lineage-20.0
86 Commits
Author | SHA1 | Message | Date | |
---|---|---|---|---|
UtsavBalar1231
|
2e7d3e85e9 |
Merge tag '5.11-rc1-4.19' of https://kernel.googlesource.com/pub/scm/linux/kernel/git/jaegeuk/f2fs-stable into HEAD
* tag '5.11-rc1-4.19' of https://kernel.googlesource.com/pub/scm/linux/kernel/git/jaegeuk/f2fs-stable: f2fs: compress: fix compression chksum f2fs: fix shift-out-of-bounds in sanity_check_raw_super() f2fs: fix race of pending_pages in decompression f2fs: fix to account inline xattr correctly during recovery f2fs: inline: fix wrong inline inode stat f2fs: inline: correct comment in f2fs_recover_inline_data f2fs: don't check PAGE_SIZE again in sanity_check_raw_super() f2fs: convert to F2FS_*_INO macro f2fs: introduce max_io_bytes, a sysfs entry, to limit bio size f2fs: don't allow any writes on readonly mount f2fs: avoid race condition for shrinker count f2fs: add F2FS_IOC_DECOMPRESS_FILE and F2FS_IOC_COMPRESS_FILE f2fs: add compress_mode mount option f2fs: Remove unnecessary unlikely() f2fs: init dirty_secmap incorrectly f2fs: remove buffer_head which has 32bits limit f2fs: fix wrong block count instead of bytes f2fs: use new conversion functions between blks and bytes f2fs: rename logical_to_blk and blk_to_logical f2fs: fix kbytes written stat for multi-device case f2fs: compress: support chksum f2fs: fix to avoid REQ_TIME and CP_TIME collision f2fs: change to use rwsem for cp_mutex f2fs: Handle casefolding with Encryption fscrypt: Have filesystems handle their d_ops libfs: Add generic function for setting dentry_ops f2fs: Remove the redundancy initialization f2fs: remove writeback_inodes_sb in f2fs_remount f2fs: fix double free of unicode map f2fs: fix compat F2FS_IOC_{MOVE,GARBAGE_COLLECT}_RANGE f2fs: avoid unneeded data copy in f2fs_ioc_move_range() f2fs: add F2FS_IOC_SET_COMPRESS_OPTION ioctl f2fs: add F2FS_IOC_GET_COMPRESS_OPTION ioctl f2fs: move ioctl interface definitions to separated file f2fs: fix to seek incorrect data offset in inline data file f2fs: call f2fs_get_meta_page_retry for nat page fscrypt: rename DCACHE_ENCRYPTED_NAME to DCACHE_NOKEY_NAME fscrypt: don't call no-key names "ciphertext names" fscrypt: export fscrypt_d_revalidate() Change-Id: I058738c7cd3e61c71380841228c2f8f76171e826 Signed-off-by: UtsavBalar1231 <utsavbalar1231@gmail.com> Conflicts: fs/crypto/hooks.c fs/ext4/dir.c fs/ext4/super.c fs/f2fs/file.c fs/f2fs/recovery.c fs/f2fs/super.c |
||
UtsavBalar1231
|
6c3b03729a |
Revert "FROMLIST: fscrypt: Have filesystems handle their d_ops"
This reverts commit
|
||
UtsavBalar1231
|
07a77e09da |
Merge tag 'ASB-2021-01-05_4.19-stable' of https://github.com/aosp-mirror/kernel_common into android12-base
https://source.android.com/security/bulletin/2021-01-01 CVE-2020-10732 CVE-2020-10766 CVE-2021-0323 * tag 'ASB-2021-01-05_4.19-stable' of https://github.com/aosp-mirror/kernel_common: Revert "seq_buf: Avoid type mismatch for seq_buf_init" Linux 4.19.164 platform/x86: mlx-platform: remove an unused variable PCI: Fix pci_slot_release() NULL pointer dereference platform/x86: intel-vbtn: Allow switch events on Acer Switch Alpha 12 libnvdimm/namespace: Fix reaping of invalidated block-window-namespace labels xenbus/xenbus_backend: Disallow pending watch messages xen/xenbus: Count pending messages for each watch xen/xenbus/xen_bus_type: Support will_handle watch callback xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path() xen/xenbus: Allow watches discard events before queueing xen-blkback: set ring->xenblkd to NULL after kthread_stop() clk: mvebu: a3700: fix the XTAL MODE pin to MPP1_9 pinctrl: sunxi: Always call chained_irq_{enter, exit} in sunxi_pinctrl_irq_handler md/cluster: fix deadlock when node is doing resync job md/cluster: block reshape with remote resync job iio:imu:bmi160: Fix too large a buffer. iio:pressure:mpl3115: Force alignment of buffer iio:light:st_uvis25: Fix timestamp alignment and prevent data leak. iio:light:rpr0521: Fix timestamp alignment and prevent data leak. iio: adc: rockchip_saradc: fix missing clk_disable_unprepare() on error in rockchip_saradc_resume iio: buffer: Fix demux update scsi: lpfc: Re-fix use after free in lpfc_rq_buf_free() scsi: lpfc: Fix invalid sleeping context in lpfc_sli4_nvmet_alloc() mtd: rawnand: qcom: Fix DMA sync on FLASH_STATUS register read mtd: parser: cmdline: Fix parsing of part-names with colons mtd: spinand: Fix OOB read soc: qcom: smp2p: Safely acquire spinlock without IRQs spi: mt7621: fix missing clk_disable_unprepare() on error in mt7621_spi_probe spi: st-ssc4: Fix unbalanced pm_runtime_disable() in probe error path spi: sc18is602: Don't leak SPI master in probe error path spi: rb4xx: Don't leak SPI master in probe error path spi: pic32: Don't leak DMA channels in probe error path spi: davinci: Fix use-after-free on unbind spi: spi-sh: Fix use-after-free on unbind drm/dp_aux_dev: check aux_dev before use in drm_dp_aux_dev_get_by_minor() jfs: Fix array index bounds check in dbAdjTree jffs2: Fix GC exit abnormally ubifs: wbuf: Don't leak kernel memory to flash SMB3.1.1: do not log warning message if server doesn't populate salt SMB3: avoid confusing warning message on mount to Azure ceph: fix race in concurrent __ceph_remove_cap invocations ima: Don't modify file descriptor mode on the fly powerpc/powernv/memtrace: Fix crashing the kernel when enabling concurrently powerpc/powernv/memtrace: Don't leak kernel memory to user space powerpc/xmon: Change printk() to pr_cont() powerpc/rtas: Fix typo of ibm,open-errinjct in RTAS filter powerpc: Fix incorrect stw{, ux, u, x} instructions in __set_pte_at ARM: dts: at91: sama5d2: fix CAN message ram offset and size ARM: dts: pandaboard: fix pinmux for gpio user button of Pandaboard ES KVM: arm64: Introduce handling of AArch32 TTBCR2 traps ext4: fix deadlock with fs freezing and EA inodes ext4: fix a memory leak of ext4_free_data USB: serial: keyspan_pda: fix write unthrottling USB: serial: keyspan_pda: fix tx-unthrottle use-after-free USB: serial: keyspan_pda: fix write-wakeup use-after-free USB: serial: keyspan_pda: fix stalled writes USB: serial: keyspan_pda: fix write deadlock USB: serial: keyspan_pda: fix dropped unthrottle interrupts USB: serial: digi_acceleport: fix write-wakeup deadlocks USB: serial: mos7720: fix parallel-port state restore EDAC/amd64: Fix PCI component registration crypto: ecdh - avoid unaligned accesses in ecdh_set_secret() powerpc/perf: Exclude kernel samples while counting events in user space. staging: comedi: mf6x4: Fix AI end-of-conversion detection s390/dasd: fix list corruption of lcu list s390/dasd: fix list corruption of pavgroup group list s390/dasd: prevent inconsistent LCU device data s390/dasd: fix hanging device offline processing s390/kexec_file: fix diag308 subcode when loading crash kernel s390/smp: perform initial CPU reset also for SMT siblings ALSA: usb-audio: Disable sample read check if firmware doesn't give back ALSA: usb-audio: Add VID to support native DSD reproduction on FiiO devices ALSA: hda/realtek: Apply jack fixup for Quanta NL3 ALSA: hda/realtek: Add quirk for MSI-GP73 ALSA: pcm: oss: Fix a few more UBSAN fixes ALSA: hda/realtek - Enable headset mic of ASUS Q524UQK with ALC255 ALSA: hda/realtek - Enable headset mic of ASUS X430UN with ALC256 ALSA: hda: Fix regressions on clear and reconfig sysfs ACPI: PNP: compare the string length in the matching_id() Revert "ACPI / resources: Use AE_CTRL_TERMINATE to terminate resources walks" PM: ACPI: PCI: Drop acpi_pm_set_bridge_wakeup() ALSA: hda/ca0132 - Change Input Source enum strings. Input: cyapa_gen6 - fix out-of-bounds stack access media: ipu3-cio2: Make the field on subdev format V4L2_FIELD_NONE media: ipu3-cio2: Validate mbus format in setting subdev format media: ipu3-cio2: Serialise access to pad format media: ipu3-cio2: Return actual subdev format media: ipu3-cio2: Remove traces of returned buffers media: netup_unidvb: Don't leak SPI master in probe error path media: sunxi-cir: ensure IR is handled when it is continuous media: gspca: Fix memory leak in probe Input: goodix - add upside-down quirk for Teclast X98 Pro tablet Input: cros_ec_keyb - send 'scancodes' in addition to key events lwt: Disable BH too in run_lwt_bpf() fix namespaced fscaps when !CONFIG_SECURITY cfg80211: initialize rekey_data ARM: sunxi: Add machine match for the Allwinner V3 SoC kconfig: fix return value of do_error_if() clk: sunxi-ng: Make sure divider tables have sentinel clk: s2mps11: Fix a resource leak in error handling paths in the probe function qlcnic: Fix error code in probe perf record: Fix memory leak when using '--user-regs=?' to list registers pwm: lp3943: Dynamically allocate PWM chip base pwm: zx: Add missing cleanup in error path clk: ti: Fix memleak in ti_fapll_synth_setup watchdog: coh901327: add COMMON_CLK dependency watchdog: qcom: Avoid context switch in restart handler libnvdimm/label: Return -ENXIO for no slot in __blk_label_update net: korina: fix return value net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function net: bcmgenet: Fix a resource leak in an error handling path in the probe functin checkpatch: fix unescaped left brace powerpc/ps3: use dma_mapping_error() nfc: s3fwrn5: Release the nfc firmware um: chan_xterm: Fix fd leak um: tty: Fix handling of close in tty lines um: Monitor error events in IRQ controller watchdog: Fix potential dereferencing of null pointer watchdog: sprd: check busy bit before new loading rather than after that watchdog: sprd: remove watchdog disable from resume fail path watchdog: sirfsoc: Add missing dependency on HAS_IOMEM irqchip/alpine-msi: Fix freeing of interrupts on allocation error path ASoC: wm_adsp: remove "ctl" from list on error in wm_adsp_create_control() mac80211: don't set set TDLS STA bandwidth wider than possible extcon: max77693: Fix modalias string clk: tegra: Fix duplicated SE clock entry bus: fsl-mc: fix error return code in fsl_mc_object_allocate() x86/kprobes: Restore BTF if the single-stepping is cancelled nfs_common: need lock during iterate through the list nfsd: Fix message level for normal termination speakup: fix uninitialized flush_lock usb: oxu210hp-hcd: Fix memory leak in oxu_create usb: ehci-omap: Fix PM disable depth umbalance in ehci_hcd_omap_probe powerpc/pseries/hibernation: remove redundant cacheinfo update powerpc/pseries/hibernation: drop pseries_suspend_begin() from suspend ops platform/x86: mlx-platform: Fix item counter assignment for MSN2700, MSN24xx systems scsi: fnic: Fix error return code in fnic_probe() seq_buf: Avoid type mismatch for seq_buf_init scsi: pm80xx: Fix error return in pm8001_pci_probe() scsi: qedi: Fix missing destroy_workqueue() on error in __qedi_probe cpufreq: scpi: Add missing MODULE_ALIAS cpufreq: loongson1: Add missing MODULE_ALIAS cpufreq: st: Add missing MODULE_DEVICE_TABLE cpufreq: mediatek: Add missing MODULE_DEVICE_TABLE cpufreq: highbank: Add missing MODULE_DEVICE_TABLE clocksource/drivers/arm_arch_timer: Correct fault programming of CNTKCTL_EL1.EVNTI dm ioctl: fix error return code in target_message ASoC: jz4740-i2s: add missed checks for clk_get() net/mlx5: Properly convey driver version to firmware memstick: r592: Fix error return in r592_probe() arm64: dts: rockchip: Fix UART pull-ups on rk3328 pinctrl: falcon: add missing put_device() call in pinctrl_falcon_probe() ARM: dts: at91: sama5d2: map securam as device clocksource/drivers/cadence_ttc: Fix memory leak in ttc_setup_clockevent() media: saa7146: fix array overflow in vidioc_s_audio() vfio-pci: Use io_remap_pfn_range() for PCI IO memory NFS: switch nfsiod to be an UNBOUND workqueue. lockd: don't use interval-based rebinding over TCP SUNRPC: xprt_load_transport() needs to support the netid "rdma6" NFSv4.2: condition READDIR's mask for security label based on LSM state ath10k: Release some resources in an error handling path ath10k: Fix an error handling path ath10k: Fix the parsing error in service available event platform/x86: dell-smbios-base: Fix error return code in dell_smbios_init ARM: dts: at91: at91sam9rl: fix ADC triggers arm64: dts: meson: fix spi-max-frequency on Khadas VIM2 PCI: iproc: Fix out-of-bound array accesses PCI: Fix overflow in command-line resource alignment requests PCI: Bounds-check command-line resource alignment requests genirq/irqdomain: Don't try to free an interrupt that has no mapping power: supply: bq24190_charger: fix reference leak power: supply: axp288_charger: Fix HP Pavilion x2 10 DMI matching arm64: dts: rockchip: Set dr_mode to "host" for OTG on rk3328-roc-cc ARM: dts: Remove non-existent i2c1 from 98dx3236 HSI: omap_ssi: Don't jump to free ID in ssi_add_controller() slimbus: qcom-ngd-ctrl: Avoid sending power requests without QMI media: max2175: fix max2175_set_csm_mode() error code mips: cdmm: fix use-after-free in mips_cdmm_bus_discover