Commit 591effbd authored by Lorenzo "Palinuro" Faletra's avatar Lorenzo "Palinuro" Faletra
Browse files

Import Upstream version 4.17.17

parent 156ae521
...@@ -479,6 +479,7 @@ What: /sys/devices/system/cpu/vulnerabilities ...@@ -479,6 +479,7 @@ What: /sys/devices/system/cpu/vulnerabilities
/sys/devices/system/cpu/vulnerabilities/spectre_v1 /sys/devices/system/cpu/vulnerabilities/spectre_v1
/sys/devices/system/cpu/vulnerabilities/spectre_v2 /sys/devices/system/cpu/vulnerabilities/spectre_v2
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass /sys/devices/system/cpu/vulnerabilities/spec_store_bypass
/sys/devices/system/cpu/vulnerabilities/l1tf
Date: January 2018 Date: January 2018
Contact: Linux kernel mailing list <linux-kernel@vger.kernel.org> Contact: Linux kernel mailing list <linux-kernel@vger.kernel.org>
Description: Information about CPU vulnerabilities Description: Information about CPU vulnerabilities
...@@ -490,3 +491,26 @@ Description: Information about CPU vulnerabilities ...@@ -490,3 +491,26 @@ Description: Information about CPU vulnerabilities
"Not affected" CPU is not affected by the vulnerability "Not affected" CPU is not affected by the vulnerability
"Vulnerable" CPU is affected and no mitigation in effect "Vulnerable" CPU is affected and no mitigation in effect
"Mitigation: $M" CPU is affected and mitigation $M is in effect "Mitigation: $M" CPU is affected and mitigation $M is in effect
Details about the l1tf file can be found in
Documentation/admin-guide/l1tf.rst
What: /sys/devices/system/cpu/smt
/sys/devices/system/cpu/smt/active
/sys/devices/system/cpu/smt/control
Date: June 2018
Contact: Linux kernel mailing list <linux-kernel@vger.kernel.org>
Description: Control Symetric Multi Threading (SMT)
active: Tells whether SMT is active (enabled and siblings online)
control: Read/write interface to control SMT. Possible
values:
"on" SMT is enabled
"off" SMT is disabled
"forceoff" SMT is force disabled. Cannot be changed.
"notsupported" SMT is not supported by the CPU
If control status is "forceoff" or "notsupported" writes
are rejected.
...@@ -17,6 +17,15 @@ etc. ...@@ -17,6 +17,15 @@ etc.
kernel-parameters kernel-parameters
devices devices
This section describes CPU vulnerabilities and provides an overview of the
possible mitigations along with guidance for selecting mitigations if they
are configurable at compile, boot or run time.
.. toctree::
:maxdepth: 1
l1tf
Here is a set of documents aimed at users who are trying to track down Here is a set of documents aimed at users who are trying to track down
problems and bugs in particular. problems and bugs in particular.
......
...@@ -1958,10 +1958,84 @@ ...@@ -1958,10 +1958,84 @@
(virtualized real and unpaged mode) on capable (virtualized real and unpaged mode) on capable
Intel chips. Default is 1 (enabled) Intel chips. Default is 1 (enabled)
kvm-intel.vmentry_l1d_flush=[KVM,Intel] Mitigation for L1 Terminal Fault
CVE-2018-3620.
Valid arguments: never, cond, always
always: L1D cache flush on every VMENTER.
cond: Flush L1D on VMENTER only when the code between
VMEXIT and VMENTER can leak host memory.
never: Disables the mitigation
Default is cond (do L1 cache flush in specific instances)
kvm-intel.vpid= [KVM,Intel] Disable Virtual Processor Identification kvm-intel.vpid= [KVM,Intel] Disable Virtual Processor Identification
feature (tagged TLBs) on capable Intel chips. feature (tagged TLBs) on capable Intel chips.
Default is 1 (enabled) Default is 1 (enabled)
l1tf= [X86] Control mitigation of the L1TF vulnerability on
affected CPUs
The kernel PTE inversion protection is unconditionally
enabled and cannot be disabled.
full
Provides all available mitigations for the
L1TF vulnerability. Disables SMT and
enables all mitigations in the
hypervisors, i.e. unconditional L1D flush.
SMT control and L1D flush control via the
sysfs interface is still possible after
boot. Hypervisors will issue a warning
when the first VM is started in a
potentially insecure configuration,
i.e. SMT enabled or L1D flush disabled.
full,force
Same as 'full', but disables SMT and L1D
flush runtime control. Implies the
'nosmt=force' command line option.
