- Linux-stable-mirror - lists.linaro.org

[PATCH] arm64 sha1-ce finup: correct digest for empty data

by Elena Petrova

The sha1-ce finup implementation for ARM64 produces wrong digest for empty input (len=0). Expected: da39a3ee..., result: 67452301... (initial value of SHA internal state). The error is in sha1_ce_finup: for empty data `finalize` will be 1, so the code is relying on sha1_ce_transform to make the final round. However, in sha1_base_do_update, the block function will not be called when len == 0. Fix it by setting finalize to 0 if data is empty. Fixes: 07eb54d306f4 ("crypto: arm64/sha1-ce - move SHA-1 ARMv8 implementation to base layer") Cc: stable(a)vger.kernel.org Signed-off-by: Elena Petrova <lenaptr(a)google.com> --- arch/arm64/crypto/sha1-ce-glue.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm64/crypto/sha1-ce-glue.c b/arch/arm64/crypto/sha1-ce-glue.c index eaa7a8258f1c..0652f5f07ed1 100644 --- a/arch/arm64/crypto/sha1-ce-glue.c +++ b/arch/arm64/crypto/sha1-ce-glue.c @@ -55,7 +55,7 @@ static int sha1_ce_finup(struct shash_desc *desc, const u8 *data, unsigned int len, u8 *out) { struct sha1_ce_state *sctx = shash_desc_ctx(desc); - bool finalize = !sctx->sst.count && !(len % SHA1_BLOCK_SIZE); + bool finalize = !sctx->sst.count && !(len % SHA1_BLOCK_SIZE) && len; if (!crypto_simd_usable()) return crypto_sha1_finup(desc, data, len, out); -- 2.22.0.rc1.257.g3120a18244-goog

5 years, 12 months

3
3
0 0

[PATCH v2] kbuild: use more portable 'command -v' for cc-cross-prefix

by Masahiro Yamada

To print the pathname that will be used by shell in the current environment, 'command -v' is a standardized way. [1] 'which' is also often used in scripts, but it is less portable. When I worked on commit bd55f96fa9fc ("kbuild: refactor cc-cross-prefix implementation"), I was eager to use 'command -v' but it did not work. (The reason is explained below.) I kept 'which' as before but got rid of '> /dev/null 2>&1' as I thought it was no longer needed. Sorry, I was wrong. It works well on my Ubuntu machine, but Alexey Brodkin reports noisy warnings on CentOS7 when 'which' fails to find the given command in the PATH environment. $ which foo which: no foo in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin) Given that behavior of 'which' depends on system (and it may not be installed by default), I want to try 'command -v' once again. The specification [1] clearly describes the behavior of 'command -v' when the given command is not found: Otherwise, no output shall be written and the exit status shall reflect that the name was not found. However, we need a little magic to use 'command -v' from Make. $(shell ...) passes the argument to a subshell for execution, and returns the standard output of the command. Here is a trick. GNU Make may optimize this by executing the command directly instead of forking a subshell, if no shell special characters are found in the command and omitting the subshell will not change the behavior. In this case, no shell special character is used. So, Make will try to run it directly. However, 'command' is a shell-builtin command, then Make would fail to find it in the PATH environment: $ make ARCH=m68k defconfig make: command: Command not found make: command: Command not found make: command: Command not found In fact, Make has a table of shell-builtin commands because it must ask the shell to execute them. Until recently, 'command' was missing in the table. This issue was fixed by the following commit: | commit 1af314465e5dfe3e8baa839a32a72e83c04f26ef | Author: Paul Smith <psmith(a)gnu.org> | Date: Sun Nov 12 18:10:28 2017 -0500 | | * job.c: Add "command" as a known shell built-in. | | This is not a POSIX shell built-in but it's common in UNIX shells. | Reported by Nick Bowler <nbowler(a)draconx.ca>. Because the latest release is GNU Make 4.2.1 in 2016, this commit is not included in any released versions. (But some distributions may have back-ported it.) We need to trick Make to spawn a subshell. There are various ways to do so: 1) Use a shell special character '~' as dummy $(shell : ~; command -v $(c)gcc) 2) Use a variable reference, which always expands to the empty string (suggested by David Laight) $(shell command$${x:+} -v $(c)gcc) 3) Use redirect $(shell command -v $(c)gcc 2>/dev/null) I chose 3) to not confuse people. The stderr would not be polluted anyway, but it will provide extra safety, and is easy to understand. Tested on Make 3.81, 3.82, 4.0, 4.1, 4.2, 4.2.1 [1] http://pubs.opengroup.org/onlinepubs/9699919799/utilities/command.html Fixes: bd55f96fa9fc ("kbuild: refactor cc-cross-prefix implementation") Cc: linux-stable <stable(a)vger.kernel.org> # 5.1 Reported-by: Alexey Brodkin <abrodkin(a)synopsys.com> Signed-off-by: Masahiro Yamada <yamada.masahiro(a)socionext.com> Tested-by: Alexey Brodkin <abrodkin(a)synopsys.com> --- Changes in v2: - Use dummy redirect scripts/Kbuild.include | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/scripts/Kbuild.include b/scripts/Kbuild.include index 85d758233483..fd8aa314c156 100644 --- a/scripts/Kbuild.include +++ b/scripts/Kbuild.include @@ -74,8 +74,11 @@ endef # Usage: CROSS_COMPILE := $(call cc-cross-prefix, m68k-linux-gnu- m68k-linux-) # Return first <prefix> where a <prefix>gcc is found in PATH. # If no gcc found in PATH with listed prefixes return nothing +# +# Note: 2>/dev/null is here to force Make to invoke a shell. This workaround +# is needed because this issue was only fixed after GNU Make 4.2.1 release. cc-cross-prefix = $(firstword $(foreach c, $(filter-out -%, $(1)), \ - $(if $(shell which $(c)gcc), $(c)))) + $(if $(shell command -v $(c)gcc 2>/dev/null), $(c)))) # output directory for tests below TMPOUT := $(if $(KBUILD_EXTMOD),$(firstword $(KBUILD_EXTMOD))/) -- 2.17.1

