23 Sep, 2011
4 commits
-
Since the buffer might contain security related data it might be a good idea to
zero the buffer after we have copied it to userspace.This got assigned CVE-2011-1162.
Signed-off-by: Rajiv Andrade
Cc: Stable Kernel
Signed-off-by: James Morris -
This patch changes the call of tpm_transmit by supplying the size of the
userspace buffer instead of TPM_BUFSIZE.This got assigned CVE-2011-1161.
[The first hunk didn't make sense given one could expect
way less data than TPM_BUFSIZE, so added tpm_transmit boundary
check over bufsiz instead
The last parameter of tpm_transmit() reflects the amount
of data expected from the device, and not the buffer size
being supplied to it. It isn't ideal to parse it directly,
so we just set it to the maximum the input buffer can handle
and let the userspace API to do such job.]Signed-off-by: Rajiv Andrade
Cc: Stable Kernel
Signed-off-by: James Morris -
platform_device_unregister() will release all resources
and remove it from the subsystem, then drop reference count by
calling platform_device_put().We should not call kfree(pdev) after platform_device_unregister(pdev).
Signed-off-by: Axel Lin
Signed-off-by: Rajiv Andrade
Signed-off-by: James Morris -
On m68k, I get:
drivers/char/tpm/tpm_atmel.h: In function ‘atmel_get_base_addr’:
drivers/char/tpm/tpm_atmel.h:129: error: implicit declaration of function ‘ioport_map’
drivers/char/tpm/tpm_atmel.h:129: warning: return makes pointer from integer without a castThe code in tpm_atmel.h supports PPC64 (using the device tree and ioremap())
and "anything else" (using ioport_map()). However, ioportmap() is only
available on platforms that set HAS_IOPORT.Although PC64 seems to have HAS_IOPORT, a "depends on HAS_IOPORT" should work,
but I think it's better to expose the special PPC64 handling explicit using
"depends on PPC64 || HAS_IOPORT".Signed-off-by: Geert Uytterhoeven
Signed-off-by: Rajiv Andrade
Signed-off-by: James Morris
26 Aug, 2011
1 commit
-
The various basic memory allocation function return NULL, not an
ERR_PTR.The semantic patch that makes this change is available in
scripts/coccinelle/null/eno.cocci.More information about semantic patching is available at
http://coccinelle.lip6.fr/Signed-off-by: Thomas Meyer
Cc: Niranjana Vishwanathapura
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
07 Aug, 2011
1 commit
-
Computers have become a lot faster since we compromised on the
partial MD4 hash which we use currently for performance reasons.MD5 is a much safer choice, and is inline with both RFC1948 and
other ISS generators (OpenBSD, Solaris, etc.)Furthermore, only having 24-bits of the sequence number be truly
unpredictable is a very serious limitation. So the periodic
regeneration and 8-bit counter have been removed. We compute and
use a full 32-bit sequence number.For ipv6, DCCP was found to use a 32-bit truncated initial sequence
number (it needs 43-bits) and that is fixed here as well.Reported-by: Dan Kaminsky
Tested-by: Willy Tarreau
Signed-off-by: David S. Miller
04 Aug, 2011
2 commits
-
Fix tpm_tis.c build when CONFIG_ACPI is not enabled by providing a stub
function. Fixes many build errors/warnings:drivers/char/tpm/tpm_tis.c:89: error: dereferencing pointer to incomplete type
drivers/char/tpm/tpm_tis.c:89: warning: type defaults to 'int' in declaration of 'type name'
drivers/char/tpm/tpm_tis.c:89: error: request for member 'list' in something not a structure or union
...Signed-off-by: Randy Dunlap
Cc: Leendert van Doorn
Cc: James Morris
Cc: Ingo Molnar
Cc: Stephen Rothwell
