Documentation/admin-guide/kernel-parameters.txt | 20 + Documentation/admin-guide/rh-waived-features.rst | 21 + Kconfig | 2 + Kconfig.redhat | 26 + Makefile | 48 +- arch/arm/Kconfig | 4 +- arch/arm64/Kconfig | 2 +- arch/s390/include/asm/ipl.h | 1 + arch/s390/kernel/ipl.c | 5 + arch/s390/kernel/setup.c | 4 + arch/x86/kernel/cpu/common.c | 1 + arch/x86/kernel/setup.c | 98 +++- certs/extract-cert.c | 25 +- crypto/akcipher.c | 6 +- crypto/dh.c | 25 + crypto/drbg.c | 18 +- crypto/rng.c | 149 +++++- crypto/seqiv.c | 15 +- crypto/testmgr.c | 4 +- drivers/acpi/apei/hest.c | 8 + drivers/acpi/irq.c | 17 +- drivers/acpi/scan.c | 9 + drivers/ata/libahci.c | 18 + drivers/char/ipmi/ipmi_dmi.c | 15 + drivers/char/ipmi/ipmi_msghandler.c | 16 +- drivers/char/random.c | 126 ++++- drivers/firmware/efi/Makefile | 1 + drivers/firmware/efi/efi.c | 124 +++-- drivers/firmware/efi/secureboot.c | 38 ++ drivers/hid/hid-rmi.c | 66 --- drivers/hwtracing/coresight/coresight-etm4x-core.c | 19 + drivers/input/rmi4/rmi_driver.c | 124 +++-- drivers/iommu/iommu.c | 22 + drivers/message/fusion/mptsas.c | 5 + drivers/message/fusion/mptspi.c | 6 + drivers/net/wireguard/main.c | 6 + drivers/nvme/host/core.c | 22 +- drivers/nvme/host/multipath.c | 19 +- drivers/nvme/host/nvme.h | 4 + drivers/pci/pci-driver.c | 9 + drivers/pci/quirks.c | 24 + drivers/scsi/aacraid/linit.c | 2 + drivers/scsi/be2iscsi/be_main.c | 2 + drivers/scsi/hpsa.c | 4 + drivers/scsi/lpfc/lpfc_ids.h | 12 + drivers/scsi/megaraid/megaraid_sas_base.c | 4 + drivers/scsi/mpt3sas/mpt3sas_scsih.c | 4 + drivers/scsi/qla2xxx/qla_os.c | 6 + drivers/scsi/qla4xxx/ql4_os.c | 2 + drivers/scsi/sd.c | 13 + drivers/usb/core/hub.c | 7 + fs/afs/main.c | 3 + fs/erofs/super.c | 9 + fs/ext4/super.c | 11 + include/linux/crypto.h | 3 + include/linux/efi.h | 22 +- include/linux/kernel.h | 16 + include/linux/lsm_hook_defs.h | 2 + include/linux/module.h | 5 + include/linux/panic.h | 18 +- include/linux/pci.h | 5 + include/linux/random.h | 10 + include/linux/rh_flags.h | 34 ++ include/linux/rh_kabi.h | 541 +++++++++++++++++++++ include/linux/rh_waived.h | 19 + include/linux/rmi.h | 1 + include/linux/security.h | 5 + init/main.c | 3 + kernel/Makefile | 1 + kernel/bpf/core.c | 5 + kernel/bpf/syscall.c | 23 + kernel/module/main.c | 13 + kernel/module/signing.c | 9 +- kernel/panic.c | 13 + kernel/rh_flags.c | 115 +++++ kernel/rh_messages.c | 414 ++++++++++++++++ kernel/rh_messages.h | 325 +++++++++++++ kernel/rh_waived.c | 104 ++++ scripts/mod/modpost.c | 8 + scripts/sign-file.c | 29 +- scripts/tags.sh | 2 + security/integrity/platform_certs/load_uefi.c | 6 +- security/lockdown/Kconfig | 13 + security/lockdown/lockdown.c | 1 + security/security.c | 12 + 85 files changed, 2762 insertions(+), 266 deletions(-) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 09126bb8cc9f..ee2984e46c06 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -5790,6 +5790,17 @@ 2 The "airplane mode" button toggles between everything blocked and everything unblocked. + rh_waived= + Enable waived features in RHEL. + + Waived features are disabled by default in RHEL, this parameter + provides support to enable such features, as needed. + + Format: ,... + + Use 'rh_waived' to enable all waived features listed at + Documentation/admin-guide/rh-waived-features.rst + ring3mwait=disable [KNL] Disable ring 3 MONITOR/MWAIT feature on supported CPUs. @@ -6965,6 +6976,15 @@ unknown_nmi_panic [X86] Cause panic on unknown NMI. + unprivileged_bpf_disabled= + Format: { "0" | "1" | "2" } + Sets the initial value of + kernel.unprivileged_bpf_disabled sysctl knob. + 0 - unprivileged bpf() syscall access is enabled. + 1 - unprivileged bpf() syscall access is disabled permanently. + 2 - unprivileged bpf() syscall access is disabled. + Default value is 2. + unwind_debug [X86-64,EARLY] Enable unwinder debug output. This can be useful for debugging certain unwinder error diff --git a/Documentation/admin-guide/rh-waived-features.rst b/Documentation/admin-guide/rh-waived-features.rst new file mode 100644 index 000000000000..45caec7fbae6 --- /dev/null +++ b/Documentation/admin-guide/rh-waived-features.rst @@ -0,0 +1,21 @@ +.. _rh_waived_features: + +======================= +Red Hat Waived Features +======================= + +Red Hat waived features are features considered unmaintained, insecure, rudimentary, or +deprecated and are shipped in RHEL only for customer convenience. These features are disabled +by default but can be enabled on demand via the ``rh_waived`` kernel boot parameter. To allow +a set of waived features, append ``rh_waived=,...,`` to the kernel +cmdline. Appending only ``rh_waived`` (with no arguments) will enable all waived features +listed below. + +The waived features listed in the next session follow the pattern below: + +- feature name + feature description + +List of Red Hat Waived Features +=============================== + diff --git a/Kconfig b/Kconfig index 745bc773f567..f57ff40109d7 100644 --- a/Kconfig +++ b/Kconfig @@ -30,3 +30,5 @@ source "lib/Kconfig" source "lib/Kconfig.debug" source "Documentation/Kconfig" + +source "Kconfig.redhat" diff --git a/Kconfig.redhat b/Kconfig.redhat new file mode 100644 index 000000000000..7465c78a90e6 --- /dev/null +++ b/Kconfig.redhat @@ -0,0 +1,26 @@ +# SPDX-License-Identifier: GPL-2.0-only +# +# Red Hat specific options +# + +menu "Red Hat options" + +config RHEL_DIFFERENCES + bool "Remove support for deprecated features" + help + Red Hat may choose to deprecate certain features in its kernels. + Enable this option to remove support for hardware that is no + longer supported. + + Unless you want a restricted kernel, say N here. + +config RH_KABI_SIZE_ALIGN_CHECKS + bool "Enables more stringent kabi checks in the macros" + depends on RHEL_DIFFERENCES + default y + help + This option enables more stringent kabi checks. Those must + be disabled in case of a debug build, because debug builds + allow to change struct sizes. + +endmenu diff --git a/Makefile b/Makefile index 2966d5fbbf17..433b17f4a986 100644 --- a/Makefile +++ b/Makefile @@ -22,6 +22,18 @@ $(if $(filter __%, $(MAKECMDGOALS)), \ PHONY := __all __all: +# Set RHEL variables +# Note that this ifdef'ery is required to handle when building with +# the O= mechanism (relocate the object file results) due to upstream +# commit 67d7c302 which broke our RHEL include file +ifneq ($(realpath source),) +include $(realpath source)/Makefile.rhelver +else +ifneq ($(realpath Makefile.rhelver),) +include Makefile.rhelver +endif +endif + # We are using a recursive build, so we need to do a little thinking # to get the ordering right. # @@ -333,6 +345,17 @@ ifneq ($(filter install,$(MAKECMDGOALS)),) endif endif +# CKI/cross compilation hack +# Do we need to rebuild scripts after cross compilation? +# If kernel was cross-compiled, these scripts have arch of build host. +REBUILD_SCRIPTS_FOR_CROSS:=0 + +# Regenerating config with incomplete source tree will produce different +# config options. Disable it. +ifeq ($(REBUILD_SCRIPTS_FOR_CROSS),1) +may-sync-config:= +endif + ifdef mixed-build # =========================================================================== # We're called with mixed targets (*config and build targets). @@ -1242,7 +1265,13 @@ define filechk_version.h ((c) > 255 ? 255 : (c)))'; \ echo \#define LINUX_VERSION_MAJOR $(VERSION); \ echo \#define LINUX_VERSION_PATCHLEVEL $(PATCHLEVEL); \ - echo \#define LINUX_VERSION_SUBLEVEL $(SUBLEVEL) + echo \#define LINUX_VERSION_SUBLEVEL $(SUBLEVEL); \ + echo '#define RHEL_MAJOR $(RHEL_MAJOR)'; \ + echo '#define RHEL_MINOR $(RHEL_MINOR)'; \ + echo '#define RHEL_RELEASE_VERSION(a,b) (((a) << 8) + (b))'; \ + echo '#define RHEL_RELEASE_CODE \ + $(shell expr $(RHEL_MAJOR) \* 256 + $(RHEL_MINOR))'; \ + echo '#define RHEL_RELEASE "$(RHEL_RELEASE)"' endef $(version_h): private PATCHLEVEL := $(or $(PATCHLEVEL), 0) @@ -1849,6 +1878,23 @@ endif ifdef CONFIG_MODULES +scripts_build: + $(MAKE) $(build)=scripts/basic + $(MAKE) $(build)=scripts/mod + $(MAKE) $(build)=scripts scripts/module.lds + $(MAKE) $(build)=scripts scripts/unifdef + $(MAKE) $(build)=scripts + +prepare_after_cross: + # disable STACK_VALIDATION to avoid building objtool + sed -i '/^CONFIG_STACK_VALIDATION/d' ./include/config/auto.conf || true + # build minimum set of scripts and resolve_btfids to allow building + # external modules + $(MAKE) KBUILD_EXTMOD="" M="" scripts_build V=1 + $(MAKE) -C tools/bpf/resolve_btfids + +PHONY += prepare_after_cross scripts_build + $(MODORDER): $(build-dir) @: diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig index 173159e93c99..5074a7e9f9b8 100644 --- a/arch/arm/Kconfig +++ b/arch/arm/Kconfig @@ -1227,9 +1227,9 @@ config HIGHMEM If unsure, say n. config HIGHPTE - bool "Allocate 2nd-level pagetables from highmem" if EXPERT + bool "Allocate 2nd-level pagetables from highmem" depends on HIGHMEM - default y + default n help The VM uses one page of physical memory for each page table. For systems with a lot of processes, this can use a lot of diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index a2f8ff354ca6..e185f3e75a5c 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -1365,7 +1365,7 @@ endchoice config ARM64_FORCE_52BIT bool "Force 52-bit virtual addresses for userspace" - depends on ARM64_VA_BITS_52 && EXPERT + depends on ARM64_VA_BITS_52 help For systems with 52-bit userspace VAs enabled, the kernel will attempt to maintain compatibility with older software by providing 48-bit VAs diff --git a/arch/s390/include/asm/ipl.h b/arch/s390/include/asm/ipl.h index b0d00032479d..afb9544fb007 100644 --- a/arch/s390/include/asm/ipl.h +++ b/arch/s390/include/asm/ipl.h @@ -139,6 +139,7 @@ int ipl_report_add_component(struct ipl_report *report, struct kexec_buf *kbuf, unsigned char flags, unsigned short cert); int ipl_report_add_certificate(struct ipl_report *report, void *key, unsigned long addr, unsigned long len); +bool ipl_get_secureboot(void); /* * DIAG 308 support diff --git a/arch/s390/kernel/ipl.c b/arch/s390/kernel/ipl.c index f17bb7bf9392..66e530380ee3 100644 --- a/arch/s390/kernel/ipl.c +++ b/arch/s390/kernel/ipl.c @@ -2479,3 +2479,8 @@ int ipl_report_free(struct ipl_report *report) } #endif + +bool ipl_get_secureboot(void) +{ + return !!ipl_secure_flag; +} diff --git a/arch/s390/kernel/setup.c b/arch/s390/kernel/setup.c index a3fea683b227..a3162d93f437 100644 --- a/arch/s390/kernel/setup.c +++ b/arch/s390/kernel/setup.c @@ -49,6 +49,7 @@ #include #include #include +#include #include #include @@ -910,6 +911,9 @@ void __init setup_arch(char **cmdline_p) log_component_list(); + if (ipl_get_secureboot()) + security_lock_kernel_down("Secure IPL mode", LOCKDOWN_INTEGRITY_MAX); + /* Have one command line that is parsed and saved in /proc/cmdline */ /* boot_command_line has been already set up in early.c */ *cmdline_p = boot_command_line; diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index d4e539d4e158..ed3a7b089b87 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -1591,6 +1591,7 @@ static void __init early_identify_cpu(struct cpuinfo_x86 *c) get_cpu_vendor(c); intel_unlock_cpuid_leafs(c); get_cpu_cap(c); + get_model_name(c); /* RHEL: get model name for unsupported check */ setup_force_cpu_cap(X86_FEATURE_CPUID); get_cpu_address_sizes(c); cpu_parse_early_param(); diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c index 6129dc2ba784..070aa96cfadd 100644 --- a/arch/x86/kernel/setup.c +++ b/arch/x86/kernel/setup.c @@ -21,6 +21,7 @@ #include #include #include +#include #include #include #include @@ -56,6 +57,7 @@ #include #include #include +#include /* * max_low_pfn_mapped: highest directly mapped pfn < 4 GB @@ -670,6 +672,79 @@ static void __init early_reserve_memory(void) trim_snb_memory(); } +#ifdef CONFIG_RHEL_DIFFERENCES + +static void rh_check_supported(void) +{ + bool guest; + + guest = (x86_hyper_type != X86_HYPER_NATIVE || boot_cpu_has(X86_FEATURE_HYPERVISOR)); + + /* RHEL supports single cpu on guests only */ + if (((topology_num_threads_per_package() * __max_threads_per_core) == 1) && + !guest && is_kdump_kernel()) { + pr_crit("Detected single cpu native boot.