5 years, 12 months

1
0
0 0

[PATCH for 4.4.y] net: cdc_ncm: GetNtbFormat endian fix

by Nobuhiro Iwamatsu

From: Bjørn Mork <bjorn(a)mork.no> commit 6314dab4b8fb8493d810e175cb340376052c69b6 upstream. The GetNtbFormat and SetNtbFormat requests operate on 16 bit little endian values. We get away with ignoring this most of the time, because we only care about USB_CDC_NCM_NTB16_FORMAT which is 0x0000. This fails for USB_CDC_NCM_NTB32_FORMAT. Fix comparison between LE value from device and constant by converting the constant to LE. Reported-by: Ben Hutchings <ben.hutchings(a)codethink.co.uk> Fixes: 2b02c20ce0c2 ("cdc_ncm: Set NTB format again after altsetting switch for Huawei devices") Cc: Enrico Mioso <mrkiko.rs(a)gmail.com> Cc: Christian Panton <christian(a)panton.org> Signed-off-by: Bjørn Mork <bjorn(a)mork.no> Acked-By: Enrico Mioso <mrkiko.rs(a)gmail.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Nobuhiro Iwamatsu <nobuhiro1.iwamatsu(a)toshiba.co.jp> --- drivers/net/usb/cdc_ncm.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/net/usb/cdc_ncm.c b/drivers/net/usb/cdc_ncm.c index 36e1377fc954..1e921e5eddc7 100644 --- a/drivers/net/usb/cdc_ncm.c +++ b/drivers/net/usb/cdc_ncm.c @@ -727,7 +727,7 @@ int cdc_ncm_bind_common(struct usbnet *dev, struct usb_interface *intf, u8 data_ int err; u8 iface_no; struct usb_cdc_parsed_header hdr; - u16 curr_ntb_format; + __le16 curr_ntb_format; ctx = kzalloc(sizeof(*ctx), GFP_KERNEL); if (!ctx) @@ -841,7 +841,7 @@ int cdc_ncm_bind_common(struct usbnet *dev, struct usb_interface *intf, u8 data_ goto error2; } - if (curr_ntb_format == USB_CDC_NCM_NTB32_FORMAT) { + if (curr_ntb_format == cpu_to_le16(USB_CDC_NCM_NTB32_FORMAT)) { dev_info(&intf->dev, "resetting NTB format to 16-bit"); err = usbnet_write_cmd(dev, USB_CDC_SET_NTB_FORMAT, USB_TYPE_CLASS | USB_DIR_OUT -- 2.20.1

