Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ https://git.shady.money/linux/atom?h=v5.9 2020-08-16T01:50:32Z 2020-08-16T01:50:32Z Linus Torvalds torvalds@linux-foundation.org 2020-08-16T01:50:32Z urn:sha1:5bbec3cfe376ed0014d9456a9be11d5ed75d587b Pull arch/sh updates from Rich Felker: "Cleanup, SECCOMP_FILTER support, message printing fixes, and other changes to arch/sh" * tag 'sh-for-5.9' of git://git.libc.org/linux-sh: (34 commits) sh: landisk: Add missing initialization of sh_io_port_base sh: bring syscall_set_return_value in line with other architectures sh: Add SECCOMP_FILTER sh: Rearrange blocks in entry-common.S sh: switch to copy_thread_tls() sh: use the generic dma coherent remap allocator sh: don't allow non-coherent DMA for NOMMU dma-mapping: consolidate the NO_DMA definition in kernel/dma/Kconfig sh: unexport register_trapped_io and match_trapped_io_handler sh: don't include <asm/io_trapped.h> in <asm/io.h> sh: move the ioremap implementation out of line sh: move ioremap_fixed details out of <asm/io.h> sh: remove __KERNEL__ ifdefs from non-UAPI headers sh: sort the selects for SUPERH alphabetically sh: remove -Werror from Makefiles sh: Replace HTTP links with HTTPS ones arch/sh/configs: remove obsolete CONFIG_SOC_CAMERA* sh: stacktrace: Remove stacktrace_ops.stack() sh: machvec: Modernize printing of kernel messages sh: pci: Modernize printing of kernel messages ... 2020-08-15T02:05:19Z Michael Karcher kernel@mkarcher.dialup.fu-berlin.de 2020-07-22T23:13:21Z urn:sha1:0bb605c2c7f2b4b314b91510810b226de7f34fa1 Port sh to use the new SECCOMP_FILTER code. Signed-off-by: Michael Karcher <kernel@mkarcher.dialup.fu-berlin.de> Tested-by: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de> Signed-off-by: Rich Felker <dalias@libc.org> 2020-08-06T17:15:28Z Linus Torvalds torvalds@linux-foundation.org 2020-08-06T17:15:28Z urn:sha1:2044513ffe4a9c18e6e2a64f048e05d8b62fa927 Pull arch/csky updates from Guo Ren: "New features: - seccomp-filter - err-injection - top-down&random mmap-layout - irq_work - show_ipi - context-tracking Fixes & Optimizations: - kprobe_on_ftrace - optimize panic print" * tag 'csky-for-linus-5.9-rc1' of https://github.com/c-sky/csky-linux: csky: Add context tracking support csky: Add arch_show_interrupts for IPI interrupts csky: Add irq_work support csky: Fixup warning by EXPORT_SYMBOL(kmap) csky: Set CONFIG_NR_CPU 4 as default csky: Use top-down mmap layout csky: Optimize the trap processing flow csky: Add support for function error injection csky: Fixup kprobes handler couldn't change pc csky: Fixup duplicated restore sp in RESTORE_REGS_FTRACE csky: Add cpu feature register hint for smp csky: Add SECCOMP_FILTER supported csky: remove unusued thread_saved_pc and *_segments functions/macros 2020-08-06T17:07:40Z Linus Torvalds torvalds@linux-foundation.org 2020-08-06T17:07:40Z urn:sha1:bbcf9cd1576752ebe8d618ad8c6500b7e262ffac Pull Xtensa updates from Max Filippov: - add syscall audit support - add seccomp filter support - clean up make rules under arch/xtensa/boot - fix state management for exclusive access opcodes - fix build with PMU enabled * tag 'xtensa-20200805' of git://github.com/jcmvbkbc/linux-xtensa: xtensa: add missing exclusive access state management xtensa: fix xtensa_pmu_setup prototype xtensa: add boot subdirectories build artifacts to 'targets' xtensa: add uImage and xipImage to targets xtensa: move vmlinux.bin[.gz] to boot subdirectory xtensa: initialize_mmu.h: fix a duplicated word selftests/seccomp: add xtensa support xtensa: add seccomp support xtensa: expose syscall through user_pt_regs xtensa: add audit support 2020-08-04T21:11:08Z Linus Torvalds torvalds@linux-foundation.org 2020-08-04T21:11:08Z urn:sha1:9ecc6ea491f0c0531ad81ef9466284df260b2227 Pull seccomp updates from Kees Cook: "There are a bunch of clean ups and selftest improvements along with two major updates to the SECCOMP_RET_USER_NOTIF filter return: EPOLLHUP support to more easily detect the death of a monitored process, and being able to inject fds when intercepting syscalls that expect an fd-opening side-effect (needed by both container folks and Chrome). The latter continued the refactoring of __scm_install_fd() started by Christoph, and in the process found and fixed a handful of bugs in various callers. - Improved selftest coverage, timeouts, and reporting - Add EPOLLHUP support for SECCOMP_RET_USER_NOTIF (Christian Brauner) - Refactor __scm_install_fd() into __receive_fd() and fix buggy callers - Introduce 'addfd' command for SECCOMP_RET_USER_NOTIF (Sargun Dhillon)" * tag 'seccomp-v5.