb4: Atomically flush per QP HW CQEs
    - btrfs: Take trans lock before access running trans in check_delayed_ref
    - [arm64,armhf] drm/vc4: Make sure vc4_bo_{inc,dec}_usecnt() calls are
      balanced
    - [x86] drm/vmwgfx: Fix a buffer object leak
    - drm/bridge: vga-dac: Fix edid memory leak
    - xhci: Fix use-after-free in xhci_free_virt_device
    - USB: serial: visor: handle potential invalid device configuration
    - [arm64,armhf] usb: dwc3: gadget: Fix list_del corruption in
      dwc3_ep_dequeue
    - USB: Accept bulk endpoints with 1024-byte maxpacket
    - USB: serial: option: reimplement interface masking
    - USB: serial: option: adding support for ublox R410M
    - [arm64,armhf] usb: musb: host: fix potential NULL pointer dereference
    - [arm64, armhf] usb: musb: trace: fix NULL pointer dereference in
      musb_g_tx()
    - [x86] platform/x86: asus-wireless: Fix NULL pointer dereference
    - [x86] platform/x86: Kconfig: Fix dell-laptop dependency chain.
    - [x86] KVM: remove APIC Timer periodic/oneshot spikes
    - [x86] tsc: Always unregister clocksource_tsc_early
    - [x86] tsc: Fix mark_tsc_unstable()
    - [arm64] irqchip/qcom: Fix check for spurious interrupts
    - clocksource: Allow clocksource_mark_unstable() on unregistered
      clocksources
    - clocksource: Initialize cs->wd_list
    - clocksource: Consistent de-rate when marking unstable
    - tracing: Fix bad use of igrab in trace_uprobe.c
    https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.9
    - ipvs: fix rtnl_lock lockups caused by start_sync_thread
    - netfilter: ebtables: don't attempt to allocate 0-sized compat array
    - clk: ti: fix flag space conflict with clkctrl clocks
    - rds: tcp: must use spin_lock_irq* and not spin_lock_bh with
      rds_tcp_conn_lock
    - crypto: af_alg - fix possible uninit-value in alg_bind()
    - netlink: fix uninit-value in netlink_sendmsg
    - net: fix rtnh_ok()
    - net: initialize skb->peeked when cloning
    - net: fix uninit-value in __hw_addr_add_ex()
    - dccp: initialize ireq->ir_mark
    - ipv4: fix uninit-value in ip_route_output_key_hash_rcu()
    - soreuseport: initialise timewait reuseport field
    - inetpeer: fix uninit-value in inet_getpeer
    - bpf/tracing: fix a deadlock in perf_event_detach_bpf_prog
    - memcg: fix per_node_info cleanup
    - perf: Remove superfluous allocation error check
    - i2c: dev: prevent ZERO_SIZE_PTR deref in i2cdev_ioctl_rdwr()
    - tcp: fix TCP_REPAIR_QUEUE bound checking
    - bdi: wake up concurrent wb_shutdown() callers.
    - bdi: Fix use after free bug in debugfs_remove()
    - bdi: Fix oops in wb_workfn()
    - compat: fix 4-byte infoleak via uninitialized struct field
    - gpioib: do not free unrequested descriptors
    - gpio: fix error path in lineevent_create
    - rfkill: gpio: fix memory leak in probe error path
    - libata: Apply NOLPM quirk for SanDisk SD7UB3Q*G1001 SSDs
    - dm integrity: use kvfree for kvmalloc'd memory
    - tracing: Fix regex_match_front() to not over compare the test string
    - mm: sections are not offlined during memory hotremove
    - mm, oom: fix concurrent munlock and oom reaper unmap (CVE-2018-1000200)
    - ceph: fix rsize/wsize capping in ceph_direct_read_write()
    - can: kvaser_usb: Increase correct stats counter in kvaser_usb_rx_can_msg()
    - [armhf,arm64] drm/vc4: Fix scaling of uni-planar formats
    - drm/ttm: Use GFP_TRANSHUGE_LIGHT for allocating huge pages
    - [x86] drm/i915: Fix drm:intel_enable_lvds ERROR message in kernel log
    - [x86] drm/i915: Adjust eDP's logical vco in a reliable place.
    - drm/nouveau: Fix deadlock in nv50_mstm_register_connector()
      (Closes: #898825)
    - drm/nouveau/ttm: don't dereference nvbo::cli, it can outlive client
    - drm/atomic: Clean old_state/new_state in drm_atomic_state_default_clear()
    - drm/atomic: Clean private obj old_state/new_state in
      drm_atomic_state_default_clear()
    - net: atm: Fix potential Spectre v1
    - atm: zatm: Fix potential Spectre v1
    - PCI / PM: Always check PME wakeup capability for runtime wakeup support
    - PCI / PM: Check device_may_wakeup() in pci_enable_wake()
    - cpufreq: schedutil: Avoid using invalid next_freq
    - Revert "Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174"
    - [x86] Bluetooth: btusb: Add Dell XPS 13 9360 to
      btusb_needs_reset_resume_table
    - Bluetooth: btusb: Only check needs_reset_resume DMI table for QCA rome
      chipsets
    - [armhf] thermal: exynos: Reading temperature makes sense only when TMU is
      turned on
    - [armhf] thermal: exynos: Propagate error value from tmu_read()
    - nvme: add quirk to force medium priority for SQ creation
    - nvme: Fix sync controller reset return
    - smb3: directory sync should not return an error
    - swiotlb: silent unwanted warning "buffer is full"
    - sched/core: Fix possible Spectre-v1 indexing for sched_prio_to_weight[]
    - sched/autogroup: Fix possible Spectre-v1 indexing for
      sched_prio_to_weight[]
    - tracing/uprobe_event: Fix strncpy corner case
    - [x86] perf: Fix possible Spectre-v1 indexing for hw_perf_event cache_*
    - [x86] perf/cstate: Fix possible Spectre-v1 indexing for pkg_msr
    - [x86] perf/msr: Fix possible Spectre-v1 indexing in the MSR driver
    - perf/core: Fix possible Spectre-v1 indexing for ->aux_pages[]
    - [x86] perf: Fix possible Spectre-v1 indexing for x86_pmu::event_map()
    https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.10
    - 8139too: Use disable_irq_nosync() in rtl8139_poll_controller()
    - bridge: check iface upper dev when setting master via ioctl
    - dccp: fix tasklet usage
    - ipv4: fix fnhe usage by non-cached routes
    - ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg
    - llc: better deal with too small mtu
    - net: ethernet: sun: niu set correct packet size in skb
    - [armhf] net: ethernet: ti: cpsw: fix packet leaking in dual_mac mode
    - net/mlx4_en: Fix an error handling path in 'mlx4_en_init_netdev()'
    - net/mlx4_en: Verify coalescing parameters are in range
    - net/mlx5e: Err if asked to offload TC match on frag being first
    - net/mlx5: E-Switch, Include VF RDMA stats in vport statistics
    - net sched actions: fix refcnt leak in skbmod
    - net_sched: fq: take care of throttled flows before reuse
    - net: support compat 64-bit time in {s,g}etsockopt
    - openvswitch: Don't swap table in nlattr_set() after OVS_ATTR_NESTED is
      found
    - qmi_wwan: do not steal interfaces from class drivers
    - r8169: fix powering up RTL8168h
    - rds: do not leak kernel memory to user land
    - sctp: delay the authentication for the duplicated cookie-echo chunk
    - sctp: fix the issue that the cookie-ack with auth can't get processed
    - sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr
    - sctp: remove sctp_chunk_put from fail_mark err path in
      sctp_ulpevent_make_rcvmsg
    - sctp: use the old asoc when making the cookie-ack chunk in dupcook_d
    - tcp_bbr: fix to zero idle_restart only upon S/ACKed data
    - tcp: ignore Fast Open on repair mode
    - tg3: Fix vunmap() BUG_ON() triggered from tg3_free_consistent().