5 years, 12 months

1
0
0 0

[PATCH for 4.4.y] usb: gadget: fix request length error for isoc transfer

by Nobuhiro Iwamatsu

From: Peter Chen <peter.chen(a)nxp.com> commit 982555fc26f9d8bcdbd5f9db0378fe0682eb4188 upstream. For isoc endpoint descriptor, the wMaxPacketSize is not real max packet size (see Table 9-13. Standard Endpoint Descriptor, USB 2.0 specifcation), it may contain the number of packet, so the real max packet should be ep->desc->wMaxPacketSize && 0x7ff. Cc: Felipe F. Tonello <eu(a)felipetonello.com> Cc: Felipe Balbi <felipe.balbi(a)linux.intel.com> Fixes: 16b114a6d797 ("usb: gadget: fix usb_ep_align_maybe endianness and new usb_ep_align") Signed-off-by: Peter Chen <peter.chen(a)nxp.com> Signed-off-by: Felipe Balbi <felipe.balbi(a)linux.intel.com> [iwamatsu: Fix Fixes tag] Signed-off-by: Nobuhiro Iwamatsu <nobuhiro1.iwamatsu(a)toshiba.co.jp> --- include/linux/usb/gadget.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/include/linux/usb/gadget.h b/include/linux/usb/gadget.h index 7e84aac39ade..667e7f9fd877 100644 --- a/include/linux/usb/gadget.h +++ b/include/linux/usb/gadget.h @@ -671,7 +671,9 @@ static inline struct usb_gadget *dev_to_usb_gadget(struct device *dev) */ static inline size_t usb_ep_align(struct usb_ep *ep, size_t len) { - return round_up(len, (size_t)le16_to_cpu(ep->desc->wMaxPacketSize)); + int max_packet_size = (size_t)usb_endpoint_maxp(ep->desc) & 0x7ff; + + return round_up(len, max_packet_size); } /** -- 2.20.1

