From 1d82a2733bb3913aaaed7c82f35c13582d07ff67 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Thu, 18 Aug 2016 15:28:28 +0200 Subject: [PATCH] 4.4-stable patches added patches: dm-flakey-error-read-bios-during-the-down_interval.patch documentation-module-signing.txt-note-need-for-version-info-if-reusing-a-key.patch module-invalidate-signatures-on-force-loaded-modules.patch rtc-s3c-add-s3c_rtc_-enable-disable-_clk-in-s3c_rtc_setfreq.patch --- ...r-read-bios-during-the-down_interval.patch | 68 +++++++++++++++++++ ...ed-for-version-info-if-reusing-a-key.patch | 34 ++++++++++ ...e-signatures-on-force-loaded-modules.patch | 64 +++++++++++++++++ ...able-disable-_clk-in-s3c_rtc_setfreq.patch | 50 ++++++++++++++ queue-4.4/series | 4 ++ 5 files changed, 220 insertions(+) create mode 100644 queue-4.4/dm-flakey-error-read-bios-during-the-down_interval.patch create mode 100644 queue-4.4/documentation-module-signing.txt-note-need-for-version-info-if-reusing-a-key.patch create mode 100644 queue-4.4/module-invalidate-signatures-on-force-loaded-modules.patch create mode 100644 queue-4.4/rtc-s3c-add-s3c_rtc_-enable-disable-_clk-in-s3c_rtc_setfreq.patch diff --git a/queue-4.4/dm-flakey-error-read-bios-during-the-down_interval.patch b/queue-4.4/dm-flakey-error-read-bios-during-the-down_interval.patch new file mode 100644 index 00000000000..7573afbeb1c --- /dev/null +++ b/queue-4.4/dm-flakey-error-read-bios-during-the-down_interval.patch @@ -0,0 +1,68 @@ +From 99f3c90d0d85708e7401a81ce3314e50bf7f2819 Mon Sep 17 00:00:00 2001 +From: Mike Snitzer +Date: Fri, 29 Jul 2016 13:19:55 -0400 +Subject: dm flakey: error READ bios during the down_interval + +From: Mike Snitzer + +commit 99f3c90d0d85708e7401a81ce3314e50bf7f2819 upstream. + +When the corrupt_bio_byte feature was introduced it caused READ bios to +no longer be errored with -EIO during the down_interval. This had to do +with the complexity of needing to submit READs if the corrupt_bio_byte +feature was used. + +Fix it so READ bios are properly errored with -EIO; doing so early in +flakey_map() as long as there isn't a match for the corrupt_bio_byte +feature. + +Fixes: a3998799fb4df ("dm flakey: add corrupt_bio_byte feature") +Reported-by: Akira Hayakawa +Signed-off-by: Mike Snitzer +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/md/dm-flakey.c | 23 +++++++++++++++-------- + 1 file changed, 15 insertions(+), 8 deletions(-) + +--- a/drivers/md/dm-flakey.c ++++ b/drivers/md/dm-flakey.c +@@ -289,10 +289,16 @@ static int flakey_map(struct dm_target * + pb->bio_submitted = true; + + /* +- * Map reads as normal. ++ * Map reads as normal only if corrupt_bio_byte set. + */ +- if (bio_data_dir(bio) == READ) +- goto map_bio; ++ if (bio_data_dir(bio) == READ) { ++ /* If flags were specified, only corrupt those that match. */ ++ if (fc->corrupt_bio_byte && (fc->corrupt_bio_rw == READ) && ++ all_corrupt_bio_flags_match(bio, fc)) ++ goto map_bio; ++ else ++ return -EIO; ++ } + + /* + * Drop writes? +@@ -330,12 +336,13 @@ static int flakey_end_io(struct dm_targe + + /* + * Corrupt successful READs while in down state. +- * If flags were specified, only corrupt those that match. + */ +- if (fc->corrupt_bio_byte && !error && pb->bio_submitted && +- (bio_data_dir(bio) == READ) && (fc->corrupt_bio_rw == READ) && +- all_corrupt_bio_flags_match(bio, fc)) +- corrupt_bio_data(bio, fc); ++ if (!error && pb->bio_submitted && (bio_data_dir(bio) == READ)) { ++ if (fc->corrupt_bio_byte) ++ corrupt_bio_data(bio, fc); ++ else ++ return -EIO; ++ } + + return error; + } diff --git a/queue-4.4/documentation-module-signing.txt-note-need-for-version-info-if-reusing-a-key.patch b/queue-4.4/documentation-module-signing.txt-note-need-for-version-info-if-reusing-a-key.patch new file mode 100644 index 00000000000..84e540685cd --- /dev/null +++ b/queue-4.4/documentation-module-signing.txt-note-need-for-version-info-if-reusing-a-key.patch @@ -0,0 +1,34 @@ +From b8612e517c3c9809e1200b72c474dbfd969e5a83 Mon Sep 17 00:00:00 2001 +From: Ben Hutchings +Date: Thu, 28 Apr 2016 09:24:05 +0930 +Subject: Documentation/module-signing.txt: Note need for version info if reusing a key + +From: Ben Hutchings + +commit b8612e517c3c9809e1200b72c474dbfd969e5a83 upstream. + +Signing a module should only make it trusted by the specific kernel it +was built for, not anything else. If a module signing key is used for +multiple ABI-incompatible kernels, the modules need to include enough +version information to distinguish them. + +Signed-off-by: Ben Hutchings +Signed-off-by: Rusty Russell +Signed-off-by: Greg Kroah-Hartman + +--- + Documentation/module-signing.txt | 6 ++++++ + 1 file changed, 6 insertions(+) + +--- a/Documentation/module-signing.txt ++++ b/Documentation/module-signing.txt +@@ -271,3 +271,9 @@ Since the private key is used to sign mo + the private key to sign modules and compromise the operating system. The + private key must be either destroyed or moved to a secure location and not kept + in the root node of the kernel source tree. ++ ++If you use the same private key to sign modules for multiple kernel ++configurations, you must ensure that the module version information is ++sufficient to prevent loading a module into a different kernel. Either ++set CONFIG_MODVERSIONS=y or ensure that each configuration has a different ++kernel release string by changing EXTRAVERSION or CONFIG_LOCALVERSION. diff --git a/queue-4.4/module-invalidate-signatures-on-force-loaded-modules.patch b/queue-4.4/module-invalidate-signatures-on-force-loaded-modules.patch new file mode 100644 index 00000000000..eb8cd80f6e2 --- /dev/null +++ b/queue-4.4/module-invalidate-signatures-on-force-loaded-modules.patch @@ -0,0 +1,64 @@ +From bca014caaa6130e57f69b5bf527967aa8ee70fdd Mon Sep 17 00:00:00 2001 +From: Ben Hutchings +Date: Thu, 28 Apr 2016 09:24:01 +0930 +Subject: module: Invalidate signatures on force-loaded modules + +From: Ben Hutchings + +commit bca014caaa6130e57f69b5bf527967aa8ee70fdd upstream. + +Signing a module should only make it trusted by the specific kernel it +was built for, not anything else. Loading a signed module meant for a +kernel with a different ABI could have interesting effects. +Therefore, treat all signatures as invalid when a module is +force-loaded. + +Signed-off-by: Ben Hutchings +Signed-off-by: Rusty Russell +Signed-off-by: Greg Kroah-Hartman + +--- + kernel/module.c | 13 +++++++++---- + 1 file changed, 9 insertions(+), 4 deletions(-) + +--- a/kernel/module.c ++++ b/kernel/module.c +@@ -2606,13 +2606,18 @@ static inline void kmemleak_load_module( + #endif + + #ifdef CONFIG_MODULE_SIG +-static int module_sig_check(struct load_info *info) ++static int module_sig_check(struct load_info *info, int flags) + { + int err = -ENOKEY; + const unsigned long markerlen = sizeof(MODULE_SIG_STRING) - 1; + const void *mod = info->hdr; + +- if (info->len > markerlen && ++ /* ++ * Require flags == 0, as a module with version information ++ * removed is no longer the module that was signed ++ */ ++ if (flags == 0 && ++ info->len > markerlen && + memcmp(mod + info->len - markerlen, MODULE_SIG_STRING, markerlen) == 0) { + /* We truncate the module to discard the signature */ + info->len -= markerlen; +@@ -2631,7 +2636,7 @@ static int module_sig_check(struct load_ + return err; + } + #else /* !CONFIG_MODULE_SIG */ +-static int module_sig_check(struct load_info *info) ++static int module_sig_check(struct load_info *info, int flags) + { + return 0; + } +@@ -3444,7 +3449,7 @@ static int load_module(struct load_info + long err; + char *after_dashes; + +- err = module_sig_check(info); ++ err = module_sig_check(info, flags); + if (err) + goto free_copy; + diff --git a/queue-4.4/rtc-s3c-add-s3c_rtc_-enable-disable-_clk-in-s3c_rtc_setfreq.patch b/queue-4.4/rtc-s3c-add-s3c_rtc_-enable-disable-_clk-in-s3c_rtc_setfreq.patch new file mode 100644 index 00000000000..b7ccbb99f35 --- /dev/null +++ b/queue-4.4/rtc-s3c-add-s3c_rtc_-enable-disable-_clk-in-s3c_rtc_setfreq.patch @@ -0,0 +1,50 @@ +From 70c96dfac0e231424e17743bd52f6cd2ff1f2439 Mon Sep 17 00:00:00 2001 +From: Alim Akhtar +Date: Tue, 5 Jul 2016 15:28:53 +0530 +Subject: rtc: s3c: Add s3c_rtc_{enable/disable}_clk in s3c_rtc_setfreq() + +From: Alim Akhtar + +commit 70c96dfac0e231424e17743bd52f6cd2ff1f2439 upstream. + +As per code flow s3c_rtc_setfreq() will get called with rtc clock disabled +and in set_freq we perform h/w registers read/write, which results in a +kernel crash on exynos7 platform while probing rtc driver. +Below is code flow: +s3c_rtc_probe() + clk_prepare_enable(info->rtc_clk) // rtc clock enabled + s3c_rtc_gettime() // will enable clk if not done, and disable it upon exit + s3c_rtc_setfreq() //then this will be called with clk disabled + +This patch take cares of such issue by adding s3c_rtc_{enable/disable}_clk in +s3c_rtc_setfreq(). + +Fixes: 24e1455493da ("drivers/rtc/rtc-s3c.c: delete duplicate clock control") +Signed-off-by: Alim Akhtar +Reviewed-by: Krzysztof Kozlowski +Reviewed-by: Pankaj Dubey +Tested-by: Pankaj Dubey +Signed-off-by: Alexandre Belloni +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/rtc/rtc-s3c.c | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/drivers/rtc/rtc-s3c.c ++++ b/drivers/rtc/rtc-s3c.c +@@ -149,12 +149,14 @@ static int s3c_rtc_setfreq(struct s3c_rt + if (!is_power_of_2(freq)) + return -EINVAL; + ++ s3c_rtc_enable_clk(info); + spin_lock_irq(&info->pie_lock); + + if (info->data->set_freq) + info->data->set_freq(info, freq); + + spin_unlock_irq(&info->pie_lock); ++ s3c_rtc_disable_clk(info); + + return 0; + } diff --git a/queue-4.4/series b/queue-4.4/series index e0a89e7c706..3edac0c3251 100644 --- a/queue-4.4/series +++ b/queue-4.4/series @@ -132,3 +132,7 @@ pci-mark-atheros-ar9485-and-qca9882-to-avoid-bus-reset.patch x86-platform-intel_mid_pci-rework-irq0-workaround.patch acpi-ec-work-around-method-reentrancy-limit-in-acpica-for-_qxx.patch lpfc-fix-oops-in-lpfc_sli4_scmd_to_wqidx_distr-from-lpfc_send_taskmgmt.patch +rtc-s3c-add-s3c_rtc_-enable-disable-_clk-in-s3c_rtc_setfreq.patch +dm-flakey-error-read-bios-during-the-down_interval.patch +module-invalidate-signatures-on-force-loaded-modules.patch +documentation-module-signing.txt-note-need-for-version-info-if-reusing-a-key.patch -- 2.47.2