(i.e. sysfs control of SMT is disabled.)
flush
Leaves SMT enabled and enables the default
hypervisor mitigation, i.e. conditional
L1D flush.
SMT control and L1D flush control via the
sysfs interface is still possible after
boot. Hypervisors will issue a warning
when the first VM is started in a
potentially insecure configuration,
i.e. SMT enabled or L1D flush disabled.
flush,nosmt
Disables SMT and enables the default
hypervisor mitigation.
SMT control and L1D flush control via the
sysfs interface is still possible after
boot. Hypervisors will issue a warning
when the first VM is started in a
potentially insecure configuration,
i.e. SMT enabled or L1D flush disabled.
flush,nowarn
Same as 'flush', but hypervisors will not
warn when a VM is started in a potentially
insecure configuration.
off
Disables hypervisor mitigations and doesn't
emit any warnings.
Default is 'flush'.
For details see: Documentation/admin-guide/l1tf.rst
l2cr= [PPC] l2cr= [PPC]
l3cr= [PPC] l3cr= [PPC]
...@@ -2675,6 +2749,10 @@ ...@@ -2675,6 +2749,10 @@
nosmt [KNL,S390] Disable symmetric multithreading (SMT). nosmt [KNL,S390] Disable symmetric multithreading (SMT).
Equivalent to smt=1. Equivalent to smt=1.
[KNL,x86] Disable symmetric multithreading (SMT).
nosmt=force: Force disable SMT, cannot be undone
via the sysfs control file.
nospectre_v2 [X86] Disable all mitigations for the Spectre variant 2 nospectre_v2 [X86] Disable all mitigations for the Spectre variant 2
(indirect branch prediction) vulnerability. System may (indirect branch prediction) vulnerability. System may
allow data leaks with this option, which is equivalent allow data leaks with this option, which is equivalent
...@@ -4092,6 +4170,23 @@ ...@@ -4092,6 +4170,23 @@
expediting. Set to zero to disable automatic expediting. Set to zero to disable automatic
expediting. expediting.
ssbd= [ARM64,HW]
Speculative Store Bypass Disable control
On CPUs that are vulnerable to the Speculative
Store Bypass vulnerability and offer a
firmware based mitigation, this parameter
indicates how the mitigation should be used:
force-on: Unconditionally enable mitigation for
for both kernel and userspace
force-off: Unconditionally disable mitigation for
for both kernel and userspace
kernel: Always enable mitigation in the
kernel, and offer a prctl interface
to allow userspace to register its
interest in being mitigated too.
stack_guard_gap= [MM] stack_guard_gap= [MM]
override the default stack gap protection. The value override the default stack gap protection. The value
is in page units and it defines how many pages prior is in page units and it defines how many pages prior
......
This diff is collapsed.
...@@ -2,7 +2,10 @@ ...@@ -2,7 +2,10 @@
Required properties: Required properties:
- compatible: should be "qca,qca8337" - compatible: should be one of:
"qca,qca8334"
"qca,qca8337"
- #size-cells: must be 0 - #size-cells: must be 0
- #address-cells: must be 1 - #address-cells: must be 1
...@@ -14,6 +17,20 @@ port and PHY id, each subnode describing a port needs to have a valid phandle ...@@ -14,6 +17,20 @@ port and PHY id, each subnode describing a port needs to have a valid phandle
referencing the internal PHY connected to it. The CPU port of this switch is referencing the internal PHY connected to it. The CPU port of this switch is
always port 0. always port 0.
A CPU port node has the following optional node:
- fixed-link : Fixed-link subnode describing a link to a non-MDIO
managed entity. See
Documentation/devicetree/bindings/net/fixed-link.txt
for details.
For QCA8K the 'fixed-link' sub-node supports only the following properties:
- 'speed' (integer, mandatory), to indicate the link speed. Accepted
values are 10, 100 and 1000
- 'full-duplex' (boolean, optional), to indicate that full duplex is
used. When absent, half duplex is assumed.
Example: Example:
...@@ -53,6 +70,10 @@ Example: ...@@ -53,6 +70,10 @@ Example:
label = "cpu"; label = "cpu";
ethernet = <&gmac1>; ethernet = <&gmac1>;
phy-mode = "rgmii"; phy-mode = "rgmii";
fixed-link {
speed = 1000;
full-duplex;
};
}; };
port@1 { port@1 {
......
