user/sven/linux.git/drivers/char, branch v4.14.41 Linux Kernel https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v4.14.41 2018-05-01T19:58:12Z virtio_console: reset on out of memory 2018-05-01T19:58:12Z Michael S. Tsirkin mst@redhat.com 2018-04-20T18:00:13Z urn:sha1:998d43ce034b98466e0aa1b8d56b6d524c7d0d4e commit 5c60300d68da32ca77f7f978039dc72bfc78b06b upstream. When out of memory and we can't add ctrl vq buffers, probe fails. Unfortunately the error handling is out of spec: it calls del_vqs without bothering to reset the device first. To fix, call the full cleanup function in this case. Cc: stable@vger.kernel.org Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> virtio_console: move removal code 2018-05-01T19:58:12Z Michael S. Tsirkin mst@redhat.com 2018-04-20T17:51:18Z urn:sha1:e9287108acce9b3611bc45a76801fbe242347e60 commit aa44ec867030a72e8aa127977e37dec551d8df19 upstream. Will make it reusable for error handling. Cc: stable@vger.kernel.org Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> virtio_console: drop custom control queue cleanup 2018-05-01T19:58:12Z Michael S. Tsirkin mst@redhat.com 2018-04-20T17:49:04Z urn:sha1:75fc6f2d39bfe32db91980408247edc77d189a5a commit 61a8950c5c5708cf2068b29ffde94e454e528208 upstream. We now cleanup all VQs on device removal - no need to handle the control VQ specially. Cc: stable@vger.kernel.org Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> virtio_console: free buffers after reset 2018-05-01T19:58:12Z Michael S. Tsirkin mst@redhat.com 2018-04-20T17:24:23Z urn:sha1:6b1c41a0f7183702abb7a104c6c7e196ad69a6b3 commit a7a69ec0d8e4a58be7db88d33cbfa2912807bb2b upstream. Console driver is out of spec. The spec says: A driver MUST NOT decrement the available idx on a live virtqueue (ie. there is no way to “unexpose” buffers). and it does exactly that by trying to detach unused buffers without doing a device reset first. Defer detaching the buffers until device unplug. Of course this means we might get an interrupt for a vq without an attached port now. Handle that by discarding the consumed buffer. Reported-by: Tiwei Bie <tiwei.bie@intel.com> Fixes: b3258ff1d6 ("virtio: Decrement avail idx on buffer detach") Cc: stable@vger.kernel.org Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> virtio_console: don't tie bufs to a vq 2018-05-01T19:58:11Z Michael S. Tsirkin mst@redhat.com 2018-04-20T16:54:23Z urn:sha1:4217a339b37dd8b0c001ec54f85ea84eab7f4feb commit 2855b33514d290c51d52d94e25d3ef942cd4d578 upstream. an allocated buffer doesn't need to be tied to a vq - only vq->vdev is ever used. Pass the function the just what it needs - the vdev. Cc: stable@vger.kernel.org Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> random: rate limit unseeded randomness warnings 2018-05-01T19:58:08Z Theodore Ts'o tytso@mit.edu 2018-04-25T05:12:32Z urn:sha1:76dbabb38a18ff7ec20de36e9dabcadccca9ad69 commit 4e00b339e264802851aff8e73cde7d24b57b18ce upstream. On systems without sufficient boot randomness, no point spamming dmesg. Signed-off-by: Theodore Ts'o <tytso@mit.edu> Cc: stable@vger.kernel.org Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> random: fix possible sleeping allocation from irq context 2018-05-01T19:58:08Z Theodore Ts'o tytso@mit.edu 2018-04-23T22:51:28Z urn:sha1:ffc5b50a2b53d180d977b969034cad1a9fb45d8b commit 6c1e851c4edc13a43adb3ea4044e3fc8f43ccf7d upstream. We can do a sleeping allocation from an irq context when CONFIG_NUMA is enabled. Fix this by initializing the NUMA crng instances in a workqueue. Reported-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Reported-by: syzbot+9de458f6a5e713ee8c1a@syzkaller.appspotmail.com Fixes: 8ef35c866f8862df ("random: set up the NUMA crng instances...") Cc: stable@vger.kernel.org Signed-off-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> random: set up the NUMA crng instances after the CRNG is fully initialized 2018-05-01T19:58:07Z Theodore Ts'o tytso@mit.edu 2018-04-11T19:23:56Z urn:sha1:812b51a630005ed8d0a947bece1f430474b724bf commit 8ef35c866f8862df074a49a93b0309725812dea8 upstream. Until the primary_crng is fully initialized, don't initialize the NUMA crng nodes. Otherwise users of /dev/urandom on NUMA systems before the CRNG is fully initialized can get very bad quality randomness. Of course everyone should move to getrandom(2) where this won't be an issue, but there's a lot of legacy code out there. This related to CVE-2018-1108. Reported-by: Jann Horn <jannh@google.com> Fixes: 1e7f583af67b ("random: make /dev/urandom scalable for silly...") Cc: stable@kernel.org # 4.8+ Signed-off-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> tpm: add retry logic 2018-04-29T09:33:10Z James Bottomley James.Bottomley@HansenPartnership.com 2018-03-21T18:43:48Z urn:sha1:781eeb7af2bdd4e7d0450f7b7cd5c39a04c7a841 commit e2fb992d82c626c43ed0566e07c410e56a087af3 upstream. TPM2 can return TPM2_RC_RETRY to any command and when it does we get unexpected failures inside the kernel that surprise users (this is mostly observed in the trusted key handling code). The UEFI 2.6 spec has advice on how to handle this: The firmware SHALL not return TPM2_RC_RETRY prior to the completion of the call to ExitBootServices(). Implementer’s Note: the implementation of this function should check the return value in the TPM response and, if it is TPM2_RC_RETRY, resend the command. The implementation may abort if a sufficient number of retries has been done. So we follow that advice in our tpm_transmit() code using TPM2_DURATION_SHORT as the initial wait duration and TPM2_DURATION_LONG as the maximum wait time. This should fix all the in-kernel use cases and also means that user space TSS implementations don't have to have their own retry handling. Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com> Cc: stable@vger.kernel.org Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> tpm: tpm-interface: fix tpm_transmit/_cmd kdoc 2018-04-29T09:33:10Z Winkler, Tomas tomas.winkler@intel.com 2018-03-05T12:48:25Z urn:sha1:f6891ec29c597405c0223ac20bdaf64f65acba3a commit 65520d46a4adbf7f23bbb6d9b1773513f7bc7821 upstream. Fix tmp_ -> tpm_ typo and add reference to 'space' parameter in kdoc for tpm_transmit and tpm_transmit_cmd functions. Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>