Merge branch 'misc-evm-v7' into next-integrity

From cover letter:

EVM portable signatures are particularly suitable for the protection of
metadata of immutable files where metadata is signed by a s

Merge branch 'misc-evm-v7' into next-integrity

From cover letter:

EVM portable signatures are particularly suitable for the protection of
metadata of immutable files where metadata is signed by a software vendor.
They can be used for example in conjunction with an IMA policy that
appraises only executed and memory mapped files.

However, until now portable signatures can be properly installed only if
the EVM_ALLOW_METADATA_WRITES initialization flag is also set, which
disables metadata verification until an HMAC key is loaded. This will cause
metadata writes to be allowed even in the situations where they shouldn't
(metadata protected by a portable signature is immutable).

The main reason why setting the flag is necessary is that the operations
necessary to install portable signatures and protected metadata would be
otherwise denied, despite being legitimate, due to the fact that the
decision logic has to avoid an unsafe recalculation of the HMAC that would
make the unsuccessfully verified metadata valid. However, the decision
logic is too coarse, and does not fully take into account all the possible
situations where metadata operations could be allowed.

For example, if the HMAC key is not loaded and it cannot be loaded in the
future due the EVM_SETUP_COMPLETE flag being set, it wouldn't be a problem
to allow metadata operations, as they wouldn't result in an HMAC being
recalculated.

This patch set extends the decision logic and adds the necessary exceptions
to use portable signatures without turning off metadata verification and
deprecates the EVM_ALLOW_METADATA_WRITES flag.

Link: https://lore.kernel.org/linux-integrity/20210514152753.982958-1-roberto.sassu@huawei.com/

show more ...

evm: Deprecate EVM_ALLOW_METADATA_WRITES

This patch deprecates the usage of EVM_ALLOW_METADATA_WRITES, as it is no
longer necessary. All the issues that prevent the usage of EVM portable
signatures

evm: Deprecate EVM_ALLOW_METADATA_WRITES

This patch deprecates the usage of EVM_ALLOW_METADATA_WRITES, as it is no
longer necessary. All the issues that prevent the usage of EVM portable
signatures just with a public key loaded have been solved.

This flag will remain available for a short time to ensure that users are
able to use EVM without it.

Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>

show more ...

evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded

EVM_ALLOW_METADATA_WRITES is an EVM initialization flag that can be set to
temporarily disable metadata verification until all xat

evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded

EVM_ALLOW_METADATA_WRITES is an EVM initialization flag that can be set to
temporarily disable metadata verification until all xattrs/attrs necessary
to verify an EVM portable signature are copied to the file. This flag is
cleared when EVM is initialized with an HMAC key, to avoid that the HMAC is
calculated on unverified xattrs/attrs.

Currently EVM unnecessarily denies setting this flag if EVM is initialized
with a public key, which is not a concern as it cannot be used to trust
xattrs/attrs updates. This patch removes this limitation.

Fixes: ae1ba1676b88e ("EVM: Allow userland to permit modification of EVM-protected metadata")
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Cc: stable@vger.kernel.org # 4.16.x
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>

show more ...

Merge remote-tracking branch 'net/master'

Merge branch 'next' into for-linus

Prepare input updates for 5.12 merge window.

Merge tag 'v5.11' into next

Merge with mainline to get latest APIs and device tree bindings.

Merge branch 'fixes-omap3' into fixes

Merge tags 'spi-nor/for-5.11' and 'nand/for-5.11' into mtd/next

SPI NOR core changes:

- Initial support for stateful Octal DTR mode using volatile settings
- Preliminary support for JEDEC 251 (xSPI

Merge tags 'spi-nor/for-5.11' and 'nand/for-5.11' into mtd/next

SPI NOR core changes:

- Initial support for stateful Octal DTR mode using volatile settings
- Preliminary support for JEDEC 251 (xSPI) and JEDEC 216D standards
- Support for Cypress Semper flash
- Support to specify ECC block size of SPI NOR flashes
- Fixes to avoid clearing of non-volatile Block Protection bits at probe

Generic NAND core:
* ECC management:
- Add an I/O request tweaking mechanism
- Entire rework of the software BCH ECC driver, creation of a real
ECC engine, getting rid of raw NAND structures, migration to more
generic prototypes, misc fixes and style cleanup. Moved now to the
Generic NAND layer.
- Entire rework of the software Hamming ECC driver, creation of a
real ECC engine, getting rid of raw NAND structures, misc renames,
comment updates, cleanup, and style fixes. Moved now to the
generic NAND layer.
- Necessary plumbing at the NAND level to retrieve generic NAND ECC
engines (softwares and on-die).
- Update of the bindings.

