| Age | Commit message (Collapse) | Author |
|---|
|
Add audit support for unix_stream_connect, unix_may_send, task_kill, and
file_send_sigiotask hooks.
The related blockers are:
- scope.abstract_unix_socket
- scope.signal
Audit event sample for abstract unix socket:
type=LANDLOCK_DENY msg=audit(1729738800.268:30): domain=195ba459b blockers=scope.abstract_unix_socket path=00666F6F
Audit event sample for signal:
type=LANDLOCK_DENY msg=audit(1729738800.291:31): domain=195ba459b blockers=scope.signal opid=1 ocomm="systemd"
Refactor and simplify error handling in LSM hooks.
Extend struct landlock_file_security with fown_layer and use it to log
the blocking domain. The struct aligned size is still 16 bytes.
Cc: Günther Noack <gnoack@google.com>
Cc: Tahera Fahimi <fahimitahera@gmail.com>
Link: https://lore.kernel.org/r/20250320190717.2287696-17-mic@digikod.net
Signed-off-by: Mickaël Salaün <mic@digikod.net>
|
|
Add audit support to socket_bind and socket_connect hooks.
The related blockers are:
- net.bind_tcp
- net.connect_tcp
Audit event sample:
type=LANDLOCK_DENY msg=audit(1729738800.349:44): domain=195ba459b blockers=net.connect_tcp daddr=127.0.0.1 dest=80
Cc: Günther Noack <gnoack@google.com>
Cc: Konstantin Meskhidze <konstantin.meskhidze@huawei.com>
Cc: Mikhail Ivanov <ivanov.mikhail1@huawei-partners.com>
Link: https://lore.kernel.org/r/20250320190717.2287696-16-mic@digikod.net
Signed-off-by: Mickaël Salaün <mic@digikod.net>
|
|
Add audit support to the file_truncate and file_ioctl hooks.
Add a deny_masks_t type and related helpers to store the domain's layer
level per optional access rights (i.e. LANDLOCK_ACCESS_FS_TRUNCATE and
LANDLOCK_ACCESS_FS_IOCTL_DEV) when opening a file, which cannot be
inferred later. In practice, the landlock_file_security aligned blob size is
still 16 bytes because this new one-byte deny_masks field follows the
existing two-bytes allowed_access field and precede the packed
fown_subject.
Implementing deny_masks_t with a bitfield instead of a struct enables a
generic implementation to store and extract layer levels.
Add KUnit tests to check the identification of a layer level from a
deny_masks_t, and the computation of a deny_masks_t from an access right
with its layer level or a layer_mask_t array.
Audit event sample:
type=LANDLOCK_DENY msg=audit(1729738800.349:44): domain=195ba459b blockers=fs.ioctl_dev path="/dev/tty" dev="devtmpfs" ino=9 ioctlcmd=0x5401
Cc: Günther Noack <gnoack@google.com>
Link: https://lore.kernel.org/r/20250320190717.2287696-15-mic@digikod.net
Signed-off-by: Mickaël Salaün <mic@digikod.net>
|
|
Compat and non-compat IOCTL hooks are almost the same, except to compare
the IOCTL command. Factor out these two IOCTL hooks to highlight the
difference and minimize audit changes (see next commit).
Cc: Günther Noack <gnoack@google.com>
Link: https://lore.kernel.org/r/20250320190717.2287696-14-mic@digikod.net
Signed-off-by: Mickaël Salaün <mic@digikod.net>
|
|
Add audit support for path_mkdir, path_mknod, path_symlink, path_unlink,
path_rmdir, path_truncate, path_link, path_rename, and file_open hooks.
The dedicated blockers are:
- fs.execute
- fs.write_file
- fs.read_file
- fs.read_dir
- fs.remove_dir
- fs.remove_file
- fs.make_char
- fs.make_dir
- fs.make_reg
- fs.make_sock
- fs.make_fifo
- fs.make_block
- fs.make_sym
- fs.refer
- fs.truncate
- fs.ioctl_dev
Audit event sample for a denied link action:
type=LANDLOCK_DENY msg=audit(1729738800.349:44): domain=195ba459b blockers=fs.refer path="/usr/bin" dev="vda2" ino=351
type=LANDLOCK_DENY msg=audit(1729738800.349:44): domain=195ba459b blockers=fs.make_reg,fs.refer path="/usr/local" dev="vda2" ino=365
We could pack blocker names (e.g. "fs:make_reg,refer") but that would
increase complexity for the kernel and log parsers. Moreover, this
could not handle blockers of different classes (e.g. fs and net). Make
it simple and flexible instead.
Add KUnit tests to check the identification from a layer_mask_t array of
the first layer level denying such request.
Cc: Günther Noack <gnoack@google.com>
Depends-on: 058518c20920 ("landlock: Align partial refer access checks with final ones")
Depends-on: d617f0d72d80 ("landlock: Optimize file path walks and prepare for audit support")
Link: https://lore.kernel.org/r/20250320190717.2287696-13-mic@digikod.net
Signed-off-by: Mickaël Salaün <mic@digikod.net>
|
|
Add audit support for sb_mount, move_mount, sb_umount, sb_remount, and
sb_pivot_root hooks.
The new related blocker is "fs.change_topology".
Audit event sample:
type=LANDLOCK_DENY msg=audit(1729738800.349:44): domain=195ba459b blockers=fs.change_topology name="/" dev="tmpfs" ino=1
Remove landlock_get_applicable_domain() and get_current_fs_domain()
which are now fully replaced with landlock_get_applicable_subject().
Cc: Günther Noack <gnoack@google.com>
Link: https://lore.kernel.org/r/20250320190717.2287696-12-mic@digikod.net
Signed-off-by: Mickaël Salaün <mic@digikod.net>
|
|
Asynchronously log domain information when it first denies an access.
This minimize the amount of generated logs, which makes it possible to
always log denials for the current execution since they should not
happen. These records are identified with the new AUDIT_LANDLOCK_DOMAIN
type.
The AUDIT_LANDLOCK_DOMAIN message contains:
- the "domain" ID which is described;
- the "status" which can either be "allocated" or "deallocated";
- the "mode" which is for now only "enforcing";
- for the "allocated" status, a minimal set of properties to easily
identify the task that loaded the domain's policy with
landlock_restrict_self(2): "pid", "uid", executable path ("exe"), and
command line ("comm");
- for the "deallocated" state, the number of "denials" accounted to this
domain, which is at least 1.
