When debugfs_create_ulong() was added, it was not documented.
Fixes: c23fe83138 ("debugfs: Add debugfs_create_ulong()")
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Acked-by: Viresh Kumar <viresh.kumar@linaro.org>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Commit f7bc6e42bf ("drivers: remove the SGI SN2 IOC4 base support")
removed support for SGI SN2 IOC4 and the relevant documentation files.
Remove a leftover reference in the toctree of the driver-api
documentation to fix this sphinx error:
Documentation/driver-api/index.rst:14: WARNING: toctree contains
reference to nonexisting document 'driver-api/sgi-ioc4'
Fixes: f7bc6e42bf ("drivers: remove the SGI SN2 IOC4 base support")
Signed-off-by: Harald Seiler <hws@denx.de>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
As of 5.3, the automarkup extension will do the right thing with function()
notation, so we don't need to clutter the text with :c:func: invocations.
So remove them.
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Previous docs mentioned 11 unsigned long fields, when the reality is that
we have 15 fields with a mix of unsigned long and unsigned int.
Signed-off-by: Albert Vaca Cintora <albertvaka@gmail.com>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
ReST directives are introduced with two dots.
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
ReST directives are introduced with two dots.
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
- Mention the driver name, which is also used in sysfs (dell_rbu)
- Rewrite the title to be more concise
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
This document describes how an admin can use the dell_rbu driver, rather
than any in-kernel API details.
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Acked-by: Andy Shevchenko <andy.shevchenko@gmail.com>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Since the "unordered guides" linked in admin-guide/index.rst are not
supposed to be in any particular order, let's sort them alphabetically
to avoid the risk of merge conflicts by spreading newly added lines more
evenly.
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Add SD-FEC driver documentation.
Signed-off-by: Derek Kiernan <derek.kiernan@xilinx.com>
Signed-off-by: Dragan Cvetic <dragan.cvetic@xilinx.com>
Link: https://lore.kernel.org/r/1560274185-264438-11-git-send-email-dragan.cvetic@xilinx.com
[kees: extracted from v7 as it was missing in the commit for v8]
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
It appears that some smart quotes were changed to "???" by even smarter
software; change them to the dumb but legible variety.
Signed-off-by: Christian Kujau <lists@nerdbynature.de>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Convert the dm-dust documentation to ReST formatting, using literal
blocks for all of the shell command, shell output, and log output
examples.
Add dm-dust to index.rst.
Additionally, fix an annotation in the "querying for specific bad
blocks" section, on the "queryblock ... not found in badblocklist"
example, to properly state that the message appears when a given
block is not found.
Signed-off-by: Bryan Gurney <bgurney@redhat.com>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
The printk_ratelimit value accepts seconds, not jiffies (though it is
converted into jiffies internally). Update documentation to reflect
this.
Also, remove the statement about allowing 1 message in 5 seconds since
bursts up to 10 messages are allowed by default.
Finally, while we are here, mention default value for
printk_ratelimit_burst too.
Signed-off-by: Oleksandr Natalenko <oleksandr@redhat.com>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
It's not about times (multiple occurences of an event) but about the
duration of a time interval.
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
This fixes the following Sphinx warning:
Documentation/networking/devlink-trap.rst:175: WARNING: unknown document: /devlink-trap-netdevsim
Fixes: 9e08745704 ("Documentation: Add description of netdevsim traps")
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Those files got renamed, but another DT file still points to the older
places.
Fixes: 87a55485f2 ("dt-bindings: phy: meson-g12a-usb3-pcie-phy: convert to yaml")
Fixes: da86d286cc ("dt-bindings: phy: meson-g12a-usb2-phy: convert to yaml")
Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung@kernel.org>
Acked-by: Rob Herring <robh@kernel.org>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
There are a number of documentation files that got moved or
renamed. update their references.
Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung@kernel.org>
Acked-by: Shannon Nelson <snelson@pensando.io>
Acked-by: Guenter Roeck <linux@roeck-us.net>
Acked-by: Rob Herring <robh@kernel.org>
Acked-by: Paul Walmsley <paul.walmsley@sifive.com> # RISC-V
Acked-by: Bartosz Golaszewski <bgolaszewski@baylibre.com>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Kernels booting on RISC-V can specify "earlycon" with no options on
the Linux command line, and the generic DT earlycon support will query
the "chosen/stdout-path" property (if present) to determine which
early console device to use. Document this appropriately in the
admin-guide.
