This is the start of the stable review cycle for the 4.14.285 release.
There are 237 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Sat, 25 Jun 2022 16:43:11 +0000.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.285-rc1.gz
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <[email protected]>
Linux 4.14.285-rc1
Willy Tarreau <[email protected]>
tcp: drop the hash_32() part from the index calculation
Willy Tarreau <[email protected]>
tcp: increase source port perturb table to 2^16
Willy Tarreau <[email protected]>
tcp: dynamically allocate the perturb table used by source ports
Willy Tarreau <[email protected]>
tcp: add small random increments to the source port
Willy Tarreau <[email protected]>
tcp: use different parts of the port_offset for index and offset
Eric Dumazet <[email protected]>
tcp: add some entropy in __inet_hash_connect()
Colin Ian King <[email protected]>
xprtrdma: fix incorrect header size calculations
Marian Postevca <[email protected]>
usb: gadget: u_ether: fix regression in setting fixed MAC address
Christian Borntraeger <[email protected]>
s390/mm: use non-quiescing sske for KVM switch to keyed guest
James Chapman <[email protected]>
l2tp: fix race in pppol2tp_release with session object destroy
James Chapman <[email protected]>
l2tp: don't use inet_shutdown on ppp session destroy
Murilo Opsfelder Araujo <[email protected]>
virtio-pci: Remove wrong address verification in vp_del_vqs()
Zhang Yi <[email protected]>
ext4: add reserved GDT blocks check
Ding Xiang <[email protected]>
ext4: make variable "count" signed
Baokun Li <[email protected]>
ext4: fix bug_on ext4_mb_use_inode_pa
Ilpo Järvinen <[email protected]>
serial: 8250: Store to lsr_save_flags after lsr read
Miaoqian Lin <[email protected]>
usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe
Miaoqian Lin <[email protected]>
usb: dwc2: Fix memory leak in dwc2_hcd_init
Robert Eckelmann <[email protected]>
USB: serial: io_ti: add Agilent E5805A support
Slark Xiao <[email protected]>
USB: serial: option: add support for Cinterion MV31 with new baseline
Ian Abbott <[email protected]>
comedi: vmk80xx: fix expression for tx buffer size
Miaoqian Lin <[email protected]>
irqchip/gic/realview: Fix refcount leak in realview_gic_of_init
Masahiro Yamada <[email protected]>
certs/blacklist_hashes.c: fix const confusion in certs blacklist
Mark Rutland <[email protected]>
arm64: ftrace: fix branch range checks
Christophe JAILLET <[email protected]>
net: bgmac: Fix an erroneous kfree() in bgmac_remove()
Miaoqian Lin <[email protected]>
misc: atmel-ssc: Fix IRQ check in ssc_probe
Vincent Whitchurch <[email protected]>
tty: goldfish: Fix free_irq() on remove
Aleksandr Loktionov <[email protected]>
i40e: Fix call trace in setup_tx_descriptors
Trond Myklebust <[email protected]>
pNFS: Don't keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE
Jason A. Donenfeld <[email protected]>
random: credit cpu and bootloader seeds by default
Chen Lin <[email protected]>
net: ethernet: mtk_eth_soc: fix misuse of mem alloc interface netdev[napi]_alloc_frag
Wang Yufen <[email protected]>
ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg
Xiaohui Zhang <[email protected]>
nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred
chengkaitao <[email protected]>
virtio-mmio: fix missing put_device() when vm_cmdline_parent registration failed
Chengguang Xu <[email protected]>
scsi: pmcraid: Fix missing resource cleanup in error case
Chengguang Xu <[email protected]>
scsi: ipr: Fix missing/incorrect resource cleanup in error case
James Smart <[email protected]>
scsi: lpfc: Fix port stuck in bypassed state after LIP in PT2PT topology
Wentao Wang <[email protected]>
scsi: vmw_pvscsi: Expand vcpuHint to 16 bits
Adam Ford <[email protected]>
ASoC: wm8962: Fix suspend while playing music
Sergey Shtylyov <[email protected]>
ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo()
Charles Keepax <[email protected]>
ASoC: cs42l56: Correct typo in minimum level for SX volume controls
Charles Keepax <[email protected]>
ASoC: cs42l52: Correct TLV for Bypass Volume
Charles Keepax <[email protected]>
ASoC: cs53l30: Correct number of volume levels on SX controls
Charles Keepax <[email protected]>
ASoC: cs42l52: Fix TLV scales for mixer controls
Jason A. Donenfeld <[email protected]>
random: account for arch randomness in bits
Jason A. Donenfeld <[email protected]>
random: mark bootloader randomness code as __init
Jason A. Donenfeld <[email protected]>
random: avoid checking crng_ready() twice in random_init()
Nicolai Stange <[email protected]>
crypto: drbg - make reseeding from get_random_bytes() synchronous
Stephan Müller <[email protected]>
crypto: drbg - always try to free Jitter RNG instance
Nicolai Stange <[email protected]>
crypto: drbg - move dynamic ->reseed_threshold adjustments to __drbg_seed()
Nicolai Stange <[email protected]>
crypto: drbg - track whether DRBG was seeded with !rng_is_initialized()
Nicolai Stange <[email protected]>
crypto: drbg - prepare for more fine-grained tracking of seeding state
Stephan Müller <[email protected]>
crypto: drbg - always seeded with SP800-90B compliant noise source
Stephan Mueller <[email protected]>
