1 |
commit: 28f69bd2360b5e24a3766113bd181016554af45e |
2 |
Author: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri Mar 31 10:44:32 2017 +0000 |
4 |
Commit: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri Mar 31 10:44:32 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=28f69bd2 |
7 |
|
8 |
Linux patch 4.9.20 |
9 |
|
10 |
0000_README | 4 + |
11 |
1019_linux-4.9.20.patch | 554 ++++++++++++++++++++++++++++++++++++++++++++++++ |
12 |
2 files changed, 558 insertions(+) |
13 |
|
14 |
diff --git a/0000_README b/0000_README |
15 |
index 4eb0378..feea55b 100644 |
16 |
--- a/0000_README |
17 |
+++ b/0000_README |
18 |
@@ -119,6 +119,10 @@ Patch: 1018_linux-4.9.19.patch |
19 |
From: http://www.kernel.org |
20 |
Desc: Linux 4.9.19 |
21 |
|
22 |
+Patch: 1019_linux-4.9.20.patch |
23 |
+From: http://www.kernel.org |
24 |
+Desc: Linux 4.9.20 |
25 |
+ |
26 |
Patch: 1500_XATTR_USER_PREFIX.patch |
27 |
From: https://bugs.gentoo.org/show_bug.cgi?id=470644 |
28 |
Desc: Support for namespace user.pax.* on tmpfs. |
29 |
|
30 |
diff --git a/1019_linux-4.9.20.patch b/1019_linux-4.9.20.patch |
31 |
new file mode 100644 |
32 |
index 0000000..91b8b98 |
33 |
--- /dev/null |
34 |
+++ b/1019_linux-4.9.20.patch |
35 |
@@ -0,0 +1,554 @@ |
36 |
+diff --git a/Makefile b/Makefile |
37 |
+index ba1c6a8e6a70..44960184701a 100644 |
38 |
+--- a/Makefile |
39 |
++++ b/Makefile |
40 |
+@@ -1,6 +1,6 @@ |
41 |
+ VERSION = 4 |
42 |
+ PATCHLEVEL = 9 |
43 |
+-SUBLEVEL = 19 |
44 |
++SUBLEVEL = 20 |
45 |
+ EXTRAVERSION = |
46 |
+ NAME = Roaring Lionus |
47 |
+ |
48 |
+diff --git a/arch/c6x/kernel/ptrace.c b/arch/c6x/kernel/ptrace.c |
49 |
+index 3c494e84444d..a511ac16a8e3 100644 |
50 |
+--- a/arch/c6x/kernel/ptrace.c |
51 |
++++ b/arch/c6x/kernel/ptrace.c |
52 |
+@@ -69,46 +69,6 @@ static int gpr_get(struct task_struct *target, |
53 |
+ 0, sizeof(*regs)); |
54 |
+ } |
55 |
+ |
56 |
+-static int gpr_set(struct task_struct *target, |
57 |
+- const struct user_regset *regset, |
58 |
+- unsigned int pos, unsigned int count, |
59 |
+- const void *kbuf, const void __user *ubuf) |
60 |
+-{ |
61 |
+- int ret; |
62 |
+- struct pt_regs *regs = task_pt_regs(target); |
63 |
+- |
64 |
+- /* Don't copyin TSR or CSR */ |
65 |
+- ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, |
66 |
+- ®s, |
67 |
+- 0, PT_TSR * sizeof(long)); |
68 |
+- if (ret) |
69 |
+- return ret; |
70 |
+- |
71 |
+- ret = user_regset_copyin_ignore(&pos, &count, &kbuf, &ubuf, |
72 |
+- PT_TSR * sizeof(long), |
73 |
+- (PT_TSR + 1) * sizeof(long)); |
74 |
+- if (ret) |
75 |
+- return ret; |
76 |
+- |
77 |
+- ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, |
78 |
+- ®s, |
79 |
+- (PT_TSR + 1) * sizeof(long), |
80 |
+- PT_CSR * sizeof(long)); |
81 |
+- if (ret) |
82 |
+- return ret; |
83 |
+- |
84 |
+- ret = user_regset_copyin_ignore(&pos, &count, &kbuf, &ubuf, |
85 |
+- PT_CSR * sizeof(long), |
