-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAU71KqhOxKuMESys7AQKIwRAAgOXB0hjYkWKCHL2B1/8bNUtRKQKHsCms
4HgNuLQ4v+RjpXDd4u0HvjkuD2ADDZlBPNSylsLsrnSXS7gH/b36vetAi8zYR/6B
Tuvorh6BfnOkN61Xg0mwlnXkp9jisTwaZofMTDlpQ4gPAAy098Lb73ONIIlJFIH9
WrUH/LLcPqtexdOOFtXPTBH0uz+qu8tcQHAotkP7Uwr4lDliVu1u4F2HkxRPvLjc
IKSgb1mRa0AU0mKXbdqFREBhpVIOPS7r5mIisKnUh2d8LysSiA++zlD8/t2pfsVM
enR7fo9pBEtJwhCrkff2p39DijR4M7s+SYF9soa9+9HQADt9D4bEtliqejGEkuQP
CBl4LZ4eHlh1bjQbay+PixDmFxEbN14IKkvNaXBvoax8f0DdXV2URGxmhU0tM08U
SFt2FaHhlBOsn4mhSoKJQnfHla5MP06ukrz4T+Qn2xd+lAX9e/sEBUQqT26o5Mgt
3yTaBrg4PREYjPVhguKT04tWrMdtvxY0nKRuUUeEcT7EQNVB5v/efGaWCxLI5k3O
wbkq5JvzSdq+VJOrby8m37fnEN7pxmF7mwOPXYfe3WPwJeX7xiYRc2ZGFntKdNzn
zSNKC4/OYiNwn+2ANL89kcJ3pJyoJ57SsMPiXpCCekPIcLtvGddoCvZae6f171HA
ZzlbxkjIxg0=
=e1NL
-----END PGP SIGNATURE-----
Merge tag 'keys-pefile-20140709' into keys-next
Here's a set of changes that implement a PE file signature checker.
This provides the following facility:
(1) Extract the signature from the PE file. This is a PKCS#7 message
containing, as its data, a hash of the signed parts of the file.
(2) Digest the signed parts of the file.
(3) Compare the digest with the one from the PKCS#7 message.
(4) Validate the signatures on the PKCS#7 message and indicate
whether it was matched by a trusted key.
Signed-off-by: David Howells <dhowells@redhat.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAU7vyohOxKuMESys7AQJRkQ//XhtkCB9qDPrD/Hq6s3SDB7FCPWk8eJ9M
GhawiLonBFgsRqWst20cW1syc+7ECjkTZU0vD5GqMHealXj9Fho+7jyf08ShP+jM
AFBRfjoHKklOuh4C1lhB5IglR1zAXpmLHA2mP/r58BjEpOBEwlmh8rri/9/kk6iX
hAV79d23IaoM4ueGb4vVy61ZpsKA0YQadJK1xRjXzFPAuS3f4i6W7uKG9QmsJ56m
DaP++rtyJPByRVb/tJqUeJAIPaXQg9JRXD8tNGJ2qCdulEbHJQhNzp2ukQEMmfhS
RaogNO7jcfdM/4BeIoRJxNt3VcvHChSdbXP1YO4V792BdxnjsXO8GdEKXp53ijoP
mZ6Z1JsmpFKPGvAWA0eQUMYU4vnRzAtIo4CgdsIAQYpGrxOOnv+28UWalm7NLC1l
++YCesD03atd/XrdSNF082Xh8TTcRKI1OBOtBDya2ZhKMy56Bj/l6rOYVBw+Au6E
Yfressl7jCRaaT/ZHefZwKsJ5ac+MTcwAk0LlKflg+f8vdpMDnUfZxhUheM2EwWw
RyTHHa6IWUyYIOTXQ88KF1PmNXgGWBhe90yrHO909yaNWBnvFbPdJ91DuXvKUjza
SZ0GLS2+Vt+6TnlzxaHITE1ly5m3avZDAosIqEhGKymG6EL0mg469vpNGJNUbvIp
5jZqJ8wSF5Q=
=aRKT
-----END PGP SIGNATURE-----
Merge tag 'keys-pkcs7-20140708' into keys-next
Here's a set of changes that implement a PKCS#7 message parser in the kernel.
The PKCS#7 message parsing will then be used to limit kexec to authenticated
kernels only if so configured.
The changes provide the following facilities:
(1) Parse an ASN.1 PKCS#7 message and pick out useful bits such as the data
content and the X.509 certificates used to sign it and all the data
signatures.
(2) Verify all the data signatures against the set of X.509 certificates
available in the message.
(3) Follow the certificate chains and verify that:
(a) for every self-signed X.509 certificate, check that it validly signed
itself, and:
(b) for every non-self-signed certificate, if we have a 'parent'
certificate, the former is validly signed by the latter.
(4) Look for intersections between the certificate chains and the trusted
keyring, if any intersections are found, verify that the trusted
certificates signed the intersection point in the chain.