    - bonding: do not allow rlb updates to invalid mac
    - bonding: send learning packets for vlans on slave
    - net: sched: fix error path in tcf_proto_create() when modules are not
      configured
    - net/mlx5e: TX, Use correct counter in dma_map error flow
    - net/mlx5: Avoid cleaning flow steering table twice during error flow
    - [x86] hv_netvsc: set master device
    - ipv6: fix uninit-value in ip6_multipath_l3_keys()
    - net/mlx5e: Allow offloading ipv4 header re-write for icmp
    - udp: fix SO_BINDTODEVICE
    - net/mlx5e: DCBNL fix min inline header size for dscp
    - sctp: clear the new asoc's stream outcnt in sctp_stream_update
    - tcp: restore autocorking
    - tipc: fix one byte leak in tipc_sk_set_orig_addr()
    - [x86] hv_netvsc: Fix net device attach on older Windows hosts
    - ipv4: reset fnhe_mtu_locked after cache route flushed
    - net/mlx5: Fix mlx5_get_vector_affinity function
    - net: phy: sfp: fix the BR,min computation
    - net/smc: keep clcsock reference in smc_tcp_listen_work()
    - scsi: aacraid: Correct hba_send to include iu_type
    - proc: do not access cmdline nor environ from file-backed areas
      (CVE-2018-1120)
    https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.11
    - xhci: Fix USB3 NULL pointer dereference at logical disconnect.
    - usbip: usbip_host: refine probe and disconnect debug msgs to be useful
    - usbip: usbip_host: delete device from busid_table after rebind
    - usbip: usbip_host: run rebind from exit when module is removed
    - usbip: usbip_host: fix NULL-ptr deref and use-after-free errors
    - usbip: usbip_host: fix bad unlock balance during stub_probe()
    - ALSA: usb: mixer: volume quirk for CM102-A+/102S+
    - ALSA: hda/realtek - Clevo P950ER ALC1220 Fixup
    - ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist
    - ALSA: control: fix a redundant-copy issue
    - [amd64] spi: pxa2xx: Allow 64-bit DMA
    - KVM: vmx: update sec exec controls for UMIP iff emulating UMIP
    - [armhf,arm64] KVM: Properly protect VGIC locks from IRQs
    - [armhf,arm64] KVM: VGIC/ITS: Promote irq_lock() in update_affinity
    - [armhf,arm64] KVM: VGIC/ITS save/restore: protect kvm_read_guest() calls
    - [armhf,arm64] KVM: VGIC/ITS: protect kvm_read_guest() calls with SRCU
      lock
    - hwmon: (k10temp) Fix reading critical temperature register
    - hwmon: (k10temp) Use API function to access System Management Network
    - [s390x] vfio: ccw: fix cleanup if cp_prefetch fails
    - tracing/x86/xen: Remove zero data size trace events
      trace_xen_mmu_flush_tlb{_all}
    - vsprintf: Replace memory barrier with static_key for random_ptr_key
      update
    - [x86] amd_nb: Add support for Raven Ridge CPUs
    - [arm64] tee: shm: fix use-after-free via temporarily dropped reference
    - netfilter: nf_tables: free set name in error path
    - netfilter: nf_tables: can't fail after linking rule into active rule
      list
    - netfilter: nf_tables: nf_tables_obj_lookup_byhandle() can be static
    - [arm64] dts: marvell: armada-cp110: Add clocks for the xmdio node
    - [arm64] dts: marvell: armada-cp110: Add mg_core_clk for ethernet node
    - i2c: designware: fix poll-after-enable regression
    - mtd: rawnand: marvell: Fix read logic for layouts with ->nchunks > 2
    - [powerpc*] powerpc/powernv: Fix NVRAM sleep in invalid context when
      crashing
    - drm: Match sysfs name in link removal to link creation
    - radix tree: fix multi-order iteration race
    - mm: don't allow deferred pages with NEED_PER_CPU_KM
    - [x86] drm/i915/gen9: Add WaClearHIZ_WM_CHICKEN3 for bxt and glk
    - [s390x] qdio: fix access to uninitialized qdio_q fields
    - [s390x] cpum_sf: ensure sample frequency of perf event attributes is
      non-zero
    - [s390x] qdio: don't release memory in qdio_setup_irq()
    - [s390x] remove indirect branch from do_softirq_own_stack
    - bcache: return 0 from bch_debug_init() if CONFIG_DEBUG_FS=n
    - [x86] pkeys: Override pkey when moving away from PROT_EXEC
    - [x86] pkeys: Do not special case protection key 0
    - efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32'
      definition for mixed mode
    - [arm*] 8771/1: kprobes: Prohibit kprobes on do_undefinstr
    - [x86] apic/x2apic: Initialize cluster ID properly
    - [x86] mm: Drop TS_COMPAT on 64-bit exec() syscall
    - tick/broadcast: Use for_each_cpu() specially on UP kernels
    - [arm*] 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed
    - [arm*] 8770/1: kprobes: Prohibit probing on optimized_callback
    - [arm*] 8772/1: kprobes: Prohibit kprobes on get_user functions
    - Btrfs: fix xattr loss after power failure
    - Btrfs: send, fix invalid access to commit roots due to concurrent
      snapshotting
    - btrfs: property: Set incompat flag if lzo/zstd compression is set