Signed-off-by: Paul Walmsley <paul.walmsley@sifive.com>
Reviewed-by: Geert Uytterhoeven <geert+renesas@glider.be>
Cc: Christoph Hellwig <hch@lst.de>
Cc: Andreas Schwab <schwab@suse.de>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
As of 5.3, the automarkup extension will do the right thing with function()
notation, so we don't need to clutter the text with :c:func: invocations.
So remove them.
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
This is strictly user-space material at this point, so put it with the
other user-space API documentation.
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
This is overall information for kernel developers, and not part of the
user-space API.
Cc: Daniel Vetter <daniel@ffwll.ch>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Commit 9fc3a18a94 ("docs: remove extra conf.py files") broke the setting
of _SPHINXDIRS in Documentation/Makefile. Let's just have it look for an
index.rst file instead.
Fixes: 9fc3a18a94 ("docs: remove extra conf.py files")
Reported-by: Randy Dunlap <rdunlap@infradead.org>
Tested-by: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
drivers/dma_buf/reservation.c was renamed to dma-resv.c (and
include/linux/reservation.h to dma-resv.h), but the documentation was not
updated to match, leading to these build errors:
Error: Cannot open file ./drivers/dma-buf/reservation.c
Error: Cannot open file ./drivers/dma-buf/reservation.c
Error: Cannot open file ./drivers/dma-buf/reservation.c
Error: Cannot open file ./include/linux/reservation.h
Error: Cannot open file ./include/linux/reservation.h
Update the documentation and make the world happy again.
Fixes: 52791eeec1 ("dma-buf: rename reservation_object to dma_resv')
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Commit 795ee30648 ("lib/genalloc: introduce chunk owners") made a number
of changes to the genalloc API and implementation but did not update the
documentation to match, leading to these docs build warnings:
./lib/genalloc.c:1: warning: 'gen_pool_add_virt' not found
./lib/genalloc.c:1: warning: 'gen_pool_alloc' not found
./lib/genalloc.c:1: warning: 'gen_pool_free' not found
./lib/genalloc.c:1: warning: 'gen_pool_alloc_algo' not found
Fix these by updating the docs to match new function locations and names,
and by completing the update of one kerneldoc comment.
Fixes: 795ee30648 ("lib/genalloc: introduce chunk owners")
Acked-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Commit 050a9adc64 ("mm: consolidate the get_user_pages* implementations")
moved get_user_pages_fast() from mm/util.c to mm/gup.c, but didn't update
the documentation, leading to this build warning:
./mm/util.c:1: warning: 'get_user_pages_fast' not found
Update the docs to match the new reality.
Fixes: 050a9adc64 ("mm: consolidate the get_user_pages* implementations")
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
As of 5.3, the automarkup extension will do the right thing with function()
notation, so we don't need to clutter the text with :c:func: invocations.
So remove them.
Looking at the generated output reveals that we lack kerneldoc coverage for
much of this API, but that's a separate problem.
Acked-by: Paul E. McKenney <paulmck@kernel.org>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Correct the sequence of the magic number 2 since it's little endian.
Signed-off-by: Chester Lin <clin@suse.com>
Reviewed-by: Paul Walmsley <paul.walmsley@sifive.com>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
These asterisks were once references to a line that said:
"* Other names and brands may be claimed as the property of others."
But now, they serve no purpose; they can only irritate the reader.
Fixes: f12a84a9f6 ("Documentation: fm10k: Add kernel documentation")
Fixes: 1e06edcc2f ("Documentation: i40e: Prepare documentation for RST conversion")
Fixes: 1fae869bcf ("Documentation: ice: Prepare documentation for RST conversion")
Fixes: df69ba4321 ("ionic: Add basic framework for IONIC Network device driver")
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Acked-by: Shannon Nelson <snelson@pensando.io>
Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
This fixes the following Sphinx warning:
Documentation/translations/it_IT/process/maintainer-pgp-guide.rst:458:
WARNING: Unknown target name: "nitrokey pro".