This requires each domain to save these task properties at creation
time in the new struct landlock_details. A reference to the PID is kept
for the lifetime of the domain to avoid race conditions when
investigating the related task. The executable path is resolved and
stored to not keep a reference to the filesystem and block related
actions. All these metadata are stored for the lifetime of the related
domain and should then be minimal. The required memory is not accounted
to the task calling landlock_restrict_self(2) contrary to most other
Landlock allocations (see related comment).
The AUDIT_LANDLOCK_DOMAIN record follows the first AUDIT_LANDLOCK_ACCESS
record for the same domain, which is always followed by AUDIT_SYSCALL
and AUDIT_PROCTITLE. This is in line with the audit logic to first
record the cause of an event, and then add context with other types of
record.
Audit event sample for a first denial:
type=LANDLOCK_ACCESS msg=audit(1732186800.349:44): domain=195ba459b blockers=ptrace opid=1 ocomm="systemd"
type=LANDLOCK_DOMAIN msg=audit(1732186800.349:44): domain=195ba459b status=allocated mode=enforcing pid=300 uid=0 exe="/root/sandboxer" comm="sandboxer"
type=SYSCALL msg=audit(1732186800.349:44): arch=c000003e syscall=101 success=no [...] pid=300 auid=0
Audit event sample for a following denial:
type=LANDLOCK_ACCESS msg=audit(1732186800.372:45): domain=195ba459b blockers=ptrace opid=1 ocomm="systemd"
type=SYSCALL msg=audit(1732186800.372:45): arch=c000003e syscall=101 success=no [...] pid=300 auid=0
Log domain deletion with the "deallocated" state when a domain was
previously logged. This makes it possible for log parsers to free
potential resources when a domain ID will never show again.
The number of denied access requests is useful to easily check how many
access requests a domain blocked and potentially if some of them are
missing in logs because of audit rate limiting, audit rules, or Landlock
log configuration flags (see following commit).
Audit event sample for a deletion of a domain that denied something:
type=LANDLOCK_DOMAIN msg=audit(1732186800.393:46): domain=195ba459b status=deallocated denials=2
Cc: Günther Noack <gnoack@google.com>
Acked-by: Paul Moore <paul@paul-moore.com>
Link: https://lore.kernel.org/r/20250320190717.2287696-11-mic@digikod.net
[mic: Update comment and GFP flag for landlock_log_drop_domain()]
Signed-off-by: Mickaël Salaün <mic@digikod.net>
|
|
Add a new AUDIT_LANDLOCK_ACCESS record type dedicated to an access
request denied by a Landlock domain. AUDIT_LANDLOCK_ACCESS indicates
that something unexpected happened.
For now, only denied access are logged, which means that any
AUDIT_LANDLOCK_ACCESS record is always followed by a SYSCALL record with
"success=no". However, log parsers should check this syscall property
because this is the only sign that a request was denied. Indeed, we
could have "success=yes" if Landlock would support a "permissive" mode.
We could also add a new field to AUDIT_LANDLOCK_DOMAIN for this mode
(see following commit).
By default, the only logged access requests are those coming from the
same executed program that enforced the Landlock restriction on itself.
In other words, no audit record are created for a task after it called
execve(2). This is required to avoid log spam because programs may only
be aware of their own restrictions, but not the inherited ones.
Following commits will allow to conditionally generate
AUDIT_LANDLOCK_ACCESS records according to dedicated
landlock_restrict_self(2)'s flags.
The AUDIT_LANDLOCK_ACCESS message contains:
- the "domain" ID restricting the action on an object,
- the "blockers" that are missing to allow the requested access,
- a set of fields identifying the related object (e.g. task identified
with "opid" and "ocomm").
The blockers are implicit restrictions (e.g. ptrace), or explicit access
rights (e.g. filesystem), or explicit scopes (e.g. signal). This field
contains a list of at least one element, each separated with a comma.
The initial blocker is "ptrace", which describe all implicit Landlock
restrictions related to ptrace (e.g. deny tracing of tasks outside a
sandbox).
Add audit support to ptrace_access_check and ptrace_traceme hooks. For
the ptrace_access_check case, we log the current/parent domain and the
child task. For the ptrace_traceme case, we log the parent domain and
the current/child task. Indeed, the requester and the target are the
current task, but the action would be performed by the parent task.
Audit event sample:
type=LANDLOCK_ACCESS msg=audit(1729738800.349:44): domain=195ba459b blockers=ptrace opid=1 ocomm="systemd"
type=SYSCALL msg=audit(1729738800.349:44): arch=c000003e syscall=101 success=no [...] pid=300 auid=0
A following commit adds user documentation.
Add KUnit tests to check reading of domain ID relative to layer level.
The quick return for non-landlocked tasks is moved from task_ptrace() to
each LSM hooks.
It is not useful to inline the audit_enabled check because other
computation are performed by landlock_log_denial().
Use scoped guards for RCU read-side critical sections.
Cc: Günther Noack <gnoack@google.com>
Acked-by: Paul Moore <paul@paul-moore.com>
Link: https://lore.kernel.org/r/20250320190717.2287696-10-mic@digikod.net
Signed-off-by: Mickaël Salaün <mic@digikod.net>
|
|
Extend struct landlock_cred_security with a domain_exec bitmask to
identify which Landlock domain were created by the current task's bprm.
The whole bitmask is reset on each execve(2) call.
Cc: Günther Noack <gnoack@google.com>
Cc: Paul Moore <paul@paul-moore.com>
Link: https://lore.kernel.org/r/20250320190717.2287696-9-mic@digikod.net
Signed-off-by: Mickaël Salaün <mic@digikod.net>
|
|
This cosmetic change is needed for audit support, specifically to be
able to filter according to cross-execution boundaries.
struct landlock_file_security's size stay the same for now but it will
increase with struct landlock_cred_security's size.
Only save Landlock domain in hook_file_set_fowner() if the current
domain has LANDLOCK_SCOPE_SIGNAL, which was previously done for each
hook_file_send_sigiotask() calls. This should improve a bit
performance.
Replace hardcoded LANDLOCK_SCOPE_SIGNAL with the signal_scope.scope
variable.
Use scoped guards for RCU read-side critical sections.
Cc: Günther Noack <gnoack@google.com>
Link: https://lore.kernel.org/r/20250320190717.2287696-8-mic@digikod.net
Signed-off-by: Mickaël Salaün <mic@digikod.net>
|
|
This cosmetic change that is needed for audit support, specifically to
be able to filter according to cross-execution boundaries.
Replace hardcoded LANDLOCK_SCOPE_SIGNAL with the signal_scope.scope
variable.
Use scoped guards for RCU read-side critical sections.
