1. 18 Feb, 2020 25 commits
    • Christian Brauner's avatar
      selftests: add simple fsid mapping selftests · eec00d67
      Christian Brauner authored
      - Verify that fsid mappings cannot be written when if mappings have been
        written already.
      - Set up an id mapping and an fsid mapping, create a file and compare ids in
        child and parent user namespace.
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      patch not present
      
      /* v3 */
      patch added
      eec00d67
    • Christian Brauner's avatar
      keys: handle fsid mappings · 5adec798
      Christian Brauner authored
      Similar to proc and sysfs let keys use kfsids which are always mapped according
      to id mappings.
      Suggested-by: default avatarJann Horn <[email protected]>
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      patch not present
      
      /* v3 */
      patch added
      - Jann Horn <[email protected]>:
        - Add patch to handle the keyrings.
      5adec798
    • Christian Brauner's avatar
      sys: handle fsid mappings in set*id() calls · 71b1e9a5
      Christian Brauner authored
      Switch set*id() calls to lookup fsids in the fsid mappings. If no fsid mappings
      are setup the behavior is unchanged, i.e. fsids are looked up in the id
      mappings.
      
      A caller can only setid() to a given id if the id maps to a valid kid in
      both the id and fsid maps of the caller's user namespace. This is always the
      case when no id mappings and fsid mappings have been written. It is also always
      the case when an id mapping has been written which includes the target id and
      but no fsid mappings have been written. All non-fsid mapping aware workloads
      will thus work just as before.
      
      During setr*id() calls the kfsid is set to the keid corresponding to the eid
      that is requested by userspace. If the requested eid is -1 the kfsid is reset
      to the current keid. For the latter case this means we need to lookup the
      corresponding userspace eid corresponding to the current keid in the id
      mappings and translate this eid into the corresponding kfsid in the fsid
      mappings.
      
      We require that a user must have a valid fsid mapping for the target id. This
      is consistent with how the setid calls work today without fsid mappings.
      
      The kfsid to cleanly handle userns visible filesystem is set as before.
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      - Christian Brauner <[email protected]>:
        - set kfsid which is used when dealing with proc permission checking
      
      /* v3 */
      - Jann Horn <[email protected]>:
        - Squash all set*id() patches into a single patch and move this to be the
          last patch so we don't expose a half-done feature in the middle of this
          series.
      71b1e9a5
    • Christian Brauner's avatar
      devpts: handle fsid mappings · 1f4e70f0
      Christian Brauner authored
      When a uid or gid mount option is specified with devpts have it lookup the
      corresponding kfsids in the fsid mappings. If no fsid mappings are setup the
      behavior is unchanged, i.e. fsids are looked up in the id mappings.
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      unchanged
      
      /* v3 */
      unchanged
      1f4e70f0
    • Christian Brauner's avatar
      ptrace: adapt ptrace_may_access() to always uses unmapped fsids · 9f3e9590
      Christian Brauner authored
      ptrace_may_access() with PTRACE_MODE_FSCREDS is only used with proc and proc
      wants to use the unmapped fsids.
      Suggested-by: default avatarJann Horn <[email protected]>
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      patch added
      
      /* v3 */
      unchanged
      9f3e9590
    • Christian Brauner's avatar
      exec: bprm_fill_uid(): handle fsid mappings · 6011bdf0
      Christian Brauner authored
      Make sure that during suid/sgid binary execution we lookup the fsids in the
      fsid mappings. If the kernel is compiled without fsid mappings or no fsid
      mappings are setup the behavior is unchanged.
      
      Assuming we have a binary in a given user namespace that is owned by 0:0 in the
      given user namespace which appears as 300000:300000 on-disk in the initial user
      namespace. Now assume we write an id mapping of 0 100000 100000 and an fsid
      mapping for 0 300000 300000 in the user namespace. When we hit bprm_fill_uid()
      during setid execution we will retrieve inode kuid=300000 and kgid=300000. We
      first check whether there's an fsid mapping for these kids. In our scenario we
      find that they map to fsuid=0 and fsgid=0 in the user namespace. Now we
      translate them into kids in the id mapping. In our example they translate to
      kuid=100000 and kgid=100000 which means the file will ultimately run as uid=0
      and gid=0 in the user namespace and as uid=100000, gid=100000 in the initial
      user namespace.
      Let's alter the example and assume that there is an fsid mapping of 0 300000
      300000 set up but no id mapping has been setup for the user namespace. In this
      the last step of translating into a valid kid pair in the id mappings will fail
      and we will behave as before and ignore the sid bits.
      
      Cc: Jann Horn <[email protected]>
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      patch added
      - Christian Brauner <[email protected]>:
        - Make sure that bprm_fill_uid() handles fsid mappings.
      