crypto: drbg - add FIPS 140-2 CTRNG for noise source
Jason A. Donenfeld <[email protected]>
Revert "random: use static branch for crng_ready()"
Jason A. Donenfeld <[email protected]>
random: check for signals after page of pool writes
Jens Axboe <[email protected]>
random: wire up fops->splice_{read,write}_iter()
Jens Axboe <[email protected]>
random: convert to using fops->write_iter()
Jason A. Donenfeld <[email protected]>
random: move randomize_page() into mm where it belongs
Jason A. Donenfeld <[email protected]>
random: move initialization functions out of hot pages
Jason A. Donenfeld <[email protected]>
random: use proper return types on get_random_{int,long}_wait()
Jason A. Donenfeld <[email protected]>
random: remove extern from functions in header
Jason A. Donenfeld <[email protected]>
random: use static branch for crng_ready()
Jason A. Donenfeld <[email protected]>
random: credit architectural init the exact amount
Jason A. Donenfeld <[email protected]>
random: handle latent entropy and command line from random_init()
Jason A. Donenfeld <[email protected]>
random: use proper jiffies comparison macro
Jason A. Donenfeld <[email protected]>
random: remove ratelimiting for in-kernel unseeded randomness
Jason A. Donenfeld <[email protected]>
random: avoid initializing twice in credit race
Jason A. Donenfeld <[email protected]>
random: use symbolic constants for crng_init states
Jason A. Donenfeld <[email protected]>
siphash: use one source of truth for siphash permutations
Jason A. Donenfeld <[email protected]>
random: help compiler out with fast_mix() by using simpler arguments
Jason A. Donenfeld <[email protected]>
random: do not use input pool from hard IRQs
Jason A. Donenfeld <[email protected]>
random: order timer entropy functions below interrupt functions
Jason A. Donenfeld <[email protected]>
random: do not pretend to handle premature next security model
Jason A. Donenfeld <[email protected]>
random: do not use batches when !crng_ready()
Jason A. Donenfeld <[email protected]>
random: insist on random_get_entropy() existing in order to simplify
Jason A. Donenfeld <[email protected]>
xtensa: use fallback for random_get_entropy() instead of zero
Jason A. Donenfeld <[email protected]>
sparc: use fallback for random_get_entropy() instead of zero
Jason A. Donenfeld <[email protected]>
um: use fallback for random_get_entropy() instead of zero
Jason A. Donenfeld <[email protected]>
x86/tsc: Use fallback for random_get_entropy() instead of zero
Jason A. Donenfeld <[email protected]>
nios2: use fallback for random_get_entropy() instead of zero
Jason A. Donenfeld <[email protected]>
arm: use fallback for random_get_entropy() instead of zero
Jason A. Donenfeld <[email protected]>
mips: use fallback for random_get_entropy() instead of just c0 random
Jason A. Donenfeld <[email protected]>
m68k: use fallback for random_get_entropy() instead of zero
Jason A. Donenfeld <[email protected]>
timekeeping: Add raw clock fallback for random_get_entropy()
Jason A. Donenfeld <[email protected]>
powerpc: define get_cycles macro for arch-override
Jason A. Donenfeld <[email protected]>
alpha: define get_cycles macro for arch-override
Jason A. Donenfeld <[email protected]>
parisc: define get_cycles macro for arch-override
Jason A. Donenfeld <[email protected]>
s390: define get_cycles macro for arch-override
Jason A. Donenfeld <[email protected]>
ia64: define get_cycles macro for arch-override
Jason A. Donenfeld <[email protected]>
init: call time_init() before rand_initialize()
Jason A. Donenfeld <[email protected]>
random: fix sysctl documentation nits
Jason A. Donenfeld <[email protected]>
random: document crng_fast_key_erasure() destination possibility
Jason A. Donenfeld <[email protected]>
random: make random_get_entropy() return an unsigned long
Jason A. Donenfeld <[email protected]>
random: check for signals every PAGE_SIZE chunk of /dev/[u]random
Jann Horn <[email protected]>
random: check for signal_pending() outside of need_resched() check
Jason A. Donenfeld <[email protected]>
random: do not allow user to keep crng key around on stack
Jan Varho <[email protected]>
random: do not split fast init input in add_hwgenerator_randomness()
Jason A. Donenfeld <[email protected]>
random: mix build-time latent entropy into pool at init
Jason A. Donenfeld <[email protected]>
random: re-add removed comment about get_random_{u32,u64} reseeding
Jason A. Donenfeld <[email protected]>
random: treat bootloader trust toggle the same way as cpu trust toggle
Jason A. Donenfeld <[email protected]>
random: skip fast_init if hwrng provides large chunk of entropy
Jason A. Donenfeld <[email protected]>
random: check for signal and try earlier when generating entropy
Jason A. Donenfeld <[email protected]>
random: reseed more often immediately after booting
Jason A. Donenfeld <[email protected]>
random: make consistent usage of crng_ready()
Jason A. Donenfeld <[email protected]>
random: use SipHash as interrupt entropy accumulator
Jason A. Donenfeld <[email protected]>
random: replace custom notifier chain with standard one
Jason A. Donenfeld <[email protected]>
random: don't let 644 read-only sysctls be written to
