android_kernel_xiaomi_sm7250

Author	SHA1	Message	Date
Greg Kroah-Hartman	47e51a7a22	This is the 4.19.218 stable release -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmGguLAACgkQONu9yGCS aT4wZQ/+OSbZuEs53pK9aEgBhXBlJtI0uIXsywUgsFZzeTfXuutrSeYs33EGTI3T q7JB2mixxZnUoHFajVNtmKKDhN/KySRvmqEoDX+adHd2Pyx3m42kAC7odVBdSk/1 5mgcaAQmMKa/+DgMGAJmMDDoa7zzPOykPhzbgT8rIVvaLyqtBMcqVV+Wo3HsUFBe nR4vMmb1noZhRT8Bphf/m+BnjSkh8FMVCY47W++D1fNFgZXD6jm/4qdJar0nE+si 4ymdyehKdMQ3xeuhdxzurFalM8TDMY2Yz720ST9EV2VhrJZ3STLz1pOuOonxVk1D Y9xB4yG357Dx+zjmkPt/aNeQ7Mt3sAEUBI37y27wRi6wBa2xlie0/nGjTp2r7tEs h34ZiKrpom7goH+FZRQndkJUqqMo4COASD9AXzJEgpZtqVH6SRA0Cw6nV1KydLSQ zMz0IsdvUR4i6xhw6tr17FXtgnX3MjLqRh2lBLedw4e4ydi+CJU/c4sFIeMIJnjl CMHp2mt7VyTf5jufJ0o4BY4UCDBBKt3uqEB0g58AXSMEEGUoQcpFBFd8ZJ0inYFH JtuL8IbtBPWEt20HR411tQkhIdgPFDzAHm2q9X8YGc4DnAO+/p9xGpXy+xPrRm7p VRKwQRFb9MOVA4bswQ4uCU+wpIsq5NaXhkjSC27U49kzDdKZbAg= =xzh+ -----END PGP SIGNATURE----- Merge 4.19.218 into android-4.19-stable Changes in 4.19.218 xhci: Fix USB 3.1 enumeration issues by increasing roothub power-on-good delay binder: use euid from cred instead of using task binder: use cred instead of task for selinux checks Input: elantench - fix misreporting trackpoint coordinates Input: i8042 - Add quirk for Fujitsu Lifebook T725 libata: fix read log timeout value ocfs2: fix data corruption on truncate mmc: dw_mmc: Dont wait for DRTO on Write RSP error parisc: Fix ptrace check on syscall return tpm: Check for integer overflow in tpm2_map_response_body() firmware/psci: fix application of sizeof to pointer crypto: s5p-sss - Add error handling in s5p_aes_probe() media: ite-cir: IR receiver stop working after receive overflow media: ir-kbd-i2c: improve responsiveness of hauppauge zilog receivers ALSA: hda/realtek: Add quirk for Clevo PC70HS ALSA: ua101: fix division by zero at probe ALSA: 6fire: fix control and bulk message timeouts ALSA: line6: fix control and interrupt message timeouts ALSA: usb-audio: Add registration quirk for JBL Quantum 400 ALSA: synth: missing check for possible NULL after the call to kstrdup ALSA: timer: Fix use-after-free problem ALSA: timer: Unconditionally unlink slave instances, too x86/sme: Use #define USE_EARLY_PGTABLE_L5 in mem_encrypt_identity.c x86/irq: Ensure PI wakeup handler is unregistered before module unload cavium: Return negative value when pci_alloc_irq_vectors() fails scsi: qla2xxx: Fix unmap of already freed sgl cavium: Fix return values of the probe function sfc: Don't use netif_info before net_device setup hyperv/vmbus: include linux/bitops.h mmc: winbond: don't build on M68K drm: panel-orientation-quirks: Add quirk for Aya Neo 2021 bpf: Prevent increasing bpf_jit_limit above max xen/netfront: stop tx queues during live migration spi: spl022: fix Microwire full duplex mode watchdog: Fix OMAP watchdog early handling vmxnet3: do not stop tx queues after netif_device_detach() btrfs: clear MISSING device status bit in btrfs_close_one_device btrfs: fix lost error handling when replaying directory deletes btrfs: call btrfs_check_rw_degradable only if there is a missing device ia64: kprobes: Fix to pass correct trampoline address to the handler hwmon: (pmbus/lm25066) Add offset coefficients regulator: s5m8767: do not use reset value as DVS voltage if GPIO DVS is disabled regulator: dt-bindings: samsung,s5m8767: correct s5m8767,pmic-buck-default-dvs-idx property EDAC/sb_edac: Fix top-of-high-memory value for Broadwell/Haswell mwifiex: fix division by zero in fw download path ath6kl: fix division by zero in send path ath6kl: fix control-message timeout ath10k: fix control-message timeout ath10k: fix division by zero in send path PCI: Mark Atheros QCA6174 to avoid bus reset rtl8187: fix control-message timeouts evm: mark evm_fixmode as __ro_after_init wcn36xx: Fix HT40 capability for 2Ghz band mwifiex: Read a PCI register after writing the TX ring write pointer libata: fix checking of DMA state wcn36xx: handle connection loss indication rsi: fix occasional initialisation failure with BT coex rsi: fix key enabled check causing unwanted encryption for vap_id > 0 rsi: fix rate mask set leading to P2P failure rsi: Fix module dev_oper_mode parameter description RDMA/qedr: Fix NULL deref for query_qp on the GSI QP signal: Remove the bogus sigkill_pending in ptrace_stop signal/mips: Update (_save\|_restore)_fp_context to fail with -EFAULT power: supply: max17042_battery: Prevent int underflow in set_soc_threshold power: supply: max17042_battery: use VFSOC for capacity when no rsns powerpc/85xx: Fix oops when mpc85xx_smp_guts_ids node cannot be found serial: core: Fix initializing and restoring termios speed ALSA: mixer: oss: Fix racy access to slots ALSA: mixer: fix deadlock in snd_mixer_oss_set_volume xen/balloon: add late_initcall_sync() for initial ballooning done PCI: aardvark: Do not clear status bits of masked interrupts PCI: aardvark: Do not unmask unused interrupts PCI: aardvark: Fix return value of MSI domain .alloc() method PCI: aardvark: Read all 16-bits from PCIE_MSI_PAYLOAD_REG quota: check block number when reading the block in quota file quota: correct error number in free_dqentry() pinctrl: core: fix possible memory leak in pinctrl_enable() iio: dac: ad5446: Fix ad5622_write() return value USB: serial: keyspan: fix memleak on probe errors USB: iowarrior: fix control-message timeouts drm: panel-orientation-quirks: Add quirk for KD Kurio Smart C15200 2-in-1 Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() Bluetooth: fix use-after-free error in lock_sock_nested() platform/x86: wmi: do not fail if disabling fails MIPS: lantiq: dma: add small delay after reset MIPS: lantiq: dma: reset correct number of channel locking/lockdep: Avoid RCU-induced noinstr fail net: sched: update default qdisc visibility after Tx queue cnt changes smackfs: Fix use-after-free in netlbl_catmap_walk() x86: Increase exception stack sizes mwifiex: Run SET_BSS_MODE when changing from P2P to STATION vif-type mwifiex: Properly initialize private structure on interface type changes media: mt9p031: Fix corrupted frame after restarting stream media: netup_unidvb: handle interrupt properly according to the firmware media: uvcvideo: Set capability in s_param media: uvcvideo: Return -EIO for control errors media: s5p-mfc: fix possible null-pointer dereference in s5p_mfc_probe() media: s5p-mfc: Add checking to s5p_mfc_probe(). media: mceusb: return without resubmitting URB in case of -EPROTO error. ia64: don't do IA64_CMPXCHG_DEBUG without CONFIG_PRINTK media: rcar-csi2: Add checking to rcsi2_start_receiver() ACPICA: Avoid evaluating methods too early during system resume media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte() tracefs: Have tracefs directories not set OTH permission bits by default ath: dfs_pattern_detector: Fix possible null-pointer dereference in channel_detector_create() ACPI: battery: Accept charges over the design capacity as full leaking_addresses: Always print a trailing newline memstick: r592: Fix a UAF bug when removing the driver lib/xz: Avoid overlapping memcpy() with invalid input with in-place decompression lib/xz: Validate the value before assigning it to an enum variable workqueue: make sysfs of unbound kworker cpumask more clever tracing/cfi: Fix cmp_entries_* functions signature mismatch mwl8k: Fix use-after-free in mwl8k_fw_state_machine() PM: hibernate: Get block device exclusively in swsusp_check() iwlwifi: mvm: disable RX-diversity in powersave smackfs: use __GFP_NOFAIL for smk_cipso_doi() ARM: clang: Do not rely on lr register for stacktrace gre/sit: Don't generate link-local addr if addr_gen_mode is IN6_ADDR_GEN_MODE_NONE ARM: 9136/1: ARMv7-M uses BE-8, not BE-32 spi: bcm-qspi: Fix missing clk_disable_unprepare() on error in bcm_qspi_probe() x86/hyperv: Protect set_hv_tscchange_cb() against getting preempted parisc: fix warning in flush_tlb_all task_stack: Fix end_of_stack() for architectures with upwards-growing stack parisc/unwind: fix unwinder when CONFIG_64BIT is enabled parisc/kgdb: add kgdb_roundup() to make kgdb work with idle polling Bluetooth: fix init and cleanup of sco_conn.timeout_work cgroup: Make rebind_subsystems() disable v2 controllers all at once net: dsa: rtl8366rb: Fix off-by-one bug drm/amdgpu: fix warning for overflow check media: em28xx: add missing em28xx_close_extension media: dvb-usb: fix ununit-value in az6027_rc_query media: mtk-vpu: Fix a resource leak in the error handling path of 'mtk_vpu_probe()' media: si470x: Avoid card name truncation media: cx23885: Fix snd_card_free call on null card pointer cpuidle: Fix kobject memory leaks in error paths media: em28xx: Don't use ops->suspend if it is NULL ath9k: Fix potential interrupt storm on queue reset media: dvb-frontends: mn88443x: Handle errors of clk_prepare_enable() crypto: qat - detect PFVF collision after ACK crypto: qat - disregard spurious PFVF interrupts hwrng: mtk - Force runtime pm ops for sleep ops b43legacy: fix a lower bounds test b43: fix a lower bounds test mmc: sdhci-omap: Fix NULL pointer exception if regulator is not configured memstick: avoid out-of-range warning memstick: jmb38x_ms: use appropriate free function in jmb38x_ms_alloc_host() hwmon: Fix possible memleak in __hwmon_device_register() hwmon: (pmbus/lm25066) Let compiler determine outer dimension of lm25066_coeff ath10k: fix max antenna gain unit drm/msm: uninitialized variable in msm_gem_import() net: stream: don't purge sk_error_queue in sk_stream_kill_queues() mmc: mxs-mmc: disable regulator on error and in the remove function platform/x86: thinkpad_acpi: Fix bitwise vs. logical warning rsi: stop thread firstly in rsi_91x_init() error handling mwifiex: Send DELBA requests according to spec phy: micrel: ksz8041nl: do not use power down mode nvme-rdma: fix error code in nvme_rdma_setup_ctrl PM: hibernate: fix sparse warnings clocksource/drivers/timer-ti-dm: Select TIMER_OF drm/msm: Fix potential NULL dereference in DPU SSPP smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doi s390/gmap: don't unconditionally call pte_unmap_unlock() in __gmap_zap() irq: mips: avoid nested irq_enter() tcp: don't free a FIN sk_buff in tcp_remove_empty_skb() samples/kretprobes: Fix return value if register_kretprobe() failed KVM: s390: Fix handle_sske page fault handling libertas_tf: Fix possible memory leak in probe and disconnect libertas: Fix possible memory leak in probe and disconnect wcn36xx: add proper DMA memory barriers in rx path net: amd-xgbe: Toggle PLL settings during rate change net: phylink: avoid mvneta warning when setting pause parameters crypto: pcrypt - Delay write to padata->info selftests/bpf: Fix fclose/pclose mismatch in test_progs ibmvnic: Process crqs after enabling interrupts RDMA/rxe: Fix wrong port_cap_flags ARM: s3c: irq-s3c24xx: Fix return value check for s3c24xx_init_intc() arm64: dts: rockchip: Fix GPU register width for RK3328 RDMA/bnxt_re: Fix query SRQ failure ARM: dts: at91: tse850: the emac<->phy interface is rmii scsi: dc395: Fix error case unwinding MIPS: loongson64: make CPU_LOONGSON64 depends on MIPS_FP_SUPPORT JFS: fix memleak in jfs_mount ALSA: hda: Reduce udelay() at SKL+ position reporting arm: dts: omap3-gta04a4: accelerometer irq fix soc/tegra: Fix an error handling path in tegra_powergate_power_up() memory: fsl_ifc: fix leak of irq and nand_irq in fsl_ifc_ctrl_probe video: fbdev: chipsfb: use memset_io() instead of memset() serial: 8250_dw: Drop wrong use of ACPI_PTR() usb: gadget: hid: fix error code in do_config() power: supply: rt5033_battery: Change voltage values to µV scsi: csiostor: Uninitialized data in csio_ln_vnp_read_cbfn() RDMA/mlx4: Return missed an error if device doesn't support steering ASoC: cs42l42: Correct some register default values ASoC: cs42l42: Defer probe if request_threaded_irq() returns EPROBE_DEFER phy: qcom-qusb2: Fix a memory leak on probe serial: xilinx_uartps: Fix race condition causing stuck TX mips: cm: Convert to bitfield API to fix out-of-bounds access power: supply: bq27xxx: Fix kernel crash on IRQ handler register error apparmor: fix error check rpmsg: Fix rpmsg_create_ept return when RPMSG config is not defined pnfs/flexfiles: Fix misplaced barrier in nfs4_ff_layout_prepare_ds drm/plane-helper: fix uninitialized variable reference PCI: aardvark: Don't spam about PIO Response Status NFS: Fix deadlocks in nfs_scan_commit_list() fs: orangefs: fix error return code of orangefs_revalidate_lookup() mtd: spi-nor: hisi-sfc: Remove excessive clk_disable_unprepare() dmaengine: at_xdmac: fix AT_XDMAC_CC_PERID() macro auxdisplay: img-ascii-lcd: Fix lock-up when displaying empty string auxdisplay: ht16k33: Connect backlight to fbdev auxdisplay: ht16k33: Fix frame buffer device blanking netfilter: nfnetlink_queue: fix OOB when mac header was cleared dmaengine: dmaengine_desc_callback_valid(): Check for `callback_result` m68k: set a default value for MEMORY_RESERVE watchdog: f71808e_wdt: fix inaccurate report in WDIOC_GETTIMEOUT ar7: fix kernel builds for compiler test scsi: qla2xxx: Fix gnl list corruption scsi: qla2xxx: Turn off target reset during issue_lip i2c: xlr: Fix a resource leak in the error handling path of 'xlr_i2c_probe()' xen-pciback: Fix return in pm_ctrl_init() net: davinci_emac: Fix interrupt pacing disable ACPI: PMIC: Fix intel_pmic_regs_handler() read accesses bonding: Fix a use-after-free problem when bond_sysfs_slave_add() failed mm/zsmalloc.c: close race window between zs_pool_dec_isolated() and zs_unregister_migration() zram: off by one in read_block_state() llc: fix out-of-bound array index in llc_sk_dev_hash() nfc: pn533: Fix double free when pn533_fill_fragment_skbs() fails arm64: pgtable: make __pte_to_phys/__phys_to_pte_val inline functions vsock: prevent unnecessary refcnt inc for nonblocking connect cxgb4: fix eeprom len when diagnostics not implemented USB: chipidea: fix interrupt deadlock ARM: 9155/1: fix early early_iounmap() ARM: 9156/1: drop cc-option fallbacks for architecture selection f2fs: should use GFP_NOFS for directory inodes 9p/net: fix missing error check in p9_check_errors powerpc/lib: Add helper to check if offset is within conditional branch range powerpc/bpf: Validate branch ranges powerpc/bpf: Fix BPF_SUB when imm == 0x80000000 powerpc/security: Add a helper to query stf_barrier type powerpc/bpf: Emit stf barrier instruction sequences for BPF_NOSPEC mm, oom: pagefault_out_of_memory: don't force global OOM for dying tasks mm, oom: do not trigger out_of_memory from the #PF backlight: gpio-backlight: Correct initial power state handling video: backlight: Drop maximum brightness override for brightness zero s390/cio: check the subchannel validity for dev_busid s390/tape: fix timer initialization in tape_std_assign() PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros fuse: truncate pagecache on atomic_o_trunc x86/cpu: Fix migration safety with X86_BUG_NULL_SEL ext4: fix lazy initialization next schedule time computation in more granular unit fortify: Explicitly disable Clang support parisc/entry: fix trace test in syscall exit path PCI/MSI: Destroy sysfs before freeing entries PCI/MSI: Deal with devices lying about their MSI mask capability PCI: Add MSI masking quirk for Nvidia ION AHCI erofs: remove the occupied parameter from z_erofs_pagevec_enqueue() erofs: fix unsafe pagevec reuse of hooked pclusters arm64: zynqmp: Do not duplicate flash partition label property arm64: zynqmp: Fix serial compatible string scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() arm64: dts: hisilicon: fix arm,sp805 compatible string usb: musb: tusb6010: check return value after calling platform_get_resource() usb: typec: tipd: Remove WARN_ON in tps6598x_block_read arm64: dts: freescale: fix arm,sp805 compatible string ASoC: nau8824: Add DMI quirk mechanism for active-high jack-detect scsi: advansys: Fix kernel pointer leak firmware_loader: fix pre-allocated buf built-in firmware use ARM: dts: omap: fix gpmc,mux-add-data type usb: host: ohci-tmio: check return value after calling platform_get_resource() ALSA: ISA: not for M68K tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc MIPS: sni: Fix the build scsi: target: Fix ordered tag handling scsi: target: Fix alua_tg_pt_gps_count tracking powerpc/5200: dts: fix memory node unit name ALSA: gus: fix null pointer dereference on pointer block powerpc/dcr: Use cmplwi instead of 3-argument cmpli sh: check return code of request_irq maple: fix wrong return value of maple_bus_init(). f2fs: fix up f2fs_lookup tracepoints sh: fix kconfig unmet dependency warning for FRAME_POINTER sh: define __BIG_ENDIAN for math-emu mips: BCM63XX: ensure that CPU_SUPPORTS_32BIT_KERNEL is set sched/core: Mitigate race cpus_share_cache()/update_top_cache_domain() drm/nouveau: hdmigv100.c: fix corrupted HDMI Vendor InfoFrame net: bnx2x: fix variable dereferenced before check iavf: check for null in iavf_fix_features iavf: Fix for the false positive ASQ/ARQ errors while issuing VF reset MIPS: generic/yamon-dt: fix uninitialized variable error mips: bcm63xx: add support for clk_get_parent() mips: lantiq: add support for clk_get_parent() platform/x86: hp_accel: Fix an error handling path in 'lis3lv02d_probe()' net: virtio_net_hdr_to_skb: count transport header in UFO i40e: Fix correct max_pkt_size on VF RX queue i40e: Fix NULL ptr dereference on VSI filter sync i40e: Fix changing previously set num_queue_pairs for PFs i40e: Fix display error code in dmesg NFC: reorganize the functions in nci_request NFC: reorder the logic in nfc_{un,}register_device perf/x86/intel/uncore: Fix filter_tid mask for CHA events on Skylake Server perf/x86/intel/uncore: Fix IIO event constraints for Skylake Server tun: fix bonding active backup with arp monitoring hexagon: export raw I/O routines for modules ipc: WARN if trying to remove ipc object which is absent mm: kmemleak: slob: respect SLAB_NOLEAKTRACE flag x86/hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails udf: Fix crash after seekdir btrfs: fix memory ordering between normal and ordered work functions parisc/sticon: fix reverse colors cfg80211: call cfg80211_stop_ap when switch from P2P_GO type drm/udl: fix control-message timeout drm/amdgpu: fix set scaling mode Full/Full aspect/Center not works on vga and dvi connectors perf/core: Avoid put_page() when GUP fails batman-adv: mcast: fix duplicate mcast packets in BLA backbone from LAN batman-adv: Consider fragmentation for needed_headroom batman-adv: Reserve needed_*room for fragments batman-adv: Don't always reallocate the fragmentation skb head RDMA/netlink: Add __maybe_unused to static inline in C file ASoC: DAPM: Cover regression by kctl change notification fix usb: max-3421: Use driver data instead of maintaining a list of bound devices soc/tegra: pmc: Fix imbalanced clock disabling in error code path Linux 4.19.218 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I3f87fc92fe2a7a19ddddb522916f74dba7929583	2021-11-26 15:19:33 +01:00
