Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity into next-integrity

From Mimi:

In Linux 4.19, a new LSM hook named security_kernel_load_data was
upstreamed, allowing LSMs and IMA to prevent the kexec_load
syscall.  Different signature verification methods exist for verifying
the kexec'ed kernel image.  This pull request adds additional support
in IMA to prevent loading unsigned kernel images via the kexec_load
syscall, independently of the IMA policy rules, based on the runtime
"secure boot" flag.  An initial IMA kselftest is included.

In addition, this pull request defines a new, separate keyring named
".platform" for storing the preboot/firmware keys needed for verifying
the kexec'ed kernel image's signature and includes the associated IMA
kexec usage of the ".platform" keyring.

(David Howell's and Josh Boyer's patches for reading the
preboot/firmware keys, which were previously posted for a different
use case scenario, are included here.)

Sync with Linux 4.20-rc7, to pick up: Revert "ovl: relax permission checking on underlying layers"

Merge misc fixes from Andrew Morton:
 "11 fixes"

* emailed patches from Andrew Morton <akpm@linux-foundation.org>:
  scripts/spdxcheck.py: always open files in binary mode
  checkstack.pl: fix for aarch64
  userfaultfd: check VM_MAYWRITE was set after verifying the uffd is registered
  fs/iomap.c: get/put the page in iomap_page_create/release()
  hugetlbfs: call VM_BUG_ON_PAGE earlier in free_huge_page()
  memblock: annotate memblock_is_reserved() with __init_memblock
  psi: fix reference to kernel commandline enable
  arch/sh/include/asm/io.h: provide prototypes for PCI I/O mapping in asm/io.h
  mm/sparse: add common helper to mark all memblocks present
  mm: introduce common STRUCT_PAGE_MAX_SHIFT define
  alpha: fix hang caused by the bootmem removal

The spdxcheck script currently falls over when confronted with a binary
file (such as Documentation/logo.gif).  To avoid that, always open files
in binary mode and decode line-by-line, ignoring encoding errors.

One tricky case is when piping data into the script and reading it from
standard input.  By default, standard input will be opened in text mode,
so we need to reopen it in binary mode.

The breakage only happens with python3 and results in a
UnicodeDecodeError (according to Uwe).

Link: http://lkml.kernel.org/r/20181212131210.28024-1-thierry.reding@gmail.com
Fixes: 6f4d29df ("scripts/spdxcheck.py: make python3 compliant")
Signed-off-by: NThierry Reding <treding@nvidia.com>
Reviewed-by: NJeremy Cline <jcline@redhat.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Joe Perches <joe@perches.com>
Cc: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Cc: <stable@vger.kernel.org>
Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>

There is actually a space after "sp," like this,

    ffff2000080813c8:       a9bb7bfd        stp     x29, x30, [sp, #-80]!

Right now, checkstack.pl isn't able to print anything on aarch64,
because it won't be able to match the stating objdump line of a function
due to this missing space.  Hence, it displays every stack as zero-size.

After this patch, checkpatch.pl is able to match the start of a
function's objdump, and is then able to calculate each function's stack
correctly.

Link: http://lkml.kernel.org/r/20181207195843.38528-1-cai@lca.pwSigned-off-by: NQian Cai <cai@lca.pw>
Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>

Calling UFFDIO_UNREGISTER on virtual ranges not yet registered in uffd
could trigger an harmless false positive WARN_ON.  Check the vma is
already registered before checking VM_MAYWRITE to shut off the false
positive warning.

Link: http://lkml.kernel.org/r/20181206212028.18726-2-aarcange@redhat.com
Cc: <stable@vger.kernel.org>
Fixes: 29ec9066 ("userfaultfd: shmem/hugetlbfs: only allow to register VM_MAYWRITE vmas")
Signed-off-by: NAndrea Arcangeli <aarcange@redhat.com>
Reported-by: syzbot+06c7092e7d71218a2c16@syzkaller.appspotmail.com
Acked-by: NMike Rapoport <rppt@linux.ibm.com>
Acked-by: NHugh Dickins <hughd@google.com>
Acked-by: NPeter Xu <peterx@redhat.com>
Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>

migrate_page_move_mapping() expects pages with private data set to have
a page_count elevated by 1.  This is what used to happen for xfs through
the buffer_heads code before the switch to iomap in commit 82cb1417
("xfs: add support for sub-pagesize writeback without buffer_heads").
Not having the count elevated causes move_pages() to fail on memory
mapped files coming from xfs.

