1. 07 2月, 2017 2 次提交
    • E
      fscrypt: split supp and notsupp declarations into their own headers · 46f47e48
      Eric Biggers 提交于
      Previously, each filesystem configured without encryption support would
      define all the public fscrypt functions to their notsupp_* stubs.  This
      list of #defines had to be updated in every filesystem whenever a change
      was made to the public fscrypt functions.  To make things more
      maintainable now that we have three filesystems using fscrypt, split the
      old header fscrypto.h into several new headers.  fscrypt_supp.h contains
      the real declarations and is included by filesystems when configured
      with encryption support, whereas fscrypt_notsupp.h contains the inline
      stubs and is included by filesystems when configured without encryption
      support.  fscrypt_common.h contains common declarations needed by both.
      Signed-off-by: NEric Biggers <ebiggers@google.com>
      Signed-off-by: NTheodore Ts'o <tytso@mit.edu>
      46f47e48
    • C
      fscrypt: remove redundant assignment of res · 02680b31
      Colin Ian King 提交于
      res is assigned to sizeof(ctx), however, this is unused and res
      is updated later on without that assigned value to res ever being
      used.  Remove this redundant assignment.
      
      Fixes CoverityScan CID#1395546 "Unused value"
      Signed-off-by: NColin Ian King <colin.king@canonical.com>
      Signed-off-by: NTheodore Ts'o <tytso@mit.edu>
      02680b31
  2. 08 1月, 2017 3 次提交
  3. 03 1月, 2017 1 次提交
    • T
      fscrypt: make test_dummy_encryption require a keyring key · 5bbdcbbb
      Theodore Ts'o 提交于
      Currently, the test_dummy_encryption ext4 mount option, which exists
      only to test encrypted I/O paths with xfstests, overrides all
      per-inode encryption keys with a fixed key.
      
      This change minimizes test_dummy_encryption-specific code path changes
      by supplying a fake context for directories which are not encrypted
      for use when creating new directories, files, or symlinks.  This
      allows us to properly exercise the keyring lookup, derivation, and
      context inheritance code paths.
      
      Before mounting a file system using test_dummy_encryption, userspace
      must execute the following shell commands:
      
          mode='\x00\x00\x00\x00'
          raw="$(printf ""\\\\x%02x"" $(seq 0 63))"
          if lscpu | grep "Byte Order" | grep -q Little ; then
              size='\x40\x00\x00\x00'
          else
              size='\x00\x00\x00\x40'
          fi
          key="${mode}${raw}${size}"
          keyctl new_session
          echo -n -e "${key}" | keyctl padd logon fscrypt:4242424242424242 @s
      Signed-off-by: NTheodore Ts'o <tytso@mit.edu>
      5bbdcbbb
  4. 02 1月, 2017 1 次提交
  5. 01 1月, 2017 5 次提交
    • E
      fscrypt: pass up error codes from ->get_context() · efee590e
      Eric Biggers 提交于
      It was possible for the ->get_context() operation to fail with a
      specific error code, which was then not returned to the caller of
      FS_IOC_SET_ENCRYPTION_POLICY or FS_IOC_GET_ENCRYPTION_POLICY.  Make sure
      to pass through these error codes.  Also reorganize the code so that
      ->get_context() only needs to be called one time when setting an
      encryption policy, and handle contexts of unrecognized sizes more
      appropriately.
      Signed-off-by: NEric Biggers <ebiggers@google.com>
      Signed-off-by: NTheodore Ts'o <tytso@mit.edu>
      efee590e
    • E
      fscrypt: remove user-triggerable warning messages · 868e1bc6
      Eric Biggers 提交于
      Several warning messages were not rate limited and were user-triggerable
      from FS_IOC_SET_ENCRYPTION_POLICY.  These shouldn't really have been
      there in the first place, but either way they aren't as useful now that
      the error codes have been improved.  So just remove them.
      Signed-off-by: NEric Biggers <ebiggers@google.com>
      Signed-off-by: NTheodore Ts'o <tytso@mit.edu>
      868e1bc6
    • E
      fscrypt: use EEXIST when file already uses different policy · 8488cd96
      Eric Biggers 提交于
      As part of an effort to clean up fscrypt-related error codes, make
      FS_IOC_SET_ENCRYPTION_POLICY fail with EEXIST when the file already uses
      a different encryption policy.  This is more descriptive than EINVAL,
      which was ambiguous with some of the other error cases.
      
      I am not aware of any users who might be relying on the previous error
      code of EINVAL, which was never documented anywhere.
      