      /* v3 */
      - Christian Brauner <[email protected]>:
        - Fix commit message.
      6011bdf0
    • Christian Brauner's avatar
      commoncap: handle fsid mappings with vfs caps · 7ee695f0
      Christian Brauner authored
      Switch vfs cap helpers to lookup fsids in the fsid mappings. If no fsid
      mappings are setup the behavior is unchanged, i.e. fsids are looked up in the
      id mappings.
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      unchanged
      
      /* v3 */
      unchanged
      7ee695f0
    • Christian Brauner's avatar
      commoncap: cap_task_fix_setuid(): handle fsid mappings · 14a15e1b
      Christian Brauner authored
      Switch cap_task_fix_setuid() to lookup fsids in the fsid mappings. If no fsid
      mappings are setup the behavior is unchanged, i.e. fsids are looked up in the
      id mappings.
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      unchanged
      
      /* v3 */
      unchanged
      14a15e1b
    • Christian Brauner's avatar
      commoncap: cap_bprm_set_creds(): handle fsid mappings · 633db2e9
      Christian Brauner authored
      During exec the kfsids are currently reset to the effective kids. To retain the
      same semantics with the introduction of fsid mappings, we lookup the userspace
      effective id in the id mappings and translate the effective id into the
      corresponding kfsid in the fsid mapping. This means, the behavior is unchanged
      when no fsid mappings are setup and the semantics stay the same even when fsid
      mappings are setup.
      
      Cc: Jann Horn <[email protected]>
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      - Christian Brauner <[email protected]>:
        - Reset kfsids used for userns visible filesystems such as proc too.
      
      /* v3 */
      unchanged
      633db2e9
    • Christian Brauner's avatar
      attr: notify_change(): handle fsid mappings · 10d7811e
      Christian Brauner authored
      Switch notify_change() to lookup fsids in the fsid mappings. If no fsid
      mappings are setup the behavior is unchanged, i.e. fsids are looked up in the
      id mappings.
      
      Filesystems that share a superblock in all user namespaces they are mounted in
      will retain their old semantics even with the introduction of fsid mappings.
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      unchanged
      
      /* v3 */
      unchanged
      10d7811e
    • Christian Brauner's avatar
      posix_acl: handle fsid mappings · 687f1457
      Christian Brauner authored
      Switch posix_acls() to lookup fsids in the fsid mappings. If no fsid
      mappings are setup the behavior is unchanged, i.e. fsids are looked up in the
      id mappings.
      
      Afaict, all filesystems that share a superblock in all user namespaces
      currently do not support acls so this change should be safe to do
      unconditionally.
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      unchanged
      
      /* v3 */
      unchanged
      687f1457
    • Christian Brauner's avatar
      open: handle fsid mappings · a4691062
      Christian Brauner authored
      Let chown_common() lookup fsids in the fsid mappings. If no fsid mappings are
      setup the behavior is unchanged, i.e. fsids are looked up in the id mappings.
      do_faccessat() just needs to translate from real ids into fsids.
      
      Filesystems that share a superblock in all user namespaces they are mounted in
      will retain their old semantics even with the introduction of fsid mappings.
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      - Christian Brauner <[email protected]>:
        - handle faccessat() too
      
      /* v3 */
      unchanged
      a4691062
    • Christian Brauner's avatar
      stat: handle fsid mappings · 1a537a4a
      Christian Brauner authored
      Switch attribute functions looking up fsids to them up in the fsid mappings. If
      no fsid mappings are setup the behavior is unchanged, i.e. fsids are looked up
      in the id mappings.
      
      Filesystems that share a superblock in all user namespaces they are mounted in
      will retain their old semantics even with the introduction of fsid mappings.
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      unchanged
      
      /* v3 */
      - Tycho Andersen <[email protected]>:
        - Replace , with = when converting to uid and gid in cp_new_stat64().
      1a537a4a
    • Christian Brauner's avatar
      capability: privileged_wrt_inode_uidgid(): handle fsid mappings · 98a71be9
      Christian Brauner authored
      Switch privileged_wrt_inode_uidgid() to lookup fsids in the fsid mappings. If
      no fsid mappings are setup the behavior is unchanged, i.e. fsids are looked up
      in the id mappings.
      
      Filesystems that share a superblock in all user namespaces they are mounted in
      will retain their old semantics even with the introduction of fsid mappings.
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      unchanged
      
      /* v3 */
      unchanged
      98a71be9
    • Christian Brauner's avatar
      inode: inode_owner_or_capable(): handle fsid mappings · fa7cdc80
      Christian Brauner authored
      Switch inode_owner_or_capable() to lookup fsids in the fsid mappings. If no
      fsid mappings are setup the behavior is unchanged, i.e. fsids are looked up in
      the id mappings.
      