\n"); + pr_crit("Important: In this kernel, single threaded, single CPU 64-bit physical systems are unsupported."); + } + + /* + * If the RHEL kernel does not support this hardware, the kernel will + * attempt to boot, but no support is provided for this hardware + */ + switch (boot_cpu_data.x86_vendor) { + case X86_VENDOR_AMD: + case X86_VENDOR_INTEL: + break; + default: + pr_crit("Detected processor %s %s\n", + boot_cpu_data.x86_vendor_id, + boot_cpu_data.x86_model_id); + break; + } + + /* + * Due to the complexity of x86 lapic & ioapic enumeration, and PCI IRQ + * routing, ACPI is required for x86. acpi=off is a valid debug kernel + * parameter, so just print out a loud warning in case something + * goes wrong (which is most of the time). + */ + if (acpi_disabled && !guest) + pr_crit("ACPI has been disabled or is not available on this hardware. This may result in a single cpu boot, incorrect PCI IRQ routing, or boot failure.\n"); + + /* + * x86_64 microarchitecture levels: + * https://en.wikipedia.org/wiki/X86-64#Microarchitecture_levels + * + * RHEL9 has a minimum of the x86_64-v2 microarchitecture + * RHEL10 has a minimum of the x86_64-v3 microarchitecture + */ + + if (!boot_cpu_has(X86_FEATURE_CX16) || /* CMPXCHG16B */ + !boot_cpu_has(X86_FEATURE_LAHF_LM) || /* LAHF-SAHF */ + !boot_cpu_has(X86_FEATURE_POPCNT) || + !boot_cpu_has(X86_FEATURE_XMM3) || /* SSE-3 */ + !boot_cpu_has(X86_FEATURE_XMM4_1) || /* SSE4_1 */ + !boot_cpu_has(X86_FEATURE_XMM4_2) || /* SSE4_2 */ + !boot_cpu_has(X86_FEATURE_SSSE3)) { + mark_hardware_deprecated("x86_64-v1", "%s:%s", + boot_cpu_data.x86_vendor_id, boot_cpu_data.x86_model_id); + } else if (!boot_cpu_has(X86_FEATURE_AVX) || + !boot_cpu_has(X86_FEATURE_AVX2) || + !boot_cpu_has(X86_FEATURE_BMI1) || + !boot_cpu_has(X86_FEATURE_BMI2) || + !boot_cpu_has(X86_FEATURE_F16C) || + !boot_cpu_has(X86_FEATURE_FMA) || + /* LZCNT is not explicitly listed, but appears to be paired with BMI2 */ + !boot_cpu_has(X86_FEATURE_MOVBE) || + !boot_cpu_has(X86_FEATURE_XSAVE)) { + mark_hardware_deprecated("x86_64-v2", "%s:%s", + boot_cpu_data.x86_vendor_id, boot_cpu_data.x86_model_id); + } +} +#else +#define rh_check_supported() +#endif + /* * Dump out kernel offset information on panic. */ @@ -904,6 +979,13 @@ void __init setup_arch(char **cmdline_p) if (efi_enabled(EFI_BOOT)) efi_init(); + efi_set_secure_boot(boot_params.secure_boot); + +#ifdef CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT + if (efi_enabled(EFI_SECURE_BOOT)) + security_lock_kernel_down("EFI Secure Boot mode", LOCKDOWN_INTEGRITY_MAX); +#endif + reserve_ibft_region(); x86_init.resources.dmi_setup(); @@ -1065,19 +1147,7 @@ void __init setup_arch(char **cmdline_p) /* Allocate bigger log buffer */ setup_log_buf(1); - if (efi_enabled(EFI_BOOT)) { - switch (boot_params.secure_boot) { - case efi_secureboot_mode_disabled: - pr_info("Secure boot disabled\n"); - break; - case efi_secureboot_mode_enabled: - pr_info("Secure boot enabled\n"); - break; - default: - pr_info("Secure boot could not be determined\n"); - break; - } - } + efi_set_secure_boot(boot_params.secure_boot); reserve_initrd(); @@ -1187,6 +1257,8 @@ void __init setup_arch(char **cmdline_p) efi_apply_memmap_quirks(); #endif + rh_check_supported(); + unwind_init(); } diff --git a/certs/extract-cert.c b/certs/extract-cert.c index 70e9ec89d87d..f5fb74916cee 100644 --- a/certs/extract-cert.c +++ b/certs/extract-cert.c @@ -21,7 +21,6 @@ #include #include #include -#include /* * OpenSSL 3.0 deprecates the OpenSSL's ENGINE API. @@ -122,28 +121,8 @@ int main(int argc, char **argv) fclose(f); exit(0); } else if (!strncmp(cert_src, "pkcs11:", 7)) { - ENGINE *e; - struct { - const char *cert_id; - X509 *cert; - } parms; - - parms.cert_id = cert_src; - parms.cert = NULL; - - ENGINE_load_builtin_engines(); - drain_openssl_errors(); - e = ENGINE_by_id("pkcs11"); - ERR(!e, "Load PKCS#11 ENGINE"); - if (ENGINE_init(e)) - drain_openssl_errors(); - else - ERR(1, "ENGINE_init"); - if (key_pass) - ERR(!ENGINE_ctrl_cmd_string(e, "PIN", key_pass, 0), "Set PKCS#11 PIN"); - ENGINE_ctrl_cmd(e, "LOAD_CERT_CTRL", 0, &parms, NULL, 1); - ERR(!parms.cert, "Get X.509 from PKCS#11"); - write_cert(parms.cert); + fprintf(stderr, "Error: pkcs11 not implemented\n"); + exit(1); } else { BIO *b; X509 *x509; diff --git a/crypto/akcipher.c b/crypto/akcipher.c index e0ff5f4dda6d..098a52ded759 100644 --- a/crypto/akcipher.c +++ b/crypto/akcipher.c @@ -126,14 +126,12 @@ int crypto_register_akcipher(struct akcipher_alg *alg) { struct crypto_alg *base = &alg->base; - if (!alg->sign) - alg->sign = akcipher_default_op; + alg->sign = akcipher_default_op; if (!alg->verify) alg->verify = akcipher_default_op; if (!alg->encrypt) alg->encrypt = akcipher_default_op; - if (!alg->decrypt) - alg->decrypt = akcipher_default_op; + alg->decrypt = akcipher_default_op; if (!alg->set_priv_key) alg->set_priv_key = akcipher_default_set_key; diff --git a/crypto/dh.c b/crypto/dh.c index 68d11d66c0b5..6e3e515b2452 100644 --- a/crypto/dh.c +++ b/crypto/dh.c @@ -227,10 +227,35 @@ static int dh_compute_value(struct kpp_request *req) /* SP800-56A rev 3 5.6.2.1.3 key check */ } else { + MPI val_pct; + if (dh_is_pubkey_valid(ctx, val)) { ret = -EAGAIN; goto err_free_val; } + + /* + * SP800-56Arev3, 5.6.2.1.4: ("Owner Assurance + * of Pair-wise Consistency"): recompute the + * public key and check if the results match. + */ + val_pct = mpi_alloc(0); + if (!val_pct) { + ret = -ENOMEM; + goto err_free_val; + } + + ret = _compute_val(ctx, base, val_pct); + if (ret) { + mpi_free(val_pct); + goto err_free_val; + } + + if (mpi_cmp(val, val_pct) != 0) { + fips_fail_notify(); + panic("dh: pair-wise consistency test failed\n"); + } + mpi_free(val_pct); } } diff --git a/crypto/drbg.c b/crypto/drbg.c index 3addce90930c..730b03de596a 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -1494,13 +1494,14 @@ static int drbg_generate(struct drbg_state *drbg, * Wrapper around drbg_generate which can pull arbitrary long strings * from the DRBG without hitting the maximum request limitation. * - * Parameters: see drbg_generate + * Parameters: see drbg_generate, except @reseed, which triggers reseeding * Return codes: see drbg_generate -- if one drbg_generate request fails, * the entire drbg_generate_long request fails */ static int drbg_generate_long(struct drbg_state *drbg, unsigned char *buf, unsigned int buflen, - struct drbg_string *addtl) + struct drbg_string *addtl, + bool reseed) { unsigned int len = 0; unsigned int slice = 0; @@ -1510,6 +1511,8 @@ static int drbg_generate_long(struct drbg_state *drbg, slice = ((buflen - len) / drbg_max_request_bytes(drbg)); chunk = slice ? drbg_max_request_bytes(drbg) : (buflen - len); mutex_lock(&drbg->drbg_mutex); + if (reseed) + drbg->seeded = DRBG_SEED_STATE_UNSEEDED; err = drbg_generate(drbg, buf + len, chunk, addtl); mutex_unlock(&drbg->drbg_mutex); if (0 > err) @@ -1936,6 +1939,7 @@ static int drbg_kcapi_random(struct crypto_rng *tfm, struct drbg_state *drbg = crypto_rng_ctx(tfm); struct drbg_string *addtl = NULL; struct drbg_string string; + int err; if (slen) { /* linked list variable is now local to allow modification */ @@ -1943,7 +1947,15 @@ static int drbg_kcapi_random(struct crypto_rng *tfm, addtl = &string; } - return drbg_generate_long(drbg, dst, dlen, addtl); + err = drbg_generate_long(drbg, dst, dlen, addtl, + (crypto_tfm_get_flags(crypto_rng_tfm(tfm)) & + CRYPTO_TFM_REQ_NEED_RESEED) == + CRYPTO_TFM_REQ_NEED_RESEED); + + crypto_tfm_clear_flags(crypto_rng_tfm(tfm), + CRYPTO_TFM_REQ_NEED_RESEED); + + return err; } /* diff --git a/crypto/rng.c b/crypto/rng.c index 9d8804e46422..5ccb0485ff4b 100644 --- a/crypto/rng.c +++ b/crypto/rng.c @@ -12,10 +12,13 @@ #include #include #include +#include #include #include #include #include +#include +#include #include #include #include @@ -23,7 +26,9 @@ #include "internal.h" -static DEFINE_MUTEX(crypto_default_rng_lock); +static ____cacheline_aligned_in_smp DEFINE_MUTEX(crypto_reseed_rng_lock); +static struct crypto_rng *crypto_reseed_rng; +static ____cacheline_aligned_in_smp DEFINE_MUTEX(crypto_default_rng_lock); struct crypto_rng *crypto_default_rng; EXPORT_SYMBOL_GPL(crypto_default_rng); static int crypto_default_rng_refcnt; @@ -106,31 +111,37 @@ struct crypto_rng *crypto_alloc_rng(const char *alg_name, u32 type, u32 mask) } EXPORT_SYMBOL_GPL(crypto_alloc_rng); -int crypto_get_default_rng(void) +static int crypto_get_rng(struct crypto_rng **rngp) { struct crypto_rng *rng; int err; - mutex_lock(&crypto_default_rng_lock); - if (!crypto_default_rng) { + if (!*rngp) { rng = crypto_alloc_rng("stdrng", 0, 0); err = PTR_ERR(rng); if (IS_ERR(rng)) - goto unlock; + return err; err = crypto_rng_reset(rng, NULL, crypto_rng_seedsize(rng)); if (err) { crypto_free_rng(rng); - goto unlock; + return err; } - crypto_default_rng = rng; + *rngp = rng; } - crypto_default_rng_refcnt++; - err = 0; + return 0; +} + +int crypto_get_default_rng(void) +{ + int err; -unlock: + mutex_lock(&crypto_default_rng_lock); + err = crypto_get_rng(&crypto_default_rng); + if (!err) + crypto_default_rng_refcnt++; mutex_unlock(&crypto_default_rng_lock); return err; @@ -146,24 +157,33 @@ void crypto_put_default_rng(void) EXPORT_SYMBOL_GPL(crypto_put_default_rng); #if defined(CONFIG_CRYPTO_RNG) || defined(CONFIG_CRYPTO_RNG_MODULE) -int crypto_del_default_rng(void) +static int crypto_del_rng(struct crypto_rng **rngp, int *refcntp, + struct mutex *lock) { int err = -EBUSY; - mutex_lock(&crypto_default_rng_lock); - if (crypto_default_rng_refcnt) + mutex_lock(lock); + if (refcntp && *refcntp) goto out; - crypto_free_rng(crypto_default_rng); - crypto_default_rng = NULL; + crypto_free_rng(*rngp); + *rngp = NULL; err = 0; out: - mutex_unlock(&crypto_default_rng_lock); + mutex_unlock(lock); return err; } + +int crypto_del_default_rng(void) +{ + return crypto_del_rng(&crypto_default_rng, &crypto_default_rng_refcnt, + &crypto_default_rng_lock) ?: + crypto_del_rng(&crypto_reseed_rng, NULL, + &crypto_reseed_rng_lock); +} EXPORT_SYMBOL_GPL(crypto_del_default_rng); #endif @@ -217,5 +237,102 @@ void crypto_unregister_rngs(struct rng_alg *algs, int count) } EXPORT_SYMBOL_GPL(crypto_unregister_rngs); +static ssize_t crypto_devrandom_read_iter(struct iov_iter *iter, bool reseed) +{ + struct crypto_rng *rng; + u8 tmp[256]; + ssize_t ret; + + if (unlikely(!iov_iter_count(iter))) + return 0; + + if (reseed) { + u32 flags = 0; + + /* If reseeding is requested, acquire a lock on + * crypto_reseed_rng so it is not swapped out until + * the initial random bytes are generated. + * + * The algorithm implementation is also protected with + * a separate mutex (drbg->drbg_mutex) around the + * reseed-and-generate operation. + */ + mutex_lock(&crypto_reseed_rng_lock); + + /* If crypto_default_rng is not set, it will be seeded + * at creation in __crypto_get_default_rng and thus no + * reseeding is needed. + */ + if (crypto_reseed_rng) + flags |= CRYPTO_TFM_REQ_NEED_RESEED; + + ret = crypto_get_rng(&crypto_reseed_rng); + if (ret) { + mutex_unlock(&crypto_reseed_rng_lock); + return ret; + } + + rng = crypto_reseed_rng; + crypto_tfm_set_flags(crypto_rng_tfm(rng), flags); + } else { + ret = crypto_get_default_rng(); + if (ret) + return ret; + rng = crypto_default_rng; + } + + for (;;) { + size_t i, copied; + int err; + + i = min_t(size_t, iov_iter_count(iter), sizeof(tmp)); + err = crypto_rng_get_bytes(rng, tmp, i); + if (err) { + ret = err; + break; + } + + copied = copy_to_iter(tmp, i, iter); + ret += copied; + + if (!iov_iter_count(iter)) + break; + + if (need_resched()) { + if (signal_pending(current)) + break; + schedule(); + } + } + + if (reseed) + mutex_unlock(&crypto_reseed_rng_lock); + else + crypto_put_default_rng(); + memzero_explicit(tmp, sizeof(tmp)); + + return ret; +} + +static const struct random_extrng crypto_devrandom_rng = { + .extrng_read_iter = crypto_devrandom_read_iter, + .owner = THIS_MODULE, +}; + +static int __init crypto_rng_init(void) +{ + if (fips_enabled) + random_register_extrng(&crypto_devrandom_rng); + return 0; +} + +static void __exit crypto_rng_exit(void) +{ + random_unregister_extrng(); +} + +late_initcall(crypto_rng_init); +module_exit(crypto_rng_exit); + MODULE_LICENSE("GPL"); MODULE_DESCRIPTION("Random Number Generator"); diff --git a/crypto/seqiv.c b/crypto/seqiv.c index 17e11d51ddc3..9c136a3b6267 100644 --- a/crypto/seqiv.c +++ b/crypto/seqiv.c @@ -132,6 +132,19 @@ static int seqiv_aead_decrypt(struct aead_request *req) return crypto_aead_decrypt(subreq); } +static int aead_init_seqiv(struct crypto_aead *aead) +{ + int err; + + err = aead_init_geniv(aead); + if (err) + return err; + + crypto_aead_set_flags(aead, CRYPTO_TFM_FIPS_COMPLIANCE); + + return 0; +} + static int seqiv_aead_create(struct crypto_template *tmpl, struct rtattr **tb) { struct aead_instance *inst; @@ -149,7 +162,7 @@ static int seqiv_aead_create(struct crypto_template *tmpl, struct rtattr **tb) inst->alg.encrypt = seqiv_aead_encrypt; inst->alg.decrypt = seqiv_aead_decrypt; - inst->alg.init = aead_init_geniv; + inst->alg.init = aead_init_seqiv; inst->alg.exit = aead_exit_geniv; inst->alg.base.cra_ctxsize = sizeof(struct aead_geniv_ctx); diff --git a/crypto/testmgr.c b/crypto/testmgr.c index f02cb075bd68..669e306f1cb2 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -4216,7 +4216,7 @@ static int test_akcipher_one(struct crypto_akcipher *tfm, * Don't invoke (decrypt or sign) test which require a private key * for vectors with only a public key. */ - if (vecs->public_key_vec) { + if (1 || vecs->public_key_vec) { err = 0; goto free_all; } @@ -5093,14 +5093,12 @@ static const struct alg_test_desc alg_test_descs[] = { }, { .alg = "ecdh-nist-p256", .test = alg_test_kpp, - .fips_allowed = 1, .suite = { .kpp = __VECS(ecdh_p256_tv_template) } }, { .alg = "ecdh-nist-p384", .test = alg_test_kpp, - .fips_allowed = 1, .suite = { .kpp = __VECS(ecdh_p384_tv_template) } diff --git a/drivers/acpi/apei/hest.c b/drivers/acpi/apei/hest.c index 20d757687e3d..90a13f20f052 100644 --- a/drivers/acpi/apei/hest.c +++ b/drivers/acpi/apei/hest.c @@ -142,6 +142,14 @@ static int apei_hest_parse(apei_hest_func_t func, void *data) if (hest_disable || !hest_tab) return -EINVAL; +#ifdef CONFIG_ARM64 + /* Ignore broken firmware */ + if (!strncmp(hest_tab->header.oem_id, "HPE ", 6) && + !strncmp(hest_tab->header.oem_table_id, "ProLiant", 8) && + MIDR_IMPLEMENTOR(read_cpuid_id()) == ARM_CPU_IMP_APM) + return -EINVAL; +#endif + hest_hdr = (struct acpi_hest_header *)(hest_tab + 1); for (i = 0; i < hest_tab->error_source_count; i++) { len = hest_esrc_len(hest_hdr); diff --git a/drivers/acpi/irq.c b/drivers/acpi/irq.c index 1687483ff319..390b67f19181 100644 --- a/drivers/acpi/irq.c +++ b/drivers/acpi/irq.c @@ -143,6 +143,7 @@ struct acpi_irq_parse_one_ctx { unsigned int index; unsigned long *res_flags; struct irq_fwspec *fwspec; + bool skip_producer_check; }; /** @@ -216,7 +217,8 @@ static acpi_status acpi_irq_parse_one_cb(struct acpi_resource *ares, return AE_CTRL_TERMINATE; case ACPI_RESOURCE_TYPE_EXTENDED_IRQ: eirq = &ares->data.extended_irq; - if (eirq->producer_consumer == ACPI_PRODUCER) + if (!ctx->skip_producer_check && + eirq->producer_consumer == ACPI_PRODUCER) return AE_OK; if (ctx->index >= eirq->interrupt_count) { ctx->index -= eirq->interrupt_count; @@ -252,8 +254,19 @@ static acpi_status acpi_irq_parse_one_cb(struct acpi_resource *ares, static int acpi_irq_parse_one(acpi_handle handle, unsigned int index, struct irq_fwspec *fwspec, unsigned long *flags) { - struct acpi_irq_parse_one_ctx ctx = { -EINVAL, index, flags, fwspec }; + struct acpi_irq_parse_one_ctx ctx = { -EINVAL, index, flags, fwspec, false }; + /* + * Firmware on arm64-based HPE m400 platform incorrectly marks + * its UART interrupt as ACPI_PRODUCER rather than ACPI_CONSUMER. + * Don't do the producer/consumer check for that device. + */ + if (IS_ENABLED(CONFIG_ARM64)) { + struct acpi_device *adev = acpi_get_acpi_dev(handle); + + if (adev && !strcmp(acpi_device_hid(adev), "APMC0D08")) + ctx.skip_producer_check = true; + } acpi_walk_resources(handle, METHOD_NAME__CRS, acpi_irq_parse_one_cb, &ctx); return ctx.rc; } diff --git a/drivers/acpi/scan.c b/drivers/acpi/scan.c index 22ae7829a915..1329032ed09b 100644 --- a/drivers/acpi/scan.c +++ b/drivers/acpi/scan.c @@ -1802,6 +1802,15 @@ static bool acpi_device_enumeration_by_parent(struct acpi_device *device) if (!acpi_match_device_ids(device, ignore_serial_bus_ids)) return false; + /* + * Firmware on some arm64 X-Gene platforms will make the UART + * device appear as both a UART and a slave of that UART. Just + * bail out here for X-Gene UARTs. + */ + if (IS_ENABLED(CONFIG_ARM64) && + !strcmp(acpi_device_hid(device), "APMC0D08")) + return false; + INIT_LIST_HEAD(&resource_list); acpi_dev_get_resources(device, &resource_list, acpi_check_serial_bus_slave, diff --git a/drivers/ata/libahci.c b/drivers/ata/libahci.c index fdfa7b266218..f5f8ba457c93 100644 --- a/drivers/ata/libahci.c +++ b/drivers/ata/libahci.c @@ -729,6 +729,24 @@ int ahci_stop_engine(struct ata_port *ap) tmp &= ~PORT_CMD_START; writel(tmp, port_mmio + PORT_CMD); +#ifdef CONFIG_ARM64 + /* Rev Ax of Cavium CN99XX needs a hack for port stop */ + if (dev_is_pci(ap->host->dev) && + to_pci_dev(ap->host->dev)->vendor == 0x14e4 && + to_pci_dev(ap->host->dev)->device == 0x9027 && + midr_is_cpu_model_range(read_cpuid_id(), + MIDR_CPU_MODEL(ARM_CPU_IMP_BRCM, BRCM_CPU_PART_VULCAN), + MIDR_CPU_VAR_REV(0, 0), + MIDR_CPU_VAR_REV(0, MIDR_REVISION_MASK))) { + tmp = readl(hpriv->mmio + 0x8000); + udelay(100); + writel(tmp | (1 << 26), hpriv->mmio + 0x8000); + udelay(100); + writel(tmp & ~(1 << 26), hpriv->mmio + 0x8000); + dev_warn(ap->host->dev, "CN99XX SATA reset workaround applied\n"); + } +#endif + /* wait for engine to stop. This could be as long as 500 msec */ tmp = ata_wait_register(ap, port_mmio + PORT_CMD, PORT_CMD_LIST_ON, PORT_CMD_LIST_ON, 1, 500); diff --git a/drivers/char/ipmi/ipmi_dmi.c b/drivers/char/ipmi/ipmi_dmi.c index bbf7029e224b..cf7faa970dd6 100644 --- a/drivers/char/ipmi/ipmi_dmi.c +++ b/drivers/char/ipmi/ipmi_dmi.c @@ -215,6 +215,21 @@ static int __init scan_for_dmi_ipmi(void) { const struct dmi_device *dev = NULL; +#ifdef CONFIG_ARM64 + /* RHEL-only + * If this is ARM-based HPE m400, return now, because that platform + * reports the host-side ipmi address as intel port-io space, which + * does not exist in the ARM architecture. + */ + const char *dmistr = dmi_get_system_info(DMI_PRODUCT_NAME); + + if (dmistr && (strcmp("ProLiant m400 Server", dmistr) == 0)) { + pr_debug("%s does not support host ipmi\n", dmistr); + return 0; + } + /* END RHEL-only */ +#endif + while ((dev = dmi_find_device(DMI_DEV_TYPE_IPMI, NULL, dev))) dmi_decode_ipmi((const struct dmi_header *) dev->device_data); diff --git a/drivers/char/ipmi/ipmi_msghandler.c b/drivers/char/ipmi/ipmi_msghandler.c index e12b531f5c2f..082707f8dff8 100644 --- a/drivers/char/ipmi/ipmi_msghandler.c +++ b/drivers/char/ipmi/ipmi_msghandler.c @@ -35,6 +35,7 @@ #include #include #include +#include #include #define IPMI_DRIVER_VERSION "39.2" @@ -5510,8 +5511,21 @@ static int __init ipmi_init_msghandler_mod(void) { int rv; - pr_info("version " IPMI_DRIVER_VERSION "\n"); +#ifdef CONFIG_ARM64 + /* RHEL-only + * If this is ARM-based HPE m400, return now, because that platform + * reports the host-side ipmi address as intel port-io space, which + * does not exist in the ARM architecture. + */ + const char *dmistr = dmi_get_system_info(DMI_PRODUCT_NAME); + if (dmistr && (strcmp("ProLiant m400 Server", dmistr) == 0)) { + pr_debug("%s does not support host ipmi\n", dmistr); + return -ENOSYS; + } + /* END RHEL-only */ +#endif + pr_info("version " IPMI_DRIVER_VERSION "\n"); mutex_lock(&ipmi_interfaces_mutex); rv = ipmi_register_driver(); mutex_unlock(&ipmi_interfaces_mutex); diff --git a/drivers/char/random.c b/drivers/char/random.c index 87fe61295ea1..bc84784b9ecb 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c @@ -51,9 +51,11 @@ #include #include #include +#include #include #include #include +#include #include #include #ifdef CONFIG_VDSO_GETRANDOM @@ -322,6 +324,11 @@ static void crng_fast_key_erasure(u8 key[CHACHA_KEY_SIZE], memzero_explicit(first_block, sizeof(first_block)); } +/* + * Hook for external RNG. + */ +static const struct random_extrng __rcu *extrng; + /* * This function returns a ChaCha state that you may use for generating * random data. It also returns up to 32 bytes on its own of random data @@ -735,7 +742,8 @@ static void __cold _credit_init_bits(size_t bits) queue_work(system_unbound_wq, &set_ready); atomic_notifier_call_chain(&random_ready_notifier, 0, NULL); #ifdef CONFIG_VDSO_GETRANDOM - WRITE_ONCE(_vdso_rng_data.is_ready, true); + if (!fips_enabled) + WRITE_ONCE(_vdso_rng_data.is_ready, true); #endif wake_up_interruptible(&crng_init_wait); kill_fasync(&fasync, SIGIO, POLL_IN); @@ -755,6 +763,9 @@ static void __cold _credit_init_bits(size_t bits) } +static const struct file_operations extrng_random_fops; +static const struct file_operations extrng_urandom_fops; + /********************************************************************** * * Entropy collection routines. @@ -972,6 +983,19 @@ void __init add_bootloader_randomness(const void *buf, size_t len) credit_init_bits(len * 8); } +void random_register_extrng(const struct random_extrng *rng) +{ + rcu_assign_pointer(extrng, rng); +} +EXPORT_SYMBOL_GPL(random_register_extrng); + +void random_unregister_extrng(void) +{ + RCU_INIT_POINTER(extrng, NULL); + synchronize_rcu(); +} +EXPORT_SYMBOL_GPL(random_unregister_extrng); + #if IS_ENABLED(CONFIG_VMGENID) static BLOCKING_NOTIFIER_HEAD(vmfork_chain); @@ -1381,6 +1405,7 @@ SYSCALL_DEFINE3(getrandom, char __user *, ubuf, size_t, len, unsigned int, flags { struct iov_iter iter; int ret; + const struct random_extrng *rng; if (flags & ~(GRND_NONBLOCK | GRND_RANDOM | GRND_INSECURE)) return -EINVAL; @@ -1392,6 +1417,21 @@ SYSCALL_DEFINE3(getrandom, char __user *, ubuf, size_t, len, unsigned int, flags if ((flags & (GRND_INSECURE | GRND_RANDOM)) == (GRND_INSECURE | GRND_RANDOM)) return -EINVAL; + rcu_read_lock(); + rng = rcu_dereference(extrng); + if (rng && !try_module_get(rng->owner)) + rng = NULL; + rcu_read_unlock(); + + if (rng) { + ret = import_ubuf(ITER_DEST, ubuf, len, &iter); + if (unlikely(ret)) + return ret; + ret = rng->extrng_read_iter(&iter, !!(flags & GRND_RANDOM)); + module_put(rng->owner); + return ret; + } + if (!crng_ready() && !