samples: bpf: Fix lwt_len_hist reusing previous BPF map platform/x86: mlx-platform: Remove PSU EEPROM from MSN274x platform configuration platform/x86: mlx-platform: Remove PSU EEPROM from default platform configuration media: siano: fix memory leak of debugfs members in smsdvb_hotplug dmaengine: mv_xor_v2: Fix error return code in mv_xor_v2_probe() cw1200: fix missing destroy_workqueue() on error in cw1200_init_common orinoco: Move context allocation after processing the skb ARM: dts: at91: sama5d3_xplained: add pincontrol for USB Host ARM: dts: at91: sama5d4_xplained: add pincontrol for USB Host memstick: fix a double-free bug in memstick_check RDMA/cxgb4: Validate the number of CQEs Input: omap4-keypad - fix runtime PM error handling drivers: soc: ti: knav_qmss_queue: Fix error return code in knav_queue_probe soc: ti: Fix reference imbalance in knav_dma_probe soc: ti: knav_qmss: fix reference leak in knav_queue_probe spi: fix resource leak for drivers without .remove callback crypto: omap-aes - Fix PM disable depth imbalance in omap_aes_probe crypto: crypto4xx - Replace bitwise OR with logical OR in crypto4xx_build_pd powerpc/feature: Fix CPU_FTRS_ALWAYS by removing CPU_FTRS_GENERIC_32 spi: mxs: fix reference leak in mxs_spi_probe usb/max3421: fix return error code in max3421_probe() Input: ads7846 - fix unaligned access on 7845 Input: ads7846 - fix integer overflow on Rt calculation Input: ads7846 - fix race that causes missing releases drm/omap: dmm_tiler: fix return error code in omap_dmm_probe() video: fbdev: atmel_lcdfb: fix return error code in atmel_lcdfb_of_init() media: solo6x10: fix missing snd_card_free in error handling case scsi: core: Fix VPD LUN ID designator priorities ASoC: meson: fix COMPILE_TEST error media: mtk-vcodec: add missing put_device() call in mtk_vcodec_release_dec_pm() media: tm6000: Fix sizeof() mismatches staging: gasket: interrupt: fix the missed eventfd_ctx_put() in gasket_interrupt.c staging: greybus: codecs: Fix reference counter leak in error handling crypto: qat - fix status check in qat_hal_put_rel_rd_xfer() MIPS: BCM47XX: fix kconfig dependency bug for BCM47XX_BCMA RDMa/mthca: Work around -Wenum-conversion warning ASoC: arizona: Fix a wrong free in wm8997_probe ASoC: wm8998: Fix PM disable depth imbalance on error mwifiex: fix mwifiex_shutdown_sw() causing sw reset failure spi: bcm63xx-hsspi: fix missing clk_disable_unprepare() on error in bcm63xx_hsspi_resume spi: tegra114: fix reference leak in tegra spi ops spi: tegra20-sflash: fix reference leak in tegra_sflash_resume spi: tegra20-slink: fix reference leak in slink ops of tegra20 spi: spi-ti-qspi: fix reference leak in ti_qspi_setup Bluetooth: hci_h5: fix memory leak in h5_close Bluetooth: Fix null pointer dereference in hci_event_packet() arm64: dts: exynos: Correct psci compatible used on Exynos7 arm64: dts: exynos: Include common syscon restart/poweroff for Exynos7 selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handling ASoC: pcm: DRAIN support reactivation drm/msm/dsi_pll_10nm: restore VCO rate during restore_state spi: img-spfi: fix reference leak in img_spfi_resume powerpc/64: Set up a kernel stack for secondaries before cpu_restore() crypto: inside-secure - Fix sizeof() mismatch crypto: talitos - Fix return type of current_desc_hdr() crypto: talitos - Endianess in current_desc_hdr() sched: Reenable interrupts in do_sched_yield() sched/deadline: Fix sched_dl_global_validate() x86/apic: Fix x2apic enablement without interrupt remapping ARM: p2v: fix handling of LPAE translation in BE mode x86/mm/ident_map: Check for errors from ident_pud_init() RDMA/rxe: Compute PSN windows correctly ARM: dts: aspeed: s2600wf: Fix VGA memory region location selinux: fix error initialization in inode_doinit_with_dentry() RDMA/bnxt_re: Set queue pair state when being queried soc: qcom: geni: More properly switch to DMA mode soc: mediatek: Check if power domains can be powered on at boot time soc: renesas: rmobile-sysc: Fix some leaks in rmobile_init_pm_domains() drm/tve200: Fix handling of platform_get_irq() error drm/gma500: fix double free of gma_connector perf cs-etm: Move definition of 'traceid_list' global variable from header file perf cs-etm: Change tuple from traceID-CPU# to traceID-metadata md: fix a warning caused by a race between concurrent md_ioctl()s crypto: af_alg - avoid undefined behavior accessing salg_name media: msi2500: assign SPI bus number dynamically quota: Sanity-check quota file headers on load Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt() serial_core: Check for port state when tty is in error state HID: i2c-hid: add Vero K147 to descriptor override scsi: megaraid_sas: Check user-provided offsets coresight: tmc-etr: Check if page is valid before dma_map_page() ARM: dts: exynos: fix USB 3.0 pins supply being turned off on Odroid XU ARM: dts: exynos: fix USB 3.0 VBUS control and over-current pins on Exynos5410 ARM: dts: exynos: fix roles of USB 3.0 ports on Odroid XU usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag to imx6ul USB: gadget: f_rndis: fix bitrate for SuperSpeed and above usb: gadget: f_fs: Re-use SS descriptors for SuperSpeedPlus USB: gadget: f_midi: setup SuperSpeed Plus descriptors USB: gadget: f_acm: add support for SuperSpeed Plus USB: serial: option: add interface-number sanity check to flag handling soc/tegra: fuse: Fix index bug in get_process_id dm table: Remove BUG_ON(in_interrupt()) scsi: mpt3sas: Increase IOCInit request timeout to 30s vxlan: Copy needed_tailroom from lowerdev vxlan: Add needed_headroom for lower device arm64: syscall: exit userspace before unmasking exceptions drm/tegra: sor: Disable clocks on error in tegra_sor_init() kernel/cpu: add arch override for clear_tasks_mm_cpumask() mm handling drm/tegra: replace idr_init() by idr_init_base() ixgbe: avoid premature Rx buffer reuse RDMA/cm: Fix an attempt to use non-valid pointer when cleaning timewait selftests/bpf/test_offload.py: Reset ethtool features after failed setting gpio: eic-sprd: break loop when getting NULL device resource netfilter: x_tables: Switch synchronization to RCU block: factor out requeue handling from dispatch code clk: renesas: r9a06g032: Drop __packed for portability can: softing: softing_netdev_open(): fix error handling xsk: Fix xsk_poll()'s return type scsi: bnx2i: Requires MMU gpio: mvebu: fix potential user-after-free on probe ARM: dts: sun8i: v3s: fix GIC node memory range pinctrl: baytrail: Avoid clearing debounce value when turning it off pinctrl: merrifield: Set default bias in case no particular value given x86/resctrl: Fix incorrect local bandwidth when mba_sc is enabled x86/resctrl: Remove unused struct mbm_state::chunks_bw arm64: Change .weak to SYM_FUNC_START_WEAK_PI for arch/arm64/lib/mem*.S arm64: lse: Fix LSE atomics with LLVM arm64: lse: fix LSE atomics with LLVM's integrated assembler drm: fix drm_dp_mst_port refcount leaks in drm_dp_mst_allocate_vcpi drm/xen-front: Fix misused IS_ERR_OR_NULL checks serial: 8250_omap: Avoid FIFO corruption caused by MDR1 access ALSA: pcm: oss: Fix potential out-of-bounds shift USB: sisusbvga: Make console support depend on BROKEN USB: UAS: introduce a quirk to set no_write_same xhci: Give USB2 ports time to enter U3 in bus suspend ALSA: usb-audio: Fix control 'access overflow' errors from chmap ALSA: usb-audio: Fix potential out-of-bounds shift USB: add RESET_RESUME quirk for Snapscan 1212 USB: dummy-hcd: Fix uninitialized array use in init() ktest.pl: If size of log is too big to email, email error message net: bridge: vlan: fix error return code in __vlan_add() net: stmmac: dwmac-meson8b: fix mask definition of the m250_sel mux net: stmmac: delete the eee_ctrl_timer after napi disabled net/mlx4_en: Handle TX error CQE lan743x: fix for potential NULL pointer dereference with bare card net/mlx4_en: Avoid scheduling restart task if it is already running tcp: fix cwnd-limited bug for TSO deferral where we send nothing tcp: select sane initial rcvq_space.space for big MSS net: stmmac: free tx skb buffer in stmmac_resume() mac80211: mesh: fix mesh_pathtbl_init() error path PCI: qcom: Add missing reset for ipq806x compiler.h: fix barrier_data() on clang x86/apic/vector: Fix ordering in vector assignment x86/membarrier: Get rid of a dubious optimization x86/mm/mem_encrypt: Fix definition of PMD_FLAGS_DEC_WP scsi: be2iscsi: Revert "Fix a theoretical leak in beiscsi_create_eqs()" kbuild: avoid static_assert for genksyms mmc: block: Fixup condition for CMD13 polling for RPMB requests pinctrl: amd: remove debounce filter setting in IRQ type setting Input: i8042 - add Acer laptops to the i8042 reset list Input: cm109 - do not stomp on control URB platform/x86: intel-vbtn: Support for tablet mode on HP Pavilion 13 x360 PC platform/x86: acer-wmi: add automatic keyboard background light toggle key as KEY_LIGHTS_TOGGLE platform/x86: thinkpad_acpi: Add BAT1 is primary battery quirk for Thinkpad Yoga 11e 4th gen platform/x86: thinkpad_acpi: Do not report SW_TABLET_MODE on Yoga 11e soc: fsl: dpio: Get the cpumask through cpumask_of(cpu) irqchip/gic-v3-its: Unconditionally save/restore the ITS state on suspend scsi: ufs: Make sure clk scaling happens only when HBA is runtime ACTIVE ARC: stack unwinding: don't assume non-current task is sleeping powerpc: Drop -me200 addition to build flags iwlwifi: mvm: fix kernel panic in case of assert during CSA arm64: dts: rockchip: Assign a fixed index to mmc devices on rk3399 boards. iwlwifi: pcie: limit memory read spin time spi: bcm2835aux: Restore err assignment in bcm2835aux_spi_probe spi: bcm2835aux: Fix use-after-free on unbind x86/lib: Change .weak to SYM_FUNC_START_WEAK for arch/x86/lib/mem*_64.S Kbuild: do not emit debug info for assembly with LLVM_IAS=1 ANDROID: GKI: Update the ABI xml representation ANDROID: Incremental fs: Set credentials before reading/writing ANDROID: Incremental fs: Fix incfs_test use of atol, open ANDROID: Incremental fs: Change per UID timeouts to microseconds ANDROID: Incremental fs: Add v2 feature flag ANDROID: Incremental fs: Add zstd feature flag Linux 4.19.163 Revert "geneve: pull IP header before ECN decapsulation" x86/insn-eval: Use new for_each_insn_prefix() macro to loop over prefixes bytes netfilter: nf_tables: avoid false-postive lockdep splat Input: i8042 - fix error return code in i8042_setup_aux() dm writecache: remove BUG() and fail gracefully instead i2c: qup: Fix error return code in qup_i2c_bam_schedule_desc() gfs2: check for empty rgrp tree in gfs2_ri_update tracing: Fix userstacktrace option for instances spi: bcm2835: Release the DMA channel if probe fails after dma_init spi: bcm2835: Fix use-after-free on unbind spi: bcm-qspi: Fix use-after-free on unbind spi: Introduce device-managed SPI controller allocation iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs speakup: Reject setting the speakup line discipline outside of speakup i2c: imx: Check for I2SR_IAL after every byte i2c: imx: Fix reset of I2SR_IAL flag x86/uprobes: Do not use prefixes.nbytes when looping over prefixes.bytes mm/swapfile: do not sleep with a spin lock held mm: list_lru: set shrinker map bit when child nr_items is not zero dm: remove invalid sparse __acquires and __releases annotations dm writecache: fix the maximum number of arguments scsi: mpt3sas: Fix ioctl timeout i2c: imx: Don't generate STOP condition if arbitration has been lost cifs: fix potential use-after-free in cifs_echo_request() ftrace: Fix updating FTRACE_FL_TRAMP ALSA: hda/generic: Add option to enforce preferred_dacs pairs ALSA: hda/realtek - Add new codec supported for ALC897 ALSA: hda/realtek: Enable headset of ASUS UX482EG & B9400CEA with ALC294 ALSA: hda/realtek: Add mute LED quirk to yet another HP x360 model tty: Fix ->session locking tty: Fix ->pgrp locking in tiocspgrp() USB: serial: option: fix Quectel BG96 matching USB: serial: option: add support for Thales Cinterion EXS82 USB: serial: option: add Fibocom NL668 variants USB: serial: ch341: sort device-id entries USB: serial: ch341: add new Product ID for CH341A USB: serial: kl5kusb105: fix memleak on open usb: gadget: f_fs: Use local copy of descriptors for userspace copy pinctrl: baytrail: Fix pin being driven low for a while on gpiod_get(..., GPIOD_OUT_HIGH) pinctrl: baytrail: Replace WARN with dev_info_once when setting direct-irq pin to output ANDROID: Add symbol of get_next_event_cpu back ANDROID: x86: configs: gki: add missing CONFIG_BLK_CGROUP ANDROID: Add allowed symbols from sctp.ko and qrtr.ko Linux 4.19.162 RDMA/i40iw: Address an mmap handler exploit in i40iw tracing: Remove WARN_ON in start_thread() Input: i8042 - add ByteSpeed touchpad to noloop table Input: xpad - support Ardwiino Controllers ALSA: usb-audio: US16x08: fix value count for level meters dt-bindings: net: correct interrupt flags