86 |
+- (PT_CSR + 1) * sizeof(long)); |
87 |
+- if (ret) |
88 |
+- return ret; |
89 |
+- |
90 |
+- ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, |
91 |
+- ®s, |
92 |
+- (PT_CSR + 1) * sizeof(long), -1); |
93 |
+- return ret; |
94 |
+-} |
95 |
+- |
96 |
+ enum c6x_regset { |
97 |
+ REGSET_GPR, |
98 |
+ }; |
99 |
+@@ -120,7 +80,6 @@ static const struct user_regset c6x_regsets[] = { |
100 |
+ .size = sizeof(u32), |
101 |
+ .align = sizeof(u32), |
102 |
+ .get = gpr_get, |
103 |
+- .set = gpr_set |
104 |
+ }, |
105 |
+ }; |
106 |
+ |
107 |
+diff --git a/arch/h8300/kernel/ptrace.c b/arch/h8300/kernel/ptrace.c |
108 |
+index 92075544a19a..0dc1c8f622bc 100644 |
109 |
+--- a/arch/h8300/kernel/ptrace.c |
110 |
++++ b/arch/h8300/kernel/ptrace.c |
111 |
+@@ -95,7 +95,8 @@ static int regs_get(struct task_struct *target, |
112 |
+ long *reg = (long *)®s; |
113 |
+ |
114 |
+ /* build user regs in buffer */ |
115 |
+- for (r = 0; r < ARRAY_SIZE(register_offset); r++) |
116 |
++ BUILD_BUG_ON(sizeof(regs) % sizeof(long) != 0); |
117 |
++ for (r = 0; r < sizeof(regs) / sizeof(long); r++) |
118 |
+ *reg++ = h8300_get_reg(target, r); |
119 |
+ |
120 |
+ return user_regset_copyout(&pos, &count, &kbuf, &ubuf, |
121 |
+@@ -113,7 +114,8 @@ static int regs_set(struct task_struct *target, |
122 |
+ long *reg; |
123 |
+ |
124 |
+ /* build user regs in buffer */ |
125 |
+- for (reg = (long *)®s, r = 0; r < ARRAY_SIZE(register_offset); r++) |
126 |
++ BUILD_BUG_ON(sizeof(regs) % sizeof(long) != 0); |
127 |
++ for (reg = (long *)®s, r = 0; r < sizeof(regs) / sizeof(long); r++) |
128 |
+ *reg++ = h8300_get_reg(target, r); |
129 |
+ |
130 |
+ ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, |
131 |
+@@ -122,7 +124,7 @@ static int regs_set(struct task_struct *target, |
132 |
+ return ret; |
133 |
+ |
134 |
+ /* write back to pt_regs */ |
135 |
+- for (reg = (long *)®s, r = 0; r < ARRAY_SIZE(register_offset); r++) |
136 |
++ for (reg = (long *)®s, r = 0; r < sizeof(regs) / sizeof(long); r++) |
137 |
+ h8300_put_reg(target, r, *reg++); |
138 |
+ return 0; |
139 |
+ } |
140 |
+diff --git a/arch/metag/kernel/ptrace.c b/arch/metag/kernel/ptrace.c |
141 |
+index 7563628822bd..5e2dc7defd2c 100644 |
142 |
+--- a/arch/metag/kernel/ptrace.c |
143 |
++++ b/arch/metag/kernel/ptrace.c |
144 |
+@@ -24,6 +24,16 @@ |
145 |
+ * user_regset definitions. |
146 |
+ */ |
147 |
+ |
148 |
++static unsigned long user_txstatus(const struct pt_regs *regs) |
149 |
++{ |
150 |
++ unsigned long data = (unsigned long)regs->ctx.Flags; |
151 |
++ |
152 |
++ if (regs->ctx.SaveMask & TBICTX_CBUF_BIT) |
153 |
++ data |= USER_GP_REGS_STATUS_CATCH_BIT; |
154 |
++ |
155 |
++ return data; |
156 |
++} |
157 |
++ |
158 |
+ int metag_gp_regs_copyout(const struct pt_regs *regs, |
159 |
+ unsigned int pos, unsigned int count, |
160 |
+ void *kbuf, void __user *ubuf) |
161 |