(flags & GRND_INSECURE)) { if (flags & GRND_NONBLOCK) return -EAGAIN; @@ -1412,6 +1452,12 @@ static __poll_t random_poll(struct file *file, poll_table *wait) return crng_ready() ? EPOLLIN | EPOLLRDNORM : EPOLLOUT | EPOLLWRNORM; } +static __poll_t extrng_poll(struct file *file, poll_table * wait) +{ + /* extrng pool is always full, always read, no writes */ + return EPOLLIN | EPOLLRDNORM; +} + static ssize_t write_pool_user(struct iov_iter *iter) { u8 block[BLAKE2S_BLOCK_SIZE]; @@ -1552,7 +1598,58 @@ static int random_fasync(int fd, struct file *filp, int on) return fasync_helper(fd, filp, on, &fasync); } +static int random_open(struct inode *inode, struct file *filp) +{ + const struct random_extrng *rng; + + rcu_read_lock(); + rng = rcu_dereference(extrng); + if (rng && !try_module_get(rng->owner)) + rng = NULL; + rcu_read_unlock(); + + if (!rng) + return 0; + + filp->f_op = &extrng_random_fops; + filp->private_data = rng->owner; + + return 0; +} + +static int urandom_open(struct inode *inode, struct file *filp) +{ + const struct random_extrng *rng; + + rcu_read_lock(); + rng = rcu_dereference(extrng); + if (rng && !try_module_get(rng->owner)) + rng = NULL; + rcu_read_unlock(); + + if (!rng) + return 0; + + filp->f_op = &extrng_urandom_fops; + filp->private_data = rng->owner; + + return 0; +} + +static int extrng_release(struct inode *inode, struct file *filp) +{ + module_put(filp->private_data); + return 0; +} + +static ssize_t +extrng_read_iter(struct kiocb *kiocb, struct iov_iter *iter) +{ + return rcu_dereference_raw(extrng)->extrng_read_iter(iter, false); +} + const struct file_operations random_fops = { + .open = random_open, .read_iter = random_read_iter, .write_iter = random_write_iter, .poll = random_poll, @@ -1565,6 +1662,7 @@ const struct file_operations random_fops = { }; const struct file_operations urandom_fops = { + .open = urandom_open, .read_iter = urandom_read_iter, .write_iter = random_write_iter, .unlocked_ioctl = random_ioctl, @@ -1575,6 +1673,32 @@ const struct file_operations urandom_fops = { .splice_write = iter_file_splice_write, }; +static const struct file_operations extrng_random_fops = { + .open = random_open, + .read_iter = extrng_read_iter, + .write_iter = random_write_iter, + .poll = extrng_poll, + .unlocked_ioctl = random_ioctl, + .compat_ioctl = compat_ptr_ioctl, + .fasync = random_fasync, + .llseek = noop_llseek, + .release = extrng_release, + .splice_read = copy_splice_read, + .splice_write = iter_file_splice_write, +}; + +static const struct file_operations extrng_urandom_fops = { + .open = urandom_open, + .read_iter = extrng_read_iter, + .write_iter = random_write_iter, + .unlocked_ioctl = random_ioctl, + .compat_ioctl = compat_ptr_ioctl, + .fasync = random_fasync, + .llseek = noop_llseek, + .release = extrng_release, + .splice_read = copy_splice_read, + .splice_write = iter_file_splice_write, +}; /******************************************************************** * diff --git a/drivers/firmware/efi/Makefile b/drivers/firmware/efi/Makefile index a2d0009560d0..4f3486e6a84b 100644 --- a/drivers/firmware/efi/Makefile +++ b/drivers/firmware/efi/Makefile @@ -25,6 +25,7 @@ subdir-$(CONFIG_EFI_STUB) += libstub obj-$(CONFIG_EFI_BOOTLOADER_CONTROL) += efibc.o obj-$(CONFIG_EFI_TEST) += test/ obj-$(CONFIG_EFI_DEV_PATH_PARSER) += dev-path-parser.o +obj-$(CONFIG_EFI) += secureboot.o obj-$(CONFIG_APPLE_PROPERTIES) += apple-properties.o obj-$(CONFIG_EFI_RCI2_TABLE) += rci2-table.o obj-$(CONFIG_EFI_EMBEDDED_FIRMWARE) += embedded-firmware.o diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c index fdf07dd6f459..cfd2b58a3494 100644 --- a/drivers/firmware/efi/efi.c +++ b/drivers/firmware/efi/efi.c @@ -33,6 +33,7 @@ #include #include #include +#include #include @@ -993,40 +994,101 @@ int efi_mem_type(unsigned long phys_addr) return -EINVAL; } +struct efi_error_code { + efi_status_t status; + int errno; + const char *description; +}; + +static const struct efi_error_code efi_error_codes[] = { + { EFI_SUCCESS, 0, "Success"}, +#if 0 + { EFI_LOAD_ERROR, -EPICK_AN_ERRNO, "Load Error"}, +#endif + { EFI_INVALID_PARAMETER, -EINVAL, "Invalid Parameter"}, + { EFI_UNSUPPORTED, -ENOSYS, "Unsupported"}, + { EFI_BAD_BUFFER_SIZE, -ENOSPC, "Bad Buffer Size"}, + { EFI_BUFFER_TOO_SMALL, -ENOSPC, "Buffer Too Small"}, + { EFI_NOT_READY, -EAGAIN, "Not Ready"}, + { EFI_DEVICE_ERROR, -EIO, "Device Error"}, + { EFI_WRITE_PROTECTED, -EROFS, "Write Protected"}, + { EFI_OUT_OF_RESOURCES, -ENOMEM, "Out of Resources"}, +#if 0 + { EFI_VOLUME_CORRUPTED, -EPICK_AN_ERRNO, "Volume Corrupt"}, + { EFI_VOLUME_FULL, -EPICK_AN_ERRNO, "Volume Full"}, + { EFI_NO_MEDIA, -EPICK_AN_ERRNO, "No Media"}, + { EFI_MEDIA_CHANGED, -EPICK_AN_ERRNO, "Media changed"}, +#endif + { EFI_NOT_FOUND, -ENOENT, "Not Found"}, +#if 0 + { EFI_ACCESS_DENIED, -EPICK_AN_ERRNO, "Access Denied"}, + { EFI_NO_RESPONSE, -EPICK_AN_ERRNO, "No Response"}, + { EFI_NO_MAPPING, -EPICK_AN_ERRNO, "No mapping"}, + { EFI_TIMEOUT, -EPICK_AN_ERRNO, "Time out"}, + { EFI_NOT_STARTED, -EPICK_AN_ERRNO, "Not started"}, + { EFI_ALREADY_STARTED, -EPICK_AN_ERRNO, "Already started"}, +#endif + { EFI_ABORTED, -EINTR, "Aborted"}, +#if 0 + { EFI_ICMP_ERROR, -EPICK_AN_ERRNO, "ICMP Error"}, + { EFI_TFTP_ERROR, -EPICK_AN_ERRNO, "TFTP Error"}, + { EFI_PROTOCOL_ERROR, -EPICK_AN_ERRNO, "Protocol Error"}, + { EFI_INCOMPATIBLE_VERSION, -EPICK_AN_ERRNO, "Incompatible Version"}, +#endif + { EFI_SECURITY_VIOLATION, -EACCES, "Security Policy Violation"}, +#if 0 + { EFI_CRC_ERROR, -EPICK_AN_ERRNO, "CRC Error"}, + { EFI_END_OF_MEDIA, -EPICK_AN_ERRNO, "End of Media"}, + { EFI_END_OF_FILE, -EPICK_AN_ERRNO, "End of File"}, + { EFI_INVALID_LANGUAGE, -EPICK_AN_ERRNO, "Invalid Languages"}, + { EFI_COMPROMISED_DATA, -EPICK_AN_ERRNO, "Compromised Data"}, + + // warnings + { EFI_WARN_UNKOWN_GLYPH, -EPICK_AN_ERRNO, "Warning Unknown Glyph"}, + { EFI_WARN_DELETE_FAILURE, -EPICK_AN_ERRNO, "Warning Delete Failure"}, + { EFI_WARN_WRITE_FAILURE, -EPICK_AN_ERRNO, "Warning Write Failure"}, + { EFI_WARN_BUFFER_TOO_SMALL, -EPICK_AN_ERRNO, "Warning Buffer Too Small"}, +#endif +}; + +static int +efi_status_cmp_bsearch(const void *key, const void *item) +{ + u64 status = (u64)(uintptr_t)key; + struct efi_error_code *code = (struct efi_error_code *)item; + + if (status < code->status) + return -1; + if (status > code->status) + return 1; + return 0; +} + int efi_status_to_err(efi_status_t status) { - int err; - - switch (status) { - case EFI_SUCCESS: - err = 0; - break; - case EFI_INVALID_PARAMETER: - err = -EINVAL; - break; - case EFI_OUT_OF_RESOURCES: - err = -ENOSPC; - break; - case EFI_DEVICE_ERROR: - err = -EIO; - break; - case EFI_WRITE_PROTECTED: - err = -EROFS; - break; - case EFI_SECURITY_VIOLATION: - err = -EACCES; - break; - case EFI_NOT_FOUND: - err = -ENOENT; - break; - case EFI_ABORTED: - err = -EINTR; - break; - default: - err = -EINVAL; - } + struct efi_error_code *found; + size_t num = sizeof(efi_error_codes) / sizeof(struct efi_error_code); - return err; + found = bsearch((void *)(uintptr_t)status, efi_error_codes, + sizeof(struct efi_error_code), num, + efi_status_cmp_bsearch); + if (!found) + return -EINVAL; + return found->errno; +} + +const char * +efi_status_to_str(efi_status_t status) +{ + struct efi_error_code *found; + size_t num = sizeof(efi_error_codes) / sizeof(struct efi_error_code); + + found = bsearch((void *)(uintptr_t)status, efi_error_codes, + sizeof(struct efi_error_code), num, + efi_status_cmp_bsearch); + if (!found) + return "Unknown error code"; + return found->description; } EXPORT_SYMBOL_GPL(efi_status_to_err); diff --git a/drivers/firmware/efi/secureboot.c b/drivers/firmware/efi/secureboot.c new file mode 100644 index 000000000000..de0a3714a5d4 --- /dev/null +++ b/drivers/firmware/efi/secureboot.c @@ -0,0 +1,38 @@ +/* Core kernel secure boot support. + * + * Copyright (C) 2017 Red Hat, Inc. All Rights Reserved. + * Written by David Howells (dhowells@redhat.com) + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public Licence + * as published by the Free Software Foundation; either version + * 2 of the Licence, or (at your option) any later version. + */ + +#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt + +#include +#include +#include + +/* + * Decide what to do when UEFI secure boot mode is enabled. + */ +void __init efi_set_secure_boot(enum efi_secureboot_mode mode) +{ + if (efi_enabled(EFI_BOOT)) { + switch (mode) { + case efi_secureboot_mode_disabled: + pr_info("Secure boot disabled\n"); + break; + case efi_secureboot_mode_enabled: + set_bit(EFI_SECURE_BOOT, &efi.flags); + pr_info("Secure boot enabled\n"); + break; + default: + pr_warn("Secure boot could not be determined (mode %u)\n", + mode); + break; + } + } +} diff --git a/drivers/hid/hid-rmi.c b/drivers/hid/hid-rmi.c index d4af17fdba46..154f0403cbf4 100644 --- a/drivers/hid/hid-rmi.c +++ b/drivers/hid/hid-rmi.c @@ -321,21 +321,12 @@ static int rmi_input_event(struct hid_device *hdev, u8 *data, int size) { struct rmi_data *hdata = hid_get_drvdata(hdev); struct rmi_device *rmi_dev = hdata->xport.rmi_dev; - unsigned long flags; if (!(test_bit(RMI_STARTED, &hdata->flags))) return 0; - pm_wakeup_event(hdev->dev.parent, 0); - - local_irq_save(flags); - rmi_set_attn_data(rmi_dev, data[1], &data[2], size - 2); - generic_handle_irq(hdata->rmi_irq); - - local_irq_restore(flags); - return 1; } @@ -589,56 +580,6 @@ static const struct rmi_transport_ops hid_rmi_ops = { .reset = rmi_hid_reset, }; -static void rmi_irq_teardown(void *data) -{ - struct rmi_data *hdata = data; - struct irq_domain *domain = hdata->domain; - - if (!domain) - return; - - irq_dispose_mapping(irq_find_mapping(domain, 0)); - - irq_domain_remove(domain); - hdata->domain = NULL; - hdata->rmi_irq = 0; -} - -static int rmi_irq_map(struct irq_domain *h, unsigned int virq, - irq_hw_number_t hw_irq_num) -{ - irq_set_chip_and_handler(virq, &dummy_irq_chip, handle_simple_irq); - - return 0; -} - -static const struct irq_domain_ops rmi_irq_ops = { - .map = rmi_irq_map, -}; - -static int rmi_setup_irq_domain(struct hid_device *hdev) -{ - struct rmi_data *hdata = hid_get_drvdata(hdev); - int ret; - - hdata->domain = irq_domain_create_linear(hdev->dev.fwnode, 1, - &rmi_irq_ops, hdata); - if (!hdata->domain) - return -ENOMEM; - - ret = devm_add_action_or_reset(&hdev->dev, &rmi_irq_teardown, hdata); - if (ret) - return ret; - - hdata->rmi_irq = irq_create_mapping(hdata->domain, 0); - if (hdata->rmi_irq <= 0) { - hid_err(hdev, "Can't allocate an IRQ\n"); - return hdata->rmi_irq < 0 ? hdata->rmi_irq : -ENXIO; - } - - return 0; -} - static int rmi_probe(struct hid_device *hdev, const struct hid_device_id *id) { struct rmi_data *data = NULL; @@ -711,18 +652,11 @@ static int rmi_probe(struct hid_device *hdev, const struct hid_device_id *id) mutex_init(&data->page_mutex); - ret = rmi_setup_irq_domain(hdev); - if (ret) { - hid_err(hdev, "failed to allocate IRQ domain\n"); - return ret; - } - if (data->device_flags & RMI_DEVICE_HAS_PHYS_BUTTONS) rmi_hid_pdata.gpio_data.disable = true; data->xport.dev = hdev->dev.parent; data->xport.pdata = rmi_hid_pdata; - data->xport.pdata.irq = data->rmi_irq; data->xport.proto_name = "hid"; data->xport.ops = &hid_rmi_ops; diff --git a/drivers/hwtracing/coresight/coresight-etm4x-core.c b/drivers/hwtracing/coresight/coresight-etm4x-core.c index bf01f01964cf..703896981e8a 100644 --- a/drivers/hwtracing/coresight/coresight-etm4x-core.c +++ b/drivers/hwtracing/coresight/coresight-etm4x-core.c @@ -10,6 +10,7 @@ #include #include #include +#include #include #include #include @@ -2344,6 +2345,16 @@ static const struct amba_id etm4_ids[] = { {}, }; +static const struct dmi_system_id broken_coresight[] = { + { + .matches = { + DMI_MATCH(DMI_SYS_VENDOR, "HPE"), + DMI_MATCH(DMI_PRODUCT_NAME, "Apollo 70"), + }, + }, + { } /* terminating entry */ +}; + MODULE_DEVICE_TABLE(amba, etm4_ids); static struct amba_driver etm4x_amba_driver = { @@ -2412,6 +2423,11 @@ static int __init etm4x_init(void) { int ret; + if (dmi_check_system(broken_coresight)) { + pr_info("ETM4 disabled due to firmware bug\n"); + return 0; + } + ret = etm4_pm_setup(); /* etm4_pm_setup() does its own cleanup - exit on error */ @@ -2438,6 +2454,9 @@ static int __init etm4x_init(void) static void __exit etm4x_exit(void) { + if (dmi_check_system(broken_coresight)) + return; + amba_driver_unregister(&etm4x_amba_driver); platform_driver_unregister(&etm4_platform_driver); etm4_pm_clear(); diff --git a/drivers/input/rmi4/rmi_driver.c b/drivers/input/rmi4/rmi_driver.c index 2168b6cd7167..5d7cda175a0c 100644 --- a/drivers/input/rmi4/rmi_driver.c +++ b/drivers/input/rmi4/rmi_driver.c @@ -182,34 +182,47 @@ void rmi_set_attn_data(struct rmi_device *rmi_dev, unsigned long irq_status, attn_data.data = fifo_data; kfifo_put(&drvdata->attn_fifo, attn_data); + + schedule_work(&drvdata->attn_work); } EXPORT_SYMBOL_GPL(rmi_set_attn_data); -static irqreturn_t rmi_irq_fn(int irq, void *dev_id) +static void attn_callback(struct work_struct *work) { - struct rmi_device *rmi_dev = dev_id; - struct rmi_driver_data *drvdata = dev_get_drvdata(&rmi_dev->dev); + struct rmi_driver_data *drvdata = container_of(work, + struct rmi_driver_data, + attn_work); struct rmi4_attn_data attn_data = {0}; int ret, count; count = kfifo_get(&drvdata->attn_fifo, &attn_data); - if (count) { - *(drvdata->irq_status) = attn_data.irq_status; - drvdata->attn_data = attn_data; - } + if (!count) + return; - ret = rmi_process_interrupt_requests(rmi_dev); + *(drvdata->irq_status) = attn_data.irq_status; + drvdata->attn_data = attn_data; + + ret = rmi_process_interrupt_requests(drvdata->rmi_dev); if (ret) - rmi_dbg(RMI_DEBUG_CORE, &rmi_dev->dev, + rmi_dbg(RMI_DEBUG_CORE, &drvdata->rmi_dev->dev, "Failed to process interrupt request: %d\n", ret); - if (count) { - kfree(attn_data.data); - drvdata->attn_data.data = NULL; - } + kfree(attn_data.data); + drvdata->attn_data.data = NULL; if (!kfifo_is_empty(&drvdata->attn_fifo)) - return rmi_irq_fn(irq, dev_id); + schedule_work(&drvdata->attn_work); +} + +static irqreturn_t rmi_irq_fn(int irq, void *dev_id) +{ + struct rmi_device *rmi_dev = dev_id; + int ret; + + ret = rmi_process_interrupt_requests(rmi_dev); + if (ret) + rmi_dbg(RMI_DEBUG_CORE, &rmi_dev->dev, + "Failed to process interrupt request: %d\n", ret); return IRQ_HANDLED; } @@ -217,7 +230,6 @@ static irqreturn_t rmi_irq_fn(int irq, void *dev_id) static int rmi_irq_init(struct rmi_device *rmi_dev) { struct rmi_device_platform_data *pdata = rmi_get_platform_data(rmi_dev); - struct rmi_driver_data *data = dev_get_drvdata(&rmi_dev->dev); int irq_flags = irq_get_trigger_type(pdata->irq); int ret; @@ -235,8 +247,6 @@ static int rmi_irq_init(struct rmi_device *rmi_dev) return ret; } - data->enabled = true; - return 0; } @@ -886,23 +896,27 @@ void rmi_enable_irq(struct rmi_device *rmi_dev, bool clear_wake) if (data->enabled) goto out; - enable_irq(irq); - data->enabled = true; - if (clear_wake && device_may_wakeup(rmi_dev->xport->dev)) { - retval = disable_irq_wake(irq); - if (retval) - dev_warn(&rmi_dev->dev, - "Failed to disable irq for wake: %d\n", - retval); - } + if (irq) { + enable_irq(irq); + data->enabled = true; + if (clear_wake && device_may_wakeup(rmi_dev->xport->dev)) { + retval = disable_irq_wake(irq); + if (retval) + dev_warn(&rmi_dev->dev, + "Failed to disable irq for wake: %d\n", + retval); + } - /* - * Call rmi_process_interrupt_requests() after enabling irq, - * otherwise we may lose interrupt on edge-triggered systems. - */ - irq_flags = irq_get_trigger_type(pdata->irq); - if (irq_flags & IRQ_TYPE_EDGE_BOTH) - rmi_process_interrupt_requests(rmi_dev); + /* + * Call rmi_process_interrupt_requests() after enabling irq, + * otherwise we may lose interrupt on edge-triggered systems. + */ + irq_flags = irq_get_trigger_type(pdata->irq); + if (irq_flags & IRQ_TYPE_EDGE_BOTH) + rmi_process_interrupt_requests(rmi_dev); + } else { + data->enabled = true; + } out: mutex_unlock(&data->enabled_mutex); @@ -922,20 +936,22 @@ void rmi_disable_irq(struct rmi_device *rmi_dev, bool enable_wake) goto out; data->enabled = false; - disable_irq(irq); - if (enable_wake && device_may_wakeup(rmi_dev->xport->dev)) { - retval = enable_irq_wake(irq); - if (retval) - dev_warn(&rmi_dev->dev, - "Failed to enable irq for wake: %d\n", - retval); - } - - /* make sure the fifo is clean */ - while (!kfifo_is_empty(&data->attn_fifo)) { - count = kfifo_get(&data->attn_fifo, &attn_data); - if (count) - kfree(attn_data.data); + if (irq) { + disable_irq(irq); + if (enable_wake && device_may_wakeup(rmi_dev->xport->dev)) { + retval = enable_irq_wake(irq); + if (retval) + dev_warn(&rmi_dev->dev, + "Failed to enable irq for wake: %d\n", + retval); + } + } else { + /* make sure the fifo is clean */ + while (!kfifo_is_empty(&data->attn_fifo)) { + count = kfifo_get(&data->attn_fifo, &attn_data); + if (count) + kfree(attn_data.data); + } } out: @@ -978,6 +994,8 @@ static int rmi_driver_remove(struct device *dev) rmi_disable_irq(rmi_dev, false); + cancel_work_sync(&data->attn_work); + rmi_f34_remove_sysfs(rmi_dev); rmi_free_function_list(rmi_dev); @@ -1223,9 +1241,15 @@ static int rmi_driver_probe(struct device *dev) } } - retval = rmi_irq_init(rmi_dev); - if (retval < 0) - goto err_destroy_functions; + if (pdata->irq) { + retval = rmi_irq_init(rmi_dev); + if (retval < 0) + goto err_destroy_functions; + } + + data->enabled = true; + + INIT_WORK(&data->attn_work, attn_callback); if (data->f01_container->dev.driver) { /* Driver already bound, so enable ATTN now. */ diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c index ed6c5cb60c5a..70cb770b78bb 100644 --- a/drivers/iommu/iommu.c +++ b/drivers/iommu/iommu.c @@ -8,6 +8,7 @@ #include #include +#include #include #include #include @@ -2932,6 +2933,27 @@ int iommu_dev_disable_feature(struct device *dev, enum iommu_dev_features feat) } EXPORT_SYMBOL_GPL(iommu_dev_disable_feature); +#ifdef CONFIG_ARM64 +static int __init iommu_quirks(void) +{ + const char *vendor, *name; + + vendor = dmi_get_system_info(DMI_SYS_VENDOR); + name = dmi_get_system_info(DMI_PRODUCT_NAME); + + if (vendor && + (strncmp(vendor, "GIGABYTE", 8) == 0 && name && + (strncmp(name, "R120", 4) == 0 || + strncmp(name, "R270", 4) == 0))) { + pr_warn("Gigabyte %s detected, force iommu passthrough mode", name); + iommu_def_domain_type = IOMMU_DOMAIN_IDENTITY; + } + + return 0; +} +arch_initcall(iommu_quirks); +#endif + /** * iommu_setup_default_domain - Set the default_domain for the group * @group: Group to change diff --git a/drivers/message/fusion/mptsas.c b/drivers/message/fusion/mptsas.c index a0bcb0864ecd..d5f52a1283f3 100644 --- a/drivers/message/fusion/mptsas.c +++ b/drivers/message/fusion/mptsas.c @@ -5380,6 +5380,10 @@ static void mptsas_remove(struct pci_dev *pdev) } static struct pci_device_id mptsas_pci_table[] = { +#ifdef CONFIG_RHEL_DIFFERENCES + { PCI_VENDOR_ID_LSI_LOGIC, MPI_MANUFACTPAGE_DEVID_SAS1068, + PCI_VENDOR_ID_VMWARE, PCI_ANY_ID }, +#else { PCI_VENDOR_ID_LSI_LOGIC, MPI_MANUFACTPAGE_DEVID_SAS1064, PCI_ANY_ID, PCI_ANY_ID }, { PCI_VENDOR_ID_LSI_LOGIC, MPI_MANUFACTPAGE_DEVID_SAS1068, @@ -5392,6 +5396,7 @@ static struct pci_device_id mptsas_pci_table[] = { PCI_ANY_ID, PCI_ANY_ID }, { PCI_VENDOR_ID_LSI_LOGIC, MPI_MANUFACTPAGE_DEVID_SAS1068_820XELP, PCI_ANY_ID, PCI_ANY_ID }, +#endif {0} /* Terminating entry */ }; MODULE_DEVICE_TABLE(pci, mptsas_pci_table); diff --git a/drivers/message/fusion/mptspi.c b/drivers/message/fusion/mptspi.c index 574b882c9a85..5a8b2ea7365a 100644 --- a/drivers/message/fusion/mptspi.c +++ b/drivers/message/fusion/mptspi.c @@ -1239,12 +1239,17 @@ static struct spi_function_template mptspi_transport_functions = { */ static struct pci_device_id mptspi_pci_table[] = { +#ifdef CONFIG_RHEL_DIFFERENCES + { PCI_VENDOR_ID_LSI_LOGIC, MPI_MANUFACTPAGE_DEVID_53C1030, + PCI_VENDOR_ID_VMWARE, PCI_ANY_ID }, +#else { PCI_VENDOR_ID_LSI_LOGIC, MPI_MANUFACTPAGE_DEVID_53C1030, PCI_ANY_ID, PCI_ANY_ID }, { PCI_VENDOR_ID_ATTO, MPI_MANUFACTPAGE_DEVID_53C1030, PCI_ANY_ID, PCI_ANY_ID }, { PCI_VENDOR_ID_LSI_LOGIC, MPI_MANUFACTPAGE_DEVID_53C1035, PCI_ANY_ID, PCI_ANY_ID }, +#endif {0} /* Terminating entry */ }; MODULE_DEVICE_TABLE(pci, mptspi_pci_table); @@ -1535,6 +1540,7 @@ mptspi_probe(struct pci_dev *pdev, const struct pci_device_id *id) 0, 0, 0, 0, 5); scsi_scan_host(sh); + return 0; out_mptspi_probe: diff --git a/drivers/net/wireguard/main.c b/drivers/net/wireguard/main.c index a00671b58701..eeef2766b8b3 100644 --- a/drivers/net/wireguard/main.c +++ b/drivers/net/wireguard/main.c @@ -12,6 +12,7 @@ #include +#include #include #include #include @@ -21,6 +22,11 @@ static int __init wg_mod_init(void) { int ret; +#ifdef CONFIG_RHEL_DIFFERENCES + if (fips_enabled) + return -EOPNOTSUPP; +#endif + ret = wg_allowedips_slab_init(); if (ret < 0) goto err_allowedips; diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c index 983909a600ad..28e59054b7c6 100644 --- a/drivers/nvme/host/core.c +++ b/drivers/nvme/host/core.c @@ -262,6 +262,9 @@ void nvme_delete_ctrl_sync(struct nvme_ctrl *ctrl) static blk_status_t nvme_error_status(u16 status) { + if (unlikely(status & NVME_STATUS_DNR)) + return BLK_STS_TARGET; + switch (status & NVME_SCT_SC_MASK) { case NVME_SC_SUCCESS: return BLK_STS_OK; @@ -376,6 +379,7 @@ enum nvme_disposition { COMPLETE, RETRY, FAILOVER, + FAILUP, AUTHENTICATE, }; @@ -384,7 +388,7 @@ static inline enum nvme_disposition nvme_decide_disposition(struct request *req) if (likely(nvme_req(req)->status == 0)) return COMPLETE; - if (blk_noretry_request(req) || + if ((req->cmd_flags & (REQ_FAILFAST_DEV | REQ_FAILFAST_DRIVER)) || (nvme_req(req)->status & NVME_STATUS_DNR) || nvme_req(req)->retries >= nvme_max_retries) return COMPLETE; @@ -392,10 +396,11 @@ static inline enum nvme_disposition nvme_decide_disposition(struct request *req) if ((nvme_req(req)->status & NVME_SCT_SC_MASK) == NVME_SC_AUTH_REQUIRED) return AUTHENTICATE; - if (req->cmd_flags & REQ_NVME_MPATH) { + if (req->cmd_flags & (REQ_NVME_MPATH | REQ_FAILFAST_TRANSPORT)) { if (nvme_is_path_error(nvme_req(req)->status) || blk_queue_dying(req->q)) - return FAILOVER; + return (req->cmd_flags & REQ_NVME_MPATH) ? + FAILOVER : FAILUP; } else { if (blk_queue_dying(req->q)) return COMPLETE; @@ -437,6 +442,14 @@ void nvme_end_req(struct request *req) blk_mq_end_request(req, status); } +static inline void nvme_failup_req(struct request *req) +{ + nvme_update_ana(req); + + nvme_req(req)->status = NVME_SC_HOST_PATH_ERROR; + nvme_end_req(req); +} + void nvme_complete_rq(struct request *req) { struct nvme_ctrl *ctrl = nvme_req(req)->ctrl; @@ -466,6 +479,9 @@ void nvme_complete_rq(struct request *req) case FAILOVER: nvme_failover_req(req); return; + case FAILUP: + nvme_failup_req(req); + return; case AUTHENTICATE: #ifdef CONFIG_NVME_HOST_AUTH queue_work(nvme_wq, &ctrl->dhchap_auth_work); diff --git a/drivers/nvme/host/multipath.c b/drivers/nvme/host/multipath.c index 518e22dd4f9b..af7d1591e9c6 100644 --- a/drivers/nvme/host/multipath.c +++ b/drivers/nvme/host/multipath.c @@ -83,14 +83,10 @@ void nvme_mpath_start_freeze(struct nvme_subsystem *subsys) blk_freeze_queue_start(h->disk->queue); } -void nvme_failover_req(struct request *req) +void nvme_update_ana(struct request *req) { struct nvme_ns *ns = req->q->queuedata; u16 status = nvme_req(req)->status & NVME_SCT_SC_MASK; - unsigned long flags; - struct bio *bio; - - nvme_mpath_clear_current_path(ns); /* * If we got back an ANA error, we know the controller is alive but not @@ -101,6 +97,16 @@ void nvme_failover_req(struct request *req) set_bit(NVME_NS_ANA_PENDING, &ns->flags); queue_work(nvme_wq, &ns->ctrl->ana_work); } +} + +void nvme_failover_req(struct request *req) +{ + struct nvme_ns *ns = req->q->queuedata; + unsigned long flags; + struct bio *bio; + + nvme_mpath_clear_current_path(ns); + nvme_update_ana(req); spin_lock_irqsave(&ns->head->requeue_lock, flags); for (bio = req->bio; bio; bio = bio->bi_next) { @@ -1000,8 +1006,7 @@ int nvme_mpath_init_identify(struct nvme_ctrl *ctrl, struct nvme_id_ctrl *id) int error = 0; /* check if multipath is enabled and we have the capability */ - if (!multipath || !ctrl->subsys || - !(ctrl->subsys->cmic & NVME_CTRL_CMIC_ANA)) + if (!ctrl->subsys || !(ctrl->subsys->cmic & NVME_CTRL_CMIC_ANA)) return 0; /* initialize this in the identify path to cover controller resets */ diff --git a/drivers/nvme/host/nvme.h b/drivers/nvme/host/nvme.h index da57947130cc..beef00ccfb26 100644 --- a/drivers/nvme/host/nvme.h +++ b/drivers/nvme/host/nvme.h @@ -941,6 +941,7 @@ void nvme_mpath_wait_freeze(struct nvme_subsystem *subsys); void nvme_mpath_start_freeze(struct nvme_subsystem *subsys); void nvme_mpath_default_iopolicy(struct nvme_subsystem *subsys); void nvme_failover_req(struct request *req); +void nvme_update_ana(struct request *req); void nvme_kick_requeue_lists(struct nvme_ctrl *ctrl); int nvme_mpath_alloc_disk(struct nvme_ctrl *ctrl,struct nvme_ns_head *head); void nvme_mpath_add_disk(struct nvme_ns *ns, __le32 anagrpid); @@ -983,6 +984,9 @@ static inline bool nvme_ctrl_use_ana(struct nvme_ctrl *ctrl) static inline void nvme_failover_req(struct request *req) { } +static inline void nvme_update_ana(struct request *req) +{ +} static inline void nvme_kick_requeue_lists(struct nvme_ctrl *ctrl) { } diff --git a/drivers/pci/pci-driver.c b/drivers/pci/pci-driver.c index f412ef73a6e4..e1d9079483ea 100644 --- a/drivers/pci/pci-driver.c +++ b/drivers/pci/pci-driver.c @@ -19,6 +19,7 @@ #include #include #include +#include #include #include #include "pci.h" @@ -321,7 +322,15 @@ static long local_pci_probe(void *_ddi) */ pm_runtime_get_sync(dev); pci_dev->driver = pci_drv; + +#ifdef CONFIG_RHEL_DIFFERENCES + rc = -EACCES; + if (!pci_rh_check_status(pci_dev)) + rc = pci_drv->probe(pci_dev, ddi->id); +#else rc = pci_drv->probe(pci_dev, ddi->id); +#endif + if (!rc) return rc; if (rc < 0) { diff --git a/drivers/pci/quirks.c b/drivers/pci/quirks.c index a2ce4e08edf5..07dd75b1f580 100644 --- a/drivers/pci/quirks.c +++ b/drivers/pci/quirks.c @@ -4433,6 +4433,30 @@ DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_BROADCOM, 0x9000, DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_BROADCOM, 0x9084, quirk_bridge_cavm_thrx2_pcie_root); +/* + * PCI BAR 5 is not setup correctly for the on-board AHCI controller + * on Broadcom's Vulcan processor. Added a quirk to fix BAR 5 by + * using BAR 4's resources which are populated correctly and NOT + * actually used by the AHCI controller. + */ +static void quirk_fix_vulcan_ahci_bars(struct pci_dev *dev) +{ + struct resource *r = &dev->resource[4]; + + if (!