in examples chelsio/chtls: fix panic during unload reload chtls net/mlx5: Fix wrong address reclaim when command interface is down net: mvpp2: Fix error return code in mvpp2_open() chelsio/chtls: fix a double free in chtls_setkey() net: pasemi: fix error return code in pasemi_mac_open() cxgb3: fix error return code in t3_sge_alloc_qset() net/x25: prevent a couple of overflows net: ip6_gre: set dev->hard_header_len when using header_ops geneve: pull IP header before ECN decapsulation ibmvnic: Fix TX completion error handling ibmvnic: Ensure that SCRQ entry reads are correctly ordered ipv4: Fix tos mask in inet_rtm_getroute() netfilter: bridge: reset skb->pkt_type after NF_INET_POST_ROUTING traversal bonding: wait for sysfs kobject destruction before freeing struct slave i40e: Fix removing driver while bare-metal VFs pass traffic ibmvnic: fix call_netdevice_notifiers in do_reset net/tls: Protect from calling tls_dev_del for TLS RX twice usbnet: ipheth: fix connectivity with iOS 14 tun: honor IOCB_NOWAIT flag tcp: Set INET_ECN_xmit configuration in tcp_reinit_congestion_control sock: set sk_err to ee_errno on dequeue from errq rose: Fix Null pointer dereference in rose_send_frame() net/tls: missing received data after fast remote close net/af_iucv: set correct sk_protocol for child sockets ipv6: addrlabel: fix possible memory leak in ip6addrlbl_net_init FROMLIST: Kbuild: do not emit debug info for assembly with LLVM_IAS=1 ANDROID: kbuild: use grep -F instead of fgrep ANDROID: GKI: usb: gadget: support claiming indexed endpoints by name UPSTREAM: arm64: sysreg: Clean up instructions for modifying PSTATE fields Revert "Revert "ANDROID: clang: update to 11.0.5"" ANDROID: kbuild: speed up ksym_dep_filter Revert "drm/atomic_helper: Stop modesets on unregistered connectors harder" Linux 4.19.161 USB: core: Fix regression in Hercules audio card x86/resctrl: Add necessary kernfs_put() calls to prevent refcount leak x86/resctrl: Remove superfluous kernfs_get() calls to prevent refcount leak x86/speculation: Fix prctl() when spectre_v2_user={seccomp,prctl},ibpb usb: gadget: Fix memleak in gadgetfs_fill_super USB: quirks: Add USB_QUIRK_DISCONNECT_SUSPEND quirk for Lenovo A630Z TIO built-in usb-audio card usb: gadget: f_midi: Fix memleak in f_midi_alloc USB: core: Change %pK for __user pointers to %px perf probe: Fix to die_entrypc() returns error correctly can: m_can: fix nominal bitiming tseg2 min for version >= 3.1 platform/x86: toshiba_acpi: Fix the wrong variable assignment platform/x86: thinkpad_acpi: Send tablet mode switch at wakeup time can: gs_usb: fix endianess problem with candleLight firmware efivarfs: revert "fix memory leak in efivarfs_create()" optee: add writeback to valid memory type ibmvnic: fix NULL pointer dereference in ibmvic_reset_crq ibmvnic: fix NULL pointer dereference in reset_sub_crq_queues net: ena: set initial DMA width to avoid intel iommu issue nfc: s3fwrn5: use signed integer for parsing GPIO numbers IB/mthca: fix return value of error branch in mthca_init_cq() s390/qeth: fix tear down of async TX buffers cxgb4: fix the panic caused by non smac rewrite bnxt_en: Release PCI regions when DMA mask setup fails during probe. video: hyperv_fb: Fix the cache type when mapping the VRAM bnxt_en: fix error return code in bnxt_init_board() bnxt_en: fix error return code in bnxt_init_one() scsi: ufs: Fix race between shutdown and runtime resume flow ARM: dts: dra76x: m_can: fix order of clocks batman-adv: set .owner to THIS_MODULE phy: tegra: xusb: Fix dangling pointer on probe failure xtensa: uaccess: Add missing __user to strncpy_from_user() prototype perf/x86: fix sysfs type mismatches scsi: target: iscsi: Fix cmd abort fabric stop race scsi: libiscsi: Fix NOP race condition dmaengine: pl330: _prep_dma_memcpy: Fix wrong burst size nvme: free sq/cq dbbuf pointers when dbbuf set fails proc: don't allow async path resolution of /proc/self components HID: Add Logitech Dinovo Edge battery quirk x86/xen: don't unbind uninitialized lock_kicker_irq dmaengine: xilinx_dma: use readl_poll_timeout_atomic variant HID: add HID_QUIRK_INCREMENT_USAGE_ON_DUPLICATE for Gamevice devices HID: hid-sensor-hub: Fix issue with devices with no report ID Input: i8042 - allow insmod to succeed on devices without an i8042 controller HID: add support for Sega Saturn HID: cypress: Support Varmilo Keyboards' media hotkeys ALSA: hda/hdmi: fix incorrect locking in hdmi_pcm_close drm/atomic_helper: Stop modesets on unregistered connectors harder arm64: pgtable: Ensure dirty bit is preserved across pte_wrprotect() arm64: pgtable: Fix pte_accessible() KVM: x86: Fix split-irqchip vs interrupt injection window request KVM: x86: handle !lapic_in_kernel case in kvm_cpu_*_extint KVM: arm64: vgic-v3: Drop the reporting of GICR_TYPER.Last for userspace wireless: Use linux/stddef.h instead of stddef.h btrfs: fix lockdep splat when reading qgroup config on mount btrfs: don't access possibly stale fs_info data for printing duplicate device netfilter: clear skb->next in NF_HOOK_LIST() perf event: Check ref_reloc_sym before using it ANDROID: vmlinux.lds.h: merge compound literal sections BACKPORT: sched/fair: Fix overutilized update in enqueue_task_fair() Linux 4.19.160 mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault() x86/microcode/intel: Check patch signature before saving microcode for early loading seccomp: Set PF_SUPERPRIV when checking capability ptrace: Set PF_SUPERPRIV when checking capability s390/dasd: fix null pointer dereference for ERP requests s390/cpum_sf.c: fix file permission for cpum_sfb_size mac80211: free sta in sta_info_insert_finish() on errors mac80211: minstrel: fix tx status processing corner case mac80211: minstrel: remove deferred sampling code xtensa: disable preemption around cache alias management calls regulator: workaround self-referent regulators regulator: avoid resolve_supply() infinite recursion regulator: fix memory leak with repeated set_machine_constraints() regulator: pfuze100: limit pfuze-support-disable-sw to pfuze{100,200} iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum ext4: fix bogus warning in ext4_update_dx_flag() staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids efivarfs: fix memory leak in efivarfs_create() tty: serial: imx: keep console clocks always on ALSA: hda/realtek: Add some Clove SSID in the ALC293(ALC1220) ALSA: mixart: Fix mutex deadlock ALSA: ctl: fix error path at adding user-defined element set ALSA: usb-audio: Add delay quirk for all Logitech USB devices ALSA: firewire: Clean up a locking issue in copy_resp_to_buf() speakup: Do not let the line discipline be used several times libfs: fix error cast of negative value in simple_attr_write() efi/x86: Free efi_pgd with free_pages() xfs: revert "xfs: fix rmap key and record comparison functions" fail_function: Remove a redundant mutex unlock regulator: ti-abb: Fix array out of bound read access on the first transition xfs: strengthen rmap record flags checking xfs: fix the minrecs logic when dealing with inode root child blocks can: kvaser_usb: kvaser_usb_hydra: Fix KCAN bittiming limits drm/sun4i: dw-hdmi: fix error return code in sun8i_dw_hdmi_bind() MIPS: Alchemy: Fix memleak in alchemy_clk_setup_cpu ASoC: qcom: lpass-platform: Fix memory leak can: m_can: m_can_handle_state_change(): fix state change can: peak_usb: fix potential integer overflow on shift of a int can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to can_put_echo_skb() can: ti_hecc: Fix memleak in ti_hecc_probe can: dev: can_restart(): post buffer from the right context can: af_can: prevent potential access of uninitialized member in canfd_rcv() can: af_can: prevent potential access of uninitialized member in can_rcv() ip_tunnels: Set tunnel option flag when tunnel metadata is present perf lock: Don't free "lock_seq_stat" if read_count isn't zero Input: resistive-adc-touch - fix kconfig dependency on IIO_BUFFER ARM: dts: imx50-evk: Fix the chip select 1 IOMUX arm: dts: imx6qdl-udoo: fix rgmii phy-mode for ksz9031 phy arm64: dts: allwinner: h5: OrangePi Prime: Fix ethernet node MIPS: export has_transparent_hugepage() for modules Input: adxl34x - clean up a data type in adxl34x_probe() arm64: dts: allwinner: a64: bananapi-m64: Enable RGMII RX/TX delay on PHY ARM: dts: sun8i: a83t: Enable both RGMII RX/TX delay on Ethernet PHY ARM: dts: sun8i: h3: orangepi-plus2e: Enable RGMII RX/TX delay on Ethernet PHY Revert "arm: sun8i: orangepi-pc-plus: Set EMAC activity LEDs to active high" ARM: dts: sun8i: r40: bananapi-m2-ultra: Fix ethernet node arm64: dts: allwinner: h5: OrangePi PC2: Fix ethernet node arm64: dts: allwinner: a64: Pine64 Plus: Fix ethernet node vfs: remove lockdep bogosity in __sb_start_write arm64: psci: Avoid printing in cpu_psci_cpu_die() ACPI: button: Add DMI quirk for Medion Akoya E2228T selftests: kvm: Fix the segment descriptor layout to match the actual layout scsi: ufs: Fix unbalanced scsi_block_reqs_cnt caused by ufshcd_hold() pinctrl: rockchip: enable gpio pclk for rockchip_gpio_to_irq net: ftgmac100: Fix crash when removing driver net/ncsi: Fix netlink registration net: usb: qmi_wwan: Set DTR quirk for MR400 net/mlx5: Disable QoS when min_rates on all VFs are zero tcp: only postpone PROBE_RTT if RTT is < current min_rtt estimate sctp: change to hold/put transport for proto_unreach_timer qlcnic: fix error return code in qlcnic_83xx_restart_hw() qed: fix error return code in qed_iwarp_ll2_start() page_frag: Recover from memory pressure net: x25: Increase refcnt of "struct x25_neigh" in x25_rx_call_request net: qualcomm: rmnet: Fix incorrect receive packet handling during cleanup net/mlx4_core: Fix init_hca fields offset netlabel: fix an uninitialized warning in netlbl_unlabel_staticlist() netlabel: fix our progress tracking in netlbl_unlabel_staticlist() net: Have netpoll bring-up DSA management interface net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 net: bridge: add missing counters to ndo_get_stats64 callback net: b44: fix error return code in b44_init_one() mlxsw: core: Use variable timeout for EMAD retries lan743x: prevent entire kernel HANG on open, for some platforms lan743x: fix issue causing intermittent kernel log warnings inet_diag: Fix error path to cancel the meseage in inet_req_diag_fill() devlink: Add missing genlmsg_cancel() in devlink_nl_sb_port_pool_fill() bnxt_en: read EEPROM A2h address using page 0 atm: nicstar: Unmap DMA on send error ah6: fix error return code in ah6_input() Linux 4.19.159 ACPI: GED: fix -Wformat KVM: x86: clflushopt should be treated as a no-op by emulation can: proc: can_remove_proc(): silence remove_proc_entry warning mac80211: always wind down STA state Input: sunkbd - avoid use-after-free in teardown paths powerpc/8xx: Always fault when _PAGE_ACCESSED is not set Revert "perf cs-etm: Move definition of 'traceid_list' global variable from header file" powerpc/64s: flush L1D after user accesses powerpc/uaccess: Evaluate macro arguments once, before user access is allowed powerpc: Fix __clear_user() with KUAP enabled powerpc: Implement user_access_begin and friends powerpc: Add a framework for user access tracking powerpc/64s: flush L1D on kernel entry powerpc/64s: move some exception handlers out of line ANDROID: GKI: Update ABI for incfs and dm-user Revert "ANDROID: Add dependencies of dm-user.ko" ANDROID: Incremental fs: Add zstd compression support ANDROID: Incremental fs: Small improvements ANDROID: Incremental fs: Initialize mount options correctly ANDROID: Incremental fs: Fix read_log_test which failed sporadically ANDROID: Incremental fs: Fix misuse of cpu_to_leXX and poll return ANDROID: Incremental fs: Add per UID read timeouts ANDROID: Incremental fs: Add .incomplete folder ANDROID: Incremental fs: Fix dangling else ANDROID: Incremental fs: Fix uninitialized variable ANDROID: Incremental fs: Fix filled block count from get filled blocks ANDROID: Incremental fs: Add hash block counts to IOC_IOCTL_GET_BLOCK_COUNT ANDROID: Incremental fs: Add INCFS_IOC_GET_BLOCK_COUNT ANDROID: Incremental fs: Make compatible with existing files ANDROID: Incremental fs: Remove block HASH flag ANDROID: Incremental fs: Remove back links and crcs ANDROID: Incremental fs: Remove attributes from file ANDROID: Incremental fs: Add .blocks_written file ANDROID: Incremental fs: Separate pseudo-file code ANDROID: Incremental fs: Add UID to pending_read ANDROID: Incremental fs: Create mapped file ANDROID: Incremental fs: Don't allow renaming .index directory. ANDROID: Incremental fs: Fix incfs to work on virtio-9p ANDROID: Incremental fs: Allow running a single test ANDROID: Incremental fs: Adding perf test ANDROID: Incremental fs: Stress tool ANDROID: Incremental fs: Use R/W locks to read/write segment blockmap. ANDROID: Incremental fs: Remove unnecessary dependencies