      This failure case will be exercised by an xfstest.
      Signed-off-by: NEric Biggers <ebiggers@google.com>
      Signed-off-by: NTheodore Ts'o <tytso@mit.edu>
      8488cd96
    • E
      fscrypt: use ENOTDIR when setting encryption policy on nondirectory · dffd0cfa
      Eric Biggers 提交于
      As part of an effort to clean up fscrypt-related error codes, make
      FS_IOC_SET_ENCRYPTION_POLICY fail with ENOTDIR when the file descriptor
      does not refer to a directory.  This is more descriptive than EINVAL,
      which was ambiguous with some of the other error cases.
      
      I am not aware of any users who might be relying on the previous error
      code of EINVAL, which was never documented anywhere, and in some buggy
      kernels did not exist at all as the S_ISDIR() check was missing.
      
      This failure case will be exercised by an xfstest.
      Signed-off-by: NEric Biggers <ebiggers@google.com>
      Signed-off-by: NTheodore Ts'o <tytso@mit.edu>
      dffd0cfa
    • E
      fscrypt: use ENOKEY when file cannot be created w/o key · 54475f53
      Eric Biggers 提交于
      As part of an effort to clean up fscrypt-related error codes, make
      attempting to create a file in an encrypted directory that hasn't been
      "unlocked" fail with ENOKEY.  Previously, several error codes were used
      for this case, including ENOENT, EACCES, and EPERM, and they were not
      consistent between and within filesystems.  ENOKEY is a better choice
      because it expresses that the failure is due to lacking the encryption
      key.  It also matches the error code returned when trying to open an
      encrypted regular file without the key.
      
      I am not aware of any users who might be relying on the previous
      inconsistent error codes, which were never documented anywhere.
      
      This failure case will be exercised by an xfstest.
      Signed-off-by: NEric Biggers <ebiggers@google.com>
      Signed-off-by: NTheodore Ts'o <tytso@mit.edu>
      54475f53
  6. 31 12月, 2016 1 次提交
    • E
      fscrypt: fix renaming and linking special files · 42d97eb0
      Eric Biggers 提交于
      Attempting to link a device node, named pipe, or socket file into an
      encrypted directory through rename(2) or link(2) always failed with
      EPERM.  This happened because fscrypt_has_permitted_context() saw that
      the file was unencrypted and forbid creating the link.  This behavior
      was unexpected because such files are never encrypted; only regular
      files, directories, and symlinks can be encrypted.
      
      To fix this, make fscrypt_has_permitted_context() always return true on
      special files.
      
      This will be covered by a test in my encryption xfstests patchset.
      
      Fixes: 9bd8212f ("ext4 crypto: add encryption policy and password salt support")
      Signed-off-by: NEric Biggers <ebiggers@google.com>
      Reviewed-by: NRichard Weinberger <richard@nod.at>
      Cc: stable@vger.kernel.org
      Signed-off-by: NTheodore Ts'o <tytso@mit.edu>
      42d97eb0
  7. 28 12月, 2016 1 次提交
    • T
      fscrypt: fix the test_dummy_encryption mount option · fe4f6c80
      Theodore Ts'o 提交于
      Commit f1c131b4: "crypto: xts - Convert to skcipher" now fails
      the setkey operation if the AES key is the same as the tweak key.
      Previously this check was only done if FIPS mode is enabled.  Now this
      check is also done if weak key checking was requested.  This is
      reasonable, but since we were using the dummy key which was a constant
      series of 0x42 bytes, it now caused dummy encrpyption test mode to
      fail.
      
      Fix this by using 0x42... and 0x24... for the two keys, so they are
      different.
      
      Fixes: f1c131b4
      Cc: stable@vger.kernel.org
      Signed-off-by: NTheodore Ts'o <tytso@mit.edu>
      fe4f6c80
  8. 26 12月, 2016 11 次提交
    • L
      Linux 4.10-rc1 · 7ce7d89f
      Linus Torvalds 提交于
      7ce7d89f
    • L
      powerpc: Fix build warning on 32-bit PPC · 8ae679c4
      Larry Finger 提交于
      I am getting the following warning when I build kernel 4.9-git on my
      PowerBook G4 with a 32-bit PPC processor:
      
          AS      arch/powerpc/kernel/misc_32.o
        arch/powerpc/kernel/misc_32.S:299:7: warning: "CONFIG_FSL_BOOKE" is not defined [-Wundef]
      
      This problem is evident after commit 989cea5c ("kbuild: prevent
      lib-ksyms.o rebuilds"); however, this change in kbuild only exposes an
      error that has been in the code since 2005 when this source file was
      created.  That was with commit 9994a338 ("powerpc: Introduce
      entry_{32,64}.S, misc_{32,64}.S, systbl.S").
      