Make iomap compatible with the migrate_page_move_mapping() assumption by
elevating the page count as part of iomap_page_create() and lowering it
in iomap_page_release().

It causes the move_pages() syscall to misbehave on memory mapped files
from xfs.  It does not not move any pages, which I suppose is "just" a
perf issue, but it also ends up returning a positive number which is out
of spec for the syscall.  Talking to Michal Hocko, it sounds like
returning positive numbers might be a necessary update to move_pages()
anyway though
(https://lkml.kernel.org/r/20181116114955.GJ14706@dhcp22.suse.cz).

I only hit this in tests that verify that move_pages() actually moved
the pages.  The test also got confused by the positive return from
move_pages() (it got treated as a success as positive numbers were not
expected and not handled) making it a bit harder to track down what's
going on.

Link: http://lkml.kernel.org/r/20181115184140.1388751-1-pjaroszynski@nvidia.com
Fixes: 82cb1417 ("xfs: add support for sub-pagesize writeback without buffer_heads")
Signed-off-by: NPiotr Jaroszynski <pjaroszynski@nvidia.com>
Reviewed-by: NChristoph Hellwig <hch@lst.de>
Cc: William Kucharski <william.kucharski@oracle.com>
Cc: Darrick J. Wong <darrick.wong@oracle.com>
Cc: Brian Foster <bfoster@redhat.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>

A stack trace was triggered by VM_BUG_ON_PAGE(page_mapcount(page), page)
in free_huge_page().  Unfortunately, the page->mapping field was set to
NULL before this test.  This made it more difficult to determine the
root cause of the problem.

Move the VM_BUG_ON_PAGE tests earlier in the function so that if they do
trigger more information is present in the page struct.

Link: http://lkml.kernel.org/r/1543491843-23438-1-git-send-email-nic_w@163.comSigned-off-by: Yongkai Wu <nic_w@163.com>
Acked-by: NMichal Hocko <mhocko@suse.com>
Acked-by: NMike Kravetz <mike.kravetz@oracle.com>
Reviewed-by: NWilliam Kucharski <william.kucharski@oracle.com>
Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>

Found warning:

  WARNING: EXPORT symbol "gsi_write_channel_scratch" [vmlinux] version generation failed, symbol will not be versioned.
  WARNING: vmlinux.o(.text+0x1e0a0): Section mismatch in reference from the function valid_phys_addr_range() to the function .init.text:memblock_is_reserved()
  The function valid_phys_addr_range() references
  the function __init memblock_is_reserved().
  This is often because valid_phys_addr_range lacks a __init
  annotation or the annotation of memblock_is_reserved is wrong.

Use __init_memblock instead of __init.

Link: http://lkml.kernel.org/r/BLUPR13MB02893411BF12EACB61888E80DFAE0@BLUPR13MB0289.namprd13.prod.outlook.comSigned-off-by: NYueyi Li <liyueyi@live.com>
Acked-by: NMichal Hocko <mhocko@suse.com>
Reviewed-by: NDavid Hildenbrand <david@redhat.com>
Acked-by: NMike Rapoport <rppt@linux.ibm.com>
Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>

The kernel commandline parameter named in CONFIG_PSI_DEFAULT_DISABLED
help text contradicts the documentation in kernel-parameters.txt, and
the code.  Fix that.

Link: http://lkml.kernel.org/r/20181203213416.GA12627@cmpxchg.org
Fixes: e0c27447 ("psi: make disabling/enabling easier for vendor kernels")
Signed-off-by: NBaruch Siach <baruch@tkos.co.il>
Acked-by: NJohannes Weiner <hannes@cmpxchg.org>
Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>

Most architectures provide prototypes for the PCI I/O mapping operations
when asm/io.h is included but SH doesn't currently do that, leading to
for example warnings in sound/pci/hda/patch_ca0132.c when pci_iomap() is
used on current -next.  Make SH more consistent with other architectures
by including asm-generic/pci_iomap.h in asm/io.h.

