Annotation of /trunk/kernel-alx/patches-4.9/0119-4.9.20-all-fixes.patch
Parent Directory
| 
Revision Log
Revision 2956 -
(hide annotations)
(download)
Mon Jul 24 12:03:46 2017 UTC (6 years, 10 months ago) by niro
File size: 17310 byte(s)
Mon Jul 24 12:03:46 2017 UTC (6 years, 10 months ago) by niro
File size: 17310 byte(s)
-added patches-4.9
| 1 | niro | 2956 | diff --git a/Makefile b/Makefile |
| 2 | index ba1c6a8e6a70..44960184701a 100644 | ||
| 3 | --- a/Makefile | ||
| 4 | +++ b/Makefile | ||
| 5 | @@ -1,6 +1,6 @@ | ||
| 6 | VERSION = 4 | ||
| 7 | PATCHLEVEL = 9 | ||
| 8 | -SUBLEVEL = 19 | ||
| 9 | +SUBLEVEL = 20 | ||
| 10 | EXTRAVERSION = | ||
| 11 | NAME = Roaring Lionus | ||
| 12 | |||
| 13 | diff --git a/arch/c6x/kernel/ptrace.c b/arch/c6x/kernel/ptrace.c | ||
| 14 | index 3c494e84444d..a511ac16a8e3 100644 | ||
| 15 | --- a/arch/c6x/kernel/ptrace.c | ||
| 16 | +++ b/arch/c6x/kernel/ptrace.c | ||
| 17 | @@ -69,46 +69,6 @@ static int gpr_get(struct task_struct *target, | ||
| 18 | 0, sizeof(*regs)); | ||
| 19 | } | ||
| 20 | |||
| 21 | -static int gpr_set(struct task_struct *target, | ||
| 22 | - const struct user_regset *regset, | ||
| 23 | - unsigned int pos, unsigned int count, | ||
| 24 | - const void *kbuf, const void __user *ubuf) | ||
| 25 | -{ | ||
| 26 | - int ret; | ||
| 27 | - struct pt_regs *regs = task_pt_regs(target); | ||
| 28 | - | ||
| 29 | - /* Don't copyin TSR or CSR */ | ||
| 30 | - ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, | ||
| 31 | - ®s, | ||
| 32 | - 0, PT_TSR * sizeof(long)); | ||
| 33 | - if (ret) | ||
| 34 | - return ret; | ||
| 35 | - | ||
| 36 | - ret = user_regset_copyin_ignore(&pos, &count, &kbuf, &ubuf, | ||
| 37 | - PT_TSR * sizeof(long), | ||
| 38 | - (PT_TSR + 1) * sizeof(long)); | ||
| 39 | - if (ret) | ||
| 40 | - return ret; | ||
| 41 | - | ||
| 42 | - ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, | ||
| 43 | - ®s, | ||
| 44 | - (PT_TSR + 1) * sizeof(long), | ||
| 45 | - PT_CSR * sizeof(long)); | ||
| 46 | - if (ret) | ||
| 47 | - return ret; | ||
| 48 | - | ||
| 49 | - ret = user_regset_copyin_ignore(&pos, &count, &kbuf, &ubuf, | ||
| 50 | - PT_CSR * sizeof(long), | ||
| 51 | - (PT_CSR + 1) * sizeof(long)); | ||
| 52 | - if (ret) | ||
| 53 | - return ret; | ||
| 54 | - | ||
| 55 | - ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, | ||
| 56 | - ®s, | ||
| 57 | - (PT_CSR + 1) * sizeof(long), -1); | ||
| 58 | - return ret; | ||
| 59 | -} | ||
| 60 | - | ||
| 61 | enum c6x_regset { | ||
| 62 | REGSET_GPR, | ||
| 63 | }; | ||
| 64 | @@ -120,7 +80,6 @@ static const struct user_regset c6x_regsets[] = { | ||
| 65 | .size = sizeof(u32), | ||
| 66 | .align = sizeof(u32), | ||
| 67 | .get = gpr_get, | ||
| 68 | - .set = gpr_set | ||
| 69 | }, | ||
| 70 | }; | ||
| 71 | |||
| 72 | diff --git a/arch/h8300/kernel/ptrace.c b/arch/h8300/kernel/ptrace.c | ||
| 73 | index 92075544a19a..0dc1c8f622bc 100644 | ||
| 74 | --- a/arch/h8300/kernel/ptrace.c | ||
| 75 | +++ b/arch/h8300/kernel/ptrace.c | ||