Cc: Günther Noack <gnoack@google.com>
Link: https://lore.kernel.org/r/20250320190717.2287696-7-mic@digikod.net
[mic: Update headers]
Signed-off-by: Mickaël Salaün <mic@digikod.net>
|
|
This cosmetic change that is needed for audit support, specifically to
be able to filter according to cross-execution boundaries.
Optimize current_check_access_socket() to only handle the access
request.
Remove explicit domain->num_layers check which is now part of the
landlock_get_applicable_subject() call.
Cc: Günther Noack <gnoack@google.com>
Link: https://lore.kernel.org/r/20250320190717.2287696-6-mic@digikod.net
Signed-off-by: Mickaël Salaün <mic@digikod.net>
|
|
This cosmetic change is needed for audit support, specifically to be
able to filter according to cross-execution boundaries.
Add landlock_get_applicable_subject(), mainly a copy of
landlock_get_applicable_domain(), which will fully replace it in a
following commit.
Optimize current_check_access_path() to only handle the access request.
Partially replace get_current_fs_domain() with explicit calls to
landlock_get_applicable_subject(). The remaining ones will follow with
more changes.
Remove explicit domain->num_layers check which is now part of the
landlock_get_applicable_subject() call.
Cc: Günther Noack <gnoack@google.com>
Link: https://lore.kernel.org/r/20250320190717.2287696-5-mic@digikod.net
Signed-off-by: Mickaël Salaün <mic@digikod.net>
|
|
Create a new domain.h file containing the struct landlock_hierarchy
definition and helpers. This type will grow with audit support. This
also prepares for a new domain type.
Cc: Günther Noack <gnoack@google.com>
Link: https://lore.kernel.org/r/20250320190717.2287696-4-mic@digikod.net
Reviewed-by: Günther Noack <gnoack3000@gmail.com>
Signed-off-by: Mickaël Salaün <mic@digikod.net>
|
|
Landlock IDs can be generated to uniquely identify Landlock objects.
For now, only Landlock domains get an ID at creation time. These IDs
map to immutable domain hierarchies.
Landlock IDs have important properties:
- They are unique during the lifetime of the running system thanks to
the 64-bit values: at worse, 2^60 - 2*2^32 useful IDs.
- They are always greater than 2^32 and must then be stored in 64-bit
integer types.
- The initial ID (at boot time) is randomly picked between 2^32 and
2^33, which limits collisions in logs across different boots.
- IDs are sequential, which enables users to order them.
- IDs may not be consecutive but increase with a random 2^4 step, which
limits side channels.
Such IDs can be exposed to unprivileged processes, even if it is not the
case with this audit patch series. The domain IDs will be useful for
user space to identify sandboxes and get their properties.
These Landlock IDs are more secure that other absolute kernel IDs such
as pipe's inodes which rely on a shared global counter.
For checkpoint/restore features (i.e. CRIU), we could easily implement a
privileged interface (e.g. sysfs) to set the next ID counter.
IDR/IDA are not used because we only need a bijection from Landlock
objects to Landlock IDs, and we must not recycle IDs. This enables us
to identify all Landlock objects during the lifetime of the system (e.g.
in logs), but not to access an object from an ID nor know if an ID is
assigned. Using a counter is simpler, it scales (i.e. avoids growing
memory footprint), and it does not require locking. We'll use proper
file descriptors (with IDs used as inode numbers) to access Landlock
objects.
Cc: Günther Noack <gnoack@google.com>
Cc: Paul Moore <paul@paul-moore.com>
Link: https://lore.kernel.org/r/20250320190717.2287696-3-mic@digikod.net
Signed-off-by: Mickaël Salaün <mic@digikod.net>
|
|
Extract code from dump_common_audit_data() into the audit_log_lsm_data()
helper. This helps reuse common LSM audit data while not abusing
AUDIT_AVC records because of the common_lsm_audit() helper.
Depends-on: 7ccbe076d987 ("lsm: Only build lsm_audit.c if CONFIG_SECURITY and CONFIG_AUDIT are set")
Cc: Casey Schaufler <casey@schaufler-ca.com>
Cc: James Morris <jmorris@namei.org>
Cc: Serge E. Hallyn <serge@hallyn.com>
Acked-by: Paul Moore <paul@paul-moore.com>
Link: https://lore.kernel.org/r/20250320190717.2287696-2-mic@digikod.net
Reviewed-by: Günther Noack <gnoack3000@gmail.com>
Signed-off-by: Mickaël Salaün <mic@digikod.net>
|
|
The new signal_scoping_thread_setuid tests check that the libc's
setuid() function works as expected even when a thread is sandboxed with
scoped signal restrictions.
Before the signal scoping fix, this test would have failed with the
setuid() call:
[pid 65] getpid() = 65
[pid 65] tgkill(65, 66, SIGRT_1) = -1 EPERM (Operation not permitted)
[pid 65] futex(0x40a66cdc, FUTEX_WAKE_PRIVATE, 1) = 0
[pid 65] setuid(1001) = 0
After the fix, tgkill(2) is successfully leveraged to synchronize
credentials update across threads:
[pid 65] getpid() = 65
[pid 65] tgkill(65, 66, SIGRT_1) = 0
[pid 66] <... read resumed>0x40a65eb7, 1) = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
[pid 66] --- SIGRT_1 {si_signo=SIGRT_1, si_code=SI_TKILL, si_pid=65, si_uid=1000} ---
[pid 66] getpid() = 65
[pid 66] setuid(1001) = 0
[pid 66] futex(0x40a66cdc, FUTEX_WAKE_PRIVATE, 1) = 0
[pid 66] rt_sigreturn({mask=[]}) = 0
[pid 66] read(3, <unfinished ...>
[pid 65] setuid(1001) = 0
Test coverage for security/landlock is 92.9% of 1137 lines according to
gcc/gcov-14.
Fixes: c8994965013e ("selftests/landlock: Test signal scoping for threads")
Cc: Günther Noack <gnoack@google.com>
Cc: Tahera Fahimi <fahimitahera@gmail.com>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/r/20250318161443.279194-8-mic@digikod.net
[mic: Update test coverage]
Signed-off-by: Mickaël Salaün <mic@digikod.net>
|
|
Split signal_scoping_threads tests into signal_scoping_thread_before
and signal_scoping_thread_after.
Use local variables for thread synchronization. Fix exported function.
Replace some asserts with expects.