...@@ -11,6 +11,7 @@ Required properties on all platforms: ...@@ -11,6 +11,7 @@ Required properties on all platforms:
- "amlogic,meson8b-dwmac" - "amlogic,meson8b-dwmac"
- "amlogic,meson8m2-dwmac" - "amlogic,meson8m2-dwmac"
- "amlogic,meson-gxbb-dwmac" - "amlogic,meson-gxbb-dwmac"
- "amlogic,meson-axg-dwmac"
Additionally "snps,dwmac" and any applicable more Additionally "snps,dwmac" and any applicable more
detailed version number described in net/stmmac.txt detailed version number described in net/stmmac.txt
should be used. should be used.
......
...@@ -3,8 +3,10 @@ ...@@ -3,8 +3,10 @@
Required properties for the root node: Required properties for the root node:
- compatible: one of "amlogic,meson8-cbus-pinctrl" - compatible: one of "amlogic,meson8-cbus-pinctrl"
"amlogic,meson8b-cbus-pinctrl" "amlogic,meson8b-cbus-pinctrl"
"amlogic,meson8m2-cbus-pinctrl"
"amlogic,meson8-aobus-pinctrl" "amlogic,meson8-aobus-pinctrl"
"amlogic,meson8b-aobus-pinctrl" "amlogic,meson8b-aobus-pinctrl"
"amlogic,meson8m2-aobus-pinctrl"
"amlogic,meson-gxbb-periphs-pinctrl" "amlogic,meson-gxbb-periphs-pinctrl"
"amlogic,meson-gxbb-aobus-pinctrl" "amlogic,meson-gxbb-aobus-pinctrl"
"amlogic,meson-gxl-periphs-pinctrl" "amlogic,meson-gxl-periphs-pinctrl"
......
...@@ -7,6 +7,7 @@ Required properties: ...@@ -7,6 +7,7 @@ Required properties:
- "renesas,r7s72100-wdt" (RZ/A1) - "renesas,r7s72100-wdt" (RZ/A1)
- "renesas,r8a7795-wdt" (R-Car H3) - "renesas,r8a7795-wdt" (R-Car H3)
- "renesas,r8a7796-wdt" (R-Car M3-W) - "renesas,r8a7796-wdt" (R-Car M3-W)
- "renesas,r8a77965-wdt" (R-Car M3-N)
- "renesas,r8a77970-wdt" (R-Car V3M) - "renesas,r8a77970-wdt" (R-Car V3M)
- "renesas,r8a77995-wdt" (R-Car D3) - "renesas,r8a77995-wdt" (R-Car D3)
......
...@@ -35,7 +35,7 @@ binutils 2.20 ld -v ...@@ -35,7 +35,7 @@ binutils 2.20 ld -v
flex 2.5.35 flex --version flex 2.5.35 flex --version
bison 2.0 bison --version bison 2.0 bison --version
util-linux 2.10o fdformat --version util-linux 2.10o fdformat --version
module-init-tools 0.9.10 depmod -V kmod 13 depmod -V
e2fsprogs 1.41.4 e2fsck -V e2fsprogs 1.41.4 e2fsck -V
jfsutils 1.1.3 fsck.jfs -V jfsutils 1.1.3 fsck.jfs -V
reiserfsprogs 3.6.3 reiserfsck -V reiserfsprogs 3.6.3 reiserfsck -V
...@@ -156,12 +156,6 @@ is not build with ``CONFIG_KALLSYMS`` and you have no way to rebuild and ...@@ -156,12 +156,6 @@ is not build with ``CONFIG_KALLSYMS`` and you have no way to rebuild and
reproduce the Oops with that option, then you can still decode that Oops reproduce the Oops with that option, then you can still decode that Oops
with ksymoops. with ksymoops.
Module-Init-Tools
-----------------
A new module loader is now in the kernel that requires ``module-init-tools``
to use. It is backward compatible with the 2.4.x series kernels.