    - btrfs: fix crash when trying to resume balance without the resume flag
    - btrfs: Split btrfs_del_delalloc_inode into 2 functions
    - btrfs: Fix delalloc inodes invalidation during transaction abort
    - btrfs: fix reading stale metadata blocks after degraded raid1 mounts
    - x86/nospec: Simplify alternative_msr_write()
    - x86/bugs: Concentrate bug detection into a separate function
    - x86/bugs: Concentrate bug reporting into a separate function
    - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
    - x86/bugs, KVM: Support the combination of guest and host IBRS
    - x86/bugs: Expose /sys/../spec_store_bypass
    - x86/cpufeatures: Add X86_FEATURE_RDS
    - x86/bugs: Provide boot parameters for the spec_store_bypass_disable
      mitigation
    - x86/bugs/intel: Set proper CPU features and setup RDS
    - x86/bugs: Whitelist allowed SPEC_CTRL MSR values
    - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
    - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
    - x86/speculation: Create spec-ctrl.h to avoid include hell
    - prctl: Add speculation control prctls
    - x86/process: Allow runtime control of Speculative Store Bypass
    - x86/speculation: Add prctl for Speculative Store Bypass mitigation
    - nospec: Allow getting/setting on non-current task
    - proc: Provide details on speculation flaw mitigations
    - seccomp: Enable speculation flaw mitigations
    - x86/bugs: Make boot modes __ro_after_init
    - prctl: Add force disable speculation
    - seccomp: Use PR_SPEC_FORCE_DISABLE
    - seccomp: Add filter flag to opt-out of SSB mitigation
    - seccomp: Move speculation migitation control to arch code
    - x86/speculation: Make "seccomp" the default mode for Speculative Store
      Bypass
    - x86/bugs: Rename _RDS to _SSBD
    - proc: Use underscores for SSBD in 'status'
    - Documentation/spec_ctrl: Do some minor cleanups
    - x86/bugs: Fix __ssb_select_mitigation() return type
    - x86/bugs: Make cpu_show_common() static
    - x86/bugs: Fix the parameters alignment and missing void
    - x86/cpu: Make alternative_msr_write work for 32-bit code
    - KVM: SVM: Move spec control call after restore of GS
    - x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP
    - x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS
    - x86/cpufeatures: Disentangle SSBD enumeration
    - x86/cpufeatures: Add FEATURE_ZEN
    - x86/speculation: Handle HT correctly on AMD
    - x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL
    - x86/speculation: Add virtualized speculative store bypass disable
      support
    - x86/speculation: Rework speculative_store_bypass_update()
    - x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host}
    - x86/bugs: Expose x86_spec_ctrl_base directly
    - x86/bugs: Remove x86_spec_ctrl_set()
    - x86/bugs: Rework spec_ctrl base and mask logic
    - x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG
    - KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD
    - x86/bugs: Rename SSBD_NO to SSB_NO
    - bpf: Prevent memory disambiguation attack
    https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.12
    - net/mlx5: Fix build break when CONFIG_SMP=n
    - net: Fix a bug in removing queues from XPS map
    - net/mlx4_core: Fix error handling in mlx4_init_port_info.
    - net/sched: fix refcnt leak in the error path of tcf_vlan_init()
    - net: sched: red: avoid hashing NULL child
    - net/smc: check for missing nlattrs in SMC_PNETID messages
    - net: test tailroom before appending to linear skb
    - packet: in packet_snd start writing at link layer allocation
    - sock_diag: fix use-after-free read in __sk_free
    - tcp: purge write queue in tcp_connect_init()
    - tun: fix use after free for ptr_ring
    - tuntap: fix use after free during release
    - cxgb4: Correct ntuple mask validation for hash filters
    - [armhf] net: dsa: bcm_sf2: Fix RX_CLS_LOC_ANY overwrite for last rule
    - net: dsa: Do not register devlink for unused ports
    - [armhf] net: dsa: bcm_sf2: Fix IPv6 rules and chain ID
    - [armhf] net: dsa: bcm_sf2: Fix IPv6 rule half deletion
    - 3c59x: convert to generic DMA API
    - cxgb4: fix offset in collecting TX rate limit info
    - vmxnet3: set the DMA mask before the first DMA map operation
    - vmxnet3: use DMA memory barriers where required
    - net: ip6_gre: Request headroom in __gre6_xmit()
    - net: ip6_gre: Fix headroom request in ip6erspan_tunnel_xmit()
    - net: ip6_gre: Split up ip6gre_tnl_link_config()
    - net: ip6_gre: Split up ip6gre_tnl_change()
    - net: ip6_gre: Split up ip6gre_newlink()
    - net: ip6_gre: Split up ip6gre_changelink()
    - net: ip6_gre: Fix ip6erspan hlen calculation
    - net: ip6_gre: fix tunnel metadata device sharing.