Fixes: c8994965013e ("selftests/landlock: Test signal scoping for threads")
Cc: Günther Noack <gnoack@google.com>
Cc: Tahera Fahimi <fahimitahera@gmail.com>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/r/20250318161443.279194-7-mic@digikod.net
Signed-off-by: Mickaël Salaün <mic@digikod.net>
|
|
Because Linux credentials are managed per thread, user space relies on
some hack to synchronize credential update across threads from the same
process. This is required by the Native POSIX Threads Library and
implemented by set*id(2) wrappers and libcap(3) to use tgkill(2) to
synchronize threads. See nptl(7) and libpsx(3). Furthermore, some
runtimes like Go do not enable developers to have control over threads
[1].
To avoid potential issues, and because threads are not security
boundaries, let's relax the Landlock (optional) signal scoping to always
allow signals sent between threads of the same process. This exception
is similar to the __ptrace_may_access() one.
hook_file_set_fowner() now checks if the target task is part of the same
process as the caller. If this is the case, then the related signal
triggered by the socket will always be allowed.
Scoping of abstract UNIX sockets is not changed because kernel objects
(e.g. sockets) should be tied to their creator's domain at creation
time.
Note that creating one Landlock domain per thread puts each of these
threads (and their future children) in their own scope, which is
probably not what users expect, especially in Go where we do not control
threads. However, being able to drop permissions on all threads should
not be restricted by signal scoping. We are working on a way to make it
possible to atomically restrict all threads of a process with the same
domain [2].
Add erratum for signal scoping.
Closes: https://github.com/landlock-lsm/go-landlock/issues/36
Fixes: 54a6e6bbf3be ("landlock: Add signal scoping")
Fixes: c8994965013e ("selftests/landlock: Test signal scoping for threads")
Depends-on: 26f204380a3c ("fs: Fix file_set_fowner LSM hook inconsistencies")
Link: https://pkg.go.dev/kernel.org/pub/linux/libs/security/libcap/psx [1]
Link: https://github.com/landlock-lsm/linux/issues/2 [2]
Cc: Günther Noack <gnoack@google.com>
Cc: Paul Moore <paul@paul-moore.com>
Cc: Serge Hallyn <serge@hallyn.com>
Cc: Tahera Fahimi <fahimitahera@gmail.com>
Cc: stable@vger.kernel.org
Acked-by: Christian Brauner <brauner@kernel.org>
Link: https://lore.kernel.org/r/20250318161443.279194-6-mic@digikod.net
[mic: Add extra pointer check and RCU guard, and ease backport]
Signed-off-by: Mickaël Salaün <mic@digikod.net>
|
|
- removal of WACOM_PKGLEN_MAX limit in Wacom driver (Jason Gerecke)
|
|
- fix for LED_KANA handling in hidbp (junan)
|
|
- code cleanup (Vicki Pfau)
|
|
- PlayStation 5 controllers support (Alex Henrie)
|
|
- improved mute handling (Terry Junge)
|
|
From: Tomasz Pakuła <tomasz.pakula.oficjalny@gmail.com>
This patch series is focused on improving the compatibility and usability of the
hid-pidff force feedback driver. Last patch introduces a new, universal driver
for PID devices that need some special handling like report fixups, remapping the
button range, managing new pidff quirks and setting desirable fuzz/flat values.
This work has been done in the span of the past months with the help of the great
Linux simracing community, with a little input from sim flight fans from FFBeast.
No changes interfere with compliant and currently working PID devices.
"Generic" codepath was tested as well with Moza and Simxperience AccuForce v2.
I'm not married to the name. It's what we used previously, but if "universal" is
confusing (pidff is already the generic driver), we can come up with something
better like "hid-quirky-pidff" :)
With v8 and tiny finx in v9, all the outstanding issues were resolved,
additional pidff issues were fixed and hid-pidff defines moved to a dedicated
header file. This patch series could be considered done bar any comments and
requests from input maintainers.
I could save more then a dozen lines of code by changing simple if statements
to only occupy on line instead of two in there's a need for that.
|
|
- conversion of hid-lg-g15 to standard multicolor LED API (Kate Hsuan)
|
|
- code cleanups (Dan Carpenter, Vishnu Sankar)
|
|
- removal of deprecated PCI API calls (Philipp Stanner)
- code cleanups (Even Xu)
|
|
- intel-ish Kbuild cleanup (Jiri Kosina)
|
|
- small include cleanup (Wolfram Sang)
|
|
- differentiate warning for reserved item tag from unknown item tag, in
accordance to 6.2.2.4 from the HID specification 1.11 (Tatsuya S)
|
|
- a few hid-bpf device fixes from udev-hid-bpf; XP-Pen and Huion plus one from
TUXEDO (Benjamin Tissoires)
|
|
- support for Apple Touch Bars (Kerem Karabay, Aditya Garg)
|
|
From: Mario Limonciello <mario.limonciello@amd.com>
Some platforms include a human presence detection (HPD) sensor. When
enabled and a user is detected a wake event will be emitted from the
sensor fusion hub that software can react to.
Example use cases are "wake from suspend on approach" or to "lock
when leaving".
This is currently enabled by default on supported systems, but users
can't control it. This essentially means that wake on approach is
enabled which is a really surprising behavior to users that don't
expect it.
Instead of defaulting to enabled add a sysfs knob that users can
use to enable the feature if desirable and set it to disabled by
default.
|
|
Instead of a bool field in struct io_sr_msg, use REQ_F_IMPORT_BUFFER to
track whether io_send_zc() has already imported the buffer. This flag
already serves a similar purpose for sendmsg_zc and {read,write}v_fixed.
Signed-off-by: Caleb Sander Mateos <csander@purestorage.com>
Suggested-by: Pavel Begunkov <asml.silence@gmail.com>
Reviewed-by: Pavel Begunkov <asml.silence@gmail.com>
Link: https://lore.kernel.org/r/20250325143943.1226467-1-csander@purestorage.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media
Pull media updates from Mauro Carvalho Chehab:
- platform: synopsys: hdmirx: Fix 64-bit division for 32-bit targets
- vim2m: print device name after registering device
- Synopsys DesignWare HDMI RX Driver and various fixes
- cec/printk fixes and the removal of the vidioc_g/s_ctrl and
vidioc_queryctrl callbacks
- AVerMedia H789-C PCIe support and rc-core structs padding
- Several camera sensor patches
- uvcvideo improvements
- visl: Fix ERANGE error when setting enum controls
- codec fixes
- V4L2 camera sensor patches mostly
- chips-media: wave5: Fixes
- Add SDM670 camera subsystem
- Qualcomm iris video decoder driver
- dt-bindings: update clocks for sc7280-camss
- various fixes and enhancements
* tag 'media/v6.15-1' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media: (264 commits)
media: pci: mgb4: include linux/errno.h
media: synopsys: hdmirx: Fix signedness bug in hdmirx_parse_dt()
media: platform: synopsys: hdmirx: Fix 64-bit division for 32-bit targets
media: vim2m: print device name after registering device
media: vivid: Introduce VIDEO_VIVID_OSD
media: vivid: Move all fb_info references into vivid-osd
media: platform: synopsys: hdmirx: Optimize struct snps_hdmirx_dev
media: platform: synopsys: hdmirx: Remove unused HDMI audio CODEC relics
media: platform: synopsys: hdmirx: Remove duplicated header inclusion
media: qcom: Clean up Kconfig dependencies
media: dvb-frontends: tda10048: Make the range of z explicit.