Daniel Jordan	fca288ae3d	crypto: pcrypt - Delay write to padata->info [ Upstream commit 68b6dea802cea0dbdd8bd7ccc60716b5a32a5d8a ] These three events can race when pcrypt is used multiple times in a template ("pcrypt(pcrypt(...))"): 1. [taskA] The caller makes the crypto request via crypto_aead_encrypt() 2. [kworkerB] padata serializes the inner pcrypt request 3. [kworkerC] padata serializes the outer pcrypt request 3 might finish before the call to crypto_aead_encrypt() returns in 1, resulting in two possible issues. First, a use-after-free of the crypto request's memory when, for example, taskA writes to the outer pcrypt request's padata->info in pcrypt_aead_enc() after kworkerC completes the request. Second, the outer pcrypt request overwrites the inner pcrypt request's return code with -EINPROGRESS, making a successful request appear to fail. For instance, kworkerB writes the outer pcrypt request's padata->info in pcrypt_aead_done() and then taskA overwrites it in pcrypt_aead_enc(). Avoid both situations by delaying the write of padata->info until after the inner crypto request's return code is checked. This prevents the use-after-free by not touching the crypto request's memory after the next-inner crypto request is made, and stops padata->info from being overwritten. Fixes: `5068c7a883` ("crypto: pcrypt - Add pcrypt crypto parallelization wrapper") Reported-by: syzbot+b187b77c8474f9648fae@syzkaller.appspotmail.com Signed-off-by: Daniel Jordan <daniel.m.jordan@oracle.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Sasha Levin <sashal@kernel.org>	2021-11-26 11:36:11 +01:00
Eric Biggers	b8b88229e7	BACKPORT: crypto: blake2b - update file comment The file comment for blake2b_generic.c makes it sound like it's the reference implementation of BLAKE2b with only minor changes. But it's actually been changed a lot. Update the comment to make this clearer. Reviewed-by: David Sterba <dsterba@suse.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 0cdc438e6e13436b0190910ef7da49ce4f5a44f4) Conflicts: crypto/blake2b_generic.c (trivial conflict due to upstream commit 9332a9e73918, "crypto: Replace HTTP links with HTTPS ones") Bug: 178411248 Change-Id: I8b58cd0e2892a873866ead52fa4dba3edabdeeb3 Signed-off-by: Eric Biggers <ebiggers@google.com>	2021-10-20 10:11:13 -07:00
Eric Biggers	e9f2289a4b	BACKPORT: crypto: blake2b - sync with blake2s implementation Sync the BLAKE2b code with the BLAKE2s code as much as possible: - Move a lot of code into new headers <crypto/blake2b.h> and <crypto/internal/blake2b.h>, and adjust it to be like the corresponding BLAKE2s code, i.e. like <crypto/blake2s.h> and <crypto/internal/blake2s.h>. - Rename constants, e.g. BLAKE2B__DIGEST_SIZE => BLAKE2B__HASH_SIZE. - Use a macro BLAKE2B_ALG() to define the shash_alg structs. - Export blake2b_compress_generic() for use as a fallback. This makes it much easier to add optimized implementations of BLAKE2b, as optimized implementations can use the helper functions crypto_blake2b_{setkey,init,update,final}() and blake2b_compress_generic(). The ARM implementation will use these. But this change is also helpful because it eliminates unnecessary differences between the BLAKE2b and BLAKE2s code, so that the same improvements can easily be made to both. (The two algorithms are basically identical, except for the word size and constants.) It also makes it straightforward to add a library API for BLAKE2b in the future if/when it's needed. This change does make the BLAKE2b code slightly more complicated than it needs to be, as it doesn't actually provide a library API yet. For example, __blake2b_update() doesn't really need to exist yet; it could just be inlined into crypto_blake2b_update(). But I believe this is outweighed by the benefits of keeping the code in sync. Signed-off-by: Eric Biggers <ebiggers@google.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 28dcca4cc0c01e2467549a36b1b0eacfdb01236c) Conflicts: crypto/blake2b_generic.c (conflict due to this branch not having commit 674f368a952c, "crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN") Bug: 178411248 Change-Id: I755c64fefe1209b54d1417d91e8a4c207382a620 Signed-off-by: Eric Biggers <ebiggers@google.com>	2021-10-20 10:11:13 -07:00
Eric Biggers	4af17e1312	BACKPORT: crypto: blake2s - share the "shash" API boilerplate code Add helper functions for shash implementations of BLAKE2s to include/crypto/internal/blake2s.h, taking advantage of __blake2s_update() and __blake2s_final() that were added by the previous patch to share more code between the library and shash implementations. crypto_blake2s_setkey() and crypto_blake2s_init() are usable as shash_alg::setkey and shash_alg::init directly, while crypto_blake2s_update() and crypto_blake2s_final() take an extra 'blake2s_compress_t' function pointer parameter. This allows the implementation of the compression function to be overridden, which is the only part that optimized implementations really care about. The new functions are inline functions (similar to those in sha1_base.h, sha256_base.h, and sm3_base.h) because this avoids needing to add a new module blake2s_helpers.ko, they aren't too long, and this avoids indirect calls which are expensive these days. Note that they can't go in blake2s_generic.ko, as that would require selecting CRYPTO_BLAKE2S from CRYPTO_BLAKE2S_X86, which would cause a recursive dependency. Finally, use these new helper functions in the x86 implementation of BLAKE2s. (This part should be a separate patch, but unfortunately the x86 implementation used the exact same function names like "crypto_blake2s_update()", so it had to be updated at the same time.) Signed-off-by: Eric Biggers <ebiggers@google.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 8c4a93a1270ddffc7660ae43fa8030ecfe9c06d9) Conflicts: arch/x86/crypto/blake2s-glue.c crypto/blake2s_generic.c (conflict due to this branch not having commit 674f368a952c, "crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN") Bug: 152722841 Bug: 178411248 Change-Id: I9d23b1897cee81fb1704b6eea14d3dc9b1c80fe0 Signed-off-by: Eric Biggers <ebiggers@google.com>	2021-10-20 10:10:54 -07:00
Eric Biggers	c07a7ee4b5	UPSTREAM: crypto: blake2s - remove unneeded includes It doesn't make sense for the generic implementation of BLAKE2s to include <crypto/internal/simd.h> and <linux/jump_label.h>, as these are things that would only be useful in an architecture-specific implementation. Remove these unnecessary includes. Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit df412e7efda1e2c5b5fcb06701bba77434cbd1e8) Bug: 152722841 Bug: 178411248 Change-Id: I8bccb9506d235c2b184b9899ee375fdc12d6b10f Signed-off-by: Eric Biggers <ebiggers@google.com>	2021-10-20 10:10:51 -07:00
Eric Biggers	4a0ac0e975	UPSTREAM: crypto: blake2s - define shash_alg structs using macros The shash_alg structs for the four variants of BLAKE2s are identical except for the algorithm name, driver name, and digest size. So, avoid code duplication by using a macro to define these structs. Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 0d396058f92ae7e5ac62839fed54bc2bba630ab5) Bug: 152722841 Bug: 178411248 Change-Id: I32b3a6c035b18f063ad0e03c43171091ca1490a8 Signed-off-by: Eric Biggers <ebiggers@google.com>	2021-10-20 10:10:43 -07:00
Arnd Bergmann	45e0eb38e5	UPSTREAM: crypto: blake2b - Fix clang optimization for ARMv7-M When building for ARMv7-M, clang-9 or higher tries to unroll some loops, which ends up confusing the register allocator to the point of generating rather bad code and using more than the warning limit for stack frames: warning: stack frame size of 1200 bytes in function 'blake2b_compress' [-Wframe-larger-than=] Forcing it to not unroll the final loop avoids this problem. Fixes: 91d689337fe8 ("crypto: blake2b - add blake2b generic implementation") Signed-off-by: Arnd Bergmann <arnd@arndb.de> Reviewed-by: Nathan Chancellor <natechancellor@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 0c0408e86dbe8f44d4b27bf42130e8ac905361d6) Bug: 178411248 Change-Id: I71ee6df844bdbace9f06342a61322c7494533564 Signed-off-by: Eric Biggers <ebiggers@google.com>	2021-10-20 10:10:29 -07:00
David Sterba	b0e0bc92f3	UPSTREAM: crypto: blake2b - rename tfm context and _setkey callback The TFM context can be renamed to a more appropriate name and the local varaibles as well, using 'tctx' which seems to be more common than 'mctx'. The _setkey callback was the last one without the blake2b_ prefix, rename that too. Signed-off-by: David Sterba <dsterba@suse.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit c433a1a8572eceb7c45dd85d93fec6946b71bb72) Bug: 178411248 Change-Id: I8b7dfa5779ee6f76bb7e21572d29df1310705485 Signed-off-by: Eric Biggers <ebiggers@google.com>	2021-10-20 10:10:28 -07:00
David Sterba	9021782944	UPSTREAM: crypto: blake2b - merge _update to api callback Now that there's only one call to blake2b_update, we can merge it to the callback and simplify. The empty input check is split and the rest of code un-indented. Signed-off-by: David Sterba <dsterba@suse.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 0b4b5f10ac1ffb7f51db1832d189c33955c0d4c1) Bug: 178411248 Change-Id: Ic260edcee45116ac1a9f03f2792fe577a2c629c6 Signed-off-by: Eric Biggers <ebiggers@google.com>	2021-10-20 10:10:28 -07:00
David Sterba	2ddda50514	UPSTREAM: crypto: blake2b - open code set last block helper The helper is trival and called once, inlining makes things simpler. There's a comment to tie it back to the idea behind the code. Signed-off-by: David Sterba <dsterba@suse.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit a2e4bdce0f6e69c6cf9e460c4fe158bcc0db351f) Bug: 178411248 Change-Id: Iba1276dfcdb29240206f66bf98902d0e587a590f Signed-off-by: Eric Biggers <ebiggers@google.com>	2021-10-20 10:10:28 -07:00
David Sterba	755d5a0a12	UPSTREAM: crypto: blake2b - delete unused structs or members All the code for param block has been inlined, last_node and outlen from the state are not used or have become redundant due to other code. Remove it. Signed-off-by: David Sterba <dsterba@suse.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit d063d6327e7de18e16e4742579a0ff759c3889fb) Bug: 178411248 Change-Id: Ia7090fe3162495abae29b86f37e53ebf02414fe2 Signed-off-by: Eric Biggers <ebiggers@google.com>	2021-10-20 10:10:27 -07:00
David Sterba	5ecbb9a584	UPSTREAM: crypto: blake2b - simplify key init The keyed init writes the key bytes to the input buffer and does an update. We can do that in two ways: fill the buffer and update immediatelly. This is what current blake2b_init_key does. Any other following _update or _final will continue from the updated state. The other way is to write the key and set the number of bytes to process at the next _update or _final, lazy evaluation. Which leads to the the simplified code in this patch. Signed-off-by: David Sterba <dsterba@suse.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit e87e484d60b0da8302b45f27fe32af1cea02c8d2) Bug: 178411248 Change-Id: I90652bb41d252af9503d5976ce32b93e2610debf Signed-off-by: Eric Biggers <ebiggers@google.com>	2021-10-20 10:10:27 -07:00
David Sterba	92071d4ceb	UPSTREAM: crypto: blake2b - merge blake2 init to api callback The call chain from blake2b_init can be simplified because the param block is effectively zeros, besides the key. - blake2b_init0 zeroes state and sets IV - blake2b_init sets up param block with defaults (key and some 1s) - init with key, write it to the input buffer and recalculate state So the compact way is to zero out the state and initialize index 0 of the state directly with the non-zero values and the key. Signed-off-by: David Sterba <dsterba@suse.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit e374969565472824eba4669dea4a23ad2edb414f) Bug: 178411248 Change-Id: I797e941bf90262f6cf334c100a91e5b90dc00a2c Signed-off-by: Eric Biggers <ebiggers@google.com>	2021-10-20 10:10:27 -07:00
David Sterba	f0430a733b	UPSTREAM: crypto: blake2b - merge _final implementation to callback blake2b_final is called only once, merge it to the crypto API callback and simplify. This avoids the temporary buffer and swaps the bytes of internal buffer. Signed-off-by: David Sterba <dsterba@suse.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 086db43b5a2281f7ce7d8a67a171b91e1e8fe0ec) Bug: 178411248 Change-Id: I7c5e2d9d931d463ada7573e66268f7b93a2d40a4 Signed-off-by: Eric Biggers <ebiggers@google.com>	2021-10-20 10:10:26 -07:00
David Sterba	edb90dfdf1	BACKPORT: crypto: testmgr - add test vectors for blake2b Test vectors for blake2b with various digest sizes. As the algorithm is the same up to the digest calculation, the key and input data length is distributed in a way that tests all combinanions of the two over the digest sizes. Based on the suggestion from Eric, the following input sizes are tested [0, 1, 7, 15, 64, 247, 256], where blake2b blocksize is 128, so the padded and the non-padded input buffers are tested. blake2b-160 blake2b-256 blake2b-384 blake2b-512 --------------------------------------------------- len=0 \| klen=0 klen=1 klen=32 klen=64 len=1 \| klen=32 klen=64 klen=0 klen=1 len=7 \| klen=64 klen=0 klen=1 klen=32 len=15 \| klen=1 klen=32 klen=64 klen=0 len=64 \| klen=0 klen=1 klen=32 klen=64 len=247 \| klen=32 klen=64 klen=0 klen=1 len=256 \| klen=64 klen=0 klen=1 klen=32 Where key: - klen=0: empty key - klen=1: 1 byte value 0x42, 'B' - klen=32: first 32 bytes of the default key, sequence 00..1f - klen=64: default key, sequence 00..3f The unkeyed vectors are ordered before keyed, as this is required by testmgr. CC: Eric Biggers <ebiggers@kernel.org> Signed-off-by: David Sterba <dsterba@suse.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit a1afe27492a408d45421a1812064235691303fa1) Conflicts: crypto/testmgr.c crypto/testmgr.h (resolved conflicts due to blake2s having been backported already) Bug: 178411248 Change-Id: I5d6e1c16b7be981f4912264cd67dc1dad20b6bec Signed-off-by: Eric Biggers <ebiggers@google.com>	2021-10-20 10:10:26 -07:00
David Sterba	e4c224108b	BACKPORT: crypto: blake2b - add blake2b generic implementation The patch brings support of several BLAKE2 variants (2b with various digest lengths). The keyed digest is supported, using tfm->setkey call. The in-tree user will be btrfs (for checksumming), we're going to use the BLAKE2b-256 variant. The code is reference implementation taken from the official sources and modified in terms of kernel coding style (whitespace, comments, uintXX_t -> uXX types, removed unused prototypes and #ifdefs, removed testing code, changed secure_zero_memory -> memzero_explicit, used own helpers for unaligned reads/writes and rotations). Further changes removed sanity checks of key length or output size, these values are verified in the crypto API callbacks or hardcoded in shash_alg and not exposed to users. Signed-off-by: David Sterba <dsterba@suse.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 91d689337fe8b7703608a2ec39aae700b99f3933) Conflicts: crypto/Kconfig crypto/Makefile (trivial conflicts due to blake2s having been backported already) Bug: 178411248 Change-Id: Ic4c2314b146434a5842facf56e58d3602bacc7d5 Signed-off-by: Eric Biggers <ebiggers@google.com>	2021-10-20 10:10:22 -07:00
Greg Kroah-Hartman	97fd50773c	This is the 4.19.198 stable release -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmD22r0ACgkQONu9yGCS aT7QGBAAjVxynXPmbTuTPEXe4JXpIypErZCbUt8hUdtUcGkR3C7Kpv4zfz2Sqejc W2NOGNrU6OtUR+pWR+GwwqfFzop4LZl5jj46CiMZ9mY81LVVh7dNxXx6huIXkgy5 rI8oQAPNn5QaWHNANgdjCgdXRbA7FxBHDfaiGvwQbTW92wLV/w4ZH1coFxkkVdV1 eL3wZnVf0SNw0WTDiRDfCEH9Wx7RvVZ9KI/TqVOxYKv3LPl3faJVbjbQ8aP0lBxQ Vx+SB0w6C8f/P1KVIgU+1VluWsiQzHSxrliK2JCFqCoUFvZ02l3c6G4W2bQUcPw/ HqkozAywWftEXYFuXAGKnRQjX97vKABF/A7FZG3FrmP3zuzeRnFWrlheFSAccGww K/QH4avlk/ZO0XPghnVJhlOaYvNU90cimFVfillnuMdGrUdElsZuEIGLj/7KaQOB GryuTyB8ZTVFCiHQlGKUY+3DMC5SJ4aHb1lpQd/+OGqgkUXMWXc9ZFshcLcsBZUE 88ruExWq8fTmLXI6d4u/WZDi7e4pMtnP2N0ahMWC/EzpiLYQWpmVCDzQm09SnpiB T4NdBP5vR96M9EF68xNNgrIIwn3aw/yKm3VQzy6eQLtQ7zFVxIpa8jdUDR5pYYJv rAtawF7cgT0BkTaOE6LUDFNdR8feYvE87nuyL5pVN5ZLOefpgMM= =ijbU -----END PGP SIGNATURE----- Merge 4.19.198 into android-4.19-stable Changes in 4.19.198 scsi: core: Retry I/O for Notify (Enable Spinup) Required error ALSA: usb-audio: fix rate on Ozone Z90 USB headset ALSA: usb-audio: Fix OOB access at proc output media: dvb-usb: fix wrong definition Input: usbtouchscreen - fix control-request directions net: can: ems_usb: fix use-after-free in ems_usb_disconnect() usb: gadget: eem: fix echo command packet response issue USB: cdc-acm: blacklist Heimann USB Appset device usb: dwc3: Fix debugfs creation flow usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() xhci: solve a double free problem while doing s4 ntfs: fix validity check for file name attribute iov_iter_fault_in_readable() should do nothing in xarray case Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode ARM: dts: at91: sama5d4: fix pinctrl muxing btrfs: send: fix invalid path for unlink operations after parent orphanization btrfs: clear defrag status of a root if starting transaction fails ext4: cleanup in-core orphan list if ext4_truncate() failed to get a transaction handle ext4: fix kernel infoleak via ext4_extent_header ext4: return error code when ext4_fill_flex_info() fails ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit ext4: remove check for zero nr_to_scan in ext4_es_scan() ext4: fix avefreec in find_group_orlov ext4: use ext4_grp_locked_error in mb_find_extent can: bcm: delay release of struct bcm_op after synchronize_rcu() can: gw: synchronize rcu operations before removing gw job entry can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path SUNRPC: Fix the batch tasks count wraparound. SUNRPC: Should wake up the privileged task firstly. s390/cio: dont call css_wait_for_slow_path() inside a lock rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path iio: light: tcs3472: do not free unallocated IRQ iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR iio: ltr501: ltr501_read_ps(): add missing endianness conversion serial: sh-sci: Stop dmaengine transfer in sci_stop_tx() serial_cs: Add Option International GSM-Ready 56K/ISDN modem serial_cs: remove wrong GLOBETROTTER.cis entry ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() ssb: sdio: Don't overwrite const buffer if block_write fails rsi: Assign beacon rate settings to the correct rate_info descriptor field rsi: fix AP mode with WPA failure due to encrypted EAPOL tracing/histograms: Fix parsing of "sym-offset" modifier tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing seq_buf: Make trace_seq_putmem_hex() support data longer than 8 powerpc/stacktrace: Fix spurious "stale" traces in raise_backtrace_ipi() evm: Execute evm_inode_init_security() only when an HMAC key is loaded evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded fuse: check connected before queueing on fpq->io spi: Make of_register_spi_device also set the fwnode spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf' spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() spi: omap-100k: Fix the length judgment problem regulator: uniphier: Add missing MODULE_DEVICE_TABLE crypto: nx - add missing MODULE_DEVICE_TABLE media: cpia2: fix memory leak in cpia2_usb_probe media: cobalt: fix race condition in setting HPD media: pvrusb2: fix warning in pvr2_i2c_core_done crypto: qat - check return code of qat_hal_rd_rel_reg() crypto: qat - remove unused macro in FW loader sched/fair: Fix ascii art by relpacing tabs media: em28xx: Fix possible memory leak of em28xx struct media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release