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
In order to have the MAINTAINERS file visible in the rendered ReST
output, this makes some small changes to the existing MAINTAINERS file
to allow for better machine processing, and adds a new Sphinx directive
"maintainers-include" to perform the rendering.
Features include:
- Per-subsystem reference links: subsystem maintainer entries can be
trivially linked to both internally and external. For example:
https://www.kernel.org/doc/html/latest/process/maintainers.html#secure-computing
- Internally referenced .rst files are linked so they can be followed
when browsing the resulting rendering. This allows, for example, the
future addition of maintainer profiles to be automatically linked.
- Field name expansion: instead of the short fields (e.g. "M", "F",
"K"), use the indicated inline "full names" for the fields (which are
marked with "*"s in MAINTAINERS) so that a rendered subsystem entry
is more human readable. Email lists are additionally comma-separated.
For example:
SECURE COMPUTING
Mail: Kees Cook <keescook@chromium.org>
Reviewer: Andy Lutomirski <luto@amacapital.net>,
Will Drewry <wad@chromium.org>
SCM: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git seccomp
Status: Supported
Files: kernel/seccomp.c include/uapi/linux/seccomp.h
include/linux/seccomp.h tools/testing/selftests/seccomp/*
tools/testing/selftests/kselftest_harness.h
userspace-api/seccomp_filter
Content regex: \bsecure_computing \bTIF_SECCOMP\b
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Right now any ":Field Name: Field Contents" lines end up with significant
padding due to CSS from the "table" CSS which rightly needs padding to
make tables readable. However, field lists don't need this as they tend
to be stacked together. The future heavy use of fields in the parsed
MAINTAINERS file needs this cleaned up, and existing users look better
too. Note the needless white space (and misalignment of name/contents)
between "Date" and "Author":
https://www.kernel.org/doc/html/latest/accounting/psi.html
This patch fixes this by lowering the padding with a more specific CSS.
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Don't try to extract comments from that file, since there are none to be
had and, seemingly, never have been.
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
The earlycon options without arguments is supposed to work on all
device tree platforms, not just arm64.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Sphinx is currently outputting a warning where
the file 'imx-ddr.rst' is not included in the
documentation index. Additionally, the code
highlighting and doc formatting can be slightly
improved.
Signed-off-by: Adam Zerella <adam.zerella@gmail.com>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
The current cgroup-v2.rst file contains an incorrect description of when
memory is reclaimed from a cgroup that is using the 'memory.low'
mechanism. This fix simply corrects the text to reflect the actual
implementation.
Fixes: 7854207fe9 ("mm/docs: describe memory.low refinements")
Signed-off-by: Jon Haslam <jonhaslam@fb.com>
Acked-by: Roman Gushchin <guro@fb.com>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Commit c566586818 ("mm: kmemleak: use the memory pool for early
allocations") renamed CONFIG_DEBUG_KMEMLEAK_EARLY_LOG_SIZE to
CONFIG_DEBUG_KMEMLEAK_MEM_POOL_SIZE. Update the documentation reference
to reflect that.
Fixes: c566586818 ("mm: kmemleak: use the memory pool for early allocations")
Signed-off-by: Jeremy Cline <jcline@redhat.com>
Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
The reStructuredText syntax is wrong here; not sure how it was
intended but we can just use the section header as an implicit
hyperlink target, with a single "outward" underscore.
Signed-off-by: Brendan Jackman <bhenryj0117@gmail.com>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
While sphinx 1.7 and later supports "-jauto" for parallelism, this
effectively ignores the "-j" flag used in the "make" invocation, which
may cause confusion for build systems. Instead, extract the available
parallelism from "make"'s job server (since it is not exposed in any
special variables) and use that for the "sphinx-build" run. Now things
work correctly for builds where -j is specified at the top-level:
make -j16 htmldocs
If -j is not specified, continue to fallback to "-jauto" if available.
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Here are 2 small Documentation/process/embargoed-hardware-issues.rst
file updates that missed my previous char/misc pull request for 5.4-rc1.
The first one adds an Intel representative for the process, and the
second one cleans up the text a bit more when it comes to how the
disclosure rules work, as it was a bit confusing to some companies.