media: platform: stm32: Add check for clk_enable()
media: xilinx-tpg: fix double put in xtpg_parse_of()
media: siano: Fix error handling in smsdvb_module_init()
media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe()
media: i2c: tda1997x: Call of_node_put(ep) only once in tda1997x_parse_dt()
dt-bindings: media: mediatek,vcodec: Revise description
dt-bindings: media: mediatek,jpeg: Relax IOMMU max item count
media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf()
media: rockchip: rga: fix rga offset lookup
...
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/andy/linux-auxdisplay
Pull auxdisplay updates from Andy Shevchenko:
- Refactor a couple of APIs to reduce amount of calls to memory
allocator
- Miscellaneous small fixes and improvements
* tag 'auxdisplay-v6.15-1' of git://git.kernel.org/pub/scm/linux/kernel/git/andy/linux-auxdisplay:
auxdisplay: hd44780: Rename hd to hdc in hd44780_common_alloc()
auxdisplay: hd44780: Call charlcd_alloc() from hd44780_common_alloc()
auxdisplay: panel: Make use of hd44780_common_free()
auxdisplay: hd44780: Make use of hd44780_common_free()
auxdisplay: hd44780: Introduce hd44780_common_free()
auxdisplay: lcd2s: Allocate memory for custom data in charlcd_alloc()
auxdisplay: charlcd: Partially revert "Move hwidth and bwidth to struct hd44780_common"
auxdisplay: panel: Fix an API misuse in panel.c
auxdisplay: hd44780: Fix an API misuse in hd44780.c
auxdisplay: MAX6959 should select BITREVERSE
auxdisplay: seg-led-gpio: use gpiod_multi_set_value_cansleep
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/chrome-platform/linux
Pull chrome platform updates from Tzung-Bi Shih:
- Support ACPI match for Framework systems
- Expose new sysfs for:
- PD mux status for each EC-managed Type-C port
- EC feature of AP mode entry
- Setting USB mode of EC Type-C
* tag 'chrome-platform-v6.15' of git://git.kernel.org/pub/scm/linux/kernel/git/chrome-platform/linux:
platform/chrome: cros_ec_typec: Add support for setting USB mode via sysfs
platform/chrome: cros_ec_sysfs: Expose AP_MODE_ENTRY feature state
platform/chrome: cros_ec_sysfs: Expose PD mux status
platform/chrome: cros_ec_lpc: Match on Framework ACPI device
MAINTAINERS: Update maintainers for ChromeOS USBC related drivers
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/linux-pm
Pull pmdomain updates from Ulf Hansson:
"pmdomain core:
- Add dev_pm_genpd_rpm_always_on() to support more fine-grained PM
pmdomain providers:
- arm: Remove redundant state verification for the SCMI PM domain
- bcm: Add system-wakeup support for bcm2835 via GENPD_FLAG_ACTIVE_WAKEUP
- rockchip: Add support for regulators
- rockchip: Use SMC call to properly inform firmware
- sunxi: Add V853 ppu support
- thead: Add support for RISC-V TH1520 power-domains
firmware:
- Add support for the AON firmware protocol for RISC-V THEAD
cpuidle-psci:
- Update section in MAINTAINERS for cpuidle-psci
- Add trace support for PSCI domain-idlestates"
* tag 'pmdomain-v6.15' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/linux-pm: (29 commits)
firmware: thead: add CONFIG_MAILBOX dependency
firmware: thead,th1520-aon: Fix use after free in th1520_aon_init()
pmdomain: arm: scmi_pm_domain: Remove redundant state verification
pmdomain: thead: fix TH1520_AON_PROTOCOL dependency
pmdomain: thead: Add power-domain driver for TH1520
dt-bindings: power: Add TH1520 SoC power domains
firmware: thead: Add AON firmware protocol driver
dt-bindings: firmware: thead,th1520: Add support for firmware node
pmdomain: rockchip: add regulator dependency
pmdomain: rockchip: add regulator support
pmdomain: rockchip: fix rockchip_pd_power error handling
pmdomain: rockchip: reduce indentation in rockchip_pd_power
pmdomain: rockchip: forward rockchip_do_pmu_set_power_domain errors
pmdomain: rockchip: cleanup mutex handling in rockchip_pd_power
dt-bindings: power: rockchip: add regulator support
pmdomain: rockchip: Fix build error
pmdomain: imx: gpcv2: use proper helper for property detection
MAINTAINERS: Update section for cpuidle-psci
pmdomain: rockchip: Check if SMC could be handled by TA
cpuidle: psci: Add trace for PSCI domain idle
...
|
|
Pull MMC updates from Ulf Hansson:
"MMC host:
- atmel-mci: Convert DT bindings to json schema
- dw_mmc: Add support for the Exynos7870 variant
- dw_mmc-rockchip: Add support for the RK3562/3528 variants
- omap: Fix potential memory leak in the probe error path
- renesas_sdhi: Add support for RZ/G3E variants
- sdhci: Disable SD card clock before changing parameters
- sdhci-esdhc-imx: Add support for the i.MX94 variant
- sdhci-of-dwcmshc: Add support for the RK3562/RK3528 variants
- sdhci-omap: Disable aggressive PM for eMMC/SD-cards
- sdhci-pci-core: Wait for VDD to settle on card power off
- sdhci-pxav3: Fix busy-signalling by using MMC_CAP_NEED_RSP_BUSY
- sunxi-mmc: Add support for the A523 variant
MEMSTICK:
- rtsx_usb_ms: Fix potential use-after-free during remove"
* tag 'mmc-v6.15' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc: (27 commits)
mmc: core: Remove redundant null check
mmc: host: Wait for Vdd to settle on card power off
mmc: omap: Fix memory leak in mmc_omap_new_slot
memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove
mmc: renesas_sdhi: fix error code in renesas_sdhi_probe()
mmc: sdhci-pxav3: set NEED_RSP_BUSY capability
mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD
tty: mmc: sdio: use bool for cts and remove parentheses
dt-bindings: mmc: sunxi: add compatible strings for Allwinner A523
dt-bindings: mmc: sunxi: Simplify compatible string listing
dt-bindings: mmc: sdhci-of-dwcmhsc: Add compatible string for RK3528
dt-bindings: mmc: rockchip-dw-mshc: Add compatible string for RK3528
mmc: renesas_sdhi: Add support for RZ/G3E SoC
dt-bindings: mmc: renesas,sdhi: Document RZ/G3E support
dt-bindings: mmc: rockchip-dw-mshc: Add support for rk3562
dt-bindings: mmc: Add support for rk3562 eMMC
mmc: core: Trim trailing whitespace from card product names
dt-bindings: mmc: atmel,hsmci: Convert to json schema
dt-bindings: mmc: mmc-slot: Make compatible property optional
dt-bindings: mmc: fsl-imx-esdhc: Add i.MX94 support
...