Link: http://lkml.kernel.org/r/20181106175142.27988-1-broonie@kernel.orgSigned-off-by: NMark Brown <broonie@kernel.org>
Reported-by: Nkbuild test robot <lkp@intel.com>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Yoshinori Sato <ysato@users.sourceforge.jp>
Cc: Rich Felker <dalias@libc.org>
Cc: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>

Presently the arches arm64, arm and sh have a function which loops
through each memblock and calls memory present.  riscv will require a
similar function.

Introduce a common memblocks_present() function that can be used by all
the arches.  Subsequent patches will cleanup the arches that make use of
this.

Link: http://lkml.kernel.org/r/20181107205433.3875-3-logang@deltatee.comSigned-off-by: NLogan Gunthorpe <logang@deltatee.com>
Acked-by: NAndrew Morton <akpm@linux-foundation.org>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Oscar Salvador <osalvador@suse.de>
Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>

This define is used by arm64 to calculate the size of the vmemmap
region.  It is defined as the log2 of the upper bound on the size of a
struct page.

We move it into mm_types.h so it can be defined properly instead of set
and checked with a build bug.  This also allows us to use the same
define for riscv.

Link: http://lkml.kernel.org/r/20181107205433.3875-2-logang@deltatee.comSigned-off-by: NLogan Gunthorpe <logang@deltatee.com>
Acked-by: NWill Deacon <will.deacon@arm.com>
Acked-by: NAndrew Morton <akpm@linux-foundation.org>
Acked-by: NArd Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: NCatalin Marinas <catalin.marinas@arm.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Christoph Hellwig <hch@lst.de>
Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>

The conversion of alpha to memblock as the early memory manager caused
boot to hang as described at [1].

The issue is caused because for CONFIG_DISCTONTIGMEM=y case,
memblock_add() is called using memory start PFN that had been rounded
down to the nearest 8Mb and it caused memblock to see more memory that
is actually present in the system.

Besides, memblock allocates memory from high addresses while bootmem was
using low memory, which broke the assumption that early allocations are
always accessible by the hardware.

This patch ensures that memblock_add() is using the correct PFN for the
memory start and forces memblock to use bottom-up allocations.

[1] https://lkml.org/lkml/2018/11/22/1032

Link: http://lkml.kernel.org/r/1543233216-25833-1-git-send-email-rppt@linux.ibm.comReported-by: NMeelis Roos <mroos@linux.ee>
Signed-off-by: NMike Rapoport <rppt@linux.ibm.com>
Tested-by: NMeelis Roos <mroos@linux.ee>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
Cc: Matt Turner <mattst88@gmail.com>
Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>

Pull block fixes from Jens Axboe:
 "Three small fixes for this week. contains:

   - spectre indexing fix for aio (Jeff)

   - fix for the previous zeroing bio fix, we don't need it for user
     mapped pages, and in fact it breaks some applications if we do
     (Keith)

   - allocation failure fix for null_blk with zoned (Shin'ichiro)"

* tag 'for-linus-20181214' of git://git.kernel.dk/linux-block:
  block: Fix null_blk_zoned creation failure with small number of zones
  aio: fix spectre gadget in lookup_ioctx
  block/bio: Do not zero user pages

Pull clk fix from Stephen Boyd:
 "One fix for the qcom QCS404 clk driver that was merged for this
  release.

  It specified the wrong parent for a PLL so a part of the clk tree
  wasn't rooted correctly. This fixes it by using the right name"

* tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux:
  clk: qcom: qcs404: Fix gpll0_out_main parent

Pull arm64 fix from Catalin Marinas:
 "Invalidate the caches before clearing the DMA buffer via the
  non-cacheable alias in the FORCE_CONTIGUOUS case"

* tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
  arm64: dma-mapping: Fix FORCE_CONTIGUOUS buffer clearing

Pull powerpc fixes from Michael Ellerman:
 "One notable fix for our change to split pt_regs between user/kernel,
  we forgot to update BPF to use the user-visible type which was an ABI
  break for BPF programs.

  A slightly ugly but minimal fix to do_syscall_trace_enter() so that we
  use tracehook_report_syscall_entry() properly. We'll rework the code
  in next to avoid the empty if body.