    - [sparc*]: vio: use put_device() instead of kfree()
    - ext2: fix a block leak
    - [powerpc*] rfi-flush: Always enable fallback flush on pseries
    - [powerpc*] Add security feature flags for Spectre/Meltdown
    - [powerpc*] pseries: Add new H_GET_CPU_CHARACTERISTICS flags
    - [powerpc*] pseries: Set or clear security feature flags
    - [powerpc*] powerpc/powernv: Set or clear security feature flags
    - [powerpc*] powerpc/64s: Move cpu_show_meltdown()
    - [powerpc*] powerpc/64s: Enhance the information in cpu_show_meltdown()
    - [powerpc*] powerpc/powernv: Use the security flags in
      pnv_setup_rfi_flush()
    - [powerpc*] powerpc/pseries: Use the security flags in
      pseries_setup_rfi_flush()
    - [powerpc*] powerpc/64s: Wire up cpu_show_spectre_v1()
    - [powerpc*] powerpc/64s: Wire up cpu_show_spectre_v2()
    - [powerpc*] powerpc/pseries: Fix clearing of security feature flags
    - [powerpc*] powerpc: Move default security feature flags
    - [powerpc*] powerpc/64s: Add support for a store forwarding barrier at
      kernel entry/exit
    - [s390x] move nobp parameter functions to nospec-branch.c
    - [s390x] add automatic detection of the spectre defense
    - [s390x] report spectre mitigation via syslog
    - [s390x] add sysfs attributes for spectre
    - [s390x] add assembler macros for CPU alternatives
    - [s390x] correct nospec auto detection init order
    - [s390x] correct module section names for expoline code revert
    - [s390x] move expoline assembler macros to a header
    - [s390x] crc32-vx: use expoline for indirect branches
    - [s390x] lib: use expoline for indirect branches
    - [s390x] ftrace: use expoline for indirect branches
    - [s390x] kernel: use expoline for indirect branches
    - [s390x] move spectre sysfs attribute code
    - [s390x] extend expoline to BC instructions
    - [s390x] use expoline thunks in the BPF JIT
    - scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()
    - [s390x] scsi: zfcp: fix infinite iteration on ERP ready list
    - Bluetooth: btusb: Add USB ID 7392:a611 for Edimax EW-7611ULB
    - ALSA: usb-audio: Add native DSD support for Luxman DA-06
    - [arm64,armhf] usb: dwc3: Add SoftReset PHY synchonization delay
    - [arm64,armhf] usb: dwc3: Update DWC_usb31 GTXFIFOSIZ reg fields
    - [arm64,armhf] usb: dwc3: Makefile: fix link error on randconfig
    - xhci: zero usb device slot_id member when disabling and freeing a xhci slot
    - [arm64,armhf] usb: dwc2: Fix interval type issue
    - [arm64,armhf] usb: dwc2: hcd: Fix host channel halt flow
    - [arm64,armhf] usb: dwc2: host: Fix transaction errors in host mode
    - usbip: Correct maximum value of CONFIG_USBIP_VHCI_HC_PORTS
    - media: em28xx: USB bulk packet size fix
    - Bluetooth: btusb: Add device ID for RTL8822BE
    - Bluetooth: btusb: Add support for Intel Bluetooth device 22560
      [8087:0026]
    - xhci: Show what USB release number the xHC supports from protocol
      capablity
    - loop: don't call into filesystem while holding lo_ctl_mutex
    - loop: fix LOOP_GET_STATUS lock imbalance
    - cfg80211: limit wiphy names to 128 bytes
    - hfsplus: stop workqueue when fill_super() failed
    - [x86] kexec: Avoid double free_page() upon do_kexec_load() failure
    - staging: bcm2835-audio: Release resources on module_exit()
    - staging: lustre: fix bug in osc_enter_cache_try
    - [x86] staging: rtl8192u: return -ENOMEM on failed allocation of
      priv->oldaddr
    - staging: lustre: lmv: correctly iput lmo_root
    - [arm64] crypto: inside-secure - move the digest to the request context
    - [arm64] crypto: inside-secure - wait for the request to complete if in
      the backlog
    - [x86] crypto: ccp - don't disable interrupts while setting up debugfs
    - [arm64] crypto: inside-secure - do not process request if no command was
      issued
    - [arm64] crypto: inside-secure - fix the cache_len computation
    - [arm64] crypto: inside-secure - fix the extra cache computation
    - [arm64] crypto: inside-secure - do not overwrite the threshold value
    - [armhf] crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss
    - [arm64] crypto: inside-secure - fix the invalidation step during
      cra_exit
    - scsi: aacraid: Insure command thread is not recursively stopped
    - scsi: devinfo: add HP DISK-SUBSYSTEM device, for HP XP arrays
    - scsi: lpfc: Fix NVME Initiator FirstBurst
    - scsi: core: Make SCSI Status CONDITION MET equivalent to GOOD
    - scsi: mvsas: fix wrong endianness of sgpio api
    - scsi: lpfc: Fix issue_lip if link is disabled
    - scsi: lpfc: Fix nonrecovery of NVME controller after cable swap.
    - scsi: lpfc: Fix soft lockup in lpfc worker thread during LIP testing
    - scsi: lpfc: Fix IO failure during hba reset testing with nvme io.
    - scsi: lpfc: Fix frequency of Release WQE CQEs
    - [armhf] clk: rockchip: Fix wrong parent for SDMMC phase clock for rk3228
    - clk: Don't show the incorrect clock phase
    - clk: hisilicon: mark wdt_mux_p[] as const
    - [arm64,armhf] clk: tegra: Fix pll_u rate configuration
    - [armhf] clk: rockchip: Prevent calculating mmc phase if clock rate is
      zero
    - [armhf] clk: samsung: s3c2410: Fix PLL rates
    - [armhf] clk: samsung: exynos7: Fix PLL rates
    - [armhf] clk: samsung: exynos5260: Fix PLL rates
    - [armhf] clk: samsung: exynos5433: Fix PLL rates
    - [armhf] clk: samsung: exynos5250: Fix PLL rates
    - [armhf] clk: samsung: exynos3250: Fix PLL rates
    - clk: meson: axg: fix the od shift of the sys_pll
    - clk: meson: axg: add the fractional part of the fixed_pll
    - media: cx23885: Override 888 ImpactVCBe crystal frequency
    - media: cx23885: Set subdev host data to clk_freq pointer
    - media: em28xx: Add Hauppauge SoloHD/DualHD bulk models
    - media: v4l: vsp1: Fix display stalls when requesting too many inputs
    - media: i2c: adv748x: fix HDMI field heights
    - media: vb2: Fix videobuf2 to map correct area
    - media: vivid: fix incorrect capabilities for radio
    - media: cx25821: prevent out-of-bounds read on array card
    - [arm64] serial: mvebu-uart: fix tx lost characters
    - [sh4] serial: sh-sci: Fix out-of-bounds access through DT alias
    - [armhf] serial: samsung: Fix out-of-bounds access through serial port
      index
    - [armhf] serial: imx: Fix out-of-bounds access through serial port index
    - [armhf] serial: arc_uart: Fix out-of-bounds access through DT alias
    - [arm*] serial: 8250: Don't service RX FIFO if interrupts are disabled
    - [armhf] rtc: snvs: Fix usage of snvs_rtc_enable
    - rtc: hctosys: Ensure system time doesn't overflow time_t
    - [arm64,armhf] rtc: rk808: fix possible race condition
    - [armel/marvell] rtc: m41t80: fix race conditions
    - [m68k] rtc: rp5c01: fix possible race condition

  [ Romain Perier ]
  * [armhf] DRM: Enable DW_HDMI_AHB_AUDIO and DW_HDMI_CEC (Closes: #897204)
  * [armhf] MFD: Enable MFD_TPS65217 (Closes: #897590)

  [ Ben Hutchings ]
  * kbuild: use -fmacro-prefix-map to make __FILE__ a relative path
  * Bump ABI to 2
  * [rt] Update to 4.16.8-rt3
  * [x86] KVM: VMX: Expose SSBD properly to guests.