Raw NAND core:
* Geting rid of the chip->ecc.priv entry.
* Fix miscellaneous typos in kernel-doc

Raw NAND controller drivers:
* AU1550: Ensure the presence of the right includes
* Davinci: Do not use extra dereferencing
* GPMI:
- Fix the driver only sense CS0 R/B issue
- Fix the random DMA timeout issue
- Use a single line for of_device_id
- Use of_device_get_match_data()
- Fix reference count leak in gpmi ops
- Cleanup makefile
- Fix binding matching of clocks on different SoCs
* Ingenic: remove redundant get_device() in ingenic_ecc_get()
* Intel LGM: New NAND controller driver
* Marvell: Drop useless line
* Meson:
- Fix a resource leak in init
- Fix meson_nfc_dma_buffer_release() arguments
* mxc:
- Use device_get_match_data()
- Use a single line for of_device_id
- Remove platform data support
* Qcom:
- Add support for SDX55
- Support for IPQ6018 QPIC NAND controller
- Fix DMA sync on FLASH_STATUS register read
* Rockchip: New NAND controller driver for RK3308, RK2928 and others
* Sunxi: Add MDMA support

SPI-NAND core:
* Creation of a SPI-NAND on-die ECC engine
* Move ECC related definitions earlier in the driver
* Fix typo in comment
* Fill a default ECC provider/algorithm
* Remove outdated comment
* Fix OOB read
* Allow the case where there is no ECC engine
* Use the external ECC engine logic

SPI-NAND chip drivers:
* Micron:
- Add support for MT29F2G01AAAED
- Use more specific names
* Macronix:
- Add support for MX35LFxG24AD
- Add support for MX35LFxGE4AD

Others:
* onenand: Use mtd->oops_panic_write as condition
* plat-ram: correctly free memory on error path in platram_probe()

show more ...

Merge branch 'for-5.11/elecom' into for-linus

- support for EX-G M-XGL20DLBK device, from YOSHIOKA Takuma

Merge remote-tracking branch 'spi/for-5.11' into spi-next

Merge remote-tracking branch 'regulator/for-5.11' into regulator-next

Merge remote-tracking branch 'asoc/for-5.11' into asoc-next

Merge series "spi: spi-geni-qcom: Use gpio descriptors for CS" from Stephen Boyd <swboyd@chromium.org>:

Collected patches from the two series below and associated tags so they
can be merged in one p

Merge series "spi: spi-geni-qcom: Use gpio descriptors for CS" from Stephen Boyd <swboyd@chromium.org>:

Collected patches from the two series below and associated tags so they
can be merged in one pile through the spi tree. Merry December!

SPI: https://lore.kernel.org/r/20201202214935.1114381-1-swboyd@chromium.org
cros-ec: https://lore.kernel.org/r/20201203011649.1405292-1-swboyd@chromium.org

Cc: Akash Asthana <akashast@codeaurora.org>
Cc: Simon Glass <sjg@chromium.org>
Cc: Gwendal Grignou <gwendal@chromium.org>
Cc: Douglas Anderson <dianders@chromium.org>
Cc: Alexandru M Stan <amstan@chromium.org>

Stephen Boyd (3):
platform/chrome: cros_ec_spi: Don't overwrite spi::mode
platform/chrome: cros_ec_spi: Drop bits_per_word assignment
spi: spi-geni-qcom: Use the new method of gpio CS control

drivers/platform/chrome/cros_ec_spi.c | 2 --
drivers/spi/spi-geni-qcom.c | 1 +
2 files changed, 1 insertion(+), 2 deletions(-)

base-commit: b65054597872ce3aefbc6a666385eabdf9e288da
--
https://chromeos.dev

show more ...

Merge branches 'for-next/kvm-build-fix', 'for-next/va-refactor', 'for-next/lto', 'for-next/mem-hotplug', 'for-next/cppc-ffh', 'for-next/pad-image-header', 'for-next/zone-dma-default-32-bit', 'for-nex

Merge branches 'for-next/kvm-build-fix', 'for-next/va-refactor', 'for-next/lto', 'for-next/mem-hotplug', 'for-next/cppc-ffh', 'for-next/pad-image-header', 'for-next/zone-dma-default-32-bit', 'for-next/signal-tag-bits' and 'for-next/cmdline-extended' into for-next/core

* for-next/kvm-build-fix:
: Fix KVM build issues with 64K pages
KVM: arm64: Fix build error in user_mem_abort()

* for-next/va-refactor:
: VA layout changes
arm64: mm: don't assume struct page is always 64 bytes
Documentation/arm64: fix RST layout of memory.rst
arm64: mm: tidy up top of kernel VA space
arm64: mm: make vmemmap region a projection of the linear region
arm64: mm: extend linear region for 52-bit VA configurations

* for-next/lto:
: Upgrade READ_ONCE() to RCpc acquire on arm64 with LTO
arm64: lto: Strengthen READ_ONCE() to acquire when CONFIG_LTO=y
arm64: alternatives: Remove READ_ONCE() usage during patch operation
arm64: cpufeatures: Add capability for LDAPR instruction
arm64: alternatives: Split up alternative.h
arm64: uaccess: move uao_* alternatives to asm-uaccess.h

* for-next/mem-hotplug:
: Memory hotplug improvements
arm64/mm/hotplug: Ensure early memory sections are all online
arm64/mm/hotplug: Enable MEM_OFFLINE event handling
arm64/mm/hotplug: Register boot memory hot remove notifier earlier
arm64: mm: account for hotplug memory when randomizing the linear region

* for-next/cppc-ffh:
: Add CPPC FFH support using arm64 AMU counters
arm64: abort counter_read_on_cpu() when irqs_disabled()
arm64: implement CPPC FFH support using AMUs
arm64: split counter validation function
arm64: wrap and generalise counter read functions

* for-next/pad-image-header:
: Pad Image header to 64KB and unmap it
arm64: head: tidy up the Image header definition
arm64/head: avoid symbol names pointing into first 64 KB of kernel image
arm64: omit [_text, _stext) from permanent kernel mapping

* for-next/zone-dma-default-32-bit:
: Default to 32-bit wide ZONE_DMA (previously reduced to 1GB for RPi4)
of: unittest: Fix build on architectures without CONFIG_OF_ADDRESS
mm: Remove examples from enum zone_type comment
arm64: mm: Set ZONE_DMA size based on early IORT scan
arm64: mm: Set ZONE_DMA size based on devicetree's dma-ranges
of: unittest: Add test for of_dma_get_max_cpu_address()
of/address: Introduce of_dma_get_max_cpu_address()
arm64: mm: Move zone_dma_bits initialization into zone_sizes_init()
arm64: mm: Move reserve_crashkernel() into mem_init()
arm64: Force NO_BLOCK_MAPPINGS if crashkernel reservation is required
arm64: Ignore any DMA offsets in the max_zone_phys() calculation

* for-next/signal-tag-bits:
: Expose the FAR_EL1 tag bits in siginfo
arm64: expose FAR_EL1 tag bits in siginfo
signal: define the SA_EXPOSE_TAGBITS bit in sa_flags
signal: define the SA_UNSUPPORTED bit in sa_flags
arch: provide better documentation for the arch-specific SA_* flags
signal: clear non-uapi flag bits when passing/returning sa_flags
arch: move SA_* definitions to generic headers
parisc: start using signal-defs.h
parisc: Drop parisc special case for __sighandler_t

* for-next/cmdline-extended:
: Add support for CONFIG_CMDLINE_EXTENDED
arm64: Extend the kernel command line from the bootloader
arm64: kaslr: Refactor early init command line parsing

show more ...

Merge branch 'cpufreq/scmi' into cpufreq/arm/linux-next

Merge tag 'auxbus-5.11-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core into asoc-5.11

Auxiliary Bus support tag for 5.11-rc1

This is a signed tag for other subsystems to be

Merge tag 'auxbus-5.11-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core into asoc-5.11

Auxiliary Bus support tag for 5.11-rc1

This is a signed tag for other subsystems to be able to pull in the
auxiliary bus support into their trees for the 5.11-rc1 merge.

Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

show more ...

Merge tag 'v5.10-rc6' into ras/core

Merge the -rc6 tag to pick up dependent changes.

Signed-off-by: Borislav Petkov <bp@suse.de>

Merge tag 'v5.10-rc6' into x86/cache

Merge -rc6 tag to pick up dependent changes.

Signed-off-by: Borislav Petkov <bp@suse.de>

Merge tag 'v5.10-rc6' into patchwork

Linux 5.10-rc6

* tag 'v5.10-rc6': (1815 commits)
Linux 5.10-rc6
sock: set sk_err to ee_errno on dequeue from errq
mptcp: fix NULL ptr dereference on bad M

Merge tag 'v5.10-rc6' into patchwork

Linux 5.10-rc6

* tag 'v5.10-rc6': (1815 commits)
Linux 5.10-rc6
sock: set sk_err to ee_errno on dequeue from errq
mptcp: fix NULL ptr dereference on bad MPJ
net: openvswitch: fix TTL decrement action netlink message format
perf probe: Change function definition check due to broken DWARF
perf probe: Fix to die_entrypc() returns error correctly
perf stat: Use proper cpu for shadow stats
perf record: Synthesize cgroup events only if needed
perf diff: Fix error return value in __cmd_diff()
perf tools: Update copy of libbpf's hashmap.c
x86/mce: Do not overwrite no_way_out if mce_end() fails
kvm: x86/mmu: Fix get_mmio_spte() on CPUs supporting 5-level PT
KVM: x86: Fix split-irqchip vs interrupt injection window request
KVM: x86: handle !lapic_in_kernel case in kvm_cpu_*_extint
usb: typec: stusb160x: fix power-opmode property with typec-power-opmode
printk: finalize records with trailing newlines
can: af_can: can_rx_unregister(): remove WARN() statement from list operation sanity check
can: m_can: m_can_dev_setup(): add support for bosch mcan version 3.3.0
can: m_can: fix nominal bitiming tseg2 min for version >= 3.1
can: m_can: m_can_open(): remove IRQF_TRIGGER_FALLING from request_threaded_irq()'s flags
...

show more ...

Backmerge tag 'v5.10-rc2' into arm/drivers

The SCMI pull request for the arm/drivers branch requires v5.10-rc2
because of dependencies with other git trees, so merge that in here.

Signed-off-by: Ar

Backmerge tag 'v5.10-rc2' into arm/drivers

The SCMI pull request for the arm/drivers branch requires v5.10-rc2
because of dependencies with other git trees, so merge that in here.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>

show more ...

Merge branch 'linus' into sched/core, to resolve semantic conflict

Signed-off-by: Ingo Molnar <mingo@kernel.org>

Merge remote-tracking branch 'origin/master' into perf/core

Further perf/core patches will depend on:

d3f7b1bb2040 ("mm/gup: fix gup_fast with dynamic page table folding")

which is already in Li

Merge remote-tracking branch 'origin/master' into perf/core

Further perf/core patches will depend on:

d3f7b1bb2040 ("mm/gup: fix gup_fast with dynamic page table folding")

which is already in Linus' tree.

show more ...

Merge branch 'topic/usb-audio-refactoring' into for-next

Pull the USB audio improvement

Signed-off-by: Takashi Iwai <tiwai@suse.de>

Merge tag 'v5.10-rc4' into devel

Linux 5.10-rc4

Merge branch 'for-rc' into rdma.git

From https://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma.git

The rc RDMA branch is needed due to dependencies on the next patches.

Signed-off-by: Jason Gu

Merge branch 'for-rc' into rdma.git

From https://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma.git

The rc RDMA branch is needed due to dependencies on the next patches.

Signed-off-by: Jason Gunthorpe <jgg@nvidia.com>

show more ...