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCXZCMVg8cZ3JlZ0Brcm9h
aC5jb20ACgkQMUfUDdst+ymk1QCfarO6D7Wj/eg/BPSSkP/dgaLMog8AoLBJiBmz
2ErEIjIqV0J/e3QYud8G
=qUtH
-----END PGP SIGNATURE-----
Merge tag 'char-misc-5.4-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc
Pull Documentation/process update from Greg KH:
"Here are two small Documentation/process/embargoed-hardware-issues.rst
file updates that missed my previous char/misc pull request.
The first one adds an Intel representative for the process, and the
second one cleans up the text a bit more when it comes to how the
disclosure rules work, as it was a bit confusing to some companies"
* tag 'char-misc-5.4-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc:
Documentation/process: Clarify disclosure rules
Documentation/process: Volunteer as the ambassador for Intel
The role of the contact list provided by the disclosing party and how it
affects the disclosure process and the ability to include experts into
the development process is not really well explained.
Neither is it entirely clear when the disclosing party will be informed
about the fact that a developer who is not covered by an employer NDA needs
to be brought in and disclosed.
Explain the role of the contact list and the information policy along with
an eventual conflict resolution better.
Reported-by: Dave Hansen <dave.hansen@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Dave Hansen <dave.hansen@linux.intel.com>
Link: https://lore.kernel.org/r/alpine.DEB.2.21.1909251028390.10825@nanos.tec.linutronix.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Pull networking fixes from David Miller:
1) Sanity check URB networking device parameters to avoid divide by
zero, from Oliver Neukum.
2) Disable global multicast filter in NCSI, otherwise LLDP and IPV6
don't work properly. Longer term this needs a better fix tho. From
Vijay Khemka.
3) Small fixes to selftests (use ping when ping6 is not present, etc.)
from David Ahern.
4) Bring back rt_uses_gateway member of struct rtable, it's semantics
were not well understood and trying to remove it broke things. From
David Ahern.
5) Move usbnet snaity checking, ignore endpoints with invalid
wMaxPacketSize. From Bjørn Mork.
6) Missing Kconfig deps for sja1105 driver, from Mao Wenan.
7) Various small fixes to the mlx5 DR steering code, from Alaa Hleihel,
Alex Vesker, and Yevgeny Kliteynik
8) Missing CAP_NET_RAW checks in various places, from Ori Nimron.
9) Fix crash when removing sch_cbs entry while offloading is enabled,
from Vinicius Costa Gomes.
10) Signedness bug fixes, generally in looking at the result given by
of_get_phy_mode() and friends. From Dan Crapenter.
11) Disable preemption around BPF_PROG_RUN() calls, from Eric Dumazet.
12) Don't create VRF ipv6 rules if ipv6 is disabled, from David Ahern.
13) Fix quantization code in tcp_bbr, from Kevin Yang.
* git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (127 commits)
net: tap: clean up an indentation issue
nfp: abm: fix memory leak in nfp_abm_u32_knode_replace
tcp: better handle TCP_USER_TIMEOUT in SYN_SENT state
sk_buff: drop all skb extensions on free and skb scrubbing
tcp_bbr: fix quantization code to not raise cwnd if not probing bandwidth
mlxsw: spectrum_flower: Fail in case user specifies multiple mirror actions
Documentation: Clarify trap's description
mlxsw: spectrum: Clear VLAN filters during port initialization
net: ena: clean up indentation issue
NFC: st95hf: clean up indentation issue
net: phy: micrel: add Asym Pause workaround for KSZ9021
net: socionext: ave: Avoid using netdev_err() before calling register_netdev()
ptp: correctly disable flags on old ioctls
lib: dimlib: fix help text typos
net: dsa: microchip: Always set regmap stride to 1
nfp: flower: fix memory leak in nfp_flower_spawn_vnic_reprs
nfp: flower: prevent memory leak in nfp_flower_spawn_phy_reprs
net/sched: Set default of CONFIG_NET_TC_SKB_EXT to N
vrf: Do not attempt to create IPv6 mcast rule if IPv6 is disabled
net: sched: sch_sfb: don't call qdisc_put() while holding tree lock
...
Pull kernel lockdown mode from James Morris:
"This is the latest iteration of the kernel lockdown patchset, from
Matthew Garrett, David Howells and others.
From the original description:
This patchset introduces an optional kernel lockdown feature,
intended to strengthen the boundary between UID 0 and the kernel.