ANDROID: Incremental fs: Remove annoying pr_debugs ANDROID: Incremental fs: dentry_revalidate should not return -EBADF. ANDROID: Incremental fs: Fix minor bugs ANDROID: Incremental fs: RCU locks instead of mutex for pending_reads. ANDROID: Incremental fs: fix up attempt to copy structures with READ/WRITE_ONCE Revert "ANDROID: clang: update to 11.0.5" Linux 4.19.158 Convert trailing spaces and periods in path components net: sch_generic: fix the missing new qdisc assignment bug reboot: fix overflow parsing reboot cpu number Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint" perf/core: Fix race in the perf_mmap_close() function perf scripting python: Avoid declaring function pointers with a visibility attribute x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP random32: make prandom_u32() output unpredictable r8169: fix potential skb double free in an error path vrf: Fix fast path output packet handling with async Netfilter rules tipc: fix memory leak in tipc_topsrv_start() net/x25: Fix null-ptr-deref in x25_connect net: Update window_clamp if SOCK_RCVBUF is set net/af_iucv: fix null pointer dereference on shutdown IPv6: Set SIT tunnel hard_header_len to zero swiotlb: fix "x86: Don't panic if can not alloc buffer for swiotlb" erofs: derive atime instead of leaving it empty pinctrl: amd: fix incorrect way to disable debounce filter pinctrl: amd: use higher precision for 512 RtcClk drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[] don't dump the threads that had been already exiting when zapped. mmc: renesas_sdhi_core: Add missing tmio_mmc_host_free() at remove gpio: pcie-idio-24: Enable PEX8311 interrupts gpio: pcie-idio-24: Fix IRQ Enable Register value gpio: pcie-idio-24: Fix irq mask when masking selinux: Fix error return code in sel_ib_pkey_sid_slow() btrfs: fix potential overflow in cluster_pages_for_defrag on 32bit arch ocfs2: initialize ip_next_orphan futex: Don't enable IRQs unconditionally in put_pi_state() mei: protect mei_cl_mtu from null dereference xhci: hisilicon: fix refercence leak in xhci_histb_probe usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode uio: Fix use-after-free in uio_unregister_device() thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() thunderbolt: Fix memory leak if ida_simple_get() fails in enumerate_services() btrfs: dev-replace: fail mount if we don't have replace item with target device btrfs: ref-verify: fix memory leak in btrfs_ref_tree_mod ext4: unlock xattr_sem properly in ext4_inline_data_truncate() ext4: correctly report "not supported" for {usr,grp}jquota when !CONFIG_QUOTA perf: Fix get_recursion_context() cosa: Add missing kfree in error path of cosa_write of/address: Fix of_node memory leak in of_dma_is_coherent xfs: fix a missing unlock on error in xfs_fs_map_blocks lan743x: fix "BUG: invalid wait context" when setting rx mode xfs: fix brainos in the refcount scrubber's rmap fragment processor xfs: fix rmap key and record comparison functions xfs: set the unwritten bit in rmap lookup flags in xchk_bmap_get_rmapextents xfs: fix flags argument to rmap lookup when converting shared file rmaps nbd: fix a block_device refcount leak in nbd_release pinctrl: aspeed: Fix GPI only function problem. ARM: 9019/1: kprobes: Avoid fortify_panic() when copying optprobe template pinctrl: intel: Set default bias in case no particular value given mfd: sprd: Add wakeup capability for PMIC IRQ tick/common: Touch watchdog in tick_unfreeze() on all CPUs tpm_tis: Disable interrupts on ThinkPad T490s selftests: proc: fix warning: _GNU_SOURCE redefined vfio: platform: fix reference leak in vfio_platform_open s390/smp: move rcu_cpu_starting() earlier iommu/amd: Increase interrupt remapping table limit to 512 entries scsi: scsi_dh_alua: Avoid crash during alua_bus_detach() cfg80211: regulatory: Fix inconsistent format argument mac80211: fix use of skb payload instead of header drm/amd/pm: do not use ixFEATURE_STATUS for checking smc running drm/amd/pm: perform SMC reset on suspend/hibernation drm/amdgpu: perform srbm soft reset always on SDMA resume scsi: hpsa: Fix memory leak in hpsa_init_one() gfs2: check for live vs. read-only file system in gfs2_fitrim gfs2: Add missing truncate_inode_pages_final for sd_aspace gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free usb: gadget: goku_udc: fix potential crashes in probe crypto: arm64/aes-modes - get rid of literal load of addend vector netfilter: use actual socket sk rather than skb sk when routing harder ath9k_htc: Use appropriate rs_datalen type Btrfs: fix missing error return if writeback for extent buffer never started tpm: efi: Don't create binary_bios_measurements file for an empty log xfs: fix scrub flagging rtinherit even if there is no rt device xfs: flush new eof page on truncate to avoid post-eof corruption can: flexcan: remove FLEXCAN_QUIRK_DISABLE_MECR quirk for LS1021A can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping can: peak_usb: add range checking in decode operations can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context can: rx-offload: don't call kfree_skb() from IRQ context ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() perf tools: Add missing swap for ino_generation netfilter: ipset: Update byte and packet counters regardless of whether they match xfs: set xefi_discard when creating a deferred agfl free log intent item net: xfrm: fix a race condition during allocing spi hv_balloon: disable warning when floor reached genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY btrfs: reschedule when cloning lots of extents btrfs: sysfs: init devices outside of the chunk_mutex usb: dwc3: gadget: Reclaim extra TRBs after request completion usb: dwc3: gadget: Continue to process pending requests nbd: don't update block size after device is started time: Prevent undefined behaviour in timespec64_to_ns() regulator: defer probe when trying to get voltage from unresolved supply FROMGIT: Input: Add devices for HID_QUIRK_INCREMENT_USAGE_ON_DUPLICATE ANDROID: arm64: Fix off-by-one vdso trampoline return value ANDROID: Add dependencies of dm-user.ko UPSTREAM: arm64: vdso: Add -fasynchronous-unwind-tables to cflags UPSTREAM: of: property: Fix create device links for all child-supplier dependencies UPSTREAM: of: property: Do not link to disabled devices UPSTREAM: drm: Fix doc warning in drm_connector_attach_edid_property() UPSTREAM: selinux: fix non-MLS handling in mls_context_to_sid() UPSTREAM: drm/prime: Fix drm_gem_prime_mmap() stack use UPSTREAM: crypto: chacha-generic - fix use as arm64 no-NEON fallback UPSTREAM: slab: store tagged freelist for off-slab slabmgmt UPSTREAM: parisc: Switch from DISCONTIGMEM to SPARSEMEM UPSTREAM: cgroup: Move cgroup_parse_float() implementation out of CONFIG_SYSFS UPSTREAM: fork: don't check parent_tidptr with CLONE_PIDFD UPSTREAM: vdso: Remove superfluous #ifdef __KERNEL__ in vdso/datapage.h UPSTREAM: arm64: compat: No need for pre-ARMv7 barriers on an ARMv8 system UPSTREAM: timekeeping/vsyscall: Use __iter_div_u64_rem() UPSTREAM: kasan: remove clang version check for KASAN_STACK UPSTREAM: page flags: prioritize kasan bits over last-cpuid UPSTREAM: timekeeping/vsyscall: Prevent math overflow in BOOTTIME update UPSTREAM: kcm: disable preemption in kcm_parse_func_strparser() UPSTREAM: cfg80211: validate SSID/MBSSID element ordering assumption UPSTREAM: MIPS: VDSO: Fix build for binutils < 2.25 UPSTREAM: virt_wifi: fix refcnt leak in module exit routine UPSTREAM: sched/topology: Allow sched_asym_cpucapacity to be disabled UPSTREAM: scripts/tools-support-relr.sh: un-quote variables UPSTREAM: fork: fix pidfd_poll()'s return type UPSTREAM: virt_wifi: fix use-after-free in virt_wifi_newlink() UPSTREAM: of/platform: Unconditionally pause/resume sync state during kernel init UPSTREAM: selinux: ensure the policy has been loaded before reading the sidtab stats UPSTREAM: raid6/test: fix a compilation error UPSTREAM: PM: hibernate: fix crashes with init_on_free=1 UPSTREAM: ARM: bcm2835_defconfig: Explicitly restore CONFIG_DEBUG_FS UPSTREAM: ARM: socfpga_defconfig: Add back DEBUG_FS UPSTREAM: binderfs: use refcount for binder control devices too UPSTREAM: um: Fix header inclusion UPSTREAM: PM: sleep: wakeup: Skip wakeup_source_sysfs_remove() if device is not there UPSTREAM: Input: fix stale timestamp on key autorepeat events UPSTREAM: mm/filemap.c: don't bother dropping mmap_sem for zero size readahead UPSTREAM: arm64: vdso: don't free unallocated pages UPSTREAM: usb: typec: altmode: Fix typec_altmode_get_partner sometimes returning an invalid pointer UPSTREAM: ipv6: ndisc: RFC-ietf-6man-ra-pref64-09 is now published as RFC8781 UPSTREAM: s390/setup: init jump labels before command line parsing UPSTREAM: dma-buf: free dmabuf->name in dma_buf_release() UPSTREAM: driver core: Don't do deferred probe in parallel with kernel_init thread UPSTREAM: fscrypt: restrict IV_INO_LBLK_* to AES-256-XTS UPSTREAM: fscrypt: use smp_load_acquire() for fscrypt_prepared_key UPSTREAM: mm/page_alloc: silence a KASAN false positive UPSTREAM: ARM64: vdso32: Install vdso32 from vdso_install UPSTREAM: fscrypt: restrict IV_INO_LBLK_32 to ino_bits <= 32 UPSTREAM: coresight: tmc: Fix bad register address for CLAIM UPSTREAM: coresight: etm4x: Fix unused function warning UPSTREAM: coresight: etm4x: Fix use-after-free of per-cpu etm drvdata UPSTREAM: coresight: etm4x: Fix save/restore during cpu idle UPSTREAM: coresight: etm4x: Handle unreachable sink in perf mode UPSTREAM: coresight: etm4x: Fix issues on trcseqevr access UPSTREAM: coresight: etm: perf: Fix warning caused by etm_setup_aux failure UPSTREAM: coresight: etm4x: Fix save and restore of TRCVMIDCCTLR1 register Change-Id: I484731476d503d3b60e4d072fcf8e94fbff8c2e2 Signed-off-by: UtsavBalar1231 <utsavbalar1231@gmail.com> |
||
Daniel Rosenberg
|
04d57a86ea |
fscrypt: Have filesystems handle their d_ops
This shifts the responsibility of setting up dentry operations from fscrypt to the individual filesystems, allowing them to have their own operations while still setting fscrypt's d_revalidate as appropriate. Most filesystems can just use generic_set_encrypted_ci_d_ops, unless they have their own specific dentry operations as well. That operation will set the minimal d_ops required under the circumstances. Since the fscrypt d_ops are set later on, we must set all d_ops there, since we cannot adjust those later on. This should not result in any change in behavior. Signed-off-by: Daniel Rosenberg <drosen@google.com> Acked-by: Theodore Ts'o <tytso@mit.edu> Acked-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org> |
||
Neeraj Soni
|
29db976690 |
fs: crypto: support IV_INO_LBLK_32 for legacy (V1) format
New file encryption V2 format suports IV_INO_LBLK_32 but this is needed in V1 to support over the air upgrade which uses FS_ENCRYPTION_MODE_PRIVATE data encryption mode. Also randomness of encrypted data for eMMC devices is fixed. Test: vts-kernel-encryption-test after Q to R OTA. Change-Id: Idb9f5a140e755a9f5c9aa26d5f0e900252f441e8 Signed-off-by: Neeraj Soni <neersoni@codeaurora.org> |
||
Eric Biggers
|
7a41c5760f |
UPSTREAM: fscrypt: use smp_load_acquire() for fscrypt_prepared_key
Normally smp_store_release() or cmpxchg_release() is paired with smp_load_acquire(). Sometimes smp_load_acquire() can be replaced with the more lightweight READ_ONCE(). However, for this to be safe, all the published memory must only be accessed in a way that involves the pointer itself. This may not be the case if allocating the object also involves initializing a static or global variable, for example. fscrypt_prepared_key includes a pointer to a crypto_skcipher object, which is internal to and is allocated by the crypto subsystem. By using READ_ONCE() for it, we're relying on internal implementation details of the crypto subsystem. Remove this fragile assumption by using smp_load_acquire() instead. (Note: I haven't seen any real-world problems here. This change is just fixing the code to be guaranteed correct and less fragile.) Fixes: 5fee36095cda ("fscrypt: add inline encryption support") Cc: Satya Tangirala <satyat@google.com> Link: https://lore.kernel.org/r/20200721225920.114347-3-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> (cherry picked from commit 97c6327f7192d7312eabc033b26a41ad6816496c) Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I08747eb4b756d1352d4cd385aff232c2a0a2b405 |
||
Eric Biggers
|
0764ced2f0 |
Merge remote-tracking branch 'aosp/upstream-f2fs-stable-linux-4.19.y' into android-4.19-stable