| 76 | @@ -95,7 +95,8 @@ static int regs_get(struct task_struct *target, | ||
| 77 | long *reg = (long *)®s; | ||
| 78 | |||
| 79 | /* build user regs in buffer */ | ||
| 80 | - for (r = 0; r < ARRAY_SIZE(register_offset); r++) | ||
| 81 | + BUILD_BUG_ON(sizeof(regs) % sizeof(long) != 0); | ||
| 82 | + for (r = 0; r < sizeof(regs) / sizeof(long); r++) | ||
| 83 | *reg++ = h8300_get_reg(target, r); | ||
| 84 | |||
| 85 | return user_regset_copyout(&pos, &count, &kbuf, &ubuf, | ||
| 86 | @@ -113,7 +114,8 @@ static int regs_set(struct task_struct *target, | ||
| 87 | long *reg; | ||
| 88 | |||
| 89 | /* build user regs in buffer */ | ||
| 90 | - for (reg = (long *)®s, r = 0; r < ARRAY_SIZE(register_offset); r++) | ||
| 91 | + BUILD_BUG_ON(sizeof(regs) % sizeof(long) != 0); | ||
| 92 | + for (reg = (long *)®s, r = 0; r < sizeof(regs) / sizeof(long); r++) | ||
| 93 | *reg++ = h8300_get_reg(target, r); | ||
| 94 | |||
| 95 | ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, | ||
| 96 | @@ -122,7 +124,7 @@ static int regs_set(struct task_struct *target, | ||
| 97 | return ret; | ||
| 98 | |||
| 99 | /* write back to pt_regs */ | ||
| 100 | - for (reg = (long *)®s, r = 0; r < ARRAY_SIZE(register_offset); r++) | ||
| 101 | + for (reg = (long *)®s, r = 0; r < sizeof(regs) / sizeof(long); r++) | ||
| 102 | h8300_put_reg(target, r, *reg++); | ||
| 103 | return 0; | ||
| 104 | } | ||
| 105 | diff --git a/arch/metag/kernel/ptrace.c b/arch/metag/kernel/ptrace.c | ||
| 106 | index 7563628822bd..5e2dc7defd2c 100644 | ||
| 107 | --- a/arch/metag/kernel/ptrace.c | ||
| 108 | +++ b/arch/metag/kernel/ptrace.c | ||
| 109 | @@ -24,6 +24,16 @@ | ||
| 110 | * user_regset definitions. | ||
| 111 | */ | ||
| 112 | |||
| 113 | +static unsigned long user_txstatus(const struct pt_regs *regs) | ||
| 114 | +{ | ||
| 115 | + unsigned long data = (unsigned long)regs->ctx.Flags; | ||
| 116 | + | ||
| 117 | + if (regs->ctx.SaveMask & TBICTX_CBUF_BIT) | ||
| 118 | + data |= USER_GP_REGS_STATUS_CATCH_BIT; | ||
| 119 | + | ||
| 120 | + return data; | ||
| 121 | +} | ||
| 122 | + | ||
| 123 | int metag_gp_regs_copyout(const struct pt_regs *regs, | ||
| 124 | unsigned int pos, unsigned int count, | ||
| 125 | void *kbuf, void __user *ubuf) | ||
| 126 | @@ -62,9 +72,7 @@ int metag_gp_regs_copyout(const struct pt_regs *regs, | ||
| 127 | if (ret) | ||
| 128 | goto out; | ||
| 129 | /* TXSTATUS */ | ||
| 130 | - data = (unsigned long)regs->ctx.Flags; | ||
| 131 | - if (regs->ctx.SaveMask & TBICTX_CBUF_BIT) | ||
| 132 | - data |= USER_GP_REGS_STATUS_CATCH_BIT; | ||
| 133 | + data = user_txstatus(regs); | ||
| 134 | ret = user_regset_copyout(&pos, &count, &kbuf, &ubuf, | ||
| 135 | &data, 4*25, 4*26); | ||
| 136 | if (ret) | ||
| 137 | @@ -119,6 +127,7 @@ int metag_gp_regs_copyin(struct pt_regs *regs, | ||
| 138 | if (ret) | ||
| 139 | goto out; | ||
| 140 | /* TXSTATUS */ | ||
| 141 | + data = user_txstatus(regs); | ||
| 142 | ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, | ||
| 143 | &data, 4*25, 4*26); | ||
| 144 | if (ret) | ||
| 145 | @@ -244,6 +253,8 @@ int metag_rp_state_copyin(struct pt_regs *regs, | ||
| 146 | unsigned long long *ptr; | ||
| 147 | int ret, i; | ||
| 148 | |||
| 149 | + if (count < 4*13) | ||
| 150 | + return -EINVAL; | ||
| 151 | /* Read the entire pipeline before making any changes */ | ||
| 152 | ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, | ||
| 153 | &rp, 0, 4*13); | ||
| 154 | @@ -303,7 +314,7 @@ static int metag_tls_set(struct task_struct *target, | ||
| 155 | const void *kbuf, const void __user *ubuf) | ||
| 156 | { | ||
| 157 | int ret; | ||
| 158 | - void __user *tls; | ||
| 159 | + void __user *tls = target->thread.tls_ptr; | ||
| 160 | |||
| 161 | ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &tls, 0, -1); | ||
| 162 | if (ret) | ||
| 163 | diff --git a/arch/mips/kernel/ptrace.c b/arch/mips/kernel/ptrace.c | ||
| 164 | index a92994d60e91..bf83dc1eecfb 100644 | ||
| 165 | --- a/arch/mips/kernel/ptrace.c | ||
| 166 | +++ b/arch/mips/kernel/ptrace.c | ||
| 167 | @@ -485,7 +485,8 @@ static int fpr_set(struct task_struct *target, | ||
| 168 | &target->thread.fpu, | ||
| 169 | 0, sizeof(elf_fpregset_t)); | ||
| 170 | |||
| 171 | - for (i = 0; i < NUM_FPU_REGS; i++) { | ||
| 172 | + BUILD_BUG_ON(sizeof(fpr_val) != sizeof(elf_fpreg_t)); | ||
| 173 | + for (i = 0; i < NUM_FPU_REGS && count >= sizeof(elf_fpreg_t); i++) { | ||
| 174 | err = user_regset_copyin(&pos, &count, &kbuf, &ubuf, | ||
| 175 | &fpr_val, i * sizeof(elf_fpreg_t), | ||
| 176 | (i + 1) * sizeof(elf_fpreg_t)); | ||
| 177 | diff --git a/arch/sparc/kernel/ptrace_64.c b/arch/sparc/kernel/ptrace_64.c | ||
| 178 | index ac082dd8c67d..7037ca3b4328 100644 | ||
| 179 | --- a/arch/sparc/kernel/ptrace_64.c | ||
| 180 | +++ b/arch/sparc/kernel/ptrace_64.c | ||
| 181 | @@ -313,7 +313,7 @@ static int genregs64_set(struct task_struct *target, | ||
| 182 | } | ||
| 183 | |||
| 184 | if (!ret) { | ||
| 185 | - unsigned long y; | ||
| 186 | + unsigned long y = regs->y; | ||
| 187 | |||
| 188 | ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, | ||
| 189 | &y, | ||
| 190 | diff --git a/arch/x86/include/asm/kvm_page_track.h b/arch/x86/include/asm/kvm_page_track.h | ||
| 191 | index c2b8d24a235c..6226cb0eca23 100644 | ||
| 192 | --- a/arch/x86/include/asm/kvm_page_track.h | ||
| 193 | +++ b/arch/x86/include/asm/kvm_page_track.h | ||
| 194 | @@ -35,6 +35,7 @@ struct kvm_page_track_notifier_node { | ||
| 195 | }; | ||
| 196 | |||
| 197 | void kvm_page_track_init(struct kvm *kvm); | ||
| 198 | +void kvm_page_track_cleanup(struct kvm *kvm); | ||
| 199 | |||
| 200 | void kvm_page_track_free_memslot(struct kvm_memory_slot *free, | ||
| 201 | struct kvm_memory_slot *dont); | ||
| 202 | diff --git a/arch/x86/kvm/page_track.c b/arch/x86/kvm/page_track.c | ||
| 203 | index b431539c3714..85024e0cfaa5 100644 | ||
| 204 | --- a/arch/x86/kvm/page_track.c | ||
| 205 | +++ b/arch/x86/kvm/page_track.c | ||
| 206 | @@ -156,6 +156,14 @@ bool kvm_page_track_is_active(struct kvm_vcpu *vcpu, gfn_t gfn, | ||
| 207 | return !!ACCESS_ONCE(slot->arch.gfn_track[mode][index]); | ||
| 208 | } | ||
| 209 | |||
| 210 | +void kvm_page_track_cleanup(struct kvm *kvm) | ||
| 211 | +{ | ||
| 212 | + struct kvm_page_track_notifier_head *head; | ||
| 213 | + | ||
| 214 | + head = &kvm->arch.track_notifier_head; | ||
| 215 | + cleanup_srcu_struct(&head->track_srcu); | ||
| 216 | +} | ||
| 217 | + | ||
| 218 | void kvm_page_track_init(struct kvm *kvm) | ||
| 219 | { | ||
| 220 | struct kvm_page_track_notifier_head *head; | ||
| 221 | diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c | ||
| 222 | index 731044efb195..e5bc139d1ba7 100644 | ||
| 223 | --- a/arch/x86/kvm/x86.c | ||
| 224 | +++ b/arch/x86/kvm/x86.c | ||
| 225 | @@ -7976,6 +7976,7 @@ void kvm_arch_destroy_vm(struct kvm *kvm) | ||
| 226 | kvm_free_vcpus(kvm); | ||
| 227 | kvfree(rcu_dereference_check(kvm->arch.apic_map, 1)); | ||
| 228 | kvm_mmu_uninit_vm(kvm); | ||
| 229 | + kvm_page_track_cleanup(kvm); | ||
| 230 | } | ||
| 231 | |||
| 232 | void kvm_arch_free_memslot(struct kvm *kvm, struct kvm_memory_slot *free, | ||
| 233 | diff --git a/drivers/pinctrl/qcom/pinctrl-msm.c b/drivers/pinctrl/qcom/pinctrl-msm.c | ||
| 234 | index 775c88303017..bedce3453dd3 100644 | ||
| 235 | --- a/drivers/pinctrl/qcom/pinctrl-msm.c | ||
| 236 | +++ b/drivers/pinctrl/qcom/pinctrl-msm.c | ||
| 237 | @@ -594,10 +594,6 @@ static void msm_gpio_irq_unmask(struct irq_data *d) | ||
| 238 | |||
| 239 | spin_lock_irqsave(&pctrl->lock, flags); | ||
| 240 | |||
| 241 | - val = readl(pctrl->regs + g->intr_status_reg); | ||
| 242 | - val &= ~BIT(g->intr_status_bit); | ||
| 243 | - writel(val, pctrl->regs + g->intr_status_reg); | ||
| 244 | - | ||
| 245 | val = readl(pctrl->regs + g->intr_cfg_reg); | ||
| 246 | val |= BIT(g->intr_enable_bit); | ||
| 247 | writel(val, pctrl->regs + g->intr_cfg_reg); | ||
| 248 | diff --git a/drivers/usb/musb/musb_core.c b/drivers/usb/musb/musb_core.c | ||
| 249 | index 338575fb2d27..358feca54945 100644 | ||
| 250 | --- a/drivers/usb/musb/musb_core.c | ||
| 251 | +++ b/drivers/usb/musb/musb_core.c | ||
| 252 | @@ -2467,8 +2467,8 @@ static int musb_remove(struct platform_device *pdev) | ||
| 253 | pm_runtime_get_sync(musb->controller); | ||
| 254 | musb_host_cleanup(musb); | ||
| 255 | musb_gadget_cleanup(musb); | ||
| 256 | - spin_lock_irqsave(&musb->lock, flags); | ||
| 257 | musb_platform_disable(musb); | ||
| 258 | + spin_lock_irqsave(&musb->lock, flags); | ||
| 259 | musb_generic_disable(musb); | ||
| 260 | spin_unlock_irqrestore(&musb->lock, flags); | ||
| 261 | musb_writeb(musb->mregs, MUSB_DEVCTL, 0); | ||
| 262 | diff --git a/drivers/virtio/virtio_balloon.c b/drivers/virtio/virtio_balloon.c | ||
| 263 | index 9d2738e9217f..2c2e6792f7e0 100644 | ||
| 264 | --- a/drivers/virtio/virtio_balloon.c | ||
| 265 | +++ b/drivers/virtio/virtio_balloon.c | ||
| 266 | @@ -427,6 +427,8 @@ static int init_vqs(struct virtio_balloon *vb) | ||
| 267 | * Prime this virtqueue with one buffer so the hypervisor can | ||
| 268 | * use it to signal us later (it can't be broken yet!). | ||
| 269 | */ | ||
| 270 | + update_balloon_stats(vb); | ||
| 271 | + | ||
| 272 | sg_init_one(&sg, vb->stats, sizeof vb->stats); | ||
| 273 | if (virtqueue_add_outbuf(vb->stats_vq, &sg, 1, vb, GFP_KERNEL) | ||
| 274 | < 0) | ||
| 275 | diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c | ||
| 276 | index 98f87fe8f186..61cfccea77bc 100644 | ||
| 277 | --- a/fs/crypto/crypto.c | ||
| 278 | +++ b/fs/crypto/crypto.c | ||
| 279 | @@ -352,7 +352,6 @@ EXPORT_SYMBOL(fscrypt_zeroout_range); | ||
| 280 | static int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags) | ||
| 281 | { | ||
| 282 | struct dentry *dir; | ||
| 283 | - struct fscrypt_info *ci; | ||
| 284 | int dir_has_key, cached_with_key; | ||
| 285 | |||
| 286 | if (flags & LOOKUP_RCU) | ||
| 287 | @@ -364,18 +363,11 @@ static int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags) | ||
| 288 | return 0; | ||
| 289 | } | ||
| 290 | |||
| 291 | - ci = d_inode(dir)->i_crypt_info; | ||
| 292 | - if (ci && ci->ci_keyring_key && | ||
| 293 | - (ci->ci_keyring_key->flags & ((1 << KEY_FLAG_INVALIDATED) | | ||
| 294 | - (1 << KEY_FLAG_REVOKED) | | ||
| 295 | - (1 << KEY_FLAG_DEAD)))) | ||
| 296 | - ci = NULL; | ||
| 297 | - | ||
| 298 | /* this should eventually be an flag in d_flags */ | ||
| 299 | spin_lock(&dentry->d_lock); | ||
| 300 | cached_with_key = dentry->d_flags & DCACHE_ENCRYPTED_WITH_KEY; | ||
| 301 | spin_unlock(&dentry->d_lock); | ||
| 302 | - dir_has_key = (ci != NULL); | ||
| 303 | + dir_has_key = (d_inode(dir)->i_crypt_info != NULL); | ||
| 304 | dput(dir); | ||
| 305 | |||
| 306 | /* | ||
| 307 | diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c | ||
| 308 | index 9b774f4b50c8..80bb956e14e5 100644 | ||
| 309 | --- a/fs/crypto/fname.c | ||
| 310 | +++ b/fs/crypto/fname.c | ||
| 311 | @@ -350,7 +350,7 @@ int fscrypt_setup_filename(struct inode *dir, const struct qstr *iname, | ||
| 312 | fname->disk_name.len = iname->len; | ||
| 313 | return 0; | ||
| 314 | } | ||
| 315 | - ret = get_crypt_info(dir); | ||
| 316 | + ret = fscrypt_get_encryption_info(dir); | ||
| 317 | if (ret && ret != -EOPNOTSUPP) | ||
| 318 | return ret; | ||
| 319 | |||
| 320 | diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c | ||
| 321 | index 67fb6d8876d0..bb4606368eb1 100644 | ||
| 322 | --- a/fs/crypto/keyinfo.c | ||
| 323 | +++ b/fs/crypto/keyinfo.c | ||
| 324 | @@ -99,6 +99,7 @@ static int validate_user_key(struct fscrypt_info *crypt_info, | ||
| 325 | kfree(full_key_descriptor); | ||
| 326 | if (IS_ERR(keyring_key)) | ||
| 327 | return PTR_ERR(keyring_key); | ||
| 328 | + down_read(&keyring_key->sem); | ||
| 329 | |||
| 330 | if (keyring_key->type != &key_type_logon) { | ||
| 331 | printk_once(KERN_WARNING | ||
| 332 | @@ -106,11 +107,9 @@ static int validate_user_key(struct fscrypt_info *crypt_info, | ||