  Seven commits fixing bugs in the new papr_scm (Storage Class Memory)
  driver. The driver was finally able to be tested on the other
  hypervisor which exposed several bugs. The fixes are all fairly
  minimal at least.

  Fix a crash in our MSI code if an MSI-capable device is plugged into a
  non-MSI capable PHB, only seen on older hardware (MPC8378).

  Fix our legacy serial code to look for "stdout-path" since the device
  trees were updated to use that instead of "linux,stdout-path".

  A change to the COFF zImage code to fix booting old powermacs.

  A couple of minor build fixes.

  Thanks to: Benjamin Herrenschmidt, Daniel Axtens, Dmitry V. Levin,
  Elvira Khabirova, Oliver O'Halloran, Paul Mackerras, Radu Rendec, Rob
  Herring, Sandipan Das"

* tag 'powerpc-4.20-4' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
  powerpc/ptrace: replace ptrace_report_syscall() with a tracehook call
  powerpc/mm: Fallback to RAM if the altmap is unusable
  powerpc/papr_scm: Use ibm,unit-guid as the iset cookie
  powerpc/papr_scm: Fix DIMM device registration race
  powerpc/papr_scm: Remove endian conversions
  powerpc/papr_scm: Update DT properties
  powerpc/papr_scm: Fix resource end address
  powerpc/papr_scm: Use depend instead of select
  powerpc/bpf: Fix broken uapi for BPF_PROG_TYPE_PERF_EVENT
  powerpc/boot: Fix build failures with -j 1
  powerpc: Look for "stdout-path" when setting up legacy consoles
  powerpc/msi: Fix NULL pointer access in teardown code
  powerpc/mm: Fix linux page tables build with some configs
  powerpc: Fix COFF zImage booting on old powermacs

Pull ceph fix from Ilya Dryomov:
 "Luis discovered a problem with the new copyfrom offload on the server
  side. Disable it for now"

* tag 'ceph-for-4.20-rc7' of https://github.com/ceph/ceph-client:
  ceph: make 'nocopyfrom' a default mount option

Pull pin control fixes from Linus Walleij:
 "Three pin control fixes for the v4.20 series. Just odd drivers, so
  nothing particularly interesting:

   - Set the tile property on Qualcomm SDM60.

   - Fix up enable register calculation for the Meson

   - Fix an IRQ offset on the Sunxi (Allwinner)"

* tag 'pinctrl-v4.20-3' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl:
  pinctrl: sunxi: a83t: Fix IRQ offset typo for PH11
  pinctrl: meson: fix pull enable register calculation
  pinctrl: sdm660: Set tile property for pingroups

Pull drm fixes from Dave Airlie:
 "While I hoped things would calm down, the world hasn't joined with me,
  but it's a few things scattered over a wide area. The i915 workarounds
  regression fix is probably the largest, the rest are more usual sized.
  We also get some new AMD PCI IDs.

  There is also a patch in here to MAINTAINERS to added Daniel as an
  official DRM toplevel co-maintainer, he's decided he wants to step up
  and share the glory, and he'll likely process next weeks fixes while
  I'm away on holidays.

  Summary:

  amdgpu:

   - some new PCI IDs

   - fixed firmware image updates

   - power management fixes

   - locking warning fix

  nouveau:

   - framebuffer flushing fix

   - memory leak fix

   - tegra device init regression fix

  vmwgfx:

   - OOM kernel memory fix

   - excess return in function fix

  i915:

   - the biggest fix is a regression fix where workarounds weren't
     getting reapplied after a gpu hang causing further crashing, this
     fixes the workaround application to make it happen again

   - GPU hang fixes for Braswell and some GEN3 GPUs

   - GVT fix for broadwell tiling

  rockchip:

   - revert to fix a regression causing a WARN on shutdown

  mediatek:

   - avoid crash attaching to non-existant bridges"