      The offending line does not make a lot of sense.  This error does not
      seem to cause any errors in the executable, thus I am not recommending
      that it be applied to any stable versions.
      
      Thanks to Nicholas Piggin for suggesting this solution.
      
      Fixes: 9994a338 ("powerpc: Introduce entry_{32,64}.S, misc_{32,64}.S, systbl.S")
      Signed-off-by: NLarry Finger <Larry.Finger@lwfinger.net>
      Cc: Nicholas Piggin <npiggin@gmail.com>
      Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
      Cc: Paul Mackerras <paulus@samba.org>
      Cc: Michael Ellerman <mpe@ellerman.id.au>
      Cc: linuxppc-dev@lists.ozlabs.org
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      8ae679c4
    • L
      avoid spurious "may be used uninitialized" warning · d33d5a6c
      Linus Torvalds 提交于
      The timer type simplifications caused a new gcc warning:
      
        drivers/base/power/domain.c: In function ‘genpd_runtime_suspend’:
        drivers/base/power/domain.c:562:14: warning: ‘time_start’ may be used uninitialized in this function [-Wmaybe-uninitialized]
           elapsed_ns = ktime_to_ns(ktime_sub(ktime_get(), time_start));
      
      despite the actual use of "time_start" not having changed in any way.
      It appears that simply changing the type of ktime_t from a union to a
      plain scalar type made gcc check the use.
      
      The variable wasn't actually used uninitialized, but gcc apparently
      failed to notice that the conditional around the use was exactly the
      same as the conditional around the initialization of that variable.
      
      Add an unnecessary initialization just to shut up the compiler.
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      d33d5a6c
    • L
      Merge branch 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 3ddc76df
      Linus Torvalds 提交于
      Pull timer type cleanups from Thomas Gleixner:
       "This series does a tree wide cleanup of types related to
        timers/timekeeping.
      
         - Get rid of cycles_t and use a plain u64. The type is not really
           helpful and caused more confusion than clarity
      
         - Get rid of the ktime union. The union has become useless as we use
           the scalar nanoseconds storage unconditionally now. The 32bit
           timespec alike storage got removed due to the Y2038 limitations
           some time ago.
      
           That leaves the odd union access around for no reason. Clean it up.
      
        Both changes have been done with coccinelle and a small amount of
        manual mopping up"
      
      * 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        ktime: Get rid of ktime_equal()
        ktime: Cleanup ktime_set() usage
        ktime: Get rid of the union
        clocksource: Use a plain u64 instead of cycle_t
      3ddc76df
    • L
      Merge branch 'smp-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · b272f732
      Linus Torvalds 提交于
      Pull SMP hotplug notifier removal from Thomas Gleixner:
       "This is the final cleanup of the hotplug notifier infrastructure. The
        series has been reintgrated in the last two days because there came a
        new driver using the old infrastructure via the SCSI tree.
      
        Summary:
      
         - convert the last leftover drivers utilizing notifiers
      
         - fixup for a completely broken hotplug user
      
         - prevent setup of already used states
      
         - removal of the notifiers
      
         - treewide cleanup of hotplug state names
      
         - consolidation of state space
      
        There is a sphinx based documentation pending, but that needs review
        from the documentation folks"
      
      * 'smp-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        irqchip/armada-xp: Consolidate hotplug state space
        irqchip/gic: Consolidate hotplug state space
        coresight/etm3/4x: Consolidate hotplug state space
        cpu/hotplug: Cleanup state names
        cpu/hotplug: Remove obsolete cpu hotplug register/unregister functions
        staging/lustre/libcfs: Convert to hotplug state machine
        scsi/bnx2i: Convert to hotplug state machine
        scsi/bnx2fc: Convert to hotplug state machine
        cpu/hotplug: Prevent overwriting of callbacks
        x86/msr: Remove bogus cleanup from the error path
        bus: arm-ccn: Prevent hotplug callback leak
        perf/x86/intel/cstate: Prevent hotplug callback leak
        ARM/imx/mmcd: Fix broken cpu hotplug handling
        scsi: qedi: Convert to hotplug state machine
      b272f732
    • L
      Merge branch 'turbostat' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux · 10bbe759
      Linus Torvalds 提交于
      Pull turbostat updates from Len Brown.
      
      * 'turbostat' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux:
        tools/power turbostat: remove obsolete -M, -m, -C, -c options
        tools/power turbostat: Make extensible via the --add parameter
        tools/power turbostat: Denverton uses a 25 MHz crystal, not 19.2 MHz
        tools/power turbostat: line up headers when -M is used
        tools/power turbostat: fix SKX PKG_CSTATE_LIMIT decoding
        tools/power turbostat: Support Knights Mill (KNM)
        tools/power turbostat: Display HWP OOB status
        tools/power turbostat: fix Denverton BCLK
        tools/power turbostat: use intel-family.h model strings
        tools/power/turbostat: Add Denverton RAPL support
        tools/power/turbostat: Add Denverton support
        tools/power/turbostat: split core MSR support into status + limit
        tools/power turbostat: fix error case overflow read of slm_freq_table[]
        tools/power turbostat: Allocate correct amount of fd and irq entries
        tools/power turbostat: switch to tab delimited output
        tools/power turbostat: Gracefully handle ACPI S3
        tools/power turbostat: tidy up output on Joule counter overflow
      10bbe759
    • N
      mm: add PageWaiters indicating tasks are waiting for a page bit · 62906027
      Nicholas Piggin 提交于
      Add a new page flag, PageWaiters, to indicate the page waitqueue has
      tasks waiting. This can be tested rather than testing waitqueue_active
      which requires another cacheline load.
      
      This bit is always set when the page has tasks on page_waitqueue(page),
      and is set and cleared under the waitqueue lock. It may be set when
      there are no tasks on the waitqueue, which will cause a harmless extra
      wakeup check that will clears the bit.
      
      The generic bit-waitqueue infrastructure is no longer used for pages.
      Instead, waitqueues are used directly with a custom key type. The
      generic code was not flexible enough to have PageWaiters manipulation
      under the waitqueue lock (which simplifies concurrency).
      
      This improves the performance of page lock intensive microbenchmarks by
      2-3%.
      
      Putting two bits in the same word opens the opportunity to remove the
      memory barrier between clearing the lock bit and testing the waiters
      bit, after some work on the arch primitives (e.g., ensuring memory
      operand widths match and cover both bits).
      Signed-off-by: NNicholas Piggin <npiggin@gmail.com>
      Cc: Dave Hansen <dave.hansen@linux.intel.com>
      Cc: Bob Peterson <rpeterso@redhat.com>
      Cc: Steven Whitehouse <swhiteho@redhat.com>
      Cc: Andrew Lutomirski <luto@kernel.org>
      Cc: Andreas Gruenbacher <agruenba@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Mel Gorman <mgorman@techsingularity.net>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      62906027
    • N
      mm: Use owner_priv bit for PageSwapCache, valid when PageSwapBacked · 6326fec1
      Nicholas Piggin 提交于
      A page is not added to the swap cache without being swap backed,
      so PageSwapBacked mappings can use PG_owner_priv_1 for PageSwapCache.
      Signed-off-by: NNicholas Piggin <npiggin@gmail.com>
      Acked-by: NHugh Dickins <hughd@google.com>
      Cc: Dave Hansen <dave.hansen@linux.intel.com>
      Cc: Bob Peterson <rpeterso@redhat.com>
      Cc: Steven Whitehouse <swhiteho@redhat.com>
      Cc: Andrew Lutomirski <luto@kernel.org>
      Cc: Andreas Gruenbacher <agruenba@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Mel Gorman <mgorman@techsingularity.net>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      6326fec1
    • T
      ktime: Get rid of ktime_equal() · 1f3a8e49
      Thomas Gleixner 提交于
      No point in going through loops and hoops instead of just comparing the
      values.
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      Cc: Peter Zijlstra <peterz@infradead.org>
      1f3a8e49
    • T
      ktime: Cleanup ktime_set() usage · 8b0e1953
      Thomas Gleixner 提交于
      ktime_set(S,N) was required for the timespec storage type and is still
      useful for situations where a Seconds and Nanoseconds part of a time value
      needs to be converted. For anything where the Seconds argument is 0, this
      is pointless and can be replaced with a simple assignment.
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      Cc: Peter Zijlstra <peterz@infradead.org>
      8b0e1953
    • T
      ktime: Get rid of the union · 2456e855
      Thomas Gleixner 提交于
      ktime is a union because the initial implementation stored the time in
      scalar nanoseconds on 64 bit machine and in a endianess optimized timespec
      variant for 32bit machines. The Y2038 cleanup removed the timespec variant
      and switched everything to scalar nanoseconds. The union remained, but
      become completely pointless.
      
      Get rid of the union and just keep ktime_t as simple typedef of type s64.
      
      The conversion was done with coccinelle and some manual mopping up.
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      Cc: Peter Zijlstra <peterz@infradead.org>
      2456e855
  9. 25 12月, 2016 15 次提交