(5) For testing purposes, a key type can be made available that will take a
PKCS#7 message, check that the message is trustworthy, and if so, add its
data content into the key.
Note that (5) has to be altered to take account of the preparsing patches
already committed to this branch.
Signed-off-by: David Howells <dhowells@redhat.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAU87N9hOxKuMESys7AQJM3Q//e0+QcgWB+kOThu2rYvY85CKwF1ggtAmr
1S9cPgqE1Md4e2ipCBuAYfod6XhKxoWjgK99x6KGbagRBEVXXDvuzA1HsiglVkCJ
tZJDWTvydJrSE4p32SdkrjH1FgZ91SY2TyMUVhGLimGZh9qxuIXsxnivg9ma8h5A
R/uokOLexui1Z4yjYhdJh2pfJ2vMirRcFdYICcVcEXzT7ZSH8Jx/yhTv3byuYXl0
VfKtosgSzv7q9eFBo8uB3OtI+EAd9X7qfehxb0uVBtAl7tuvfMVgMGT2l0XpjqWQ
hifYCxVojk0iAmmPVJ2hMyVFTzjZ0k4X0FOF8nwg6+7C2CWGdYjkv0C4ugKaCR9y
t6W0flK6gYtMpUKxiv58flYpgPVHG5Ot4jSCJ9BvY3yoXWmzFi1Ctnr0MGXXhdNG
zZps9t17v2OSbc3ltLnAqphd8xUHP5/23+rf5+/5UfnNiUMk8tutWZlVNVM2yJ2P
Udig4c04/fYYwUeSoZN3IU9nRjn/ozgw2TlR43b/trTumwaDpcUIgsZuMRhlgbtm
xziBBNxKXF9Ck3fc2l74p9TZJ+fCaJjNfEuewOmmAwL7Pfeo/MdMzHhV02NZT8mw
GfOaFSl7FKRHahv/KBWpA4RyyUS/xRTJ770bkbFGmOSeo+kU1BCcDSGd+jb2QFBh
VU6XUQXoAxE=
=6fu+
-----END PGP SIGNATURE-----
Merge tag 'keys-preparse-1-20140722' into keys-next
Here are a set of changes that make all but encrypted and trusted keys use
preparsing. Unfortunately, encrypted and trusted keys incorrectly use the
update op to alter a key, so other changes will need to be made for them.
These changes permit payload parsing when instantiating or updating a key to be
done before locks are taken and to determine the amount of quota that will be
required in advance. The latter will make it possible to do LRU discard before
any locks are taken.
Signed-off-by: David Howells <dhowells@redhat.com>
Provide key preparsing for the request_key_auth key type so that we can make
preparsing mandatory. This does nothing as this type can only be set up
internally to the kernel.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Steve Dickson <steved@redhat.com>
Acked-by: Jeff Layton <jlayton@primarydata.com>
Provide key preparsing in the keyring so that we can make preparsing
mandatory. For keyrings, however, only an empty payload is permitted.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Steve Dickson <steved@redhat.com>
Acked-by: Jeff Layton <jlayton@primarydata.com>
Make use of key preparsing in the big key type so that quota size determination
can take place prior to keyring locking when a key is being added.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Steve Dickson <steved@redhat.com>
Make use of key preparsing in the RxRPC protocol so that quota size
determination can take place prior to keyring locking when a key is being
added.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Steve Dickson <steved@redhat.com>
Make use of key preparsing in the DNS resolver so that quota size determination
can take place prior to keyring locking when a key is being added.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Steve Dickson <steved@redhat.com>
Acked-by: Jeff Layton <jlayton@primarydata.com>
Ceph can use user_match() instead of defining its own identical function.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Steve Dickson <steved@redhat.com>
Reviewed-by: Sage Weil <sage@redhat.com>
cc: Tommi Virtanen <tommi.virtanen@dreamhost.com>
Make use of key preparsing in Ceph so that quota size determination can take
place prior to keyring locking when a key is being added.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Steve Dickson <steved@redhat.com>
Reviewed-by: Sage Weil <sage@redhat.com>
cc: Tommi Virtanen <tommi.virtanen@dreamhost.com>
Make use of key preparsing in user-defined and logon keys so that quota size
determination can take place prior to keyring locking when a key is being
added.
Also the idmapper key types need to change to match as they use the
user-defined key type routines.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Steve Dickson <steved@redhat.com>
Acked-by: Jeff Layton <jlayton@primarydata.com>
Call the ->free_preparse() key type op even after ->preparse() returns an
error as it does cleaning up type stuff.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Steve Dickson <steved@redhat.com>
Acked-by: Jeff Layton <jlayton@primarydata.com>
Reviewed-by: Sage Weil <sage@redhat.com>
Allow a key type's preparsing routine to set the expiry time for a key.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Steve Dickson <steved@redhat.com>
Acked-by: Jeff Layton <jlayton@primarydata.com>
Reviewed-by: Sage Weil <sage@redhat.com>
struct key_preparsed_payload should have two payload pointers to correspond
with those in struct key.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Steve Dickson <steved@redhat.com>
Acked-by: Jeff Layton <jlayton@primarydata.com>
Reviewed-by: Sage Weil <sage@redhat.com>
Provide a generic instantiation function for key types that use the preparse
hook. This makes it easier to prereserve key quota before keyrings get locked
to retain the new key.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Steve Dickson <steved@redhat.com>
Acked-by: Jeff Layton <jlayton@primarydata.com>
Reviewed-by: Sage Weil <sage@redhat.com>
When SIGNATURE=y but depends on CRYPTO=m, it selects MPILIB as module
producing build break. This patch makes digsig to select crypto for
correcting dependency.
Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: David Howells <dhowells@redhat.com>
You can select MPILIB_EXTRA all you want, it doesn't exist ;-)
Surprised kconfig doesn't complain about that...
Signed-off-by: Jean Delvare <jdelvare@suse.de>
Acked-by: Marek Vasut <marex@denx.de>
Signed-off-by: David Howells <dhowells@redhat.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "David S. Miller" <davem@davemloft.net>
Special kernel keys, such as those used to hold DNS results for AFS, CIFS and
NFS and those used to hold idmapper results for NFS, used to be
'invalidateable' with key_revoke(). However, since the default permissions for
keys were reduced:
Commit: 96b5c8fea6
KEYS: Reduce initial permissions on keys
it has become impossible to do this.
Add a key flag (KEY_FLAG_ROOT_CAN_INVAL) that will permit a key to be
invalidated by root. This should not be used for system keyrings as the
garbage collector will try and remove any invalidate key. For system keyrings,
KEY_FLAG_ROOT_CAN_CLEAR can be used instead.
After this, from userspace, keyctl_invalidate() and "keyctl invalidate" can be
used by any possessor of CAP_SYS_ADMIN (typically root) to invalidate DNS and
idmapper keys. Invalidated keys are immediately garbage collected and will be
immediately rerequested if needed again.
Signed-off-by: David Howells <dhowells@redhat.com>
Tested-by: Steve Dickson <steved@redhat.com>
Require all keys added to the IMA keyring be signed by an
existing trusted key on the system trusted keyring.
Changelog v6:
- remove ifdef CONFIG_IMA_TRUSTED_KEYRING in C code - Dmitry
- update Kconfig dependency and help
- select KEYS_DEBUG_PROC_KEYS - Dmitry
Changelog v5:
- Move integrity_init_keyring() to init_ima() - Dmitry
- reset keyring[id] on failure - Dmitry
Changelog v1:
- don't link IMA trusted keyring to user keyring
Changelog:
- define stub integrity_init_keyring() function (reported-by Fengguang Wu)
- differentiate between regular and trusted keyring names.
- replace printk with pr_info (D. Kasatkin)
- only make the IMA keyring a trusted keyring (reported-by D. Kastatkin)
- define stub integrity_init_keyring() definition based on
CONFIG_INTEGRITY_SIGNATURE, not CONFIG_INTEGRITY_ASYMMETRIC_KEYS.
(reported-by Jim Davis)
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Acked-by: David Howells <dhowells@redhat.com>
Instead of allowing public keys, with certificates signed by any
key on the system trusted keyring, to be added to a trusted keyring,
this patch further restricts the certificates to those signed only by
builtin keys on the system keyring.
This patch defines a new option 'builtin' for the kernel parameter
'keys_ownerid' to allow trust validation using builtin keys.
Simplified Mimi's "KEYS: define an owner trusted keyring" patch
Changelog v7:
- rename builtin_keys to use_builtin_keys
Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Instead of allowing public keys, with certificates signed by any
key on the system trusted keyring, to be added to a trusted keyring,
this patch further restricts the certificates to those signed by a
particular key on the system keyring.
This patch defines a new kernel parameter 'ca_keys' to identify the
specific key which must be used for trust validation of certificates.
Simplified Mimi's "KEYS: define an owner trusted keyring" patch.
Changelog:
- support for builtin x509 public keys only
- export "asymmetric_keyid_match"
- remove ifndefs MODULE
- rename kernel boot parameter from keys_ownerid to ca_keys
Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
To avoid code duplication this patch refactors asymmetric_key_match(),
making partial ID string match a separate function.
This patch also implicitly fixes a bug in the code. asymmetric_key_match()
allows to match the key by its subtype. But subtype matching could be
undone if asymmetric_key_id(key) would return NULL. This patch first
checks for matching spec and then for its value.
Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Only public keys, with certificates signed by an existing
'trusted' key on the system trusted keyring, should be added
to a trusted keyring. This patch adds support for verifying
a certificate's signature.