  [ Salvatore Bonaccorso ]
  * [rt] Update to 4.16.7-rt1 and reenable
  * [rt] certs: Reference certificate for test key used in Debian signing
    service
parents 44a45543 f34edc87
...@@ -453,6 +453,7 @@ What: /sys/devices/system/cpu/vulnerabilities ...@@ -453,6 +453,7 @@ What: /sys/devices/system/cpu/vulnerabilities
/sys/devices/system/cpu/vulnerabilities/meltdown /sys/devices/system/cpu/vulnerabilities/meltdown
/sys/devices/system/cpu/vulnerabilities/spectre_v1 /sys/devices/system/cpu/vulnerabilities/spectre_v1
/sys/devices/system/cpu/vulnerabilities/spectre_v2 /sys/devices/system/cpu/vulnerabilities/spectre_v2
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass
Date: January 2018 Date: January 2018
Contact: Linux kernel mailing list <linux-kernel@vger.kernel.org> Contact: Linux kernel mailing list <linux-kernel@vger.kernel.org>
Description: Information about CPU vulnerabilities Description: Information about CPU vulnerabilities
......
...@@ -2647,6 +2647,9 @@ ...@@ -2647,6 +2647,9 @@
allow data leaks with this option, which is equivalent allow data leaks with this option, which is equivalent
to spectre_v2=off. to spectre_v2=off.
nospec_store_bypass_disable
[HW] Disable all mitigations for the Speculative Store Bypass vulnerability
noxsave [BUGS=X86] Disables x86 extended register state save noxsave [BUGS=X86] Disables x86 extended register state save
and restore using xsave. The kernel will fallback to and restore using xsave. The kernel will fallback to
enabling legacy floating-point and sse state. enabling legacy floating-point and sse state.
...@@ -3997,6 +4000,48 @@ ...@@ -3997,6 +4000,48 @@
Not specifying this option is equivalent to Not specifying this option is equivalent to
spectre_v2=auto. spectre_v2=auto.
spec_store_bypass_disable=
[HW] Control Speculative Store Bypass (SSB) Disable mitigation
(Speculative Store Bypass vulnerability)
Certain CPUs are vulnerable to an exploit against a
a common industry wide performance optimization known
as "Speculative Store Bypass" in which recent stores
to the same memory location may not be observed by
later loads during speculative execution. The idea
is that such stores are unlikely and that they can
be detected prior to instruction retirement at the
end of a particular speculation execution window.
In vulnerable processors, the speculatively forwarded
store can be used in a cache side channel attack, for
example to read memory to which the attacker does not
directly have access (e.g. inside sandboxed code).
This parameter controls whether the Speculative Store
Bypass optimization is used.
on - Unconditionally disable Speculative Store Bypass
off - Unconditionally enable Speculative Store Bypass
auto - Kernel detects whether the CPU model contains an
implementation of Speculative Store Bypass and
picks the most appropriate mitigation. If the
CPU is not vulnerable, "off" is selected. If the
CPU is vulnerable the default mitigation is
architecture and Kconfig dependent. See below.
prctl - Control Speculative Store Bypass per thread
via prctl. Speculative Store Bypass is enabled
for a process by default. The state of the control
is inherited on fork.
seccomp - Same as "prctl" above, but all seccomp threads
will disable SSB unless they explicitly opt out.
Not specifying this option is equivalent to
spec_store_bypass_disable=auto.
Default mitigations:
X86: If CONFIG_SECCOMP=y "seccomp", otherwise "prctl"
spia_io_base= [HW,MTD] spia_io_base= [HW,MTD]
spia_fio_base= spia_fio_base=
spia_pedr= spia_pedr=
......
...@@ -55,6 +55,7 @@ stable kernels. ...@@ -55,6 +55,7 @@ stable kernels.
| ARM | Cortex-A57 | #834220 | ARM64_ERRATUM_834220 | | ARM | Cortex-A57 | #834220 | ARM64_ERRATUM_834220 |
| ARM | Cortex-A72 | #853709 | N/A | | ARM | Cortex-A72 | #853709 | N/A |
| ARM | Cortex-A73 | #858921 | ARM64_ERRATUM_858921 | | ARM | Cortex-A73 | #858921 | ARM64_ERRATUM_858921 |
| ARM | Cortex-A55 | #1024718 | ARM64_ERRATUM_1024718 |
| ARM | MMU-500 | #841119,#826419 | N/A | | ARM | MMU-500 | #841119,#826419 | N/A |
| | | | | | | | | |
| Cavium | ThunderX ITS | #22375, #24313 | CAVIUM_ERRATUM_22375 | | Cavium | ThunderX ITS | #22375, #24313 | CAVIUM_ERRATUM_22375 |
......
...@@ -21,9 +21,10 @@ Required properties: ...@@ -21,9 +21,10 @@ Required properties:
- main controller clock (for both armada-375-pp2 and armada-7k-pp2) - main controller clock (for both armada-375-pp2 and armada-7k-pp2)
- GOP clock (for both armada-375-pp2 and armada-7k-pp2) - GOP clock (for both armada-375-pp2 and armada-7k-pp2)
- MG clock (only for armada-7k-pp2) - MG clock (only for armada-7k-pp2)
- MG Core clock (only for armada-7k-pp2)
- AXI clock (only for armada-7k-pp2) - AXI clock (only for armada-7k-pp2)
- clock-names: names of used clocks, must be "pp_clk", "gop_clk", "mg_clk" - clock-names: names of used clocks, must be "pp_clk", "gop_clk", "mg_clk",
and "axi_clk" (the 2 latter only for armada-7k-pp2). "mg_core_clk" and "axi_clk" (the 3 latter only for armada-7k-pp2).
The ethernet ports are represented by subnodes. At least one port is The ethernet ports are represented by subnodes. At least one port is
required. required.
...@@ -80,8 +81,8 @@ cpm_ethernet: ethernet@0 { ...@@ -80,8 +81,8 @@ cpm_ethernet: ethernet@0 {
compatible = "marvell,armada-7k-pp22"; compatible = "marvell,armada-7k-pp22";
reg = <0x0 0x100000>, <0x129000 0xb000>; reg = <0x0 0x100000>, <0x129000 0xb000>;
clocks = <&cpm_syscon0 1 3>, <&cpm_syscon0 1 9>, clocks = <&cpm_syscon0 1 3>, <&cpm_syscon0 1 9>,
<&cpm_syscon0 1 5>, <&cpm_syscon0 1 18>; <&cpm_syscon0 1 5>, <&cpm_syscon0 1 6>, <&cpm_syscon0 1 18>;
clock-names = "pp_clk", "gop_clk", "gp_clk", "axi_clk"; clock-names = "pp_clk", "gop_clk", "mg_clk", "mg_core_clk", "axi_clk";
eth0: eth0 { eth0: eth0 {
interrupts = <ICU_GRP_NSR 39 IRQ_TYPE_LEVEL_HIGH>, interrupts = <ICU_GRP_NSR 39 IRQ_TYPE_LEVEL_HIGH>,
......