* tag 'drm-fixes-2018-12-14' of git://anongit.freedesktop.org/drm/drm: (23 commits)
  drm/vmwgfx: Protect from excessive execbuf kernel memory allocations v3
  MAINTAINERS: Daniel for drm co-maintainer
  drm/amdgpu: drop fclk/gfxclk ratio setting
  drm/vmwgfx: remove redundant return ret statement
  drm/i915: Flush GPU relocs harder for gen3
  drm/i915: Allocate a common scratch page
  drm/i915/execlists: Apply a full mb before execution for Braswell
  drm/nouveau/kms: Fix memory leak in nv50_mstm_del()
  drm/nouveau/kms/nv50-: also flush fb writes when rewinding push buffer
  drm/amdgpu: Fix DEBUG_LOCKS_WARN_ON(depth <= 0) in amdgpu_ctx.lock
  Revert "drm/rockchip: Allow driver to be shutdown on reboot/kexec"
  drm/nouveau/drm/nouveau: tegra: Call nouveau_drm_device_init()
  drm/amdgpu/powerplay: Apply avfs cks-off voltages on VI
  drm/amdgpu: update SMC firmware image for polaris10 variants
  drm/amdkfd: add new vega20 pci id
  drm/amdkfd: add new vega10 pci ids
  drm/amdgpu: add some additional vega20 pci ids
  drm/amdgpu: add some additional vega10 pci ids
  drm/amdgpu: update smu firmware images for VI variants (v2)
  drm/i915: Introduce per-engine workarounds
  ...

Pull XArray fixes from Matthew Wilcox:
 "Two bugfixes, each with test-suite updates, two improvements to the
  test-suite without associated bugs, and one patch adding a missing
  API"

* tag 'xarray-4.20-rc7' of git://git.infradead.org/users/willy/linux-dax:
  XArray: Fix xa_alloc when id exceeds max
  XArray tests: Check iterating over multiorder entries
  XArray tests: Handle larger indices more elegantly
  XArray: Add xa_cmpxchg_irq and xa_cmpxchg_bh
  radix tree: Don't return retry entries from lookup

Merge tag 'linux-kselftest-4.20-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest

Pull Kselftest fix from Shuah Khan:
 "A single fix for a seccomp test from Kees Cook."

* tag 'linux-kselftest-4.20-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest:
  selftests/seccomp: Remove SIGSTOP si_pid check

Pull thermal fixes from Eduardo Valentin:
 "Fixes for STM and HISI thermal drivers"

* 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/evalenti/linux-soc-thermal:
  thermal: stm32: Fix stm_thermal_read_factory_settings
  thermal: stm32: read factory settings inside stm_thermal_prepare
  thermal/drivers/hisi: Fix number of sensors on hi3660
  thermal/drivers/hisi: Fix wrong platform_get_irq_byname()

One regression fix for avoiding kernel OOM, one cleanup return fix.
Signed-off-by: NDave Airlie <airlied@redhat.com>
From: Thomas Hellstrom <thellstrom@vmware.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20181213122815.10581-1-thellstrom@vmware.com

Specifying a starting ID greater than the maximum ID isn't something
attempted very often, but it should fail.  It was succeeding due to
xas_find_marked() returning the wrong error state, so add tests for
both xa_alloc() and xas_find_marked().

Fixes: b803b428 ("xarray: Add XArray iterators")
Signed-off-by: NMatthew Wilcox <willy@infradead.org>

Pull rdma fixes from Doug Ledford:
 "We have 5 small fixes for this pull request. One is a performance
  regression, so not necessarily strictly a fix, but it was small and
  reasonable and claimed to avoid thrashing in the scheduler, so I took
  it. The remaining are all legitimate fixes that match the "we take
  fixes any time" criteria.

  Summary:

   - One performance regression for hfi1

   - One kasan fix for hfi1

   - A couple mlx5 fixes

   - A core oops fix"

* tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma:
  IB/core: Fix oops in netdev_next_upper_dev_rcu()
  IB/mlx5: Block DEVX umem from the non applicable cases
  IB/mlx5: Fix implicit ODP interrupted page fault
  IB/hfi1: Fix an out-of-bounds access in get_hw_stats
  IB/hfi1: Fix a latency issue for small messages

Pull mmc fixes from Ulf Hansson:
 "MMC core:
   - Fixup RPMB requests to use mrq->sbc when sending CMD23

  MMC host:
   - omap: Fix broken MMC/SD on OMAP15XX/OMAP5910/OMAP310

   - sdhci-omap: Fix DCRC error handling during tuning

   - sdhci: Fixup the timeout check window for clock and reset"