* aosp/upstream-f2fs-stable-linux-4.19.y: fscrypt: remove stale definition fs-verity: remove unnecessary extern keywords fs-verity: fix all kerneldoc warnings fscrypt: add support for IV_INO_LBLK_32 policies fscrypt: make test_dummy_encryption use v2 by default fscrypt: support test_dummy_encryption=v2 fscrypt: add fscrypt_add_test_dummy_key() linux/parser.h: add include guards fscrypt: remove unnecessary extern keywords fscrypt: name all function parameters fscrypt: fix all kerneldoc warnings Conflicts: fs/crypto/fscrypt_private.h fs/crypto/keyring.c fs/crypto/keysetup.c fs/ext4/ext4.h fs/ext4/super.c fs/f2fs/f2fs.h fs/f2fs/super.c include/linux/fscrypt.h Resolved the conflicts as per the corresponding android-mainline change, I7198edbca759839aceeec2598e7a81305756c4d7. Bug: 154167995 Test: kvm-xfstests -c ext4,f2fs,ext4/encrypt,f2fs/encrypt \ -g encrypt -g verity -g casefold kvm-xfstests -c ext4,f2fs,ext4/encrypt,f2fs/encrypt \ -g encrypt -g verity -g casefold -m inlinecrypt Change-Id: Id12839f7948374575f9d15eee6a9c6a9382eacf3 Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
7ca5c58183 |
fscrypt: add support for IV_INO_LBLK_32 policies
The eMMC inline crypto standard will only specify 32 DUN bits (a.k.a. IV bits), unlike UFS's 64. IV_INO_LBLK_64 is therefore not applicable, but an encryption format which uses one key per policy and permits the moving of encrypted file contents (as f2fs's garbage collector requires) is still desirable. To support such hardware, add a new encryption format IV_INO_LBLK_32 that makes the best use of the 32 bits: the IV is set to 'SipHash-2-4(inode_number) + file_logical_block_number mod 2^32', where the SipHash key is derived from the fscrypt master key. We hash only the inode number and not also the block number, because we need to maintain contiguity of DUNs to merge bios. Unlike with IV_INO_LBLK_64, with this format IV reuse is possible; this is unavoidable given the size of the DUN. This means this format should only be used where the requirements of the first paragraph apply. However, the hash spreads out the IVs in the whole usable range, and the use of a keyed hash makes it difficult for an attacker to determine which files use which IVs. Besides the above differences, this flag works like IV_INO_LBLK_64 in that on ext4 it is only allowed if the stable_inodes feature has been enabled to prevent inode numbers and the filesystem UUID from changing. Link: https://lore.kernel.org/r/20200515204141.251098-1-ebiggers@kernel.org Reviewed-by: Theodore Ts'o <tytso@mit.edu> Reviewed-by: Paul Crowley <paulcrowley@google.com> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
37bd5129df |
fscrypt: add fscrypt_add_test_dummy_key()
Currently, the test_dummy_encryption mount option (which is used for encryption I/O testing with xfstests) uses v1 encryption policies, and it relies on userspace inserting a test key into the session keyring. We need test_dummy_encryption to support v2 encryption policies too. Requiring userspace to add the test key doesn't work well with v2 policies, since v2 policies only support the filesystem keyring (not the session keyring), and keys in the filesystem keyring are lost when the filesystem is unmounted. Hooking all test code that unmounts and re-mounts the filesystem would be difficult. Instead, let's make the filesystem automatically add the test key to its keyring when test_dummy_encryption is enabled. That puts the responsibility for choosing the test key on the kernel. We could just hard-code a key. But out of paranoia, let's first try using a per-boot random key, to prevent this code from being misused. A per-boot key will work as long as no one expects dummy-encrypted files to remain accessible after a reboot. (gce-xfstests doesn't.) Therefore, this patch adds a function fscrypt_add_test_dummy_key() which implements the above. The next patch will use it. Link: https://lore.kernel.org/r/20200512233251.118314-3-ebiggers@kernel.org Reviewed-by: Theodore Ts'o <tytso@mit.edu> Reviewed-by: Jaegeuk Kim <jaegeuk@kernel.org> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
bece9b9243 |
fscrypt: remove unnecessary extern keywords
Remove the unnecessary 'extern' keywords from function declarations. This makes it so that we don't have a mix of both styles, so it won't be ambiguous what to use in new fscrypt patches. This also makes the code shorter and matches the 'checkpatch --strict' expectation. Link: https://lore.kernel.org/r/20200511191358.53096-4-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
4c82d08cea |
fscrypt: fix all kerneldoc warnings
Fix all kerneldoc warnings in fs/crypto/ and include/linux/fscrypt.h. Most of these were due to missing documentation for function parameters. Detected with: scripts/kernel-doc -v -none fs/crypto/*.{c,h} include/linux/fscrypt.h This cleanup makes it possible to check new patches for kerneldoc warnings without having to filter out all the existing ones. For consistency, also adjust some function "brief descriptions" to include the parentheses and to wrap at 80 characters. (The latter matches the checkpatch expectation.) Link: https://lore.kernel.org/r/20200511191358.53096-2-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
4286f44bea |
BACKPORT: FROMLIST: fscrypt: add support for IV_INO_LBLK_32 policies
The eMMC inline crypto standard will only specify 32 DUN bits (a.k.a. IV bits), unlike UFS's 64. IV_INO_LBLK_64 is therefore not applicable, but an encryption format which uses one key per policy and permits the moving of encrypted file contents (as f2fs's garbage collector requires) is still desirable. To support such hardware, add a new encryption format IV_INO_LBLK_32 that makes the best use of the 32 bits: the IV is set to 'SipHash-2-4(inode_number) + file_logical_block_number mod 2^32', where the SipHash key is derived from the fscrypt master key. We hash only the inode number and not also the block number, because we need to maintain contiguity of DUNs to merge bios. Unlike with IV_INO_LBLK_64, with this format IV reuse is possible; this is unavoidable given the size of the DUN. This means this format should only be used where the requirements of the first paragraph apply. However, the hash spreads out the IVs in the whole usable range, and the use of a keyed hash makes it difficult for an attacker to determine which files use which IVs. Besides the above differences, this flag works like IV_INO_LBLK_64 in that on ext4 it is only allowed if the stable_inodes feature has been enabled to prevent inode numbers and the filesystem UUID from changing. Signed-off-by: Eric Biggers <ebiggers@google.com> Link: https://lore.kernel.org/r/20200515204141.251098-1-ebiggers@kernel.org (Resolved conflicts with inline encryption support. Besides the necessary "straightforward" merge resolutions, also made fscrypt_get_dun_bytes() aware of IV_INO_LBLK_32 and made IV_INO_LBLK_32 usable with wrapped keys.) Test: 'atest vts_kernel_encryption_test' on Cuttlefish with the IV_INO_LBLK_32 test added (http://aosp/1315024). Also tested enabling this in the fstab for Cuttlefish (using http://aosp/1315886). Also ran 'kvm-xfstests -c ext4,f2fs -g encrypt', including my work-in-progress xfstest for IV_INO_LBLK_32. Bug: 144046242 Change-Id: I57df71d502bde0475efc906a0812102063ff2f2a Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
ecf91c963d |
fscrypt: add FS_IOC_GET_ENCRYPTION_NONCE ioctl
Add an ioctl FS_IOC_GET_ENCRYPTION_NONCE which retrieves the nonce from an encrypted file or directory. The nonce is the 16-byte random value stored in the inode's encryption xattr. It is normally used together with the master key to derive the inode's actual encryption key. The nonces are needed by automated tests that verify the correctness of the ciphertext on-disk. Except for the IV_INO_LBLK_64 case, there's no way to replicate a file's ciphertext without knowing that file's nonce. The nonces aren't secret, and the existing ciphertext verification tests in xfstests retrieve them from disk using debugfs or dump.f2fs. But in environments that lack these debugging tools, getting the nonces by manually parsing the filesystem structure would be very hard. To make this important type of testing much easier, let's just add an ioctl that retrieves the nonce. Link: https://lore.kernel.org/r/20200314205052.93294-2-ebiggers@kernel.org Reviewed-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
b30501efe9 |
ANDROID: fscrypt: fall back to filesystem-layer crypto when needed
When the filesystem is mounted with '-o inlinecrypt', make fscrypt fall back to filesystem-layer crypto when inline crypto won't work, e.g. due to the hardware not supporting the encryption algorithm. When blk-crypto-fallback is disabled, this fixes '-o inlinecrypt' to not break any fscrypt policies that would otherwise work. This is needed for VtsKernelEncryptionTest to pass on some devices. Bug: 137270441 Bug: 151100202 Test: 'atest vts_kernel_encryption_test' on Pixel 4 with the inline crypto patches backported, and also on Cuttlefish. Change-Id: I3e730df4608efb12d7126d1a85faddcccb566764 Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
4182a31c77 |
UPSTREAM: fscrypt: add FS_IOC_GET_ENCRYPTION_NONCE ioctl
Add an ioctl FS_IOC_GET_ENCRYPTION_NONCE which retrieves the nonce from an encrypted file or directory. The nonce is the 16-byte random value stored in the inode's encryption xattr. It is normally used together with the master key to derive the inode's actual encryption key. The nonces are needed by automated tests that verify the correctness of the ciphertext on-disk. Except for the IV_INO_LBLK_64 case, there's no way to replicate a file's ciphertext without knowing that file's nonce. The nonces aren't secret, and the existing ciphertext verification tests in xfstests retrieve them from disk using debugfs or dump.f2fs. But in environments that lack these debugging tools, getting the nonces by manually parsing the filesystem structure would be very hard. To make this important type of testing much easier, let's just add an ioctl that retrieves the nonce. Link: https://lore.kernel.org/r/20200314205052.93294-2-ebiggers@kernel.org Reviewed-by: Theodore Ts'o <tytso@mit.edu> (cherry picked from commit e98ad464750c0894bc560d10503dae8ff90ccdac) Bug: 151100202 Change-Id: Ieef2c57b9257ae38eb2e5c1a018ca6f325bb62dd Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Daniel Rosenberg
|
af2b6eaa10 |
FROMLIST: fscrypt: Have filesystems handle their d_ops
This shifts the responsibility of setting up dentry operations from fscrypt to the individual filesystems, allowing them to have their own operations while still setting fscrypt's d_revalidate as appropriate. Also added helper function to libfs to unify ext4 and f2fs implementations. Signed-off-by: Daniel Rosenberg <drosen@google.com> Test: Boots, /data/media is case insensitive Bug: 138322712 Link: https://lore.kernel.org/linux-f2fs-devel/20200208013552.241832-1-drosen@google.com/T/#t Change-Id: Iaf77f8c5961ecf22e22478701ab0b7fe2025225d |
||
Barani Muthukumaran
|
66b3c81270 |
ANDROID: block: Prevent crypto fallback for wrapped keys
blk-crypto-fallback does not support wrapped keys, hence prevent falling back when program_key fails. Add 'is_hw_wrapped' flag to blk-crypto-key to mention if the key is wrapped when the key is initialized. Bug: 147209885 Test: Validate FBE, simulate a failure in the underlying blk device and ensure the call fails without falling back to blk-crypto-fallback. Change-Id: I8bc301ca1ac9e55ba6ab622e8325486916b45c56 Signed-off-by: Barani Muthukumaran <bmuthuku@codeaurora.org> |
||
Eric Biggers
|
b60858fe82 |
Merge remote-tracking branch 'aosp/upstream-f2fs-stable-linux-4.19.y' into android-4.19
* aosp/upstream-f2fs-stable-linux-4.19.y: fs-verity: use u64_to_user_ptr() fs-verity: use mempool for hash requests fs-verity: implement readahead of Merkle tree pages fs-verity: implement readahead for FS_IOC_ENABLE_VERITY fscrypt: improve format of no-key names ubifs: allow both hash and disk name to be provided in no-key names ubifs: don't trigger assertion on invalid no-key filename fscrypt: clarify what is meant by a per-file key fscrypt: derive dirhash key for casefolded directories fscrypt: don't allow v1 policies with casefolding fscrypt: add "fscrypt_" prefix to fname_encrypt() fscrypt: don't print name of busy file when removing key fscrypt: document gfp_flags for bounce page allocation fscrypt: optimize fscrypt_zeroout_range() fscrypt: remove redundant bi_status check fscrypt: Allow modular crypto algorithms fscrypt: include <linux/ioctl.h> in UAPI header fscrypt: don't check for ENOKEY from fscrypt_get_encryption_info() fscrypt: remove fscrypt_is_direct_key_policy() fscrypt: move fscrypt_valid_enc_modes() to policy.c fscrypt: check for appropriate use of DIRECT_KEY flag earlier fscrypt: split up fscrypt_supported_policy() by policy version fscrypt: introduce fscrypt_needs_contents_encryption() fscrypt: move fscrypt_d_revalidate() to fname.c fscrypt: constify inode parameter to filename encryption functions fscrypt: constify struct fscrypt_hkdf parameter to fscrypt_hkdf_expand() fscrypt: verify that the crypto_skcipher has the correct ivsize fscrypt: use crypto_skcipher_driver_name() fscrypt: support passing a keyring key to FS_IOC_ADD_ENCRYPTION_KEY keys: Export lookup_user_key to external users Conflicts: fs/crypto/Kconfig fs/crypto/bio.c fs/crypto/fname.c fs/crypto/fscrypt_private.h fs/crypto/keyring.c fs/crypto/keysetup.c fs/ubifs/dir.c include/uapi/linux/fscrypt.h Resolved the conflicts as per the corresponding android-mainline change, Ib1e6b9eda8fb5dcfc6bdc8fa89d93f72b088c5f6. Bug: 148667616 Change-Id: I5f8b846f0cd4d5403d8c61b9e12acb4581fac6f7 Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