...@@ -1386,26 +1386,26 @@ mld_qrv - INTEGER ...@@ -1386,26 +1386,26 @@ mld_qrv - INTEGER
Default: 2 (as specified by RFC3810 9.1) Default: 2 (as specified by RFC3810 9.1)
Minimum: 1 (as specified by RFC6636 4.5) Minimum: 1 (as specified by RFC6636 4.5)
max_dst_opts_cnt - INTEGER max_dst_opts_number - INTEGER
Maximum number of non-padding TLVs allowed in a Destination Maximum number of non-padding TLVs allowed in a Destination
options extension header. If this value is less than zero options extension header. If this value is less than zero
then unknown options are disallowed and the number of known then unknown options are disallowed and the number of known
TLVs allowed is the absolute value of this number. TLVs allowed is the absolute value of this number.
Default: 8 Default: 8
max_hbh_opts_cnt - INTEGER max_hbh_opts_number - INTEGER
Maximum number of non-padding TLVs allowed in a Hop-by-Hop Maximum number of non-padding TLVs allowed in a Hop-by-Hop
options extension header. If this value is less than zero options extension header. If this value is less than zero
then unknown options are disallowed and the number of known then unknown options are disallowed and the number of known
TLVs allowed is the absolute value of this number. TLVs allowed is the absolute value of this number.
Default: 8 Default: 8
max dst_opts_len - INTEGER max_dst_opts_length - INTEGER
Maximum length allowed for a Destination options extension Maximum length allowed for a Destination options extension
header. header.
Default: INT_MAX (unlimited) Default: INT_MAX (unlimited)
max hbh_opts_len - INTEGER max_hbh_length - INTEGER
Maximum length allowed for a Hop-by-Hop options extension Maximum length allowed for a Hop-by-Hop options extension
header. header.
Default: INT_MAX (unlimited) Default: INT_MAX (unlimited)
......
...@@ -19,6 +19,7 @@ place where this information is gathered. ...@@ -19,6 +19,7 @@ place where this information is gathered.
no_new_privs no_new_privs
seccomp_filter seccomp_filter
unshare unshare
spec_ctrl
.. only:: subproject and html .. only:: subproject and html
......
===================
Speculation Control
===================
Quite some CPUs have speculation-related misfeatures which are in
fact vulnerabilities causing data leaks in various forms even across
privilege domains.
The kernel provides mitigation for such vulnerabilities in various
forms. Some of these mitigations are compile-time configurable and some
can be supplied on the kernel command line.
There is also a class of mitigations which are very expensive, but they can
be restricted to a certain set of processes or tasks in controlled
environments. The mechanism to control these mitigations is via
:manpage:`prctl(2)`.
There are two prctl options which are related to this:
* PR_GET_SPECULATION_CTRL
* PR_SET_SPECULATION_CTRL
PR_GET_SPECULATION_CTRL
-----------------------
PR_GET_SPECULATION_CTRL returns the state of the speculation misfeature
which is selected with arg2 of prctl(2). The return value uses bits 0-3 with
the following meaning:
==== ===================== ===================================================
Bit Define Description
==== ===================== ===================================================
0 PR_SPEC_PRCTL Mitigation can be controlled per task by
PR_SET_SPECULATION_CTRL.
1 PR_SPEC_ENABLE The speculation feature is enabled, mitigation is
disabled.
2 PR_SPEC_DISABLE The speculation feature is disabled, mitigation is
enabled.
3 PR_SPEC_FORCE_DISABLE Same as PR_SPEC_DISABLE, but cannot be undone. A
subsequent prctl(..., PR_SPEC_ENABLE) will fail.
==== ===================== ===================================================
If all bits are 0 the CPU is not affected by the speculation misfeature.
If PR_SPEC_PRCTL is set, then the per-task control of the mitigation is
available. If not set, prctl(PR_SET_SPECULATION_CTRL) for the speculation
misfeature will fail.
PR_SET_SPECULATION_CTRL
-----------------------
PR_SET_SPECULATION_CTRL allows to control the speculation misfeature, which
is selected by arg2 of :manpage:`prctl(2)` per task. arg3 is used to hand
in the control value, i.e. either PR_SPEC_ENABLE or PR_SPEC_DISABLE or
PR_SPEC_FORCE_DISABLE.
Common error codes
------------------
======= =================================================================
Value Meaning
======= =================================================================
EINVAL The prctl is not implemented by the architecture or unused
prctl(2) arguments are not 0.
ENODEV arg2 is selecting a not supported speculation misfeature.
======= =================================================================
PR_SET_SPECULATION_CTRL error codes
-----------------------------------
======= =================================================================
Value Meaning
======= =================================================================
0 Success
ERANGE arg3 is incorrect, i.e. it's neither PR_SPEC_ENABLE nor
PR_SPEC_DISABLE nor PR_SPEC_FORCE_DISABLE.
ENXIO Control of the selected speculation misfeature is not possible.
See PR_GET_SPECULATION_CTRL.
EPERM Speculation was disabled with PR_SPEC_FORCE_DISABLE and caller
tried to enable it again.
======= =================================================================
Speculation misfeature controls
-------------------------------
- PR_SPEC_STORE_BYPASS: Speculative Store Bypass
Invocations:
* prctl(PR_GET_SPECULATION_CTRL, PR_SPEC_STORE_BYPASS, 0, 0, 0);
* prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_STORE_BYPASS, PR_SPEC_ENABLE, 0, 0);
* prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_STORE_BYPASS, PR_SPEC_DISABLE, 0, 0);
* prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_STORE_BYPASS, PR_SPEC_FORCE_DISABLE, 0, 0);
...@@ -1960,6 +1960,9 @@ ARM 32-bit VFP control registers have the following id bit patterns: ...@@ -1960,6 +1960,9 @@ ARM 32-bit VFP control registers have the following id bit patterns:
ARM 64-bit FP registers have the following id bit patterns: ARM 64-bit FP registers have the following id bit patterns:
0x4030 0000 0012 0 <regno:12> 0x4030 0000 0012 0 <regno:12>
ARM firmware pseudo-registers have the following bit pattern:
0x4030 0000 0014 <regno:16>
arm64 registers are mapped using the lower 32 bits. The upper 16 of arm64 registers are mapped using the lower 32 bits. The upper 16 of
that is the register group type, or coprocessor number: that is the register group type, or coprocessor number:
...@@ -1976,6 +1979,9 @@ arm64 CCSIDR registers are demultiplexed by CSSELR value: ...@@ -1976,6 +1979,9 @@ arm64 CCSIDR registers are demultiplexed by CSSELR value:
arm64 system registers have the following id bit patterns: arm64 system registers have the following id bit patterns:
0x6030 0000 0013 <op0:2> <op1:3> <crn:4> <crm:4> <op2:3> 0x6030 0000 0013 <op0:2> <op1:3> <crn:4> <crm:4> <op2:3>
arm64 firmware pseudo-registers have the following bit pattern:
0x6030 0000 0014 <regno:16>
MIPS registers are mapped using the lower 32 bits. The upper 16 of that is MIPS registers are mapped using the lower 32 bits. The upper 16 of that is
the register group type: the register group type:
...@@ -2510,7 +2516,8 @@ Possible features: ...@@ -2510,7 +2516,8 @@ Possible features:
and execute guest code when KVM_RUN is called. and execute guest code when KVM_RUN is called.