+@@ -62,9 +72,7 @@ int metag_gp_regs_copyout(const struct pt_regs *regs, |
162 |
+ if (ret) |
163 |
+ goto out; |
164 |
+ /* TXSTATUS */ |
165 |
+- data = (unsigned long)regs->ctx.Flags; |
166 |
+- if (regs->ctx.SaveMask & TBICTX_CBUF_BIT) |
167 |
+- data |= USER_GP_REGS_STATUS_CATCH_BIT; |
168 |
++ data = user_txstatus(regs); |
169 |
+ ret = user_regset_copyout(&pos, &count, &kbuf, &ubuf, |
170 |
+ &data, 4*25, 4*26); |
171 |
+ if (ret) |
172 |
+@@ -119,6 +127,7 @@ int metag_gp_regs_copyin(struct pt_regs *regs, |
173 |
+ if (ret) |
174 |
+ goto out; |
175 |
+ /* TXSTATUS */ |
176 |
++ data = user_txstatus(regs); |
177 |
+ ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, |
178 |
+ &data, 4*25, 4*26); |
179 |
+ if (ret) |
180 |
+@@ -244,6 +253,8 @@ int metag_rp_state_copyin(struct pt_regs *regs, |
181 |
+ unsigned long long *ptr; |
182 |
+ int ret, i; |
183 |
+ |
184 |
++ if (count < 4*13) |
185 |
++ return -EINVAL; |
186 |
+ /* Read the entire pipeline before making any changes */ |
187 |
+ ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, |
188 |
+ &rp, 0, 4*13); |
189 |
+@@ -303,7 +314,7 @@ static int metag_tls_set(struct task_struct *target, |
190 |
+ const void *kbuf, const void __user *ubuf) |
191 |
+ { |
192 |
+ int ret; |
193 |
+- void __user *tls; |
194 |
++ void __user *tls = target->thread.tls_ptr; |
195 |
+ |
196 |
+ ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &tls, 0, -1); |
197 |
+ if (ret) |
198 |
+diff --git a/arch/mips/kernel/ptrace.c b/arch/mips/kernel/ptrace.c |
199 |
+index a92994d60e91..bf83dc1eecfb 100644 |
200 |
+--- a/arch/mips/kernel/ptrace.c |
201 |
++++ b/arch/mips/kernel/ptrace.c |
202 |
+@@ -485,7 +485,8 @@ static int fpr_set(struct task_struct *target, |
203 |
+ &target->thread.fpu, |
204 |
+ 0, sizeof(elf_fpregset_t)); |
205 |
+ |
206 |
+- for (i = 0; i < NUM_FPU_REGS; i++) { |
207 |
++ BUILD_BUG_ON(sizeof(fpr_val) != sizeof(elf_fpreg_t)); |
208 |
++ for (i = 0; i < NUM_FPU_REGS && count >= sizeof(elf_fpreg_t); i++) { |
209 |
+ err = user_regset_copyin(&pos, &count, &kbuf, &ubuf, |
210 |
+ &fpr_val, i * sizeof(elf_fpreg_t), |
211 |
+ (i + 1) * sizeof(elf_fpreg_t)); |
212 |
+diff --git a/arch/sparc/kernel/ptrace_64.c b/arch/sparc/kernel/ptrace_64.c |
213 |
+index ac082dd8c67d..7037ca3b4328 100644 |
214 |
+--- a/arch/sparc/kernel/ptrace_64.c |
215 |
++++ b/arch/sparc/kernel/ptrace_64.c |
216 |
+@@ -313,7 +313,7 @@ static int genregs64_set(struct task_struct *target, |
217 |
+ } |
218 |
+ |
219 |
+ if (!ret) { |
220 |
+- unsigned long y; |
221 |
++ unsigned long y = regs->y; |
222 |
+ |
223 |
+ ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, |
224 |
+ &y, |
225 |
+diff --git a/arch/x86/include/asm/kvm_page_track.h b/arch/x86/include/asm/kvm_page_track.h |
226 |
+index c2b8d24a235c..6226cb0eca23 100644 |
227 |
+--- a/arch/x86/include/asm/kvm_page_track.h |
228 |