| 333 | res = -ENOKEY; | ||
| 334 | goto out; | ||
| 335 | } | ||
| 336 | - down_read(&keyring_key->sem); | ||
| 337 | ukp = user_key_payload(keyring_key); | ||
| 338 | if (ukp->datalen != sizeof(struct fscrypt_key)) { | ||
| 339 | res = -EINVAL; | ||
| 340 | - up_read(&keyring_key->sem); | ||
| 341 | goto out; | ||
| 342 | } | ||
| 343 | master_key = (struct fscrypt_key *)ukp->data; | ||
| 344 | @@ -121,17 +120,11 @@ static int validate_user_key(struct fscrypt_info *crypt_info, | ||
| 345 | "%s: key size incorrect: %d\n", | ||
| 346 | __func__, master_key->size); | ||
| 347 | res = -ENOKEY; | ||
| 348 | - up_read(&keyring_key->sem); | ||
| 349 | goto out; | ||
| 350 | } | ||
| 351 | res = derive_key_aes(ctx->nonce, master_key->raw, raw_key); | ||
| 352 | - up_read(&keyring_key->sem); | ||
| 353 | - if (res) | ||
| 354 | - goto out; | ||
| 355 | - | ||
| 356 | - crypt_info->ci_keyring_key = keyring_key; | ||
| 357 | - return 0; | ||
| 358 | out: | ||
| 359 | + up_read(&keyring_key->sem); | ||
| 360 | key_put(keyring_key); | ||
| 361 | return res; | ||
| 362 | } | ||
| 363 | @@ -173,12 +166,11 @@ static void put_crypt_info(struct fscrypt_info *ci) | ||
| 364 | if (!ci) | ||
| 365 | return; | ||
| 366 | |||
| 367 | - key_put(ci->ci_keyring_key); | ||
| 368 | crypto_free_skcipher(ci->ci_ctfm); | ||
| 369 | kmem_cache_free(fscrypt_info_cachep, ci); | ||
| 370 | } | ||
| 371 | |||
| 372 | -int get_crypt_info(struct inode *inode) | ||
| 373 | +int fscrypt_get_encryption_info(struct inode *inode) | ||
| 374 | { | ||
| 375 | struct fscrypt_info *crypt_info; | ||
| 376 | struct fscrypt_context ctx; | ||
| 377 | @@ -188,21 +180,15 @@ int get_crypt_info(struct inode *inode) | ||
| 378 | u8 *raw_key = NULL; | ||
| 379 | int res; | ||
| 380 | |||
| 381 | + if (inode->i_crypt_info) | ||
| 382 | + return 0; | ||
| 383 | + | ||
| 384 | res = fscrypt_initialize(); | ||
| 385 | if (res) | ||
| 386 | return res; | ||
| 387 | |||
| 388 | if (!inode->i_sb->s_cop->get_context) | ||
| 389 | return -EOPNOTSUPP; | ||
| 390 | -retry: | ||
| 391 | - crypt_info = ACCESS_ONCE(inode->i_crypt_info); | ||
| 392 | - if (crypt_info) { | ||
| 393 | - if (!crypt_info->ci_keyring_key || | ||
| 394 | - key_validate(crypt_info->ci_keyring_key) == 0) | ||
| 395 | - return 0; | ||
| 396 | - fscrypt_put_encryption_info(inode, crypt_info); | ||
| 397 | - goto retry; | ||
| 398 | - } | ||
| 399 | |||
| 400 | res = inode->i_sb->s_cop->get_context(inode, &ctx, sizeof(ctx)); | ||
| 401 | if (res < 0) { | ||
| 402 | @@ -230,7 +216,6 @@ int get_crypt_info(struct inode *inode) | ||
| 403 | crypt_info->ci_data_mode = ctx.contents_encryption_mode; | ||
| 404 | crypt_info->ci_filename_mode = ctx.filenames_encryption_mode; | ||
| 405 | crypt_info->ci_ctfm = NULL; | ||
| 406 | - crypt_info->ci_keyring_key = NULL; | ||
| 407 | memcpy(crypt_info->ci_master_key, ctx.master_key_descriptor, | ||
| 408 | sizeof(crypt_info->ci_master_key)); | ||
| 409 | |||
| 410 | @@ -285,14 +270,8 @@ int get_crypt_info(struct inode *inode) | ||
| 411 | if (res) | ||
| 412 | goto out; | ||
| 413 | |||
| 414 | - kzfree(raw_key); | ||
| 415 | - raw_key = NULL; | ||
| 416 | - if (cmpxchg(&inode->i_crypt_info, NULL, crypt_info) != NULL) { | ||
| 417 | - put_crypt_info(crypt_info); | ||
| 418 | - goto retry; | ||
| 419 | - } | ||
| 420 | - return 0; | ||
| 421 | - | ||
| 422 | + if (cmpxchg(&inode->i_crypt_info, NULL, crypt_info) == NULL) | ||
| 423 | + crypt_info = NULL; | ||
| 424 | out: | ||
| 425 | if (res == -ENOKEY) | ||
| 426 | res = 0; | ||
| 427 | @@ -300,6 +279,7 @@ int get_crypt_info(struct inode *inode) | ||
| 428 | kzfree(raw_key); | ||
| 429 | return res; | ||
| 430 | } | ||
| 431 | +EXPORT_SYMBOL(fscrypt_get_encryption_info); | ||
| 432 | |||
| 433 | void fscrypt_put_encryption_info(struct inode *inode, struct fscrypt_info *ci) | ||
| 434 | { | ||
| 435 | @@ -317,17 +297,3 @@ void fscrypt_put_encryption_info(struct inode *inode, struct fscrypt_info *ci) | ||
| 436 | put_crypt_info(ci); | ||
| 437 | } | ||
| 438 | EXPORT_SYMBOL(fscrypt_put_encryption_info); | ||
| 439 | - | ||
| 440 | -int fscrypt_get_encryption_info(struct inode *inode) | ||
| 441 | -{ | ||
| 442 | - struct fscrypt_info *ci = inode->i_crypt_info; | ||
| 443 | - | ||
| 444 | - if (!ci || | ||
| 445 | - (ci->ci_keyring_key && | ||
| 446 | - (ci->ci_keyring_key->flags & ((1 << KEY_FLAG_INVALIDATED) | | ||
| 447 | - (1 << KEY_FLAG_REVOKED) | | ||
| 448 | - (1 << KEY_FLAG_DEAD))))) | ||
| 449 | - return get_crypt_info(inode); | ||
| 450 | - return 0; | ||
| 451 | -} | ||
| 452 | -EXPORT_SYMBOL(fscrypt_get_encryption_info); | ||
| 453 | diff --git a/include/linux/fscrypto.h b/include/linux/fscrypto.h | ||
| 454 | index ff8b11b26f31..f6dfc2950f76 100644 | ||
| 455 | --- a/include/linux/fscrypto.h | ||
| 456 | +++ b/include/linux/fscrypto.h | ||
| 457 | @@ -79,7 +79,6 @@ struct fscrypt_info { | ||
| 458 | u8 ci_filename_mode; | ||
| 459 | u8 ci_flags; | ||
| 460 | struct crypto_skcipher *ci_ctfm; | ||
| 461 | - struct key *ci_keyring_key; | ||
| 462 | u8 ci_master_key[FS_KEY_DESCRIPTOR_SIZE]; | ||
| 463 | }; | ||
| 464 | |||
| 465 | @@ -256,7 +255,6 @@ extern int fscrypt_has_permitted_context(struct inode *, struct inode *); | ||
| 466 | extern int fscrypt_inherit_context(struct inode *, struct inode *, | ||
| 467 | void *, bool); | ||
| 468 | /* keyinfo.c */ | ||
| 469 | -extern int get_crypt_info(struct inode *); | ||
| 470 | extern int fscrypt_get_encryption_info(struct inode *); | ||
| 471 | extern void fscrypt_put_encryption_info(struct inode *, struct fscrypt_info *); | ||
| 472 | |||
| 473 | diff --git a/kernel/sched/deadline.c b/kernel/sched/deadline.c | ||
| 474 | index 37e2449186c4..c95c5122b105 100644 | ||
| 475 | --- a/kernel/sched/deadline.c | ||
| 476 | +++ b/kernel/sched/deadline.c | ||
| 477 | @@ -1729,12 +1729,11 @@ static void switched_to_dl(struct rq *rq, struct task_struct *p) | ||
| 478 | #ifdef CONFIG_SMP | ||
| 479 | if (tsk_nr_cpus_allowed(p) > 1 && rq->dl.overloaded) | ||
| 480 | queue_push_tasks(rq); | ||
| 481 | -#else | ||
| 482 | +#endif | ||
| 483 | if (dl_task(rq->curr)) | ||
| 484 | check_preempt_curr_dl(rq, p, 0); | ||
| 485 | else | ||
| 486 | resched_curr(rq); | ||
| 487 | -#endif | ||
| 488 | } | ||
| 489 | } | ||
| 490 | |||
| 491 | diff --git a/kernel/sched/rt.c b/kernel/sched/rt.c | ||
| 492 | index 2516b8df6dbb..f139f22ce30d 100644 | ||
| 493 | --- a/kernel/sched/rt.c | ||
| 494 | +++ b/kernel/sched/rt.c | ||
| 495 | @@ -2198,10 +2198,9 @@ static void switched_to_rt(struct rq *rq, struct task_struct *p) | ||
| 496 | #ifdef CONFIG_SMP | ||
| 497 | if (tsk_nr_cpus_allowed(p) > 1 && rq->rt.overloaded) | ||
| 498 | queue_push_tasks(rq); | ||
| 499 | -#else | ||
| 500 | +#endif /* CONFIG_SMP */ | ||
| 501 | if (p->prio < rq->curr->prio) | ||
| 502 | resched_curr(rq); | ||
| 503 | -#endif /* CONFIG_SMP */ | ||
| 504 | } | ||
| 505 | } | ||
| 506 | |||
| 507 | diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c | ||
| 508 | index 5bf7e1bfeac7..e0437a7aa1a2 100644 | ||
| 509 | --- a/net/xfrm/xfrm_policy.c | ||
| 510 | +++ b/net/xfrm/xfrm_policy.c | ||
| 511 | @@ -3062,6 +3062,11 @@ static int __net_init xfrm_net_init(struct net *net) | ||
| 512 | { | ||
| 513 | int rv; | ||
| 514 | |||
| 515 | + /* Initialize the per-net locks here */ | ||
| 516 | + spin_lock_init(&net->xfrm.xfrm_state_lock); | ||
| 517 | + spin_lock_init(&net->xfrm.xfrm_policy_lock); | ||
| 518 | + mutex_init(&net->xfrm.xfrm_cfg_mutex); | ||
| 519 | + | ||
| 520 | rv = xfrm_statistics_init(net); | ||
| 521 | if (rv < 0) | ||
| 522 | goto out_statistics; | ||
| 523 | @@ -3078,11 +3083,6 @@ static int __net_init xfrm_net_init(struct net *net) | ||
| 524 | if (rv < 0) | ||
| 525 | goto out; | ||
| 526 | |||
| 527 | - /* Initialize the per-net locks here */ | ||
| 528 | - spin_lock_init(&net->xfrm.xfrm_state_lock); | ||
| 529 | - spin_lock_init(&net->xfrm.xfrm_policy_lock); | ||
| 530 | - mutex_init(&net->xfrm.xfrm_cfg_mutex); | ||
| 531 | - | ||
| 532 | return 0; | ||
| 533 | |||
| 534 | out: | ||
| 535 | diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c | ||
| 536 | index 671a1d0333f0..a7e27e1140dd 100644 | ||
| 537 | --- a/net/xfrm/xfrm_user.c | ||
| 538 | +++ b/net/xfrm/xfrm_user.c | ||
| 539 | @@ -412,7 +412,14 @@ static inline int xfrm_replay_verify_len(struct xfrm_replay_state_esn *replay_es | ||
| 540 | up = nla_data(rp); | ||
| 541 | ulen = xfrm_replay_state_esn_len(up); | ||
| 542 | |||
| 543 | - if (nla_len(rp) < ulen || xfrm_replay_state_esn_len(replay_esn) != ulen) | ||
| 544 | + /* Check the overall length and the internal bitmap length to avoid | ||
| 545 | + * potential overflow. */ | ||
| 546 | + if (nla_len(rp) < ulen || | ||
| 547 | + xfrm_replay_state_esn_len(replay_esn) != ulen || | ||
| 548 | + replay_esn->bmp_len != up->bmp_len) | ||
| 549 | + return -EINVAL; | ||
| 550 | + | ||
| 551 | + if (up->replay_window > up->bmp_len * sizeof(__u32) * 8) | ||
| 552 | return -EINVAL; | ||
| 553 | |||
| 554 | return 0; |