338a1f52ae |
fscrypt: clarify what is meant by a per-file key
Now that there's sometimes a second type of per-file key (the dirhash key), clarify some function names, macros, and documentation that specifically deal with per-file *encryption* keys. Link: https://lore.kernel.org/r/20200120223201.241390-4-ebiggers@kernel.org Reviewed-by: Daniel Rosenberg <drosen@google.com> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Daniel Rosenberg
|
7495f91bb5 |
fscrypt: derive dirhash key for casefolded directories
When we allow indexed directories to use both encryption and casefolding, for the dirhash we can't just hash the ciphertext filenames that are stored on-disk (as is done currently) because the dirhash must be case insensitive, but the stored names are case-preserving. Nor can we hash the plaintext names with an unkeyed hash (or a hash keyed with a value stored on-disk like ext4's s_hash_seed), since that would leak information about the names that encryption is meant to protect. Instead, if we can accept a dirhash that's only computable when the fscrypt key is available, we can hash the plaintext names with a keyed hash using a secret key derived from the directory's fscrypt master key. We'll use SipHash-2-4 for this purpose. Prepare for this by deriving a SipHash key for each casefolded encrypted directory. Make sure to handle deriving the key not only when setting up the directory's fscrypt_info, but also in the case where the casefold flag is enabled after the fscrypt_info was already set up. (We could just always derive the key regardless of casefolding, but that would introduce unnecessary overhead for people not using casefolding.) Signed-off-by: Daniel Rosenberg <drosen@google.com> [EB: improved commit message, updated fscrypt.rst, squashed with change that avoids unnecessarily deriving the key, and many other cleanups] Link: https://lore.kernel.org/r/20200120223201.241390-3-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
2ad325daa7 |
fscrypt: add "fscrypt_" prefix to fname_encrypt()
fname_encrypt() is a global function, due to being used in both fname.c and hooks.c. So it should be prefixed with "fscrypt_", like all the other global functions in fs/crypto/. Link: https://lore.kernel.org/r/20200120071736.45915-1-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
bfc935af5b |
fscrypt: remove fscrypt_is_direct_key_policy()
fscrypt_is_direct_key_policy() is no longer used, so remove it. Link: https://lore.kernel.org/r/20191209211829.239800-5-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
51a6bbc53f |
fscrypt: move fscrypt_valid_enc_modes() to policy.c
fscrypt_valid_enc_modes() is only used by policy.c, so move it to there. Also adjust the order of the checks to be more natural, matching the numerical order of the constants and also keeping AES-256 (the recommended default) first in the list. No change in behavior. Link: https://lore.kernel.org/r/20191209211829.239800-4-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
6dad35d9e8 |
fscrypt: check for appropriate use of DIRECT_KEY flag earlier
FSCRYPT_POLICY_FLAG_DIRECT_KEY is currently only allowed with Adiantum encryption. But FS_IOC_SET_ENCRYPTION_POLICY allowed it in combination with other encryption modes, and an error wasn't reported until later when the encrypted directory was actually used. Fix it to report the error earlier by validating the correct use of the DIRECT_KEY flag in fscrypt_supported_policy(), similar to how we validate the IV_INO_LBLK_64 flag. Link: https://lore.kernel.org/r/20191209211829.239800-3-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
b168e58523 |
fscrypt: move fscrypt_d_revalidate() to fname.c
fscrypt_d_revalidate() and fscrypt_d_ops really belong in fname.c, since they're specific to filenames encryption. crypto.c is for contents encryption and general fs/crypto/ initialization and utilities. Link: https://lore.kernel.org/r/20191209204359.228544-1-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
bac335ab74 |
fscrypt: constify inode parameter to filename encryption functions
Constify the struct inode parameter to fscrypt_fname_disk_to_usr() and the other filename encryption functions so that users don't have to pass in a non-const inode when they are dealing with a const one, as in [1]. [1] https://lkml.kernel.org/linux-ext4/20191203051049.44573-6-drosen@google.com/ Cc: Daniel Rosenberg <drosen@google.com> Link: https://lore.kernel.org/r/20191215213947.9521-1-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
38c2723e47 |
fscrypt: constify struct fscrypt_hkdf parameter to fscrypt_hkdf_expand()
Constify the struct fscrypt_hkdf parameter to fscrypt_hkdf_expand(). This makes it clearer that struct fscrypt_hkdf contains the key only, not any per-request state. Link: https://lore.kernel.org/r/20191209204054.227736-1-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Barani Muthukumaran
|
23b81578bf |
ANDROID: fscrypt: add support for hardware-wrapped keys
To prevent keys from being compromised if an attacker acquires read access to kernel memory, some inline encryption hardware supports protecting the keys in hardware without software having access to or the ability to set the plaintext keys. Instead, software only sees "wrapped keys", which may differ on every boot. The keys can be initially generated either by software (in which case they need to be imported to hardware to be wrapped), or directly by the hardware. Add support for this type of hardware by allowing keys to be flagged as hardware-wrapped and encryption policies to be flagged as needing a hardware-wrapped key. When used, fscrypt will pass the wrapped key directly to the inline encryption hardware to encrypt file contents. The hardware is responsible for internally unwrapping the key and deriving the actual file contents encryption key. fscrypt also asks the inline encryption hardware to derive a cryptographically isolated software "secret", which fscrypt then uses as the master key for all other purposes besides file contents encryption, e.g. to derive filenames encryption keys and the key identifier. Bug: 147209885 Change-Id: I7f4cc5c32f130709db3eb9ebdb1ebfff5751ca95 Co-developed-by: Gaurav Kashyap <gaurkash@codeaurora.org> Signed-off-by: Gaurav Kashyap <gaurkash@codeaurora.org> Signed-off-by: Barani Muthukumaran <bmuthuku@codeaurora.org> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Jaegeuk Kim
|
13e96f0215 |
Merge remote-tracking branch 'aosp/upstream-f2fs-stable-linux-4.19.y' into android-4.19
Merged in v5.5-rc1. * aosp/upstream-f2fs-stable-linux-4.19.y: docs: fs-verity: mention statx() support f2fs: support STATX_ATTR_VERITY ext4: support STATX_ATTR_VERITY statx: define STATX_ATTR_VERITY docs: fs-verity: document first supported kernel version f2fs: add support for IV_INO_LBLK_64 encryption policies ext4: add support for IV_INO_LBLK_64 encryption policies fscrypt: add support for IV_INO_LBLK_64 policies fscrypt: avoid data race on fscrypt_mode::logged_impl_name fscrypt: zeroize fscrypt_info before freeing fscrypt: remove struct fscrypt_ctx fscrypt: invoke crypto API for ESSIV handling Change-Id: I9325127228fb82b67f064ce8b3bc8d40ac76e65b Signed-off-by: Jaegeuk Kim <jaegeuk@google.com> |
||
Satya Tangirala
|
b01c73ea71 |
BACKPORT: FROMLIST: Update Inline Encryption from v5 to v6 of patch series
Changes v5 => v6: - Blk-crypto's kernel crypto API fallback is no longer restricted to 8-byte DUNs. It's also now separately configurable from blk-crypto, and can be disabled entirely, while still allowing the kernel to use inline encryption hardware. Further, struct bio_crypt_ctx takes up less space, and no longer contains the information needed by the crypto API fallback - the fallback allocates the required memory when necessary. - Blk-crypto now supports all file content encryption modes supported by fscrypt. - Fixed bio merging logic in blk-merge.c - Fscrypt now supports inline encryption with the direct key policy, since blk-crypto now has support for larger DUNs. - Keyslot manager now uses a hashtable to lookup which keyslot contains any particular key (thanks Eric!) - Fscrypt support for inline encryption now handles filesystems with multiple underlying block devices (thanks Eric!) - Numerous cleanups Bug: 137270441 Test: refer to I26376479ee38259b8c35732cb3a1d7e15f9b05a3 Change-Id: I13e2e327e0b4784b394cb1e7cf32a04856d95f01 Link: https://lore.kernel.org/linux-block/20191218145136.172774-1-satyat@google.com/ Signed-off-by: Satya Tangirala <satyat@google.com> |
||
Eric Biggers
|
d679fad505 |
fscrypt: add support for IV_INO_LBLK_64 policies
Inline encryption hardware compliant with the UFS v2.1 standard or with the upcoming version of the eMMC standard has the following properties: (1) Per I/O request, the encryption key is specified by a previously loaded keyslot. There might be only a small number of keyslots. (2) Per I/O request, the starting IV is specified by a 64-bit "data unit number" (DUN). IV bits 64-127 are assumed to be 0. The hardware automatically increments the DUN for each "data unit" of configurable size in the request, e.g. for each filesystem block. Property (1) makes it inefficient to use the traditional fscrypt per-file keys. Property (2) precludes the use of the existing DIRECT_KEY fscrypt policy flag, which needs at least 192 IV bits. Therefore, add a new fscrypt policy flag IV_INO_LBLK_64 which causes the encryption to modified as follows: - The encryption keys are derived from the master key, encryption mode number, and filesystem UUID. - The IVs are chosen as (inode_number << 32) | file_logical_block_num. For filenames encryption, file_logical_block_num is 0. Since the file nonces aren't used in the key derivation, many files may share the same encryption key. This is much more efficient on the target hardware. Including the inode number in the IVs and mixing the filesystem UUID into the keys ensures that data in different files is nevertheless still encrypted differently. Additionally, limiting the inode and block numbers to 32 bits and placing the block number in the low bits maintains compatibility with the 64-bit DUN convention (property (2) above). Since this scheme assumes that inode numbers are stable (which may preclude filesystem shrinking) and that inode and file logical block numbers are at most 32-bit, IV_INO_LBLK_64 will only be allowed on filesystems that meet these constraints. These are acceptable limitations for the cases where this format would actually be used. Note that IV_INO_LBLK_64 is an on-disk format, not an implementation. This patch just adds support for it using the existing filesystem layer encryption. A later patch will add support for inline encryption. Reviewed-by: Paul Crowley <paulcrowley@google.com> Co-developed-by: Satya Tangirala <satyat@google.com> Signed-off-by: Satya Tangirala <satyat@google.com> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
01b9d8424a |
fscrypt: avoid data race on fscrypt_mode::logged_impl_name
The access to logged_impl_name is technically a data race, which tools like KCSAN could complain about in the future. See: https://github.com/google/ktsan/wiki/READ_ONCE-and-WRITE_ONCE Fix by using xchg(), which also ensures that only one thread does the logging. This also required switching from bool to int, to avoid a build error on the RISC-V architecture which doesn't implement xchg on bytes. Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
51ee7a19e8 |
fscrypt: remove struct fscrypt_ctx
Now that ext4 and f2fs implement their own post-read workflow that supports both fscrypt and fsverity, the fscrypt-only workflow based around struct fscrypt_ctx is no longer used. So remove the unused code. This is based on a patch from Chandan Rajendra's "Consolidate FS read I/O callbacks code" patchset, but rebased onto the latest kernel, folded __fscrypt_decrypt_bio() into fscrypt_decrypt_bio(), cleaned up fscrypt_initialize(), and updated the commit message. Originally-from: Chandan Rajendra <chandan@linux.ibm.com> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
bc45975f63 |
fscrypt: invoke crypto API for ESSIV handling