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux
Pull gpio updates from Bartosz Golaszewski:
"There are no new drivers this time but several changes to the core
GPIO framework and various driver updates.
This release cycle, we're starting a relatively straightforward but
tedious rework of the GPIO consumer API: for historical reasons, the
gpiod_set_value() variants would return void. Not only that but the
GPIO provider interface does not even allow drivers to return a value
to GPIO core. This is because initial GPIO controllers would be MMIO
based and could not fail. We've had I2C, SPI and USB controllers for
years too but no way of indicating failures to callers.
This changes the consumer interface, adds new provider callbacks and
starts converting the drivers under drivers/gpio/ to using them. Once
this gets upstream, we'll keep on converting GPIO drivers that live
elsewhere and once there are no more users of the old callbacks, we'll
remove them and rename the new ones to the previous name. I imagine
the last step would happen in one sweeping change like what you did
for the remove_new() -> remove() renaming.
We've also addressed an issue where invalid return values from GPIO
drivers would get propagated to user-space by adding some
GPIO-core-level sanitization. Again: not a complex change but way
overdue.
Other than that: lots of driver and core refactoring, DT-bindings
changes and some other minor changes like coding style fixes or header
reordering.
GPIO core:
- add sanitization of return values of GPIO provider callbacks so
that invalid ones don't get propagated to user-space
- add new variants of the line setter callbacks for GPIO providers
that return an integer and allow to indicate driver errors to the
GPIO core
- change the interface of all gpiod_set_value() variants to return an
integer thus becoming able to indicate failures in the underlying
layer to callers
- drop unneeded ERR_CAST in gpiolib-acpi
- use for_each_if() where applicable
- provide gpiod_multi_set_value_cansleep() as a new, simpler
interface to gpiod_set_array_value_cansleep() and use it across
several drivers treewide
- reduce the number of atomic reads of the descriptor flags in
gpiolib debugfs code
- simplify for_each_hwgpio_in_range() and
for_each_requested_gpio_in_range()
- add support for three-cell GPIO specifiers in GPIO OF code
- don't build HTE (hardware timestamp engine) GPIO code with the HTE
subsystem disabled in Kconfig
- unduplicate calls to gpiod_direction_input_nonotify()
- rework the handling of the valid_mask property of GPIO chips: don't
allow drivers to set it as it should only be handled by GPIO core
and start actually enforcing it in GPIO core for *all* drivers, not
only the ones implementing a custom request() callback
- get the `ngpios` property from the fwnode of the GPIO chip, not its
device in order to handle multi-bank GPIO chips
Driver improvements:
- convert a part of the GPIO drivers under drivers/gpio/ to using the
new value setter callbacks
- convert several drivers to using automatic lock guards from
cleanup.h
- allow building gpio-bt8xx with COMPILE_TEST=y
- refactor gpio-74x164 (use devres, cleanup helpers, __counted_by()
and bits.h macros)
- refactor gpio-latch (use generic device properties, lock guards and
some local variables for better readability)
- refactor gpio-xilinx (improve the usage of the bitmap API)
- support multiple virtual GPIO controller instances in gpio-virtio
- allow gpio-regmap to use the standard `ngpios` property from
GPIOLIB
- factor out the common code for synchronous probing of virtual GPIO
devices into its own library
- use str_enable_disable(), str_high_low() and other string helpers
where applicable
- extend the gpio-mmio abstraction layer to allow calling into the
pinctrl back-end when setting direction
- convert gpio-vf610 to using the gpio-mmio library
- use more devres in gpio-adnp
- add support for reset-gpios in gpio-pcf857x
- add support for more models to gpio-loongson-64bit
DT bindings:
- add new compatibles to gpio-vf610 and gpio-loongson
- add missing gpio-ranges property to gpio-mvebu
- add reset-gpios to nxp,pcf8575
- enable gpio-hog parsing in ast2400-gpio
Misc:
- coding style improvements
- kerneldoc fixes
- includes reordering
- updates to the TODO list"
* tag 'gpio-updates-for-v6.15-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux: (119 commits)
gpio: TODO: add an item to track reworking the sysfs interface
gpio: TODO: add an item to track the conversion to the new value setters
gpio: TODO: add delimiters between tasks for better readability
gpio: TODO: remove the pinctrl integration task
gpio: TODO: remove task duplication
gpio: TODO: remove the item about the new debugfs interface
gpio: da9055: use new line value setter callbacks
gpio: da9052: use new line value setter callbacks
gpio: cs5535: use new line value setter callbacks
gpio: crystalcove: use new line value setter callbacks
gpio: cros-ec: use new line value setter callbacks
gpio: creg-snps: use new line value setter callbacks
gpio: cgbc: use new line value setter callbacks
gpio: bt8xx: use new line value setter callbacks
gpio: bt8xx: use lock guards
gpio: bt8xx: allow to build the module with COMPILE_TEST=y
gpio: bd9571mwv: use new line value setter callbacks
gpio: bd71828: use new line value setter callbacks
gpio: bd71815: use new line value setter callbacks
gpio: bcm-kona: use new line value setter callbacks
...