When enabled, various pieces of kernel functionality are restricted.
Applications that rely on low-level access to either hardware or the
kernel may cease working as a result - therefore this should not be
enabled without appropriate evaluation beforehand.
The majority of mainstream distributions have been carrying variants
of this patchset for many years now, so there's value in providing a
doesn't meet every distribution requirement, but gets us much closer
to not requiring external patches.
There are two major changes since this was last proposed for mainline:
- Separating lockdown from EFI secure boot. Background discussion is
covered here: https://lwn.net/Articles/751061/
- Implementation as an LSM, with a default stackable lockdown LSM
module. This allows the lockdown feature to be policy-driven,
rather than encoding an implicit policy within the mechanism.
The new locked_down LSM hook is provided to allow LSMs to make a
policy decision around whether kernel functionality that would allow
tampering with or examining the runtime state of the kernel should be
permitted.
The included lockdown LSM provides an implementation with a simple
policy intended for general purpose use. This policy provides a coarse
level of granularity, controllable via the kernel command line:
lockdown={integrity|confidentiality}
Enable the kernel lockdown feature. If set to integrity, kernel features
that allow userland to modify the running kernel are disabled. If set to
confidentiality, kernel features that allow userland to extract
confidential information from the kernel are also disabled.
This may also be controlled via /sys/kernel/security/lockdown and
overriden by kernel configuration.
New or existing LSMs may implement finer-grained controls of the
lockdown features. Refer to the lockdown_reason documentation in
include/linux/security.h for details.
The lockdown feature has had signficant design feedback and review
across many subsystems. This code has been in linux-next for some
weeks, with a few fixes applied along the way.
Stephen Rothwell noted that commit 9d1f8be5cf ("bpf: Restrict bpf
when kernel lockdown is in confidentiality mode") is missing a
Signed-off-by from its author. Matthew responded that he is providing
this under category (c) of the DCO"
* 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (31 commits)
kexec: Fix file verification on S390
security: constify some arrays in lockdown LSM
lockdown: Print current->comm in restriction messages
efi: Restrict efivar_ssdt_load when the kernel is locked down
tracefs: Restrict tracefs when the kernel is locked down
debugfs: Restrict debugfs when the kernel is locked down
kexec: Allow kexec_file() with appropriate IMA policy when locked down
lockdown: Lock down perf when in confidentiality mode
bpf: Restrict bpf when kernel lockdown is in confidentiality mode
lockdown: Lock down tracing and perf kprobes when in confidentiality mode
lockdown: Lock down /proc/kcore
x86/mmiotrace: Lock down the testmmiotrace module
lockdown: Lock down module params that specify hardware parameters (eg. ioport)
lockdown: Lock down TIOCSSERIAL
lockdown: Prohibit PCMCIA CIS storage when the kernel is locked down
acpi: Disable ACPI table override if the kernel is locked down
acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down
ACPI: Limit access to custom_method when the kernel is locked down
x86/msr: Restrict MSR access when the kernel is locked down
x86: Lock down IO port access when the kernel is locked down
...
Pull integrity updates from Mimi Zohar:
"The major feature in this time is IMA support for measuring and
appraising appended file signatures. In addition are a couple of bug
fixes and code cleanup to use struct_size().
In addition to the PE/COFF and IMA xattr signatures, the kexec kernel
image may be signed with an appended signature, using the same
scripts/sign-file tool that is used to sign kernel modules.
Similarly, the initramfs may contain an appended signature.
This contained a lot of refactoring of the existing appended signature
verification code, so that IMA could retain the existing framework of
calculating the file hash once, storing it in the IMA measurement list
and extending the TPM, verifying the file's integrity based on a file
hash or signature (eg. xattrs), and adding an audit record containing
the file hash, all based on policy. (The IMA support for appended
signatures patch set was posted and reviewed 11 times.)