      Filesystems that share a superblock in all user namespaces they are mounted in
      will retain their old semantics even with the introduction of fsid mappings.
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      unchanged
      
      /* v3 */
      unchanged
      fa7cdc80
    • Christian Brauner's avatar
      namei: may_{o_}create(): handle fsid mappings · fbb5af86
      Christian Brauner authored
      Switch may_{o_}create() to lookup fsids in the fsid mappings. If no fsid
      mappings are setup the behavior is unchanged, i.e. fsids are looked up in the
      id mappings.
      
      Filesystems that share a superblock in all user namespaces they are mounted in
      will retain their old semantics even with the introduction of fsid mappings.
      
      Cc: Jann Horn <[email protected]>
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      - Jann Horn <[email protected]>:
        - Ensure that the correct fsid is used when dealing with userns visible
          filesystems like proc.
      
      /* v3 */
      unchanged
      fbb5af86
    • Christian Brauner's avatar
      fs: add is_userns_visible() helper · 40e5d52e
      Christian Brauner authored
      Introduce a helper which makes it possible to detect fileystems whose
      superblock is visible in multiple user namespace. This currently only
      means proc and sys. Such filesystems usually have special semantics so their
      behavior will not be changed with the introduction of fsid mappings.
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      unchanged
      
      /* v3 */
      unchanged
      40e5d52e
    • Christian Brauner's avatar
      cred: add kfs{g,u}id · 579feeb9
      Christian Brauner authored
      After the introduction of fsid mappings we need to carefully handle
      single-superblock filesystems that are visible in user namespaces. This
      specifically concerns proc and sysfs. For those filesystems we want to continue
      looking up fsid in the id mappings of the relevant user namespace. We can
      either do this by dynamically translating between these fsids or we simply keep
      them around with the other creds. The latter option is not just simpler but
      also more performant since we don't need to do the translation from fsid
      mappings into id mappings on the fly.
      
      Link: https://lore.kernel.org/r/[email protected]
      Cc: Jann Horn <[email protected]>
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      patch added
      
      /* v3 */
      unchanged
      579feeb9
    • Christian Brauner's avatar
      proc: task_state(): use from_kfs{g,u}id_munged · de714410
      Christian Brauner authored
      If fsid mappings have been written, this will cause proc to look at fsid
      mappings for the user namespace. If no fsid mappings have been written the
      behavior is as before.
      
      Here is part of the output from /proc/<pid>/status from the initial user
      namespace for systemd running in an unprivileged container as user namespace
      root with id mapping 0 100000 100000 and fsid mapping 0 300000 100000:
      
      Name:   systemd
      Umask:  0000
      State:  S (sleeping)
      Tgid:   13023
      Ngid:   0
      Pid:    13023
      PPid:   13008
      TracerPid:      0
      Uid:    100000  100000  100000  300000
      Gid:    100000  100000  100000  300000
      FDSize: 64
      Groups:
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      unchanged
      
      /* v3 */
      unchanged
      de714410
    • Christian Brauner's avatar
      user_namespace: make map_write() support fsid mappings · 254f73a0
      Christian Brauner authored
      Based on discussions with Jann we decided in order to cleanly handle nested
      user namespaces that fsid mappings can only be written before the corresponding
      id mappings have been written. Writing id mappings before writing the
      corresponding fsid mappings causes fsid mappings to mirror id mappings.
      
      Consider creating a user namespace NS1 with the initial user namespace as
      parent. Assume NS1 receives id mapping 0 100000 100000 and fsid mappings 0
      300000 100000. Files that root in NS1 will create will map to kfsuid=300000 and
      kfsgid=300000 and will hence be owned by uid=300000 and gid 300000 on-disk in
      the initial user namespace.
      Now assume user namespace NS2 is created in user namespace NS1. Assume that NS2
      receives id mapping 0 10000 65536 and an fsid mapping of 0 10000 65536. Files
      that root in NS2 will create will map to kfsuid=10000 and kfsgid=10000 in NS1.
      hence, files created by NS2 will hence be appear to be be owned by uid=10000
      and gid=10000 on-disk in NS1. Looking at the initial user namespace, files
      created by NS2 will map to kfsuid=310000 and kfsgid=310000 and hence will be
      owned by uid=310000 and gid=310000 on-disk.
      Suggested-by: default avatarJann Horn <[email protected]>
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      patch not present
      
      /* v3 */
      patch added
      - Jann Horn <[email protected]>:
        - Split changes to map_write() to implement fsid mappings into three separate
          patches: basic fsid helpers, preparatory changes to map_write(), actual
          fsid mapping support in map_write().
      254f73a0
    • Christian Brauner's avatar
      user_namespace: refactor map_write() · f922d8a8
      Christian Brauner authored
      Refactor map_write() to prepare for adding fsid mappings support. This mainly
      factors out various open-coded parts into helpers that can be reused in the
      follow up patch.
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      patch not present
      
      /* v3 */
      patch added
      - Jann Horn <[email protected]>:
        - Split changes to map_write() to implement fsid mappings into three separate
          patches: basic fsid helpers, preparatory changes to map_write(), actual
          fsid mapping support in map_write().
      f922d8a8
    • Christian Brauner's avatar
      fsuidgid: add fsid mapping helpers · ab845eb2
      Christian Brauner authored
      This adds a set of helpers to translate between kfsuid/kfsgid and their
      userspace fsuid/fsgid counter parts relative to a given user namespace.
      