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging
Pull hwmon updates from Guenter Roeck:
"New drivers:
- Driver for HTU31
- Congatec Board Controller monitoring driver
- Driver for TI INA233 Current and Power Monitor
Support for additional chips or boards in existing drivers:
- pmbus/ltc2978: Add support for LT717x and LTM4673
- asus-ec-sensors: Add PRIME X670E-PRO WIFI
- k10temp: Add support for cyan skillfish
- nct6683: Add customer ID for AMD BC-250
- lm90: Add support for NCT7716, NCT7717 and NCT7718
Other notable improvements in existing drivers:
- emc2305: Add devicetree support, and use
devm_thermal_of_cooling_device_register
- acpi_power_meter: Convert to with_info API
- dell-smm: Increase the number of fans
- pmbus/core: Optimize debugfs support and use i2c_client
debugfs directory
- hwmon core: Fix the missing of 'average' word in
hwmon_power_attr_templates
- Various drivers: Use per-client debugfs entry provided by
I2C subsystem"
* tag 'hwmon-for-v6.15' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging: (49 commits)
hwmon: emc2305: Use devm_thermal_of_cooling_device_register
hwmon: emc2305: Add OF support
dt-bindings: hwmon: Add Microchip emc2305 support
dt-bindings: hwmon: Drop stray blank line in the header
hwmon: (acpi_power_meter) Replace the deprecated hwmon_device_register
hwmon: add driver for HTU31
dt-bindings: hwmon: Add description for sensor HTU31
hwmon: Add driver for TI INA233 Current and Power Monitor
dt-bindings: hwmon: ti,ina2xx: Add INA233 device
hwmon: Add Congatec Board Controller monitoring driver
hwmon: (pmbus/ltc2978) add support for lt717x
dt-bindings: hwmon: ltc2978: add support for LT717x
hwmon: (pmbus/ltc2978) Add support for LT717x - docs
hwmon: (dell-smm) Increment the number of fans
hwmon: (ntc_thermistor) return error instead of clipping on OOB
hwmon: (pt5161l) Use per-client debugfs entry
hwmon: Fix the missing of 'average' word in hwmon_power_attr_templates
hwmon: (acpi_power_meter) Fix the fake power alarm reporting
hwmon: (gpio-fan) Add missing mutex locks
dt-bindings: hwmon: gpio-fan: Add optional regulator support
...
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/ukleinek/linux
Pull pwm updates from Uwe Kleine-König:
"Here comes the usual mix of cleanups, new dt-bindings for existing
drivers and nexus nodes; and a new driver for the pwm subsystem.
Patches were contributed by Andy Shevchenko, Chen Wang, Chukun Pan,
Frank Li, Herve Codina, Kever Yang, and Nam Cao. Patch feedback was
provided by Andy Shevchenko, Conor Dooley, Daniel Mack, Duje
Mihanović, Heiko Stuebner, Herve Codina, Krzysztof Kozlowski, Neil
Armstrong, Rob Herring, and Zack Rusin. Thanks to all of them"
* tag 'pwm/for-6.15-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/ukleinek/linux:
dt-bindings: pwm: imx: Add i.MX93, i.MX94 and i.MX95 support
dt-bindings: pwm: rockchip: Add rockchip,rk3528-pwm
pwm: stmpe: Allow to compile as a module
pwm: Check for CONFIG_PWM using IS_REACHABLE() in main header
dt-bindings: pwm: rockchip: Add rockchip,rk3562-pwm
pwm: Strengthen dependency for PWM_SIFIVE
pwm: clps711x: Drop of_match_ptr() usage for .of_match_table
pwm: pca9685: Drop ACPI_PTR() and of_match_ptr()
pwm: Add support for pwm nexus dt bindings
dt-bindings: pwm: Add support for PWM nexus node
pwm: Add upgrade path to #pwm-cells = <3> for users of of_pwm_single_xlate()
pwm: gpio: Switch to use hrtimer_setup()
pwm: sophgo: add driver for Sophgo SG2042 PWM
dt-bindings: pwm: sophgo: add PWM controller for SG2042
pwm: lpss: Only include <linux/pwm.h> where needed
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi
Pull spi updates from Mark Brown:
"The biggest change for SPI this release is the addition of offload
support from David Lechner, allowing the hardware to trigger SPI
transactions autonomously. The initial use case is for triggering IIO
operations but there are other applications where having the hardware
ready to go at a minimal signal is useful for synchronising with
external inputs (eg, interrupt handling) or reducing latency (eg, CAN
networking).
Otherwise there's the usual fixes, improvements and cleanups, plus
support for a bunch of new devices.
- Support for offloading support from David Lechner
- Support for GOcontrol1 Moduline modules, Mediatek MT7988, NXP
i.MX94, Qualcomm SPI NAMD, Rockchip RK3562, Sophogo SG2044 and ST
STM32 OSPI"
* tag 'spi-v6.15' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi: (59 commits)
spi: spi-mem: Introduce a default ->exec_op() debug log
spi: dt-bindings: cdns,qspi-nor: Require some peripheral properties
spi: dt-bindings: cdns,qspi-nor: Deprecate the Cadence compatible alone
spi: dt-bindings: cdns,qspi-nor: Be more descriptive regarding what this controller is
spi: stm32-ospi: Include "gpio/consumer.h"
MAINTAINERS: adjust the file entry in GOCONTROLL MODULINE MODULE SLOT
spi: spi-qpic-snand: avoid memleak in qcom_spi_ecc_init_ctx_pipelined()
spi: spi-mux: Fix coverity issue, unchecked return value
spi: sophgo: fix incorrect type for ret in sg2044_spifmc_write()
spi: sg2044-nor: fix uninitialized variable in probe
spi: sg2044-nor: fix signedness bug in sg2044_spifmc_write()
spi: sg2044-nor: Convert to dev_err_probe()
spi: sg2044-nor: Fully convert to device managed resources
dt-bindings: spi: add compatibles for mt7988
spi: spidev: Add an entry for the gocontroll moduline module slot
MAINTAINERS: add maintainer for the GOcontroll Moduline module slot
dt-bindings: connector: Add the GOcontroll Moduline module slot bindings
dt-bindings: vendor-prefixes: add GOcontroll
spi: Use inclusive language
spi: cadence-qspi: Improve spi memory performance
...
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator
Pull regulator updates from Mark Brown:
"This has been a very quiet release, we've got support for one device
added, another removed, and some smaller fixes and API improvements.
The main thing of note is the rework of the PCA9450 LDO5 handling.