- KVM_ARM_VCPU_EL1_32BIT: Starts the CPU in a 32bit mode. - KVM_ARM_VCPU_EL1_32BIT: Starts the CPU in a 32bit mode.
Depends on KVM_CAP_ARM_EL1_32BIT (arm64 only). Depends on KVM_CAP_ARM_EL1_32BIT (arm64 only).
- KVM_ARM_VCPU_PSCI_0_2: Emulate PSCI v0.2 for the CPU. - KVM_ARM_VCPU_PSCI_0_2: Emulate PSCI v0.2 (or a future revision
backward compatible with v0.2) for the CPU.
Depends on KVM_CAP_ARM_PSCI_0_2. Depends on KVM_CAP_ARM_PSCI_0_2.
- KVM_ARM_VCPU_PMU_V3: Emulate PMUv3 for the CPU. - KVM_ARM_VCPU_PMU_V3: Emulate PMUv3 for the CPU.
Depends on KVM_CAP_ARM_PMU_V3. Depends on KVM_CAP_ARM_PMU_V3.
......
KVM implements the PSCI (Power State Coordination Interface)
specification in order to provide services such as CPU on/off, reset
and power-off to the guest.
The PSCI specification is regularly updated to provide new features,
and KVM implements these updates if they make sense from a virtualization
point of view.
This means that a guest booted on two different versions of KVM can
observe two different "firmware" revisions. This could cause issues if
a given guest is tied to a particular PSCI revision (unlikely), or if
a migration causes a different PSCI version to be exposed out of the
blue to an unsuspecting guest.
In order to remedy this situation, KVM exposes a set of "firmware
pseudo-registers" that can be manipulated using the GET/SET_ONE_REG
interface. These registers can be saved/restored by userspace, and set
to a convenient value if required.
The following register is defined:
* KVM_REG_ARM_PSCI_VERSION:
- Only valid if the vcpu has the KVM_ARM_VCPU_PSCI_0_2 feature set
(and thus has already been initialized)
- Returns the current PSCI version on GET_ONE_REG (defaulting to the
highest PSCI version implemented by KVM and compatible with v0.2)
- Allows any PSCI version implemented by KVM and compatible with
v0.2 to be set with SET_ONE_REG
- Affects the whole VM (even if the register view is per-vcpu)
# SPDX-License-Identifier: GPL-2.0 # SPDX-License-Identifier: GPL-2.0
VERSION = 4 VERSION = 4
PATCHLEVEL = 16 PATCHLEVEL = 16
SUBLEVEL = 5 SUBLEVEL = 12
EXTRAVERSION = EXTRAVERSION =
NAME = Fearless Coyote NAME = Fearless Coyote
......
...@@ -134,37 +134,37 @@ mux { ...@@ -134,37 +134,37 @@ mux {
function = "gmii"; function = "gmii";
groups = "gmii_gmac0_grp"; groups = "gmii_gmac0_grp";
}; };
/* Settings come from OpenWRT */ /* Settings come from OpenWRT, pins on SL3516 */
conf0 { conf0 {
pins = "R8 GMAC0 RXDV", "U11 GMAC1 RXDV"; pins = "V8 GMAC0 RXDV", "T10 GMAC1 RXDV";
skew-delay = <0>; skew-delay = <0>;
}; };
conf1 { conf1 {
pins = "T8 GMAC0 RXC", "T11 GMAC1 RXC"; pins = "Y7 GMAC0 RXC", "Y11 GMAC1 RXC";
skew-delay = <15>; skew-delay = <15>;
}; };
conf2 { conf2 {
pins = "P8 GMAC0 TXEN", "V11 GMAC1 TXEN"; pins = "T8 GMAC0 TXEN", "W11 GMAC1 TXEN";
skew-delay = <7>; skew-delay = <7>;
}; };
conf3 { conf3 {
pins = "V7 GMAC0 TXC"; pins = "U8 GMAC0 TXC";
skew-delay = <11>; skew-delay = <11>;
}; };
conf4 { conf4 {
pins = "P10 GMAC1 TXC"; pins = "V11 GMAC1 TXC";
skew-delay = <10>; skew-delay = <10>;
}; };
conf5 { conf5 {
/* The data lines all have default skew */ /* The data lines all have default skew */
pins = "U8 GMAC0 RXD0", "V8 GMAC0 RXD1", pins = "W8 GMAC0 RXD0", "V9 GMAC0 RXD1",
"P9 GMAC0 RXD2", "R9 GMAC0 RXD3", "Y8 GMAC0 RXD2", "U9 GMAC0 RXD3",
"U7 GMAC0 TXD0", "T7 GMAC0 TXD1", "T7 GMAC0 TXD0", "U6 GMAC0 TXD1",
"R7 GMAC0 TXD2", "P7 GMAC0 TXD3", "V7 GMAC0 TXD2", "U7 GMAC0 TXD3",
"R11 GMAC1 RXD0", "P11 GMAC1 RXD1", "Y12 GMAC1 RXD0", "V12 GMAC1 RXD1",
"V12 GMAC1 RXD2", "U12 GMAC1 RXD3", "T11 GMAC1 RXD2", "W12 GMAC1 RXD3",
"R10 GMAC1 TXD0", "T10 GMAC1 TXD1", "U10 GMAC1 TXD0", "Y10 GMAC1 TXD1",
"U10 GMAC1 TXD2", "V10 GMAC1 TXD3"; "W10 GMAC1 TXD2", "T9 GMAC1 TXD3";
skew-delay = <7>; skew-delay = <7>;
}; };
/* Set up drive strength on GMAC0 to 16 mA */ /* Set up drive strength on GMAC0 to 16 mA */
......