      - kuid_t make_kfsuid(struct user_namespace *from, uid_t fsuid)
        Maps a user-namespace fsuid pair into a kfsuid.
        If no fsuid mappings have been written it behaves identical to calling
        make_kuid(). This ensures backwards compatibility for workloads unaware
        or not in need of fsid mappings.
      
      - kgid_t make_kfsgid(struct user_namespace *from, gid_t fsgid)
        Maps a user-namespace fsgid pair into a kfsgid.
        If no fsgid mappings have been written it behaves identical to calling
        make_kgid(). This ensures backwards compatibility for workloads unaware
        or not in need of fsid mappings.
      
      - uid_t from_kfsuid(struct user_namespace *to, kuid_t fsuid)
        Creates a fsuid from a kfsuid user-namespace pair if possible.
        If no fsuid mappings have been written it behaves identical to calling
        from_kuid(). This ensures backwards compatibility for workloads unaware
        or not in need of fsid mappings.
      
      - gid_t from_kfsgid(struct user_namespace *to, kgid_t fsgid)
        Creates a fsgid from a kfsgid user-namespace pair if possible.
        If no fsgid mappings have been written it behaves identical to calling
        make_kgid(). This ensures backwards compatibility for workloads unaware
        or not in need of fsid mappings.
      
      - uid_t from_kfsuid_munged(struct user_namespace *to, kuid_t fsuid)
        Always creates a fsuid from a kfsuid user-namespace pair.
        If no fsuid mappings have been written it behaves identical to calling
        from_kuid(). This ensures backwards compatibility for workloads unaware
        or not in need of fsid mappings.
      
      - gid_t from_kfsgid_munged(struct user_namespace *to, kgid_t fsgid)
        Always creates a fsgid from a kfsgid user-namespace pair if possible.
        If no fsgid mappings have been written it behaves identical to calling
        make_kgid(). This ensures backwards compatibility for workloads unaware
        or not in need of fsid mappings.
      
      - bool kfsuid_has_mapping(struct user_namespace *ns, kuid_t uid)
        Check whether this kfsuid has a mapping in the provided user namespace.
        If no fsuid mappings have been written it behaves identical to calling
        from_kuid(). This ensures backwards compatibility for workloads unaware
        or not in need of fsid mappings.
      
      - bool kfsgid_has_mapping(struct user_namespace *ns, kgid_t gid)
        Check whether this kfsgid has a mapping in the provided user namespace.
        If no fsgid mappings have been written it behaves identical to calling
        make_kgid(). This ensures backwards compatibility for workloads unaware
        or not in need of fsid mappings.
      
      - kuid_t kfsuid_to_kuid(struct user_namespace *to, kuid_t kfsuid)
        Translate from a kfsuid into a kuid.
      
      - kgid_t kfsgid_to_kgid(struct user_namespace *to, kgid_t kfsgid)
        Translate from a kfsgid into a kgid.
      
      - kuid_t kuid_to_kfsuid(struct user_namespace *to, kuid_t kuid)
        Translate from a kuid into a kfsuid.
      
      - kgid_t kgid_to_kfsuid(struct user_namespace *to, kgid_t kgid)
        Translate from a kgid into a kfsgid.
      
      Cc: Jann Horn <[email protected]>
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      unchanged
      
      /* v3 */
      - Jann Horn <[email protected]>:
        - Split changes to map_write() to implement fsid mappings into three separate
          patches: basic fsid helpers, preparatory changes to map_write(), actual
          fsid mapping support in map_write().
      ab845eb2
    • Christian Brauner's avatar
      proc: add /proc/<pid>/fsgid_map · fa01e7ff
      Christian Brauner authored
      The /proc/<pid>/fsgid_map file can be written once to setup an fsgid mapping
      for a user namespace. Writing to this file has the same restrictions as writing
      to /proc/<pid>/fsgid_map.
      