(r->flags & IORESOURCE_MEM) || (r->start == 0)) + return; + + /* Set BAR5 resource to BAR4 */ + dev->resource[5] = *r; + + /* Update BAR5 in pci config space */ + pci_write_config_dword(dev, PCI_BASE_ADDRESS_5, r->start); + + /* Clear BAR4's resource */ + memset(r, 0, sizeof(*r)); +} +DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_BROADCOM, 0x9027, quirk_fix_vulcan_ahci_bars); + /* * Intersil/Techwell TW686[4589]-based video capture cards have an empty (zero) * class code. Fix it. diff --git a/drivers/scsi/aacraid/linit.c b/drivers/scsi/aacraid/linit.c index 68f4dbcfff49..90a6070a1332 100644 --- a/drivers/scsi/aacraid/linit.c +++ b/drivers/scsi/aacraid/linit.c @@ -77,6 +77,7 @@ char aac_driver_version[] = AAC_DRIVER_FULL_VERSION; * Note: The last field is used to index into aac_drivers below. */ static const struct pci_device_id aac_pci_tbl[] = { +#ifndef CONFIG_RHEL_DIFFERENCES { 0x1028, 0x0001, 0x1028, 0x0001, 0, 0, 0 }, /* PERC 2/Si (Iguana/PERC2Si) */ { 0x1028, 0x0002, 0x1028, 0x0002, 0, 0, 1 }, /* PERC 3/Di (Opal/PERC3Di) */ { 0x1028, 0x0003, 0x1028, 0x0003, 0, 0, 2 }, /* PERC 3/Si (SlimFast/PERC3Si */ @@ -144,6 +145,7 @@ static const struct pci_device_id aac_pci_tbl[] = { { 0x9005, 0x0285, PCI_ANY_ID, PCI_ANY_ID, 0, 0, 59 }, /* Adaptec Catch All */ { 0x9005, 0x0286, PCI_ANY_ID, PCI_ANY_ID, 0, 0, 60 }, /* Adaptec Rocket Catch All */ { 0x9005, 0x0288, PCI_ANY_ID, PCI_ANY_ID, 0, 0, 61 }, /* Adaptec NEMER/ARK Catch All */ +#endif { 0x9005, 0x028b, PCI_ANY_ID, PCI_ANY_ID, 0, 0, 62 }, /* Adaptec PMC Series 6 (Tupelo) */ { 0x9005, 0x028c, PCI_ANY_ID, PCI_ANY_ID, 0, 0, 63 }, /* Adaptec PMC Series 7 (Denali) */ { 0x9005, 0x028d, PCI_ANY_ID, PCI_ANY_ID, 0, 0, 64 }, /* Adaptec PMC Series 8 */ diff --git a/drivers/scsi/be2iscsi/be_main.c b/drivers/scsi/be2iscsi/be_main.c index 06acb5ff609e..a54ea7cf7d6e 100644 --- a/drivers/scsi/be2iscsi/be_main.c +++ b/drivers/scsi/be2iscsi/be_main.c @@ -387,11 +387,13 @@ static int beiscsi_eh_device_reset(struct scsi_cmnd *sc) /*------------------- PCI Driver operations and data ----------------- */ static const struct pci_device_id beiscsi_pci_id_table[] = { +#ifndef CONFIG_RHEL_DIFFERENCES { PCI_DEVICE(BE_VENDOR_ID, BE_DEVICE_ID1) }, { PCI_DEVICE(BE_VENDOR_ID, BE_DEVICE_ID2) }, { PCI_DEVICE(BE_VENDOR_ID, OC_DEVICE_ID1) }, { PCI_DEVICE(BE_VENDOR_ID, OC_DEVICE_ID2) }, { PCI_DEVICE(BE_VENDOR_ID, OC_DEVICE_ID3) }, +#endif { PCI_DEVICE(ELX_VENDOR_ID, OC_SKH_ID1) }, { 0 } }; diff --git a/drivers/scsi/hpsa.c b/drivers/scsi/hpsa.c index e044ed09d7e0..aa5f9c19d222 100644 --- a/drivers/scsi/hpsa.c +++ b/drivers/scsi/hpsa.c @@ -82,7 +82,9 @@ MODULE_DESCRIPTION("Driver for HP Smart Array Controller version " \ HPSA_DRIVER_VERSION); MODULE_VERSION(HPSA_DRIVER_VERSION); MODULE_LICENSE("GPL"); +#ifndef CONFIG_RHEL_DIFFERENCES MODULE_ALIAS("cciss"); +#endif static int hpsa_simple_mode; module_param(hpsa_simple_mode, int, S_IRUGO|S_IWUSR); @@ -144,10 +146,12 @@ static const struct pci_device_id hpsa_pci_device_id[] = { {PCI_VENDOR_ID_HP_3PAR, 0x0075, 0x1590, 0x007D}, {PCI_VENDOR_ID_HP_3PAR, 0x0075, 0x1590, 0x0088}, {PCI_VENDOR_ID_HP, 0x333f, 0x103c, 0x333f}, +#ifndef CONFIG_RHEL_DIFFERENCES {PCI_VENDOR_ID_HP, PCI_ANY_ID, PCI_ANY_ID, PCI_ANY_ID, PCI_CLASS_STORAGE_RAID << 8, 0xffff << 8, 0}, {PCI_VENDOR_ID_COMPAQ, PCI_ANY_ID, PCI_ANY_ID, PCI_ANY_ID, PCI_CLASS_STORAGE_RAID << 8, 0xffff << 8, 0}, +#endif {0,} }; diff --git a/drivers/scsi/lpfc/lpfc_ids.h b/drivers/scsi/lpfc/lpfc_ids.h index 0b1616e93cf4..85fc52038a82 100644 --- a/drivers/scsi/lpfc/lpfc_ids.h +++ b/drivers/scsi/lpfc/lpfc_ids.h @@ -24,6 +24,7 @@ #include const struct pci_device_id lpfc_id_table[] = { +#ifndef CONFIG_RHEL_DIFFERENCES {PCI_VENDOR_ID_EMULEX, PCI_DEVICE_ID_VIPER, PCI_ANY_ID, PCI_ANY_ID, }, {PCI_VENDOR_ID_EMULEX, PCI_DEVICE_ID_FIREFLY, @@ -54,10 +55,13 @@ const struct pci_device_id lpfc_id_table[] = { PCI_ANY_ID, PCI_ANY_ID, }, {PCI_VENDOR_ID_EMULEX, PCI_DEVICE_ID_HELIOS_DCSP, PCI_ANY_ID, PCI_ANY_ID, }, +#endif {PCI_VENDOR_ID_EMULEX, PCI_DEVICE_ID_BMID, PCI_ANY_ID, PCI_ANY_ID, }, +#ifndef CONFIG_RHEL_DIFFERENCES {PCI_VENDOR_ID_EMULEX, PCI_DEVICE_ID_BSMB, PCI_ANY_ID, PCI_ANY_ID, }, +#endif {PCI_VENDOR_ID_EMULEX, PCI_DEVICE_ID_ZEPHYR, PCI_ANY_ID, PCI_ANY_ID, }, {PCI_VENDOR_ID_EMULEX, PCI_DEVICE_ID_ZEPHYR_SCSP, @@ -68,6 +72,7 @@ const struct pci_device_id lpfc_id_table[] = { PCI_ANY_ID, PCI_ANY_ID, }, {PCI_VENDOR_ID_EMULEX, PCI_DEVICE_ID_ZSMB, PCI_ANY_ID, PCI_ANY_ID, }, +#ifndef CONFIG_RHEL_DIFFERENCES {PCI_VENDOR_ID_EMULEX, PCI_DEVICE_ID_TFLY, PCI_ANY_ID, PCI_ANY_ID, }, {PCI_VENDOR_ID_EMULEX, PCI_DEVICE_ID_LP101, @@ -78,6 +83,7 @@ const struct pci_device_id lpfc_id_table[] = { PCI_ANY_ID, PCI_ANY_ID, }, {PCI_VENDOR_ID_EMULEX, PCI_DEVICE_ID_LPE11000S, PCI_ANY_ID, PCI_ANY_ID, }, +#endif {PCI_VENDOR_ID_EMULEX, PCI_DEVICE_ID_SAT, PCI_ANY_ID, PCI_ANY_ID, }, {PCI_VENDOR_ID_EMULEX, PCI_DEVICE_ID_SAT_MID, @@ -90,6 +96,7 @@ const struct pci_device_id lpfc_id_table[] = { PCI_ANY_ID, PCI_ANY_ID, }, {PCI_VENDOR_ID_EMULEX, PCI_DEVICE_ID_SAT_S, PCI_ANY_ID, PCI_ANY_ID, }, +#ifndef CONFIG_RHEL_DIFFERENCES {PCI_VENDOR_ID_EMULEX, PCI_DEVICE_ID_PROTEUS_VF, PCI_ANY_ID, PCI_ANY_ID, }, {PCI_VENDOR_ID_EMULEX, PCI_DEVICE_ID_PROTEUS_PF, @@ -100,18 +107,23 @@ const struct pci_device_id lpfc_id_table[] = { PCI_ANY_ID, PCI_ANY_ID, }, {PCI_VENDOR_ID_SERVERENGINE, PCI_DEVICE_ID_TOMCAT, PCI_ANY_ID, PCI_ANY_ID, }, +#endif {PCI_VENDOR_ID_EMULEX, PCI_DEVICE_ID_FALCON, PCI_ANY_ID, PCI_ANY_ID, }, +#ifndef CONFIG_RHEL_DIFFERENCES {PCI_VENDOR_ID_EMULEX, PCI_DEVICE_ID_BALIUS, PCI_ANY_ID, PCI_ANY_ID, }, +#endif {PCI_VENDOR_ID_EMULEX, PCI_DEVICE_ID_LANCER_FC, PCI_ANY_ID, PCI_ANY_ID, }, +#ifndef CONFIG_RHEL_DIFFERENCES {PCI_VENDOR_ID_EMULEX, PCI_DEVICE_ID_LANCER_FCOE, PCI_ANY_ID, PCI_ANY_ID, }, {PCI_VENDOR_ID_EMULEX, PCI_DEVICE_ID_LANCER_FC_VF, PCI_ANY_ID, PCI_ANY_ID, }, {PCI_VENDOR_ID_EMULEX, PCI_DEVICE_ID_LANCER_FCOE_VF, PCI_ANY_ID, PCI_ANY_ID, }, +#endif {PCI_VENDOR_ID_EMULEX, PCI_DEVICE_ID_LANCER_G6_FC, PCI_ANY_ID, PCI_ANY_ID, }, {PCI_VENDOR_ID_EMULEX, PCI_DEVICE_ID_LANCER_G7_FC, diff --git a/drivers/scsi/megaraid/megaraid_sas_base.c b/drivers/scsi/megaraid/megaraid_sas_base.c index 6c79c350a4d5..27012eec4822 100644 --- a/drivers/scsi/megaraid/megaraid_sas_base.c +++ b/drivers/scsi/megaraid/megaraid_sas_base.c @@ -149,6 +149,7 @@ megasas_set_ld_removed_by_fw(struct megasas_instance *instance); */ static struct pci_device_id megasas_pci_table[] = { +#ifndef CONFIG_RHEL_DIFFERENCES {PCI_DEVICE(PCI_VENDOR_ID_LSI_LOGIC, PCI_DEVICE_ID_LSI_SAS1064R)}, /* xscale IOP */ {PCI_DEVICE(PCI_VENDOR_ID_LSI_LOGIC, PCI_DEVICE_ID_LSI_SAS1078R)}, @@ -157,16 +158,19 @@ static struct pci_device_id megasas_pci_table[] = { /* ppc IOP */ {PCI_DEVICE(PCI_VENDOR_ID_LSI_LOGIC, PCI_DEVICE_ID_LSI_SAS1078GEN2)}, /* gen2*/ +#endif {PCI_DEVICE(PCI_VENDOR_ID_LSI_LOGIC, PCI_DEVICE_ID_LSI_SAS0079GEN2)}, /* gen2*/ {PCI_DEVICE(PCI_VENDOR_ID_LSI_LOGIC, PCI_DEVICE_ID_LSI_SAS0073SKINNY)}, /* skinny*/ {PCI_DEVICE(PCI_VENDOR_ID_LSI_LOGIC, PCI_DEVICE_ID_LSI_SAS0071SKINNY)}, /* skinny*/ +#ifndef CONFIG_RHEL_DIFFERENCES {PCI_DEVICE(PCI_VENDOR_ID_LSI_LOGIC, PCI_DEVICE_ID_LSI_VERDE_ZCR)}, /* xscale IOP, vega */ {PCI_DEVICE(PCI_VENDOR_ID_DELL, PCI_DEVICE_ID_DELL_PERC5)}, /* xscale IOP */ +#endif {PCI_DEVICE(PCI_VENDOR_ID_LSI_LOGIC, PCI_DEVICE_ID_LSI_FUSION)}, /* Fusion */ {PCI_DEVICE(PCI_VENDOR_ID_LSI_LOGIC, PCI_DEVICE_ID_LSI_PLASMA)}, diff --git a/drivers/scsi/mpt3sas/mpt3sas_scsih.c b/drivers/scsi/mpt3sas/mpt3sas_scsih.c index 97c2472cd434..fedba599ae00 100644 --- a/drivers/scsi/mpt3sas/mpt3sas_scsih.c +++ b/drivers/scsi/mpt3sas/mpt3sas_scsih.c @@ -12569,6 +12569,7 @@ scsih_pci_mmio_enabled(struct pci_dev *pdev) * The pci device ids are defined in mpi/mpi2_cnfg.h. */ static const struct pci_device_id mpt3sas_pci_table[] = { +#ifndef CONFIG_RHEL_DIFFERENCES /* Spitfire ~ 2004 */ { MPI2_MFGPAGE_VENDORID_LSI, MPI2_MFGPAGE_DEVID_SAS2004, PCI_ANY_ID, PCI_ANY_ID }, @@ -12587,6 +12588,7 @@ static const struct pci_device_id mpt3sas_pci_table[] = { PCI_ANY_ID, PCI_ANY_ID }, { MPI2_MFGPAGE_VENDORID_LSI, MPI2_MFGPAGE_DEVID_SAS2116_2, PCI_ANY_ID, PCI_ANY_ID }, +#endif /* Thunderbolt ~ 2208 */ { MPI2_MFGPAGE_VENDORID_LSI, MPI2_MFGPAGE_DEVID_SAS2208_1, PCI_ANY_ID, PCI_ANY_ID }, @@ -12611,9 +12613,11 @@ static const struct pci_device_id mpt3sas_pci_table[] = { PCI_ANY_ID, PCI_ANY_ID }, { MPI2_MFGPAGE_VENDORID_LSI, MPI2_MFGPAGE_DEVID_SWITCH_MPI_EP_1, PCI_ANY_ID, PCI_ANY_ID }, +#ifndef CONFIG_RHEL_DIFFERENCES /* SSS6200 */ { MPI2_MFGPAGE_VENDORID_LSI, MPI2_MFGPAGE_DEVID_SSS6200, PCI_ANY_ID, PCI_ANY_ID }, +#endif /* Fury ~ 3004 and 3008 */ { MPI2_MFGPAGE_VENDORID_LSI, MPI25_MFGPAGE_DEVID_SAS3004, PCI_ANY_ID, PCI_ANY_ID }, diff --git a/drivers/scsi/qla2xxx/qla_os.c b/drivers/scsi/qla2xxx/qla_os.c index bc3b2aea3f8b..8d47d61c9920 100644 --- a/drivers/scsi/qla2xxx/qla_os.c +++ b/drivers/scsi/qla2xxx/qla_os.c @@ -8114,6 +8114,7 @@ static const struct pci_error_handlers qla2xxx_err_handler = { }; static struct pci_device_id qla2xxx_pci_tbl[] = { +#ifndef CONFIG_RHEL_DIFFERENCES { PCI_DEVICE(PCI_VENDOR_ID_QLOGIC, PCI_DEVICE_ID_QLOGIC_ISP2100) }, { PCI_DEVICE(PCI_VENDOR_ID_QLOGIC, PCI_DEVICE_ID_QLOGIC_ISP2200) }, { PCI_DEVICE(PCI_VENDOR_ID_QLOGIC, PCI_DEVICE_ID_QLOGIC_ISP2300) }, @@ -8126,13 +8127,18 @@ static struct pci_device_id qla2xxx_pci_tbl[] = { { PCI_DEVICE(PCI_VENDOR_ID_QLOGIC, PCI_DEVICE_ID_QLOGIC_ISP8432) }, { PCI_DEVICE(PCI_VENDOR_ID_QLOGIC, PCI_DEVICE_ID_QLOGIC_ISP5422) }, { PCI_DEVICE(PCI_VENDOR_ID_QLOGIC, PCI_DEVICE_ID_QLOGIC_ISP5432) }, +#endif { PCI_DEVICE(PCI_VENDOR_ID_QLOGIC, PCI_DEVICE_ID_QLOGIC_ISP2532) }, { PCI_DEVICE(PCI_VENDOR_ID_QLOGIC, PCI_DEVICE_ID_QLOGIC_ISP2031) }, +#ifndef CONFIG_RHEL_DIFFERENCES { PCI_DEVICE(PCI_VENDOR_ID_QLOGIC, PCI_DEVICE_ID_QLOGIC_ISP8001) }, { PCI_DEVICE(PCI_VENDOR_ID_QLOGIC, PCI_DEVICE_ID_QLOGIC_ISP8021) }, +#endif { PCI_DEVICE(PCI_VENDOR_ID_QLOGIC, PCI_DEVICE_ID_QLOGIC_ISP8031) }, +#ifndef CONFIG_RHEL_DIFFERENCES { PCI_DEVICE(PCI_VENDOR_ID_QLOGIC, PCI_DEVICE_ID_QLOGIC_ISPF001) }, { PCI_DEVICE(PCI_VENDOR_ID_QLOGIC, PCI_DEVICE_ID_QLOGIC_ISP8044) }, +#endif { PCI_DEVICE(PCI_VENDOR_ID_QLOGIC, PCI_DEVICE_ID_QLOGIC_ISP2071) }, { PCI_DEVICE(PCI_VENDOR_ID_QLOGIC, PCI_DEVICE_ID_QLOGIC_ISP2271) }, { PCI_DEVICE(PCI_VENDOR_ID_QLOGIC, PCI_DEVICE_ID_QLOGIC_ISP2261) }, diff --git a/drivers/scsi/qla4xxx/ql4_os.c b/drivers/scsi/qla4xxx/ql4_os.c index 17cccd14765f..7f0cef737224 100644 --- a/drivers/scsi/qla4xxx/ql4_os.c +++ b/drivers/scsi/qla4xxx/ql4_os.c @@ -9865,6 +9865,7 @@ static struct pci_device_id qla4xxx_pci_tbl[] = { .subvendor = PCI_ANY_ID, .subdevice = PCI_ANY_ID, }, +#ifndef CONFIG_RHEL_DIFFERENCES { .vendor = PCI_VENDOR_ID_QLOGIC, .device = PCI_DEVICE_ID_QLOGIC_ISP8022, @@ -9883,6 +9884,7 @@ static struct pci_device_id qla4xxx_pci_tbl[] = { .subvendor = PCI_ANY_ID, .subdevice = PCI_ANY_ID, }, +#endif {0, 0}, }; MODULE_DEVICE_TABLE(pci, qla4xxx_pci_tbl); diff --git a/drivers/scsi/sd.c b/drivers/scsi/sd.c index 9db86943d04c..515142544669 100644 --- a/drivers/scsi/sd.c +++ b/drivers/scsi/sd.c @@ -122,6 +122,14 @@ static const char *sd_cache_types[] = { "write back, no read (daft)" }; +#ifdef CONFIG_RHEL_DIFFERENCES +static char sd_probe_type[6] = "async"; +module_param_string(probe, sd_probe_type, sizeof(sd_probe_type), + S_IRUGO|S_IWUSR); +MODULE_PARM_DESC(probe, "async or sync. Setting to 'sync' disables asynchronous " + "device number assignments (sda, sdb, ...)