Mkinitrd Mkinitrd
-------- --------
...@@ -371,16 +365,17 @@ Util-linux ...@@ -371,16 +365,17 @@ Util-linux
- <https://www.kernel.org/pub/linux/utils/util-linux/> - <https://www.kernel.org/pub/linux/utils/util-linux/>
Kmod
----
- <https://www.kernel.org/pub/linux/utils/kernel/kmod/>
- <https://git.kernel.org/pub/scm/utils/kernel/kmod/kmod.git>
Ksymoops Ksymoops
-------- --------
- <https://www.kernel.org/pub/linux/utils/kernel/ksymoops/v2.4/> - <https://www.kernel.org/pub/linux/utils/kernel/ksymoops/v2.4/>
Module-Init-Tools
-----------------
- <https://www.kernel.org/pub/linux/utils/kernel/module-init-tools/>
Mkinitrd Mkinitrd
-------- --------
......
...@@ -145,6 +145,11 @@ The functions in the mdev_parent_ops structure are as follows: ...@@ -145,6 +145,11 @@ The functions in the mdev_parent_ops structure are as follows:
* create: allocate basic resources in a driver for a mediated device * create: allocate basic resources in a driver for a mediated device
* remove: free resources in a driver when a mediated device is destroyed * remove: free resources in a driver when a mediated device is destroyed
(Note that mdev-core provides no implicit serialization of create/remove
callbacks per mdev parent device, per mdev type, or any other categorization.
Vendor drivers are expected to be fully asynchronous in this respect or
provide their own internal resource protection.)
The callbacks in the mdev_parent_ops structure are as follows: The callbacks in the mdev_parent_ops structure are as follows:
* open: open callback of mediated device * open: open callback of mediated device
......
# SPDX-License-Identifier: GPL-2.0 # SPDX-License-Identifier: GPL-2.0
VERSION = 4 VERSION = 4
PATCHLEVEL = 17 PATCHLEVEL = 17
SUBLEVEL = 8 SUBLEVEL = 17
EXTRAVERSION = EXTRAVERSION =
NAME = Merciless Moray NAME = Merciless Moray
......
...@@ -13,6 +13,9 @@ config KEXEC_CORE ...@@ -13,6 +13,9 @@ config KEXEC_CORE
config HAVE_IMA_KEXEC config HAVE_IMA_KEXEC
bool bool
config HOTPLUG_SMT
bool
config OPROFILE config OPROFILE
tristate "OProfile system profiling" tristate "OProfile system profiling"
depends on PROFILING depends on PROFILING
......
...@@ -1183,13 +1183,10 @@ SYSCALL_DEFINE2(osf_getrusage, int, who, struct rusage32 __user *, ru) ...@@ -1183,13 +1183,10 @@ SYSCALL_DEFINE2(osf_getrusage, int, who, struct rusage32 __user *, ru)
SYSCALL_DEFINE4(osf_wait4, pid_t, pid, int __user *, ustatus, int, options, SYSCALL_DEFINE4(osf_wait4, pid_t, pid, int __user *, ustatus, int, options,
struct rusage32 __user *, ur) struct rusage32 __user *, ur)
{ {
unsigned int status = 0;
struct rusage r; struct rusage r;
long err = kernel_wait4(pid, &status, options, &r); long err = kernel_wait4(pid, ustatus, options, &r);
if (err <= 0) if (err <= 0)
return err; return err;
if (put_user(status, ustatus))
return -EFAULT;
if (!ur) if (!ur)
return err; return err;
if (put_tv_to_tv32(&ur->ru_utime, &r.ru_utime)) if (put_tv_to_tv32(&ur->ru_utime, &r.ru_utime))
......
...@@ -408,7 +408,7 @@ config ARC_HAS_DIV_REM ...@@ -408,7 +408,7 @@ config ARC_HAS_DIV_REM
config ARC_HAS_ACCL_REGS config ARC_HAS_ACCL_REGS
bool "Reg Pair ACCL:ACCH (FPU and/or MPY > 6)" bool "Reg Pair ACCL:ACCH (FPU and/or MPY > 6)"
default n default y
help help
Depending on the configuration, CPU can contain accumulator reg-pair Depending on the configuration, CPU can contain accumulator reg-pair
(also referred to as r58:r59). These can also be used by gcc as GPR so (also referred to as r58:r59). These can also be used by gcc as GPR so
......
...@@ -11,7 +11,6 @@ CONFIG_NAMESPACES=y ...@@ -11,7 +11,6 @@ CONFIG_NAMESPACES=y
# CONFIG_UTS_NS is not set # CONFIG_UTS_NS is not set
# CONFIG_PID_NS is not set # CONFIG_PID_NS is not set
CONFIG_BLK_DEV_INITRD=y CONFIG_BLK_DEV_INITRD=y
CONFIG_INITRAMFS_SOURCE="../arc_initramfs/"
CONFIG_EMBEDDED=y CONFIG_EMBEDDED=y
CONFIG_PERF_EVENTS=y CONFIG_PERF_EVENTS=y
# CONFIG_VM_EVENT_COUNTERS is not set # CONFIG_VM_EVENT_COUNTERS is not set
......