5 years, 12 months

1
0
0 0

[PATCH] alignment:fetch pc-instr before irq_enable

by xiaoqian

When the instruction code under PC address is read through _probe_kernel_read in do_alignment,if the pte page corresponding to the code segment of PC address is reclaimed exactly at this time, the address mapping cannot be reconstructed because page fault_disable() is executed in _probe_kernel_read function,and the failure to obtain the instruction code of PC finally results in the unsuccessful repair operation. Thus we can modify the implementation of reading user-mode PC instruction before local_irq_enable to avoid the above risk. At the same time, adjust the sequence of code processing and optimize the process. Signed-off-by: xiaoqian <xiaoqian9(a)huawei.com> Cc: stable(a)vger.kernel.org --- arch/arm/mm/alignment.c | 81 +++++++++++++++++++++++++++++++++---------------- 1 file changed, 55 insertions(+), 26 deletions(-) diff --git a/arch/arm/mm/alignment.c b/arch/arm/mm/alignment.c index e376883ab35b..4124b9ce3c70 100644 --- a/arch/arm/mm/alignment.c +++ b/arch/arm/mm/alignment.c @@ -76,6 +76,11 @@ #define IS_T32(hi16) \ (((hi16) & 0xe000) == 0xe000 && ((hi16) & 0x1800)) +#define INVALID_INSTR_MODE 0 +#define ARM_INSTR_MODE 1 +#define THUMB_INSTR_MODE 2 +#define THUMB2_INSTR_MODE 3 + static unsigned long ai_user; static unsigned long ai_sys; static void *ai_sys_last_pc; @@ -705,6 +710,48 @@ thumb2arm(u16 tinstr) } } +static unsigned int +fetch_usr_pc_instr(struct pt_regs *regs, unsigned long *pc_instrptr) +{ + unsigned int fault; + unsigned long instrptr; + unsigned long instr_mode = INVALID_INSTR_MODE; + + instrptr = instruction_pointer(regs); + + if (thumb_mode(regs)) { + u16 tinstr = 0; + u16 *ptr = (u16 *)(instrptr & ~1); + + fault = probe_kernel_address(ptr, tinstr); + if (!fault) { + tinstr = __mem_to_opcode_thumb16(tinstr); + if (cpu_architecture() >= CPU_ARCH_ARMv7 && + IS_T32(tinstr)) { + /* Thumb-2 32-bit */ + u16 tinstr2 = 0; + + fault = probe_kernel_address(ptr + 1, tinstr2); + if (!fault) { + tinstr2 = __mem_to_opcode_thumb16(tinstr2); + *pc_instrptr = __opcode_thumb32_compose(tinstr, tinstr2); + instr_mode = THUMB2_INSTR_MODE; + } + } else { + *pc_instrptr = thumb2arm(tinstr); + instr_mode = THUMB_INSTR_MODE; + } + } + } else { + fault = probe_kernel_address((void *)instrptr, *pc_instrptr); + if (!fault) { + *pc_instrptr = __mem_to_opcode_arm(*pc_instrptr); + instr_mode = ARM_INSTR_MODE; + } + } + return instr_mode; +} + /* * Convert Thumb-2 32 bit LDM, STM, LDRD, STRD to equivalent instruction * handlable by ARM alignment handler, also find the corresponding handler, @@ -775,42 +822,24 @@ do_alignment(unsigned long addr, unsigned int fsr, struct pt_regs *regs) unsigned long instr = 0, instrptr; int (*handler)(unsigned long addr, unsigned long instr, struct pt_regs *regs); unsigned int type; - unsigned int fault; u16 tinstr = 0; int isize = 4; int thumb2_32b = 0; + unsigned long pc_instr_mode; + + pc_instr_mode = fetch_usr_pc_instr(regs, &instr); if (interrupts_enabled(regs)) local_irq_enable(); instrptr = instruction_pointer(regs); - - if (thumb_mode(regs)) { - u16 *ptr = (u16 *)(instrptr & ~1); - fault = probe_kernel_address(ptr, tinstr); - tinstr = __mem_to_opcode_thumb16(tinstr); - if (!fault) { - if (cpu_architecture() >= CPU_ARCH_ARMv7 && - IS_T32(tinstr)) { - /* Thumb-2 32-bit */ - u16 tinst2 = 0; - fault = probe_kernel_address(ptr + 1, tinst2); - tinst2 = __mem_to_opcode_thumb16(tinst2); - instr = __opcode_thumb32_compose(tinstr, tinst2); - thumb2_32b = 1; - } else { - isize = 2; - instr = thumb2arm(tinstr); - } - } - } else { - fault = probe_kernel_address((void *)instrptr, instr); - instr = __mem_to_opcode_arm(instr); - } - - if (fault) { + if (pc_instr_mode == INVALID_INSTR_MODE) { type = TYPE_FAULT; goto bad_or_fault; + } else if (pc_instr_mode == THUMB_INSTR_MODE) { + isize = 2; + } else if (pc_instr_mode == THUMB2_INSTR_MODE) { + thumb2_32b = 1; } if (user_mode(regs)) -- 2.12.3