The support for appended signature paves the way for adding other
signature verification methods, such as fs-verity, based on a single
system-wide policy. The file hash used for verifying the signature and
the signature, itself, can be included in the IMA measurement list"
* 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity:
ima: ima_api: Use struct_size() in kzalloc()
ima: use struct_size() in kzalloc()
sefltest/ima: support appended signatures (modsig)
ima: Fix use after free in ima_read_modsig()
MODSIGN: make new include file self contained
ima: fix freeing ongoing ahash_request
ima: always return negative code for error
ima: Store the measurement again when appraising a modsig
ima: Define ima-modsig template
ima: Collect modsig
ima: Implement support for module-style appended signatures
ima: Factor xattr_verify() out of ima_appraise_measurement()
ima: Add modsig appraise_type option for module-style appended signatures
integrity: Select CONFIG_KEYS instead of depending on it
PKCS#7: Introduce pkcs7_get_digest()
PKCS#7: Refactor verify_pkcs7_signature()
MODSIGN: Export module signature definitions
ima: initialize the "template" field with the default template
-----BEGIN PGP SIGNATURE-----
iHUEABYIAB0WIQSQHSd0lITzzeNWNm3h3BK/laaZPAUCXYx2zAAKCRDh3BK/laaZ
PFpHAQD2G+F8a9e41jFTJg5YpNKMD8/Pl4T6v9chIO9qPXF2IAEAji0P1JterRfv
ixiBhv54hSwYbk527nxNWE9tP5gAHAQ=
=WCHy
-----END PGP SIGNATURE-----
Merge tag 'virtio-fs-5.4' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse
Pull fuse virtio-fs support from Miklos Szeredi:
"Virtio-fs allows exporting directory trees on the host and mounting
them in guest(s).
This isn't actually a new filesystem, but a glue layer between the
fuse filesystem and a virtio based back-end.
It's similar in functionality to the existing virtio-9p solution, but
significantly faster in benchmarks and has better POSIX compliance.
Further permformance improvements can be achieved by sharing the page
cache between host and guest, allowing for faster I/O and reduced
memory use.
Kata Containers have been including the out-of-tree virtio-fs (with
the shared page cache patches as well) since version 1.7 as an
experimental feature. They have been active in development and plan to
switch from virtio-9p to virtio-fs as their default solution. There
has been interest from other sources as well.
The userspace infrastructure is slated to be merged into qemu once the
kernel part hits mainline.
This was developed by Vivek Goyal, Dave Gilbert and Stefan Hajnoczi"
* tag 'virtio-fs-5.4' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse:
virtio-fs: add virtiofs filesystem
virtio-fs: add Documentation/filesystems/virtiofs.rst
fuse: reserve values for mapping protocol
* The usual accuracy improvements for nested virtualization
* The usual round of code cleanups from Sean
* Added back optimizations that were prematurely removed in 5.2
(the bare minimum needed to fix the regression was in 5.3-rc8,
here comes the rest)
* Support for UMWAIT/UMONITOR/TPAUSE
* Direct L2->L0 TLB flushing when L0 is Hyper-V and L1 is KVM
* Tell Windows guests if SMT is disabled on the host
* More accurate detection of vmexit cost
* Revert a pvqspinlock pessimization
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQEcBAABAgAGBQJdjfaKAAoJEL/70l94x66D8MAH/2thJnM47tYtMTFA4GBFugeH
mAx8OApWFBo8apOip+8ElFLPQ8FQdZCzr9ti8H4JkuzKxgsxCs1iqEg5pHEKxSTi
K9kLOZwoFtwgy3XmxC0PIZ9lT2Wx74ruh1HF+QG/YsjKH636UPv2VpmulsTNbm62
2ryzOb3TlGT/cjf+gv9l6IYIxZa2Ff19PF4i//H8u4YRBj358/jr99CK01iE0M9r
4NhEKiQZywzREWtKxymGOM6HEbwbWcIa+loYjj2htq8epep6f9Y1zQ0Jcn5+nPA0