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Update the module parameters when platform data is used. This means
that they can be read from /sys/module/ramoops/parameters in order to
parse the memory area.Signed-off-by: Sergiu Iordache
Cc: Marco Stornelli
Cc: Seiji Aguchi
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
03 Aug, 2011
2 commits
-
* git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile:
arch/tile/mm/init.c: trivial: use BUG_ON
arch/tile: remove useless set_fixmap_nocache() macro
arch/tile: add hypervisor-based character driver for SPI flash ROM
ioctl-number.txt: add the tile hardwall ioctl range
tile: use generic-y format for one-line asm-generic headers
clocksource: tile: convert to use clocksource_register_hz
30 Jul, 2011
1 commit
-
Fixes this:
drivers/char/ramoops.c: In function 'ramoops_init':
drivers/char/ramoops.c:221: error: implicit declaration of function 'IS_ERR'
drivers/char/ramoops.c:222: error: implicit declaration of function 'PTR_ERR'If it actually builds on other platforms, it's probably getting
linux/err.h via some other #include.Signed-off-by: James Bottomley
Signed-off-by: Linus Torvalds
28 Jul, 2011
2 commits
-
And stop referring to Victoria Falls, as the attribute we're
talking about is whether the rng is multi-unit capable which
applies to several chip variants now.Signed-off-by: David S. Miller
-
…s/security-testing-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: (54 commits)
tpm_nsc: Fix bug when loading multiple TPM drivers
tpm: Move tpm_tis_reenable_interrupts out of CONFIG_PNP block
tpm: Fix compilation warning when CONFIG_PNP is not defined
TOMOYO: Update kernel-doc.
tpm: Fix a typo
tpm_tis: Probing function for Intel iTPM bug
tpm_tis: Fix the probing for interrupts
tpm_tis: Delay ACPI S3 suspend while the TPM is busy
tpm_tis: Re-enable interrupts upon (S3) resume
tpm: Fix display of data in pubek sysfs entry
tpm_tis: Add timeouts sysfs entry
tpm: Adjust interface timeouts if they are too small
tpm: Use interface timeouts returned from the TPM
tpm_tis: Introduce durations sysfs entry
tpm: Adjust the durations if they are too small
tpm: Use durations returned from TPM
TOMOYO: Enable conditional ACL.
TOMOYO: Allow using argv[]/envp[] of execve() as conditions.
TOMOYO: Allow using executable's realpath and symlink's target as conditions.
TOMOYO: Allow using owner/group etc. of file objects as conditions.
...Fix up trivial conflict in security/tomoyo/realpath.c
27 Jul, 2011
5 commits
-
This allows us to move duplicated code in
(atomic_inc_not_zero() for now) toSigned-off-by: Arun Sharma
Reviewed-by: Eric Dumazet
Cc: Ingo Molnar
Cc: David Miller
Cc: Eric Dumazet
Acked-by: Mike Frysinger
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
The size of the dump is currently set using the RECORD_SIZE macro which
is set to a page size. This patch makes the record size a module
parameter and allows it to be set through platform data as well to allow
larger dumps if needed.Signed-off-by: Sergiu Iordache
Acked-by: Marco Stornelli
Cc: "Ahmed S. Darwish"
Cc: Artem Bityutskiy
Cc: Kyungmin Park
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
The platform driver currently allows setting the mem_size and
mem_address.ince dump_oops is also a module parameter it would be more consistent if
it could be set through platform data as well.Signed-off-by: Sergiu Iordache
Acked-by: Marco Stornelli
Cc: "Ahmed S. Darwish"
Cc: Artem Bityutskiy
Cc: Kyungmin Park
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Add new line to each print.