      [email protected]:/# cat /proc/13023/fsgid_map
               0     300000     100000
      
      Fsid mappings have always been around. They are currently always identical to
      the id mappings for a user namespace. This means, currently whenever an fsid
      needs to be looked up the kernel will use the id mapping of the user namespace.
      With the introduction of fsid mappings the kernel will now lookup fsids in the
      fsid mappings of the user namespace. If no fsid mapping exists the kernel will
      continue looking up fsids in the id mappings of the user namespace. Hence, if a
      system supports fsid mappings through /proc/<pid>/fs*id_map and a container
      runtime is not aware of fsid mappings it or does not use them it will it will
      continue to work just as before.
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      unchanged
      
      /* v3 */
      - Christian Brauner <[email protected]>:
        - Fix grammar in commit message.
      fa01e7ff
    • Christian Brauner's avatar
      proc: add /proc/<pid>/fsuid_map · a7d4e8fd
      Christian Brauner authored
      The /proc/<pid>/fsuid_map file can be written once to setup an fsuid mapping
      for a user namespace. Writing to this file has the same restrictions as writing
      to /proc/<pid>/fsuid_map:
      
      [email protected]:/# cat /proc/13023/fsuid_map
               0     300000     100000
      
      Fsid mappings have always been around. They are currently always identical to
      the id mappings for a user namespace. This means, currently whenever an fsid
      needs to be looked up the kernel will use the id mapping of the user namespace.
      With the introduction of fsid mappings the kernel will now lookup fsids in the
      fsid mappings of the user namespace. If no fsid mapping exists the kernel will
      continue looking up fsids in the id mappings of the user namespace. Hence, if a
      system supports fsid mappings through /proc/<pid>/fs*id_map and a container
      runtime is not aware of fsid mappings it or does not use them it will it will
      continue to work just as before.
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      unchanged
      
      /* v3 */
      - Christian Brauner <[email protected]>:
        - Fix grammar in commit message.
      a7d4e8fd
    • Christian Brauner's avatar
      user_namespace: introduce fsid mappings infrastructure · b1eba47e
      Christian Brauner authored
      This introduces the infrastructure to setup fsid mappings which will be used in
      later patches.
      All new code depends on CONFIG_USER_NS_FSID=y. It currently defaults to "N".
      If CONFIG_USER_NS_FSID is not set, no new code is added.
      
      In this patch fsuid_m_show() and fsgid_m_show() are introduced. They are
      identical to uid_m_show() and gid_m_show() until we introduce from_kfsuid() and
      from_kfsgid() in a follow-up patch.
      Signed-off-by: Christian Brauner's avatarChristian Brauner <[email protected]>
      ---
      /* v2 */
      - Randy Dunlap <[email protected]>:
        - Fix typo in USER_NS_FSID kconfig documentation.
      
      /* v3 */
      unchanged
      b1eba47e
  2. 10 Feb, 2020 2 commits
    • Linus Torvalds's avatar
      Linux 5.6-rc1 · bb6d3fb3
      Linus Torvalds authored
      bb6d3fb3
    • Linus Torvalds's avatar
      Merge tag 'kbuild-v5.6-2' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild · 89a47dd1
      Linus Torvalds authored
      Pull more Kbuild updates from Masahiro Yamada:
      
       - fix randconfig to generate a sane .config
      
       - rename hostprogs-y / always to hostprogs / always-y, which are more
         natual syntax.
      
       - optimize scripts/kallsyms
      
       - fix yes2modconfig and mod2yesconfig
      
       - make multiple directory targets ('make foo/ bar/') work
      
      * tag 'kbuild-v5.6-2' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild:
        kbuild: make multiple directory targets work
        kconfig: Invalidate all symbols after changing to y or m.
        kallsyms: fix type of kallsyms_token_table[]
        scripts/kallsyms: change table to store (strcut sym_entry *)
        scripts/kallsyms: rename local variables in read_symbol()
        kbuild: rename hostprogs-y/always to hostprogs/always-y
        kbuild: fix the document to use extra-y for vmlinux.lds
        kconfig: fix broken dependency in randconfig-generated .config
      89a47dd1
  3. 09 Feb, 2020 12 commits
    • Linus Torvalds's avatar
      Merge tag 'zonefs-5.6-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/dlemoal/zonefs · 380a129e
      Linus Torvalds authored
      Pull new zonefs file system from Damien Le Moal:
       "Zonefs is a very simple file system exposing each zone of a zoned
        block device as a file.
      
        Unlike a regular file system with native zoned block device support
        (e.g. f2fs or the on-going btrfs effort), zonefs does not hide the
        sequential write constraint of zoned block devices to the user. As a
        result, zonefs is not a POSIX compliant file system. Its goal is to
        simplify the implementation of zoned block devices support in
        applications by replacing raw block device file accesses with a richer
        file based API, avoiding relying on direct block device file ioctls
        which may be more obscure to developers.
      