* tag 'mmc-v4.20-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc:
  mmc: sdhci: fix the timeout check window for clock and reset
  mmc: sdhci-omap: Fix DCRC error handling during tuning
  MMC: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310
  mmc: core: use mrq->sbc when sending CMD23 for RPMB

Pull sound fixes from Takashi Iwai:
 "Only usual suspects here: a few more fixups for Realtek HD-audio on
  various PCs, including a regression fix in the previous fix for Lenovo
  X1 Carbon, as well as a typo fix in the recent Fireface patch"

* tag 'sound-4.20-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
  ALSA: hda/realtek: Enable audio jacks of ASUS UX433FN/UX333FA with ALC294
  ALSA: hda/realtek: Enable audio jacks of ASUS UX533FD with ALC294
  ALSA: hda/realtek: ALC294 mic and headset-mode fixups for ASUS X542UN
  ALSA: fireface: fix reference to wrong register for clock configuration
  ALSA: hda/realtek - Fix the mute LED regresion on Lenovo X1 Carbon
  ALSA: hda/realtek - Fixed headphone issue for ALC700

With the new validation code, a malicious user-space app could
potentially submit command streams with enough buffer-object and resource
references in them to have the resulting allocated validion nodes and
relocations make the kernel run out of GFP_KERNEL memory.

Protect from this by having the validation code reserve TTM graphics
memory when allocating.
Signed-off-by: NThomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: NDeepak Rawat <drawat@vmware.com>
---
v2: Removed leftover debug printouts

Use the aptly named function rather than open coding the check. No
functional changes.
Signed-off-by: NNikolay Borisov <nborisov@suse.com>
Signed-off-by: NMimi Zohar <zohar@linux.ibm.com>

On secure boot enabled systems, the bootloader verifies the kernel
image and possibly the initramfs signatures based on a set of keys. A
soft reboot(kexec) of the system, with the same kernel image and
initramfs, requires access to the original keys to verify the
signatures.

This patch allows IMA-appraisal access to those original keys, now
loaded on the platform keyring, needed for verifying the kernel image
and initramfs signatures.

[zohar@linux.ibm.com: only use platform keyring if it's enabled (Thiago)]
Signed-off-by: NNayna Jain <nayna@linux.ibm.com>
Reviewed-by: NMimi Zohar <zohar@linux.ibm.com>
Acked-by: NSerge Hallyn <serge@hallyn.com>
Reviewed-by: NJames Morris <james.morris@microsoft.com>
Reviewed-by: NThiago Jung Bauermann <bauerman@linux.ibm.com>
Signed-off-by: NMimi Zohar <zohar@linux.ibm.com>

If a user tells shim to not use the certs/hashes in the UEFI db variable
for verification purposes, shim will set a UEFI variable called
MokIgnoreDB. Have the uefi import code look for this and ignore the db
variable if it is found.

[zohar@linux.ibm.com: removed reference to "secondary" keyring comment]
Signed-off-by: NJosh Boyer <jwboyer@fedoraproject.org>
Signed-off-by: NDavid Howells <dhowells@redhat.com>
Acked-by: NNayna Jain <nayna@linux.ibm.com>
Acked-by: NSerge Hallyn <serge@hallyn.com>
Reviewed-by: NJames Morris <james.morris@microsoft.com>
Signed-off-by: NMimi Zohar <zohar@linux.ibm.com>

Secure Boot stores a list of allowed certificates in the 'db' variable.
This patch imports those certificates into the platform keyring. The shim
UEFI bootloader has a similar certificate list stored in the 'MokListRT'
variable. We import those as well.

Secure Boot also maintains a list of disallowed certificates in the 'dbx'
variable. We load those certificates into the system blacklist keyring
and forbid any kernel signed with those from loading.

[zohar@linux.ibm.com: dropped Josh's original patch description]
Signed-off-by: NJosh Boyer <jwboyer@fedoraproject.org>
Signed-off-by: NDavid Howells <dhowells@redhat.com>
Signed-off-by: NNayna Jain <nayna@linux.ibm.com>
Acked-by: NSerge Hallyn <serge@hallyn.com>
Signed-off-by: NMimi Zohar <zohar@linux.ibm.com>

Add a function to parse an EFI signature blob looking for elements of
interest. A list is made up of a series of sublists, where all the
elements in a sublist are of the same type, but sublists can be of
different types.