Jason A. Donenfeld <[email protected]>
random: give sysctl_random_min_urandom_seed a more sensible value
Jason A. Donenfeld <[email protected]>
random: do crng pre-init loading in worker rather than irq
Jason A. Donenfeld <[email protected]>
random: unify cycles_t and jiffies usage and types
Jason A. Donenfeld <[email protected]>
random: cleanup UUID handling
Jason A. Donenfeld <[email protected]>
random: only wake up writers after zap if threshold was passed
Jason A. Donenfeld <[email protected]>
random: round-robin registers as ulong, not u32
Jason A. Donenfeld <[email protected]>
random: clear fast pool, crng, and batches in cpuhp bring up
Jason A. Donenfeld <[email protected]>
random: pull add_hwgenerator_randomness() declaration into random.h
Jason A. Donenfeld <[email protected]>
random: check for crng_init == 0 in add_device_randomness()
Jason A. Donenfeld <[email protected]>
random: unify early init crng load accounting
Jason A. Donenfeld <[email protected]>
random: do not take pool spinlock at boot
Jason A. Donenfeld <[email protected]>
random: defer fast pool mixing to worker
Jason A. Donenfeld <[email protected]>
random: rewrite header introductory comment
Jason A. Donenfeld <[email protected]>
random: group sysctl functions
Jason A. Donenfeld <[email protected]>
random: group userspace read/write functions
Jason A. Donenfeld <[email protected]>
random: group entropy collection functions
Jason A. Donenfeld <[email protected]>
random: group entropy extraction functions
Jason A. Donenfeld <[email protected]>
random: group initialization wait functions
Jason A. Donenfeld <[email protected]>
random: remove whitespace and reorder includes
Jason A. Donenfeld <[email protected]>
random: remove useless header comment
Jason A. Donenfeld <[email protected]>
random: introduce drain_entropy() helper to declutter crng_reseed()
Jason A. Donenfeld <[email protected]>
random: deobfuscate irq u32/u64 contributions
Jason A. Donenfeld <[email protected]>
random: add proper SPDX header
Jason A. Donenfeld <[email protected]>
random: remove unused tracepoints
Jason A. Donenfeld <[email protected]>
random: remove ifdef'd out interrupt bench
Jason A. Donenfeld <[email protected]>
random: tie batched entropy generation to base_crng generation
Jason A. Donenfeld <[email protected]>
random: zero buffer after reading entropy from userspace
Jason A. Donenfeld <[email protected]>
random: remove outdated INT_MAX >> 6 check in urandom_read()
Jason A. Donenfeld <[email protected]>
random: use hash function for crng_slow_load()
Jason A. Donenfeld <[email protected]>
random: absorb fast pool into input pool after fast load
Jason A. Donenfeld <[email protected]>
random: do not xor RDRAND when writing into /dev/random
Jason A. Donenfeld <[email protected]>
random: ensure early RDSEED goes through mixer on init
Jason A. Donenfeld <[email protected]>
random: inline leaves of rand_initialize()
Jason A. Donenfeld <[email protected]>
random: use RDSEED instead of RDRAND in entropy extraction
Dominik Brodowski <[email protected]>
random: fix locking in crng_fast_load()
Jason A. Donenfeld <[email protected]>
random: remove batched entropy locking
Eric Biggers <[email protected]>
random: remove use_input_pool parameter from crng_reseed()
Jason A. Donenfeld <[email protected]>
random: make credit_entropy_bits() always safe
Jason A. Donenfeld <[email protected]>
random: always wake up entropy writers after extraction
Jason A. Donenfeld <[email protected]>
random: use linear min-entropy accumulation crediting
Jason A. Donenfeld <[email protected]>
random: simplify entropy debiting
Jason A. Donenfeld <[email protected]>
random: use computational hash for entropy extraction
Dominik Brodowski <[email protected]>
random: only call crng_finalize_init() for primary_crng
Dominik Brodowski <[email protected]>
random: access primary_pool directly rather than through pointer
Dominik Brodowski <[email protected]>
random: continually use hwgenerator randomness
Jason A. Donenfeld <[email protected]>
random: simplify arithmetic function flow in account()
Jason A. Donenfeld <[email protected]>
random: access input_pool_data directly rather than through pointer
Jason A. Donenfeld <[email protected]>
random: cleanup fractional entropy shift constants
Jason A. Donenfeld <[email protected]>
random: prepend remaining pool constants with POOL_
Jason A. Donenfeld <[email protected]>
random: de-duplicate INPUT_POOL constants
Jason A. Donenfeld <[email protected]>
random: remove unused OUTPUT_POOL constants
Jason A. Donenfeld <[email protected]>
random: rather than entropy_store abstraction, use global
Linus Torvalds <[email protected]>
random: try to actively add entropy rather than passively wait for it
Jason A. Donenfeld <[email protected]>
random: remove unused extract_entropy() reserved argument
Jason A. Donenfeld <[email protected]>
random: remove incomplete last_data logic
Jason A. Donenfeld <[email protected]>
random: cleanup integer types
Eric Biggers <[email protected]>
crypto: chacha20 - Fix chacha20_block() keystream alignment (again)
Jason A. Donenfeld <[email protected]>
random: cleanup poolinfo abstraction
Schspa Shi <[email protected]>