media: bt8xx: Fix a missing check bug in bt878_probe media: st-hva: Fix potential NULL pointer dereferences media: dvd_usb: memory leak in cinergyt2_fe_attach mmc: via-sdmmc: add a check against NULL pointer dereference crypto: shash - avoid comparing pointers to exported functions under CFI media: dvb_net: avoid speculation from net slot media: siano: fix device register error path media: imx-csi: Skip first few frames from a BT.656 source btrfs: fix error handling in __btrfs_update_delayed_inode btrfs: abort transaction if we fail to update the delayed inode btrfs: disable build on platforms having page size 256K regulator: da9052: Ensure enough delay time for .set_voltage_time_sel HID: do not use down_interruptible() when unbinding devices EDAC/ti: Add missing MODULE_DEVICE_TABLE ACPI: processor idle: Fix up C-state latency if not ordered hv_utils: Fix passing zero to 'PTR_ERR' warning lib: vsprintf: Fix handling of number field widths in vsscanf ACPI: EC: Make more Asus laptops use ECDT _GPE block_dump: remove block_dump feature in mark_inode_dirty() fs: dlm: cancel work sync othercon random32: Fix implicit truncation warning in prandom_seed_state() fs: dlm: fix memory leak when fenced ACPICA: Fix memory leak caused by _CID repair function ACPI: bus: Call kobject_put() in acpi_init() error path platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() clocksource: Retry clock read if long delays detected ACPI: tables: Add custom DSDT file as makefile prerequisite HID: wacom: Correct base usage for capacitive ExpressKey status bits ia64: mca_drv: fix incorrect array size calculation media: s5p_cec: decrement usage count if disabled crypto: ixp4xx - dma_unmap the correct address crypto: ux500 - Fix error return code in hash_hw_final() sata_highbank: fix deferred probing pata_rb532_cf: fix deferred probing media: I2C: change 'RST' to "RSET" to fix multiple build errors pata_octeon_cf: avoid WARN_ON() in ata_host_activate() evm: fix writing <securityfs>/evm overflow crypto: ccp - Fix a resource leak in an error handling path media: rc: i2c: Fix an error message pata_ep93xx: fix deferred probing media: exynos4-is: Fix a use after free in isp_video_release media: tc358743: Fix error return code in tc358743_probe_of() media: gspca/gl860: fix zero-length control requests media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() mmc: usdhi6rol0: fix error return code in usdhi6_probe() media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx hwmon: (max31722) Remove non-standard ACPI device IDs hwmon: (max31790) Fix fan speed reporting for fan7..12 btrfs: clear log tree recovering status if starting transaction fails spi: spi-sun6i: Fix chipselect/clock bug crypto: nx - Fix RCU warning in nx842_OF_upd_status ACPI: sysfs: Fix a buffer overrun problem with description_show() blk-wbt: introduce a new disable state to prevent false positive by rwb_enabled() blk-wbt: make sure throttle is enabled properly ocfs2: fix snprintf() checking net: mvpp2: Put fwnode in error case during ->probe() net: pch_gbe: Propagate error from devm_gpio_request_one() drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() ehea: fix error return code in ehea_restart_qps() RDMA/rxe: Fix failure during driver load drm: qxl: ensure surf.data is ininitialized tools/bpftool: Fix error return code in do_batch() wireless: carl9170: fix LEDS build errors & warnings ieee802154: hwsim: Fix possible memory leak in hwsim_subscribe_all_others wcn36xx: Move hal_buf allocation to devm_kmalloc in probe ssb: Fix error return code in ssb_bus_scan() brcmfmac: fix setting of station info chains bitmask brcmfmac: correctly report average RSSI in station info brcmsmac: mac80211_if: Fix a resource leak in an error handling path ath10k: Fix an error code in ath10k_add_interface() netlabel: Fix memory leak in netlbl_mgmt_add_common RDMA/mlx5: Don't add slave port to unaffiliated list netfilter: nft_exthdr: check for IPv6 packet before further processing netfilter: nft_osf: check for TCP packet before further processing netfilter: nft_tproxy: restrict support to TCP and UDP transport protocols RDMA/rxe: Fix qp reference counting for atomic ops samples/bpf: Fix the error return code of xdp_redirect's main() net: ethernet: aeroflex: fix UAF in greth_of_remove net: ethernet: ezchip: fix UAF in nps_enet_remove net: ethernet: ezchip: fix error handling pkt_sched: sch_qfq: fix qfq_change_class() error path vxlan: add missing rcu_read_lock() in neigh_reduce() net/ipv4: swap flow ports when validating source ieee802154: hwsim: Fix memory leak in hwsim_add_one ieee802154: hwsim: avoid possible crash in hwsim_del_edge_nl() mac80211: remove iwlwifi specific workaround NDPs of null_response net: bcmgenet: Fix attaching to PYH failed on RPi 4B ipv6: exthdrs: do not blindly use init_net bpf: Do not change gso_size during bpf_skb_change_proto() i40e: Fix error handling in i40e_vsi_open i40e: Fix autoneg disabling for non-10GBaseT links Revert "ibmvnic: remove duplicate napi_schedule call in open function" ibmvnic: free tx_pool if tso_pool alloc fails ipv6: fix out-of-bound access in ip6_parse_tlv() Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event writeback: fix obtain a reference to a freeing memcg css net: lwtunnel: handle MTU calculation in forwading net: sched: fix warning in tcindex_alloc_perfect_hash RDMA/mlx5: Don't access NULL-cleared mpi pointer tty: nozomi: Fix a resource leak in an error handling function mwifiex: re-fix for unaligned accesses iio: adis_buffer: do not return ints in irq handlers iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() Input: hil_kbd - fix error return code in hil_dev_connect() char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() tty: nozomi: Fix the error handling path of 'nozomi_card_init()' scsi: FlashPoint: Rename si_flags field fsi: core: Fix return of error values on failures fsi: scom: Reset the FSI2PIB engine for any error fsi/sbefifo: Clean up correct FIFO when receiving reset request from SBE fsi/sbefifo: Fix reset timeout visorbus: fix error return code in visorchipset_init() s390: appldata depends on PROC_SYSCTL eeprom: idt_89hpesx: Put fwnode in matching case during ->probe() eeprom: idt_89hpesx: Restore printing the unsupported fwnode name iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() staging: gdm724x: check for overflow in gdm_lte_netif_rx() staging: mt7621-dts: fix pci address for PCI memory range serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK of: Fix truncation of memory sizes on 32-bit platforms mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() scsi: mpt3sas: Fix error return value in _scsih_expander_add() phy: ti: dm816x: Fix the error handling path in 'dm816x_usb_phy_probe() extcon: sm5502: Drop invalid register write in sm5502_reg_data extcon: max8997: Add missing modalias string ASoC: atmel-i2s: Fix usage of capture and playback at the same time configfs: fix memleak in configfs_release_bin_file leds: as3645a: Fix error return code in as3645a_parse_node() leds: ktd2692: Fix an error handling path powerpc: Offline CPU in stop_this_cpu() serial: mvebu-uart: correctly calculate minimal possible baudrate arm64: dts: marvell: armada-37xx: Fix reg for standard variant of UART vfio/pci: Handle concurrent vma faults mm/huge_memory.c: don't discard hugepage if other processes are mapping it selftests/vm/pkeys: fix alloc_random_pkey() to make it really, really random perf llvm: Return -ENOMEM when asprintf() fails mmc: block: Disable CMDQ on the ioctl path mmc: vub3000: fix control-request direction drm/mxsfb: Don't select DRM_KMS_FB_HELPER drm/zte: Don't select DRM_KMS_FB_HELPER drm/amd/amdgpu/sriov disable all ip hw status by default net: pch_gbe: Use proper accessors to BE data in pch_ptp_match() drm/amd/display: fix use_max_lb flag for 420 pixel formats hugetlb: clear huge pte during flush function on mips platform atm: iphase: fix possible use-after-free in ia_module_exit() mISDN: fix possible use-after-free in HFC_cleanup() atm: nicstar: Fix possible use-after-free in nicstar_cleanup() net: Treat __napi_schedule_irqoff() as __napi_schedule() on PREEMPT_RT reiserfs: add check for invalid 1st journal block drm/virtio: Fix double free on probe failure udf: Fix NULL pointer dereference in udf_symlink function e100: handle eeprom as little endian clk: renesas: r8a77995: Add ZA2 clock clk: tegra: Ensure that PLLU configuration is applied properly ipv6: use prandom_u32() for ID generation RDMA/cxgb4: Fix missing error code in create_qp() dm space maps: don't reset space map allocation cursor when committing pinctrl: mcp23s08: fix race condition in irq handler ice: set the value of global config lock timeout longer virtio_net: Remove BUG() to avoid machine dead net: bcmgenet: check return value after calling platform_get_resource() net: mvpp2: check return value after calling platform_get_resource() net: micrel: check return value after calling platform_get_resource() fjes: check return value after calling platform_get_resource() selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC xfrm: Fix error reporting in xfrm_state_construct. wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP wl1251: Fix possible buffer overflow in wl1251_cmd_scan cw1200: add missing MODULE_DEVICE_TABLE net: fix mistake path for netdev_features_strings rtl8xxxu: Fix device info for RTL8192EU devices MIPS: add PMD table accounting into MIPS'pmd_alloc_one atm: nicstar: use 'dma_free_coherent' instead of 'kfree' atm: nicstar: register the interrupt handler in the right place vsock: notify server to shutdown when client has pending signal RDMA/rxe: Don't overwrite errno from ib_umem_get() iwlwifi: mvm: don't change band on bound PHY contexts iwlwifi: pcie: free IML DMA memory allocation sfc: avoid double pci_remove of VFs sfc: error code if SRIOV cannot be disabled wireless: wext-spy: Fix out-of-bounds warning media, bpf: Do not copy more entries than user space requested net: ip: avoid OOM kills with large UDP sends over loopback RDMA/cma: Fix rdma_resolve_route() memory leak Bluetooth: Fix the HCI to MGMT status conversion table Bluetooth: Shutdown controller after workqueues are flushed or cancelled Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc. sctp: validate from_addr_param return sctp: add size validation when walking chunks MIPS: set mips32r5 for virt extensions fscrypt: don't ignore minor_hash when hash is 0 bdi: Do not use freezable workqueue serial: mvebu-uart: clarify the baud rate derivation serial: mvebu-uart: fix calculation of clock divisor fuse: reject internal errno powerpc/barrier: Avoid collision with clang's __lwsync macro usb: gadget: f_fs: Fix setting of device and driver data cross-references drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() drm/amd/display: fix incorrrect valid irq check pinctrl/amd: Add device HID for new AMD GPIO controller drm/msm/mdp4: Fix modifier support enabling mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode mmc: core: clear flags before allowing to retune mmc: core: Allow UHS-I voltage switch for SDSC cards if supported ata: ahci_sunxi: Disable DIPM cpu/hotplug: Cure the cpusets trainwreck clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround ASoC: tegra: Set driver_name=tegra for all machine drivers qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute ipmi/watchdog: Stop watchdog timer when the current action is 'none' power: supply: ab8500: Fix an old bug seq_buf: Fix overflow in seq_buf_putmem_hex() tracing: Simplify & fix saved_tgids logic tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT ipack/carriers/tpci200: Fix a double free in tpci200_pci_probe coresight: tmc-etf: Fix global-out-of-bounds in tmc_update_etf_buffer() dm btree remove: assign new_root only when removal succeeds PCI: Leave Apple Thunderbolt controllers on for s2idle or standby PCI: aardvark: Fix checking for PIO Non-posted Request media: subdev: disallow ioctl for saa6588/davinci media: dtv5100: fix control-request directions media: zr364xx: fix memory leak in zr364xx_start_readpipe media: gspca/sq905: fix control-request direction media: gspca/sunplus: fix zero-length control requests media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq() jfs: fix GPF in diFree smackfs: restrict bytes count in smk_set_cipso() KVM: x86: Use guest MAXPHYADDR from CPUID.0x8000_0008 iff TDP is enabled KVM: X86: Disable hardware breakpoints unconditionally before kvm_x86->run() scsi: core: Fix bad pointer dereference when ehandler kthread is invalid tracing: Do not reference char * as a string in histograms PCI: aardvark: Don't rely on jiffies while holding spinlock PCI: aardvark: Fix kernel panic during PIO transfer tty: serial: fsl_lpuart: fix the potential risk of division or modulo by zero misc/libmasm/module: Fix two use after free in ibmasm_init_one Revert "ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro" w1: ds2438: fixing bug that would always get page0 scsi: lpfc: Fix "Unexpected timeout" error in direct attach topology scsi: lpfc: Fix crash when lpfc_sli4_hba_setup() fails to initialize the SGLs scsi: core: Cap scsi_host cmd_per_lun at can_queue ALSA: ac97: fix PM reference leak in ac97_bus_remove() tty: serial: 8250: serial_cs: Fix a memory leak in error handling path scsi: scsi_dh_alua: Check for negative result value fs/jfs: Fix missing error code in lmLogInit() scsi: iscsi: Add iscsi_cls_conn refcount helpers scsi: iscsi: Fix conn use after free during resets scsi: iscsi: Fix shost->max_id use scsi: qedi: Fix null ref during abort handling mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE s390/sclp_vt220: fix console name to match device selftests: timers: rtcpie: skip test if default RTC device does not exist ALSA: sb: Fix potential double-free of CSP mixer elements powerpc/ps3: Add dma_mask to ps3_dma_region gpio: zynq: Check return value of pm_runtime_get_sync ALSA: ppc: fix error return code in snd_pmac_probe() selftests/powerpc: Fix "no_handler" EBB selftest gpio: pca953x: Add support for the On Semi pca9655 ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() Input: hideep - fix the uninitialized use in hideep_nvm_unlock() ALSA: bebob: add support for ToneWeal FW66 usb: gadget: f_hid: fix endianness issue with descriptors usb: gadget: hid: fix error return code in hid_bind() powerpc/boot: Fixup device-tree on little endian backlight: lm3630a: Fix return code of .update_status() callback ALSA: hda: Add IRQ check for platform_get_irq() staging: rtl8723bs: fix macro value for 2.4Ghz only device intel_th: Wait until port is in reset before programming it i2c: core: Disable client irq on reboot/shutdown lib/decompress_unlz4.c: correctly handle zero-padding around initrds. pwm: spear: Don't modify HW state in .remove callback power: supply: ab8500: Avoid NULL pointers power: supply: max17042: Do not enforce (incorrect) interrupt trigger type power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE ARM: 9087/1: kprobes: test-thumb: fix for LLVM_IAS=1 watchdog: Fix possible use-after-free in wdt_startup() watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() watchdog: Fix possible use-after-free by calling del_timer_sync() watchdog: iTCO_wdt: Account for rebooting on second timeout x86/fpu: Return proper error codes from user access functions PCI: tegra: Add missing MODULE_DEVICE_TABLE orangefs: fix orangefs df output. ceph: remove bogus checks and WARN_ONs from ceph_set_page_dirty NFS: nfs_find_open_context() may only select open files power: supply: charger-manager: add missing MODULE_DEVICE_TABLE power: supply: ab8500: add missing MODULE_DEVICE_TABLE pwm: tegra: Don't modify HW state in .remove callback ACPI: AMBA: Fix resource name in /proc/iomem ACPI: video: Add quirk for the Dell Vostro 3350 virtio-blk: Fix memory leak among suspend/resume procedure virtio_net: Fix error handling in virtnet_restore() virtio_console: Assure used length from device is limited f2fs: add MODULE_SOFTDEP to ensure crc32 is included in the initramfs PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun power: supply: rt5033_battery: Fix device tree enumeration NFSv4: Initialise connection to the server in nfs4_alloc_client() um: fix error return code in slip_open() um: fix error return code in winch_tramp() watchdog: aspeed: fix hardware timeout calculation nfs: fix acl memory leak of posix_acl_create() ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode PCI: iproc: Fix multi-MSI base vector number allocation PCI: iproc: Support multi-MSI only on uniprocessor kernel x86/fpu: Limit xstate copy size in xstateregs_set() virtio_net: move tx vq operation under tx queue lock ALSA: isa: Fix error return code in snd_cmi8330_probe() NFSv4/pNFS: Don't call _nfs4_pnfs_v3_ds_connect multiple times hexagon: use common DISCARDS macro reset: a10sr: add missing of_match_table reference ARM: dts: exynos: fix PWM LED max brightness on Odroid XU/XU3 ARM: dts: exynos: fix PWM LED max brightness on Odroid HC1 ARM: dts: exynos: fix PWM LED max brightness on Odroid XU4 memory: atmel-ebi: add missing of_node_put for loop iteration rtc: fix snprintf() checking in is_rtc_hctosys() arm64: dts: renesas: v3msk: Fix memory size ARM: dts: r8a7779, marzen: Fix DU clock names ARM: dts: BCM5301X: Fixup SPI binding reset: bail if try_module_get() fails memory: fsl_ifc: fix leak of IO mapping on probe failure memory: fsl_ifc: fix leak of private memory on probe failure ARM: dts: am335x: align ti,pindir-d0-out-d1-in property with dt-shema ARM: dts: am437x: align ti,pindir-d0-out-d1-in property with dt-shema ARM: dts: imx6q-dhcom: Fix ethernet reset time properties ARM: dts: imx6q-dhcom: Fix ethernet plugin detection problems ARM: dts: imx6q-dhcom: Add gpios pinctrl for i2c bus recovery scsi: be2iscsi: Fix an error handling path in beiscsi_dev_probe() mips: always link byteswap helpers into decompressor mips: disable branch profiling in boot/decompress.o MIPS: vdso: Invalid GIC access through VDSO net: bridge: multicast: fix PIM hello router port marking race scsi: scsi_dh_alua: Fix signedness bug in alua_rtpg() seq_file: disallow extremely large seq buffer allocations Linux 4.19.198 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Iaa8a95c4d30ca85021bae6c60b4818038797e04e	2021-07-20 16:38:59 +02:00
Ard Biesheuvel	0c4c098c04	crypto: shash - avoid comparing pointers to exported functions under CFI [ Upstream commit 22ca9f4aaf431a9413dcc115dd590123307f274f ] crypto_shash_alg_has_setkey() is implemented by testing whether the .setkey() member of a struct shash_alg points to the default version, called shash_no_setkey(). As crypto_shash_alg_has_setkey() is a static inline, this requires shash_no_setkey() to be exported to modules. Unfortunately, when building with CFI, function pointers are routed via CFI stubs which are private to each module (or to the kernel proper) and so this function pointer comparison may fail spuriously. Let's fix this by turning crypto_shash_alg_has_setkey() into an out of line function. Cc: Sami Tolvanen <samitolvanen@google.com> Cc: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Reviewed-by: Eric Biggers <ebiggers@google.com> Reviewed-by: Sami Tolvanen <samitolvanen@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Sasha Levin <sashal@kernel.org>	2021-07-20 16:15:44 +02:00