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: (30 commits) selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD seccomp: Introduce addfd ioctl to seccomp user notifier fs: Expand __receive_fd() to accept existing fd pidfd: Replace open-coded receive_fd() fs: Add receive_fd() wrapper for __receive_fd() fs: Move __scm_install_fd() to __receive_fd() net/scm: Regularize compat handling of scm_detach_fds() pidfd: Add missing sock updates for pidfd_getfd() net/compat: Add missing sock updates for SCM_RIGHTS selftests/seccomp: Check ENOSYS under tracing selftests/seccomp: Refactor to use fixture variants selftests/harness: Clean up kern-doc for fixtures seccomp: Use -1 marker for end of mode 1 syscall list seccomp: Fix ioctl number for SECCOMP_IOCTL_NOTIF_ID_VALID selftests/seccomp: Rename user_trap_syscall() to user_notif_syscall() selftests/seccomp: Make kcmp() less required seccomp: Use pr_fmt selftests/seccomp: Improve calibration loop selftests/seccomp: use 90s as timeout selftests/seccomp: Expand benchmark to per-filter measurements ... 2020-07-31T01:51:05Z Guo Ren guoren@linux.alibaba.com 2020-05-26T08:11:52Z urn:sha1:e95a4f8cb985e759648b32ed0b721a472deb86a5 secure_computing() is called first in syscall_trace_enter() so that a system call will be aborted quickly without doing succeeding syscall tracing if seccomp rules want to deny that system call. TODO: - Update https://github.com/seccomp/libseccomp csky support Signed-off-by: Guo Ren <guoren@linux.alibaba.com> Cc: Arnd Bergmann <arnd@arndb.de> 2020-07-28T07:57:06Z Max Filippov jcmvbkbc@gmail.com 2019-11-29T08:43:58Z urn:sha1:768877beed015bcb215dae11f8ed5644bb7f12ec Xtensa syscall number can be obtained and changed through the struct user_pt_regs. Syscall return value register is fixed relatively to the current register window in the user_pt_regs, so it needs a bit of special treatment. Signed-off-by: Max Filippov <jcmvbkbc@gmail.com> 2020-07-14T23:30:22Z Sargun Dhillon sargun@sargun.me 2020-06-03T01:10:44Z urn:sha1:c97aedc52dce4c87d4c44de4e6af941cd102600c Test whether we can add file descriptors in response to notifications. This injects the file descriptors via notifications, and then uses kcmp to determine whether or not it has been successful. It also includes some basic sanity checking for arguments. Signed-off-by: Sargun Dhillon <sargun@sargun.me> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Chris Palmer <palmer@google.com> Cc: Christian Brauner <christian.brauner@ubuntu.com> Cc: Jann Horn <jannh@google.com> Cc: Kees Cook <keescook@chromium.org> Cc: Robert Sesek <rsesek@google.com> Cc: Tycho Andersen <tycho@tycho.ws> Cc: Matt Denton <mpdenton@google.com> Cc: linux-fsdevel@vger.kernel.org Cc: linux-kernel@vger.kernel.org Link: https://lore.kernel.org/r/20200603011044.7972-5-sargun@sargun.me Co-developed-by: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> 2020-07-10T23:01:52Z Kees Cook keescook@chromium.org 2020-07-05T05:57:33Z urn:sha1:11eb004ef7ead0c43586adea0340b51da095bdee There should be no difference between -1 and other negative syscalls while tracing. Cc: Keno Fischer <keno@juliacomputing.com> Tested-by: Will Deacon <will@kernel.org> Signed-off-by: Kees Cook <keescook@chromium.org> 2020-07-10T23:01:52Z Kees Cook keescook@chromium.org 2020-07-05T05:34:04Z urn:sha1:adeeec8472397001901c06aa41d1b2fd1068e222 Now that the selftest harness has variants, use them to eliminate a bunch of copy/paste duplication. Reviewed-by: Jakub Kicinski <kuba@kernel.org> Tested-by: Will Deacon <will@kernel.org> Signed-off-by: Kees Cook <keescook@chromium.org>