Instead of open-coding the calculations for ESSIV handling, use an ESSIV skcipher which does all of this under the hood. ESSIV was added to the crypto API in v5.4. This is based on a patch from Ard Biesheuvel, but reworked to apply after all the fscrypt changes that went into v5.4. Tested with 'kvm-xfstests -c ext4,f2fs -g encrypt', including the ciphertext verification tests for v1 and v2 encryption policies. Originally-from: Ard Biesheuvel <ard.biesheuvel@linaro.org> Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Satya Tangirala
|
0797369594 |
BACKPORT: FROMLIST: fscrypt: add inline encryption support
Add support for inline encryption to fs/crypto/. With "inline encryption", the block layer handles the decryption/encryption as part of the bio, instead of the filesystem doing the crypto itself via Linux's crypto API. This model is needed in order to take advantage of the inline encryption hardware present on most modern mobile SoCs. To use inline encryption, the filesystem needs to be mounted with '-o inlinecrypt'. The contents of any AES-256-XTS encrypted files will then be encrypted using blk-crypto, instead of using the traditional filesystem-layer crypto. fscrypt still provides the key and IV to use, and the actual ciphertext on-disk is still the same; therefore it's testable using the existing fscrypt ciphertext verification tests. Note that since blk-crypto has a fallack to Linux's crypto API, this feature is usable and testable even without actual inline encryption hardware. Per-filesystem changes will be needed to set encryption contexts when submitting bios and to implement the 'inlinecrypt' mount option. This patch just adds the common code. Bug: 137270441 Test: tested as series; see I26aac0ac7845a9064f28bb1421eb2522828a6dec Change-Id: I238b5484f3798dd4d829be5535234b53951db0ea Co-developed-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Satya Tangirala <satyat@google.com> Link: https://patchwork.kernel.org/patch/11214761/ |
||
Eric Biggers
|
94231712cf |
BACKPORT: FROMLIST: fscrypt: add support for IV_INO_LBLK_64 policies
Inline encryption hardware compliant with the UFS v2.1 standard or with the upcoming version of the eMMC standard has the following properties: (1) Per I/O request, the encryption key is specified by a previously loaded keyslot. There might be only a small number of keyslots. (2) Per I/O request, the starting IV is specified by a 64-bit "data unit number" (DUN). IV bits 64-127 are assumed to be 0. The hardware automatically increments the DUN for each "data unit" of configurable size in the request, e.g. for each filesystem block. Property (1) makes it inefficient to use the traditional fscrypt per-file keys. Property (2) precludes the use of the existing DIRECT_KEY fscrypt policy flag, which needs at least 192 IV bits. Therefore, add a new fscrypt policy flag IV_INO_LBLK_64 which causes the encryption to modified as follows: - The encryption keys are derived from the master key, encryption mode number, and filesystem UUID. - The IVs are chosen as (inode_number << 32) | file_logical_block_num. For filenames encryption, file_logical_block_num is 0. Since the file nonces aren't used in the key derivation, many files may share the same encryption key. This is much more efficient on the target hardware. Including the inode number in the IVs and mixing the filesystem UUID into the keys ensures that data in different files is nevertheless still encrypted differently. Additionally, limiting the inode and block numbers to 32 bits and placing the block number in the low bits maintains compatibility with the 64-bit DUN convention (property (2) above). Since this scheme assumes that inode numbers are stable (which may preclude filesystem shrinking) and that inode and file logical block numbers are at most 32-bit, IV_INO_LBLK_64 will only be allowed on filesystems that meet these constraints. These are acceptable limitations for the cases where this format would actually be used. Note that IV_INO_LBLK_64 is an on-disk format, not an implementation. This patch just adds support for it using the existing filesystem layer encryption. A later patch will add support for inline encryption. Co-developed-by: Satya Tangirala <satyat@google.com> Signed-off-by: Satya Tangirala <satyat@google.com> Signed-off-by: Eric Biggers <ebiggers@google.com> Change-Id: Iedecd7fa1ce8eefffdec57257e27e679938b0ad7 Signed-off-by: Satya Tangirala <satyat@google.com> Link: https://patchwork.kernel.org/patch/11210909/ |
||
Eric Biggers
|
97c9fb779b |
FROMLIST: fscrypt: remove struct fscrypt_ctx
Now that ext4 and f2fs implement their own post-read workflow that supports both fscrypt and fsverity, the fscrypt-only workflow based around struct fscrypt_ctx is no longer used. So remove the unused code. This is based on a patch from Chandan Rajendra's "Consolidate FS read I/O callbacks code" patchset, but rebased onto the latest kernel, folded __fscrypt_decrypt_bio() into fscrypt_decrypt_bio(), cleaned up fscrypt_initialize(), and updated the commit message. Change-Id: I21d126db69eea53c3e6dcec8710fa06ae35f980d Originally-from: Chandan Rajendra <chandan@linux.ibm.com> Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Satya Tangirala <satyat@google.com> Link: https://patchwork.kernel.org/patch/11182387/ |
||
Eric Biggers
|
659011272b |
BACKPORT: FROMLIST: fscrypt: invoke crypto API for ESSIV handling
Instead of open-coding the calculations for ESSIV handling, use an ESSIV skcipher which does all of this under the hood. ESSIV was added to the crypto API in v5.4. This is based on a patch from Ard Biesheuvel, but reworked to apply after all the fscrypt changes that went into v5.4. Tested with 'kvm-xfstests -c ext4,f2fs -g encrypt', including the ciphertext verification tests for v1 and v2 encryption policies. Change-Id: Id0e3cc38fcd9a25a4d55cf19c1b87e5798bf7d90 Originally-from: Ard Biesheuvel <ard.biesheuvel@linaro.org> Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Satya Tangirala <satyat@google.com> Link: https://patchwork.kernel.org/patch/11182383/ |
||
Eric Biggers
|
30d0df156b |
fscrypt: require that key be added when setting a v2 encryption policy
By looking up the master keys in a filesystem-level keyring rather than in the calling processes' key hierarchy, it becomes possible for a user to set an encryption policy which refers to some key they don't actually know, then encrypt their files using that key. Cryptographically this isn't much of a problem, but the semantics of this would be a bit weird. Thus, enforce that a v2 encryption policy can only be set if the user has previously added the key, or has capable(CAP_FOWNER). We tolerate that this problem will continue to exist for v1 encryption policies, however; there is no way around that. Reviewed-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
8e1c887424 |
fscrypt: allow unprivileged users to add/remove keys for v2 policies
Allow the FS_IOC_ADD_ENCRYPTION_KEY and FS_IOC_REMOVE_ENCRYPTION_KEY ioctls to be used by non-root users to add and remove encryption keys from the filesystem-level crypto keyrings, subject to limitations. Motivation: while privileged fscrypt key management is sufficient for some users (e.g. Android and Chromium OS, where a privileged process manages all keys), the old API by design also allows non-root users to set up and use encrypted directories, and we don't want to regress on that. Especially, we don't want to force users to continue using the old API, running into the visibility mismatch between files and keyrings and being unable to "lock" encrypted directories. Intuitively, the ioctls have to be privileged since they manipulate filesystem-level state. However, it's actually safe to make them unprivileged if we very carefully enforce some specific limitations. First, each key must be identified by a cryptographic hash so that a user can't add the wrong key for another user's files. For v2 encryption policies, we use the key_identifier for this. v1 policies don't have this, so managing keys for them remains privileged. Second, each key a user adds is charged to their quota for the keyrings service. Thus, a user can't exhaust memory by adding a huge number of keys. By default each non-root user is allowed up to 200 keys; this can be changed using the existing sysctl 'kernel.keys.maxkeys'. Third, if multiple users add the same key, we keep track of those users of the key (of which there remains a single copy), and won't really remove the key, i.e. "lock" the encrypted files, until all those users have removed it. This prevents denial of service attacks that would be possible under simpler schemes, such allowing the first user who added a key to remove it -- since that could be a malicious user who has compromised the key. Of course, encryption keys should be kept secret, but the idea is that using encryption should never be *less* secure than not using encryption, even if your key was compromised. We tolerate that a user will be unable to really remove a key, i.e. unable to "lock" their encrypted files, if another user has added the same key. But in a sense, this is actually a good thing because it will avoid providing a false notion of security where a key appears to have been removed when actually it's still in memory, available to any attacker who compromises the operating system kernel. Reviewed-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
73ce50dc2d |
fscrypt: v2 encryption policy support
Add a new fscrypt policy version, "v2". It has the following changes from the original policy version, which we call "v1" (*): - Master keys (the user-provided encryption keys) are only ever used as input to HKDF-SHA512. This is more flexible and less error-prone, and it avoids the quirks and limitations of the AES-128-ECB based KDF. Three classes of cryptographically isolated subkeys are defined: - Per-file keys, like used in v1 policies except for the new KDF. - Per-mode keys. These implement the semantics of the DIRECT_KEY flag, which for v1 policies made the master key be used directly. These are also planned to be used for inline encryption when support for it is added. - Key identifiers (see below). - Each master key is identified by a 16-byte master_key_identifier, which is derived from the key itself using HKDF-SHA512. This prevents users from associating the wrong key with an encrypted file or directory. This was easily possible with v1 policies, which identified the key by an arbitrary 8-byte master_key_descriptor. - The key must be provided in the filesystem-level keyring, not in a process-subscribed keyring. The following UAPI additions are made: - The existing ioctl FS_IOC_SET_ENCRYPTION_POLICY can now be passed a fscrypt_policy_v2 to set a v2 encryption policy. It's disambiguated from fscrypt_policy/fscrypt_policy_v1 by the version code prefix. - A new ioctl FS_IOC_GET_ENCRYPTION_POLICY_EX is added. It allows getting the v1 or v2 encryption policy of an encrypted file or directory. The existing FS_IOC_GET_ENCRYPTION_POLICY ioctl could not be used because it did not have a way for userspace to indicate which policy structure is expected. The new ioctl includes a size field, so it is extensible to future fscrypt policy versions. - The ioctls FS_IOC_ADD_ENCRYPTION_KEY, FS_IOC_REMOVE_ENCRYPTION_KEY, and FS_IOC_GET_ENCRYPTION_KEY_STATUS now support managing keys for v2 encryption policies. Such keys are kept logically separate from keys for v1 encryption policies, and are identified by 'identifier' rather than by 'descriptor'. The 'identifier' need not be provided when adding a key, since the kernel will calculate it anyway. This patch temporarily keeps adding/removing v2 policy keys behind the same permission check done for adding/removing v1 policy keys: capable(CAP_SYS_ADMIN). However, the next patch will carefully take advantage of the cryptographically secure master_key_identifier to allow non-root users to add/remove v2 policy keys, thus providing a full replacement for v1 policies. (*) Actually, in the API fscrypt_policy::version is 0 while on-disk fscrypt_context::format is 1. But I believe it makes the most sense to advance both to '2' to have them be in sync, and to consider the numbering to start at 1 except for the API quirk. Reviewed-by: Paul Crowley <paulcrowley@google.com> Reviewed-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
6ad6af5912 |
fscrypt: add an HKDF-SHA512 implementation