        One example of this approach is the implementation of LSM
        (log-structured merge) tree structures (such as used in RocksDB and
        LevelDB) on zoned block devices by allowing SSTables to be stored in a
        zone file similarly to a regular file system rather than as a range of
        sectors of a zoned device. The introduction of the higher level
        construct "one file is one zone" can help reducing the amount of
        changes needed in the application while at the same time allowing the
        use of zoned block devices with various programming languages other
        than C.
      
        Zonefs IO management implementation uses the new iomap generic code.
        Zonefs has been successfully tested using a functional test suite
        (available with zonefs userland format tool on github) and a prototype
        implementation of LevelDB on top of zonefs"
      
      * tag 'zonefs-5.6-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/dlemoal/zonefs:
        zonefs: Add documentation
        fs: New zonefs file system
      380a129e
    • Marc Zyngier's avatar
      irqchip/gic-v4.1: Avoid 64bit division for the sake of 32bit ARM · 490d332e
      Marc Zyngier authored
      In order to allow the GICv4 code to link properly on 32bit ARM,
      make sure we don't use 64bit divisions when it isn't strictly
      necessary.
      
      Fixes: 4e6437f1 ("irqchip/gic-v4.1: Ensure L2 vPE table is allocated at RD level")
      Reported-by: default avatarStephen Rothwell <[email protected]>
      Cc: Zenghui Yu <[email protected]>
      Signed-off-by: default avatarMarc Zyngier <[email protected]>
      Signed-off-by: default avatarLinus Torvalds <[email protected]>
      490d332e
    • Linus Torvalds's avatar
      Merge tag '5.6-rc-smb3-plugfest-patches' of git://git.samba.org/sfrench/cifs-2.6 · d1ea35f4
      Linus Torvalds authored
      Pull cifs fixes from Steve French:
       "13 cifs/smb3 patches, most from testing at the SMB3 plugfest this week:
      
         - Important fix for multichannel and for modefromsid mounts.
      
         - Two reconnect fixes
      
         - Addition of SMB3 change notify support
      
         - Backup tools fix
      
         - A few additional minor debug improvements (tracepoints and
           additional logging found useful during testing this week)"
      
      * tag '5.6-rc-smb3-plugfest-patches' of git://git.samba.org/sfrench/cifs-2.6:
        smb3: Add defines for new information level, FileIdInformation
        smb3: print warning once if posix context returned on open
        smb3: add one more dynamic tracepoint missing from strict fsync path
        cifs: fix mode bits from dir listing when mounted with modefromsid
        cifs: fix channel signing
        cifs: add SMB3 change notification support
        cifs: make multichannel warning more visible
        cifs: fix soft mounts hanging in the reconnect code
        cifs: Add tracepoints for errors on flush or fsync
        cifs: log warning message (once) if out of disk space
        cifs: fail i/o on soft mounts if sessionsetup errors out
        smb3: fix problem with null cifs super block with previous patch
        SMB3: Backup intent flag missing from some more ops
      d1ea35f4
    • Linus Torvalds's avatar
      Merge branch 'work.vboxsf' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs · 5586c3c1
      Linus Torvalds authored
      Pull vboxfs from Al Viro:
       "This is the VirtualBox guest shared folder support by Hans de Goede,
        with fixups for fs_parse folded in to avoid bisection hazards from
        those API changes..."
      
      * 'work.vboxsf' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
        fs: Add VirtualBox guest shared folder (vboxsf) support
      5586c3c1
    • Linus Torvalds's avatar
      Merge tag 'x86-urgent-2020-02-09' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 1a2a76c2
      Linus Torvalds authored
      Pull x86 fixes from Thomas Gleixner:
       "A set of fixes for X86:
      
         - Ensure that the PIT is set up when the local APIC is disable or
           configured in legacy mode. This is caused by an ordering issue
           introduced in the recent changes which skip PIT initialization when
           the TSC and APIC frequencies are already known.
      
         - Handle malformed SRAT tables during early ACPI parsing which caused
           an infinite loop anda boot hang.
      
         - Fix a long standing race in the affinity setting code which affects
           PCI devices with non-maskable MSI interrupts. The problem is caused
           by the non-atomic writes of the MSI address (destination APIC id)
           and data (vector) fields which the device uses to construct the MSI
           message. The non-atomic writes are mandated by PCI.
      
           If both fields change and the device raises an interrupt after
           writing address and before writing data, then the MSI block
           constructs a inconsistent message which causes interrupts to be
           lost and subsequent malfunction of the device.
      
           The fix is to redirect the interrupt to the new vector on the
           current CPU first and then switch it over to the new target CPU.
           This allows to observe an eventually raised interrupt in the
           transitional stage (old CPU, new vector) to be observed in the APIC
           IRR and retriggered on the new target CPU and the new vector.
      