- A rework of the handling of LDO5 on the PCA9450, this was quite
wrong in how it handled the SD_VSEL conrol and only worked for some
system designs. This includes a DTS update since there was a not
quite ABI compatible change as part of the fix
- A devres change introducing devm_kmemdup_array() was pulled in so
it could be used with some regulator conversions to that function,
this pulled in some other devres and IIO stuff that was part of the
same pull request
- Removal of the PCF50633 driver, the SoC for the OpenMoko platform
that used it has been removed
- Support for the NXP PF9453"
* tag 'regulator-v6.15' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator: (24 commits)
regulator: axp20x: AXP717: dcdc4 doesn't have delay
regulator: dt-bindings: rtq2208: Cleanup whitespace
regulator: dt-bindings: rtq2208: Mark fixed LDO VOUT property as deprecated
regulator: rtq6752: make const read-only array fault_mask static
regulator: pf9453: add PMIC PF9453 support
regulator: dt-bindings: pca9450: Add nxp,pf9453 compatible string
regulator: pcf50633-regulator: Remove
regulator: pca9450: Handle hardware with fixed SD_VSEL for LDO5
regulator: cros-ec: use devm_kmemdup_array()
regulator: devres: use devm_kmemdup_array()
regulator: Add (devm_)of_regulator_get()
devres: Introduce devm_kmemdup_array()
iio: imu: st_lsm9ds0: Replace device.h with what is needed
driver core: Split devres APIs to device/devres.h
err.h: move IOMEM_ERR_PTR() to err.h
regulator: pca9450: Remove duplicate code in probe
regulator: ad5398: Fix incorrect power down bit mask
regulator: pca9450: Fix enable register for LDO5
regulator: pca9450: Fix control register for LDO5
Revert "regulator: pca9450: Add SD_VSEL GPIO for LDO5"
...
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux
Pull CRC updates from Eric Biggers:
"Another set of improvements to the kernel's CRC (cyclic redundancy
check) code:
- Rework the CRC64 library functions to be directly optimized, like
what I did last cycle for the CRC32 and CRC-T10DIF library
functions
- Rewrite the x86 PCLMULQDQ-optimized CRC code, and add VPCLMULQDQ
support and acceleration for crc64_be and crc64_nvme
- Rewrite the riscv Zbc-optimized CRC code, and add acceleration for
crc_t10dif, crc64_be, and crc64_nvme
- Remove crc_t10dif and crc64_rocksoft from the crypto API, since
they are no longer needed there
- Rename crc64_rocksoft to crc64_nvme, as the old name was incorrect
- Add kunit test cases for crc64_nvme and crc7
- Eliminate redundant functions for calculating the Castagnoli CRC32,
settling on just crc32c()
- Remove unnecessary prompts from some of the CRC kconfig options
- Further optimize the x86 crc32c code"
* tag 'crc-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux: (36 commits)
x86/crc: drop the avx10_256 functions and rename avx10_512 to avx512
lib/crc: remove unnecessary prompt for CONFIG_CRC64
lib/crc: remove unnecessary prompt for CONFIG_LIBCRC32C
lib/crc: remove unnecessary prompt for CONFIG_CRC8
lib/crc: remove unnecessary prompt for CONFIG_CRC7
lib/crc: remove unnecessary prompt for CONFIG_CRC4
lib/crc7: unexport crc7_be_syndrome_table
lib/crc_kunit.c: update comment in crc_benchmark()
lib/crc_kunit.c: add test and benchmark for crc7_be()
x86/crc32: optimize tail handling for crc32c short inputs
riscv/crc64: add Zbc optimized CRC64 functions
riscv/crc-t10dif: add Zbc optimized CRC-T10DIF function
riscv/crc32: reimplement the CRC32 functions using new template
riscv/crc: add "template" for Zbc optimized CRC functions
x86/crc: add ANNOTATE_NOENDBR to suppress objtool warnings
x86/crc32: improve crc32c_arch() code generation with clang
x86/crc64: implement crc64_be and crc64_nvme using new template
x86/crc-t10dif: implement crc_t10dif using new template
x86/crc32: implement crc32_le using new template
x86/crc: add "template" for [V]PCLMULQDQ based CRC functions
...
|
|
Pull fscrypt updates from Eric Biggers:
"A fix for an issue where CONFIG_FS_ENCRYPTION could be enabled without
some of its dependencies, and a small documentation update"
* tag 'fscrypt-for-linus' of git://git.kernel.org/pub/scm/fs/fscrypt/linux:
fscrypt: mention init_on_free instead of page poisoning
fscrypt: drop obsolete recommendation to enable optimized ChaCha20
Revert "fscrypt: relax Kconfig dependencies for crypto API algorithms"
|
|
Pull fsverity updates from Eric Biggers:
"A fix for an issue where CONFIG_FS_VERITY could be enabled without
some of its dependencies, and a small documentation update"
* tag 'fsverity-for-linus' of git://git.kernel.org/pub/scm/fs/fsverity/linux:
Revert "fsverity: relax build time dependency on CRYPTO_SHA256"
Documentation: add a usecase for FS_IOC_READ_VERITY_METADATA
|
|
Pull smack updates from Casey Schaufler:
"This is a larger set of patches than usual, consisting of a set of
build clean-ups, a rework of error handling in setting up CIPSO label
specification and a bug fix in network labeling"
* tag 'Smack-for-6.15' of https://github.com/cschaufler/smack-next:
smack: recognize ipv4 CIPSO w/o categories
smack: Revert "smackfs: Added check catlen"
smack: remove /smack/logging if audit is not configured
smack: ipv4/ipv6: tcp/dccp/sctp: fix incorrect child socket label
smack: dont compile ipv6 code unless ipv6 is configured
Smack: fix typos and spelling errors
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux
Pull selinux updates from Paul Moore:
- Add additional SELinux access controls for kernel file reads/loads
The SELinux kernel file read/load access controls were never updated
beyond the initial kernel module support, this pull request adds
support for firmware, kexec, policies, and x.509 certificates.
- Add support for wildcards in network interface names
There are a number of userspace tools which auto-generate network
interface names using some pattern of <XXXX>-<NN> where <XXXX> is a
fixed string, e.g. "podman", and <NN> is a increasing counter.
Supporting wildcards in the SELinux policy for network interfaces
simplifies the policy associted with these interfaces.
- Fix a potential problem in the kernel read file SELinux code
SELinux should always check the file label in the
security_kernel_read_file() LSM hook, regardless of if the file is
being read in chunks. Unfortunately, the existing code only
considered the file label on the first chunk; this pull request fixes
this problem.
There is more detail in the individual commit, but thankfully the
existing code didn't expose a bug due to multi-stage reads only
taking place in one driver, and that driver loading a file type that
isn't targeted by the SELinux policy.
- Fix the subshell error handling in the example policy loader
Minor fix to SELinux example policy loader in scripts/selinux due to
an undesired interaction with subshells and errexit.
* tag 'selinux-pr-20250323' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux:
selinux: get netif_wildcard policycap from policy instead of cache
selinux: support wildcard network interface names
selinux: Chain up tool resolving errors in install_policy.sh
selinux: add permission checks for loading other kinds of kernel files
selinux: always check the file label in selinux_kernel_read_file()
selinux: fix spelling error
|