Greg Kroah-Hartman	011b73c995	This is the 4.19.191 stable release -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmCoybcACgkQONu9yGCS aT7dBQ//ZniOtxGdujpsPI6Fs7ET0E9K9Pa6hfxneiffPEgEtfA3ab9g7Y88fb9m vzXCpghzPmqk5Fd/+qDeIFxTaEQ1OoUWdx8uXF56XXh5NqTPLJ/gqmgcIqAnPrVq HefKZg3RiOLC4dT0LqALeqDF0dFrXEw+iOnlctXcjOjX6CSUtiLeyTIS5pytv1Ap rMlAkwfYuyBXs8almb6gb+JbemljgvLB9uB0RNG1YxXN5b/y6LqfDdpJIQCaWGxZ p+EYIbCp1NporUTpbWUJWaMD7krMpNhdeOMlkP4fUYmCYkFXqn1CSWVEYZjTDuah HFr57qshm7EMpjBofDCBhjCsphmcFnzkIKON8kH3HXYCb3HNYVo7rWkXg4KRS5XH kUFPmvgSmLi8Ad4dMc/xBBShB/fYaT1Ij1UB0iyKl4R/MDJ+gf6tjKQsFfK5Losr pyXEPyOWmXyWCgMUilWd2nnhkxfrBtXkxlbR1XlXfZ3Sn6GJANN7/Of2mmXFQB1E YBnL+H3bQSkdoZnoGQCktxs+hj74cG167/zSRNC/dFmBhuAmmDZXiR0ai020iyNw Grzv55owpby0HBpJXSWMBYUvV+2PfhZ69JjHc/bfoPUkeMgtW+oeDY2R5rk/enmW 0aNOycvMQujU7IzBdg8TaqHH6rIRSoFowcUXLLAwzoMt0AcE1c4= =V0VA -----END PGP SIGNATURE----- Merge 4.19.191 into android-4.19-stable Changes in 4.19.191 s390/disassembler: increase ebpf disasm buffer size ACPI: custom_method: fix potential use-after-free issue ACPI: custom_method: fix a possible memory leak ftrace: Handle commands when closing set_ftrace_filter file ARM: 9056/1: decompressor: fix BSS size calculation for LLVM ld.lld arm64: dts: marvell: armada-37xx: add syscon compatible to NB clk node arm64: dts: mt8173: fix property typo of 'phys' in dsi node ecryptfs: fix kernel panic with null dev_name mtd: spinand: core: add missing MODULE_DEVICE_TABLE() mtd: rawnand: atmel: Update ecc_stats.corrected counter spi: spi-ti-qspi: Free DMA resources scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand() mmc: sdhci-pci: Fix initialization of some SD cards for Intel BYT-based controllers mmc: block: Update ext_csd.cache_ctrl if it was written mmc: block: Issue a cache flush only when it's enabled mmc: core: Do a power cycle when the CMD11 fails mmc: core: Set read only for SD cards with permanent write protect bit erofs: add unsupported inode i_format check cifs: Return correct error code from smb2_get_enc_key btrfs: fix metadata extent leak after failure to create subvolume intel_th: pci: Add Rocket Lake CPU support fbdev: zero-fill colormap in fbcmap.c staging: wimax/i2400m: fix byte-order issue crypto: api - check for ERR pointers in crypto_destroy_tfm() usb: gadget: uvc: add bInterval checking for HS mode genirq/matrix: Prevent allocation counter corruption usb: gadget: f_uac1: validate input parameters usb: dwc3: gadget: Ignore EP queue requests during bus reset usb: xhci: Fix port minor revision PCI: PM: Do not read power state in pci_enable_device_flags() x86/build: Propagate $(CLANG_FLAGS) to $(REALMODE_FLAGS) tee: optee: do not check memref size on return from Secure World perf/arm_pmu_platform: Fix error handling usb: xhci-mtk: support quirk to disable usb2 lpm xhci: check control context is valid before dereferencing it. xhci: fix potential array out of bounds with several interrupters spi: dln2: Fix reference leak to master spi: omap-100k: Fix reference leak to master intel_th: Consistency and off-by-one fix phy: phy-twl4030-usb: Fix possible use-after-free in twl4030_usb_remove() btrfs: convert logic BUG_ON()'s in replace_path to ASSERT()'s scsi: lpfc: Fix incorrect dbde assignment when building target abts wqe scsi: lpfc: Fix pt2pt connection does not recover after LOGO scsi: target: pscsi: Fix warning in pscsi_complete_cmd() media: ite-cir: check for receive overflow media: drivers: media: pci: sta2x11: fix Kconfig dependency on GPIOLIB power: supply: bq27xxx: fix power_avg for newer ICs extcon: arizona: Fix some issues when HPDET IRQ fires after the jack has been unplugged media: media/saa7164: fix saa7164_encoder_register() memory leak bugs media: gspca/sq905.c: fix uninitialized variable power: supply: Use IRQF_ONESHOT drm/amdgpu : Fix asic reset regression issue introduce by 8f211fe8ac7c4f scsi: qla2xxx: Always check the return value of qla24xx_get_isp_stats() scsi: qla2xxx: Fix use after free in bsg scsi: scsi_dh_alua: Remove check for ASC 24h in alua_rtpg() media: em28xx: fix memory leak media: vivid: update EDID clk: socfpga: arria10: Fix memory leak of socfpga_clk on error return power: supply: generic-adc-battery: fix possible use-after-free in gab_remove() power: supply: s3c_adc_battery: fix possible use-after-free in s3c_adc_bat_remove() media: tc358743: fix possible use-after-free in tc358743_remove() media: adv7604: fix possible use-after-free in adv76xx_remove() media: i2c: adv7511-v4l2: fix possible use-after-free in adv7511_remove() media: i2c: adv7842: fix possible use-after-free in adv7842_remove() media: dvb-usb: fix memory leak in dvb_usb_adapter_init media: gscpa/stv06xx: fix memory leak drm/msm/mdp5: Configure PP_SYNC_HEIGHT to double the vtotal amdgpu: avoid incorrect %hu format string drm/amdgpu: fix NULL pointer dereference scsi: lpfc: Fix crash when a REG_RPI mailbox fails triggering a LOGO response scsi: lpfc: Remove unsupported mbox PORT_CAPABILITIES logic scsi: libfc: Fix a format specifier s390/archrandom: add parameter check for s390_arch_random_generate ALSA: emu8000: Fix a use after free in snd_emu8000_create_mixer ALSA: hda/conexant: Re-order CX5066 quirk table entries ALSA: sb: Fix two use after free in snd_sb_qsound_build ALSA: usb-audio: Explicitly set up the clock selector ALSA: usb-audio: More constifications ALSA: usb-audio: Add dB range mapping for Sennheiser Communications Headset PC 8 ALSA: hda/realtek: Add quirk for Intel Clevo PCx0Dx btrfs: fix race when picking most recent mod log operation for an old root arm64/vdso: Discard .note.gnu.property sections in vDSO ubifs: Only check replay with inode type to judge if inode linked f2fs: fix to avoid out-of-bounds memory access mlxsw: spectrum_mr: Update egress RIF list before route's action openvswitch: fix stack OOB read while fragmenting IPv4 packets ACPI: GTDT: Don't corrupt interrupt mappings on watchdow probe failure NFS: Don't discard pNFS layout segments that are marked for return NFSv4: Don't discard segments marked for return in _pnfs_return_layout() jffs2: Fix kasan slab-out-of-bounds problem powerpc/eeh: Fix EEH handling for hugepages in ioremap space. powerpc: fix EDEADLOCK redefinition error in uapi/asm/errno.h intel_th: pci: Add Alder Lake-M support tpm: vtpm_proxy: Avoid reading host log when using a virtual device md/raid1: properly indicate failure when ending a failed write request dm raid: fix inconclusive reshape layout on fast raid4/5/6 table reload sequences security: commoncap: fix -Wstringop-overread warning Fix misc new gcc warnings jffs2: check the validity of dstlen in jffs2_zlib_compress() Revert `337f13046f` ("futex: Allow FUTEX_CLOCK_REALTIME with FUTEX_WAIT op") posix-timers: Preserve return value in clock_adjtime32() arm64: vdso: remove commas between macro name and arguments ext4: fix check to prevent false positive report of incorrect used inodes ext4: do not set SB_ACTIVE in ext4_orphan_cleanup() ext4: fix error code in ext4_commit_super media: dvbdev: Fix memory leak in dvb_media_device_free() usb: gadget: dummy_hcd: fix gpf in gadget_setup usb: gadget: Fix double free of device descriptor pointers usb: gadget/function/f_fs string table fix for multiple languages usb: dwc3: gadget: Fix START_TRANSFER link state check usb: dwc2: Fix session request interrupt handler tty: fix memory leak in vc_deallocate rsi: Use resume_noirq for SDIO tracing: Map all PIDs to command lines tracing: Restructure trace_clock_global() to never block dm persistent data: packed struct should have an aligned() attribute too dm space map common: fix division bug in sm_ll_find_free_block() dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails modules: mark ref_module static modules: mark find_symbol static modules: mark each_symbol_section static modules: unexport __module_text_address modules: unexport __module_address modules: rename the licence field in struct symsearch to license modules: return licensing information from find_symbol modules: inherit TAINT_PROPRIETARY_MODULE Bluetooth: verify AMP hci_chan before amp_destroy hsr: use netdev_err() instead of WARN_ONCE() bluetooth: eliminate the potential race condition when removing the HCI controller net/nfc: fix use-after-free llcp_sock_bind/connect ASoC: samsung: tm2_wm5110: check of of_parse return value MIPS: pci-mt7620: fix PLL lock check MIPS: pci-rt2880: fix slot 0 configuration FDDI: defxx: Bail out gracefully with unassigned PCI resource for CSR iio:accel:adis16201: Fix wrong axis assignment that prevents loading misc: lis3lv02d: Fix false-positive WARN on various HP models misc: vmw_vmci: explicitly initialize vmci_notify_bm_set_msg struct misc: vmw_vmci: explicitly initialize vmci_datagram payload md/bitmap: wait for external bitmap writes to complete during tear down md-cluster: fix use-after-free issue when removing rdev md: split mddev_find md: factor out a mddev_find_locked helper from mddev_find md: md_open returns -EBUSY when entering racing area md: Fix missing unused status line of /proc/mdstat ipw2x00: potential buffer overflow in libipw_wx_set_encodeext() cfg80211: scan: drop entry from hidden_list on overflow drm/radeon: fix copy of uninitialized variable back to userspace ALSA: hda/realtek: Re-order ALC882 Acer quirk table entries ALSA: hda/realtek: Re-order ALC882 Sony quirk table entries ALSA: hda/realtek: Re-order ALC882 Clevo quirk table entries ALSA: hda/realtek: Re-order ALC269 HP quirk table entries ALSA: hda/realtek: Re-order ALC269 Dell quirk table entries ALSA: hda/realtek: Re-order ALC269 Sony quirk table entries ALSA: hda/realtek: Re-order ALC269 Lenovo quirk table entries ALSA: hda/realtek: Remove redundant entry for ALC861 Haier/Uniwill devices x86/cpu: Initialize MSR_TSC_AUX if RDTSCP or RDPID is supported KVM: s390: split kvm_s390_logical_to_effective KVM: s390: fix guarded storage control register handling KVM: s390: split kvm_s390_real_to_abs ovl: fix missing revert_creds() on error path usb: gadget: pch_udc: Revert `d3cb25a121` completely memory: gpmc: fix out of bounds read and dereference on gpmc_cs[] ARM: dts: exynos: correct fuel gauge interrupt trigger level on Midas family ARM: dts: exynos: correct MUIC interrupt trigger level on Midas family ARM: dts: exynos: correct PMIC interrupt trigger level on Midas family ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid X/U3 family ARM: dts: exynos: correct PMIC interrupt trigger level on SMDK5250 ARM: dts: exynos: correct PMIC interrupt trigger level on Snow serial: stm32: fix incorrect characters on console serial: stm32: fix tx_empty condition usb: typec: tcpci: Check ROLE_CONTROL while interpreting CC_STATUS regmap: set debugfs_name to NULL after it is freed mtd: rawnand: fsmc: Fix error code in fsmc_nand_probe() mtd: rawnand: brcmnand: fix OOB R/W with Hamming ECC mtd: Handle possible -EPROBE_DEFER from parse_mtd_partitions() mtd: rawnand: qcom: Return actual error code instead of -ENODEV x86/microcode: Check for offline CPUs before requesting new microcode usb: gadget: pch_udc: Replace cpu_to_le32() by lower_32_bits() usb: gadget: pch_udc: Check if driver is present before calling ->setup() usb: gadget: pch_udc: Check for DMA mapping error crypto: qat - don't release uninitialized resources crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init fotg210-udc: Fix DMA on EP0 for length > max packet size fotg210-udc: Fix EP0 IN requests bigger than two packets fotg210-udc: Remove a dubious condition leading to fotg210_done fotg210-udc: Mask GRP2 interrupts we don't handle fotg210-udc: Don't DMA more than the buffer can take fotg210-udc: Complete OUT requests on short packets mtd: require write permissions for locking and badblock ioctls bus: qcom: Put child node before return soundwire: bus: Fix device found flag correctly phy: marvell: ARMADA375_USBCLUSTER_PHY should not default to y, unconditionally crypto: qat - fix error path in adf_isr_resource_alloc() usb: gadget: aspeed: fix dma map failure USB: gadget: udc: fix wrong pointer passed to IS_ERR() and PTR_ERR() soundwire: stream: fix memory leak in stream config error path mtd: rawnand: gpmi: Fix a double free in gpmi_nand_init irqchip/gic-v3: Fix OF_BAD_ADDR error handling staging: rtl8192u: Fix potential infinite loop staging: greybus: uart: fix unprivileged TIOCCSERIAL spi: Fix use-after-free with devm_spi_alloc_* soc: qcom: mdt_loader: Validate that p_filesz < p_memsz soc: qcom: mdt_loader: Detect truncated read of segments ACPI: CPPC: Replace cppc_attr with kobj_attribute crypto: qat - Fix a double free in adf_create_ring cpufreq: armada-37xx: Fix setting TBG parent for load levels clk: mvebu: armada-37xx-periph: remove .set_parent method for CPU PM clock cpufreq: armada-37xx: Fix the AVS value for load L1 clk: mvebu: armada-37xx-periph: Fix switching CPU freq from 250 Mhz to 1 GHz clk: mvebu: armada-37xx-periph: Fix workaround for switching from L1 to L0 cpufreq: armada-37xx: Fix driver cleanup when registration failed cpufreq: armada-37xx: Fix determining base CPU frequency usb: gadget: r8a66597: Add missing null check on return from platform_get_resource USB: cdc-acm: fix unprivileged TIOCCSERIAL tty: actually undefine superseded ASYNC flags tty: fix return value for unsupported ioctls firmware: qcom-scm: Fix QCOM_SCM configuration usbip: vudc: fix missing unlock on error in usbip_sockfd_store() platform/x86: pmc_atom: Match all Beckhoff Automation baytrail boards with critclk_systems DMI table x86/platform/uv: Fix !KEXEC build failure Drivers: hv: vmbus: Increase wait time for VMbus unload usb: dwc2: Fix host mode hibernation exit with remote wakeup flow. usb: dwc2: Fix hibernation between host and device modes. ttyprintk: Add TTY hangup callback. soc: aspeed: fix a ternary sign expansion bug media: vivid: fix assignment of dev->fbuf_out_flags media: omap4iss: return error code when omap4iss_get() failed media: m88rs6000t: avoid potential out-of-bounds reads on arrays drm/amdkfd: fix build error with AMD_IOMMU_V2=m x86/kprobes: Fix to check non boostable prefixes correctly pata_arasan_cf: fix IRQ check pata_ipx4xx_cf: fix IRQ check sata_mv: add IRQ checks ata: libahci_platform: fix IRQ check nvme: retrigger ANA log update if group descriptor isn't found vfio/mdev: Do not allow a mdev_type to have a NULL parent pointer clk: qcom: a53-pll: Add missing MODULE_DEVICE_TABLE clk: uniphier: Fix potential infinite loop scsi: jazz_esp: Add IRQ check scsi: sun3x_esp: Add IRQ check scsi: sni_53c710: Add IRQ check scsi: ibmvfc: Fix invalid state machine BUG_ON() mfd: stm32-timers: Avoid clearing auto reload register HSI: core: fix resource leaks in hsi_add_client_from_dt() x86/events/amd/iommu: Fix sysfs type mismatch sched/debug: Fix cgroup_path[] serialization drivers/block/null_blk/main: Fix a double free in null_init. HID: plantronics: Workaround for double volume key presses perf symbols: Fix dso__fprintf_symbols_by_name() to return the number of printed chars net: lapbether: Prevent racing when checking whether the netif is running powerpc/prom: Mark identical_pvr_fixup as __init powerpc: Fix HAVE_HARDLOCKUP_DETECTOR_ARCH build configuration ALSA: core: remove redundant spin_lock pair in snd_card_disconnect bug: Remove redundant condition check in report_bug nfc: pn533: prevent potential memory corruption net: hns3: Limiting the scope of vector_ring_chain variable ALSA: usb-audio: Add error checks for usb_driver_claim_interface() calls liquidio: Fix unintented sign extension of a left shift of a u16 powerpc/64s: Fix pte update for kernel memory on radix powerpc/perf: Fix PMU constraint check for EBB events powerpc: iommu: fix build when neither PCI or IBMVIO is set mac80211: bail out if cipher schemes are invalid mt7601u: fix always true expression IB/hfi1: Fix error return code in parse_platform_config() net: thunderx: Fix unintentional sign extension issue RDMA/srpt: Fix error return code in srpt_cm_req_recv() i2c: cadence: add IRQ check i2c: emev2: add IRQ check i2c: jz4780: add IRQ check i2c: sh7760: add IRQ check ASoC: ak5558: correct reset polarity drm/i915/gvt: Fix error code in intel_gvt_init_device() MIPS: pci-legacy: stop using of_pci_range_to_resource powerpc/pseries: extract host bridge from pci_bus prior to bus removal rtlwifi: 8821ae: upgrade PHY and RF parameters i2c: sh7760: fix IRQ error path mwl8k: Fix a double Free in mwl8k_probe_hw vsock/vmci: log once the failed queue pair allocation RDMA/i40iw: Fix error unwinding when i40iw_hmc_sd_one fails ALSA: usb: midi: don't return -ENOMEM when usb_urb_ep_type_check fails net: davinci_emac: Fix incorrect masking of tx and rx error channel ath9k: Fix error check in ath9k_hw_read_revisions() for PCI devices ath10k: Fix ath10k_wmi_tlv_op_pull_peer_stats_info() unlock without lock powerpc/52xx: Fix an invalid ASM expression ('addi' used instead of 'add') bnxt_en: fix ternary sign extension bug in bnxt_show_temp() ARM: dts: uniphier: Change phy-mode to RGMII-ID to enable delay pins for RTL8211E arm64: dts: uniphier: Change phy-mode to RGMII-ID to enable delay pins for RTL8211E net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send RDMA/bnxt_re: Fix a double free in bnxt_qplib_alloc_res net:nfc:digital: Fix a double free in digital_tg_recv_dep_req kfifo: fix ternary sign extension bugs mm/sparse: add the missing sparse_buffer_fini() in error branch mm/memory-failure: unnecessary amount of unmapping net: Only allow init netns to set default tcp cong to a restricted algo smp: Fix smp_call_function_single_async prototype Revert "net/sctp: fix race condition in sctp_destroy_sock" sctp: delay auto_asconf init until binding the first addr Revert "of/fdt: Make sure no-map does not remove already reserved regions" Revert "fdt: Properly handle "no-map" field in the memory region" tpm: fix error return code in tpm2_get_cc_attrs_tbl() fs: dlm: fix debugfs dump tipc: convert dest node's address to network order ASoC: Intel: bytcr_rt5640: Enable jack-detect support on Asus T100TAF net: stmmac: Set FIFO sizes for ipq806x i2c: bail out early when RDWR parameters are wrong ALSA: hdsp: don't disable if not enabled ALSA: hdspm: don't disable if not enabled ALSA: rme9652: don't disable if not enabled Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default Bluetooth: initialize skb_queue_head at l2cap_chan_create() net: bridge: when suppression is enabled exclude RARP packets Bluetooth: check for zapped sk before connecting ip6_vti: proper dev_{hold\|put} in ndo_[un]init methods ASoC: Intel: bytcr_rt5640: Add quirk for the Chuwi Hi8 tablet i2c: Add I2C_AQ_NO_REP_START adapter quirk mac80211: clear the beacon's CRC after channel switch pinctrl: samsung: use 'int' for register masks in Exynos cuse: prevent clone selftests: Set CC to clang in lib.mk if LLVM is set kconfig: nconf: stop endless search loops sctp: Fix out-of-bounds warning in sctp_process_asconf_param() powerpc/smp: Set numa node before updating mask ASoC: rt286: Generalize support for ALC3263 codec ethtool: ioctl: Fix out-of-bounds warning in store_link_ksettings_for_user() samples/bpf: Fix broken tracex1 due to kprobe argument change powerpc/pseries: Stop calling printk in