."); +#endif + static void sd_set_flush_flag(struct scsi_disk *sdkp, struct queue_limits *lim) { @@ -4349,6 +4357,11 @@ static int __init init_sd(void) goto err_out_class; } +#ifdef CONFIG_RHEL_DIFFERENCES + if (!strcmp(sd_probe_type, "sync")) + sd_template.gendrv.probe_type = PROBE_FORCE_SYNCHRONOUS; +#endif + err = scsi_register_driver(&sd_template.gendrv); if (err) goto err_out_driver; diff --git a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c index 4b93c0bd1d4b..b98906237306 100644 --- a/drivers/usb/core/hub.c +++ b/drivers/usb/core/hub.c @@ -5844,6 +5844,13 @@ static void hub_event(struct work_struct *work) (u16) hub->change_bits[0], (u16) hub->event_bits[0]); + /* Don't disconnect USB-SATA on TrimSlice */ + if (strcmp(dev_name(hdev->bus->controller), "tegra-ehci.0") == 0) { + if ((hdev->state == 7) && (hub->change_bits[0] == 0) && + (hub->event_bits[0] == 0x2)) + hub->event_bits[0] = 0; + } + /* Lock the device, then check to see if we were * disconnected while waiting for the lock to succeed. */ usb_lock_device(hdev); diff --git a/fs/afs/main.c b/fs/afs/main.c index a14f6013e316..6c20453fdf76 100644 --- a/fs/afs/main.c +++ b/fs/afs/main.c @@ -199,6 +199,9 @@ static int __init afs_init(void) goto error_proc; } +#ifdef CONFIG_RHEL_DIFFERENCES + mark_partner_supported(KBUILD_MODNAME, THIS_MODULE); +#endif return ret; error_proc: diff --git a/fs/erofs/super.c b/fs/erofs/super.c index 6cb5c8916174..34b899ab37bb 100644 --- a/fs/erofs/super.c +++ b/fs/erofs/super.c @@ -581,6 +581,9 @@ static int erofs_fc_fill_super(struct super_block *sb, struct fs_context *fc) { struct inode *inode; struct erofs_sb_info *sbi = EROFS_SB(sb); +#ifdef CONFIG_RHEL_DIFFERENCES + static bool printed = false; +#endif int err; sb->s_magic = EROFS_SUPER_MAGIC; @@ -687,6 +690,12 @@ static int erofs_fc_fill_super(struct super_block *sb, struct fs_context *fc) return err; erofs_info(sb, "mounted with root inode @ nid %llu.", sbi->root_nid); +#ifdef CONFIG_RHEL_DIFFERENCES + if (!printed) { + mark_tech_preview("EROFS filesystem", NULL); + printed = true; + } +#endif return 0; } diff --git a/fs/ext4/super.c b/fs/ext4/super.c index e72145c4ae5a..7522b976a836 100644 --- a/fs/ext4/super.c +++ b/fs/ext4/super.c @@ -5569,6 +5569,17 @@ static int __ext4_fill_super(struct fs_context *fc, struct super_block *sb) atomic_set(&sbi->s_warning_count, 0); atomic_set(&sbi->s_msg_count, 0); +#ifdef CONFIG_RHEL_DIFFERENCES + if (ext4_has_feature_verity(sb)) { + static bool printed = false; + + if (!printed) { + mark_tech_preview("fs-verity on ext4", NULL); + printed = true; + } + } +#endif + /* Register sysfs after all initializations are complete. */ err = ext4_register_sysfs(sb); if (err) diff --git a/include/linux/crypto.h b/include/linux/crypto.h index b164da5e129e..cd78d16ee5d6 100644 --- a/include/linux/crypto.h +++ b/include/linux/crypto.h @@ -133,6 +133,9 @@ #define CRYPTO_TFM_REQ_FORBID_WEAK_KEYS 0x00000100 #define CRYPTO_TFM_REQ_MAY_SLEEP 0x00000200 #define CRYPTO_TFM_REQ_MAY_BACKLOG 0x00000400 +#define CRYPTO_TFM_REQ_NEED_RESEED 0x00000800 + +#define CRYPTO_TFM_FIPS_COMPLIANCE 0x80000000 /* * Miscellaneous stuff. diff --git a/include/linux/efi.h b/include/linux/efi.h index 6bf3c4fe8511..67e5400f7644 100644 --- a/include/linux/efi.h +++ b/include/linux/efi.h @@ -45,6 +45,8 @@ struct screen_info; #define EFI_ABORTED (21 | (1UL << (BITS_PER_LONG-1))) #define EFI_SECURITY_VIOLATION (26 | (1UL << (BITS_PER_LONG-1))) +#define EFI_IS_ERROR(x) ((x) & (1UL << (BITS_PER_LONG-1))) + typedef unsigned long efi_status_t; typedef u8 efi_bool_t; typedef u16 efi_char16_t; /* UNICODE character */ @@ -877,6 +879,14 @@ static inline int efi_range_is_wc(unsigned long start, unsigned long len) #define EFI_MEM_ATTR 10 /* Did firmware publish an EFI_MEMORY_ATTRIBUTES table? */ #define EFI_MEM_NO_SOFT_RESERVE 11 /* Is the kernel configured to ignore soft reservations? */ #define EFI_PRESERVE_BS_REGIONS 12 /* Are EFI boot-services memory segments available? */ +#define EFI_SECURE_BOOT 13 /* Are we in Secure Boot mode? */ + +enum efi_secureboot_mode { + efi_secureboot_mode_unset, + efi_secureboot_mode_unknown, + efi_secureboot_mode_disabled, + efi_secureboot_mode_enabled, +}; #ifdef CONFIG_EFI /* @@ -888,6 +898,8 @@ static inline bool efi_enabled(int feature) } extern void efi_reboot(enum reboot_mode reboot_mode, const char *__unused); +extern void __init efi_set_secure_boot(enum efi_secureboot_mode mode); + bool __pure __efi_soft_reserve_enabled(void); static inline bool __pure efi_soft_reserve_enabled(void) @@ -909,6 +921,8 @@ static inline bool efi_enabled(int feature) static inline void efi_reboot(enum reboot_mode reboot_mode, const char *__unused) {} +static inline void efi_set_secure_boot(enum efi_secureboot_mode mode) {} + static inline bool efi_soft_reserve_enabled(void) { return false; @@ -923,6 +937,7 @@ static inline void efi_find_mirror(void) {} #endif extern int efi_status_to_err(efi_status_t status); +extern const char *efi_status_to_str(efi_status_t status); /* * Variable Attributes @@ -1138,13 +1153,6 @@ static inline bool efi_runtime_disabled(void) { return true; } extern void efi_call_virt_check_flags(unsigned long flags, const void *caller); extern unsigned long efi_call_virt_save_flags(void); -enum efi_secureboot_mode { - efi_secureboot_mode_unset, - efi_secureboot_mode_unknown, - efi_secureboot_mode_disabled, - efi_secureboot_mode_enabled, -}; - static inline enum efi_secureboot_mode efi_get_secureboot_mode(efi_get_variable_t *get_var) { diff --git a/include/linux/kernel.h b/include/linux/kernel.h index be2e8c0a187e..114e213c89e2 100644 --- a/include/linux/kernel.h +++ b/include/linux/kernel.h @@ -402,4 +402,20 @@ static inline void ftrace_dump(enum ftrace_dump_mode oops_dump_mode) { } /* OTHER_WRITABLE? Generally considered a bad idea. */ \ BUILD_BUG_ON_ZERO((perms) & 2) + \ (perms)) + +struct module; + +#ifdef CONFIG_RHEL_DIFFERENCES +void mark_hardware_unmaintained(const char *driver_name, char *fmt, ...); +void mark_hardware_deprecated(const char *driver_name, char *fmt, ...); +void mark_tech_preview(const char *msg, struct module *mod); +void mark_partner_supported(const char *msg, struct module *mod); +void init_rh_check_status(char *fn_name); +#else +static inline void mark_hardware_unmaintained(const char *driver_name, char *fmt, ...) { } +static inline void mark_hardware_deprecated(const char *driver_name, char *fmt, ...) { } +static inline void mark_tech_preview(const char *msg, struct module *mod) { } +static inline void mark_partner_supported(const char *msg, struct module *mod) { } +#endif + #endif diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 855db460e08b..7a8c28cd7510 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -438,6 +438,8 @@ LSM_HOOK(int, 0, bpf_token_capable, const struct bpf_token *token, int cap) #endif /* CONFIG_BPF_SYSCALL */ LSM_HOOK(int, 0, locked_down, enum lockdown_reason what) +LSM_HOOK(int, 0, lock_kernel_down, const char *where, enum lockdown_reason level) + #ifdef CONFIG_PERF_EVENTS LSM_HOOK(int, 0, perf_event_open, struct perf_event_attr *attr, int type) diff --git a/include/linux/module.h b/include/linux/module.h index 88ecc5e9f523..bcc0377c716a 100644 --- a/include/linux/module.h +++ b/include/linux/module.h @@ -424,6 +424,7 @@ struct module { struct module_attribute *modinfo_attrs; const char *version; const char *srcversion; + const char *rhelversion; struct kobject *holders_dir; /* Exported symbols */ @@ -1007,4 +1008,8 @@ static inline unsigned long find_kallsyms_symbol_value(struct module *mod, #endif /* CONFIG_MODULES && CONFIG_KALLSYMS */ +#ifdef CONFIG_RHEL_DIFFERENCES +void module_rh_check_status(const char * module_name); +#endif + #endif /* _LINUX_MODULE_H */ diff --git a/include/linux/panic.h b/include/linux/panic.h index 54d90b6c5f47..cc5def6f2b2e 100644 --- a/include/linux/panic.h +++ b/include/linux/panic.h @@ -74,7 +74,23 @@ static inline void set_arch_panic_timeout(int timeout, int arch_default_timeout) #define TAINT_AUX 16 #define TAINT_RANDSTRUCT 17 #define TAINT_TEST 18 -#define TAINT_FLAGS_COUNT 19 +/* Start of Red Hat-specific taint flags */ +#define TAINT_19 19 +#define TAINT_20 20 +#define TAINT_21 21 +#define TAINT_22 22 +#define TAINT_23 23 +#define TAINT_24 24 +#define TAINT_25 25 +#define TAINT_PARTNER_SUPPORTED 26 +#define TAINT_SUPPORT_REMOVED 27 +/* Bits 28 - 31 are reserved for Red Hat use only */ +#define TAINT_RESERVED28 28 +#define TAINT_RESERVED29 29 +#define TAINT_RESERVED30 30 +#define TAINT_UNPRIVILEGED_BPF 31 +/* End of Red Hat-specific taint flags */ +#define TAINT_FLAGS_COUNT 32 #define TAINT_FLAGS_MAX ((1UL << TAINT_FLAGS_COUNT) - 1) struct taint_flag { diff --git a/include/linux/pci.h b/include/linux/pci.h index 4cf89a4b4cbc..5133f3570000 100644 --- a/include/linux/pci.h +++ b/include/linux/pci.h @@ -1614,6 +1614,7 @@ int pci_add_dynid(struct pci_driver *drv, unsigned long driver_data); const struct pci_device_id *pci_match_id(const struct pci_device_id *ids, struct pci_dev *dev); + int pci_scan_bridge(struct pci_bus *bus, struct pci_dev *dev, int max, int pass); @@ -2662,6 +2663,10 @@ static inline bool pci_is_thunderbolt_attached(struct pci_dev *pdev) return false; } +#ifdef CONFIG_RHEL_DIFFERENCES +bool pci_rh_check_status(struct pci_dev *pci_dev); +#endif + #if defined(CONFIG_PCIEPORTBUS) || defined(CONFIG_EEH) void pci_uevent_ers(struct pci_dev *pdev, enum pci_ers_result err_type); #endif diff --git a/include/linux/random.h b/include/linux/random.h index b0a940af4fff..8a52424fd0d5 100644 --- a/include/linux/random.h +++ b/include/linux/random.h @@ -9,6 +9,13 @@ #include +struct iov_iter; + +struct random_extrng { + ssize_t (*extrng_read_iter)(struct iov_iter *iter, bool reseed); + struct module *owner; +}; + struct notifier_block; void add_device_randomness(const void *buf, size_t len); @@ -157,6 +164,9 @@ int random_prepare_cpu(unsigned int cpu); int random_online_cpu(unsigned int cpu); #endif +void random_register_extrng(const struct random_extrng *rng); +void random_unregister_extrng(void); + #ifndef MODULE extern const struct file_operations random_fops, urandom_fops; #endif diff --git a/include/linux/rh_flags.h b/include/linux/rh_flags.h new file mode 100644 index 000000000000..d498d319ace3 --- /dev/null +++ b/include/linux/rh_flags.h @@ -0,0 +1,34 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * rh_flags.h -- Red Hat flags tracking + * + * Copyright (c) 2018 Red Hat, Inc. -- Jiri Benc + * + * The intent of the flag tracking is to provide better and more focused + * support. Only those flags that are of a special interest for customer + * support should be tracked. + * + * THE FLAGS DO NOT EXPRESS ANY SUPPORT POLICIES. + */ + +#ifndef _LINUX_RH_FLAGS_H +#define _LINUX_RH_FLAGS_H + +#if defined CONFIG_RHEL_DIFFERENCES +bool __rh_add_flag(const char *flag_name); +void rh_print_flags(void); + +#define rh_add_flag(flag_name) \ +({ \ + static bool __mark_once __read_mostly; \ + bool __ret_mark_once = !__mark_once; \ + \ + if (!