Signed-off-by: Marco Stornelli
Reported-by: Stevie Trujillo
Cc: Kyungmin Park
Cc: Américo Wang
Cc: Joe Perches
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Use generic module parameters instead of platform data, if platform data
are not available. This limitation has been introduced with commit
c3b92ce9e75 ("ramoops: use the platform data structure instead of module
params").[akpm@linux-foundation.org: coding-style fixes]
Signed-off-by: Marco Stornelli
Cc: Kyungmin Park
Cc: Américo Wang
Reported-by: Stevie Trujillo
Cc: Joe Perches
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
26 Jul, 2011
2 commits
-
This patch fixes kernel bugzilla 34572.
https://bugzilla.kernel.org/show_bug.cgi?id=34572
Signed-off-by: Stefan Berger
Reported-by: Witold Baryluk
Tested-by: Witold Baryluk
Signed-off-by: James Morris -
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial: (43 commits)
fs: Merge split strings
treewide: fix potentially dangerous trailing ';' in #defined values/expressions
uwb: Fix misspelling of neighbourhood in comment
net, netfilter: Remove redundant goto in ebt_ulog_packet
trivial: don't touch files that are removed in the staging tree
lib/vsprintf: replace link to Draft by final RFC number
doc: Kconfig: `to be' -> `be'
doc: Kconfig: Typo: square -> squared
doc: Konfig: Documentation/power/{pm => apm-acpi}.txt
drivers/net: static should be at beginning of declaration
drivers/media: static should be at beginning of declaration
drivers/i2c: static should be at beginning of declaration
XTENSA: static should be at beginning of declaration
SH: static should be at beginning of declaration
MIPS: static should be at beginning of declaration
ARM: static should be at beginning of declaration
rcu: treewide: Do not use rcu_read_lock_held when calling rcu_dereference_check
Update my e-mail address
PCIe ASPM: forcedly -> forcibly
gma500: push through device driver tree
...Fix up trivial conflicts:
- arch/arm/mach-ep93xx/dma-m2p.c (deleted)
- drivers/gpio/gpio-ep93xx.c (renamed and context nearby)
- drivers/net/r8169.c (just context changes)
25 Jul, 2011
1 commit
-
* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (34 commits)
crypto: caam - ablkcipher support
crypto: caam - faster aead implementation
crypto: caam - structure renaming
crypto: caam - shorter names
crypto: talitos - don't bad_key in ablkcipher setkey
crypto: talitos - remove unused giv from ablkcipher methods
crypto: talitos - don't set done notification in hot path
crypto: talitos - ensure request ordering within a single tfm
crypto: gf128mul - fix call to memset()
crypto: s390 - support hardware accelerated SHA-224
crypto: algif_hash - Handle initial af_alg_make_sg error correctly
crypto: sha1_generic - use SHA1_BLOCK_SIZE
hwrng: ppc4xx - add support for ppc4xx TRNG
crypto: crypto4xx - Perform read/modify/write on device control register
crypto: caam - fix build warning when DEBUG_FS not configured
crypto: arc4 - Fixed coding style issues
crypto: crc32c - Fixed coding style issue
crypto: omap-sham - do not schedule tasklet if there is no active requests
crypto: omap-sham - clear device flags when finishing request
crypto: omap-sham - irq handler must not clear error code
...
23 Jul, 2011
3 commits
-
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6: (107 commits)
vfs: use ERR_CAST for err-ptr tossing in lookup_instantiate_filp
isofs: Remove global fs lock
jffs2: fix IN_DELETE_SELF on overwriting rename() killing a directory
fix IN_DELETE_SELF on overwriting rename() on ramfs et.al.
mm/truncate.c: fix build for CONFIG_BLOCK not enabled
fs:update the NOTE of the file_operations structure
Remove dead code in dget_parent()
AFS: Fix silly characters in a comment
switch d_add_ci() to d_splice_alias() in "found negative" case as well
simplify gfs2_lookup()
jfs_lookup(): don't bother with . or ..