cn1T2gGJAJ0OUahKLwNbz8pzrFDkW+eoQgqCBJZ4RT9Uf8WCESfl14p+/vRkAMg=
=tk5S
-----END PGP SIGNATURE-----
Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm
Pull more KVM updates from Paolo Bonzini:
"x86 KVM changes:
- The usual accuracy improvements for nested virtualization
- The usual round of code cleanups from Sean
- Added back optimizations that were prematurely removed in 5.2 (the
bare minimum needed to fix the regression was in 5.3-rc8, here
comes the rest)
- Support for UMWAIT/UMONITOR/TPAUSE
- Direct L2->L0 TLB flushing when L0 is Hyper-V and L1 is KVM
- Tell Windows guests if SMT is disabled on the host
- More accurate detection of vmexit cost
- Revert a pvqspinlock pessimization"
* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: (56 commits)
KVM: nVMX: cleanup and fix host 64-bit mode checks
KVM: vmx: fix build warnings in hv_enable_direct_tlbflush() on i386
KVM: x86: Don't check kvm_rebooting in __kvm_handle_fault_on_reboot()
KVM: x86: Drop ____kvm_handle_fault_on_reboot()
KVM: VMX: Add error handling to VMREAD helper
KVM: VMX: Optimize VMX instruction error and fault handling
KVM: x86: Check kvm_rebooting in kvm_spurious_fault()
KVM: selftests: fix ucall on x86
Revert "locking/pvqspinlock: Don't wait if vCPU is preempted"
kvm: nvmx: limit atomic switch MSRs
kvm: svm: Intercept RDPRU
kvm: x86: Add "significant index" flag to a few CPUID leaves
KVM: x86/mmu: Skip invalid pages during zapping iff root_count is zero
KVM: x86/mmu: Explicitly track only a single invalid mmu generation
KVM: x86/mmu: Revert "KVM: x86/mmu: Remove is_obsolete() call"
KVM: x86/mmu: Revert "Revert "KVM: MMU: reclaim the zapped-obsolete page first""
KVM: x86/mmu: Revert "Revert "KVM: MMU: collapse TLB flushes when zap all pages""
KVM: x86/mmu: Revert "Revert "KVM: MMU: zap pages in batch""
KVM: x86/mmu: Revert "Revert "KVM: MMU: add tracepoint for kvm_mmu_invalidate_all_pages""
KVM: x86/mmu: Revert "Revert "KVM: MMU: show mmu_valid_gen in shadow page related tracepoints""
...
Besides one new driver being added for the PWM controller found in
various Spreadtrum SoCs, this series of changes brings a slew of, mostly
minor, fixes and cleanups for existing drivers, as well as some
enhancements to the core code.
Lastly, Uwe is added to the PWM subsystem entry of the MAINTAINERS file,
making official his role as a reviewer.
-----BEGIN PGP SIGNATURE-----
iQJNBAABCAA3FiEEiOrDCAFJzPfAjcif3SOs138+s6EFAl2ON5UZHHRoaWVycnku
cmVkaW5nQGdtYWlsLmNvbQAKCRDdI6zXfz6zoVg2EAC2QP51EywsDVQd8ZFvXBZB
SL2RN9EWY0nHFnjGL2VSEOvsWWoE2HgrzXbWuiKDSkpRMTGtz/R1VznmBegZpVz/
eKP1ebFU+1EQ2A1GB4VLGslGVs0R7uvQap7KMRf+nD6qzstwWlz5nPP8E/4dipAX
fYZBU37sTvAXycVosqAOiGaJvwfbo0ExysCD0bWccp52O06osgbZwGDhShDRTQv0
wOLR/rPbYXbVMyETlO8gjHVGU/N6cAq0SDR2VGcXqIe3H86K3R7ec8TEhcLJy6R5
nLX9Wx+gMyiWJGrU+s5i682VUdzQeLE4sH9c47M8qqreM4ytXfdttMeg3hgmalra
eVm4uWtJ2+ZDRSl+yqJ8GfuSVGV4S9uQNlJ0OkAizmz+mU2WGeM1v8aOFlGokSi0
mxt+EZFdS7M0rZpWU0Fv01urxdhhVgsFXkD72xldV2vnIP6afhzGgKN3S6zbwzAQ
WOgTHgVmcenM4hRcEmV8n7nF6f8BIA5RSNx+jrrkRD4gwHwDAiEK7hWJTCDXisB9
J6HgChqztrNtnyZMOealHxEgTtJqRUVX69mo9NaUeYps2Qg4y1gStLC3b1YnJZcI
sTCrKhVjhFn1bNOe1UBSvcehIorL3mFV203TBgJJaMMhoJYE28XqYTNkGVDZ2bLP
DdyExtL1Dx7IxEwS7IGOwA==
=C9sW
-----END PGP SIGNATURE-----
Merge tag 'pwm/for-5.4-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/thierry.reding/linux-pwm
Pull pwm updates from Thierry Reding:
"Besides one new driver being added for the PWM controller found in
various Spreadtrum SoCs, this series of changes brings a slew of,
mostly minor, fixes and cleanups for existing drivers, as well as some
enhancements to the core code.