           The potential spurious interrupts caused by this are harmless and
           can in the worst case expose a buggy driver (all handlers have to
           be able to deal with spurious interrupts as they can and do happen
           for various reasons).
      
         - Add the missing suspend/resume mechanism for the HYPERV hypercall
           page which prevents resume hibernation on HYPERV guests. This
           change got lost before the merge window.
      
         - Mask the IOAPIC before disabling the local APIC to prevent
           potentially stale IOAPIC remote IRR bits which cause stale
           interrupt lines after resume"
      
      * tag 'x86-urgent-2020-02-09' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        x86/apic: Mask IOAPIC entries when disabling the local APIC
        x86/hyperv: Suspend/resume the hypercall page for hibernation
        x86/apic/msi: Plug non-maskable MSI affinity race
        x86/boot: Handle malformed SRAT tables during early ACPI parsing
        x86/timer: Don't skip PIT setup when APIC is disabled or in legacy mode
      1a2a76c2
    • Linus Torvalds's avatar
      Merge tag 'smp-urgent-2020-02-09' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · f4137760
      Linus Torvalds authored
      Pull SMP fixes from Thomas Gleixner:
       "Two fixes for the SMP related functionality:
      
         - Make the UP version of smp_call_function_single() match SMP
           semantics when called for a not available CPU. Instead of emitting
           a warning and assuming that the function call target is CPU0,
           return a proper error code like the SMP version does.
      
         - Remove a superfluous check in smp_call_function_many_cond()"
      
      * tag 'smp-urgent-2020-02-09' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        smp/up: Make smp_call_function_single() match SMP semantics
        smp: Remove superfluous cond_func check in smp_call_function_many_cond()
      f4137760
    • Linus Torvalds's avatar
      Merge tag 'perf-urgent-2020-02-09' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · ca21b9b3
      Linus Torvalds authored
      Pull perf fixes from Thomas Gleixner:
       "A set of fixes and improvements for the perf subsystem:
      
        Kernel fixes:
      
         - Install cgroup events to the correct CPU context to prevent a
           potential list double add
      
         - Prevent an integer underflow in the perf mlock accounting
      
         - Add a missing prototype for arch_perf_update_userpage()
      
        Tooling:
      
         - Add a missing unlock in the error path of maps__insert() in perf
           maps.
      
         - Fix the build with the latest libbfd
      
         - Fix the perf parser so it does not delete parse event terms, which
           caused a regression for using perf with the ARM CoreSight as the
           sink configuration was missing due to the deletion.
      
         - Fix the double free in the perf CPU map merging test case
      
         - Add the missing ustring support for the perf probe command"
      
      * tag 'perf-urgent-2020-02-09' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        perf maps: Add missing unlock to maps__insert() error case
        perf probe: Add ustring support for perf probe command
        perf: Make perf able to build with latest libbfd
        perf test: Fix test case Merge cpu map
        perf parse: Copy string to perf_evsel_config_term
        perf parse: Refactor 'struct perf_evsel_config_term'
        kernel/events: Add a missing prototype for arch_perf_update_userpage()
        perf/cgroups: Install cgroup events to correct cpuctx
        perf/core: Fix mlock accounting in perf_mmap()
      ca21b9b3
    • Linus Torvalds's avatar
      Merge tag 'timers-urgent-2020-02-09' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 2fbc23c7
      Linus Torvalds authored
      Pull timer fixes from Thomas Gleixner:
       "Two small fixes for the time(r) subsystem:
      
         - Handle a subtle race between the clocksource watchdog and a
           concurrent clocksource watchdog stop/start sequence correctly to
           prevent a timer double add bug.
      
         - Fix the file path for the core time namespace file"
      
      * tag 'timers-urgent-2020-02-09' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        clocksource: Prevent double add_timer_on() for watchdog_timer
        MAINTAINERS: Correct path to time namespace source file
      2fbc23c7
    • Linus Torvalds's avatar
      Merge tag 'irq-urgent-2020-02-09' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · f06bed87
      Linus Torvalds authored
      Pull interrupt fixes from Thomas Gleixner:
       "A set of fixes for the interrupt subsystem:
      
         - Provision only ACPI enabled redistributors on GICv3
      
         - Use the proper command colums when building the INVALL command for
           the GICv3-ITS
      
         - Ensure the allocation of the L2 vPE table for GICv4.1
      
         - Correct the GICv4.1 VPROBASER programming so it uses the proper
           size
      
         - A set of small GICv4.1 tidy up patches
      
         - Configuration cleanup for C-SKY interrupt chip
      
         - Clarify the function documentation for irq_set_wake() to document
           that the wakeup functionality is orthogonal to the irq
           disable/enable mechanism"
      