5 years, 12 months

1
0
0 0

[PATCH 5.1] include/linux/bitops.h: sanitize rotate primitives

by Matthias Kaehlcke

From: Rasmus Villemoes <linux(a)rasmusvillemoes.dk> commit ef4d6f6b275c498f8e5626c99dbeefdc5027f843 upstream The ror32 implementation (word >> shift) | (word << (32 - shift) has undefined behaviour if shift is outside the [1, 31] range. Similarly for the 64 bit variants. Most callers pass a compile-time constant (naturally in that range), but there's an UBSAN report that these may actually be called with a shift count of 0. Instead of special-casing that, we can make them DTRT for all values of shift while also avoiding UB. For some reason, this was already partly done for rol32 (which was well-defined for [0, 31]). gcc 8 recognizes these patterns as rotates, so for example __u32 rol32(__u32 word, unsigned int shift) { return (word << (shift & 31)) | (word >> ((-shift) & 31)); } compiles to 0000000000000020 <rol32>: 20: 89 f8 mov %edi,%eax 22: 89 f1 mov %esi,%ecx 24: d3 c0 rol %cl,%eax 26: c3 retq Older compilers unfortunately do not do as well, but this only affects the small minority of users that don't pass constants. Due to integer promotions, ro[lr]8 were already well-defined for shifts in [0, 8], and ro[lr]16 were mostly well-defined for shifts in [0, 16] (only mostly - u16 gets promoted to _signed_ int, so if bit 15 is set, word << 16 is undefined). For consistency, update those as well. Link: http://lkml.kernel.org/r/20190410211906.2190-1-linux@rasmusvillemoes.dk Signed-off-by: Rasmus Villemoes <linux(a)rasmusvillemoes.dk> Reported-by: Ido Schimmel <idosch(a)mellanox.com> Tested-by: Ido Schimmel <idosch(a)mellanox.com> Reviewed-by: Will Deacon <will.deacon(a)arm.com> Cc: Vadim Pasternak <vadimp(a)mellanox.com> Cc: Andrey Ryabinin <aryabinin(a)virtuozzo.com> Cc: Jacek Anaszewski <jacek.anaszewski(a)gmail.com> Cc: Pavel Machek <pavel(a)ucw.cz> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> Signed-off-by: Matthias Kaehlcke <mka(a)chromium.org> --- Hi Greg and Sasha, Please pick this patch for 5.1. It fixes (at least) crashes due to undefined instructions in BPF code on arm32 when building with clang: [ 4.271668] Internal error: Oops - undefined instruction: 0 [#1] PREEMPT SMP ARM [ 4.271675] Modules linked in: [ 4.284143] joydev [ 4.284155] CPU: 2 PID: 279 Comm: udevd Not tainted 4.19.44 #95 [ 4.284157] Hardware name: Rockchip (Device Tree) [ 4.284167] PC is at 0xbf017de8 [ 4.284176] LR is at sk_filter_trim_cap+0xfc/0x244 [ 4.284181] pc : [<bf017de8>] lr : [<c0890c34>] psr: 60070013 [ 4.323863] sp : ed36fcd8 ip : 00000000 fp : ed36fd28 [ 4.329698] r10: c100b608 r9 : 00000000 r8 : ed2d6600 [ 4.335531] r7 : 00000000 r6 : 00000071 r5 : 00000000 r4 : ed59c180 [ 4.342812] r3 : 00000000 r2 : ed59c180 r1 : 00000000 r0 : 2a1884a1 [ 4.350105] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none [ 4.358075] Control: 30c5387d Table: 2d22b880 