rtas_stop_self() wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join powerpc/iommu: Annotate nested lock for lockdep net: ethernet: mtk_eth_soc: fix RX VLAN offload ia64: module: fix symbolizer crash on fdescr ASoC: rt286: Make RT286_SET_GPIO_* readable and writable f2fs: fix a redundant call to f2fs_balance_fs if an error occurs PCI: iproc: Fix return value of iproc_msi_irq_domain_alloc() PCI: Release OF node in pci_scan_device()'s error path ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook rpmsg: qcom_glink_native: fix error return code of qcom_glink_rx_data() NFSv4.2: Always flush out writes in nfs42_proc_fallocate() NFS: Deal correctly with attribute generation counter overflow PCI: endpoint: Fix missing destroy_workqueue() pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() NFSv4.2 fix handling of sr_eof in SEEK's reply rtc: ds1307: Fix wday settings for rx8130 net: hns3: disable phy loopback setting in hclge_mac_start_phy sctp: do asoc update earlier in sctp_sf_do_dupcook_a ethernet:enic: Fix a use after free bug in enic_hard_start_xmit sctp: fix a SCTP_MIB_CURRESTAB leak in sctp_sf_do_dupcook_b netfilter: xt_SECMARK: add new revision to fix structure layout drm/radeon: Fix off-by-one power_state index heap overwrite drm/radeon: Avoid power table parsing memory leaks khugepaged: fix wrong result value for trace_mm_collapse_huge_page_isolate() mm/hugeltb: handle the error case in hugetlb_fix_reserve_counts() ksm: fix potential missing rmap_item for stable_node net: fix nla_strcmp to handle more then one trailing null character smc: disallow TCP_ULP in smc_setsockopt() netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check sched/fair: Fix unfairness caused by missing load decay kernel: kexec_file: fix error return code of kexec_calculate_store_digests() netfilter: nftables: avoid overflows in nft_hash_buckets() i40e: Fix use-after-free in i40e_client_subtask() ARC: entry: fix off-by-one error in syscall number validation powerpc/64s: Fix crashes when toggling stf barrier powerpc/64s: Fix crashes when toggling entry flush barrier hfsplus: prevent corruption in shrinking truncate squashfs: fix divide error in calculate_skip() userfaultfd: release page in error path to avoid BUG_ON drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors are connected iio: proximity: pulsedlight: Fix rumtime PM imbalance on error usb: fotg210-hcd: Fix an error message ACPI: scan: Fix a memory leak in an error handling path blk-mq: Swap two calls in blk_mq_exit_queue() usb: dwc3: omap: improve extcon initialization usb: dwc3: pci: Enable usb2-gadget-lpm-disable for Intel Merrifield usb: xhci: Increase timeout for HC halt usb: dwc2: Fix gadget DMA unmap direction usb: core: hub: fix race condition about TRSMRCY of resume usb: dwc3: gadget: Return success always for kick transfer in ep queue xhci: Do not use GFP_KERNEL in (potentially) atomic context xhci: Add reset resume quirk for AMD xhci controller. iio: gyro: mpu3050: Fix reported temperature value iio: tsl2583: Fix division by a zero lux_val cdc-wdm: untangle a circular dependency between callback and softint KVM: x86: Cancel pvclock_gtod_work on module removal FDDI: defxx: Make MMIO the configuration default except for EISA MIPS: Reinstate platform `__div64_32' handler MIPS: Avoid DIVU in `__div64_32' is result would be zero MIPS: Avoid handcoded DIVU in `__div64_32' altogether thermal/core/fair share: Lock the thermal zone while looping over instances kobject_uevent: remove warning in init_uevent_argv() netfilter: conntrack: Make global sysctls readonly in non-init netns clk: exynos7: Mark aclk_fsys1_200 as critical nvme: do not try to reconfigure APST when the controller is not live x86/msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes kgdb: fix gcc-11 warning on indentation usb: sl811-hcd: improve misleading indentation cxgb4: Fix the -Wmisleading-indentation warning isdn: capi: fix mismatched prototypes pinctrl: ingenic: Improve unreachable code generation xsk: Simplify detection of empty and full rings PCI: thunder: Fix compile testing ARM: 9066/1: ftrace: pause/unpause function graph tracer in cpu_suspend() ACPI / hotplug / PCI: Fix reference count leak in enable_slot() Input: elants_i2c - do not bind to i2c-hid compatible ACPI instantiated devices Input: silead - add workaround for x86 BIOS-es which bring the chip up in a stuck state um: Mark all kernel symbols as local ARM: 9075/1: kernel: Fix interrupted SMC calls scripts/recordmcount.pl: Fix RISC-V regex for clang riscv: Workaround mcount name prior to clang-13 ceph: fix fscache invalidation scsi: target: tcmu: Return from tcmu_handle_completions() if cmd_id not found gpiolib: acpi: Add quirk to ignore EC wakeups on Dell Venue 10 Pro 5055 ALSA: hda: generic: change the DAC ctl name for LO+SPK or LO+HP block: reexpand iov_iter after read/write lib: stackdepot: turn depot_lock spinlock to raw_spinlock net: stmmac: Do not enable RX FIFO overflow interrupts ip6_gre: proper dev_{hold\|put} in ndo_[un]init methods sit: proper dev_{hold\|put} in ndo_[un]init methods ip6_tunnel: sit: proper dev_{hold\|put} in ndo_[un]init methods ipv6: remove extra dev_hold() for fallback tunnels iomap: fix sub-page uptodate handling KVM: arm64: Initialize VCPU mdcr_el2 before loading it tweewide: Fix most Shebang lines scripts: switch explicitly to Python 3 Linux 4.19.191 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I2ea4fc6350bb5c5b5ae38ec7ad52ec20cf3b7aae	2021-05-22 11:54:36 +02:00
Ard Biesheuvel	67afaf1a0a	crypto: api - check for ERR pointers in crypto_destroy_tfm() [ Upstream commit 83681f2bebb34dbb3f03fecd8f570308ab8b7c2c ] Given that crypto_alloc_tfm() may return ERR pointers, and to avoid crashes on obscure error paths where such pointers are presented to crypto_destroy_tfm() (such as [0]), add an ERR_PTR check there before dereferencing the second argument as a struct crypto_tfm pointer. [0] https://lore.kernel.org/linux-crypto/000000000000de949705bc59e0f6@google.com/ Reported-by: syzbot+12cf5fbfdeba210a89dd@syzkaller.appspotmail.com Reviewed-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Sasha Levin <sashal@kernel.org>	2021-05-22 10:59:14 +02:00
Matthias Maennich	9790f49ad8	ANDROID: Add OWNERS files referring to the respective android-mainline OWNERS This was generated with $ build/synchronize_owners common-mainline/ android-mainline common-4.19-stable Bug: 184248201 Signed-off-by: Matthias Maennich <maennich@google.com> Change-Id: I5e56eb34fcbb5a2a013dd03bc9dcc4f159fb90de	2021-04-03 14:09:44 +00:00
Greg Kroah-Hartman	4266b7dc92	This is the 4.19.179 stable release -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmBEtr4ACgkQONu9yGCS aT4XKBAAsMHn1gRHESusKj1zToyBDJL5fQW6nWbUuwZKh+q7KLPF45dWgRbTShKl 5HAEN+wTGTx0MkQ1yMs6zr49Ck0z63WRQ5rk48dznPDlJMMWu5oK+hpHU5n/z82v /y6n2+d2xzpxWIVQYFC6pryjbeNJ2NcnAyrIimput86MK7vz1GZWsjAq+SP92kaZ xzK4mUlZg6gLr+IMuuNnkHxbmWku32Ucw1qQ24/dAv7OF+BzfaoD2SpKp3yac6jM OOZgEnlO+kB8m0G+iYM+yslpvxrs8jlLlJKGdf3fQA5Q9JKNNaNmZezjp3FWYXBR u+t4JDOjjyBt7/s83AJ8+zGLxniQBLmF1BRgbxcFCIv/AN2DeSIFA4xaK6xLGzKL rDm4PMhVWjCMN5heB644OOT0tx0k/h2Y/hO8gMRoMcycFhoRp10a0Vw2bQRKBVak k3iXRIUv9Ypkpe5zLIN+icnt8ztgo2IJ3MR2VyMpENiBnRfLvAammwCXRC9pB/nR 225uMlCzwYAJfnVJ40FUbw/jTqyB9XhmAl3l2alYS6eiEVNmp9c4Vv4B6f2Uylk1 oYdF+ABtFlWZSsbB7vqIJW8Wrew/FPkJrQnTW8hVhkV46Ry4FRiN2y/+1B6WrZ9j 1UvSEwyYVITSB0wWsZRTrwxXjAivY57yCknCR7uHkJHTsXgPkyw= =7KpC -----END PGP SIGNATURE----- Merge 4.19.179 into android-4.19-stable Changes in 4.19.179 net: usb: qmi_wwan: support ZTE P685M modem hugetlb: fix update_and_free_page contig page struct assumption drm/virtio: use kvmalloc for large allocations virtio/s390: implement virtio-ccw revision 2 correctly arm64 module: set plt* section addresses to 0x0 arm64: Avoid redundant type conversions in xchg() and cmpxchg() arm64: cmpxchg: Use "K" instead of "L" for ll/sc immediate constraint arm64: Use correct ll/sc atomic constraints MIPS: VDSO: Use CLANG_FLAGS instead of filtering out '--target=' JFS: more checks for invalid superblock udlfb: Fix memory leak in dlfb_usb_probe media: mceusb: sanity check for prescaler value xfs: Fix assert failure in xfs_setattr_size() smackfs: restrict bytes count in smackfs write functions net: fix up truesize of cloned skb in skb_prepare_for_shift() mm/hugetlb.c: fix unnecessary address expansion of pmd sharing net: bridge: use switchdev for port flags set through sysfs too dt-bindings: net: btusb: DT fix s/interrupt-name/interrupt-names/ rsi: Fix TX EAPOL packet handling against iwlwifi AP rsi: Move card interrupt handling to RX thread staging: fwserial: Fix error handling in fwserial_create x86/reboot: Add Zotac ZBOX CI327 nano PCI reboot quirk vt/consolemap: do font sum unsigned wlcore: Fix command execute failure 19 for wl12xx Bluetooth: hci_h5: Set HCI_QUIRK_SIMULTANEOUS_DISCOVERY for btrtl pktgen: fix misuse of BUG_ON() in pktgen_thread_worker() ath10k: fix wmi mgmt tx queue full due to race condition x86/build: Treat R_386_PLT32 relocation as R_386_PC32 Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data staging: most: sound: add sanity check for function argument crypto: tcrypt - avoid signed overflow in byte count PCI: Add a REBAR size quirk for Sapphire RX 5600 XT Pulse drm/amd/display: Guard against NULL pointer deref when get_i2c_info fails media: uvcvideo: Allow entities with no pads f2fs: handle unallocated section and zone on pinned/atgc f2fs: fix to set/clear I_LINKABLE under i_lock btrfs: fix error handling in commit_fs_roots parisc: Bump 64-bit IRQ stack size to 64 KB ASoC: Intel: bytcr_rt5640: Add quirk for the Estar Beauty HD MID 7316R tablet ASoC: Intel: bytcr_rt5640: Add quirk for the Voyo Winpad A15 tablet ASoC: Intel: bytcr_rt5640: Add quirk for the Acer One S1002 tablet scsi: iscsi: Restrict sessions and handles to admin capabilities sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE scsi: iscsi: Verify lengths on passthrough PDUs Xen/gnttab: handle p2m update errors on a per-slot basis xen-netback: respect gnttab_map_refs()'s return value zsmalloc: account the number of compacted pages correctly swap: fix swapfile read/write offset media: v4l: ioctl: Fix memory leak in video_usercopy ALSA: hda/realtek: Add quirk for Clevo NH55RZQ ALSA: hda/realtek: Apply dual codec quirks for MSI Godlike X570 board Linux 4.19.179 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I3a22f45d69254beca09db0f33bc3cab3a0cadf80	2021-03-07 12:45:27 +01:00
Ard Biesheuvel	2fd58d8bb0	crypto: tcrypt - avoid signed overflow in byte count [ Upstream commit 303fd3e1c771077e32e96e5788817f025f0067e2 ] The signed long type used for printing the number of bytes processed in tcrypt benchmarks limits the range to -/+ 2 GiB, which is not sufficient to cover the performance of common accelerated ciphers such as AES-NI when benchmarked with sec=1. So switch to u64 instead. While at it, fix up a missing printk->pr_cont conversion in the AEAD benchmark. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Sasha Levin <sashal@kernel.org>	2021-03-07 12:18:58 +01:00
Greg Kroah-Hartman	6455a150fa	Merge 4.19.178 into android-4.19-stable Changes in 4.19.178 HID: make arrays usage and value to be the same USB: quirks: sort quirk entries usb: quirks: add quirk to start video capture on ELMO L-12F document camera reliable ntfs: check for valid standard information attribute arm64: tegra: Add power-domain for Tegra210 HDA scripts: use pkg-config to locate libcrypto scripts: set proper OpenSSL include dir also for sign-file block: add helper for checking if queue is registered block: split .sysfs_lock into two locks block: fix race between switching elevator and removing queues block: don't release queue's sysfs lock during switching elevator NET: usb: qmi_wwan: Adding support for Cinterion MV31 cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath. scripts/recordmcount.pl: support big endian for ARCH sh jump_label/lockdep: Assert we hold the hotplug lock for _cpuslocked() operations locking/static_key: Fix false positive warnings on concurrent dec/inc vmlinux.lds.h: add DWARF v5 sections kdb: Make memory allocations more robust PCI: qcom: Use PHY_REFCLK_USE_PAD only for ipq8064 bfq: Avoid false bfq queue merging ALSA: usb-audio: Fix PCM buffer allocation in non-vmalloc mode MIPS: vmlinux.lds.S: add missing PAGE_ALIGNED_DATA() section random: fix the RNDRESEEDCRNG ioctl ath10k: Fix error handling in case of CE pipe init failure Bluetooth: btqcomsmd: Fix a resource leak in error handling paths in the probe function Bluetooth: Fix initializing response id after clearing struct ARM: dts: exynos: correct PMIC interrupt trigger level on Artik 5 ARM: dts: exynos: correct PMIC interrupt trigger level on Monk ARM: dts: exynos: correct PMIC interrupt trigger level on Rinato ARM: dts: exynos: correct PMIC interrupt trigger level on Spring ARM: dts: exynos: correct PMIC interrupt trigger level on Arndale Octa ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid XU3 family arm64: dts: exynos: correct PMIC interrupt trigger level on TM2 arm64: dts: exynos: correct PMIC interrupt trigger level on Espresso bpf: Avoid warning when re-casting __bpf_call_base into __bpf_call_base_args arm64: dts: allwinner: A64: properly connect USB PHY to port 0 arm64: dts: allwinner: Drop non-removable from SoPine/LTS SD card arm64: dts: allwinner: A64: Limit MMC2 bus frequency to 150 MHz cpufreq: brcmstb-avs-cpufreq: Free resources in error path cpufreq: brcmstb-avs-cpufreq: Fix resource leaks in ->remove() ACPICA: Fix exception code class checks usb: gadget: u_audio: Free requests only after callback Bluetooth: drop HCI device reference before return Bluetooth: Put HCI device if inquiry procedure interrupts memory: ti-aemif: Drop child node when jumping out loop ARM: dts: Configure missing thermal interrupt for 4430 usb: dwc2: Do not update data length if it is 0 on inbound transfers usb: dwc2: Abort transaction after errors with unknown reason usb: dwc2: Make "trimming xfer length" a debug message staging: rtl8723bs: wifi_regd.c: Fix incorrect number of regulatory rules ARM: dts: armada388-helios4: assign pinctrl to LEDs ARM: dts: armada388-helios4: assign pinctrl to each fan arm64: dts: msm8916: Fix reserved and rfsa nodes unit address ARM: s3c: fix fiq for clang IAS soc: aspeed: snoop: Add clock control logic bpf_lru_list: Read double-checked variable once without lock ath9k: fix data bus crash when setting nf_override via debugfs ibmvnic: Set to CLOSED state even on error bnxt_en: reverse order of TX disable and carrier off xen/netback: fix spurious event detection for common event case mac80211: fix potential overflow when multiplying to u32 integers bpf: Fix bpf_fib_lookup helper MTU check for SKB ctx tcp: fix SO_RCVLOWAT related hangs under mem pressure cxgb4/chtls/cxgbit: Keeping the max ofld immediate data size same in cxgb4 and ulds b43: N-PHY: Fix the update of coef for the PHY revision >= 3case ibmvnic: add memory barrier to protect long term buffer ibmvnic: skip send_request_unmap for timeout reset net: amd-xgbe: Reset the PHY rx data path when mailbox command timeout net: amd-xgbe: Fix NETDEV WATCHDOG transmit queue timeout warning net: amd-xgbe: Reset link when the link never comes back net: amd-xgbe: Fix network fluctuations when using 1G BELFUSE SFP net: mvneta: Remove per-cpu queue mapping for Armada 3700 fbdev: aty: SPARC64 requires FB_ATY_CT drm/gma500: Fix error return code in psb_driver_load() gma500: clean up error handling in init crypto: sun4i-ss - fix kmap usage drm/amdgpu: Fix macro name _AMDGPU_TRACE_H_ in preprocessor if condition MIPS: c-r4k: Fix section mismatch for loongson2_sc_init MIPS: lantiq: Explicitly compare LTQ_EBU_PCC_ISTAT against 0 media: i2c: ov5670: Fix PIXEL_RATE minimum value media: camss: missing error code in msm_video_register() media: vsp1: Fix an error handling path in the probe function media: em28xx: Fix use-after-free in em28xx_alloc_urbs media: media/pci: Fix memleak in empress_init media: tm6000: Fix memleak in tm6000_start_stream ASoC: cs42l56: fix up error handling in probe crypto: bcm - Rename struct device_private to bcm_device_private drm/amd/display: Fix 10/12 bpc setup in DCE output bit depth reduction. media: lmedm04: Fix misuse of comma media: qm1d1c0042: fix error return code in qm1d1c0042_init() media: cx25821: Fix a bug when reallocating some dma memory media: pxa_camera: declare variable when DEBUG is defined media: uvcvideo: Accept invalid bFormatIndex and bFrameIndex values crypto: talitos - Work around SEC6 ERRATA (AES-CTR mode data size error) ata: ahci_brcm: Add back regulators management ASoC: cpcap: fix microphone timeslot mask f2fs: fix to avoid inconsistent quota data drm/amdgpu: Prevent shift wrapping in amdgpu_read_mask() Drivers: hv: vmbus: Avoid use-after-free in vmbus_onoffer_rescind() btrfs: clarify error returns values in __load_free_space_cache hwrng: timeriomem - Fix cooldown period calculation crypto: ecdh_helper - Ensure 'len >= secret.len' in decode_key() ima: Free IMA measurement buffer on error ima: Free IMA measurement buffer after kexec syscall fs/jfs: fix potential integer overflow on shift of a int jffs2: fix use after free in jffs2_sum_write_data() capabilities: Don't allow writing ambiguous v3 file capabilities clk: meson: clk-pll: fix initializing the old rate (fallback) for a PLL quota: Fix memory leak when handling corrupted quota file spi: cadence-quadspi: Abort read if dummy cycles required are too many clk: sunxi-ng: h6: Fix CEC clock HID: core: detect and skip invalid inputs to snto32() dmaengine: fsldma: Fix a resource leak in the remove function dmaengine: fsldma: Fix a resource leak in an error handling path of the probe function dmaengine: owl-dma: Fix a resource leak in the remove function dmaengine: hsu: disable spurious interrupt mfd: bd9571mwv: Use devm_mfd_add_devices() fdt: Properly handle "no-map" field in the memory region of/fdt: Make sure no-map does not remove already reserved regions power: reset: at91-sama5d2_shdwc: fix wkupdbc mask rtc: s5m: select REGMAP_I2C clocksource/drivers/mxs_timer: Add missing semicolon when DEBUG is defined RDMA/mlx5: Use the correct obj_id upon DEVX TIR creation clk: sunxi-ng: h6: Fix clock divider range on some clocks regulator: axp20x: Fix reference cout leak certs: Fix blacklist flag type confusion spi: atmel: Put allocated master before return regulator: s5m8767: Drop regulators OF node reference isofs: release buffer head before return auxdisplay: ht16k33: Fix refresh rate handling IB/umad: Return EIO in case of when device disassociated IB/umad: Return EPOLLERR in case of when device disassociated KVM: PPC: Make the VMX instruction emulation routines static powerpc/47x: Disable 256k page size mmc: usdhi6rol0: Fix a resource leak in the error handling path of the probe mmc: renesas_sdhi_internal_dmac: Fix DMA buffer alignment from 8 to 128-bytes ARM: 9046/1: decompressor: Do not clear SCTLR.nTLSMD for ARMv7+ cores amba: Fix resource leak for drivers without .remove tracepoint: Do not fail unregistering a probe due to memory failure perf tools: Fix DSO filtering when not finding a map for a sampled address RDMA/rxe: Fix coding error in rxe_recv.c RDMA/rxe: Correct skb on loopback path spi: stm32: properly handle 0 byte transfer mfd: wm831x-auxadc: Prevent use after free in wm831x_auxadc_read_irq() powerpc/pseries/dlpar: handle ibm, configure-connector delay status powerpc/8xx: Fix software emulation interrupt clk: qcom: gcc-msm8998: Fix Alpha PLL type for all GPLLs spi: pxa2xx: Fix the controller numbering for Wildcat Point Input: sur40 - fix an error code in sur40_probe() perf intel-pt: Fix missing CYC processing in PSB perf test: Fix unaligned access in sample parsing test Input: elo - fix an error code in elo_connect() sparc64: only select COMPAT_BINFMT_ELF if BINFMT_ELF is set misc: eeprom_93xx46: Fix module alias to enable module autoprobe misc: eeprom_93xx46: Add module alias to avoid breaking support for non device tree users pwm: rockchip: rockchip_pwm_probe(): Remove superfluous clk_unprepare() VMCI: Use set_page_dirty_lock() when unregistering guest memory PCI: Align checking of syscall user config accessors drm/msm/dsi: Correct io_start for MSM8994 (20nm PHY) ext4: fix potential htree index checksum corruption regmap: sdw: use _no_pm functions in regmap_read/write i40e: Fix flow for IPv6 next header (extension header) i40e: Add zero-initialization of AQ command structures i40e: Fix overwriting flow control settings during driver loading i40e: Fix VFs not created i40e: Fix add TC filter for IPv6 net/mlx4_core: Add missed mlx4_free_cmd_mailbox() vxlan: move debug check after netdev unregister ocfs2: fix a use after free on error mm/memory.c: fix potential pte_unmap_unlock pte error mm/hugetlb: fix potential double free in hugetlb_register_node() error path r8169: fix jumbo packet handling on RTL8168e arm64: Add missing ISB after invalidating TLB in __primary_switch i2c: brcmstb: Fix brcmstd_send_i2c_cmd condition mm/rmap: fix potential pte_unmap on an not mapped pte scsi: bnx2fc: Fix Kconfig warning & CNIC build errors blk-settings: align max_sectors on "logical_block_size" boundary ACPI: property: Fix fwnode string properties matching ACPI: configfs: add missing check after configfs_register_default_group() HID: wacom: Ignore attempts to overwrite the touch_max value from HID Input: raydium_ts_i2c - do not send zero length Input: xpad - add support for PowerA Enhanced Wired Controller for Xbox Series X\|S Input: joydev - prevent potential read overflow in ioctl Input: i8042 - add ASUS Zenbook Flip to noselftest list USB: serial: option: update interface mapping for ZTE P685M usb: musb: Fix runtime PM race in musb_queue_resume_work usb: dwc3: gadget: Fix setting of DEPCFG.bInterval_m1 usb: dwc3: gadget: Fix dep->interval for fullspeed interrupt USB: serial: ftdi_sio: fix FTX sub-integer prescaler USB: serial: mos7840: fix error code in mos7840_write() USB: serial: mos7720: fix error code in mos7720_write() ALSA: hda/realtek: modify EAPD in the ALC886 tpm_tis: Fix check_locality for correct locality acquisition tpm_tis: Clean up locality release KEYS: trusted: Fix migratable=1 failing btrfs: abort the transaction if we fail to inc ref in btrfs_copy_root btrfs: fix reloc root leak with 0 ref reloc roots on recovery btrfs: fix extent buffer leak on failure to copy root crypto: arm64/sha - add missing module aliases crypto: sun4i-ss - checking sg length is not sufficient crypto: sun4i-ss - handle BigEndian for cipher seccomp: Add missing return in non-void function misc: rtsx: init of rts522a add OCP power off when no card is present drivers/misc/vmw_vmci: restrict too big queue size in qp_host_alloc_queue pstore: Fix typo in compression option name dts64: mt7622: fix slow sd card access staging/mt7621-dma: mtk-hsdma.c->hsdma-mt7621.c staging: gdm724x: Fix DMA from stack staging: rtl8188eu: Add Edimax EW-7811UN V2 to device table media: ipu3-cio2: Fix mbus_code processing in cio2_subdev_set_fmt() x86/reboot: Force all cpus to exit VMX root if VMX is supported floppy: reintroduce O_NDELAY fix arm64: uprobe: Return EOPNOTSUPP for AARCH32 instruction probing watchdog: mei_wdt: request stop on unregister mtd: spi-nor: hisi-sfc: Put child node np on error path fs/affs: release old buffer head on error path seq_file: document how per-entry resources are managed. x86: fix seq_file iteration for pat/memtype.c hugetlb: fix copy_huge_page_from_user contig page struct assumption libnvdimm/dimm: Avoid race between probe and available_slots_show() arm64: Extend workaround for erratum 1024718 to all versions of Cortex-A55 module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols mmc: sdhci-esdhc-imx: fix kernel panic when remove module gpio: pcf857x: Fix missing first interrupt printk: fix deadlock when kernel panic cpufreq: intel_pstate: Get per-CPU max freq via MSR_HWP_CAPABILITIES if available f2fs: fix out-of-repair __setattr_copy() sparc32: fix a user-triggerable oops in clear_user() gfs2: Don't skip dlm unlock if glock has an lvb dm: fix deadlock when swapping to encrypted device dm era: Recover committed writeset after crash dm era: Verify the data block size hasn't changed dm era: Fix bitset memory leaks dm era: Use correct value size in equality function of writeset tree dm era: Reinitialize bitset cache before digesting a new writeset dm era: only resize metadata in preresume icmp: introduce helper for nat'd source address in network device context icmp: allow icmpv6_ndo_send to work with CONFIG_IPV6=n gtp: use icmp_ndo_send helper sunvnet: use icmp_ndo_send helper xfrm: interface: use icmp_ndo_send helper ipv6: icmp6: avoid indirect call for icmpv6_send() ipv6: silence compilation warning for non-IPV6 builds net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending dm era: Update in-core bitset after committing the metadata net: qrtr: Fix memory leak in qrtr_tun_open ARM: dts: aspeed: Add LCLK to lpc-snoop Linux 4.19.178 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I8c07c10dd29a1233f238b533622d7b32bd22bdb0	2021-03-05 07:01:18 +01:00
Daniele Alessandrelli	1d14389723	crypto: ecdh_helper - Ensure 'len >= secret.len' in decode_key() [ Upstream commit a53ab94eb6850c3657392e2d2ce9b38c387a2633 ] The length ('len' parameter) passed to crypto_ecdh_decode_key() is never checked against the length encoded in the passed buffer ('buf' parameter). This could lead to an out-of-bounds access when the passed length is less than the encoded length. Add a check to prevent that. Fixes: `3c4b23901a` ("crypto: ecdh - Add ECDH software support") Signed-off-by: Daniele Alessandrelli <daniele.alessandrelli@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Sasha Levin <sashal@kernel.org>	2021-03-04 09:39:41 +01:00
Greg Kroah-Hartman	8ca2f0230e	Merge 4.19.167 into android-4.19-stable Changes in 4.19.167 kbuild: don't hardcode depmod path workqueue: Kick a worker based on the actual activation of delayed works scsi: ufs: Fix wrong print message in dev_err() scsi: ufs-pci: Ensure UFS device is in PowerDown mode for suspend-to-disk ->poweroff() scsi: ide: Do not set the RQF_PREEMPT flag for sense requests scsi: scsi_transport_spi: Set RQF_PM for domain validation commands lib/genalloc: fix the overflow when size is too big depmod: handle the case of /sbin/depmod without /sbin in PATH proc: change ->nlink under proc_subdir_lock proc: fix lookup in /proc/net subdirectories after setns(2) i40e: Fix Error I40E_AQ_RC_EINVAL when removing VFs net: mvpp2: Add TCAM entry to drop flow control pause frames net: mvpp2: prs: fix PPPoE with ipv6 packet parse ethernet: ucc_geth: fix use-after-free in ucc_geth_remove() ethernet: ucc_geth: set dev->max_mtu to 1518 atm: idt77252: call pci_disable_device() on error path net: mvpp2: Fix GoP port 3 Networking Complex Control configurations qede: fix offload for IPIP tunnel packets virtio_net: Fix recursive call to cpus_read_lock() net/ncsi: Use real net-device for response handler net: ethernet: Fix memleak in ethoc_probe net-sysfs: take the rtnl lock when storing xps_cpus net-sysfs: take the rtnl lock when accessing xps_cpus_map and num_tc net: ethernet: ti: cpts: fix ethtool output when no ptp_clock registered tun: fix return value when the number of iovs exceeds MAX_SKB_FRAGS ipv4: Ignore ECN bits for fib lookups in fib_compute_spec_dst() net: hns: fix return value check in __lb_other_process() erspan: fix version 1 check in gre_parse_header() net: hdlc_ppp: Fix issues when mod_timer is called while timer is running CDC-NCM: remove "connected" log message net: usb: qmi_wwan: add Quectel EM160R-GL r8169: work around power-saving bug on some chip versions vhost_net: fix ubuf refcount incorrectly when sendmsg fails net: sched: prevent invalid Scell_log shift count net-sysfs: take the rtnl lock when storing xps_rxqs net-sysfs: take the rtnl lock when accessing xps_rxqs_map and num_tc net: systemport: set dev->max_mtu to UMAC_MAX_MTU_SIZE Bluetooth: revert: hci_h5: close serdev device and free hu in h5_close video: hyperv_fb: Fix the mmap() regression for v5.4.y and older crypto: ecdh - avoid buffer overflow in ecdh_set_secret() staging: mt7621-dma: Fix a resource leak in an error handling path usb: gadget: enable super speed plus USB: cdc-acm: blacklist another IR Droid device USB: cdc-wdm: Fix use after free in service_outstanding_interrupt(). usb: dwc3: ulpi: Use VStsDone to detect PHY regs access completion usb: chipidea: ci_hdrc_imx: add missing put_device() call in usbmisc_get_init_data() USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set usb: usbip: vhci_hcd: protect shift size usb: uas: Add PNY USB Portable SSD to unusual_uas USB: serial: iuu_phoenix: fix DMA from stack USB: serial: option: add LongSung M5710 module support USB: serial: option: add Quectel EM160R-GL USB: yurex: fix control-URB timeout handling USB: usblp: fix DMA to stack ALSA: usb-audio: Fix UBSAN warnings for MIDI jacks usb: gadget: select CONFIG_CRC32 usb: gadget: f_uac2: reset wMaxPacketSize usb: gadget: function: printer: Fix a memory leak for interface descriptor usb: gadget: u_ether: Fix MTU size mismatch with RX packet size USB: gadget: legacy: fix return error code in acm_ms_bind() usb: gadget: Fix spinlock lockup on usb_function_deactivate usb: gadget: configfs: Preserve function ordering after bind failure usb: gadget: configfs: Fix use-after-free issue with udc_name USB: serial: keyspan_pda: remove unused variable x86/mm: Fix leak of pmd ptlock ALSA: hda/via: Fix runtime PM for Clevo W35xSS ALSA: hda/conexant: add a new hda codec CX11970 ALSA: hda/realtek - Fix speaker volume control on Lenovo C940 btrfs: send: fix wrong file path when there is an inode with a pending rmdir Revert "device property: Keep secondary firmware node secondary by type" xen/pvh: correctly setup the PV EFI interface for dom0 netfilter: x_tables: Update remaining dereference to RCU netfilter: ipset: fix shift-out-of-bounds in htable_bits() netfilter: xt_RATEEST: reject non-null terminated string from userspace x86/mtrr: Correct the range check before performing MTRR type lookups KVM: x86: fix shift out of bounds reported by UBSAN scsi: target: Fix XCOPY NAA identifier lookup Linux 4.19.167 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Id204bcc705c98d3344f33de84431cc7ca0868246	2021-01-13 10:28:13 +01:00
Ard Biesheuvel	457b67797c	crypto: ecdh - avoid buffer overflow in ecdh_set_secret() commit 0aa171e9b267ce7c52d3a3df7bc9c1fc0203dec5 upstream. Pavel reports that commit 17858b140bf4 ("crypto: ecdh - avoid unaligned accesses in ecdh_set_secret()") fixes one problem but introduces another: the unconditional memcpy() introduced by that commit may overflow the target buffer if the source data is invalid, which could be the result of intentional tampering. So check params.key_size explicitly against the size of the target buffer before validating the key further. Fixes: 17858b140bf4 ("crypto: ecdh - avoid unaligned accesses in ecdh_set_secret()") Reported-by: Pavel Machek <pavel@denx.de> Cc: <stable@vger.kernel.org> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2021-01-12 20:10:20 +01:00
Greg Kroah-Hartman	07ce88e9de	This is the 4.19.164 stable release -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl/sVdwACgkQONu9yGCS aT581g/+KZ4lFcY/lAEY6/n6RjFenerl5O2a4tqO+j7eivOA8aNOzXQpvwcPXFKZ uCCwab3shrp0MdOJ4Ub1qLF5rZoJ/QvLNkI+8GVRztnchkWHwNlYbheZqHRows9E LM5w/+SUh+I7wymfjsjxr8ohSOxkvygNL9PLLTkuQMwbs/jjdizmcgqeYo54Plih IdtHrp/ZjxKMOu+fkp1dpTy2RUfbxxWS4RnVjSI+g3s8vaxWh90jMCwLP3fyUwpX a8eNCFkIV0lBCj+dYF+ry5x7wGd9mvCVAG70DmRkHd4nyc1WGnp+yz3lQlQnIzeq Hc7k3ts3FXmXBSRTzkqM9pmaOuyrKwqu3DoiplXxHgjeJYegP9k0jh33eohXmc/u qSz9XB3FhBxy7uRf8tqGLKiUsARnQUYfqzR8qgGFndvWRpIBr9egSzDKVNSF5uWu bPt3UQpM8O714NcnB2PGs4OUPqxSikT3BrnfurZOzEddkSveXfkItYnt3mc300bx MSHYY/iuLpsBeDd0U6POgf5J5RigmOWvayZrMkPSxlnm7v9diefpKo7xB7+l3AqD DZ5BSZMNtgKHwzck6d3RXX+GCILreL16Lj299NM1SJPm+j5SEkna7luikgi2pqrk r2cD31L9JHiq36L3uP5u30JoxEG6+W2Px+dqc+uyB3RXHJzRwy4= =TKv4 -----END PGP SIGNATURE----- Merge 4.19.164 into android-4.19-stable Changes in 4.19.164 Kbuild: do not emit debug info for assembly with LLVM_IAS=1 x86/lib: Change .weak to SYM_FUNC_START_WEAK for arch/x86/lib/mem_64.S spi: bcm2835aux: Fix use-after-free on unbind spi: bcm2835aux: Restore err assignment in bcm2835aux_spi_probe iwlwifi: pcie: limit memory read spin time arm64: dts: rockchip: Assign a fixed index to mmc devices on rk3399 boards. iwlwifi: mvm: fix kernel panic in case of assert during CSA powerpc: Drop -me200 addition to build flags ARC: stack unwinding: don't assume non-current task is sleeping scsi: ufs: Make sure clk scaling happens only when HBA is runtime ACTIVE irqchip/gic-v3-its: Unconditionally save/restore the ITS state on suspend soc: fsl: dpio: Get the cpumask through cpumask_of(cpu) platform/x86: thinkpad_acpi: Do not report SW_TABLET_MODE on Yoga 11e platform/x86: thinkpad_acpi: Add BAT1 is primary battery quirk for Thinkpad Yoga 11e 4th gen platform/x86: acer-wmi: add automatic keyboard background light toggle key as KEY_LIGHTS_TOGGLE platform/x86: intel-vbtn: Support for tablet mode on HP Pavilion 13 x360 PC Input: cm109 - do not stomp on control URB Input: i8042 - add Acer laptops to the i8042 reset list pinctrl: amd: remove debounce filter setting in IRQ type setting mmc: block: Fixup condition for CMD13 polling for RPMB requests kbuild: avoid static_assert for genksyms scsi: be2iscsi: Revert "Fix a theoretical leak in beiscsi_create_eqs()" x86/mm/mem_encrypt: Fix definition of PMD_FLAGS_DEC_WP x86/membarrier: Get rid of a dubious optimization x86/apic/vector: Fix ordering in vector assignment compiler.h: fix barrier_data() on clang PCI: qcom: Add missing reset for ipq806x mac80211: mesh: fix mesh_pathtbl_init() error path net: stmmac: free tx skb buffer in stmmac_resume() tcp: select sane initial rcvq_space.space for big MSS tcp: fix cwnd-limited bug for TSO deferral where we send nothing net/mlx4_en: Avoid scheduling restart task if it is already running lan743x: fix for potential NULL pointer dereference with bare card net/mlx4_en: Handle TX error CQE net: stmmac: delete the eee_ctrl_timer after napi disabled net: stmmac: dwmac-meson8b: fix mask definition of the m250_sel mux net: bridge: vlan: fix error return code in __vlan_add() ktest.pl: If size of log is too big to email, email error message USB: dummy-hcd: Fix uninitialized array use in init() USB: add RESET_RESUME quirk for Snapscan 1212 ALSA: usb-audio: Fix potential out-of-bounds shift ALSA: usb-audio: Fix control 'access overflow' errors from chmap xhci: Give USB2 ports time to enter U3 in bus suspend USB: UAS: introduce a quirk to set no_write_same USB: sisusbvga: Make console support depend on BROKEN ALSA: pcm: oss: Fix potential out-of-bounds shift serial: 8250_omap: Avoid FIFO corruption caused by MDR1 access drm/xen-front: Fix misused IS_ERR_OR_NULL checks drm: fix drm_dp_mst_port refcount leaks in drm_dp_mst_allocate_vcpi arm64: lse: fix LSE atomics with LLVM's integrated assembler arm64: lse: Fix LSE atomics with LLVM arm64: Change .weak to SYM_FUNC_START_WEAK_PI for arch/arm64/lib/mem.S x86/resctrl: Remove unused struct mbm_state::chunks_bw x86/resctrl: Fix incorrect local bandwidth when mba_sc is enabled pinctrl: merrifield: Set default bias in case no particular value given pinctrl: baytrail: Avoid clearing debounce value when turning it off ARM: dts: sun8i: v3s: fix GIC node memory range gpio: mvebu: fix potential user-after-free on probe scsi: bnx2i: Requires MMU xsk: Fix xsk_poll()'s return type can: softing: softing_netdev_open(): fix error handling clk: renesas: r9a06g032: Drop __packed for portability block: factor out requeue handling from dispatch code netfilter: x_tables: Switch synchronization to RCU gpio: eic-sprd: break loop when getting NULL device resource selftests/bpf/test_offload.py: Reset ethtool features after failed setting RDMA/cm: Fix an attempt to use non-valid pointer when cleaning timewait ixgbe: avoid premature Rx buffer reuse drm/tegra: replace idr_init() by idr_init_base() kernel/cpu: add arch override for clear_tasks_mm_cpumask() mm handling drm/tegra: sor: Disable clocks on error in tegra_sor_init() arm64: syscall: exit userspace before unmasking exceptions vxlan: Add needed_headroom for lower device vxlan: Copy needed_tailroom from lowerdev scsi: mpt3sas: Increase IOCInit request timeout to 30s dm table: Remove BUG_ON(in_interrupt()) soc/tegra: fuse: Fix index bug in get_process_id USB: serial: option: add interface-number sanity check to flag handling USB: gadget: f_acm: add support for SuperSpeed Plus USB: gadget: f_midi: setup SuperSpeed Plus descriptors usb: gadget: f_fs: Re-use SS descriptors for SuperSpeedPlus USB: gadget: f_rndis: fix bitrate for SuperSpeed and above usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag to imx6ul ARM: dts: exynos: fix roles of USB 3.0 ports on Odroid XU ARM: dts: exynos: fix USB 3.0 VBUS control and over-current pins on Exynos5410 ARM: dts: exynos: fix USB 3.0 pins supply being turned off on Odroid XU coresight: tmc-etr: Check if page is valid before dma_map_page() scsi: megaraid_sas: Check user-provided offsets HID: i2c-hid: add Vero K147 to descriptor override serial_core: Check for port state when tty is in error state Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt() quota: Sanity-check quota file headers on load media: msi2500: assign SPI bus number dynamically crypto: af_alg - avoid undefined behavior accessing salg_name md: fix a warning caused by a race between concurrent md_ioctl()s perf cs-etm: Change tuple from traceID-CPU# to traceID-metadata perf cs-etm: Move definition of 'traceid_list' global variable from header file drm/gma500: fix double free of gma_connector drm/tve200: Fix handling of platform_get_irq() error soc: renesas: rmobile-sysc: Fix some leaks in rmobile_init_pm_domains() soc: mediatek: Check if power domains can be powered on at boot time soc: qcom: geni: More properly switch to DMA mode RDMA/bnxt_re: Set queue pair state when being queried selinux: fix error initialization in inode_doinit_with_dentry() ARM: dts: aspeed: s2600wf: Fix VGA memory region location RDMA/rxe: Compute PSN windows correctly x86/mm/ident_map: Check for errors from ident_pud_init() ARM: p2v: fix handling of LPAE translation in BE mode x86/apic: Fix x2apic enablement without interrupt remapping sched/deadline: Fix sched_dl_global_validate() sched: Reenable interrupts in do_sched_yield() crypto: talitos - Endianess in