      * tag 'irq-urgent-2020-02-09' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        irqchip/gic-v3-its: Rename VPENDBASER/VPROPBASER accessors
        irqchip/gic-v3-its: Remove superfluous WARN_ON
        irqchip/gic-v4.1: Drop 'tmp' in inherit_vpe_l1_table_from_rd()
        irqchip/gic-v4.1: Ensure L2 vPE table is allocated at RD level
        irqchip/gic-v4.1: Set vpe_l1_base for all redistributors
        irqchip/gic-v4.1: Fix programming of GICR_VPROPBASER_4_1_SIZE
        genirq: Clarify that irq wake state is orthogonal to enable/disable
        irqchip/gic-v3-its: Reference to its_invall_cmd descriptor when building INVALL
        irqchip: Some Kconfig cleanup for C-SKY
        irqchip/gic-v3: Only provision redistributors that are enabled in ACPI
      f06bed87
    • Linus Torvalds's avatar
      Merge tag 'efi-urgent-2020-02-09' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 6ff90aa2
      Linus Torvalds authored
      Pull EFI fix from Thomas Gleixner:
       "A single fix for a EFI boot regression on X86 which was caused by the
        recent rework of the EFI memory map parsing. On systems with invalid
        memmap entries the cleanup function uses an value which cannot be
        relied on in this stage. Use the actual EFI memmap entry instead"
      
      * tag 'efi-urgent-2020-02-09' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        efi/x86: Fix boot regression on systems with invalid memmap entries
      6ff90aa2
    • Linus Torvalds's avatar
      Merge tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi · fdfa3a67
      Linus Torvalds authored
      Pull misc SCSI fixes from James Bottomley:
       "Five small patches, all in drivers or doc, which missed the initial
        pull request.
      
        The qla2xxx and megaraid_sas are actual fixes and the rest are
        spelling and doc changes"
      
      * tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
        scsi: ufs: fix spelling mistake "initilized" -> "initialized"
        scsi: pm80xx: fix spelling mistake "to" -> "too"
        scsi: MAINTAINERS: ufs: remove [email protected]
        scsi: megaraid_sas: fixup MSIx interrupt setup during resume
        scsi: qla2xxx: Fix unbound NVME response length
      fdfa3a67
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net · 291abfea
      Linus Torvalds authored
      Pull networking fixes from David Miller:
      
       1) Unbalanced locking in mwifiex_process_country_ie, from Brian Norris.
      
       2) Fix thermal zone registration in iwlwifi, from Andrei
          Otcheretianski.
      
       3) Fix double free_irq in sgi ioc3 eth, from Thomas Bogendoerfer.
      
       4) Use after free in mptcp, from Florian Westphal.
      
       5) Use after free in wireguard's root_remove_peer_lists, from Eric
          Dumazet.
      
       6) Properly access packets heads in bonding alb code, from Eric
          Dumazet.
      
       7) Fix data race in skb_queue_len(), from Qian Cai.
      
       8) Fix regression in r8169 on some chips, from Heiner Kallweit.
      
       9) Fix XDP program ref counting in hv_netvsc, from Haiyang Zhang.
      
      10) Certain kinds of set link netlink operations can cause a NULL deref
          in the ipv6 addrconf code. Fix from Eric Dumazet.
      
      11) Don't cancel uninitialized work queue in drop monitor, from Ido
          Schimmel.
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (84 commits)
        net: thunderx: use proper interface type for RGMII
        mt76: mt7615: fix max_nss in mt7615_eeprom_parse_hw_cap
        bpf: Improve bucket_log calculation logic
        selftests/bpf: Test freeing sockmap/sockhash with a socket in it
        bpf, sockhash: Synchronize_rcu before free'ing map
        bpf, sockmap: Don't sleep while holding RCU lock on tear-down
        bpftool: Don't crash on missing xlated program instructions
        bpf, sockmap: Check update requirements after locking
        drop_monitor: Do not cancel uninitialized work item
        mlxsw: spectrum_dpipe: Add missing error path
        mlxsw: core: Add validation of hardware device types for MGPIR register
        mlxsw: spectrum_router: Clear offload indication from IPv6 nexthops on abort
        selftests: mlxsw: Add test cases for local table route replacement
        mlxsw: spectrum_router: Prevent incorrect replacement of local table routes
        net: dsa: microchip: enable module autoprobe
        ipv6/addrconf: fix potential NULL deref in inet6_set_link_af()
        dpaa_eth: support all modes with rate adapting PHYs
        net: stmmac: update pci platform data to use phy_interface
        net: stmmac: xgmac: fix missing IFF_MULTICAST checki in dwxgmac2_set_filter
        net: stmmac: fix missing IFF_MULTICAST check in dwmac4_set_filter
        ...
      291abfea
  4. 08 Feb, 2020 1 commit