random: fix typo in comments
Jann Horn <[email protected]>
random: don't reset crng_init_cnt on urandom_read()
Jason A. Donenfeld <[email protected]>
random: avoid superfluous call to RDRAND in CRNG extraction
Dominik Brodowski <[email protected]>
random: early initialization of ChaCha constants
Eric Biggers <[email protected]>
random: initialize ChaCha20 constants with correct endianness
Jason A. Donenfeld <[email protected]>
random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs
Dominik Brodowski <[email protected]>
random: harmonize "crng init done" messages
Jason A. Donenfeld <[email protected]>
random: mix bootloader randomness into pool
Jason A. Donenfeld <[email protected]>
random: do not re-init if crng_reseed completes before primary init
Jason A. Donenfeld <[email protected]>
random: do not sign extend bytes for rotation when mixing
Jason A. Donenfeld <[email protected]>
random: use BLAKE2s instead of SHA1 in extraction
Sebastian Andrzej Siewior <[email protected]>
random: remove unused irq_flags argument from add_interrupt_randomness()
Mark Brown <[email protected]>
random: document add_hwgenerator_randomness() with other input functions
Eric Biggers <[email protected]>
crypto: blake2s - adjust include guard naming
Eric Biggers <[email protected]>
crypto: blake2s - include <linux/bug.h> instead of <asm/bug.h>
Jason A. Donenfeld <[email protected]>
MAINTAINERS: co-maintain random.c
Eric Biggers <[email protected]>
random: remove dead code left over from blocking pool
Ard Biesheuvel <[email protected]>
random: avoid arch_get_random_seed_long() when collecting IRQ randomness
Mark Rutland <[email protected]>
random: add arch_get_random_*long_early()
Richard Henderson <[email protected]>
powerpc: Use bool in archrandom.h
Richard Henderson <[email protected]>
linux/random.h: Mark CONFIG_ARCH_RANDOM functions __must_check
Richard Henderson <[email protected]>
linux/random.h: Use false with bool
Richard Henderson <[email protected]>
linux/random.h: Remove arch_has_random, arch_has_random_seed
Richard Henderson <[email protected]>
s390: Remove arch_has_random, arch_has_random_seed
Richard Henderson <[email protected]>
powerpc: Remove arch_has_random, arch_has_random_seed
Richard Henderson <[email protected]>
x86: Remove arch_has_random, arch_has_random_seed
Mark Rutland <[email protected]>
random: avoid warnings for !CONFIG_NUMA builds
Mark Rutland <[email protected]>
random: split primary/secondary crng init paths
Yangtao Li <[email protected]>
random: remove some dead code of poolinfo
Yangtao Li <[email protected]>
random: fix typo in add_timer_randomness()
Yangtao Li <[email protected]>
random: Add and use pr_fmt()
Yangtao Li <[email protected]>
random: convert to ENTROPY_BITS for better code readability
Yangtao Li <[email protected]>
random: remove unnecessary unlikely()
Andy Lutomirski <[email protected]>
random: remove kernel.random.read_wakeup_threshold
Andy Lutomirski <[email protected]>
random: delete code to pull data into pools
Andy Lutomirski <[email protected]>
random: remove the blocking pool
Dominik Brodowski <[email protected]>
random: fix crash on multiple early calls to add_bootloader_randomness()
Sergey Senozhatsky <[email protected]>
char/random: silence a lockdep splat with printk()
Andy Lutomirski <[email protected]>
random: make /dev/random be almost like /dev/urandom
Andy Lutomirski <[email protected]>
random: ignore GRND_RANDOM in getentropy(2)
Andy Lutomirski <[email protected]>
random: add GRND_INSECURE to return best-effort non-cryptographic bytes
Andy Lutomirski <[email protected]>
random: Add a urandom_read_nowait() for random APIs that don't warn
Andy Lutomirski <[email protected]>
random: Don't wake crng_init_wait when crng_init == 1
Jason A. Donenfeld <[email protected]>
lib/crypto: sha1: re-roll loops to reduce code size
Jason A. Donenfeld <[email protected]>
lib/crypto: blake2s: move hmac construction into wireguard
Jason A. Donenfeld <[email protected]>
crypto: blake2s - generic C library implementation and selftest
Andy Shevchenko <[email protected]>
crypto: Deduplicate le32_to_cpu_array() and cpu_to_le32_array()
Herbert Xu <[email protected]>
Revert "hwrng: core - Freeze khwrng thread during suspend"
Borislav Petkov <[email protected]>
char/random: Add a newline at the end of the file
Stephen Boyd <[email protected]>
random: Use wait_event_freezable() in add_hwgenerator_randomness()
Hsin-Yi Wang <[email protected]>
fdt: add support for rng-seed
Stephen Boyd <[email protected]>
random: Support freezable kthreads in add_hwgenerator_randomness()
Theodore Ts'o <[email protected]>
random: fix soft lockup when trying to read from an uninitialized blocking pool
Vasily Gorbik <[email protected]>
latent_entropy: avoid build error when plugin cflags are not set
George Spelvin <[email protected]>
random: document get_random_int() family
Kees Cook <[email protected]>
random: move rand_initialize() earlier
Theodore Ts'o <[email protected]>
random: only read from /dev/random after its pool has received 128 bits
Rasmus Villemoes <[email protected]>
drivers/char/random.c: make primary_crng static
Rasmus Villemoes <[email protected]>
drivers/char/random.c: remove unused stuct poolinfo::poolbits
Rasmus Villemoes <[email protected]>
drivers/char/random.c: constify poolinfo_table
Kees Cook <[email protected]>
random: make CPU trust a boot parameter
Jason A. Donenfeld <[email protected]>
random: Make crng state queryable
Ingo Molnar <[email protected]>
random: remove preempt disabled region
Theodore Ts'o <[email protected]>
random: add a config option to trust the CPU's hwrng
Tobin C. Harding <[email protected]>
random: Return nbytes filled from hw RNG
Tobin C. Harding <[email protected]>
random: Fix whitespace pre random-bytes work
Rasmus Villemoes <[email protected]>
drivers/char/random.c: remove unused dont_count_entropy
Andi Kleen <[email protected]>
random: optimize add_interrupt_randomness
Jason A. Donenfeld <[email protected]>
random: always fill buffer in get_random_bytes_wait
Eric Biggers <[email protected]>
crypto: chacha20 - Fix keystream alignment for chacha20_block()
Al Viro <[email protected]>
9p: missing chunk of "fs/9p: Don't update file type when updating file attributes"
-------------
Diffstat:
Documentation/admin-guide/kernel-parameters.txt | 12 +
Documentation/sysctl/kernel.txt | 35 +-
MAINTAINERS | 1 +
Makefile | 4 +-
arch/alpha/include/asm/timex.h | 1 +
arch/arm/include/asm/timex.h | 1 +
arch/arm64/kernel/ftrace.c | 4 +-
arch/ia64/include/asm/timex.h | 1 +
arch/m68k/include/asm/timex.h | 2 +-
arch/mips/include/asm/timex.h | 17 +-
arch/nios2/include/asm/timex.h | 3 +
arch/parisc/include/asm/timex.h | 3 +-
arch/powerpc/include/asm/archrandom.h | 27 +-
arch/powerpc/include/asm/timex.h | 1 +
arch/s390/include/asm/archrandom.h | 12 -
arch/s390/include/asm/timex.h | 1 +
arch/s390/mm/pgtable.c | 2 +-
arch/sparc/include/asm/timex_32.h | 4 +-
arch/um/include/asm/timex.h | 9 +-
arch/x86/include/asm/archrandom.h | 12 +-
arch/x86/include/asm/timex.h | 9 +
arch/x86/include/asm/tsc.h | 7 +-
arch/xtensa/include/asm/timex.h | 6 +-
certs/blacklist_hashes.c | 2 +-
crypto/chacha20_generic.c | 3 +-
crypto/drbg.c | 220 +-
crypto/md4.c | 17 -
crypto/md5.c | 17 -
drivers/ata/libata-core.c | 4 +-
drivers/char/Kconfig | 38 +-
drivers/char/hw_random/core.c | 1 +
drivers/char/random.c | 3032 +++++++++--------------
drivers/hv/vmbus_drv.c | 2 +-
drivers/irqchip/irq-gic-realview.c | 1 +
drivers/misc/atmel-ssc.c | 4 +-
drivers/net/ethernet/broadcom/bgmac-bcma.c | 1 -
drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 25 +-
drivers/net/ethernet/mediatek/mtk_eth_soc.c | 21 +-
drivers/nfc/nfcmrvl/usb.c | 16 +-
drivers/of/fdt.c | 14 +-
drivers/scsi/ipr.c | 4 +-
drivers/scsi/lpfc/lpfc_nportdisc.c | 3 +-
drivers/scsi/pmcraid.c | 2 +-
drivers/scsi/vmw_pvscsi.h | 4 +-
drivers/staging/comedi/drivers/vmk80xx.c | 2 +-
drivers/tty/goldfish.c | 2 +-
drivers/tty/serial/8250/8250_port.c | 2 +
drivers/usb/dwc2/hcd.c | 2 +-
drivers/usb/gadget/function/u_ether.c | 11 +-
drivers/usb/gadget/udc/lpc32xx_udc.c | 1 +
drivers/usb/serial/io_ti.c | 2 +
drivers/usb/serial/io_usbvend.h | 1 +
drivers/usb/serial/option.c | 6 +
drivers/virtio/virtio_mmio.c | 1 +
drivers/virtio/virtio_pci_common.c | 3 +-
fs/9p/vfs_inode_dotl.c | 10 +-
fs/ext4/mballoc.c | 9 +
fs/ext4/namei.c | 3 +-
fs/ext4/resize.c | 10 +
fs/nfs/pnfs.c | 6 +
include/crypto/blake2s.h | 102 +
include/crypto/chacha20.h | 17 +-
include/crypto/drbg.h | 18 +-
include/crypto/internal/blake2s.h | 19 +
include/linux/byteorder/generic.h | 17 +
include/linux/cpuhotplug.h | 2 +
include/linux/hw_random.h | 2 -
include/linux/mm.h | 2 +
include/linux/prandom.h | 23 +-
include/linux/random.h | 125 +-
include/linux/siphash.h | 28 +
include/linux/timex.h | 10 +-
include/trace/events/random.h | 316 ---
include/uapi/linux/random.h | 4 +-
init/main.c | 18 +-
kernel/cpu.c | 11 +
kernel/irq/handle.c | 2 +-
kernel/time/timekeeping.c | 16 +
lib/Kconfig.debug | 5 +-
lib/Makefile | 2 +
lib/chacha20.c | 6 +-
lib/crypto/Makefile | 7 +
lib/crypto/blake2s-generic.c | 111 +
lib/crypto/blake2s-selftest.c | 591 +++++
lib/crypto/blake2s.c | 78 +
lib/random32.c | 15 +-
lib/sha1.c | 95 +-
lib/siphash.c | 32 +-
mm/util.c | 33 +
net/ipv4/inet_hashtables.c | 34 +-
net/l2tp/l2tp_ip6.c | 5 +-
net/l2tp/l2tp_ppp.c | 60 +-
net/sunrpc/xprtrdma/rpc_rdma.c | 4 +-
sound/soc/codecs/cs42l52.c | 8 +-
sound/soc/codecs/cs42l56.c | 4 +-
sound/soc/codecs/cs53l30.c | 16 +-
sound/soc/codecs/wm8962.c | 1 +
97 files changed, 2776 insertions(+), 2739 deletions(-)
From: "Jason A. Donenfeld" <[email protected]>
commit a5ed7cb1a7732ef11959332d507889fbc39ebbb4 upstream.
This pulls all of the entropy extraction-focused functions into the
third labeled section.
No functional changes.
Cc: Theodore Ts'o <[email protected]>
Reviewed-by: Eric Biggers <[email protected]>
Reviewed-by: Dominik Brodowski <[email protected]>
Signed-off-by: Jason A. Donenfeld <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
drivers/char/random.c | 216 +++++++++++++++++++++++++-------------------------
1 file changed, 109 insertions(+), 107 deletions(-)
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -890,23 +890,36 @@ size_t __must_check get_random_bytes_arc
}
EXPORT_SYMBOL(get_random_bytes_arch);
+
+/**********************************************************************
+ *
+ * Entropy accumulation and extraction routines.
+ *
+ * Callers may add entropy via:
+ *
+ * static void mix_pool_bytes(const void *in, size_t nbytes)
+ *
+ * After which, if added entropy should be credited:
+ *
+ * static void credit_entropy_bits(size_t nbits)
+ *
+ * Finally, extract entropy via these two, with the latter one
+ * setting the entropy count to zero and extracting only if there
+ * is POOL_MIN_BITS entropy credited prior:
+ *
+ * static void extract_entropy(void *buf, size_t nbytes)
+ * static bool drain_entropy(void *buf, size_t nbytes)
+ *
+ **********************************************************************/
+
enum {
POOL_BITS = BLAKE2S_HASH_SIZE * 8,
POOL_MIN_BITS = POOL_BITS /* No point in settling for less. */
};
-/*
- * Static global variables
- */
+/* For notifying userspace should write into /dev/random. */
static DECLARE_WAIT_QUEUE_HEAD(random_write_wait);
-/**********************************************************************
- *
- * OS independent entropy store. Here are the functions which handle
- * storing entropy in an entropy pool.
- *
- **********************************************************************/
-
static struct {
struct blake2s_state hash;
spinlock_t lock;
@@ -919,28 +932,106 @@ static struct {
.lock = __SPIN_LOCK_UNLOCKED(input_pool.lock),
};
-static void extract_entropy(void *buf, size_t nbytes);
-static bool drain_entropy(void *buf, size_t nbytes);
-
-static void crng_reseed(void);
+static void _mix_pool_bytes(const void *in, size_t nbytes)
+{
+ blake2s_update(&input_pool.hash, in, nbytes);
+}
/*
* This function adds bytes into the entropy "pool". It does not
* update the entropy estimate. The caller should call
* credit_entropy_bits if this is appropriate.
*/
-static void _mix_pool_bytes(const void *in, size_t nbytes)
+static void mix_pool_bytes(const void *in, size_t nbytes)
{
- blake2s_update(&input_pool.hash, in, nbytes);
+ unsigned long flags;
+
+ spin_lock_irqsave(&input_pool.lock, flags);
+ _mix_pool_bytes(in, nbytes);
+ spin_unlock_irqrestore(&input_pool.lock, flags);
}
-static void mix_pool_bytes(const void *in, size_t nbytes)
+static void credit_entropy_bits(size_t nbits)
+{
+ unsigned int entropy_count, orig, add;
+
+ if (!nbits)
+ return;
+
+ add = min_t(size_t, nbits, POOL_BITS);
+
+ do {
+ orig = READ_ONCE(input_pool.entropy_count);
+ entropy_count = min_t(unsigned int, POOL_BITS, orig + add);
+ } while (cmpxchg(&input_pool.entropy_count, orig, entropy_count) != orig);
+
+ if (crng_init < 2 && entropy_count >= POOL_MIN_BITS)
+ crng_reseed();
+}
+
+/*
+ * This is an HKDF-like construction for using the hashed collected entropy
+ * as a PRF key, that's then expanded block-by-block.
+ */
+static void extract_entropy(void *buf, size_t nbytes)
{
unsigned long flags;
+ u8 seed[BLAKE2S_HASH_SIZE], next_key[BLAKE2S_HASH_SIZE];
+ struct {
+ unsigned long rdseed[32 / sizeof(long)];
+ size_t counter;
+ } block;
+ size_t i;
+
+ for (i = 0; i < ARRAY_SIZE(block.rdseed); ++i) {
+ if (!arch_get_random_seed_long(&block.rdseed[i]) &&
+ !arch_get_random_long(&block.rdseed[i]))
+ block.rdseed[i] = random_get_entropy();
+ }
spin_lock_irqsave(&input_pool.lock, flags);
- _mix_pool_bytes(in, nbytes);
+
+ /* seed = HASHPRF(last_key, entropy_input) */
+ blake2s_final(&input_pool.hash, seed);
+
+ /* next_key = HASHPRF(seed, RDSEED || 0) */
+ block.counter = 0;
+ blake2s(next_key, (u8 *)&block, seed, sizeof(next_key), sizeof(block), sizeof(seed));
+ blake2s_init_key(&input_pool.hash, BLAKE2S_HASH_SIZE, next_key, sizeof(next_key));
+
spin_unlock_irqrestore(&input_pool.lock, flags);
+ memzero_explicit(next_key, sizeof(next_key));
+
+ while (nbytes) {
+ i = min_t(size_t, nbytes, BLAKE2S_HASH_SIZE);
+ /* output = HASHPRF(seed, RDSEED || ++counter) */
+ ++block.counter;
+ blake2s(buf, (u8 *)&block, seed, i, sizeof(block), sizeof(seed));
+ nbytes -= i;
+ buf += i;
+ }
+
+ memzero_explicit(seed, sizeof(seed));
+ memzero_explicit(&block, sizeof(block));
+}
+
+/*
+ * First we make sure we have POOL_MIN_BITS of entropy in the pool, and then we
+ * set the entropy count to zero (but don't actually touch any data). Only then
+ * can we extract a new key with extract_entropy().
+ */
+static bool drain_entropy(void *buf, size_t nbytes)
+{
+ unsigned int entropy_count;
+ do {
+ entropy_count = READ_ONCE(input_pool.entropy_count);
+ if (entropy_count < POOL_MIN_BITS)
+ return false;
+ } while (cmpxchg(&input_pool.entropy_count, entropy_count, 0) != entropy_count);
+ extract_entropy(buf, nbytes);
+ wake_up_interruptible(&random_write_wait);
+ kill_fasync(&fasync, SIGIO, POLL_OUT);
+ return true;
}
struct fast_pool {
@@ -983,24 +1074,6 @@ static void fast_mix(u32 pool[4])
pool[2] = c; pool[3] = d;
}
-static void credit_entropy_bits(size_t nbits)
-{
- unsigned int entropy_count, orig, add;
-
- if (!nbits)
- return;
-
- add = min_t(size_t, nbits, POOL_BITS);
-
- do {
- orig = READ_ONCE(input_pool.entropy_count);
- entropy_count = min_t(unsigned int, POOL_BITS, orig + add);
- } while (cmpxchg(&input_pool.entropy_count, orig, entropy_count) != orig);
-
- if (crng_init < 2 && entropy_count >= POOL_MIN_BITS)
- crng_reseed();
-}
-
/*********************************************************************
*
* Entropy input management
@@ -1197,77 +1270,6 @@ void add_disk_randomness(struct gendisk
EXPORT_SYMBOL_GPL(add_disk_randomness);
#endif
-/*********************************************************************
- *
- * Entropy extraction routines
- *
- *********************************************************************/
-
-/*
- * This is an HKDF-like construction for using the hashed collected entropy
- * as a PRF key, that's then expanded block-by-block.
- */
-static void extract_entropy(void *buf, size_t nbytes)
-{
- unsigned long flags;
- u8 seed[BLAKE2S_HASH_SIZE], next_key[BLAKE2S_HASH_SIZE];
- struct {
- unsigned long rdseed[32 / sizeof(long)];
- size_t counter;
- } block;
- size_t i;
-
- for (i = 0; i < ARRAY_SIZE(block.rdseed); ++i) {
- if (!arch_get_random_seed_long(&block.rdseed[i]) &&
- !arch_get_random_long(&block.rdseed[i]))
- block.rdseed[i] = random_get_entropy();
- }
-
- spin_lock_irqsave(&input_pool.lock, flags);
-
- /* seed = HASHPRF(last_key, entropy_input) */
- blake2s_final(&input_pool.hash, seed);
-
- /* next_key = HASHPRF(seed, RDSEED || 0) */
- block.counter = 0;
- blake2s(next_key, (u8 *)&block, seed, sizeof(next_key), sizeof(block), sizeof(seed));
- blake2s_init_key(&input_pool.hash, BLAKE2S_HASH_SIZE, next_key, sizeof(next_key));
-
- spin_unlock_irqrestore(&input_pool.lock, flags);
- memzero_explicit(next_key, sizeof(next_key));
-
- while (nbytes) {
- i = min_t(size_t, nbytes, BLAKE2S_HASH_SIZE);
- /* output = HASHPRF(seed, RDSEED || ++counter) */
- ++block.counter;
- blake2s(buf, (u8 *)&block, seed, i, sizeof(block), sizeof(seed));
- nbytes -= i;
- buf += i;
- }
-
- memzero_explicit(seed, sizeof(seed));
- memzero_explicit(&block, sizeof(block));
-}
-
-/*
- * First we make sure we have POOL_MIN_BITS of entropy in the pool, and then we
- * set the entropy count to zero (but don't actually touch any data). Only then
- * can we extract a new key with extract_entropy().
- */
-static bool drain_entropy(void *buf, size_t nbytes)
-{
- unsigned int entropy_count;
- do {
- entropy_count = READ_ONCE(input_pool.entropy_count);
- if (entropy_count < POOL_MIN_BITS)
- return false;
- } while (cmpxchg(&input_pool.entropy_count, entropy_count, 0) != entropy_count);
- extract_entropy(buf, nbytes);
- wake_up_interruptible(&random_write_wait);
- kill_fasync(&fasync, SIGIO, POLL_OUT);
- return true;
-}
-
/*
* Each time the timer fires, we expect that we got an unpredictable
* jump in the cycle counter. Even if the timer is running on another
From: Dominik Brodowski <[email protected]>
commit c321e907aa4803d562d6e70ebed9444ad082f953 upstream.
The rngd kernel thread may sleep indefinitely if the entropy count is
kept above random_write_wakeup_bits by other entropy sources. To make
best use of multiple sources of randomness, mix entropy from hardware
RNGs into the pool at least once within CRNG_RESEED_INTERVAL.
Cc: Herbert Xu <[email protected]>
Cc: Jason A. Donenfeld <[email protected]>
Signed-off-by: Dominik Brodowski <[email protected]>
Signed-off-by: Jason A. Donenfeld <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
drivers/char/random.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -2192,13 +2192,15 @@ void add_hwgenerator_randomness(const ch
return;
}
- /* Suspend writing if we're above the trickle threshold.
+ /* Throttle writing if we're above the trickle threshold.
* We'll be woken up again once below random_write_wakeup_thresh,
- * or when the calling thread is about to terminate.
+ * when the calling thread is about to terminate, or once
+ * CRNG_RESEED_INTERVAL has lapsed.
*/
- wait_event_interruptible(random_write_wait,
+ wait_event_interruptible_timeout(random_write_wait,
!system_wq || kthread_should_stop() ||
- POOL_ENTROPY_BITS() <= random_write_wakeup_bits);
+ POOL_ENTROPY_BITS() <= random_write_wakeup_bits,
+ CRNG_RESEED_INTERVAL);
mix_pool_bytes(buffer, count);
credit_entropy_bits(entropy);
}
From: "Jason A. Donenfeld" <[email protected]>
commit afba0b80b977b2a8f16234f2acd982f82710ba33 upstream.
Since rand_initialize() is run while interrupts are still off and
nothing else is running, we don't need to repeatedly take and release
the pool spinlock, especially in the RDSEED loop.
Reviewed-by: Eric Biggers <[email protected]>
Reviewed-by: Dominik Brodowski <[email protected]>
Signed-off-by: Jason A. Donenfeld <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
drivers/char/random.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -973,10 +973,10 @@ int __init rand_initialize(void)
rv = random_get_entropy();
arch_init = false;
}
- mix_pool_bytes(&rv, sizeof(rv));
+ _mix_pool_bytes(&rv, sizeof(rv));
}
- mix_pool_bytes(&now, sizeof(now));
- mix_pool_bytes(utsname(), sizeof(*(utsname())));
+ _mix_pool_bytes(&now, sizeof(now));
+ _mix_pool_bytes(utsname(), sizeof(*(utsname())));
extract_entropy(base_crng.key, sizeof(base_crng.key));
++base_crng.generation;
From: Adam Ford <[email protected]>
[ Upstream commit d1f5272c0f7d2e53c6f2480f46725442776f5f78 ]
If the audio CODEC is playing sound when the system is suspended,
it can be left in a state which throws the following error:
wm8962 3-001a: ASoC: error at soc_component_read_no_lock on wm8962.3-001a: -16
Once this error has occurred, the audio will not work again until rebooted.
Fix this by configuring SET_SYSTEM_SLEEP_PM_OPS.
Signed-off-by: Adam Ford <[email protected]>
Acked-by: Charles Keepax <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Mark Brown <[email protected]>
Signed-off-by: Sasha Levin <[email protected]>
---
sound/soc/codecs/wm8962.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/sound/soc/codecs/wm8962.c b/sound/soc/codecs/wm8962.c
index 0e8008d38161..d46881f96c16 100644
--- a/sound/soc/codecs/wm8962.c
+++ b/sound/soc/codecs/wm8962.c
@@ -3861,6 +3861,7 @@ static int wm8962_runtime_suspend(struct device *dev)
#endif
static const struct dev_pm_ops wm8962_pm = {
+ SET_SYSTEM_SLEEP_PM_OPS(pm_runtime_force_suspend, pm_runtime_force_resume)
SET_RUNTIME_PM_OPS(wm8962_runtime_suspend, wm8962_runtime_resume, NULL)
};
--
2.35.1
On Thu, Jun 23, 2022 at 06:40:34PM +0200, Greg Kroah-Hartman wrote:
> This is the start of the stable review cycle for the 4.14.285 release.
> There are 237 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Sat, 25 Jun 2022 16:43:11 +0000.
> Anything received after that time might be too late.
>
Build results:
total: 170 pass: 170 fail: 0
Qemu test results:
total: 424 pass: 424 fail: 0
Tested-by: Guenter Roeck <[email protected]>
Guenter
On Thu, 23 Jun 2022 at 22:29, Greg Kroah-Hartman
<[email protected]> wrote:
>
> This is the start of the stable review cycle for the 4.14.285 release.
> There are 237 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Sat, 25 Jun 2022 16:43:11 +0000.
> Anything received after that time might be too late.
>
> The whole patch series can be found in one patch at:
> https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.285-rc1.gz
> or in the git tree and branch at:
> git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y
> and the diffstat can be found below.
>
> thanks,
>
> greg k-h
Results from Linaro’s test farm.
No regressions on arm64, arm, x86_64, and i386.
Tested-by: Linux Kernel Functional Testing <[email protected]>
## Build
* kernel: 4.14.285-rc1
* git: https://gitlab.com/Linaro/lkft/mirrors/stable/linux-stable-rc
* git branch: linux-4.14.y
* git commit: 948a36f89e96c3d3bcaa8643911949a6115da893
* git describe: v4.14.284-238-g948a36f89e96
* test details:
https://qa-reports.linaro.org/lkft/linux-stable-rc-linux-4.14.y/build/v4.14.284-238-g948a36f89e96
## Test Regressions (compared to v4.14.284-228-g0ecf242ba512)
No test regressions found.
## Metric Regressions (compared to v4.14.284-228-g0ecf242ba512)
No metric regressions found.
## Test Fixes (compared to v4.14.284-228-g0ecf242ba512)
No test fixes found.
## Metric Fixes (compared to v4.14.284-228-g0ecf242ba512)
No metric fixes found.
## Test result summary
total: 109413, pass: 96739, fail: 194, skip: 11203, xfail: 1277
## Build Summary
* arc: 10 total, 10 passed, 0 failed
* arm: 289 total, 283 passed, 6 failed
* arm64: 52 total, 45 passed, 7 failed
* i386: 27 total, 23 passed, 4 failed
* mips: 22 total, 22 passed, 0 failed
* parisc: 12 total, 12 passed, 0 failed
* powerpc: 16 total, 16 passed, 0 failed
* s390: 12 total, 9 passed, 3 failed
* sh: 24 total, 24 passed, 0 failed
* sparc: 12 total, 12 passed, 0 failed
* x86_64: 49 total, 47 passed, 2 failed
## Test suites summary
* fwts
* kunit
* kvm-unit-tests
* libhugetlbfs
* log-parser-boot
* log-parser-test
* ltp-cap_bounds
* ltp-cap_bounds-tests
* ltp-commands
* ltp-commands-tests
* ltp-containers
* ltp-containers-tests
* ltp-controllers-tests
* ltp-cpuhotplug-tests
* ltp-crypto
* ltp-crypto-tests
* ltp-cve-tests
* ltp-dio-tests
* ltp-fcntl-locktests
* ltp-fcntl-locktests-tests
* ltp-filecaps
* ltp-filecaps-tests
* ltp-fs
* ltp-fs-tests
* ltp-fs_bind
* ltp-fs_bind-tests
* ltp-fs_perms_simple
* ltp-fs_perms_simple-tests
* ltp-fsx
* ltp-fsx-tests
* ltp-hugetlb
* ltp-hugetlb-tests
* ltp-io
* ltp-io-tests
* ltp-ipc
* ltp-ipc-tests
* ltp-math-tests
* ltp-mm-tests
* ltp-nptl
* ltp-nptl-tests
* ltp-open-posix-tests
* ltp-pty
* ltp-pty-tests
* ltp-sched
* ltp-sched-tests
* ltp-securebits
* ltp-securebits-tests
* ltp-smoke
* ltp-syscalls-tests
* ltp-tracing-tests
* network-basic-tests
* packetdrill
* rcutorture
* v4l2-compliance
* vdso
--
Linaro LKFT
https://lkft.linaro.org