...@@ -303,7 +303,7 @@ wdog: wdog@53fdc000 { ...@@ -303,7 +303,7 @@ wdog: wdog@53fdc000 {
}; };
can1: can@53fe4000 { can1: can@53fe4000 {
compatible = "fsl,imx35-flexcan"; compatible = "fsl,imx35-flexcan", "fsl,imx25-flexcan";
reg = <0x53fe4000 0x1000>; reg = <0x53fe4000 0x1000>;
clocks = <&clks 33>, <&clks 33>; clocks = <&clks 33>, <&clks 33>;
clock-names = "ipg", "per"; clock-names = "ipg", "per";
...@@ -312,7 +312,7 @@ can1: can@53fe4000 { ...@@ -312,7 +312,7 @@ can1: can@53fe4000 {
}; };
can2: can@53fe8000 { can2: can@53fe8000 {
compatible = "fsl,imx35-flexcan"; compatible = "fsl,imx35-flexcan", "fsl,imx25-flexcan";
reg = <0x53fe8000 0x1000>; reg = <0x53fe8000 0x1000>;
clocks = <&clks 34>, <&clks 34>; clocks = <&clks 34>, <&clks 34>;
clock-names = "ipg", "per"; clock-names = "ipg", "per";
......
...@@ -551,7 +551,7 @@ uart2: serial@53fc0000 { ...@@ -551,7 +551,7 @@ uart2: serial@53fc0000 {
}; };
can1: can@53fc8000 { can1: can@53fc8000 {
compatible = "fsl,imx53-flexcan"; compatible = "fsl,imx53-flexcan", "fsl,imx25-flexcan";
reg = <0x53fc8000 0x4000>; reg = <0x53fc8000 0x4000>;
interrupts = <82>; interrupts = <82>;
clocks = <&clks IMX5_CLK_CAN1_IPG_GATE>, clocks = <&clks IMX5_CLK_CAN1_IPG_GATE>,
...@@ -561,7 +561,7 @@ can1: can@53fc8000 { ...@@ -561,7 +561,7 @@ can1: can@53fc8000 {
}; };
can2: can@53fcc000 { can2: can@53fcc000 {
compatible = "fsl,imx53-flexcan"; compatible = "fsl,imx53-flexcan", "fsl,imx25-flexcan";
reg = <0x53fcc000 0x4000>; reg = <0x53fcc000 0x4000>;
interrupts = <83>; interrupts = <83>;
clocks = <&clks IMX5_CLK_CAN2_IPG_GATE>, clocks = <&clks IMX5_CLK_CAN2_IPG_GATE>,
......
...@@ -57,6 +57,7 @@ CONFIG_MTD_M25P80=y ...@@ -57,6 +57,7 @@ CONFIG_MTD_M25P80=y
CONFIG_MTD_NAND=y CONFIG_MTD_NAND=y
CONFIG_MTD_NAND_DENALI_DT=y CONFIG_MTD_NAND_DENALI_DT=y
CONFIG_MTD_SPI_NOR=y CONFIG_MTD_SPI_NOR=y
# CONFIG_MTD_SPI_NOR_USE_4K_SECTORS is not set
CONFIG_SPI_CADENCE_QUADSPI=y CONFIG_SPI_CADENCE_QUADSPI=y
CONFIG_OF_OVERLAY=y CONFIG_OF_OVERLAY=y
CONFIG_OF_CONFIGFS=y CONFIG_OF_CONFIGFS=y
......
...@@ -536,4 +536,14 @@ THUMB( orr \reg , \reg , #PSR_T_BIT ) ...@@ -536,4 +536,14 @@ THUMB( orr \reg , \reg , #PSR_T_BIT )
#endif #endif
.endm .endm
#ifdef CONFIG_KPROBES
#define _ASM_NOKPROBE(entry) \
.pushsection "_kprobe_blacklist", "aw" ; \
.balign 4 ; \
.long entry; \
.popsection
#else
#define _ASM_NOKPROBE(entry)
#endif
#endif /* __ASM_ASSEMBLER_H__ */ #endif /* __ASM_ASSEMBLER_H__ */
...@@ -77,6 +77,9 @@ struct kvm_arch { ...@@ -77,6 +77,9 @@ struct kvm_arch {
/* Interrupt controller */ /* Interrupt controller */
struct vgic_dist vgic; struct vgic_dist vgic;
int max_vcpus; int max_vcpus;
/* Mandated version of PSCI */
u32 psci_version;
}; };
#define KVM_NR_MEM_OBJS 40 #define KVM_NR_MEM_OBJS 40
......
...@@ -295,6 +295,22 @@ static inline unsigned int kvm_get_vmid_bits(void) ...@@ -295,6 +295,22 @@ static inline unsigned int kvm_get_vmid_bits(void)
return 8; return 8;
} }
/*
* We are not in the kvm->srcu critical section most of the time, so we take
* the SRCU read lock here. Since we copy the data from the user page, we
* can immediately drop the lock again.
*/
static inline int kvm_read_guest_lock(struct kvm *kvm,
gpa_t gpa, void *data, unsigned long len)
{
int srcu_idx = srcu_read_lock(&kvm->srcu);
int ret = kvm_read_guest(kvm, gpa, data, len);
srcu_read_unlock(&kvm->srcu, srcu_idx);
return ret;
}
static inline void *kvm_get_hyp_vector(void) static inline void *kvm_get_hyp_vector(void)
{ {
return kvm_ksym_ref(__kvm_hyp_vector); return kvm_ksym_ref(__kvm_hyp_vector);
......
...@@ -186,6 +186,12 @@ struct kvm_arch_memory_slot { ...@@ -186,6 +186,12 @@ struct kvm_arch_memory_slot {
#define KVM_REG_ARM_VFP_FPINST 0x1009 #define KVM_REG_ARM_VFP_FPINST 0x1009
#define KVM_REG_ARM_VFP_FPINST2 0x100A #define KVM_REG_ARM_VFP_FPINST2 0x100A
/* KVM-as-firmware specific pseudo-registers */
#define KVM_REG_ARM_FW (0x0014 << KVM_REG_ARM_COPROC_SHIFT)
#define KVM_REG_ARM_FW_REG(r) (KVM_REG_ARM | KVM_REG_SIZE_U64 | \
KVM_REG_ARM_FW | ((r) & 0xffff))
#define KVM_REG_ARM_PSCI_VERSION KVM_REG_ARM_FW_REG(0)
/* Device Control API: ARM VGIC */ /* Device Control API: ARM VGIC */
#define KVM_DEV_ARM_VGIC_GRP_ADDR 0