DAC: 44541fd3 [ 4.364495] Process udevd (pid: 279, stack limit = 0xb5b8ffdf) [ 4.371009] Stack: (0xed36fcd8 to 0xed370000) [ 4.375864] fcc0: bf017a9c 60070013 [ 4.385001] fce0: 00000000 00000000 ed36fcd8 00000000 00000089 00000000 ed2d6600 00000000 [ 4.394137] fd00: 00000000 00000000 ed59c180 f0c12000 00000000 ed289000 ed59c1a0 00000001 [ 4.403274] fd20: 00000071 00000000 ed59c180 f0c12000 00000000 ed289000 ed59c1a0 00000001 ... [ 4.613384] [<c0890c34>] (sk_filter_trim_cap) from [<00000001>] (0x1) [ 4.620580] Code: aa000002 e0200000 e3a01000 ea000045 (f7e6c179) Thanks Matthias --- include/linux/bitops.h | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/include/linux/bitops.h b/include/linux/bitops.h index 7ddb1349394d..7ac2e46112b7 100644 --- a/include/linux/bitops.h +++ b/include/linux/bitops.h @@ -60,7 +60,7 @@ static __always_inline unsigned long hweight_long(unsigned long w) */ static inline __u64 rol64(__u64 word, unsigned int shift) { - return (word << shift) | (word >> (64 - shift)); + return (word << (shift & 63)) | (word >> ((-shift) & 63)); } /** @@ -70,7 +70,7 @@ static inline __u64 rol64(__u64 word, unsigned int shift) */ static inline __u64 ror64(__u64 word, unsigned int shift) { - return (word >> shift) | (word << (64 - shift)); + return (word >> (shift & 63)) | (word << ((-shift) & 63)); } /** @@ -80,7 +80,7 @@ static inline __u64 ror64(__u64 word, unsigned int shift) */ static inline __u32 rol32(__u32 word, unsigned int shift) { - return (word << shift) | (word >> ((-shift) & 31)); + return (word << (shift & 31)) | (word >> ((-shift) & 31)); } /** @@ -90,7 +90,7 @@ static inline __u32 rol32(__u32 word, unsigned int shift) */ static inline __u32 ror32(__u32 word, unsigned int shift) { - return (word >> shift) | (word << (32 - shift)); + return (word >> (shift & 31)) | (word << ((-shift) & 31)); } /** @@ -100,7 +100,7 @@ static inline __u32 ror32(__u32 word, unsigned int shift) */ static inline __u16 rol16(__u16 word, unsigned int shift) { - return (word << shift) | (word >> (16 - shift)); + return (word << (shift & 15)) | (word >> ((-shift) & 15)); } /** @@ -110,7 +110,7 @@ static inline __u16 rol16(__u16 word, unsigned int shift) */ static inline __u16 ror16(__u16 word, unsigned int shift) { - return (word >> shift) | (word << (16 - shift)); + return (word >> (shift & 15)) | (word << ((-shift) & 15)); } /** @@ -120,7 +120,7 @@ static inline __u16 ror16(__u16 word, unsigned int shift) */ static inline __u8 rol8(__u8 word, unsigned int shift) { - return (word << shift) | (word >> (8 - shift)); + return (word << (shift & 7)) | (word >> ((-shift) & 7)); } /** @@ -130,7 +130,7 @@ static inline __u8 rol8(__u8 word, unsigned int shift) */ static inline __u8 ror8(__u8 word, unsigned int shift) { - return (word >> shift) | (word << (8 - shift)); + return (word >> (shift & 7)) | (word << ((-shift) & 7)); } /** -- 2.22.0.rc1.311.g5d7573a151-goog