get rid of useless dget_parent() in btrfs rename() and link()
get rid of useless dget_parent() in fs/btrfs/ioctl.c
fs: push i_mutex and filemap_write_and_wait down into ->fsync() handlers
drivers: fix up various ->llseek() implementations
fs: handle SEEK_HOLE/SEEK_DATA properly in all fs's that define their own llseek
Ext4: handle SEEK_HOLE/SEEK_DATA generically
Btrfs: implement our own ->llseek
fs: add SEEK_HOLE and SEEK_DATA flags
reiserfs: make reiserfs default to barrier=flush
...Fix up trivial conflicts in fs/xfs/linux-2.6/xfs_super.c due to the new
shrinker callout for the inode cache, that clashed with the xfs code to
start the periodic workers later. -
* 'x86-vdso-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
x86-64, vdso: Do not allocate memory for the vDSO
clocksource: Change __ARCH_HAS_CLOCKSOURCE_DATA to a CONFIG option
x86, vdso: Drop now wrong comment
Document the vDSO and add a reference parser
ia64: Replace clocksource.fsys_mmio with generic arch data
x86-64: Move vread_tsc and vread_hpet into the vDSO
clocksource: Replace vread with generic arch data
x86-64: Add --no-undefined to vDSO build
x86-64: Allow alternative patching in the vDSO
x86: Make alternative instruction pointers relative
x86-64: Improve vsyscall emulation CS and RIP handling
x86-64: Emulate legacy vsyscalls
x86-64: Fill unused parts of the vsyscall page with 0xcc
x86-64: Remove vsyscall number 3 (venosys)
x86-64: Map the HPET NX
x86-64: Remove kernel.vsyscall64 sysctl
x86-64: Give vvars their own page
x86-64: Document some of entry_64.S
x86-64: Fix alignment of jiffies variable -
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/suspend-2.6: (51 commits)
PM: Improve error code of pm_notifier_call_chain()
PM: Add "RTC" to PM trace time stamps to avoid confusion
PM / Suspend: Export suspend_set_ops, suspend_valid_only_mem
PM / Suspend: Add .suspend_again() callback to suspend_ops
PM / OPP: Introduce function to free cpufreq table
ARM / shmobile: Return -EBUSY from A4LC power off if A3RV is active
PM / Domains: Take .power_off() error code into account
ARM / shmobile: Use genpd_queue_power_off_work()
ARM / shmobile: Use pm_genpd_poweroff_unused()
PM / Domains: Introduce function to power off all unused PM domains
OMAP: PM: disable idle on suspend for GPIO and UART
OMAP: PM: omap_device: add API to disable idle on suspend
OMAP: PM: omap_device: add system PM methods for PM domain handling
OMAP: PM: omap_device: conditionally use PM domain runtime helpers
PM / Runtime: Add new helper function: pm_runtime_status_suspended()
PM / Domains: Queue up power off work only if it is not pending
PM / Domains: Improve handling of wakeup devices during system suspend
PM / Domains: Do not restore all devices on power off error
PM / Domains: Allow callbacks to execute all runtime PM helpers
PM / Domains: Do not execute device callbacks under locks
...
22 Jul, 2011
2 commits
-
This patch moves the tpm_tis_reenable_interrupts function out of the
CONFIG_PNP-surrounded #define block. This solves a compilation error in
case CONFIG_PNP is not defined.Signed-off-by: Stefan Berger
Reported-by: Randy Dunlap
Acked-by: Randy Dunlap
Signed-off-by: James Morris -
IPv6 fragment identification generation is way beyond what we use for
IPv4 : It uses a single generator. Its not scalable and allows DOS
attacks.Now inetpeer is IPv6 aware, we can use it to provide a more secure and
scalable frag ident generator (per destination, instead of system wide)This patch :
1) defines a new secure_ipv6_id() helper
2) extends inet_getid() to provide 32bit results
3) extends ipv6_select_ident() with a new dest parameterReported-by: Fernando Gont
Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller
21 Jul, 2011
3 commits
-
Btrfs needs to be able to control how filemap_write_and_wait_range() is called
in fsync to make it less of a painful operation, so push down taking i_mutex and
the calling of filemap_write_and_wait() down into the ->fsync() handlers. Some
file systems can drop taking the i_mutex altogether it seems, like ext3 and
ocfs2. For correctness sake I just pushed everything down in all cases to make
sure that we keep the current behavior the same for everybody, and then each
individual fs maintainer can make up their mind about what to do from there.