For each sublist encountered, the function pointed to by the
get_handler_for_guid argument is called with the type specifier GUID and
returns either a pointer to a function to handle elements of that type or
NULL if the type is not of interest.

If the sublist is of interest, each element is passed to the handler
function in turn.
Signed-off-by: NDavid Howells <dhowells@redhat.com>
Signed-off-by: NNayna Jain <nayna@linux.ibm.com>
Acked-by: NSerge Hallyn <serge@hallyn.com>
Signed-off-by: NMimi Zohar <zohar@linux.ibm.com>

Add the data types that are used for containing hashes, keys and
certificates for cryptographic verification along with their corresponding
type GUIDs.
Signed-off-by: NDavid Howells <dhowells@redhat.com>
Acked-by: NNayna Jain <nayna@linux.ibm.com>
Acked-by: NSerge Hallyn <serge@hallyn.com>
Reviewed-by: NJames Morris <james.morris@microsoft.com>
Signed-off-by: NMimi Zohar <zohar@linux.ibm.com>

The patch refactors integrity_load_x509(), making it a wrapper for a new
function named integrity_add_key(). This patch also defines a new
function named integrity_load_cert() for loading the platform keys.
Signed-off-by: NNayna Jain <nayna@linux.ibm.com>
Reviewed-by: NMimi Zohar <zohar@linux.ibm.com>
Acked-by: NSerge Hallyn <serge@hallyn.com>
Reviewed-by: NJames Morris <james.morris@microsoft.com>
Reviewed-by: NThiago Jung Bauermann <bauerman@linux.ibm.com>
Signed-off-by: NMimi Zohar <zohar@linux.ibm.com>

On secure boot enabled systems, a verified kernel may need to kexec
additional kernels. For example, it may be used as a bootloader needing
to kexec a target kernel or it may need to kexec a crashdump kernel. In
such cases, it may want to verify the signature of the next kernel
image.

It is further possible that the kernel image is signed with third party
keys which are stored as platform or firmware keys in the 'db' variable.
The kernel, however, can not directly verify these platform keys, and an
administrator may therefore not want to trust them for arbitrary usage.
In order to differentiate platform keys from other keys and provide the
necessary separation of trust, the kernel needs an additional keyring to
store platform keys.

This patch creates the new keyring called ".platform" to isolate keys
provided by platform from keys by kernel. These keys are used to
facilitate signature verification during kexec. Since the scope of this
keyring is only the platform/firmware keys, it cannot be updated from
userspace.

This keyring can be enabled by setting CONFIG_INTEGRITY_PLATFORM_KEYRING.
Signed-off-by: NNayna Jain <nayna@linux.ibm.com>
Reviewed-by: NMimi Zohar <zohar@linux.ibm.com>
Acked-by: NSerge Hallyn <serge@hallyn.com>
Reviewed-by: NJames Morris <james.morris@microsoft.com>
Reviewed-by: NThiago Jung Bauermann <bauerman@linux.ibm.com>
Signed-off-by: NMimi Zohar <zohar@linux.ibm.com>

Merge tag 'for-4.20/dm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm

Pull device mapper fixes from Mike Snitzer:

 - Fix DM cache metadata to verify that a cache has block before trying
   to continue with operation that requires them.

 - Fix bio-based DM core's dm_make_request() to properly impose device
   limits on individual bios by making use of blk_queue_split().

 - Fix long-standing race with how DM thinp notified userspace of
   thin-pool mode state changes before they were actually made.

 - Fix the zoned target's bio completion handling; this is a fairly
   invassive fix at this stage but it is localized to the zoned target.
   Any zoned target users will benefit from this fix.

* tag 'for-4.20/dm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm:
  dm thin: bump target version
  dm thin: send event about thin-pool state change _after_ making it
  dm zoned: Fix target BIO completion handling
  dm: call blk_queue_split() to impose device limits on bios
  dm cache metadata: verify cache has blocks in blocks_are_clean_separate_dirty()