current_desc_hdr() crypto: talitos - Fix return type of current_desc_hdr() crypto: inside-secure - Fix sizeof() mismatch powerpc/64: Set up a kernel stack for secondaries before cpu_restore() spi: img-spfi: fix reference leak in img_spfi_resume drm/msm/dsi_pll_10nm: restore VCO rate during restore_state ASoC: pcm: DRAIN support reactivation selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handling arm64: dts: exynos: Include common syscon restart/poweroff for Exynos7 arm64: dts: exynos: Correct psci compatible used on Exynos7 Bluetooth: Fix null pointer dereference in hci_event_packet() Bluetooth: hci_h5: fix memory leak in h5_close spi: spi-ti-qspi: fix reference leak in ti_qspi_setup spi: tegra20-slink: fix reference leak in slink ops of tegra20 spi: tegra20-sflash: fix reference leak in tegra_sflash_resume spi: tegra114: fix reference leak in tegra spi ops spi: bcm63xx-hsspi: fix missing clk_disable_unprepare() on error in bcm63xx_hsspi_resume mwifiex: fix mwifiex_shutdown_sw() causing sw reset failure ASoC: wm8998: Fix PM disable depth imbalance on error ASoC: arizona: Fix a wrong free in wm8997_probe RDMa/mthca: Work around -Wenum-conversion warning MIPS: BCM47XX: fix kconfig dependency bug for BCM47XX_BCMA crypto: qat - fix status check in qat_hal_put_rel_rd_xfer() staging: greybus: codecs: Fix reference counter leak in error handling staging: gasket: interrupt: fix the missed eventfd_ctx_put() in gasket_interrupt.c media: tm6000: Fix sizeof() mismatches media: mtk-vcodec: add missing put_device() call in mtk_vcodec_release_dec_pm() ASoC: meson: fix COMPILE_TEST error scsi: core: Fix VPD LUN ID designator priorities media: solo6x10: fix missing snd_card_free in error handling case video: fbdev: atmel_lcdfb: fix return error code in atmel_lcdfb_of_init() drm/omap: dmm_tiler: fix return error code in omap_dmm_probe() Input: ads7846 - fix race that causes missing releases Input: ads7846 - fix integer overflow on Rt calculation Input: ads7846 - fix unaligned access on 7845 usb/max3421: fix return error code in max3421_probe() spi: mxs: fix reference leak in mxs_spi_probe powerpc/feature: Fix CPU_FTRS_ALWAYS by removing CPU_FTRS_GENERIC_32 crypto: crypto4xx - Replace bitwise OR with logical OR in crypto4xx_build_pd crypto: omap-aes - Fix PM disable depth imbalance in omap_aes_probe spi: fix resource leak for drivers without .remove callback soc: ti: knav_qmss: fix reference leak in knav_queue_probe soc: ti: Fix reference imbalance in knav_dma_probe drivers: soc: ti: knav_qmss_queue: Fix error return code in knav_queue_probe Input: omap4-keypad - fix runtime PM error handling RDMA/cxgb4: Validate the number of CQEs memstick: fix a double-free bug in memstick_check ARM: dts: at91: sama5d4_xplained: add pincontrol for USB Host ARM: dts: at91: sama5d3_xplained: add pincontrol for USB Host orinoco: Move context allocation after processing the skb cw1200: fix missing destroy_workqueue() on error in cw1200_init_common dmaengine: mv_xor_v2: Fix error return code in mv_xor_v2_probe() media: siano: fix memory leak of debugfs members in smsdvb_hotplug platform/x86: mlx-platform: Remove PSU EEPROM from default platform configuration platform/x86: mlx-platform: Remove PSU EEPROM from MSN274x platform configuration samples: bpf: Fix lwt_len_hist reusing previous BPF map mips: cdmm: fix use-after-free in mips_cdmm_bus_discover media: max2175: fix max2175_set_csm_mode() error code slimbus: qcom-ngd-ctrl: Avoid sending power requests without QMI HSI: omap_ssi: Don't jump to free ID in ssi_add_controller() ARM: dts: Remove non-existent i2c1 from 98dx3236 arm64: dts: rockchip: Set dr_mode to "host" for OTG on rk3328-roc-cc power: supply: axp288_charger: Fix HP Pavilion x2 10 DMI matching power: supply: bq24190_charger: fix reference leak genirq/irqdomain: Don't try to free an interrupt that has no mapping PCI: Bounds-check command-line resource alignment requests PCI: Fix overflow in command-line resource alignment requests PCI: iproc: Fix out-of-bound array accesses arm64: dts: meson: fix spi-max-frequency on Khadas VIM2 ARM: dts: at91: at91sam9rl: fix ADC triggers platform/x86: dell-smbios-base: Fix error return code in dell_smbios_init ath10k: Fix the parsing error in service available event ath10k: Fix an error handling path ath10k: Release some resources in an error handling path NFSv4.2: condition READDIR's mask for security label based on LSM state SUNRPC: xprt_load_transport() needs to support the netid "rdma6" lockd: don't use interval-based rebinding over TCP NFS: switch nfsiod to be an UNBOUND workqueue. vfio-pci: Use io_remap_pfn_range() for PCI IO memory media: saa7146: fix array overflow in vidioc_s_audio() clocksource/drivers/cadence_ttc: Fix memory leak in ttc_setup_clockevent() ARM: dts: at91: sama5d2: map securam as device pinctrl: falcon: add missing put_device() call in pinctrl_falcon_probe() arm64: dts: rockchip: Fix UART pull-ups on rk3328 memstick: r592: Fix error return in r592_probe() net/mlx5: Properly convey driver version to firmware ASoC: jz4740-i2s: add missed checks for clk_get() dm ioctl: fix error return code in target_message clocksource/drivers/arm_arch_timer: Correct fault programming of CNTKCTL_EL1.EVNTI cpufreq: highbank: Add missing MODULE_DEVICE_TABLE cpufreq: mediatek: Add missing MODULE_DEVICE_TABLE cpufreq: st: Add missing MODULE_DEVICE_TABLE cpufreq: loongson1: Add missing MODULE_ALIAS cpufreq: scpi: Add missing MODULE_ALIAS scsi: qedi: Fix missing destroy_workqueue() on error in __qedi_probe scsi: pm80xx: Fix error return in pm8001_pci_probe() seq_buf: Avoid type mismatch for seq_buf_init scsi: fnic: Fix error return code in fnic_probe() platform/x86: mlx-platform: Fix item counter assignment for MSN2700, MSN24xx systems powerpc/pseries/hibernation: drop pseries_suspend_begin() from suspend ops powerpc/pseries/hibernation: remove redundant cacheinfo update usb: ehci-omap: Fix PM disable depth umbalance in ehci_hcd_omap_probe usb: oxu210hp-hcd: Fix memory leak in oxu_create speakup: fix uninitialized flush_lock nfsd: Fix message level for normal termination nfs_common: need lock during iterate through the list x86/kprobes: Restore BTF if the single-stepping is cancelled bus: fsl-mc: fix error return code in fsl_mc_object_allocate() clk: tegra: Fix duplicated SE clock entry extcon: max77693: Fix modalias string mac80211: don't set set TDLS STA bandwidth wider than possible ASoC: wm_adsp: remove "ctl" from list on error in wm_adsp_create_control() irqchip/alpine-msi: Fix freeing of interrupts on allocation error path watchdog: sirfsoc: Add missing dependency on HAS_IOMEM watchdog: sprd: remove watchdog disable from resume fail path watchdog: sprd: check busy bit before new loading rather than after that watchdog: Fix potential dereferencing of null pointer um: Monitor error events in IRQ controller um: tty: Fix handling of close in tty lines um: chan_xterm: Fix fd leak nfc: s3fwrn5: Release the nfc firmware powerpc/ps3: use dma_mapping_error() checkpatch: fix unescaped left brace net: bcmgenet: Fix a resource leak in an error handling path in the probe functin net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function net: korina: fix return value libnvdimm/label: Return -ENXIO for no slot in __blk_label_update watchdog: qcom: Avoid context switch in restart handler watchdog: coh901327: add COMMON_CLK dependency clk: ti: Fix memleak in ti_fapll_synth_setup pwm: zx: Add missing cleanup in error path pwm: lp3943: Dynamically allocate PWM chip base perf record: Fix memory leak when using '--user-regs=?' to list registers qlcnic: Fix error code in probe clk: s2mps11: Fix a resource leak in error handling paths in the probe function clk: sunxi-ng: Make sure divider tables have sentinel kconfig: fix return value of do_error_if() ARM: sunxi: Add machine match for the Allwinner V3 SoC cfg80211: initialize rekey_data fix namespaced fscaps when !CONFIG_SECURITY lwt: Disable BH too in run_lwt_bpf() Input: cros_ec_keyb - send 'scancodes' in addition to key events Input: goodix - add upside-down quirk for Teclast X98 Pro tablet media: gspca: Fix memory leak in probe media: sunxi-cir: ensure IR is handled when it is continuous media: netup_unidvb: Don't leak SPI master in probe error path media: ipu3-cio2: Remove traces of returned buffers media: ipu3-cio2: Return actual subdev format media: ipu3-cio2: Serialise access to pad format media: ipu3-cio2: Validate mbus format in setting subdev format media: ipu3-cio2: Make the field on subdev format V4L2_FIELD_NONE Input: cyapa_gen6 - fix out-of-bounds stack access ALSA: hda/ca0132 - Change Input Source enum strings. PM: ACPI: PCI: Drop acpi_pm_set_bridge_wakeup() Revert "ACPI / resources: Use AE_CTRL_TERMINATE to terminate resources walks" ACPI: PNP: compare the string length in the matching_id() ALSA: hda: Fix regressions on clear and reconfig sysfs ALSA: hda/realtek - Enable headset mic of ASUS X430UN with ALC256 ALSA: hda/realtek - Enable headset mic of ASUS Q524UQK with ALC255 ALSA: pcm: oss: Fix a few more UBSAN fixes ALSA: hda/realtek: Add quirk for MSI-GP73 ALSA: hda/realtek: Apply jack fixup for Quanta NL3 ALSA: usb-audio: Add VID to support native DSD reproduction on FiiO devices ALSA: usb-audio: Disable sample read check if firmware doesn't give back s390/smp: perform initial CPU reset also for SMT siblings s390/kexec_file: fix diag308 subcode when loading crash kernel s390/dasd: fix hanging device offline processing s390/dasd: prevent inconsistent LCU device data s390/dasd: fix list corruption of pavgroup group list s390/dasd: fix list corruption of lcu list staging: comedi: mf6x4: Fix AI end-of-conversion detection powerpc/perf: Exclude kernel samples while counting events in user space. crypto: ecdh - avoid unaligned accesses in ecdh_set_secret() EDAC/amd64: Fix PCI component registration USB: serial: mos7720: fix parallel-port state restore USB: serial: digi_acceleport: fix write-wakeup deadlocks USB: serial: keyspan_pda: fix dropped unthrottle interrupts USB: serial: keyspan_pda: fix write deadlock USB: serial: keyspan_pda: fix stalled writes USB: serial: keyspan_pda: fix write-wakeup use-after-free USB: serial: keyspan_pda: fix tx-unthrottle use-after-free USB: serial: keyspan_pda: fix write unthrottling ext4: fix a memory leak of ext4_free_data ext4: fix deadlock with fs freezing and EA inodes KVM: arm64: Introduce handling of AArch32 TTBCR2 traps ARM: dts: pandaboard: fix pinmux for gpio user button of Pandaboard ES ARM: dts: at91: sama5d2: fix CAN message ram offset and size powerpc: Fix incorrect stw{, ux, u, x} instructions in __set_pte_at powerpc/rtas: Fix typo of ibm,open-errinjct in RTAS filter powerpc/xmon: Change printk() to pr_cont() powerpc/powernv/memtrace: Don't leak kernel memory to user space powerpc/powernv/memtrace: Fix crashing the kernel when enabling concurrently ima: Don't modify file descriptor mode on the fly ceph: fix race in concurrent __ceph_remove_cap invocations SMB3: avoid confusing warning message on mount to Azure SMB3.1.1: do not log warning message if server doesn't populate salt ubifs: wbuf: Don't leak kernel memory to flash jffs2: Fix GC exit abnormally jfs: Fix array index bounds check in dbAdjTree drm/dp_aux_dev: check aux_dev before use in drm_dp_aux_dev_get_by_minor() spi: spi-sh: Fix use-after-free on unbind spi: davinci: Fix use-after-free on unbind spi: pic32: Don't leak DMA channels in probe error path spi: rb4xx: Don't leak SPI master in probe error path spi: sc18is602: Don't leak SPI master in probe error path spi: st-ssc4: Fix unbalanced pm_runtime_disable() in probe error path spi: mt7621: fix missing clk_disable_unprepare() on error in mt7621_spi_probe soc: qcom: smp2p: Safely acquire spinlock without IRQs mtd: spinand: Fix OOB read mtd: parser: cmdline: Fix parsing of part-names with colons mtd: rawnand: qcom: Fix DMA sync on FLASH_STATUS register read scsi: lpfc: Fix invalid sleeping context in lpfc_sli4_nvmet_alloc() scsi: lpfc: Re-fix use after free in lpfc_rq_buf_free() iio: buffer: Fix demux update iio: adc: rockchip_saradc: fix missing clk_disable_unprepare() on error in rockchip_saradc_resume iio:light:rpr0521: Fix timestamp alignment and prevent data leak. iio:light:st_uvis25: Fix timestamp alignment and prevent data leak. iio:pressure:mpl3115: Force alignment of buffer iio:imu:bmi160: Fix too large a buffer. md/cluster: block reshape with remote resync job md/cluster: fix deadlock when node is doing resync job pinctrl: sunxi: Always call chained_irq_{enter, exit} in sunxi_pinctrl_irq_handler clk: mvebu: a3700: fix the XTAL MODE pin to MPP1_9 xen-blkback: set ring->xenblkd to NULL after kthread_stop() xen/xenbus: Allow watches discard events before queueing xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path() xen/xenbus/xen_bus_type: Support will_handle watch callback xen/xenbus: Count pending messages for each watch xenbus/xenbus_backend: Disallow pending watch messages libnvdimm/namespace: Fix reaping of invalidated block-window-namespace labels platform/x86: intel-vbtn: Allow switch events on Acer Switch Alpha 12 PCI: Fix pci_slot_release() NULL pointer dereference platform/x86: mlx-platform: remove an unused variable Linux 4.19.164 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I8e2d24b45393ee2360186893d4e578e20156c7f1	2020-12-30 12:19:31 +01:00
Ard Biesheuvel	85637bc064	crypto: ecdh - avoid unaligned accesses in ecdh_set_secret() commit 17858b140bf49961b71d4e73f1c3ea9bc8e7dda0 upstream. ecdh_set_secret() casts a void* pointer to a const u64* in order to feed it into ecc_is_key_valid(). This is not generally permitted by the C standard, and leads to actual misalignment faults on ARMv6 cores. In some cases, these are fixed up in software, but this still leads to performance hits that are entirely avoidable. So let's copy the key into the ctx buffer first, which we will do anyway in the common case, and which guarantees correct alignment. Cc: <stable@vger.kernel.org> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2020-12-30 11:26:10 +01:00
Eric Biggers	268a84d36e	crypto: af_alg - avoid undefined behavior accessing salg_name commit 92eb6c3060ebe3adf381fd9899451c5b047bb14d upstream. Commit `3f69cc6076` ("crypto: af_alg - Allow arbitrarily long algorithm names") made the kernel start accepting arbitrarily long algorithm names in sockaddr_alg. However, the actual length of the salg_name field stayed at the original 64 bytes. This is broken because the kernel can access indices >= 64 in salg_name, which is undefined behavior -- even though the memory that is accessed is still located within the sockaddr structure. It would only be defined behavior if the array were properly marked as arbitrary-length (either by making it a flexible array, which is the recommended way these days, or by making it an array of length 0 or 1). We can't simply change salg_name into a flexible array, since that would break source compatibility with userspace programs that embed sockaddr_alg into another struct, or (more commonly) declare a sockaddr_alg like 'struct sockaddr_alg sa = { .salg_name = "foo" };'. One solution would be to change salg_name into a flexible array only when '#ifdef __KERNEL__'. However, that would keep userspace without an easy way to actually use the longer algorithm names. Instead, add a new structure 'sockaddr_alg_new' that has the flexible array field, and expose it to both userspace and the kernel. Make the kernel use it correctly in alg_bind(). This addresses the syzbot report "UBSAN: array-index-out-of-bounds in alg_bind" (https://syzkaller.appspot.com/bug?extid=92ead4eb8e26a26d465e). Reported-by: syzbot+92ead4eb8e26a26d465e@syzkaller.appspotmail.com Fixes: `3f69cc6076` ("crypto: af_alg - Allow arbitrarily long algorithm names") Cc: <stable@vger.kernel.org> # v4.12+ Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2020-12-30 11:25:48 +01:00
Eric Biggers	b5f2b9e204	UPSTREAM: crypto: chacha-generic - fix use as arm64 no-NEON fallback The arm64 implementations of ChaCha and XChaCha are failing the extra crypto self-tests following my patches to test the !may_use_simd() code paths, which previously were untested. The problem is as follows: When !may_use_simd(), the arm64 NEON implementations fall back to the generic implementation, which uses the skcipher_walk API to iterate through the src/dst scatterlists. Due to how the skcipher_walk API works, walk.stride is set from the skcipher_alg actually being used, which in this case is the arm64 NEON algorithm. Thus walk.stride is 5CHACHA_BLOCK_SIZE, not CHACHA_BLOCK_SIZE. This unnecessarily large stride shouldn't cause an actual problem. However, the generic implementation computes round_down(nbytes, walk.stride). round_down() assumes the round amount is a power of 2, which 5CHACHA_BLOCK_SIZE is not, so it gives the wrong result. This causes the following case in skcipher_walk_done() to be hit, causing a WARN() and failing the encryption operation: if (WARN_ON(err)) { /* unexpected case; didn't process all bytes */ err = -EINVAL; goto finish; } Fix it by rounding down to CHACHA_BLOCK_SIZE instead of walk.stride. (Or we could replace round_down() with rounddown(), but that would add a slow division operation every time, which I think we should avoid.) Fixes: 2fe55987b262 ("crypto: arm64/chacha - use combined SIMD/ALU routine for more speed") Cc: <stable@vger.kernel.org> # v5.0+ Signed-off-by: Eric Biggers <ebiggers@google.com> Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 7aceaaef04eaaf6019ca159bc354d800559bba1d) Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Idb028928e0a9ea82a6329aa9148fc2d82d1c037d	2020-11-16 09:22:35 +01:00
Greg Kroah-Hartman	b9a942466b	This is the 4.19.153 stable release -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl+ag5UACgkQONu9yGCS aT5O3w//RaOcwQdi47/UJz8zyja1ZG8MSSCGibpwvaDwrsXu9es1QtqLAC38H10o ygxNLBZQHxhScsRpicNc+Dy87+lcSj8cF1ed7sd1LU8rvmQ18uIeFUZxfzYth8jW i6erzas0Ojw8IMy566GDxkfAC6n5GhJuJTVFQWUQpoEbsb5rXcGCLx3u+S3Ew+5t Xb9qE6r5cImYymvMkMy7RQ4Db2qgOwjkaCj+Ol+4BSR0bF4OweMQLPJs9gN8pJpr o2nxHg7wdO8SKJZCBVw8ZmfO4zF6czcKy+KzFajn+4LA2oT5mgiV8y21cd9CWYeQ JQK1jZGwwl/xljrM1yLd+crG8i11DhCStY90+4bxD68r8H+g1kwZ8jELmCwuuyx6 dk1s7jOxyKl9qAnMt6r2HqrjgxGD+2hL+2S84jPGRBow5IYjrdD0REXZjyk1R7Rp 8k00lRk1ATEy7H2lj4JW34tcsTEEDcn8PqUFx7MRKtCUI2uo4Gr5HXqf6wTJDp6S BsDe8mm77jd81vtw/AZ8Fv7Fg42QIPt7G1QV9wBbFvDmKmDa7Gj6SuQqTeu75oU9 M++aWSwyOb08wZEE0y94wsm6r4raN3A8o70Df9FltNFTALowuIcR+CVtOnQfHEuL BUBJcWg3SDsIxkXYgvQ9jO5h38i6dhAIVGAcU4VB0rgP/ePKMQs= =GiLo -----END PGP SIGNATURE----- Merge 4.19.153 into android-4.19-stable Changes in 4.19.153 ibmveth: Switch order of ibmveth_helper calls. ibmveth: Identify ingress large send packets. ipv4: Restore flowi4_oif update before call to xfrm_lookup_route mlx4: handle non-napi callers to napi_poll net: fec: Fix phy_device lookup for phy_reset_after_clk_enable() net: fec: Fix PHY init after phy_reset_after_clk_enable() net: fix pos incrementment in ipv6_route_seq_next net/smc: fix valid DMBE buffer sizes net: usb: qmi_wwan: add Cellient MPL200 card tipc: fix the skb_unshare() in tipc_buf_append() net/ipv4: always honour route mtu during forwarding r8169: fix data corruption issue on RTL8402 net/tls: sendfile fails with ktls offload binder: fix UAF when releasing todo list ALSA: bebob: potential info leak in hwdep_read() chelsio/chtls: fix socket lock chelsio/chtls: correct netdevice for vlan interface chelsio/chtls: correct function return and return type net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling ether_setup net/sched: act_tunnel_key: fix OOB write in case of IPv6 ERSPAN tunnels nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download() tcp: fix to update snd_wl1 in bulk receiver fast path r8169: fix operation under forced interrupt threading icmp: randomize the global rate limiter ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887 cifs: remove bogus debug code cifs: Return the error from crypt_message when enc/dec key not found. KVM: x86/mmu: Commit zap of remaining invalid pages when recovering lpages KVM: SVM: Initialize prev_ga_tag before use ima: Don't ignore errors from crypto_shash_update() crypto: algif_aead - Do not set MAY_BACKLOG on the async path EDAC/i5100: Fix error handling order in i5100_init_one() EDAC/ti: Fix handling of platform_get_irq() error x86/fpu: Allow multiple bits in clearcpuid= parameter drivers/perf: xgene_pmu: Fix uninitialized resource struct x86/nmi: Fix nmi_handle() duration miscalculation x86/events/amd/iommu: Fix sizeof mismatch crypto: algif_skcipher - EBUSY on aio should be an error crypto: mediatek - Fix wrong return value in mtk_desc_ring_alloc() crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call crypto: picoxcell - Fix potential race condition bug media: tuner-simple: fix regression in simple_set_radio_freq media: Revert "media: exynos4-is: Add missed check for pinctrl_lookup_state()" media: m5mols: Check function pointer in m5mols_sensor_power media: uvcvideo: Set media controller entity functions media: uvcvideo: Silence shift-out-of-bounds warning media: omap3isp: Fix memleak in isp_probe crypto: omap-sham - fix digcnt register handling with export/import hwmon: (pmbus/max34440) Fix status register reads for MAX344{51,60,61} cypto: mediatek - fix leaks in mtk_desc_ring_alloc media: mx2_emmaprp: Fix memleak in emmaprp_probe media: tc358743: initialize variable media: tc358743: cleanup tc358743_cec_isr media: rcar-vin: Fix a reference count leak. media: rockchip/rga: Fix a reference count leak. media: platform: fcp: Fix a reference count leak. media: camss: Fix a reference count leak. media: s5p-mfc: Fix a reference count leak media: stm32-dcmi: Fix a reference count leak media: ti-vpe: Fix a missing check and reference count leak regulator: resolve supply after creating regulator pinctrl: bcm: fix kconfig dependency warning when !GPIOLIB spi: spi-s3c64xx: swap s3c64xx_spi_set_cs() and s3c64xx_enable_datapath() spi: spi-s3c64xx: Check return values ath10k: provide survey info as accumulated data Bluetooth: hci_uart: Cancel init work before unregistering ath6kl: prevent potential array overflow in ath6kl_add_new_sta() ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb() ath10k: Fix the size used in a 'dma_free_coherent()' call in an error handling path wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680 ASoC: qcom: lpass-platform: fix memory leak ASoC: qcom: lpass-cpu: fix concurrency issue brcmfmac: check ndev pointer mwifiex: Do not use GFP_KERNEL in atomic context staging: rtl8192u: Do not use GFP_KERNEL in atomic context drm/gma500: fix error check scsi: qla4xxx: Fix an error handling path in 'qla4xxx_get_host_stats()' scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba() scsi: csiostor: Fix wrong return value in csio_hw_prep_fw() backlight: sky81452-backlight: Fix refcount imbalance on error VMCI: check return value of get_user_pages_fast() for errors tty: serial: earlycon dependency tty: hvcs: Don't NULL tty->driver_data until hvcs_cleanup() pty: do tty_flip_buffer_push without port->lock in pty_write pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare() pwm: lpss: Add range limit check for the base_unit register value drivers/virt/fsl_hypervisor: Fix error handling path video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error video: fbdev: sis: fix null ptr dereference video: fbdev: radeon: Fix memleak in radeonfb_pci_register HID: roccat: add bounds checking in kone_sysfs_write_settings() pinctrl: mcp23s08: Fix mcp23x17_regmap initialiser pinctrl: mcp23s08: Fix mcp23x17 precious range net/mlx5: Don't call timecounter cyc2time directly from 1PPS flow net: stmmac: use netif_tx_start\|stop_all_queues() function cpufreq: armada-37xx: Add missing MODULE_DEVICE_TABLE net: dsa: rtl8366: Check validity of passed VLANs net: dsa: rtl8366: Refactor VLAN/PVID init net: dsa: rtl8366: Skip PVID setting if not requested net: dsa: rtl8366rb: Support all 4096 VLANs ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd() misc: mic: scif: Fix error handling path ALSA: seq: oss: Avoid mutex lock for a long-time ioctl usb: dwc2: Fix parameter type in function pointer prototype quota: clear padding in v2r1_mem2diskdqb() slimbus: core: check get_addr before removing laddr ida slimbus: core: do not enter to clock pause mode in core slimbus: qcom-ngd-ctrl: disable ngd in qmi server down callback HID: hid-input: fix stylus battery reporting qtnfmac: fix resource leaks on unsupported iftype error return path net: enic: Cure the enic api locking trainwreck mfd: sm501: Fix leaks in probe() iwlwifi: mvm: split a print to avoid a WARNING in ROC usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above. usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well nl80211: fix non-split wiphy information usb: dwc2: Fix INTR OUT transfers in DDMA mode. scsi: target: tcmu: Fix warning: 'page' may be used uninitialized scsi: be2iscsi: Fix a theoretical leak in beiscsi_create_eqs() platform/x86: mlx-platform: Remove PSU EEPROM configuration mwifiex: fix double free ipvs: clear skb->tstamp in forwarding path net: korina: fix kfree of rx/tx descriptor array netfilter: nf_log: missing vlan offload tag and proto mm/memcg: fix device private memcg accounting mm, oom_adj: don't loop through tasks in __set_oom_adj when not necessary IB/mlx4: Fix starvation in paravirt mux/demux IB/mlx4: Adjust delayed work when a dup is observed powerpc/pseries: Fix missing of_node_put() in rng_init() powerpc/icp-hv: Fix missing of_node_put() in success path RDMA/ucma: Fix locking for ctx->events_reported RDMA/ucma: Add missing locking around rdma_leave_multicast() mtd: lpddr: fix excessive stack usage with clang powerpc/pseries: explicitly reschedule during drmem_lmb list traversal mtd: mtdoops: Don't write panic data twice ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT values arc: plat-hsdk: fix kconfig dependency warning when !RESET_CONTROLLER xfs: limit entries returned when counting fsmap records xfs: fix high key handling in the rt allocator's query_range function RDMA/qedr: Fix use of uninitialized field RDMA/qedr: Fix inline size returned for iWARP powerpc/tau: Use appropriate temperature sample interval powerpc/tau: Convert from timer to workqueue powerpc/tau: Remove duplicated set_thresholds() call Linux 4.19.153 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I9e85e8ca67ab8e28d04a77339f80fdbf3c568956	2020-10-29 11:36:20 +01:00
Herbert Xu	b0112ecef7	crypto: algif_skcipher - EBUSY on aio should be an error [ Upstream commit 2a05b029c1ee045b886ebf9efef9985ca23450de ] I removed the MAY_BACKLOG flag on the aio path a while ago but the error check still incorrectly interpreted EBUSY as success. This may cause the submitter to wait for a request that will never complete. Fixes: `dad4199706` ("crypto: algif_skcipher - Do not set...") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Sasha Levin <sashal@kernel.org>	2020-10-29 09:55:01 +01:00
Herbert Xu	1ba6c54278	crypto: algif_aead - Do not set MAY_BACKLOG on the async path commit cbdad1f246dd98e6c9c32a6e5212337f542aa7e0 upstream. The async path cannot use MAY_BACKLOG because it is not meant to block, which is what MAY_BACKLOG does. On the other hand, both the sync and async paths can make use of MAY_SLEEP. Fixes: `83094e5e9e` ("crypto: af_alg - add async support to...") Cc: <stable@vger.kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2020-10-29 09:54:59 +01:00
Jason A. Donenfeld	fd987ccbde	UPSTREAM: crypto: Kconfig - allow tests to be disabled when manager is disabled The library code uses CRYPTO_MANAGER_DISABLE_TESTS to conditionalize its tests, but the library code can also exist without CRYPTO_MANAGER. That means on minimal configs, the test code winds up being built with no way to disable it. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 2343d1529aff8b552589f622c23932035ed7a05d) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I0bacc9cc4473439801f272b50018e9533b0884e2	2020-10-25 11:48:00 +01:00
Jason A. Donenfeld	1ff35ded67	UPSTREAM: crypto: poly1305 - add new 32 and 64-bit generic versions These two C implementations from Zinc -- a 32x32 one and a 64x64 one, depending on the platform -- come from Andrew Moon's public domain poly1305-donna portable code, modified for usage in the kernel. The precomputation in the 32-bit version and the use of 64x64 multiplies in the 64-bit version make these perform better than the code it replaces. Moon's code is also very widespread and has received many eyeballs of scrutiny. There's a bit of interference between the x86 implementation, which relies on internal details of the old scalar implementation. In the next commit, the x86 implementation will be replaced with a faster one that doesn't rely on this, so none of this matters much. But for now, to keep this passing the tests, we inline the bits of the old implementation that the x86 implementation relied on. Also, since we now support a slightly larger key space, via the union, some offsets had to be fixed up. Nonce calculation was folded in with the emit function, to take advantage of 64x64 arithmetic. However, Adiantum appeared to rely on no nonce handling in emit, so this path was conditionalized. We also introduced a new struct, poly1305_core_key, to represent the precise amount of space that particular implementation uses. Testing with kbench9000, depending on the CPU, the update function for the 32x32 version has been improved by 4%-7%, and for the 64x64 by 19%-30%. The 32x32 gains are small, but I think there's great value in having a parallel implementation to the 64x64 one so that the two can be compared side-by-side as nice stand-alone units. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 1c08a104360f3e18f4ee6346c21cc3923efb952e) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ie53f7e47335863df3d82dbc268c6d8323ae5f559	2020-10-25 11:47:54 +01:00
Eric Biggers	77073bba3e	UPSTREAM: crypto: chacha_generic - remove unnecessary setkey() functions Use chacha20_setkey() and chacha12_setkey() from <crypto/internal/chacha.h> instead of defining them again in chacha_generic.c. Signed-off-by: Eric Biggers <ebiggers@google.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 2043323a799a660bc84bbee404cf7a2617ec6157) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I2a585793ef6dbf5529d65f0c985ffa6f4072fda3	2020-10-24 22:42:44 +02:00
Jason A. Donenfeld	f9f4dfd312	UPSTREAM: crypto: curve25519 - x86_64 library and KPP implementations This implementation is the fastest available x86_64 implementation, and unlike Sandy2x, it doesn't requie use of the floating point registers at all. Instead it makes use of BMI2 and ADX, available on recent microarchitectures. The implementation was written by Armando Faz-Hernández with contributions (upstream) from Samuel Neves and me, in addition to further changes in the kernel implementation from us. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Samuel Neves <sneves@dei.uc.pt> Co-developed-by: Samuel Neves <sneves@dei.uc.pt> [ardb: - move to arch/x86/crypto - wire into lib/crypto framework - implement crypto API KPP hooks ] Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit bb611bdfd6be34d9f822c73305fcc83720499d38) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I4c8f006da5fc8eaafbe2902e5b82d885fce1e5a5	2020-10-24 22:42:44 +02:00
Ard Biesheuvel	fe7ebbd471	UPSTREAM: crypto: curve25519 - implement generic KPP driver Expose the generic Curve25519 library via the crypto API KPP interface. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit ee772cb641135739c1530647391d5a04c39db192) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ic832d2b6900a4fbe8db11348c9dcada87892c317	2020-10-24 22:42:43 +02:00
Ard Biesheuvel	40175d26ba	UPSTREAM: crypto: curve25519 - add kpp selftest In preparation of introducing KPP implementations of Curve25519, import the set of test cases proposed by the Zinc patch set, but converted to the KPP format. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit f613457a7af085728297bef71233c37faf3c01b1) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Icba92206a4ae5e131bf28ff3d52977ae1ffa3c66	2020-10-24 22:42:43 +02:00
Jason A. Donenfeld	db2e6ec625	UPSTREAM: crypto: blake2s - x86_64 SIMD implementation These implementations from Samuel Neves support AVX and AVX-512VL. Originally this used AVX-512F, but Skylake thermal throttling made AVX-512VL more attractive and possible to do with negligable difference. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Samuel Neves <sneves@dei.uc.pt> Co-developed-by: Samuel Neves <sneves@dei.uc.pt> [ardb: move to arch/x86/crypto, wire into lib/crypto framework] Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit ed0356eda153f6a95649e11feb7b07083caf9e20) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I26150abb48c1508d922727d7b9d788e0251f411c	2020-10-24 22:42:43 +02:00
Ard Biesheuvel	537dbe51f3	UPSTREAM: crypto: blake2s - implement generic shash driver Wire up our newly added Blake2s implementation via the shash API. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 7f9b0880925f1f9d7d59504ea0892d2ae9cfc233) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I2cc105bb4fd251cfea616323f352730832f07aaa	2020-10-24 22:42:43 +02:00
Ard Biesheuvel	8e4def702e	UPSTREAM: crypto: testmgr - add test cases for Blake2s As suggested by Eric for the Blake2b implementation contributed by David, introduce a set of test vectors for Blake2s covering different digest and key sizes. blake2s-128 blake2s-160 blake2s-224 blake2s-256 --------------------------------------------------- len=0 \| klen=0 klen=1 klen=16 klen=32 len=1 \| klen=16 klen=32 klen=0 klen=1 len=7 \| klen=32 klen=0 klen=1 klen=16 len=15 \| klen=1 klen=16 klen=32 klen=0 len=64 \| klen=0 klen=1 klen=16 klen=32 len=247 \| klen=16 klen=32 klen=0 klen=1 len=256 \| klen=32 klen=0 klen=1 klen=16 Cc: David Sterba <dsterba@suse.com> Cc: Eric Biggers <ebiggers@google.com> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 17e1df67023a5c9ccaeb5de8bf5b88f63127ecf7) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: If7b4154623ead41346837eefacbcee5354ff7765	2020-10-24 22:42:43 +02:00
Ard Biesheuvel	688b66e083	UPSTREAM: crypto: mips/poly1305 - incorporate OpenSSL/CRYPTOGAMS optimized implementation This is a straight import of the OpenSSL/CRYPTOGAMS Poly1305 implementation for MIPS authored by Andy Polyakov, a prior 64-bit only version of which has been contributed by him to the OpenSSL project. The file 'poly1305-mips.pl' is taken straight from this upstream GitHub repository [0] at commit d22ade312a7af958ec955620b0d241cf42c37feb, and already contains all the changes required to build it as part of a Linux kernel module. [0] https://github.com/dot-asm/cryptogams Co-developed-by: Andy Polyakov <appro@cryptogams.org> Signed-off-by: Andy Polyakov <appro@cryptogams.org> Co-developed-by: René van Dorst <opensource@vdorst.com> Signed-off-by: René van Dorst <opensource@vdorst.com> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit a11d055e7a64ac34a5e99b6fe731299449cbcd58) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I3f970f4d675b2a2f3e30ee6f28f32824e125e6e8	2020-10-24 22:42:43 +02:00
Ard Biesheuvel	4e42c8cac2	UPSTREAM: crypto: x86/poly1305 - expose existing driver as poly1305 library Implement the arch init/update/final Poly1305 library routines in the accelerated SIMD driver for x86 so they are accessible to users of the Poly1305 library interface as well. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit f0e89bcfbb894e5844cd1bbf6b3cf7c63cb0f5ac) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ib675528205383a4816e2a01f68e89eba2b0abb4d	2020-10-24 14:43:43 +02:00
Ard Biesheuvel	48c9cbd789	UPSTREAM: crypto: x86/poly1305 - depend on generic library not generic shash Remove the dependency on the generic Poly1305 driver. Instead, depend on the generic library so that we only reuse code without pulling in the generic skcipher implementation as well. While at it, remove the logic that prefers the non-SIMD path for short inputs - this is no longer necessary after recent FPU handling changes on x86. Since this removes the last remaining user of the routines exported by the generic shash driver, unexport them and make them static. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 1b2c6a5120489d41c8ea3b8dacd0b4586289b158) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I1003433816e6f3f458d7ccbcd0d4790666cdf8d1	2020-10-24 14:43:43 +02:00
Ard Biesheuvel	d1fa3dd17d	UPSTREAM: crypto: poly1305 - expose init/update/final library interface Expose the existing generic Poly1305 code via a init/update/final library interface so that callers are not required to go through the crypto API's shash abstraction to access it. At the same time, make some preparations so that the library implementation can be superseded by an accelerated arch-specific version in the future. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit a1d93064094cc5e24d64e35cf093e7191d0c9344) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ibd2539acddd9b8de1100d9fab832e58006736607	2020-10-24 14:43:42 +02:00
Ard Biesheuvel	c99c627218	UPSTREAM: crypto: x86/poly1305 - unify Poly1305 state struct with generic code In preparation of exposing a Poly1305 library interface directly from the accelerated x86 driver, align the state descriptor of the x86 code with the one used by the generic driver. This is needed to make the library interface unified between all implementations. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit ad8f5b88383ea685f2b8df2a12ee3e08089a1287) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I4425d0b514eec8e1d3e88e9972f270cc17bf8064	2020-10-24 14:43:41 +02:00
Ard Biesheuvel	4afb116cc1	UPSTREAM: crypto: poly1305 - move core routines into a separate library Move the core Poly1305 routines shared between the generic Poly1305 shash driver and the Adiantum and NHPoly1305 drivers into a separate library so that using just this pieces does not pull in the crypto API pieces of the generic Poly1305 routine. In a subsequent patch, we will augment this generic library with init/update/final routines so that Poyl1305 algorithm can be used directly without the need for using the crypto API's shash abstraction. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 48ea8c6ebc96bc0990e12ee1c43d0832c23576bb) Bug: 152722841 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I1d1ebae722acdb3a908822b8a5b126689e2147c3	2020-10-24 14:43:40 +02:00

1 2 3 4 5 ...

2522 Commits