Thanks,Acked-by: Jan Kara
Signed-off-by: Josef Bacik
Signed-off-by: Al Viro -
Fix up a few ->llseek() implementations that won't deal with SEEK_HOLE/SEEK_DATA
properly. Make them future proof so that if we ever add new options they will
return -EINVAL. Thanks,Signed-off-by: Josef Bacik
Signed-off-by: Al Viro -
The is_itpm() function is only accessed from a block surrounded by
#ifdef CONFIG_PNP. Therefore, also surround it with #ifdef CONFIG_PNP
and remove the #else branch causing the warning.http://lxr.linux.no/#linux+v2.6.39/drivers/char/tpm/tpm_tis.c#L622
v2:
- fixes a previous typoSigned-off-by: Stefan Berger
Reported-by: Randy Dunlap
Signed-off-by: James Morris
16 Jul, 2011
1 commit
-
This enables pm_notifier_call_chain() to get the actual error code
in the callback rather than always assume -EINVAL by converting all
PM notifier calls to return encapsulate error code with
notifier_from_errno().Signed-off-by: Akinobu Mita
Signed-off-by: Rafael J. Wysocki
15 Jul, 2011
1 commit
-
Now that clocksource.archdata is available, use it for ia64-specific
code.Cc: Clemens Ladisch
Cc: linux-ia64@vger.kernel.org
Cc: Tony Luck
Cc: Fenghua Yu
Cc: John Stultz
Cc: Thomas Gleixner
Signed-off-by: Andy Lutomirski
Link: http://lkml.kernel.org/r/d31de0ee0842a0e322fb6441571c2b0adb323fa2.1310563276.git.luto@mit.edu
Signed-off-by: H. Peter Anvin
13 Jul, 2011
9 commits
-
Konstantin Belousov found an error in the define of G4x_GMCH_SIZE_VT_2M
relative to the GMCH specs, and confirmed that indeed one of his users
with a Q45 reports 0xb not 0xc for a 2/2MiB GATT.Signed-off-by: Chris Wilson
Cc: Konstantin Belousov
Cc: Daniel Vetter
Acked-by: Daniel Vetter
Signed-off-by: Dave Airlie -
This patch fixes a typo.
Signed-off-by: Stefan Berger
Signed-off-by: Rajiv Andrade -
This patch introduces a function for automatic probing for the Intel iTPM
STS_DATA_EXPECT flaw.The patch splits the current tpm_tis_send function into 2 parts where the 1st
part is now called tpm_tis_send_data() and merely sends the data to the TPM.
This function is then used for probing. The new tpm_tis_send function now
first calls tpm_tis_send_data and if that succeeds has the TPM process the
command and waits until the response is there.The probing for the Intel iTPM is only invoked if the user has not passed
itpm=1 as parameter for the module *or* if such a TPM was detected via ACPI.
Previously it was necessary to pass itpm=1 when also passing force=1 to the
module when doing a 'modprobe'. This function is more general than the ACPI
test function and the function relying on ACPI could probably be removed.Signed-off-by: Stefan Berger
Signed-off-by: Rajiv Andrade -
This patch fixes several aspects of the probing for interrupts.
This patch reads the TPM's timeouts before probing for the interrupts. The
tpm_get_timeouts() function is invoked in polling mode and gets the proper
timeouts from the TPM so that we don't need to fall back to 2 minutes timeouts
for short duration commands while the interrupt probing is happening.This patch introduces a variable probed_irq into the vendor structure that gets
the irq number if an interrupt is received while the the tpm_gen_interrupt()
function is run in polling mode during interrupt probing. Previously some
parts of tpm_gen_interrupt() were run in polling mode, then the irq variable
was set in the interrupt handler when an interrupt was received and execution
of tpm_gen_interrupt() ended up switching over to interrupt mode.