Add an implementation of HKDF (RFC 5869) to fscrypt, for the purpose of deriving additional key material from the fscrypt master keys for v2 encryption policies. HKDF is a key derivation function built on top of HMAC. We choose SHA-512 for the underlying unkeyed hash, and use an "hmac(sha512)" transform allocated from the crypto API. We'll be using this to replace the AES-ECB based KDF currently used to derive the per-file encryption keys. While the AES-ECB based KDF is believed to meet the original security requirements, it is nonstandard and has problems that don't exist in modern KDFs such as HKDF: 1. It's reversible. Given a derived key and nonce, an attacker can easily compute the master key. This is okay if the master key and derived keys are equally hard to compromise, but now we'd like to be more robust against threats such as a derived key being compromised through a timing attack, or a derived key for an in-use file being compromised after the master key has already been removed. 2. It doesn't evenly distribute the entropy from the master key; each 16 input bytes only affects the corresponding 16 output bytes. 3. It isn't easily extensible to deriving other values or keys, such as a public hash for securely identifying the key, or per-mode keys. Per-mode keys will be immediately useful for Adiantum encryption, for which fscrypt currently uses the master key directly, introducing unnecessary usage constraints. Per-mode keys will also be useful for hardware inline encryption, which is currently being worked on. HKDF solves all the above problems. Reviewed-by: Paul Crowley <paulcrowley@google.com> Reviewed-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
cacc84e003 |
fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl
Add a new fscrypt ioctl, FS_IOC_REMOVE_ENCRYPTION_KEY. This ioctl removes an encryption key that was added by FS_IOC_ADD_ENCRYPTION_KEY. It wipes the secret key itself, then "locks" the encrypted files and directories that had been unlocked using that key -- implemented by evicting the relevant dentries and inodes from the VFS caches. The problem this solves is that many fscrypt users want the ability to remove encryption keys, causing the corresponding encrypted directories to appear "locked" (presented in ciphertext form) again. Moreover, users want removing an encryption key to *really* remove it, in the sense that the removed keys cannot be recovered even if kernel memory is compromised, e.g. by the exploit of a kernel security vulnerability or by a physical attack. This is desirable after a user logs out of the system, for example. In many cases users even already assume this to be the case and are surprised to hear when it's not. It is not sufficient to simply unlink the master key from the keyring (or to revoke or invalidate it), since the actual encryption transform objects are still pinned in memory by their inodes. Therefore, to really remove a key we must also evict the relevant inodes. Currently one workaround is to run 'sync && echo 2 > /proc/sys/vm/drop_caches'. But, that evicts all unused inodes in the system rather than just the inodes associated with the key being removed, causing severe performance problems. Moreover, it requires root privileges, so regular users can't "lock" their encrypted files. Another workaround, used in Chromium OS kernels, is to add a new VFS-level ioctl FS_IOC_DROP_CACHE which is a more restricted version of drop_caches that operates on a single super_block. It does: shrink_dcache_sb(sb); invalidate_inodes(sb, false); But it's still a hack. Yet, the major users of filesystem encryption want this feature badly enough that they are actually using these hacks. To properly solve the problem, start maintaining a list of the inodes which have been "unlocked" using each master key. Originally this wasn't possible because the kernel didn't keep track of in-use master keys at all. But, with the ->s_master_keys keyring it is now possible. Then, add an ioctl FS_IOC_REMOVE_ENCRYPTION_KEY. It finds the specified master key in ->s_master_keys, then wipes the secret key itself, which prevents any additional inodes from being unlocked with the key. Then, it syncs the filesystem and evicts the inodes in the key's list. The normal inode eviction code will free and wipe the per-file keys (in ->i_crypt_info). Note that freeing ->i_crypt_info without evicting the inodes was also considered, but would have been racy. Some inodes may still be in use when a master key is removed, and we can't simply revoke random file descriptors, mmap's, etc. Thus, the ioctl simply skips in-use inodes, and returns -EBUSY to indicate that some inodes weren't evicted. The master key *secret* is still removed, but the fscrypt_master_key struct remains to keep track of the remaining inodes. Userspace can then retry the ioctl to evict the remaining inodes. Alternatively, if userspace adds the key again, the refreshed secret will be associated with the existing list of inodes so they remain correctly tracked for future key removals. The ioctl doesn't wipe pagecache pages. Thus, we tolerate that after a kernel compromise some portions of plaintext file contents may still be recoverable from memory. This can be solved by enabling page poisoning system-wide, which security conscious users may choose to do. But it's very difficult to solve otherwise, e.g. note that plaintext file contents may have been read in other places than pagecache pages. Like FS_IOC_ADD_ENCRYPTION_KEY, FS_IOC_REMOVE_ENCRYPTION_KEY is initially restricted to privileged users only. This is sufficient for some use cases, but not all. A later patch will relax this restriction, but it will require introducing key hashes, among other changes. Reviewed-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
9846255919 |
fscrypt: add FS_IOC_ADD_ENCRYPTION_KEY ioctl
Add a new fscrypt ioctl, FS_IOC_ADD_ENCRYPTION_KEY. This ioctl adds an encryption key to the filesystem's fscrypt keyring ->s_master_keys, making any files encrypted with that key appear "unlocked". Why we need this ~~~~~~~~~~~~~~~~ The main problem is that the "locked/unlocked" (ciphertext/plaintext) status of encrypted files is global, but the fscrypt keys are not. fscrypt only looks for keys in the keyring(s) the process accessing the filesystem is subscribed to: the thread keyring, process keyring, and session keyring, where the session keyring may contain the user keyring. Therefore, userspace has to put fscrypt keys in the keyrings for individual users or sessions. But this means that when a process with a different keyring tries to access encrypted files, whether they appear "unlocked" or not is nondeterministic. This is because it depends on whether the files are currently present in the inode cache. Fixing this by consistently providing each process its own view of the filesystem depending on whether it has the key or not isn't feasible due to how the VFS caches work. Furthermore, while sometimes users expect this behavior, it is misguided for two reasons. First, it would be an OS-level access control mechanism largely redundant with existing access control mechanisms such as UNIX file permissions, ACLs, LSMs, etc. Encryption is actually for protecting the data at rest. Second, almost all users of fscrypt actually do need the keys to be global. The largest users of fscrypt, Android and Chromium OS, achieve this by having PID 1 create a "session keyring" that is inherited by every process. This works, but it isn't scalable because it prevents session keyrings from being used for any other purpose. On general-purpose Linux distros, the 'fscrypt' userspace tool [1] can't similarly abuse the session keyring, so to make 'sudo' work on all systems it has to link all the user keyrings into root's user keyring [2]. This is ugly and raises security concerns. Moreover it can't make the keys available to system services, such as sshd trying to access the user's '~/.ssh' directory (see [3], [4]) or NetworkManager trying to read certificates from the user's home directory (see [5]); or to Docker containers (see [6], [7]). By having an API to add a key to the *filesystem* we'll be able to fix the above bugs, remove userspace workarounds, and clearly express the intended semantics: the locked/unlocked status of an encrypted directory is global, and encryption is orthogonal to OS-level access control. Why not use the add_key() syscall ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ We use an ioctl for this API rather than the existing add_key() system call because the ioctl gives us the flexibility needed to implement fscrypt-specific semantics that will be introduced in later patches: - Supporting key removal with the semantics such that the secret is removed immediately and any unused inodes using the key are evicted; also, the eviction of any in-use inodes can be retried. - Calculating a key-dependent cryptographic identifier and returning it to userspace. - Allowing keys to be added and removed by non-root users, but only keys for v2 encryption policies; and to prevent denial-of-service attacks, users can only remove keys they themselves have added, and a key is only really removed after all users who added it have removed it. Trying to shoehorn these semantics into the keyrings syscalls would be very difficult, whereas the ioctls make things much easier. However, to reuse code the implementation still uses the keyrings service internally. Thus we get lockless RCU-mode key lookups without having to re-implement it, and the keys automatically show up in /proc/keys for debugging purposes. References: [1] https://github.com/google/fscrypt [2] https://goo.gl/55cCrI#heading=h.vf09isp98isb [3] https://github.com/google/fscrypt/issues/111#issuecomment-444347939 [4] https://github.com/google/fscrypt/issues/116 [5] https://bugs.launchpad.net/ubuntu/+source/fscrypt/+bug/1770715 [6] https://github.com/google/fscrypt/issues/128 [7] https://askubuntu.com/questions/1130306/cannot-run-docker-on-an-encrypted-filesystem Reviewed-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
c677e5771b |
fscrypt: rename keyinfo.c to keysetup.c
Rename keyinfo.c to keysetup.c since this better describes what the file does (sets up the key), and it matches the new file keysetup_v1.c. Reviewed-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
43d5219366 |
fscrypt: move v1 policy key setup to keysetup_v1.c
In preparation for introducing v2 encryption policies which will find and derive encryption keys differently from the current v1 encryption policies, move the v1 policy-specific key setup code from keyinfo.c into keysetup_v1.c. Reviewed-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
c55916aa36 |
fscrypt: refactor key setup code in preparation for v2 policies
Do some more refactoring of the key setup code, in preparation for introducing a filesystem-level keyring and v2 encryption policies: - Now that ci_inode exists, don't pass around the inode unnecessarily. - Define a function setup_file_encryption_key() which handles the crypto key setup given an under-construction fscrypt_info. Don't pass the fscrypt_context, since everything is in the fscrypt_info. [This will be extended for v2 policies and the fs-level keyring.] - Define a function fscrypt_set_derived_key() which sets the per-file key, without depending on anything specific to v1 policies. [This will also be used for v2 policies.] - Define a function fscrypt_setup_v1_file_key() which takes the raw master key, thus separating finding the key from using it. [This will also be used if the key is found in the fs-level keyring.] Reviewed-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
d4b1cd7abe |
fscrypt: rename fscrypt_master_key to fscrypt_direct_key
In preparation for introducing a filesystem-level keyring which will contain fscrypt master keys, rename the existing 'struct fscrypt_master_key' to 'struct fscrypt_direct_key'. This is the structure in the existing table of master keys that's maintained to deduplicate the crypto transforms for v1 DIRECT_KEY policies. I've chosen to keep this table as-is rather than make it automagically add/remove the keys to/from the filesystem-level keyring, since that would add a lot of extra complexity to the filesystem-level keyring. Reviewed-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
3246be1337 |
fscrypt: add ->ci_inode to fscrypt_info
Add an inode back-pointer to 'struct fscrypt_info', such that inode->i_crypt_info->ci_inode == inode. This will be useful for: 1. Evicting the inodes when a fscrypt key is removed, since we'll track the inodes using a given key by linking their fscrypt_infos together, rather than the inodes directly. This avoids bloating 'struct inode' with a new list_head. 2. Simplifying the per-file key setup, since the inode pointer won't have to be passed around everywhere just in case something goes wrong and it's needed for fscrypt_warn(). Reviewed-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Eric Biggers
|
fc987b387a |
fscrypt: use FSCRYPT_* definitions, not FS_*
Update fs/crypto/ to use the new names for the UAPI constants rather than the old names, then make the old definitions conditional on !__KERNEL__. Reviewed-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Eric Biggers <ebiggers@google.com> |