5 years, 12 months

2
1
0 0

v5.0.21 build: 5 failures 8 warnings (v5.0.21)

by Build bot for Mark Brown

Tree/Branch: v5.0.21 Git describe: v5.0.21 Commit: fd1594eb70 Linux 5.0.21 Build Time: 261 min 35 sec Passed: 6 / 11 ( 54.55 %) Failed: 5 / 11 ( 45.45 %) Errors: 0 Warnings: 8 Section Mismatches: 0 Failed defconfigs: arm-multi_v5_defconfig arm-multi_v7_defconfig arm-allmodconfig arm-multi_v4t_defconfig Errors: ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): 1 warnings 0 mismatches : arm64-allmodconfig 3 warnings 0 mismatches : arm-multi_v5_defconfig 4 warnings 0 mismatches : arm-multi_v7_defconfig 7 warnings 0 mismatches : arm-allmodconfig 3 warnings 0 mismatches : arm-multi_v4t_defconfig 3 warnings 0 mismatches : x86_64-allmodconfig 1 warnings 0 mismatches : arm64-defconfig ------------------------------------------------------------------------------- Warnings Summary: 8 8 ../drivers/regulator/core.c:244:45: warning: array subscript is above array bounds [-Warray-bounds] 5 ../include/linux/spinlock.h:279:3: warning: 'flags' may be used uninitialized in this function [-Wmaybe-uninitialized] 4 ../drivers/regulator/core.c:4798:38: warning: array subscript is above array bounds [-Warray-bounds] 1 ../samples/seccomp/user-trap.c:83:2: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing] 1 ../samples/seccomp/user-trap.c:50:2: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing] 1 ../drivers/staging/erofs/unzip_vle.c:268:29: warning: array subscript is above array bounds [-Warray-bounds] 1 ../drivers/scsi/myrs.c:821:24: warning: 'sshdr.sense_key' may be used uninitialized in this function [-Wmaybe-uninitialized] 1 ../drivers/net/ethernet/mellanox/mlx5/core/en_stats.c:221:1: warning: the frame size of 1096 bytes is larger than 1024 bytes [-Wframe-larger-than=] =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- arm64-allmodconfig : PASS, 0 errors, 1 warnings, 0 section mismatches Warnings: ../include/linux/spinlock.h:279:3: warning: 'flags' may be used uninitialized in this function [-Wmaybe-uninitialized] ------------------------------------------------------------------------------- arm-multi_v5_defconfig : FAIL, 0 errors, 3 warnings, 0 section mismatches Warnings: ../drivers/regulator/core.c:244:45: warning: array subscript is above array bounds [-Warray-bounds] ../drivers/regulator/core.c:244:45: warning: array subscript is above array bounds [-Warray-bounds] ../drivers/regulator/core.c:4798:38: warning: array subscript is above array bounds [-Warray-bounds] ------------------------------------------------------------------------------- arm-multi_v7_defconfig : FAIL, 0 errors, 4 warnings, 0 section mismatches Warnings: ../drivers/regulator/core.c:244:45: warning: array subscript is above array bounds [-Warray-bounds] ../drivers/regulator/core.c:244:45: warning: array subscript is above array bounds [-Warray-bounds] ../drivers/regulator/core.c:4798:38: warning: array subscript is above array bounds [-Warray-bounds] ../include/linux/spinlock.h:279:3: warning: 'flags' may be used uninitialized in this function [-Wmaybe-uninitialized] ------------------------------------------------------------------------------- arm-allmodconfig : FAIL, 0 errors, 7 warnings, 0 section mismatches Warnings: ../drivers/regulator/core.c:244:45: warning: array subscript is above array bounds [-Warray-bounds] ../drivers/regulator/core.c:244:45: warning: array subscript is above array bounds [-Warray-bounds] ../drivers/regulator/core.c:4798:38: warning: array subscript is above array bounds [-Warray-bounds] ../include/linux/spinlock.h:279:3: warning: 'flags' may be used uninitialized in this function [-Wmaybe-uninitialized] ../drivers/staging/erofs/unzip_vle.c:268:29: warning: array subscript is above array bounds [-Warray-bounds] ../drivers/net/ethernet/mellanox/mlx5/core/en_stats.c:221:1: warning: the frame size of 1096 bytes is larger than 1024 bytes [-Wframe-larger-than=] ../drivers/scsi/myrs.c:821:24: warning: 'sshdr.sense_key' may be used uninitialized in this function [-Wmaybe-uninitialized] ------------------------------------------------------------------------------- arm-multi_v4t_defconfig : FAIL, 0 errors, 3 warnings, 0 section mismatches Warnings: ../drivers/regulator/core.c:244:45: warning: array subscript is above array bounds [-Warray-bounds] ../drivers/regulator/core.c:244:45: warning: array subscript is above array bounds [-Warray-bounds] ../drivers/regulator/core.c:4798:38: warning: array subscript is above array bounds [-Warray-bounds] ------------------------------------------------------------------------------- x86_64-allmodconfig : PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: ../samples/seccomp/user-trap.c:50:2: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing] ../samples/seccomp/user-trap.c:83:2: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing] ../include/linux/spinlock.h:279:3: warning: 'flags' may be used uninitialized in this function [-Wmaybe-uninitialized] ------------------------------------------------------------------------------- arm64-defconfig : PASS, 0 errors, 1 warnings, 0 section mismatches Warnings: ../include/linux/spinlock.h:279:3: warning: 'flags' may be used uninitialized in this function [-Wmaybe-uninitialized] ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: x86_64-allnoconfig arm64-allnoconfig arm-allnoconfig x86_64-defconfig