Lastly, Uwe is added to the PWM subsystem entry of the MAINTAINERS
file, making official his role as a reviewer"
* tag 'pwm/for-5.4-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/thierry.reding/linux-pwm: (34 commits)
MAINTAINERS: Add myself as reviewer for the PWM subsystem
MAINTAINERS: Add patchwork link for PWM entry
MAINTAINERS: Add a selection of PWM related keywords to the PWM entry
pwm: mediatek: Add MT7629 compatible string
dt-bindings: pwm: Update bindings for MT7629 SoC
pwm: mediatek: Update license and switch to SPDX tag
pwm: mediatek: Use pwm_mediatek as common prefix
pwm: mediatek: Allocate the clks array dynamically
pwm: mediatek: Remove the has_clks field
pwm: mediatek: Drop the check for of_device_get_match_data()
pwm: atmel: Consolidate driver data initialization
pwm: atmel: Remove unneeded check for match data
pwm: atmel: Remove platform_device_id and use only dt bindings
pwm: stm32-lp: Add check in case requested period cannot be achieved
pwm: Ensure pwm_apply_state() doesn't modify the state argument
pwm: fsl-ftm: Don't update the state for the caller of pwm_apply_state()
pwm: sun4i: Don't update the state for the caller of pwm_apply_state()
pwm: rockchip: Don't update the state for the caller of pwm_apply_state()
pwm: Let pwm_get_state() return the last implemented state
pwm: Introduce local struct pwm_chip in pwm_apply_state()
...
Pull thermal management updates from Zhang Rui:
- Add Amit Kucheria as thermal subsystem Reviewer (Amit Kucheria)
- Fix a use after free bug when unregistering thermal zone devices (Ido
Schimmel)
- Fix thermal core framework to use put_device() when device_register()
fails (Yue Hu)
- Enable intel_pch_thermal and MMIO RAPL support for Intel Icelake
platform (Srinivas Pandruvada)
- Add clock operations in qorip thermal driver, for some platforms with
clock control like i.MX8MQ (Anson Huang)
- A couple of trivial fixes and cleanups for thermal core and different
soc thermal drivers (Amit Kucheria, Christophe JAILLET, Chuhong Yuan,
Fuqian Huang, Kelsey Skunberg, Nathan Huckleberry, Rishi Gupta,
Srinivas Kandagatla)
* 'for-5.4' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux:
MAINTAINERS: Add Amit Kucheria as reviewer for thermal
thermal: Add some error messages
thermal: Fix use-after-free when unregistering thermal zone device
thermal/drivers/core: Use put_device() if device_register() fails
thermal_hwmon: Sanitize thermal_zone type
thermal: intel: Use dev_get_drvdata
thermal: intel: int3403: replace printk(KERN_WARN...) with pr_warn(...)
thermal: intel: int340x_thermal: Remove unnecessary acpi_has_method() uses
thermal: int340x: processor_thermal: Add Ice Lake support
drivers: thermal: qcom: tsens: Fix memory leak from qfprom read
thermal: tegra: Fix a typo
thermal: rcar_gen3_thermal: Replace devm_add_action() followed by failure action with devm_add_action_or_reset()
thermal: armada: Fix -Wshift-negative-value
dt-bindings: thermal: qoriq: Add optional clocks property
thermal: qoriq: Use __maybe_unused instead of #if CONFIG_PM_SLEEP
thermal: qoriq: Use devm_platform_ioremap_resource() instead of of_iomap()
thermal: qoriq: Fix error path of calling qoriq_tmu_register_tmu_zone fail
thermal: qoriq: Add clock operations
drivers: thermal: processor_thermal_device: Export sysfs interface for TCC offset
Alex noted that the below description might not be obvious to all users.
Clarify it by adding an example.
Fixes: f3047ca01f ("Documentation: Add devlink-trap documentation")
Reported-by: Alex Kushnarov <alexanderk@mellanox.com>
Reviewed-by: Alex Kushnarov <alexanderk@mellanox.com>
Acked-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Ido Schimmel <idosch@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>