tpm_gen_interrupt() execution ended up on an event queue where it eventually
timed out since the probing handler doesn't wake any queues.Before calling into free_irq() clear all interrupt flags that may have
been set by the TPM. The reason is that free_irq() will call into the probing
interrupt handler and may otherwise fool us into thinking that a real interrupt
happened (because we see the flags as being set) while the TPM's interrupt line
is not even connected to anything on the motherboard. This solves a problem
on one machine I did testing on (Thinkpad T60).If a TPM claims to use a specifc interrupt, the probing is done as well
to verify that the interrupt is actually working. If a TPM indicates
that it does not use a specific interrupt (returns '0'), probe all interrupts
from 3 to 15.Signed-off-by: Stefan Berger
Signed-off-by: Rajiv Andrade -
This patch delays the (ACPI S3) suspend while the TPM is busy processing a
command and the TPM TIS driver is run in interrupt mode. This is the same
behavior as we already have it for the TPM TIS driver in polling mode.Reasoning: Some of the TPM's commands advance the internal state of the TPM.
An example would be the extending of one of its PCR registers. Upper layers,
such as IMA or TSS (TrouSerS), would certainly want to be sure that the
command succeeded rather than getting an error code (-62 = -ETIME) that may
not give a conclusive answer as for what reason the command failed. Reissuing
such a command would put the TPM into the wrong state, so waiting for it to
finish is really the only option.The downside is that some commands (key creation) can take a long time and
actually prevent the machine from entering S3 at all before the 20 second
timeout of the power management subsystem arrives.Signed-off-by: Stefan Berger
Signed-off-by: Rajiv Andrade -
This patch makes sure that if the TPM TIS interface is run in interrupt mode
(rather than polling mode) that all interrupts are enabled in the TPM's
interrupt enable register after a resume from ACPI S3 suspend. The registers
may either have been cleared by the TPM loosing its state during device sleep
or by the BIOS leaving the TPM in polling mode (after sending a command to
the TPM for starting it up again)You may want to check if your TPM runs with interrupts by doing
cat /proc/interrupts | grep -i tpm
and see whether there is an entry or otherwise for it to use interrupts:
modprobe tpm_tis interrupts=1 [add 'itpm=1' for Intel TPM ]
v2:
- the patch was adapted to work with the pnp and platform driver
implementations in tpm_tis.cSigned-off-by: Stefan Berger
Signed-off-by: Rajiv Andrade -
This patch fixes the TPM's pubek sysfs entry that is accessible as long
as the TPM doesn't have an owner. It was necessary to shift the access to the
data by -10 -- the first byte immediately follows the 10 byte header. The
linedata = tpm_cmd.params.readpubek_out_buffer;
sets it at the offset '10' in the packet, so we can read the data array
starting at offset '0'.Before:
Algorithm: 00 0C 00 00
Encscheme: 08 00
Sigscheme: 00 00
Parameters: 00 00 00 00 01 00 AC E2 5E 3C A0 78
Modulus length: -563306801
Modulus:
28 21 08 0F 82 CD F2 B1 E7 49 F7 74 70 BE 59 8C
43 78 B1 24 EA 52 E2 FE 52 5C 3A 12 3B DC 61 71
[...]After:
Algorithm: 00 00 00 01
Encscheme: 00 03
Sigscheme: 00 01
Parameters: 00 00 08 00 00 00 00 02 00 00 00 00
Modulus length: 256
Modulus:
AC E2 5E 3C A0 78 DE 6C 9E CF 28 21 08 0F 82 CD
F2 B1 E7 49 F7 74 70 BE 59 8C 43 78 B1 24 EA 52
[...]Signed-off-by: Stefan Berger
Signed-off-by: Rajiv Andrade -
Display the TPM's interface timeouts in a 'timeouts' sysfs entry. Display
the entries as having been adjusted when they were scaled due to their values
being reported in milliseconds rather than microseconds.Signed-off-by: Stefan Berger
Signed-off-by: Rajiv Andrade -
Adjust the interface timeouts if they are found to be too small, i.e., if
they are returned in milliseconds rather than microseconds as we heared
from Infineon that some (old) Infineon TPMs do.Signed-off-by: Stefan Berger
Signed-off-by: Rajiv Andrade