++++ b/arch/x86/include/asm/kvm_page_track.h |
229 |
+@@ -35,6 +35,7 @@ struct kvm_page_track_notifier_node { |
230 |
+ }; |
231 |
+ |
232 |
+ void kvm_page_track_init(struct kvm *kvm); |
233 |
++void kvm_page_track_cleanup(struct kvm *kvm); |
234 |
+ |
235 |
+ void kvm_page_track_free_memslot(struct kvm_memory_slot *free, |
236 |
+ struct kvm_memory_slot *dont); |
237 |
+diff --git a/arch/x86/kvm/page_track.c b/arch/x86/kvm/page_track.c |
238 |
+index b431539c3714..85024e0cfaa5 100644 |
239 |
+--- a/arch/x86/kvm/page_track.c |
240 |
++++ b/arch/x86/kvm/page_track.c |
241 |
+@@ -156,6 +156,14 @@ bool kvm_page_track_is_active(struct kvm_vcpu *vcpu, gfn_t gfn, |
242 |
+ return !!ACCESS_ONCE(slot->arch.gfn_track[mode][index]); |
243 |
+ } |
244 |
+ |
245 |
++void kvm_page_track_cleanup(struct kvm *kvm) |
246 |
++{ |
247 |
++ struct kvm_page_track_notifier_head *head; |
248 |
++ |
249 |
++ head = &kvm->arch.track_notifier_head; |
250 |
++ cleanup_srcu_struct(&head->track_srcu); |
251 |
++} |
252 |
++ |
253 |
+ void kvm_page_track_init(struct kvm *kvm) |
254 |
+ { |
255 |
+ struct kvm_page_track_notifier_head *head; |
256 |
+diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c |
257 |
+index 731044efb195..e5bc139d1ba7 100644 |
258 |
+--- a/arch/x86/kvm/x86.c |
259 |
++++ b/arch/x86/kvm/x86.c |
260 |
+@@ -7976,6 +7976,7 @@ void kvm_arch_destroy_vm(struct kvm *kvm) |
261 |
+ kvm_free_vcpus(kvm); |
262 |
+ kvfree(rcu_dereference_check(kvm->arch.apic_map, 1)); |
263 |
+ kvm_mmu_uninit_vm(kvm); |
264 |
++ kvm_page_track_cleanup(kvm); |
265 |
+ } |
266 |
+ |
267 |
+ void kvm_arch_free_memslot(struct kvm *kvm, struct kvm_memory_slot *free, |
268 |
+diff --git a/drivers/pinctrl/qcom/pinctrl-msm.c b/drivers/pinctrl/qcom/pinctrl-msm.c |
269 |
+index 775c88303017..bedce3453dd3 100644 |
270 |
+--- a/drivers/pinctrl/qcom/pinctrl-msm.c |
271 |
++++ b/drivers/pinctrl/qcom/pinctrl-msm.c |
272 |
+@@ -594,10 +594,6 @@ static void msm_gpio_irq_unmask(struct irq_data *d) |
273 |
+ |
274 |
+ spin_lock_irqsave(&pctrl->lock, flags); |
275 |
+ |
276 |
+- val = readl(pctrl->regs + g->intr_status_reg); |
277 |
+- val &= ~BIT(g->intr_status_bit); |
278 |
+- writel(val, pctrl->regs + g->intr_status_reg); |
279 |
+- |
280 |
+ val = readl(pctrl->regs + g->intr_cfg_reg); |
281 |
+ val |= BIT(g->intr_enable_bit); |
282 |
+ writel(val, pctrl->regs + g->intr_cfg_reg); |
283 |
+diff --git a/drivers/usb/musb/musb_core.c b/drivers/usb/musb/musb_core.c |
284 |
+index 338575fb2d27..358feca54945 100644 |
285 |
+--- a/drivers/usb/musb/musb_core.c |
286 |
++++ b/drivers/usb/musb/musb_core.c |
287 |
+@@ -2467,8 +2467,8 @@ static int musb_remove(struct platform_device *pdev) |
288 |
+ pm_runtime_get_sync(musb->controller); |
289 |
+ musb_host_cleanup(musb); |
290 |
+ musb_gadget_cleanup(musb); |
291 |
+- spin_lock_irqsave(&musb->lock, flags); |
292 |
+ musb_platform_disable(musb); |
293 |
++ spin_lock_irqsave(&musb->lock, flags); |
294 |
+ musb_generic_disable(musb); |
295 |
+ spin_unlock_irqrestore(&musb->lock, flags); |
296 |
+ musb_writeb(musb->mregs, MUSB_DEVCTL, 0); |
297 |
+diff --git a/drivers/virtio/virtio_balloon.c b/drivers/virtio/virtio_balloon.c |
298 |
+index 9d2738e9217f..2c2e6792f7e0 100644 |
299 |
+--- a/drivers/virtio/virtio_balloon.c |
300 |
++++ b/drivers/virtio/virtio_balloon.c |
301 |
+@@ -427,6 +427,8 @@ static int init_vqs(struct virtio_balloon *vb) |
302 |
+ * Prime this virtqueue with one buffer so the hypervisor can |
303 |
+ * use it to signal us later (it can't be broken yet!). |
304 |
+ */ |
305 |
++ update_balloon_stats(vb); |
306 |
++ |
307 |
+ sg_init_one(&sg, vb->stats, sizeof vb->stats); |
308 |
+ if (virtqueue_add_outbuf(vb->stats_vq, &sg, 1, vb, GFP_KERNEL) |
309 |
+ < 0) |
310 |
+diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c |
311 |
+index 98f87fe8f186..61cfccea77bc 100644 |
312 |
+--- a/fs/crypto/crypto.c |
313 |
++++ b/fs/crypto/crypto.c |
314 |
+@@ -352,7 +352,6 @@ EXPORT_SYMBOL(fscrypt_zeroout_range); |
315 |
+ static int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags) |
316 |
+ { |
317 |
+ struct dentry *dir; |
318 |
+- struct fscrypt_info *ci; |
319 |
+ int dir_has_key, cached_with_key; |
320 |
+ |
321 |
+ if (flags & LOOKUP_RCU) |
322 |
+@@ -364,18 +363,11 @@ static int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags) |
323 |
+ return 0; |
324 |
+ } |
325 |
+ |
326 |
+- ci = d_inode(dir)->i_crypt_info; |
327 |
+- if (ci && ci->ci_keyring_key && |
328 |
+- (ci->ci_keyring_key->flags & ((1 << KEY_FLAG_INVALIDATED) | |
329 |
+- (1 << KEY_FLAG_REVOKED) | |
330 |
+- (1 << KEY_FLAG_DEAD)))) |
331 |
+- ci = NULL; |
332 |
+- |
333 |
+ /* this should eventually be an flag in d_flags */ |
334 |
+ spin_lock(&dentry->d_lock); |
335 |
+ cached_with_key = dentry->d_flags & DCACHE_ENCRYPTED_WITH_KEY; |
336 |
+ spin_unlock(&dentry->d_lock); |
337 |
+- dir_has_key = (ci != NULL); |
338 |
++ dir_has_key = (d_inode(dir)->i_crypt_info != NULL); |
339 |
+ dput(dir); |
340 |
+ |
341 |
+ /* |
342 |
+diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c |
343 |
+index 9b774f4b50c8..80bb956e14e5 100644 |
344 |
+--- a/fs/crypto/fname.c |
345 |
++++ b/fs/crypto/fname.c |
346 |
+@@ -350,7 +350,7 @@ int fscrypt_setup_filename(struct inode *dir, const struct qstr *iname, |
347 |
+ fname->disk_name.len = iname->len; |
348 |
+ return 0; |
349 |
+ } |
350 |
+- ret = get_crypt_info(dir); |
351 |
++ ret = fscrypt_get_encryption_info(dir); |
352 |
+ if (ret && ret != -EOPNOTSUPP) |
353 |
+ return ret; |
354 |
+ |
355 |
+diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c |
356 |
+index 67fb6d8876d0..bb4606368eb1 100644 |
357 |
+--- a/fs/crypto/keyinfo.c |
358 |
++++ b/fs/crypto/keyinfo.c |
359 |
+@@ -99,6 +99,7 @@ static int validate_user_key(struct fscrypt_info *crypt_info, |
360 |
+ kfree(full_key_descriptor); |
361 |
+ if (IS_ERR(keyring_key)) |
362 |
+ return PTR_ERR(keyring_key); |
363 |
++ down_read(&keyring_key->sem); |
364 |
+ |
365 |
+ if (keyring_key->type != &key_type_logon) { |
366 |
+ printk_once(KERN_WARNING |
367 |
+@@ -106,11 +107,9 @@ static int validate_user_key(struct fscrypt_info *crypt_info, |
368 |
+ res = -ENOKEY; |
369 |
+ goto out; |
370 |
+ } |
371 |
+- down_read(&keyring_key->sem); |
372 |
+ ukp = user_key_payload(keyring_key); |
373 |
+ if (ukp->datalen != sizeof(struct fscrypt_key)) { |
374 |
+ res = -EINVAL; |
375 |
+- up_read(&keyring_key->sem); |
376 |
+ goto out; |
377 |
+ } |
378 |
+ master_key = (struct fscrypt_key *)ukp->data; |
379 |
+@@ -121,17 +120,11 @@ static int validate_user_key(struct fscrypt_info *crypt_info, |
380 |
+ "%s: key size incorrect: %d\n", |
381 |
+ __func__, master_key->size); |
382 |
+ res = -ENOKEY; |
383 |
+- up_read(&keyring_key->sem); |
384 |
+ goto out; |
385 |
+ } |
386 |
+ res = derive_key_aes(ctx->nonce, master_key->raw, raw_key); |
387 |
+- up_read(&keyring_key->sem); |
388 |
+- if (res) |
389 |
+- goto out; |
390 |
+- |
391 |
+- crypt_info->ci_keyring_key = keyring_key; |
392 |
+- return 0; |
393 |
+ out: |
394 |
++ up_read(&keyring_key->sem); |
395 |
+ key_put(keyring_key); |
396 |
+ return res; |
397 |
+ } |
398 |
+@@ -173,12 +166,11 @@ static void put_crypt_info(struct fscrypt_info *ci) |
399 |
+ if (!ci) |
400 |
+ return; |
401 |
+ |
402 |
+- key_put(ci->ci_keyring_key); |
403 |
+ crypto_free_skcipher(ci->ci_ctfm); |
404 |
+ kmem_cache_free(fscrypt_info_cachep, ci); |
405 |
+ } |
406 |
+ |
407 |
+-int get_crypt_info(struct inode *inode) |
408 |
++int fscrypt_get_encryption_info(struct inode *inode) |
409 |
+ { |
410 |
+ struct fscrypt_info *crypt_info; |
411 |
+ struct fscrypt_context ctx; |
412 |
+@@ -188,21 +180,15 @@ int get_crypt_info(struct inode *inode) |
413 |
+ u8 *raw_key = NULL; |
414 |
+ int res; |
415 |
+ |
416 |
++ if (inode->i_crypt_info) |
417 |
++ return 0; |
418 |
++ |
419 |
+ res = fscrypt_initialize(); |
420 |
+ if (res) |
421 |
+ return res; |
422 |
+ |
423 |
+ if (!inode->i_sb->s_cop->get_context) |
424 |
+ return -EOPNOTSUPP; |
425 |
+-retry: |
426 |
+- crypt_info = ACCESS_ONCE(inode->i_crypt_info); |
427 |
+- if (crypt_info) { |
428 |
+- if (!crypt_info->ci_keyring_key || |
429 |
+- key_validate(crypt_info->ci_keyring_key) == 0) |
430 |
+- return 0; |
431 |
+- fscrypt_put_encryption_info(inode, crypt_info); |
432 |
+- goto retry; |
433 |
+- } |
434 |
+ |
435 |
+ res = inode->i_sb->s_cop->get_context(inode, &ctx, sizeof(ctx)); |
436 |
+ if (res < 0) { |
437 |
+@@ -230,7 +216,6 @@ int get_crypt_info(struct inode *inode) |
438 |
+ crypt_info->ci_data_mode = ctx.contents_encryption_mode; |
439 |
+ crypt_info->ci_filename_mode = ctx.filenames_encryption_mode; |
440 |
+ crypt_info->ci_ctfm = NULL; |
441 |
+- crypt_info->ci_keyring_key = NULL; |
442 |
+ memcpy(crypt_info->ci_master_key, ctx.master_key_descriptor, |
443 |
+ sizeof(crypt_info->ci_master_key)); |
444 |
+ |
445 |
+@@ -285,14 +270,8 @@ int get_crypt_info(struct inode *inode) |
446 |
+ if (res) |
447 |
+ goto out; |
448 |
+ |
449 |
+- kzfree(raw_key); |
450 |
+- raw_key = NULL; |
451 |
+- if (cmpxchg(&inode->i_crypt_info, NULL, crypt_info) != NULL) { |
452 |
+- put_crypt_info(crypt_info); |
453 |
+- goto retry; |
454 |
+- } |
455 |
+- return 0; |
456 |
+- |
457 |
++ if (cmpxchg(&inode->i_crypt_info, NULL, crypt_info) == NULL) |
458 |
++ crypt_info = NULL; |
459 |
+ out: |
460 |
+ if (res == -ENOKEY) |
461 |
+ res = 0; |
462 |
+@@ -300,6 +279,7 @@ int get_crypt_info(struct inode *inode) |
463 |
+ kzfree(raw_key); |
464 |
+ return res; |
465 |
+ } |
466 |
++EXPORT_SYMBOL(fscrypt_get_encryption_info); |
467 |
+ |
468 |
+ void fscrypt_put_encryption_info(struct inode *inode, struct fscrypt_info *ci) |
469 |
+ { |
470 |
+@@ -317,17 +297,3 @@ void fscrypt_put_encryption_info(struct inode *inode, struct fscrypt_info *ci) |
471 |
+ put_crypt_info(ci); |
472 |
+ } |
473 |
+ EXPORT_SYMBOL(fscrypt_put_encryption_info); |
474 |
+- |
475 |
+-int fscrypt_get_encryption_info(struct inode *inode) |
476 |
+-{ |
477 |
+- struct fscrypt_info *ci = inode->i_crypt_info; |
478 |
+- |
479 |
+- if (!ci || |
480 |
+- (ci->ci_keyring_key && |
481 |
+- (ci->ci_keyring_key->flags & ((1 << KEY_FLAG_INVALIDATED) | |
482 |
+- (1 << KEY_FLAG_REVOKED) | |
483 |
+- (1 << KEY_FLAG_DEAD))))) |
484 |
+- return get_crypt_info(inode); |
485 |
+- return 0; |
486 |
+-} |
487 |
+-EXPORT_SYMBOL(fscrypt_get_encryption_info); |
488 |
+diff --git a/include/linux/fscrypto.h b/include/linux/fscrypto.h |
489 |
+index ff8b11b26f31..f6dfc2950f76 100644 |
490 |
+--- a/include/linux/fscrypto.h |
491 |
++++ b/include/linux/fscrypto.h |
492 |
+@@ -79,7 +79,6 @@ struct fscrypt_info { |
493 |
+ u8 ci_filename_mode; |
494 |
+ u8 ci_flags; |
495 |
+ struct crypto_skcipher *ci_ctfm; |
496 |
+- struct key *ci_keyring_key; |
497 |
+ u8 ci_master_key[FS_KEY_DESCRIPTOR_SIZE]; |
498 |
+ }; |
499 |
+ |
500 |
+@@ -256,7 +255,6 @@ extern int fscrypt_has_permitted_context(struct inode *, struct inode *); |
501 |
+ extern int fscrypt_inherit_context(struct inode *, struct inode *, |
502 |
+ void *, bool); |
503 |
+ /* keyinfo.c */ |
504 |
+-extern int get_crypt_info(struct inode *); |
505 |
+ extern int fscrypt_get_encryption_info(struct inode *); |
506 |
+ extern void fscrypt_put_encryption_info(struct inode *, struct fscrypt_info *); |
507 |
+ |
508 |
+diff --git a/kernel/sched/deadline.c b/kernel/sched/deadline.c |
509 |
+index 37e2449186c4..c95c5122b105 100644 |
510 |
+--- a/kernel/sched/deadline.c |
511 |
++++ b/kernel/sched/deadline.c |
512 |
+@@ -1729,12 +1729,11 @@ static void switched_to_dl(struct rq *rq, struct task_struct *p) |
513 |
+ #ifdef CONFIG_SMP |
514 |
+ if (tsk_nr_cpus_allowed(p) > 1 && rq->dl.overloaded) |
515 |
+ queue_push_tasks(rq); |
516 |
+-#else |
517 |
++#endif |
518 |
+ if (dl_task(rq->curr)) |
519 |
+ check_preempt_curr_dl(rq, p, 0); |
520 |
+ else |
521 |
+ resched_curr(rq); |
522 |
+-#endif |
523 |
+ } |
524 |
+ } |
525 |
+ |
526 |
+diff --git a/kernel/sched/rt.c b/kernel/sched/rt.c |
527 |
+index 2516b8df6dbb..f139f22ce30d 100644 |
528 |
+--- a/kernel/sched/rt.c |
529 |
++++ b/kernel/sched/rt.c |
530 |
+@@ -2198,10 +2198,9 @@ static void switched_to_rt(struct rq *rq, struct task_struct *p) |
531 |
+ #ifdef CONFIG_SMP |
532 |
+ if (tsk_nr_cpus_allowed(p) > 1 && rq->rt.overloaded) |
533 |
+ queue_push_tasks(rq); |
534 |
+-#else |
535 |
++#endif /* CONFIG_SMP */ |
536 |
+ if (p->prio < rq->curr->prio) |
537 |
+ resched_curr(rq); |
538 |
+-#endif /* CONFIG_SMP */ |
539 |
+ } |
540 |
+ } |
541 |
+ |
542 |
+diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c |
543 |
+index 5bf7e1bfeac7..e0437a7aa1a2 100644 |
544 |
+--- a/net/xfrm/xfrm_policy.c |
545 |
++++ b/net/xfrm/xfrm_policy.c |
546 |
+@@ -3062,6 +3062,11 @@ static int __net_init xfrm_net_init(struct net *net) |
547 |
+ { |
548 |
+ int rv; |
549 |
+ |
550 |
++ /* Initialize the per-net locks here */ |
551 |
++ spin_lock_init(&net->xfrm.xfrm_state_lock); |
552 |
++ spin_lock_init(&net->xfrm.xfrm_policy_lock); |
553 |
++ mutex_init(&net->xfrm.xfrm_cfg_mutex); |
554 |
++ |
555 |
+ rv = xfrm_statistics_init(net); |
556 |
+ if (rv < 0) |
557 |
+ goto out_statistics; |
558 |
+@@ -3078,11 +3083,6 @@ static int __net_init xfrm_net_init(struct net *net) |
559 |
+ if (rv < 0) |
560 |
+ goto out; |
561 |
+ |
562 |
+- /* Initialize the per-net locks here */ |
563 |
+- spin_lock_init(&net->xfrm.xfrm_state_lock); |
564 |
+- spin_lock_init(&net->xfrm.xfrm_policy_lock); |
565 |
+- mutex_init(&net->xfrm.xfrm_cfg_mutex); |
566 |
+- |
567 |
+ return 0; |
568 |
+ |
569 |
+ out: |
570 |
+diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c |
571 |
+index 671a1d0333f0..a7e27e1140dd 100644 |
572 |
+--- a/net/xfrm/xfrm_user.c |
573 |
++++ b/net/xfrm/xfrm_user.c |
574 |
+@@ -412,7 +412,14 @@ static inline int xfrm_replay_verify_len(struct xfrm_replay_state_esn *replay_es |
575 |
+ up = nla_data(rp); |
576 |
+ ulen = xfrm_replay_state_esn_len(up); |
577 |
+ |
578 |
+- if (nla_len(rp) < ulen || xfrm_replay_state_esn_len(replay_esn) != ulen) |
579 |
++ /* Check the overall length and the internal bitmap length to avoid |
580 |
++ * potential overflow. */ |
581 |
++ if (nla_len(rp) < ulen || |
582 |
++ xfrm_replay_state_esn_len(replay_esn) != ulen || |
583 |
++ replay_esn->bmp_len != up->bmp_len) |
584 |
++ return -EINVAL; |
585 |
++ |
586 |
++ if (up->replay_window > up->bmp_len * sizeof(__u32) * 8) |
587 |
+ return -EINVAL; |
588 |
+ |
589 |
+ return 0; |