This is derived from David Howells pkcs7_request_asymmetric_key() patch.
Changelog v6:
- on error free key - Dmitry
- validate trust only for not already trusted keys - Dmitry
- formatting cleanup
Changelog:
- define get_system_trusted_keyring() to fix kbuild issues
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Dmitry Kasatkin <dmitry.kasatkin@gmail.com>
Dot prefixed keyring names are supposed to be reserved for the
kernel, but add_key() calls key_get_type_from_user(), which
incorrectly verifies the 'type' field, not the 'description' field.
This patch verifies the 'description' field isn't dot prefixed,
when creating a new keyring, and removes the dot prefix test in
key_get_type_from_user().
Changelog v6:
- whitespace and other cleanup
Changelog v5:
- Only prevent userspace from creating a dot prefixed keyring, not
regular keys - Dmitry
Reported-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Acked-by: David Howells <dhowells@redhat.com>
The asynchronous hash API allows initiating a hash calculation and
then performing other tasks, while waiting for the hash calculation
to complete.
This patch introduces usage of double buffering for simultaneous
hashing and reading of the next chunk of data from storage.
Changes in v3:
- better comments
Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Use of multiple-page collect buffers reduces:
1) the number of block IO requests
2) the number of asynchronous hash update requests
Second is important for HW accelerated hashing, because significant
amount of time is spent for preparation of hash update operation,
which includes configuring acceleration HW, DMA engine, etc...
Thus, HW accelerators are more efficient when working on large
chunks of data.
This patch introduces usage of multi-page collect buffers. Buffer size
can be specified using 'ahash_bufsize' module parameter. Default buffer
size is 4096 bytes.
Changes in v3:
- kernel parameter replaced with module parameter
Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Async hash API allows the use of HW acceleration for hash calculation.
It may give significant performance gain and/or reduce power consumption,
which might be very beneficial for battery powered devices.
This patch introduces hash calculation using ahash API. ahash performance
depends on the data size and the particular HW. Depending on the specific
system, shash performance may be better.
This patch defines 'ahash_minsize' module parameter, which is used to
define the minimal file size to use with ahash. If this minimum file size
is not set or the file is smaller than defined by the parameter, shash will
be used.
Changes in v3:
- kernel parameter replaced with module parameter
- pr_crit replaced with pr_crit_ratelimited
- more comment changes - Mimi
Changes in v2:
- ima_ahash_size became as ima_ahash
- ahash pre-allocation moved out from __init code to be able to use
ahash crypto modules. Ahash allocated once on the first use.
- hash calculation falls back to shash if ahash allocation/calculation fails
- complex initialization separated from variable declaration
- improved comments
Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Replace spaces in op keyword labels in log output since userspace audit tools
can't parse orphaned keywords.
Reported-by: Steve Grubb <sgrubb@redhat.com>
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
process_measurement() always calls ima_template_desc_current(),
including when an IMA policy has not been defined.
This patch delays template descriptor lookup until action is
determined.
Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Before 2.6.39 inode->i_readcount was maintained by IMA. It was not atomic
and protected using spinlock. For 2.6.39, i_readcount was converted to
atomic and maintaining was moved VFS layer. Spinlock for some unclear
reason was replaced by i_mutex.
After analyzing the code, we came to conclusion that i_mutex locking is
unnecessary, especially when an IMA policy has not been defined.
This patch removes i_mutex locking from ima_rdwr_violation_check().
Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
(introduced in 3.15) that can end up triggering a file system
corruption error after a journal replay. (It shouldn't lead to any
actual data corruption, but it is scary and can force file systems to
be remounted read-only, etc.)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABCAAGBQJTwuY+AAoJENNvdpvBGATwgN8QAJ2/S5GFxQwHbglHmayXYuMQ
fU411FwJ1wbqjYyYb+jyBoYcsgpsCKPTqA2JbPlHsFTm2Ec+BPzsybhtYw5ybdeW
1qAfPTSgNxYXroNwpaqOamxgfXgOaV4iqwvZ4tYcLcrtPq0MOcC5rlSaKMdJuSA1
6M2/8PijOTndUVJpS/GhSMdKlTAXjtfv9V6t/pfLuoo7cNadlggpJnwC8Qm9DNAA
5ETVZK44q2+2YvGwrvY6LBb9BVBpL29YbWPNqqw/OXXY++ZFhBJV07osZO38MpsB
QzUyfRaMTgm9/BdbkG8uxA7Zk6C0YBl5eC4aU79LWGWjGO225CLj95LoBOVjQw9f
eh+RFGapwVvtyzScDF/a9pH6UwGco/s4kCq8rLr2ztljlO595N3LUwhQBHtiSGtm
fr65NRDyJMXbqy8yLGrlOnP/4ll2VfTH+el2+tzr5smoTD29EASM155hKDDUOAG0
TrDHtNrxG1MIROHjp+HSui424Op7NXTnfjwmuKzo+mGpPOcPclPSmAacFJpRGVBE
220hnk+LrBf525nJzQYHifdCL+JAqbWv/S4YSRGizgppK3DlO/gYcu1zpWb0WWuo
0VuvxUZDSIZY1aVpMEOQov74WtovB7YyG8RPHl7h2m5dJuLLFgJmLDMDTJR1LLNT
+tHNJ6jERLQz9wqTvquh
=OX7Z
-----END PGP SIGNATURE-----
Merge tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4
Pull ext4 bugfixes from Ted Ts'o:
"More bug fixes for ext4 -- most importantly, a fix for a bug
introduced in 3.15 that can end up triggering a file system corruption
error after a journal replay.
It shouldn't lead to any actual data corruption, but it is scary and
can force file systems to be remounted read-only, etc"
* tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4:
ext4: fix potential null pointer dereference in ext4_free_inode
ext4: fix a potential deadlock in __ext4_es_shrink()
ext4: revert commit which was causing fs corruption after journal replays
ext4: disable synchronous transaction batching if max_batch_time==0
ext4: clarify ext4_error message in ext4_mb_generate_buddy_error()
ext4: clarify error count warning messages
ext4: fix unjournalled bg descriptor while initializing inode bitmap
Samsung, ST & TI. Most of them are of the "this hardware won't work
without this fix" variety, including patches that fix platforms that did
not boot under certain configurations. Other fixes are the result of
changes to the clock core introduced in 3.15 that had subtle impacts on
the clock drivers.
There are no fixes to the clock framework core in this pull request.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
iQIcBAABAgAGBQJTwrM0AAoJEDqPOy9afJhJGtgP/j99sWo/P/Q+wkybYfvlAvYF
UC69GdYIV4PpHXq7JDrs9n48cf8Cte6QsYTVxFipmcBKiZrxoH1Ft6AZk0XuzHPb
bONgwlxPH03Xy/pm1aWO3AX7zMiOzTlxAqPuisJa4rbBty3XOQqEFyuJnHEW2m59
L754YWvT6dAzYyU1LQE4iSGPD8Dmh/oVvjg17+hM6//yM3fspYA3gzui/Lj4L1sx
QL0FFo6SJ4vvn9MMen+/UgZZ2G25fR4e0AONvz+rzBA2fmCGoQbNs26Iyi+MpEtg
DlXGcMTwl3Cj+mulalAIxBJ441KDtqm6TZ7iIEuaBUDCxFxNIuvup8FuMIAjDlt4
+V6OTFA7tlYr8UGQ/KRiTTgd6TKKUu9FpKmYOq/K1VZZls6m2hVTWvcwZ/217VYq
cimnVrHGs22vXhYKL2S3/TWfioiVP3vN08+NQOI5IRhYfXm+oPMuWwahHU/VnY2C
AaAUaHgqSlLmIbGqgvsjDQglRyGajs8oz/SfDuxXTBClc/6lu4ENNL9UQffdBTV4
IfrU+ALRR+CjPtLOHUTrLIHldGbn40Ff0fdKyJ/iGtdE+iiNJcnoU2G0uuhMP4eP
JpAMY2XrzZWGVJegjvg1m1Qfv85FBJhUB6+T5wIFYwKwBPzSf/yx0YTt+R0mp7Lg
g0CWTO3SoDeKDSK2Yzr2
=6n8W
-----END PGP SIGNATURE-----
Merge tag 'clk-fixes-for-linus' of git://git.linaro.org/people/mike.turquette/linux
Pull clock driver fixes from Mike Turquette:
"This batch of fixes is for a handful of clock drivers from Allwinner,
Samsung, ST & TI. Most of them are of the "this hardware won't work
without this fix" variety, including patches that fix platforms that
did not boot under certain configurations. Other fixes are the result
of changes to the clock core introduced in 3.15 that had subtle
impacts on the clock drivers.
There are no fixes to the clock framework core in this pull request"
* tag 'clk-fixes-for-linus' of git://git.linaro.org/people/mike.turquette/linux:
clk: spear3xx: Set proper clock parent of uart1/2
clk: spear3xx: Use proper control register offset
clk: qcom: HDMI source sel is 3 not 2
clk: sunxi: fix devm_ioremap_resource error detection code
clk: s2mps11: Fix double free corruption during driver unbind
clk: ti: am43x: Fix boot with CONFIG_SOC_AM33XX disabled
clk: exynos5420: Remove aclk66_peric from the clock tree description
clk/exynos5250: fix bit number for tv sysmmu clock
clk: s3c64xx: Hookup SPI clocks correctly
clk: samsung: exynos4: Remove SRC_MASK_ISP gates
clk: samsung: add more aliases for s3c24xx
clk: samsung: fix several typos to fix boot on s3c2410
clk: ti: set CLK_SET_RATE_NO_REPARENT for ti,mux-clock
clk: ti: am43x: Fix boot with CONFIG_SOC_AM33XX disabled
clk: ti: dra7: return error code in failure case
clk: ti: apll: not allocating enough data
This week's arm-soc fixes:
- Another set of OMAP fixes
* Clock fixes
* Restart handling
* PHY regulators
* SATA hwmod data for DRA7
+ Some trivial fixes and removal of a bit of dead code
- Exynos fixes
* A bunch of clock fixes
* Some SMP fixes
* Exynos multi-core timer: register as clocksource and fix ftrace.
+ a few other minor fixes
There's also a couple more patches, and at91 fix for USB caused by common
clock conversion, and more MAINTAINERS entries for shmobile.
We're definitely switching to only regression fixes from here on out,
we've been a little less strict than usual up until now.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
iQIcBAABAgAGBQJTws/yAAoJEIwa5zzehBx35GQP/jUx/0+qiNkrupcmMoDr9ykP
QSQPWRVBancZ5eO3gBvnde0P/4gaTQZb7s31nCkX7RQfpe4078eR9isrqs7du3rw
BNsdJxtWIBzhnx19GDhjZM2BbYoVlDIETQTKUDPPhMg/I/k4ozLLcC+02uAMG1/g
TiCjOHF968Cq1bCwyvqJgiTDjjAPoHLrnD2aDsAuwYi2QPKNWkv0uHZFQmV2ooja
9Fk3Km32wirTvfjKir0r/BhV5oEdwv3y/HYRNG+bJOkvxDph8i5t2EvLeCl/yctq
KLcHBJjLsF2MgvCpoCfjg8OFyYA7qmZDNVxfiywJnWVUR6w0kOU3MggPopsikoY/
xU3MKJSu/36cNJER3Rl51taD9tq+4hVhKTjiLBkD0MsD9jN5ewvDqI5BKpjL5wlZ
I36eZmQE4yPnd6is1RS7uuTcN/uXBtOAhNjPS42xkW5lo9W7BWOUOlB1dzlcZTky
J6/h9WzODKcgaeTx55ks4wjhQmdzzO3nQk0ion3YEv27RKkSUJy8PNDAfMKAAF3p
OWzqUIfB2mMGQBGXcShXAAyC3S2jGJptlKL3Wno0LkPXBGqlRXHMYBvGoFEdP/iV
F24TDLxJIL/lPbpQEey3J4qZANrpuAm0HYmg+r5KiVHbMkcW2Z000w4kRoO+tIIc
Bxzxrot9PVAFfE1SkVYt
=NB6g
-----END PGP SIGNATURE-----
Merge tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc
Pull ARM SoC fixes from Olof Johansson:
"This week's arm-soc fixes:
- Another set of OMAP fixes
* Clock fixes
* Restart handling
* PHY regulators
* SATA hwmod data for DRA7
+ Some trivial fixes and removal of a bit of dead code
- Exynos fixes
* A bunch of clock fixes
* Some SMP fixes
* Exynos multi-core timer: register as clocksource and fix ftrace.
+ a few other minor fixes
There's also a couple more patches, and at91 fix for USB caused by
common clock conversion, and more MAINTAINERS entries for shmobile.
We're definitely switching to only regression fixes from here on out,
we've been a little less strict than usual up until now"
* tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc: (26 commits)
ARM: at91: at91sam9x5: add clocks for usb device
ARM: EXYNOS: Register cpuidle device only on exynos4210 and 5250
ARM: dts: Add clock property for mfc_pd in exynos5420
clk: exynos5420: Add IDs for clocks used in PD mfc
ARM: EXYNOS: Add support for clock handling in power domain
ARM: OMAP2+: Remove non working OMAP HDMI audio initialization
ARM: imx: fix shared gate clock
ARM: dts: Update the parent for Audss clocks in Exynos5420
ARM: EXYNOS: Update secondary boot addr for secure mode
ARM: dts: Fix TI CPSW Phy mode selection on IGEP COM AQUILA.
ARM: dts: am335x-evmsk: Enable the McASP FIFO for audio
ARM: dts: am335x-evm: Enable the McASP FIFO for audio
ARM: OMAP2+: Make GPMC skip disabled devices
ARM: OMAP2+: create dsp device only on OMAP3 SoCs
ARM: dts: dra7-evm: Make VDDA_1V8_PHY supply always on
ARM: DRA7/AM43XX: fix header definition for omap44xx_restart
ARM: OMAP2+: clock/dpll: fix _dpll_test_fint arithmetics overflow
ARM: DRA7: hwmod: Add SYSCONFIG for usb_otg_ss
ARM: DRA7: hwmod: Fixup SATA hwmod
ARM: OMAP3: PRM/CM: Add back macros used by TI DSP/Bridge driver
...
Pull ARM fixes from Russell King:
"Another round of fixes for ARM:
- a set of kprobes fixes from Jon Medhurst
- fix the revision checking for the L2 cache which wasn't noticed to
have been broken"
* 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-arm:
ARM: l2c: fix revision checking
ARM: kprobes: Fix test code compilation errors for ARMv4 targets
ARM: kprobes: Disallow instructions with PC and register specified shift
ARM: kprobes: Prevent known test failures stopping other tests running
Pull m68k fixes from Geert Uytterhoeven:
"Summary:
- Fix for a boot regression introduced in v3.16-rc1,
- Fix for a build issue in -next"
Christoph Hellwig questioned why mach_random_get_entropy should be
exported to modules, and Geert explains that random_get_entropy() is
called by at least the crypto layer and ends up using it on m68k. On
most other architectures it just uses get_cycles() (which is typically
inlined and doesn't need exporting),
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/linux-m68k:
m68k: Export mach_random_get_entropy to modules
m68k: Fix boot regression on machines with RAM at non-zero
Pull parisc fixes from Helge Deller:
"The major patch in here is one which fixes the fanotify_mark() syscall
in the compat layer of the 64bit parisc kernel. It went unnoticed so
long, because the calling syntax when using a 64bit parameter in a
32bit syscall is quite complex and even worse, it may be even
different if you call syscall() or the glibc wrapper. This patch
makes the kernel accept the calling convention when called by the
glibc wrapper.
The other two patches are trivial and remove unused headers, #includes
and adds the serial ports of the fastest C8000 workstation to the
parisc-kernel internal hardware database"
* 'parisc-3.16-5' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux:
parisc: drop unused defines and header includes
parisc: fix fanotify_mark() syscall on 32bit compat kernel
parisc: add serial ports of C8000/1GHz machine to hardware database
The uarts only work when the parent is ras_ahb_clk. The stale 3.5
based ST tree does this in the board file.
Add it to the clk init function. Not pretty, but the mess there is
amazing anyway.
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Viresh Kumar <viresh.kumar@linaro.org>
Signed-off-by: Mike Turquette <mturquette@linaro.org>
The control register is at offset 0x10, not 0x0. This is wreckaged
since commit 5df33a62c (SPEAr: Switch to common clock framework).
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: stable@vger.kernel.org
Acked-by: Viresh Kumar <viresh.kumar@linaro.org>
Signed-off-by: Mike Turquette <mturquette@linaro.org>
On parisc we can not use the existing compat implementation for fanotify_mark()
because for the 64bit mask parameter the higher and lower 32bits are ordered
differently than what the compat function expects from big endian
architectures.
Specifically:
It finally turned out, that on hppa we end up with different assignments
of parameters to kernel arguments depending on if we call the glibc
wrapper function
int fanotify_mark (int __fanotify_fd, unsigned int __flags,
uint64_t __mask, int __dfd, const char *__pathname);
or directly calling the syscall manually
syscall(__NR_fanotify_mark, ...)
Reason is, that the syscall() function is implemented as C-function and
because we now have the sysno as first parameter in front of the other
parameters the compiler will unexpectedly add an empty paramenter in
front of the u64 value to ensure the correct calling alignment for 64bit
values.
This means, on hppa you can't simply use syscall() to call the kernel
fanotify_mark() function directly, but you have to use the glibc
function instead.
This patch fixes the kernel in the hppa-arch specifc coding to adjust
the parameters in a way as if userspace calls the glibc wrapper function
fanotify_mark().
Signed-off-by: Helge Deller <deller@gmx.de>
Cc: stable@vger.kernel.org # 3.13+
Pull slave-dmaengine fixes from Vinod Koul:
"We have two small fixes. First one from Daniel to handle 0-length
packets for usb cppi dma. Second by Russell for imx-sdam cyclic
residue reporting"
* 'fixes' of git://git.infradead.org/users/vkoul/slave-dma:
Update imx-sdma cyclic handling to report residue
dma: cppi41: handle 0-length packets
- update the parent for Auudss clock because kernel will be hang
during late boot if the parent clock is disabled in bootloader.
- enable clk handing in power domain because while power domain
on/off, its regarding clock source will be reset and it causes
a problem so need to handle it.
- add mux clocks to be used by power domain for exynos5420-mfc
during power domain on/off and property in device tree also.
- register cpuidle only for exynos4210 and exynos5250 because a
system failure will be happened on other exynos SoCs.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABAgAGBQJTwbTSAAoJEA0Cl+kVi2xqK9UP/3wm1ukMWNekDZ97rTsEN4Uo
qDladKJf54DANuBkbXMWL3AT6O0Ja679Xm3rjvvGGMyuM+Ga/S7RO4Odvq9970HZ
/Auv+MQnU/t7L3UW/4jvPSL5aRTxBJ9ylpcH7HNsvUg51bOuovHcQyafag8tKt1M
/rbRcKK6076KvctT1h677NX4+TYcFMbp08qYlmWaLGSXvijgTErHFdhoB/Mbf1+Q
SKduITGVTmRQ4cB1Dxn1fVoAb8UIJWiWWW2Ndi57gn/blaM4iE/K6oYSV8972HtZ
WMaFcka06FBBuFpKDjQp092altyAJbSwTURJEadI6Nrw+uqs6uMEX9hKeFdYvaKJ
avbhz7YlDK3NSCvriJkdp0faWHxLlr0ZLV3aIye3o7JKa68Bp/Un6Y6L+5dEAdnk
K3BiFxomdtTw5S39qnpttshwStUBCK9FxNuiPaO0FNPCiIEtQsobTCpYZ5vAZZFk
A9lqgdQT1u/gRxn02KPz0CKz5EYhlJvJTxiX83+vv/9DUI4ulBu9oJyDLbKszZ07
XqqAsk9cpBlr2NxnBUeAO8R4lBBjyf16pWRJBxGvlrz97OONS+OOygVufUS8o5Jw
p8Bgf8xeRA0udxj4X2KgyKzM3TNyGUxUD5tSMwvTmWIc7HGzjzL/Fv8NBwUGKMTs
4RtpSqM59UZuVbqXxUeP
=didu
-----END PGP SIGNATURE-----
Merge tag 'samsung-fixes-3' of git://git.kernel.org/pub/scm/linux/kernel/git/kgene/linux-samsung into fixes
Merge "Samsung fixes-3 for 3.16" from Kukjin Kim:
Samsung fixes-3 for v3.16
- update the parent for Auudss clock because kernel will be hang
during late boot if the parent clock is disabled in bootloader.
- enable clk handing in power domain because while power domain
on/off, its regarding clock source will be reset and it causes
a problem so need to handle it.
- add mux clocks to be used by power domain for exynos5420-mfc
during power domain on/off and property in device tree also.
- register cpuidle only for exynos4210 and exynos5250 because a
system failure will be happened on other exynos SoCs.
* tag 'samsung-fixes-3' of git://git.kernel.org/pub/scm/linux/kernel/git/kgene/linux-samsung:
ARM: EXYNOS: Register cpuidle device only on exynos4210 and 5250
ARM: dts: Add clock property for mfc_pd in exynos5420
clk: exynos5420: Add IDs for clocks used in PD mfc
ARM: EXYNOS: Add support for clock handling in power domain
ARM: dts: Update the parent for Audss clocks in Exynos5420
Signed-off-by: Olof Johansson <olof@lixom.net>
Here are some small USB fixes, PHY driver fixes (they ended up in this
tree for lack of somewhere else to put them), and some new USB device
ids.
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iEYEABECAAYFAlPBnZAACgkQMUfUDdst+ynTkACgwma2Ccj7DJl3g1zFEtM0h8ki
8RYAnirwiO0p1B7gIKlDIgGs25JIwN61
=tNZ2
-----END PGP SIGNATURE-----
Merge tag 'usb-3.16-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb
Pull USB fixes from Greg KH:
"Here are some small USB fixes, PHY driver fixes (they ended up in this
tree for lack of somewhere else to put them), and some new USB device
ids"
* tag 'usb-3.16-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb:
phy: omap-usb2: Balance pm_runtime_enable() on probe failure and remove
phy: core: Fix error path in phy_create()
drivers: phy: phy-samsung-usb2.c: Add missing MODULE_DEVICE_TABLE
phy: omap-usb2: fix devm_ioremap_resource error detection code
phy: sun4i: depend on RESET_CONTROLLER
USB: serial: ftdi_sio: Add Infineon Triboard
USB: ftdi_sio: Add extra PID.
usb: option: Add ID for Telewell TW-LTE 4G v2
USB: cp210x: add support for Corsair usb dongle
Here are some small serial fixes that resolve some reported problems
that started in 3.15 with some serial drivers. And there's a new dt
binding for a serial driver, which was all that was needed for the
renesas serial driver.
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iEYEABECAAYFAlPBnRgACgkQMUfUDdst+ymzPACfS2oiP9jIm2ZDEHMSL/MM14Ou
kzQAoNH6BoFub9aOX1OhfsFLri1aEu3x
=pK5r
-----END PGP SIGNATURE-----
Merge tag 'tty-3.16-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty
Pull tty/serial fixes from Greg KH:
"Here are some small serial fixes that resolve some reported problems
that started in 3.15 with some serial drivers.
And there's a new dt binding for a serial driver, which was all that
was needed for the renesas serial driver"
* tag 'tty-3.16-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty:
serial: sh-sci: Add device tree support for r8a7{778,740,3a4} and sh73a0
serial: imx: Fix build breakage
serial: arc_uart: Use uart_circ_empty() for open-coded comparison
serial: Test for no tx data on tx restart