5 years, 12 months

1
0
0 0

[GIT PULL] pstore fixes for v5.2-rc4

by Kees Cook

Hi Linus, Please pull these pstore fixes for v5.2-rc4. They've been in linux-next for a bit now and catch some pstore corner cases found recently. Thanks! -Kees The following changes since commit a188339ca5a396acc588e5851ed7e19f66b0ebd9: Linux 5.2-rc1 (2019-05-19 15:47:09 -0700) are available in the Git repository at: https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git tags/pstore-v5.2-rc4 for you to fetch changes up to 8880fa32c557600f5f624084152668ed3c2ea51e: pstore/ram: Run without kernel crash dump region (2019-05-31 01:19:06 -0700) ---------------------------------------------------------------- pstore fixes for v5.2-rc4 - Avoid NULL deref when unloading/reloading ramoops module (Pi-Hsun Shih) - Run ramoops without crash dump region ---------------------------------------------------------------- Kees Cook (1): pstore/ram: Run without kernel crash dump region Pi-Hsun Shih (1): pstore: Set tfm to NULL on free_buf_for_compression fs/pstore/platform.c | 7 +++++-- fs/pstore/ram.c | 36 +++++++++++++++++++++++------------- 2 files changed, 28 insertions(+), 15 deletions(-) -- Kees Cook

5 years, 12 months

2
1
0 0

Re: [PATCH] x86/build: Move _etext to actual end of .text

by Kees Cook

On Wed, Jun 05, 2019 at 11:08:13AM -0500, Alec Ari wrote: > I'm having this problem too, build is failing: > > Invalid absolute R_X86_64_32S relocation: _etext > > I stayed on the 4.14 branch to help prevent these kind of breakages, > so much for that idea. Gentoo GCC 8.3.0. It seems to be a problem with the Gold linker. Using ld.bfd appears to work. I haven't narrowed down the problem, unfortunately. Greg, given that this change was only for special situations (Clang CFI), can you revert this for the stable trees? -- Kees Cook

5 years, 12 months

2
1
0 0

Re: [stable] binder: fix race between munmap() and direct reclaim

by Todd Kjos

Greg, I'm really confused. [1] was my submittal to stable for "binder: fix race between munmap() and direct reclaim" which I think looks correct. For "binder: fix handling of misaligned binder object", I only submitted to LKML [2]. But then I see [3] for 4.14 (that looks incorrect as Ben pointed out). So the result is that fix is present in the LTS trees where it is needed, but it has the wrong commit message and headline. I agree with Ben that the cleanest approach is to revert and apply the correct version (to 4.14, 4.19, 5.0). I think the correct version is the one I sent [1], but please let me know if you see something I screwed up or if you need me to do something. [1] https://www.spinics.net/lists/stable/msg299033.html [2] https://lkml.org/lkml/2019/2/14/1235 [3] https://lkml.org/lkml/2019/4/30/650 -Todd On Tue, May 28, 2019 at 9:34 AM Todd Kjos <tkjos(a)google.com> wrote: > > Probably my screw-up. I was working on both of those bug fixes at about the same time. I'll investigate what happened. > > On Mon, May 27, 2019 at 11:51 PM Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> wrote: >> >> On Mon, May 27, 2019 at 10:09:32PM +0100, Ben Hutchings wrote: >> > There are commits in the 4.14, 4.19 and 5.0 stable branches that claim >> > to be backports of: >> > >> > commit 26528be6720bb40bc8844e97ee73a37e530e9c5e >> > Author: Todd Kjos <tkjos(a)android.com> >> > Date: Thu Feb 14 15:22:57 2019 -0800 >> > >> > binder: fix handling of misaligned binder object >> > >> > However the source changes actually match: >> > >> > commit 5cec2d2e5839f9c0fec319c523a911e0a7fd299f >> > Author: Todd Kjos <tkjos(a)android.com> >> > Date: Fri Mar 1 15:06:06 2019 -0800 >> > >> > binder: fix race between munmap() and direct reclaim >> > >> > So far as I can see, the former fixes a bug only introduced in 5.1 and >> > the latter fixes an older bug, so the changes are correct and only the >> > metadata is not. >> > >> > Similar mix-ups have happened before and I'm a little disturbed that >> > this keeps happening. In any case, you may want to revert and re-apply >> > with correct metadata. >> >> Note, these backports came directly from Todd, so he can provide more >> information about them. Todd, did something get messed up on your end >> and do we need to include another patch to fix this up? >> >> thanks, >> >> greg k-h

5 years, 12 months

2
3
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror