From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Amit Klein <aksecurity@gmail.com>,
Willy Tarreau <w@1wt.eu>, Eric Dumazet <edumazet@google.com>,
"Jason A. Donenfeld" <Jason@zx2c4.com>,
Andy Lutomirski <luto@kernel.org>,
Kees Cook <keescook@chromium.org>,
Thomas Gleixner <tglx@linutronix.de>,
Peter Zijlstra <peterz@infradead.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
tytso@mit.edu, Florian Westphal <fw@strlen.de>,
Marc Plumb <lkml.mplumb@gmail.com>, George Spelvin <lkml@sdf.org>
Subject: [PATCH 4.19 094/101] random32: make prandom_u32() output unpredictable
Date: Tue, 17 Nov 2020 14:06:01 +0100 [thread overview]
Message-ID: <20201117122117.715769467@linuxfoundation.org> (raw)
In-Reply-To: <20201117122113.128215851@linuxfoundation.org>
From: George Spelvin <lkml@sdf.org>
commit c51f8f88d705e06bd696d7510aff22b33eb8e638 upstream.
Non-cryptographic PRNGs may have great statistical properties, but
are usually trivially predictable to someone who knows the algorithm,
given a small sample of their output. An LFSR like prandom_u32() is
particularly simple, even if the sample is widely scattered bits.
It turns out the network stack uses prandom_u32() for some things like
random port numbers which it would prefer are *not* trivially predictable.
Predictability led to a practical DNS spoofing attack. Oops.
This patch replaces the LFSR with a homebrew cryptographic PRNG based
on the SipHash round function, which is in turn seeded with 128 bits
of strong random key. (The authors of SipHash have *not* been consulted
about this abuse of their algorithm.) Speed is prioritized over security;
attacks are rare, while performance is always wanted.
Replacing all callers of prandom_u32() is the quick fix.
Whether to reinstate a weaker PRNG for uses which can tolerate it
is an open question.
Commit f227e3ec3b5c ("random32: update the net random state on interrupt
and activity") was an earlier attempt at a solution. This patch replaces
it.
Reported-by: Amit Klein <aksecurity@gmail.com>
Cc: Willy Tarreau <w@1wt.eu>
Cc: Eric Dumazet <edumazet@google.com>
Cc: "Jason A. Donenfeld" <Jason@zx2c4.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Kees Cook <keescook@chromium.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: tytso@mit.edu
Cc: Florian Westphal <fw@strlen.de>
Cc: Marc Plumb <lkml.mplumb@gmail.com>
Fixes: f227e3ec3b5c ("random32: update the net random state on interrupt and activity")
Signed-off-by: George Spelvin <lkml@sdf.org>
Link: https://lore.kernel.org/netdev/20200808152628.GA27941@SDF.ORG/
[ willy: partial reversal of f227e3ec3b5c; moved SIPROUND definitions
to prandom.h for later use; merged George's prandom_seed() proposal;
inlined siprand_u32(); replaced the net_rand_state[] array with 4
members to fix a build issue; cosmetic cleanups to make checkpatch
happy; fixed RANDOM32_SELFTEST build ]
[wt: backported to 4.19 -- various context adjustments]
Signed-off-by: Willy Tarreau <w@1wt.eu>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
drivers/char/random.c | 1
include/linux/prandom.h | 36 +++
kernel/time/timer.c | 7
lib/random32.c | 462 +++++++++++++++++++++++++++++-------------------
4 files changed, 317 insertions(+), 189 deletions(-)
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -1257,7 +1257,6 @@ void add_interrupt_randomness(int irq, i
fast_mix(fast_pool);
add_interrupt_bench(cycles);
- this_cpu_add(net_rand_state.s1, fast_pool->pool[cycles & 3]);
if (unlikely(crng_init == 0)) {
if ((fast_pool->count >= 64) &&
--- a/include/linux/prandom.h
+++ b/include/linux/prandom.h
@@ -16,12 +16,44 @@ void prandom_bytes(void *buf, size_t nby
void prandom_seed(u32 seed);
void prandom_reseed_late(void);
+#if BITS_PER_LONG == 64
+/*
+ * The core SipHash round function. Each line can be executed in
+ * parallel given enough CPU resources.
+ */
+#define PRND_SIPROUND(v0, v1, v2, v3) ( \
+ v0 += v1, v1 = rol64(v1, 13), v2 += v3, v3 = rol64(v3, 16), \
+ v1 ^= v0, v0 = rol64(v0, 32), v3 ^= v2, \
+ v0 += v3, v3 = rol64(v3, 21), v2 += v1, v1 = rol64(v1, 17), \
+ v3 ^= v0, v1 ^= v2, v2 = rol64(v2, 32) \
+)
+
+#define PRND_K0 (0x736f6d6570736575 ^ 0x6c7967656e657261)
+#define PRND_K1 (0x646f72616e646f6d ^ 0x7465646279746573)
+
+#elif BITS_PER_LONG == 32
+/*
+ * On 32-bit machines, we use HSipHash, a reduced-width version of SipHash.
+ * This is weaker, but 32-bit machines are not used for high-traffic
+ * applications, so there is less output for an attacker to analyze.
+ */
+#define PRND_SIPROUND(v0, v1, v2, v3) ( \
+ v0 += v1, v1 = rol32(v1, 5), v2 += v3, v3 = rol32(v3, 8), \
+ v1 ^= v0, v0 = rol32(v0, 16), v3 ^= v2, \
+ v0 += v3, v3 = rol32(v3, 7), v2 += v1, v1 = rol32(v1, 13), \
+ v3 ^= v0, v1 ^= v2, v2 = rol32(v2, 16) \
+)
+#define PRND_K0 0x6c796765
+#define PRND_K1 0x74656462
+
+#else
+#error Unsupported BITS_PER_LONG
+#endif
+
struct rnd_state {
__u32 s1, s2, s3, s4;
};
-DECLARE_PER_CPU(struct rnd_state, net_rand_state);
-
u32 prandom_u32_state(struct rnd_state *state);
void prandom_bytes_state(struct rnd_state *state, void *buf, size_t nbytes);
void prandom_seed_full_state(struct rnd_state __percpu *pcpu_state);
--- a/kernel/time/timer.c
+++ b/kernel/time/timer.c
@@ -1655,13 +1655,6 @@ void update_process_times(int user_tick)
scheduler_tick();
if (IS_ENABLED(CONFIG_POSIX_TIMERS))
run_posix_cpu_timers(p);
-
- /* The current CPU might make use of net randoms without receiving IRQs
- * to renew them often enough. Let's update the net_rand_state from a
- * non-constant value that's not affine to the number of calls to make
- * sure it's updated when there's some activity (we don't care in idle).
- */
- this_cpu_add(net_rand_state.s1, rol32(jiffies, 24) + user_tick);
}
/**
--- a/lib/random32.c
+++ b/lib/random32.c
@@ -40,16 +40,6 @@
#include <linux/sched.h>
#include <asm/unaligned.h>
-#ifdef CONFIG_RANDOM32_SELFTEST
-static void __init prandom_state_selftest(void);
-#else
-static inline void prandom_state_selftest(void)
-{
-}
-#endif
-
-DEFINE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy;
-
/**
* prandom_u32_state - seeded pseudo-random number generator.
* @state: pointer to state structure holding seeded state.
@@ -70,25 +60,6 @@ u32 prandom_u32_state(struct rnd_state *
EXPORT_SYMBOL(prandom_u32_state);
/**
- * prandom_u32 - pseudo random number generator
- *
- * A 32 bit pseudo-random number is generated using a fast
- * algorithm suitable for simulation. This algorithm is NOT
- * considered safe for cryptographic use.
- */
-u32 prandom_u32(void)
-{
- struct rnd_state *state = &get_cpu_var(net_rand_state);
- u32 res;
-
- res = prandom_u32_state(state);
- put_cpu_var(net_rand_state);
-
- return res;
-}
-EXPORT_SYMBOL(prandom_u32);
-
-/**
* prandom_bytes_state - get the requested number of pseudo-random bytes
*
* @state: pointer to state structure holding seeded state.
@@ -119,20 +90,6 @@ void prandom_bytes_state(struct rnd_stat
}
EXPORT_SYMBOL(prandom_bytes_state);
-/**
- * prandom_bytes - get the requested number of pseudo-random bytes
- * @buf: where to copy the pseudo-random bytes to
- * @bytes: the requested number of bytes
- */
-void prandom_bytes(void *buf, size_t bytes)
-{
- struct rnd_state *state = &get_cpu_var(net_rand_state);
-
- prandom_bytes_state(state, buf, bytes);
- put_cpu_var(net_rand_state);
-}
-EXPORT_SYMBOL(prandom_bytes);
-
static void prandom_warmup(struct rnd_state *state)
{
/* Calling RNG ten times to satisfy recurrence condition */
@@ -148,96 +105,6 @@ static void prandom_warmup(struct rnd_st
prandom_u32_state(state);
}
-static u32 __extract_hwseed(void)
-{
- unsigned int val = 0;
-
- (void)(arch_get_random_seed_int(&val) ||
- arch_get_random_int(&val));
-
- return val;
-}
-
-static void prandom_seed_early(struct rnd_state *state, u32 seed,
- bool mix_with_hwseed)
-{
-#define LCG(x) ((x) * 69069U) /* super-duper LCG */
-#define HWSEED() (mix_with_hwseed ? __extract_hwseed() : 0)
- state->s1 = __seed(HWSEED() ^ LCG(seed), 2U);
- state->s2 = __seed(HWSEED() ^ LCG(state->s1), 8U);
- state->s3 = __seed(HWSEED() ^ LCG(state->s2), 16U);
- state->s4 = __seed(HWSEED() ^ LCG(state->s3), 128U);
-}
-
-/**
- * prandom_seed - add entropy to pseudo random number generator
- * @seed: seed value
- *
- * Add some additional seeding to the prandom pool.
- */
-void prandom_seed(u32 entropy)
-{
- int i;
- /*
- * No locking on the CPUs, but then somewhat random results are, well,
- * expected.
- */
- for_each_possible_cpu(i) {
- struct rnd_state *state = &per_cpu(net_rand_state, i);
-
- state->s1 = __seed(state->s1 ^ entropy, 2U);
- prandom_warmup(state);
- }
-}
-EXPORT_SYMBOL(prandom_seed);
-
-/*
- * Generate some initially weak seeding values to allow
- * to start the prandom_u32() engine.
- */
-static int __init prandom_init(void)
-{
- int i;
-
- prandom_state_selftest();
-
- for_each_possible_cpu(i) {
- struct rnd_state *state = &per_cpu(net_rand_state, i);
- u32 weak_seed = (i + jiffies) ^ random_get_entropy();
-
- prandom_seed_early(state, weak_seed, true);
- prandom_warmup(state);
- }
-
- return 0;
-}
-core_initcall(prandom_init);
-
-static void __prandom_timer(struct timer_list *unused);
-
-static DEFINE_TIMER(seed_timer, __prandom_timer);
-
-static void __prandom_timer(struct timer_list *unused)
-{
- u32 entropy;
- unsigned long expires;
-
- get_random_bytes(&entropy, sizeof(entropy));
- prandom_seed(entropy);
-
- /* reseed every ~60 seconds, in [40 .. 80) interval with slack */
- expires = 40 + prandom_u32_max(40);
- seed_timer.expires = jiffies + msecs_to_jiffies(expires * MSEC_PER_SEC);
-
- add_timer(&seed_timer);
-}
-
-static void __init __prandom_start_seed_timer(void)
-{
- seed_timer.expires = jiffies + msecs_to_jiffies(40 * MSEC_PER_SEC);
- add_timer(&seed_timer);
-}
-
void prandom_seed_full_state(struct rnd_state __percpu *pcpu_state)
{
int i;
@@ -257,51 +124,6 @@ void prandom_seed_full_state(struct rnd_
}
EXPORT_SYMBOL(prandom_seed_full_state);
-/*
- * Generate better values after random number generator
- * is fully initialized.
- */
-static void __prandom_reseed(bool late)
-{
- unsigned long flags;
- static bool latch = false;
- static DEFINE_SPINLOCK(lock);
-
- /* Asking for random bytes might result in bytes getting
- * moved into the nonblocking pool and thus marking it
- * as initialized. In this case we would double back into
- * this function and attempt to do a late reseed.
- * Ignore the pointless attempt to reseed again if we're
- * already waiting for bytes when the nonblocking pool
- * got initialized.
- */
-
- /* only allow initial seeding (late == false) once */
- if (!spin_trylock_irqsave(&lock, flags))
- return;
-
- if (latch && !late)
- goto out;
-
- latch = true;
- prandom_seed_full_state(&net_rand_state);
-out:
- spin_unlock_irqrestore(&lock, flags);
-}
-
-void prandom_reseed_late(void)
-{
- __prandom_reseed(true);
-}
-
-static int __init prandom_reseed(void)
-{
- __prandom_reseed(false);
- __prandom_start_seed_timer();
- return 0;
-}
-late_initcall(prandom_reseed);
-
#ifdef CONFIG_RANDOM32_SELFTEST
static struct prandom_test1 {
u32 seed;
@@ -421,7 +243,28 @@ static struct prandom_test2 {
{ 407983964U, 921U, 728767059U },
};
-static void __init prandom_state_selftest(void)
+static u32 __extract_hwseed(void)
+{
+ unsigned int val = 0;
+
+ (void)(arch_get_random_seed_int(&val) ||
+ arch_get_random_int(&val));
+
+ return val;
+}
+
+static void prandom_seed_early(struct rnd_state *state, u32 seed,
+ bool mix_with_hwseed)
+{
+#define LCG(x) ((x) * 69069U) /* super-duper LCG */
+#define HWSEED() (mix_with_hwseed ? __extract_hwseed() : 0)
+ state->s1 = __seed(HWSEED() ^ LCG(seed), 2U);
+ state->s2 = __seed(HWSEED() ^ LCG(state->s1), 8U);
+ state->s3 = __seed(HWSEED() ^ LCG(state->s2), 16U);
+ state->s4 = __seed(HWSEED() ^ LCG(state->s3), 128U);
+}
+
+static int __init prandom_state_selftest(void)
{
int i, j, errors = 0, runs = 0;
bool error = false;
@@ -461,5 +304,266 @@ static void __init prandom_state_selftes
pr_warn("prandom: %d/%d self tests failed\n", errors, runs);
else
pr_info("prandom: %d self tests passed\n", runs);
+ return 0;
+}
+core_initcall(prandom_state_selftest);
+#endif
+
+/*
+ * The prandom_u32() implementation is now completely separate from the
+ * prandom_state() functions, which are retained (for now) for compatibility.
+ *
+ * Because of (ab)use in the networking code for choosing random TCP/UDP port
+ * numbers, which open DoS possibilities if guessable, we want something
+ * stronger than a standard PRNG. But the performance requirements of
+ * the network code do not allow robust crypto for this application.
+ *
+ * So this is a homebrew Junior Spaceman implementation, based on the
+ * lowest-latency trustworthy crypto primitive available, SipHash.
+ * (The authors of SipHash have not been consulted about this abuse of
+ * their work.)
+ *
+ * Standard SipHash-2-4 uses 2n+4 rounds to hash n words of input to
+ * one word of output. This abbreviated version uses 2 rounds per word
+ * of output.
+ */
+
+struct siprand_state {
+ unsigned long v0;
+ unsigned long v1;
+ unsigned long v2;
+ unsigned long v3;
+};
+
+static DEFINE_PER_CPU(struct siprand_state, net_rand_state) __latent_entropy;
+
+/*
+ * This is the core CPRNG function. As "pseudorandom", this is not used
+ * for truly valuable things, just intended to be a PITA to guess.
+ * For maximum speed, we do just two SipHash rounds per word. This is
+ * the same rate as 4 rounds per 64 bits that SipHash normally uses,
+ * so hopefully it's reasonably secure.
+ *
+ * There are two changes from the official SipHash finalization:
+ * - We omit some constants XORed with v2 in the SipHash spec as irrelevant;
+ * they are there only to make the output rounds distinct from the input
+ * rounds, and this application has no input rounds.
+ * - Rather than returning v0^v1^v2^v3, return v1+v3.
+ * If you look at the SipHash round, the last operation on v3 is
+ * "v3 ^= v0", so "v0 ^ v3" just undoes that, a waste of time.
+ * Likewise "v1 ^= v2". (The rotate of v2 makes a difference, but
+ * it still cancels out half of the bits in v2 for no benefit.)
+ * Second, since the last combining operation was xor, continue the
+ * pattern of alternating xor/add for a tiny bit of extra non-linearity.
+ */
+static inline u32 siprand_u32(struct siprand_state *s)
+{
+ unsigned long v0 = s->v0, v1 = s->v1, v2 = s->v2, v3 = s->v3;
+
+ PRND_SIPROUND(v0, v1, v2, v3);
+ PRND_SIPROUND(v0, v1, v2, v3);
+ s->v0 = v0; s->v1 = v1; s->v2 = v2; s->v3 = v3;
+ return v1 + v3;
+}
+
+
+/**
+ * prandom_u32 - pseudo random number generator
+ *
+ * A 32 bit pseudo-random number is generated using a fast
+ * algorithm suitable for simulation. This algorithm is NOT
+ * considered safe for cryptographic use.
+ */
+u32 prandom_u32(void)
+{
+ struct siprand_state *state = get_cpu_ptr(&net_rand_state);
+ u32 res = siprand_u32(state);
+
+ put_cpu_ptr(&net_rand_state);
+ return res;
+}
+EXPORT_SYMBOL(prandom_u32);
+
+/**
+ * prandom_bytes - get the requested number of pseudo-random bytes
+ * @buf: where to copy the pseudo-random bytes to
+ * @bytes: the requested number of bytes
+ */
+void prandom_bytes(void *buf, size_t bytes)
+{
+ struct siprand_state *state = get_cpu_ptr(&net_rand_state);
+ u8 *ptr = buf;
+
+ while (bytes >= sizeof(u32)) {
+ put_unaligned(siprand_u32(state), (u32 *)ptr);
+ ptr += sizeof(u32);
+ bytes -= sizeof(u32);
+ }
+
+ if (bytes > 0) {
+ u32 rem = siprand_u32(state);
+
+ do {
+ *ptr++ = (u8)rem;
+ rem >>= BITS_PER_BYTE;
+ } while (--bytes > 0);
+ }
+ put_cpu_ptr(&net_rand_state);
}
+EXPORT_SYMBOL(prandom_bytes);
+
+/**
+ * prandom_seed - add entropy to pseudo random number generator
+ * @entropy: entropy value
+ *
+ * Add some additional seed material to the prandom pool.
+ * The "entropy" is actually our IP address (the only caller is
+ * the network code), not for unpredictability, but to ensure that
+ * different machines are initialized differently.
+ */
+void prandom_seed(u32 entropy)
+{
+ int i;
+
+ add_device_randomness(&entropy, sizeof(entropy));
+
+ for_each_possible_cpu(i) {
+ struct siprand_state *state = per_cpu_ptr(&net_rand_state, i);
+ unsigned long v0 = state->v0, v1 = state->v1;
+ unsigned long v2 = state->v2, v3 = state->v3;
+
+ do {
+ v3 ^= entropy;
+ PRND_SIPROUND(v0, v1, v2, v3);
+ PRND_SIPROUND(v0, v1, v2, v3);
+ v0 ^= entropy;
+ } while (unlikely(!v0 || !v1 || !v2 || !v3));
+
+ WRITE_ONCE(state->v0, v0);
+ WRITE_ONCE(state->v1, v1);
+ WRITE_ONCE(state->v2, v2);
+ WRITE_ONCE(state->v3, v3);
+ }
+}
+EXPORT_SYMBOL(prandom_seed);
+
+/*
+ * Generate some initially weak seeding values to allow
+ * the prandom_u32() engine to be started.
+ */
+static int __init prandom_init_early(void)
+{
+ int i;
+ unsigned long v0, v1, v2, v3;
+
+ if (!arch_get_random_long(&v0))
+ v0 = jiffies;
+ if (!arch_get_random_long(&v1))
+ v1 = random_get_entropy();
+ v2 = v0 ^ PRND_K0;
+ v3 = v1 ^ PRND_K1;
+
+ for_each_possible_cpu(i) {
+ struct siprand_state *state;
+
+ v3 ^= i;
+ PRND_SIPROUND(v0, v1, v2, v3);
+ PRND_SIPROUND(v0, v1, v2, v3);
+ v0 ^= i;
+
+ state = per_cpu_ptr(&net_rand_state, i);
+ state->v0 = v0; state->v1 = v1;
+ state->v2 = v2; state->v3 = v3;
+ }
+
+ return 0;
+}
+core_initcall(prandom_init_early);
+
+
+/* Stronger reseeding when available, and periodically thereafter. */
+static void prandom_reseed(struct timer_list *unused);
+
+static DEFINE_TIMER(seed_timer, prandom_reseed);
+
+static void prandom_reseed(struct timer_list *unused)
+{
+ unsigned long expires;
+ int i;
+
+ /*
+ * Reinitialize each CPU's PRNG with 128 bits of key.
+ * No locking on the CPUs, but then somewhat random results are,
+ * well, expected.
+ */
+ for_each_possible_cpu(i) {
+ struct siprand_state *state;
+ unsigned long v0 = get_random_long(), v2 = v0 ^ PRND_K0;
+ unsigned long v1 = get_random_long(), v3 = v1 ^ PRND_K1;
+#if BITS_PER_LONG == 32
+ int j;
+
+ /*
+ * On 32-bit machines, hash in two extra words to
+ * approximate 128-bit key length. Not that the hash
+ * has that much security, but this prevents a trivial
+ * 64-bit brute force.
+ */
+ for (j = 0; j < 2; j++) {
+ unsigned long m = get_random_long();
+
+ v3 ^= m;
+ PRND_SIPROUND(v0, v1, v2, v3);
+ PRND_SIPROUND(v0, v1, v2, v3);
+ v0 ^= m;
+ }
#endif
+ /*
+ * Probably impossible in practice, but there is a
+ * theoretical risk that a race between this reseeding
+ * and the target CPU writing its state back could
+ * create the all-zero SipHash fixed point.
+ *
+ * To ensure that never happens, ensure the state
+ * we write contains no zero words.
+ */
+ state = per_cpu_ptr(&net_rand_state, i);
+ WRITE_ONCE(state->v0, v0 ? v0 : -1ul);
+ WRITE_ONCE(state->v1, v1 ? v1 : -1ul);
+ WRITE_ONCE(state->v2, v2 ? v2 : -1ul);
+ WRITE_ONCE(state->v3, v3 ? v3 : -1ul);
+ }
+
+ /* reseed every ~60 seconds, in [40 .. 80) interval with slack */
+ expires = round_jiffies(jiffies + 40 * HZ + prandom_u32_max(40 * HZ));
+ mod_timer(&seed_timer, expires);
+}
+
+/*
+ * The random ready callback can be called from almost any interrupt.
+ * To avoid worrying about whether it's safe to delay that interrupt
+ * long enough to seed all CPUs, just schedule an immediate timer event.
+ */
+static void prandom_timer_start(struct random_ready_callback *unused)
+{
+ mod_timer(&seed_timer, jiffies);
+}
+
+/*
+ * Start periodic full reseeding as soon as strong
+ * random numbers are available.
+ */
+static int __init prandom_init_late(void)
+{
+ static struct random_ready_callback random_ready = {
+ .func = prandom_timer_start
+ };
+ int ret = add_random_ready_callback(&random_ready);
+
+ if (ret == -EALREADY) {
+ prandom_timer_start(&random_ready);
+ ret = 0;
+ }
+ return ret;
+}
+late_initcall(prandom_init_late);
next prev parent reply other threads:[~2020-11-17 13:57 UTC|newest]
Thread overview: 109+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-17 13:04 [PATCH 4.19 000/101] 4.19.158-rc1 review Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 001/101] regulator: defer probe when trying to get voltage from unresolved supply Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 002/101] time: Prevent undefined behaviour in timespec64_to_ns() Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 003/101] nbd: dont update block size after device is started Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 004/101] usb: dwc3: gadget: Continue to process pending requests Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 005/101] usb: dwc3: gadget: Reclaim extra TRBs after request completion Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 006/101] btrfs: sysfs: init devices outside of the chunk_mutex Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 007/101] btrfs: reschedule when cloning lots of extents Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 008/101] genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 009/101] hv_balloon: disable warning when floor reached Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 010/101] net: xfrm: fix a race condition during allocing spi Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 011/101] xfs: set xefi_discard when creating a deferred agfl free log intent item Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 012/101] netfilter: ipset: Update byte and packet counters regardless of whether they match Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 013/101] perf tools: Add missing swap for ino_generation Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 014/101] ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 015/101] can: rx-offload: dont call kfree_skb() from IRQ context Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 016/101] can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard " Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 017/101] can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 018/101] can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 019/101] can: peak_usb: add range checking in decode operations Greg Kroah-Hartman
2020-11-18 22:05 ` Pavel Machek
2020-11-17 13:04 ` [PATCH 4.19 020/101] can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 021/101] can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 022/101] can: flexcan: remove FLEXCAN_QUIRK_DISABLE_MECR quirk for LS1021A Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 023/101] xfs: flush new eof page on truncate to avoid post-eof corruption Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 024/101] xfs: fix scrub flagging rtinherit even if there is no rt device Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 025/101] tpm: efi: Dont create binary_bios_measurements file for an empty log Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 026/101] Btrfs: fix missing error return if writeback for extent buffer never started Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 027/101] ath9k_htc: Use appropriate rs_datalen type Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 028/101] netfilter: use actual socket sk rather than skb sk when routing harder Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 029/101] crypto: arm64/aes-modes - get rid of literal load of addend vector Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 030/101] usb: gadget: goku_udc: fix potential crashes in probe Greg Kroah-Hartman
2020-11-17 13:04 ` [PATCH 4.19 031/101] ALSA: hda: Reinstate runtime_allow() for all hda controllers Greg Kroah-Hartman
2020-11-18 10:43 ` Pavel Machek
2020-11-18 13:40 ` Sasha Levin
2020-11-17 13:04 ` [PATCH 4.19 032/101] gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 033/101] gfs2: Add missing truncate_inode_pages_final for sd_aspace Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 034/101] gfs2: check for live vs. read-only file system in gfs2_fitrim Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 035/101] scsi: hpsa: Fix memory leak in hpsa_init_one() Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 036/101] drm/amdgpu: perform srbm soft reset always on SDMA resume Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 037/101] drm/amd/pm: perform SMC reset on suspend/hibernation Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 038/101] drm/amd/pm: do not use ixFEATURE_STATUS for checking smc running Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 039/101] mac80211: fix use of skb payload instead of header Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 040/101] mac80211: always wind down STA state Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 041/101] cfg80211: regulatory: Fix inconsistent format argument Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 042/101] scsi: scsi_dh_alua: Avoid crash during alua_bus_detach() Greg Kroah-Hartman
2020-11-18 22:17 ` Pavel Machek
2020-11-17 13:05 ` [PATCH 4.19 043/101] iommu/amd: Increase interrupt remapping table limit to 512 entries Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 044/101] s390/smp: move rcu_cpu_starting() earlier Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 045/101] vfio: platform: fix reference leak in vfio_platform_open Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 046/101] selftests: proc: fix warning: _GNU_SOURCE redefined Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 047/101] tpm_tis: Disable interrupts on ThinkPad T490s Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 048/101] tick/common: Touch watchdog in tick_unfreeze() on all CPUs Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 049/101] mfd: sprd: Add wakeup capability for PMIC IRQ Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 050/101] pinctrl: intel: Set default bias in case no particular value given Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 051/101] ARM: 9019/1: kprobes: Avoid fortify_panic() when copying optprobe template Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 052/101] pinctrl: aspeed: Fix GPI only function problem Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 053/101] nbd: fix a block_device refcount leak in nbd_release Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 054/101] xfs: fix flags argument to rmap lookup when converting shared file rmaps Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 055/101] xfs: set the unwritten bit in rmap lookup flags in xchk_bmap_get_rmapextents Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 056/101] xfs: fix rmap key and record comparison functions Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 057/101] xfs: fix brainos in the refcount scrubbers rmap fragment processor Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 058/101] lan743x: fix "BUG: invalid wait context" when setting rx mode Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 059/101] xfs: fix a missing unlock on error in xfs_fs_map_blocks Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 060/101] of/address: Fix of_node memory leak in of_dma_is_coherent Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 061/101] cosa: Add missing kfree in error path of cosa_write Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 062/101] perf: Fix get_recursion_context() Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 063/101] ext4: correctly report "not supported" for {usr,grp}jquota when !CONFIG_QUOTA Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 064/101] ext4: unlock xattr_sem properly in ext4_inline_data_truncate() Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 065/101] btrfs: ref-verify: fix memory leak in btrfs_ref_tree_mod Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 066/101] btrfs: dev-replace: fail mount if we dont have replace item with target device Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 067/101] thunderbolt: Fix memory leak if ida_simple_get() fails in enumerate_services() Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 068/101] thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 069/101] uio: Fix use-after-free in uio_unregister_device() Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 070/101] usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 071/101] xhci: hisilicon: fix refercence leak in xhci_histb_probe Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 072/101] mei: protect mei_cl_mtu from null dereference Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 073/101] futex: Dont enable IRQs unconditionally in put_pi_state() Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 074/101] ocfs2: initialize ip_next_orphan Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 075/101] btrfs: fix potential overflow in cluster_pages_for_defrag on 32bit arch Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 076/101] selinux: Fix error return code in sel_ib_pkey_sid_slow() Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 077/101] gpio: pcie-idio-24: Fix irq mask when masking Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 078/101] gpio: pcie-idio-24: Fix IRQ Enable Register value Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 079/101] gpio: pcie-idio-24: Enable PEX8311 interrupts Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 080/101] mmc: renesas_sdhi_core: Add missing tmio_mmc_host_free() at remove Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 081/101] dont dump the threads that had been already exiting when zapped Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 082/101] drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[] Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 083/101] pinctrl: amd: use higher precision for 512 RtcClk Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 084/101] pinctrl: amd: fix incorrect way to disable debounce filter Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 085/101] erofs: derive atime instead of leaving it empty Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 086/101] swiotlb: fix "x86: Dont panic if can not alloc buffer for swiotlb" Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 087/101] IPv6: Set SIT tunnel hard_header_len to zero Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 088/101] net/af_iucv: fix null pointer dereference on shutdown Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 089/101] net: Update window_clamp if SOCK_RCVBUF is set Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 090/101] net/x25: Fix null-ptr-deref in x25_connect Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 091/101] tipc: fix memory leak in tipc_topsrv_start() Greg Kroah-Hartman
2020-11-17 13:05 ` [PATCH 4.19 092/101] vrf: Fix fast path output packet handling with async Netfilter rules Greg Kroah-Hartman
2020-11-17 13:06 ` [PATCH 4.19 093/101] r8169: fix potential skb double free in an error path Greg Kroah-Hartman
2020-11-17 13:06 ` Greg Kroah-Hartman [this message]
2020-11-17 13:06 ` [PATCH 4.19 095/101] x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP Greg Kroah-Hartman
2020-11-17 13:06 ` [PATCH 4.19 096/101] perf scripting python: Avoid declaring function pointers with a visibility attribute Greg Kroah-Hartman
2020-11-17 13:06 ` [PATCH 4.19 097/101] perf/core: Fix race in the perf_mmap_close() function Greg Kroah-Hartman
2020-11-17 13:06 ` [PATCH 4.19 098/101] Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint" Greg Kroah-Hartman
2020-11-17 13:06 ` [PATCH 4.19 099/101] reboot: fix overflow parsing reboot cpu number Greg Kroah-Hartman
2020-11-17 13:06 ` [PATCH 4.19 100/101] net: sch_generic: fix the missing new qdisc assignment bug Greg Kroah-Hartman
2020-11-17 13:06 ` [PATCH 4.19 101/101] Convert trailing spaces and periods in path components Greg Kroah-Hartman
2020-11-17 22:05 ` [PATCH 4.19 000/101] 4.19.158-rc1 review Shuah Khan
2020-11-18 7:57 ` Naresh Kamboju
2020-11-18 15:23 ` Guenter Roeck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201117122117.715769467@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=Jason@zx2c4.com \
--cc=aksecurity@gmail.com \
--cc=edumazet@google.com \
--cc=fw@strlen.de \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lkml.mplumb@gmail.com \
--cc=lkml@sdf.org \
--cc=luto@kernel.org \
--cc=peterz@infradead.org \
--cc=stable@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=tytso@mit.edu \
--cc=w@1wt.eu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).