...@@ -11,7 +11,6 @@ CONFIG_NAMESPACES=y ...@@ -11,7 +11,6 @@ CONFIG_NAMESPACES=y
# CONFIG_UTS_NS is not set # CONFIG_UTS_NS is not set
# CONFIG_PID_NS is not set # CONFIG_PID_NS is not set
CONFIG_BLK_DEV_INITRD=y CONFIG_BLK_DEV_INITRD=y
CONFIG_INITRAMFS_SOURCE="../../arc_initramfs_hs/"
CONFIG_EMBEDDED=y CONFIG_EMBEDDED=y
CONFIG_PERF_EVENTS=y CONFIG_PERF_EVENTS=y
# CONFIG_VM_EVENT_COUNTERS is not set # CONFIG_VM_EVENT_COUNTERS is not set
......
...@@ -11,7 +11,6 @@ CONFIG_NAMESPACES=y ...@@ -11,7 +11,6 @@ CONFIG_NAMESPACES=y
# CONFIG_UTS_NS is not set # CONFIG_UTS_NS is not set
# CONFIG_PID_NS is not set # CONFIG_PID_NS is not set
CONFIG_BLK_DEV_INITRD=y CONFIG_BLK_DEV_INITRD=y
CONFIG_INITRAMFS_SOURCE="../../arc_initramfs_hs/"
CONFIG_EMBEDDED=y CONFIG_EMBEDDED=y
CONFIG_PERF_EVENTS=y CONFIG_PERF_EVENTS=y
# CONFIG_VM_EVENT_COUNTERS is not set # CONFIG_VM_EVENT_COUNTERS is not set
......
...@@ -11,7 +11,6 @@ CONFIG_NAMESPACES=y ...@@ -11,7 +11,6 @@ CONFIG_NAMESPACES=y
# CONFIG_UTS_NS is not set # CONFIG_UTS_NS is not set
# CONFIG_PID_NS is not set # CONFIG_PID_NS is not set
CONFIG_BLK_DEV_INITRD=y CONFIG_BLK_DEV_INITRD=y
CONFIG_INITRAMFS_SOURCE="../../arc_initramfs_hs/"
CONFIG_EXPERT=y CONFIG_EXPERT=y
CONFIG_PERF_EVENTS=y CONFIG_PERF_EVENTS=y
# CONFIG_COMPAT_BRK is not set # CONFIG_COMPAT_BRK is not set
......
...@@ -11,7 +11,6 @@ CONFIG_NAMESPACES=y ...@@ -11,7 +11,6 @@ CONFIG_NAMESPACES=y
# CONFIG_UTS_NS is not set # CONFIG_UTS_NS is not set
# CONFIG_PID_NS is not set # CONFIG_PID_NS is not set
CONFIG_BLK_DEV_INITRD=y CONFIG_BLK_DEV_INITRD=y
CONFIG_INITRAMFS_SOURCE="../../arc_initramfs_hs/"
CONFIG_EMBEDDED=y CONFIG_EMBEDDED=y
CONFIG_PERF_EVENTS=y CONFIG_PERF_EVENTS=y
# CONFIG_VM_EVENT_COUNTERS is not set # CONFIG_VM_EVENT_COUNTERS is not set
......
...@@ -9,7 +9,6 @@ CONFIG_NAMESPACES=y ...@@ -9,7 +9,6 @@ CONFIG_NAMESPACES=y
# CONFIG_UTS_NS is not set # CONFIG_UTS_NS is not set
# CONFIG_PID_NS is not set # CONFIG_PID_NS is not set
CONFIG_BLK_DEV_INITRD=y CONFIG_BLK_DEV_INITRD=y
CONFIG_INITRAMFS_SOURCE="../../arc_initramfs_hs/"
CONFIG_EMBEDDED=y CONFIG_EMBEDDED=y
CONFIG_PERF_EVENTS=y CONFIG_PERF_EVENTS=y
# CONFIG_VM_EVENT_COUNTERS is not set # CONFIG_VM_EVENT_COUNTERS is not set
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment