1. 29 4月, 2019 1 次提交
  2. 16 4月, 2019 1 次提交
  3. 04 4月, 2019 1 次提交
    • O
      kernfs: fix xattr name handling in LSM helpers · 1537ad15
      Ondrej Mosnacek 提交于
      The implementation of kernfs_security_xattr_*() helpers reuses the
      kernfs_node_xattr_*() functions, which take the suffix of the xattr name
      and extract full xattr name from it using xattr_full_name(). However,
      this function relies on the fact that the suffix passed to xattr
      handlers from VFS is always constructed from the full name by just
      incerementing the pointer. This doesn't necessarily hold for the callers
      of kernfs_security_xattr_*(), so their usage will easily lead to
      out-of-bounds access.
      
      Fix this by moving the xattr name reconstruction to the VFS xattr
      handlers and replacing the kernfs_security_xattr_*() helpers with more
      general kernfs_xattr_*() helpers that take full xattr name and allow
      accessing all kernfs node's xattrs.
      Reported-by: Nkernel test robot <rong.a.chen@intel.com>
      Fixes: b230d5ab ("LSM: add new hook for kernfs node initialization")
      Fixes: ec882da5 ("selinux: implement the kernfs_init_security hook")
      Signed-off-by: NOndrej Mosnacek <omosnace@redhat.com>
      Signed-off-by: NPaul Moore <paul@paul-moore.com>
      1537ad15
  4. 31 3月, 2019 1 次提交
  5. 25 3月, 2019 3 次提交
  6. 23 3月, 2019 1 次提交
  7. 21 3月, 2019 7 次提交
    • O
      kernfs: initialize security of newly created nodes · e19dfdc8
      Ondrej Mosnacek 提交于
      Use the new security_kernfs_init_security() hook to allow LSMs to
      possibly assign a non-default security context to a newly created kernfs
      node based on the attributes of the new node and also its parent node.
      
      This fixes an issue with cgroupfs under SELinux, where newly created
      cgroup subdirectories/files would not inherit its parent's context if
      it had been set explicitly to a non-default value (other than the genfs
      context specified by the policy). This can be reproduced as follows (on
      Fedora/RHEL):
      
          # mkdir /sys/fs/cgroup/unified/test
          # # Need permissive to change the label under Fedora policy:
          # setenforce 0
          # chcon -t container_file_t /sys/fs/cgroup/unified/test
          # ls -lZ /sys/fs/cgroup/unified
          total 0
          -r--r--r--.  1 root root system_u:object_r:cgroup_t:s0         0 Jan 29 03:06 cgroup.controllers
          -rw-r--r--.  1 root root system_u:object_r:cgroup_t:s0         0 Jan 29 03:06 cgroup.max.depth
          -rw-r--r--.  1 root root system_u:object_r:cgroup_t:s0         0 Jan 29 03:06 cgroup.max.descendants
          -rw-r--r--.  1 root root system_u:object_r:cgroup_t:s0         0 Jan 29 03:06 cgroup.procs
          -r--r--r--.  1 root root system_u:object_r:cgroup_t:s0         0 Jan 29 03:06 cgroup.stat
          -rw-r--r--.  1 root root system_u:object_r:cgroup_t:s0         0 Jan 29 03:06 cgroup.subtree_control
          -rw-r--r--.  1 root root system_u:object_r:cgroup_t:s0         0 Jan 29 03:06 cgroup.threads
          drwxr-xr-x.  2 root root system_u:object_r:cgroup_t:s0         0 Jan 29 03:06 init.scope
          drwxr-xr-x. 26 root root system_u:object_r:cgroup_t:s0         0 Jan 29 03:21 system.slice
          drwxr-xr-x.  3 root root system_u:object_r:container_file_t:s0 0 Jan 29 03:15 test
          drwxr-xr-x.  3 root root system_u:object_r:cgroup_t:s0         0 Jan 29 03:06 user.slice
          # mkdir /sys/fs/cgroup/unified/test/subdir
      
      Actual result:
      
          # ls -ldZ /sys/fs/cgroup/unified/test/subdir
          drwxr-xr-x. 2 root root system_u:object_r:cgroup_t:s0 0 Jan 29 03:15 /sys/fs/cgroup/unified/test/subdir
      
      Expected result:
      
          # ls -ldZ /sys/fs/cgroup/unified/test/subdir
          drwxr-xr-x. 2 root root unconfined_u:object_r:container_file_t:s0 0 Jan 29 03:15 /sys/fs/cgroup/unified/test/subdir
      
      Link: https://github.com/SELinuxProject/selinux-kernel/issues/39Signed-off-by: NOndrej Mosnacek <omosnace@redhat.com>
      Acked-by: NCasey Schaufler <casey@schaufler-ca.com>
      Signed-off-by: NPaul Moore <paul@paul-moore.com>
      e19dfdc8
    • O
      selinux: implement the kernfs_init_security hook · ec882da5
      Ondrej Mosnacek 提交于
      The hook applies the same logic as selinux_determine_inode_label(), with
      the exception of the super_block handling, which will be enforced on the
      actual inodes later by other hooks.
      Signed-off-by: NOndrej Mosnacek <omosnace@redhat.com>
      [PM: minor merge fixes]
      Signed-off-by: NPaul Moore <paul@paul-moore.com>
      ec882da5
    • O
      LSM: add new hook for kernfs node initialization · b230d5ab
      Ondrej Mosnacek 提交于
      This patch introduces a new security hook that is intended for
      initializing the security data for newly created kernfs nodes, which
      provide a way of storing a non-default security context, but need to
      operate independently from mounts (and therefore may not have an
      associated inode at the moment of creation).
      
      The main motivation is to allow kernfs nodes to inherit the context of
      the parent under SELinux, similar to the behavior of
      security_inode_init_security(). Other LSMs may implement their own logic
      for handling the creation of new nodes.
      
      This patch also adds helper functions to <linux/kernfs.h> for
      getting/setting security xattrs of a kernfs node so that LSMs hooks are
      able to do their job. Other important attributes should be accessible
      direcly in the kernfs_node fields (in case there is need for more, then
      new helpers should be added to kernfs.h along with the patch that needs
      them).
      Signed-off-by: NOndrej Mosnacek <omosnace@redhat.com>
      Acked-by: NCasey Schaufler <casey@schaufler-ca.com>
      [PM: more manual merge fixes]
      Signed-off-by: NPaul Moore <paul@paul-moore.com>
      b230d5ab
    • O
      kernfs: use simple_xattrs for security attributes · 0ac6075a
      Ondrej Mosnacek 提交于
      Replace the special handling of security xattrs with simple_xattrs, as
      is already done for the trusted xattrs. This simplifies the code and
      allows LSMs to use more than just a single xattr to do their business.
      Signed-off-by: NOndrej Mosnacek <omosnace@redhat.com>
      Acked-by: NCasey Schaufler <casey@schaufler-ca.com>
      [PM: manual merge fixes]
      Signed-off-by: NPaul Moore <paul@paul-moore.com>
      0ac6075a
    • O
      selinux: try security xattr after genfs for kernfs filesystems · b754026b
      Ondrej Mosnacek 提交于
      Since kernfs supports the security xattr handlers, we can simply use
      these to determine the inode's context, dropping the need to update it
      from kernfs explicitly using a security_inode_notifysecctx() call.
      
      We achieve this by setting a new sbsec flag SE_SBGENFS_XATTR to all
      mounts that are known to use kernfs under the hood and then fetching the
      xattrs after determining the fallback genfs sid in
      inode_doinit_with_dentry() when this flag is set.
      
      This will allow implementing full security xattr support in kernfs and
      removing the ...notifysecctx() call in a subsequent patch.
      Signed-off-by: NOndrej Mosnacek <omosnace@redhat.com>
      Acked-by: NStephen Smalley <sds@tycho.nsa.gov>
      Acked-by: NCasey Schaufler <casey@schaufler-ca.com>
      [PM: more manual merge fixups]
      Signed-off-by: NPaul Moore <paul@paul-moore.com>
      b754026b
    • O
      kernfs: do not alloc iattrs in kernfs_xattr_get · d0c9c153
      Ondrej Mosnacek 提交于
      This is a read-only operation, so we can simply return -ENODATA if
      kn->iattr is NULL.
      Signed-off-by: NOndrej Mosnacek <omosnace@redhat.com>
      Acked-by: NCasey Schaufler <casey@schaufler-ca.com>
      [PM: minor merge fixes]
      Signed-off-by: NPaul Moore <paul@paul-moore.com>
      d0c9c153
    • O
      kernfs: clean up struct kernfs_iattrs · 05895219
      Ondrej Mosnacek 提交于
      Right now, kernfs_iattrs embeds the whole struct iattr, even though it
      doesn't really use half of its fields... This both leads to wasting
      space and makes the code look awkward. Let's just list the few fields
      we need directly in struct kernfs_iattrs.
      Signed-off-by: NOndrej Mosnacek <omosnace@redhat.com>
      Acked-by: NCasey Schaufler <casey@schaufler-ca.com>
      [PM: merged a number of chunks manually due to fuzz]
      Signed-off-by: NPaul Moore <paul@paul-moore.com>
      05895219
  8. 20 3月, 2019 1 次提交
  9. 19 3月, 2019 2 次提交
    • P
      selinux: use kernel linux/socket.h for genheaders and mdp · ff1bf4c0
      Paulo Alcantara 提交于
      When compiling genheaders and mdp from a newer host kernel, the
      following error happens:
      
          In file included from scripts/selinux/genheaders/genheaders.c:18:
          ./security/selinux/include/classmap.h:238:2: error: #error New
          address family defined, please update secclass_map.  #error New
          address family defined, please update secclass_map.  ^~~~~
          make[3]: *** [scripts/Makefile.host:107:
          scripts/selinux/genheaders/genheaders] Error 1 make[2]: ***
          [scripts/Makefile.build:599: scripts/selinux/genheaders] Error 2
          make[1]: *** [scripts/Makefile.build:599: scripts/selinux] Error 2
          make[1]: *** Waiting for unfinished jobs....
      
      Instead of relying on the host definition, include linux/socket.h in
      classmap.h to have PF_MAX.
      Signed-off-by: NPaulo Alcantara <paulo@paulo.ac>
      Acked-by: NStephen Smalley <sds@tycho.nsa.gov>
      [PM: manually merge in mdp.c, subject line tweaks]
      Signed-off-by: NPaul Moore <paul@paul-moore.com>
      ff1bf4c0
    • S
      scripts/selinux: modernize mdp · e37c1877
      Stephen Smalley 提交于
      Derived in part from a patch by Dominick Grift.
      
      The MDP example no longer works on modern systems.  Fix it.
      While we are at it, add MLS support and enable it.
      
      NB This still does not work on systems using dbus-daemon instead of
      dbus-broker because dbus-daemon does not yet gracefully handle unknown
      classes/permissions.  This appears to be a deficiency in libselinux's
      selinux_set_mapping() interface and underlying implementation,
      which was never fully updated to deal with unknown classes/permissions
      unlike the kernel.  The same problem also occurs with XSELinux.
      Programs that instead use selinux_check_access() like dbus-broker
      should not have this problem.
      
      Changes to mdp:
      Add support for devtmpfs, required by modern Linux distributions.
      Add MLS support, with sample sensitivities, categories, and constraints.
      Generate fs_use and genfscon rules based on kernel configuration.
      Update list of filesystem types for fs_use and genfscon rules.
      Use object_r for object contexts.
      
      Changes to install_policy.sh:
      Bail immediately on any errors.
      Provide more helpful error messages when unable to find userspace tools.
      Refuse to run if SELinux is already enabled.
      Unconditionally move aside /etc/selinux/config and create a new one.
      Build policy with -U allow so that userspace object managers do not break.
      Build policy with MLS enabled by default.
      Create seusers, failsafe_context, and default_contexts for use by
      pam_selinux / libselinux.
      Create x_contexts for the SELinux X extension.
      Create virtual_domain_context and virtual_image_context for libvirtd.
      Set to permissive mode rather than enforcing to permit initial autorelabel.
      Update the list of filesystem types to be relabeled.
      Write -F to /.autorelabel to cause a forced autorelabel on reboot.
      Drop broken attempt to relabel the /dev mountpoint directory.
      Signed-off-by: NStephen Smalley <sds@tycho.nsa.gov>
      Acked-by: NDominick Grift <dominick.grift@defensec.nl>
      Signed-off-by: NPaul Moore <paul@paul-moore.com>
      e37c1877
  10. 18 3月, 2019 6 次提交
  11. 17 3月, 2019 15 次提交
    • K
      perf/x86/intel: Make dev_attr_allow_tsx_force_abort static · c634dc6b
      kbuild test robot 提交于
      Fixes: 400816f6 ("perf/x86/intel: Implement support for TSX Force Abort")
      Signed-off-by: Nkbuild test robot <lkp@intel.com>
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      Cc: "Peter Zijlstra (Intel)" <peterz@infradead.org>
      Cc: kbuild-all@01.org
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: "H. Peter Anvin" <hpa@zytor.com>
      Cc: Kan Liang <kan.liang@linux.intel.com>
      Cc: Jiri Olsa <jolsa@redhat.com>
      Cc: Andi Kleen <ak@linux.intel.com>
      Cc: stable@vger.kernel.org
      Link: https://lkml.kernel.org/r/20190313184243.GA10820@lkp-sb-ep06
      c634dc6b
    • M
      kconfig: remove stale lxdialog/.gitignore · c71bb9f8
      Masahiro Yamada 提交于
      When this .gitignore was added, lxdialog was an independent hostprogs-y.
      
      Now that all objects in lxdialog/ are directly linked to mconf, the
      lxdialog is no longer generated.
      Signed-off-by: NMasahiro Yamada <yamada.masahiro@socionext.com>
      c71bb9f8
    • M
      kbuild: force all architectures except um to include mandatory-y · 037fc336
      Masahiro Yamada 提交于
      Currently, every arch/*/include/uapi/asm/Kbuild explicitly includes
      the common Kbuild.asm file. Factor out the duplicated include directives
      to scripts/Makefile.asm-generic so that no architecture would opt out
      of the mandatory-y mechanism.
      
      um is not forced to include mandatory-y since it is a very exceptional
      case which does not support UAPI.
      Signed-off-by: NMasahiro Yamada <yamada.masahiro@socionext.com>
      037fc336
    • M
      kbuild: warn redundant generic-y · 7cbbbb8b
      Masahiro Yamada 提交于
      The generic-y is redundant under the following condition:
      
       - arch has its own implementation
      
       - the same header is added to generated-y
      
       - the same header is added to mandatory-y
      
      If a redundant generic-y is found, the warning like follows is displayed:
      
        scripts/Makefile.asm-generic:20: redundant generic-y found in arch/arm/include/asm/Kbuild: timex.h
      
      I fixed up arch Kbuild files found by this.
      Suggested-by: NSam Ravnborg <sam@ravnborg.org>
      Signed-off-by: NMasahiro Yamada <yamada.masahiro@socionext.com>
      7cbbbb8b
    • D
      Revert "modsign: Abort modules_install when signing fails" · f84dde10
      Douglas Anderson 提交于
      This reverts commit caf6fe91.
      
      The commit was fine but is no longer needed as of commit 3a2429e1
      ("kbuild: change if_changed_rule for multi-line recipe").  Let's go
      back to using ";" to be consistent.
      
      For some discussion, see:
      
      https://lkml.kernel.org/r/CAK7LNASde0Q9S5GKeQiWhArfER4S4wL1=R_FW8q0++_X3T5=hQ@mail.gmail.comSigned-off-by: NDouglas Anderson <dianders@chromium.org>
      Signed-off-by: NMasahiro Yamada <yamada.masahiro@socionext.com>
      f84dde10
    • D
      kbuild: Make NOSTDINC_FLAGS a simply expanded variable · 0c22be07
      Douglas Anderson 提交于
      During a simple no-op (nothing changed) build I saw 39 invocations of
      the C compiler with the argument "-print-file-name=include".  We don't
      need to call the C compiler 39 times for this--one time will suffice.
      
      Let's change NOSTDINC_FLAGS to a simply expanded variable to avoid
      this since there doesn't appear to be any reason it should be
      recursively expanded.
      
      On my build this shaved ~400 ms off my "no-op" build.
      
      Note that the recursive expansion seems to date back to the (really
      old) commit e8f5bdb0 ("[PATCH] Makefile include path ordering").
      It's a little unclear to me if the point of that patch was to switch
      the variable to be recursively expanded (which it did) or to avoid
      directly assigning to NOSTDINC_FLAGS (AKA to switch to +=) because
      someone else (out of tree?) was setting it.  I presume later since if
      the only goal was to switch to recursive expansion the patch would
      have just removed the ":".
      Signed-off-by: NDouglas Anderson <dianders@chromium.org>
      Signed-off-by: NMasahiro Yamada <yamada.masahiro@socionext.com>
      0c22be07
    • A
      kbuild: deb-pkg: avoid implicit effects · f6d9db63
      Arseny Maslennikov 提交于
      * The man page for dpkg-source(1) notes:
      
      >      -b, --build directory [format-specific-parameters]
      >             Build  a  source  package  (--build since dpkg 1.17.14).
      >             <...>
      >
      >             dpkg-source will build the source package with the first
      >             format found in this ordered list: the format  indicated
      >             with  the  --format  command  line  option,  the  format
      >             indicated in debian/source/format, “1.0”.  The  fallback
      >             to “1.0” is deprecated and will be removed at some point
      >             in the future, you should always  document  the  desired
      >             source   format  in  debian/source/format.  See  section
      >             SOURCE PACKAGE FORMATS for an extensive  description  of
      >             the various source package formats.
      
        Thus it would be more foolproof to explicitly use 1.0 (as we always
        did) than to rely on dpkg-source's defaults.
      
      * In a similar vein, debian/rules is not made executable by mkdebian,
        and dpkg-source warns about that but still silently fixes the file.
        Let's be explicit once again.
      Signed-off-by: NArseny Maslennikov <ar@cs.msu.ru>
      Signed-off-by: NMasahiro Yamada <yamada.masahiro@socionext.com>
      f6d9db63
    • W
      coccinelle: semantic code search for missing put_device() · da9cfb87
      Wen Yang 提交于
      The of_find_device_by_node() takes a reference to the underlying device
      structure, we should release that reference.
      The implementation of this semantic code search is:
      In a function, for a local variable returned by calling
      of_find_device_by_node(),
      a, if it is released by a function such as
         put_device()/of_dev_put()/platform_device_put() after the last use,
         it is considered that there is no reference leak;
      b, if it is passed back to the caller via
         dev_get_drvdata()/platform_get_drvdata()/get_device(), etc., the
         reference will be released in other functions, and the current function
         also considers that there is no reference leak;
      c, for the rest of the situation, the current function should release the
         reference by calling put_device, this code search will report the
         corresponding error message.
      
      By using this semantic code search, we have found some object reference leaks,
      such as:
      commit 11907e9d ("ASoC: fsl-asoc-card: fix object reference leaks in
      fsl_asoc_card_probe")
      commit a12085d1 ("mtd: rawnand: atmel: fix possible object reference leak")
      commit 11493f26 ("mtd: rawnand: jz4780: fix possible object reference leak")
      
      There are still dozens of reference leaks in the current kernel code.
      
      Further, for the case of b, the object returned to other functions may also
      have a reference leak, we will continue to develop other cocci scripts to
      further check the reference leak.
      Signed-off-by: NWen Yang <wen.yang99@zte.com.cn>
      Reviewed-by: NJulia Lawall <Julia.Lawall@lip6.fr>
      Reviewed-by: NMarkus Elfring <Markus.Elfring@web.de>
      Signed-off-by: NMasahiro Yamada <yamada.masahiro@socionext.com>
      da9cfb87
    • L
      Merge tag 'pidfd-v5.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux · a9dce667
      Linus Torvalds 提交于
      Pull pidfd system call from Christian Brauner:
       "This introduces the ability to use file descriptors from /proc/<pid>/
        as stable handles on struct pid. Even if a pid is recycled the handle
        will not change. For a start these fds can be used to send signals to
        the processes they refer to.
      
        With the ability to use /proc/<pid> fds as stable handles on struct
        pid we can fix a long-standing issue where after a process has exited
        its pid can be reused by another process. If a caller sends a signal
        to a reused pid it will end up signaling the wrong process.
      
        With this patchset we enable a variety of use cases. One obvious
        example is that we can now safely delegate an important part of
        process management - sending signals - to processes other than the
        parent of a given process by sending file descriptors around via scm
        rights and not fearing that the given process will have been recycled
        in the meantime. It also allows for easy testing whether a given
        process is still alive or not by sending signal 0 to a pidfd which is
        quite handy.
      
        There has been some interest in this feature e.g. from systems
        management (systemd, glibc) and container managers. I have requested
        and gotten comments from glibc to make sure that this syscall is
        suitable for their needs as well. In the future I expect it to take on
        most other pid-based signal syscalls. But such features are left for
        the future once they are needed.
      
        This has been sitting in linux-next for quite a while and has not
        caused any issues. It comes with selftests which verify basic
        functionality and also test that a recycled pid cannot be signaled via
        a pidfd.
      
        Jon has written about a prior version of this patchset. It should
        cover the basic functionality since not a lot has changed since then:
      
            https://lwn.net/Articles/773459/
      
        The commit message for the syscall itself is extensively documenting
        the syscall, including it's functionality and extensibility"
      
      * tag 'pidfd-v5.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux:
        selftests: add tests for pidfd_send_signal()
        signal: add pidfd_send_signal() syscall
      a9dce667
    • L
      Merge tag 'devdax-for-5.1' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm · f67e3fb4
      Linus Torvalds 提交于
      Pull device-dax updates from Dan Williams:
       "New device-dax infrastructure to allow persistent memory and other
        "reserved" / performance differentiated memories, to be assigned to
        the core-mm as "System RAM".
      
        Some users want to use persistent memory as additional volatile
        memory. They are willing to cope with potential performance
        differences, for example between DRAM and 3D Xpoint, and want to use
        typical Linux memory management apis rather than a userspace memory
        allocator layered over an mmap() of a dax file. The administration
        model is to decide how much Persistent Memory (pmem) to use as System
        RAM, create a device-dax-mode namespace of that size, and then assign
        it to the core-mm. The rationale for device-dax is that it is a
        generic memory-mapping driver that can be layered over any "special
        purpose" memory, not just pmem. On subsequent boots udev rules can be
        used to restore the memory assignment.
      
        One implication of using pmem as RAM is that mlock() no longer keeps
        data off persistent media. For this reason it is recommended to enable
        NVDIMM Security (previously merged for 5.0) to encrypt pmem contents
        at rest. We considered making this recommendation an actively enforced
        requirement, but in the end decided to leave it as a distribution /
        administrator policy to allow for emulation and test environments that
        lack security capable NVDIMMs.
      
        Summary:
      
         - Replace the /sys/class/dax device model with /sys/bus/dax, and
           include a compat driver so distributions can opt-in to the new ABI.
      
         - Allow for an alternative driver for the device-dax address-range
      
         - Introduce the 'kmem' driver to hotplug / assign a device-dax
           address-range to the core-mm.
      
         - Arrange for the device-dax target-node to be onlined so that the
           newly added memory range can be uniquely referenced by numa apis"
      
      NOTE! I'm not entirely happy with the whole "PMEM as RAM" model because
      we currently have special - and very annoying rules in the kernel about
      accessing PMEM only with the "MC safe" accessors, because machine checks
      inside the regular repeat string copy functions can be fatal in some
      (not described) circumstances.
      
      And apparently the PMEM modules can cause that a lot more than regular
      RAM.  The argument is that this happens because PMEM doesn't necessarily
      get scrubbed at boot like RAM does, but that is planned to be added for
      the user space tooling.
      
      Quoting Dan from another email:
       "The exposure can be reduced in the volatile-RAM case by scanning for
        and clearing errors before it is onlined as RAM. The userspace tooling
        for that can be in place before v5.1-final. There's also runtime
        notifications of errors via acpi_nfit_uc_error_notify() from
        background scrubbers on the DIMM devices. With that mechanism the
        kernel could proactively clear newly discovered poison in the volatile
        case, but that would be additional development more suitable for v5.2.
      
        I understand the concern, and the need to highlight this issue by
        tapping the brakes on feature development, but I don't see PMEM as RAM
        making the situation worse when the exposure is also there via DAX in
        the PMEM case. Volatile-RAM is arguably a safer use case since it's
        possible to repair pages where the persistent case needs active
        application coordination"
      
      * tag 'devdax-for-5.1' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm:
        device-dax: "Hotplug" persistent memory for use like normal RAM
        mm/resource: Let walk_system_ram_range() search child resources
        mm/memory-hotplug: Allow memory resources to be children
        mm/resource: Move HMM pr_debug() deeper into resource code
        mm/resource: Return real error codes from walk failures
        device-dax: Add a 'modalias' attribute to DAX 'bus' devices
        device-dax: Add a 'target_node' attribute
        device-dax: Auto-bind device after successful new_id
        acpi/nfit, device-dax: Identify differentiated memory with a unique numa-node
        device-dax: Add /sys/class/dax backwards compatibility
        device-dax: Add support for a dax override driver
        device-dax: Move resource pinning+mapping into the common driver
        device-dax: Introduce bus + driver model
        device-dax: Start defining a dax bus model
        device-dax: Remove multi-resource infrastructure
        device-dax: Kill dax_region base
        device-dax: Kill dax_region ida
      f67e3fb4
    • L
      Merge tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi · 477558d7
      Linus Torvalds 提交于
      Pull more SCSI updates from James Bottomley:
       "This is the final round of mostly small fixes and performance
        improvements to our initial submit.
      
        The main regression fix is the ia64 simscsi build failure which was
        missed in the serial number elimination conversion"
      
      * tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi: (24 commits)
        scsi: ia64: simscsi: use request tag instead of serial_number
        scsi: aacraid: Fix performance issue on logical drives
        scsi: lpfc: Fix error codes in lpfc_sli4_pci_mem_setup()
        scsi: libiscsi: Hold back_lock when calling iscsi_complete_task
        scsi: hisi_sas: Change SERDES_CFG init value to increase reliability of HiLink
        scsi: hisi_sas: Send HARD RESET to clear the previous affiliation of STP target port
        scsi: hisi_sas: Set PHY linkrate when disconnected
        scsi: hisi_sas: print PHY RX errors count for later revision of v3 hw
        scsi: hisi_sas: Fix a timeout race of driver internal and SMP IO
        scsi: hisi_sas: Change return variable type in phy_up_v3_hw()
        scsi: qla2xxx: check for kstrtol() failure
        scsi: lpfc: fix 32-bit format string warning
        scsi: lpfc: fix unused variable warning
        scsi: target: tcmu: Switch to bitmap_zalloc()
        scsi: libiscsi: fall back to sendmsg for slab pages
        scsi: qla2xxx: avoid printf format warning
        scsi: lpfc: resolve static checker warning in lpfc_sli4_hba_unset
        scsi: lpfc: Correct __lpfc_sli_issue_iocb_s4 lockdep check
        scsi: ufs: hisi: fix ufs_hba_variant_ops passing
        scsi: qla2xxx: Fix panic in qla_dfs_tgt_counters_show
        ...
      477558d7
    • L
      Merge tag 'for-5.1/block-post-20190315' of git://git.kernel.dk/linux-block · 11efae35
      Linus Torvalds 提交于
      Pull more block layer changes from Jens Axboe:
       "This is a collection of both stragglers, and fixes that came in after
        I finalized the initial pull. This contains:
      
         - An MD pull request from Song, with a few minor fixes
      
         - Set of NVMe patches via Christoph
      
         - Pull request from Konrad, with a few fixes for xen/blkback
      
         - pblk fix IO calculation fix (Javier)
      
         - Segment calculation fix for pass-through (Ming)
      
         - Fallthrough annotation for blkcg (Mathieu)"
      
      * tag 'for-5.1/block-post-20190315' of git://git.kernel.dk/linux-block: (25 commits)
        blkcg: annotate implicit fall through
        nvme-tcp: support C2HData with SUCCESS flag
        nvmet: ignore EOPNOTSUPP for discard
        nvme: add proper write zeroes setup for the multipath device
        nvme: add proper discard setup for the multipath device
        nvme: remove nvme_ns_config_oncs
        nvme: disable Write Zeroes for qemu controllers
        nvmet-fc: bring Disconnect into compliance with FC-NVME spec
        nvmet-fc: fix issues with targetport assoc_list list walking
        nvme-fc: reject reconnect if io queue count is reduced to zero
        nvme-fc: fix numa_node when dev is null
        nvme-fc: use nr_phys_segments to determine existence of sgl
        nvme-loop: init nvmet_ctrl fatal_err_work when allocate
        nvme: update comment to make the code easier to read
        nvme: put ns_head ref if namespace fails allocation
        nvme-trace: fix cdw10 buffer overrun
        nvme: don't warn on block content change effects
        nvme: add get-feature to admin cmds tracer
        md: Fix failed allocation of md_register_thread
        It's wrong to add len to sector_nr in raid10 reshape twice
        ...
      11efae35
    • L
      Merge tag 'nfs-for-5.1-2' of git://git.linux-nfs.org/projects/trondmy/linux-nfs · 465c209d
      Linus Torvalds 提交于
      Pull NFS client bugfixes from Trond Myklebust:
       "Highlights include:
      
        Bugfixes:
         - Fix an Oops in SUNRPC back channel tracepoints
         - Fix a SUNRPC client regression when handling oversized replies
         - Fix the minimal size for SUNRPC reply buffer allocation
         - rpc_decode_header() must always return a non-zero value on error
         - Fix a typo in pnfs_update_layout()
      
        Cleanup:
         - Remove redundant check for the reply length in call_decode()"
      
      * tag 'nfs-for-5.1-2' of git://git.linux-nfs.org/projects/trondmy/linux-nfs:
        SUNRPC: Remove redundant check for the reply length in call_decode()
        SUNRPC: Handle the SYSTEM_ERR rpc error
        SUNRPC: rpc_decode_header() must always return a non-zero value on error
        SUNRPC: Use the ENOTCONN error on socket disconnect
        SUNRPC: Fix the minimal size for reply buffer allocation
        SUNRPC: Fix a client regression when handling oversized replies
        pNFS: Fix a typo in pnfs_update_layout
        fix null pointer deref in tracepoints in back channel
      465c209d
    • L
      Merge tag 'powerpc-5.1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux · a9c55d58
      Linus Torvalds 提交于
      Pull powerpc fixes from Michael Ellerman:
       "One fix to prevent runtime allocation of 16GB pages when running in a
        VM (as opposed to bare metal), because it doesn't work.
      
        A small fix to our recently added KCOV support to exempt some more
        code from being instrumented.
      
        Plus a few minor build fixes, a small dead code removal and a
        defconfig update.
      
        Thanks to: Alexey Kardashevskiy, Aneesh Kumar K.V, Christophe Leroy,
        Jason Yan, Joel Stanley, Mahesh Salgaonkar, Mathieu Malaterre"
      
      * tag 'powerpc-5.1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
        powerpc/64s: Include <asm/nmi.h> header file to fix a warning
        powerpc/powernv: Fix compile without CONFIG_TRACEPOINTS
        powerpc/mm: Disable kcov for SLB routines
        powerpc: remove dead code in head_fsl_booke.S
        powerpc/configs: Sync skiroot defconfig
        powerpc/hugetlb: Don't do runtime allocation of 16G pages in LPAR configuration
      a9c55d58
    • L
      Merge branch 'work.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs · 92497350
      Linus Torvalds 提交于
      Pull vfs mount infrastructure fix from Al Viro:
       "Fixup for sysfs braino.
      
        Capabilities checks for sysfs mount do include those on netns, but
        only if CONFIG_NET_NS is enabled. Sorry, should've caught that
        earlier..."
      
      * 'work.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
        fix sysfs_init_fs_context() in !CONFIG_NET_NS case
      92497350
  12. 16 3月, 2019 1 次提交