__mark_once) \ + __mark_once = __rh_add_flag(flag_name); \ + unlikely(__ret_mark_once); \ +}) +#else +static void rh_print_flags(void) { } +static void rh_add_flag(const char *flag_name) { } +#endif +#endif diff --git a/include/linux/rh_kabi.h b/include/linux/rh_kabi.h new file mode 100644 index 000000000000..5139cb2cabdc --- /dev/null +++ b/include/linux/rh_kabi.h @@ -0,0 +1,541 @@ +/* + * rh_kabi.h - Red Hat kABI abstraction header + * + * Copyright (c) 2014 Don Zickus + * Copyright (c) 2015-2020 Jiri Benc + * Copyright (c) 2015 Sabrina Dubroca, Hannes Frederic Sowa + * Copyright (c) 2016-2018 Prarit Bhargava + * Copyright (c) 2017 Paolo Abeni, Larry Woodman + * + * This file is released under the GPLv2. + * See the file COPYING for more details. + * + * These kabi macros hide the changes from the kabi checker and from the + * process that computes the exported symbols' checksums. + * They have 2 variants: one (defined under __GENKSYMS__) used when + * generating the checksums, and the other used when building the kernel's + * binaries. + * + * The use of these macros does not guarantee that the usage and modification + * of code is correct. As with all Red Hat only changes, an engineer must + * explain why the use of the macro is valid in the patch containing the + * changes. + * + */ + +#ifndef _LINUX_RH_KABI_H +#define _LINUX_RH_KABI_H + +#include +#include +#include + +/* + * NOTE + * Unless indicated otherwise, don't use ';' after these macros as it + * messes up the kABI checker by changing what the resulting token string + * looks like. Instead let the macros add the ';' so it can be properly + * hidden from the kABI checker (mainly for RH_KABI_EXTEND, but applied to + * most macros for uniformity). + * + * + * RH_KABI_CONST + * Adds a new const modifier to a function parameter preserving the old + * checksum. + * + * RH_KABI_ADD_MODIFIER + * Adds a new modifier to a function parameter or a typedef, preserving + * the old checksum. Useful e.g. for adding rcu annotations or changing + * int to unsigned. Beware that this may change the semantics; if you're + * sure this is safe, always explain why binary compatibility with 3rd + * party modules is retained. + * + * RH_KABI_DEPRECATE + * Marks the element as deprecated and make it unusable by modules while + * keeping a hole in its place to preserve binary compatibility. + * + * RH_KABI_DEPRECATE_FN + * Marks the function pointer as deprecated and make it unusable by modules + * while keeping a hole in its place to preserve binary compatibility. + * + * RH_KABI_EXTEND + * Adds a new field to a struct. This must always be added to the end of + * the struct. Before using this macro, make sure this is actually safe + * to do - there is a number of conditions under which it is *not* safe. + * In particular (but not limited to), this macro cannot be used: + * - if the struct in question is embedded in another struct, or + * - if the struct is allocated by drivers either statically or + * dynamically, or + * - if the struct is allocated together with driver data (an example of + * such behavior is struct net_device or struct request). + * + * RH_KABI_EXTEND_WITH_SIZE + * Adds a new element (usually a struct) to a struct and reserves extra + * space for the new element. The provided 'size' is the total space to + * be added in longs (i.e. it's 8 * 'size' bytes), including the size of + * the added element. It is automatically checked that the new element + * does not overflow the reserved space, now nor in the future. However, + * no attempt is done to check the content of the added element (struct) + * for kABI conformance - kABI checking inside the added element is + * effectively switched off. + * For any struct being added by RH_KABI_EXTEND_WITH_SIZE, it is + * recommended its content to be documented as not covered by kABI + * guarantee. + * + * RH_KABI_FILL_HOLE + * Fills a hole in a struct. + * + * Warning: only use if a hole exists for _all_ arches. Use pahole to verify. + * + * RH_KABI_RENAME + * Renames an element without changing its type. This macro can be used in + * bitfields, for example. + * + * NOTE: this macro does not add the final ';' + * + * RH_KABI_REPLACE + * Replaces the _orig field by the _new field. The size of the occupied + * space is preserved, it's fine if the _new field is smaller than the + * _orig field. If a _new field is larger or has a different alignment, + * compilation will abort. + * + * RH_KABI_REPLACE_SPLIT + * Works the same as RH_KABI_REPLACE but replaces a single _orig field by + * multiple new fields. The checks for size and alignment done by + * RH_KABI_REPLACE are still applied. + * + * RH_KABI_HIDE_INCLUDE + * Hides the given include file from kABI checksum computations. This is + * used when a newly added #include makes a previously opaque struct + * visible. + * + * Example usage: + * #include RH_KABI_HIDE_INCLUDE() + * + * RH_KABI_FAKE_INCLUDE + * Pretends inclusion of the given file for kABI checksum computations. + * This is used when upstream removed a particular #include but that made + * some structures opaque that were previously visible and is causing kABI + * checker failures. + * + * Example usage: + * #include RH_KABI_FAKE_INCLUDE() + * + * RH_KABI_RESERVE + * Adds a reserved field to a struct. This is done prior to kABI freeze + * for structs that cannot be expanded later using RH_KABI_EXTEND (for + * example because they are embedded in another struct or because they are + * allocated by drivers or because they use unusual memory layout). The + * size of the reserved field is 'unsigned long' and is assumed to be + * 8 bytes. + * + * The argument is a number unique for the given struct; usually, multiple + * RH_KABI_RESERVE macros are added to a struct with numbers starting from + * one. + * + * Example usage: + * struct foo { + * int a; + * RH_KABI_RESERVE(1) + * RH_KABI_RESERVE(2) + * RH_KABI_RESERVE(3) + * RH_KABI_RESERVE(4) + * }; + * + * RH_KABI_USE + * Uses a previously reserved field or multiple fields. The arguments are + * one or more numbers assigned to RH_KABI_RESERVE, followed by a field to + * be put in their place. The compiler ensures that the new field is not + * larger than the reserved area. + * + * Example usage: + * struct foo { + * int a; + * RH_KABI_USE(1, int b) + * RH_KABI_USE(2, 3, int c[3]) + * RH_KABI_RESERVE(4) + * }; + * + * RH_KABI_USE_SPLIT + * Works the same as RH_KABI_USE but replaces a single reserved field by + * multiple new fields. + * + * RH_KABI_AUX_EMBED + * RH_KABI_AUX_PTR + * Adds an extenstion of a struct in the form of "auxiliary structure". + * This is done prior to kABI freeze for structs that cannot be expanded + * later using RH_KABI_EXTEND. See also RH_KABI_RESERVED, these two + * approaches can (and often are) combined. + * + * To use this for 'struct foo' (the "base structure"), define a new + * structure called 'struct foo_rh'; this new struct is called "auxiliary + * structure". Then add RH_KABI_AUX_EMBED or RH_KABI_AUX_PTR to the end + * of the base structure. The argument is the name of the base structure, + * without the 'struct' keyword. + * + * RH_KABI_AUX_PTR stores a pointer to the aux structure in the base + * struct. The lifecycle of the aux struct needs to be properly taken + * care of. + * + * RH_KABI_AUX_EMBED embeds the aux struct into the base struct. This + * cannot be used when the base struct is itself embedded into another + * struct, allocated in an array, etc. + * + * Both approaches (ptr and embed) work correctly even when the aux struct + * is allocated by modules. To ensure this, the code responsible for + * allocation/assignment of the aux struct has to properly set the size of + * the aux struct; see the RH_KABI_AUX_SET_SIZE and RH_KABI_AUX_INIT_SIZE + * macros. + * + * New fields can be later added to the auxiliary structure, always to its + * end. Note the auxiliary structure cannot be shrunk in size later (i.e., + * fields cannot be removed, only deprecated). Any code accessing fields + * from the aux struct must guard the access using the RH_KABI_AUX macro. + * The access itself is then done via a '_rh' field in the base struct. + * + * The auxiliary structure is not guaranteed for access by modules unless + * explicitly commented as such in the declaration of the aux struct + * itself or some of its elements. + * + * Example: + * + * struct foo_rh { + * int newly_added; + * }; + * + * struct foo { + * bool big_hammer; + * RH_KABI_AUX_PTR(foo) + * }; + * + * void use(struct foo *f) + * { + * if (RH_KABI_AUX(f, foo, newly_added)) + * f->_rh->newly_added = 123; + * else + * // the field 'newly_added' is not present in the passed + * // struct, fall back to old behavior + * f->big_hammer = true; + * } + * + * static struct foo_rh my_foo_rh { + * .newly_added = 0; + * } + * + * static struct foo my_foo = { + * .big_hammer = false, + * ._rh = &my_foo_rh, + * RH_KABI_AUX_INIT_SIZE(foo) + * }; + * + * RH_KABI_USE_AUX_PTR + * Creates an auxiliary structure post kABI freeze. This works by using + * two reserved fields (thus there has to be two reserved fields still + * available) and converting them to RH_KABI_AUX_PTR. + * + * Example: + * + * struct foo_rh { + * }; + * + * struct foo { + * int a; + * RH_KABI_RESERVE(1) + * RH_KABI_USE_AUX_PTR(2, 3, foo) + * }; + * + * RH_KABI_AUX_SET_SIZE + * RH_KABI_AUX_INIT_SIZE + * Calculates and stores the size of the auxiliary structure. + * + * RH_KABI_AUX_SET_SIZE is for dynamically allocated base structs, + * RH_KABI_AUX_INIT_SIZE is for statically allocated case structs. + * + * These macros must be called from the allocation (RH_KABI_AUX_SET_SIZE) + * or declaration (RH_KABI_AUX_INIT_SIZE) site, regardless of whether + * that happens in the kernel or in a module. Without calling one of + * these macros, the aux struct will appear to have no fields to the + * kernel. + * + * Note: since RH_KABI_AUX_SET_SIZE is intended to be invoked outside of + * a struct definition, it does not add the semicolon and must be + * terminated by semicolon by the caller. + * + * RH_KABI_AUX + * Verifies that the given field exists in the given auxiliary structure. + * This MUST be called prior to accessing that field; failing to do that + * may lead to invalid memory access. + * + * The first argument is a pointer to the base struct, the second argument + * is the name of the base struct (without the 'struct' keyword), the + * third argument is the field name. + * + * This macro works for structs extended by either of RH_KABI_AUX_EMBED, + * RH_KABI_AUX_PTR and RH_KABI_USE_AUX_PTR. + * + * RH_KABI_FORCE_CHANGE + * Force change of the symbol checksum. The argument of the macro is a + * version for cases we need to do this more than once. + * + * This macro does the opposite: it changes the symbol checksum without + * actually changing anything about the exported symbol. It is useful for + * symbols that are not whitelisted, we're changing them in an + * incompatible way and want to prevent 3rd party modules to silently + * corrupt memory. Instead, by changing the symbol checksum, such modules + * won't be loaded by the kernel. This macro should only be used as a + * last resort when all other KABI workarounds have failed. + * + * RH_KABI_EXCLUDE + * !!! WARNING: DANGEROUS, DO NOT USE unless you are aware of all the !!! + * !!! implications. This should be used ONLY EXCEPTIONALLY and only !!! + * !!! under specific circumstances. Very likely, this macro does not !!! + * !!! do what you expect it to do. Note that any usage of this macro !!! + * !!! MUST be paired with a RH_KABI_FORCE_CHANGE annotation of !!! + * !!! a suitable symbol (or an equivalent safeguard) and the commit !!! + * !!! log MUST explain why the chosen solution is appropriate. !!! + * + * Exclude the element from checksum generation. Any such element is + * considered not to be part of the kABI whitelist and may be changed at + * will. Note however that it's the responsibility of the developer + * changing the element to ensure 3rd party drivers using this element + * won't panic, for example by not allowing them to be loaded. That can + * be achieved by changing another, non-whitelisted symbol they use, + * either by nature of the change or by using RH_KABI_FORCE_CHANGE. + * + * Also note that any change to the element must preserve its size. Change + * of the size is not allowed and would constitute a silent kABI breakage. + * Beware that the RH_KABI_EXCLUDE macro does not do any size checks. + * + * RH_KABI_EXCLUDE_WITH_SIZE + * Like RH_KABI_EXCLUDE, this macro excludes the element from + * checksum generation. The same warnings as for RH_KABI_EXCLUDE + * apply: use RH_KABI_FORCE_CHANGE. + * + * This macro is intended to be used for elements embedded inside + * kABI-protected structures (struct, array). In contrast with + * RH_KABI_EXCLUDE, this macro reserves extra space, so that the + * embedded element can grow without changing the offsets of the + * fields that follow. The provided 'size' is the total space to be + * added in longs (i.e. it's 8 * 'size' bytes), including the size + * of the added element. It is automatically checked that the new + * element does not overflow the reserved space, now nor in the + * future. The size is also included in the checksum via the + * reserved space, to ensure that we don't accidentally change it, + * which would change the offsets of the fields that follow. + * + * RH_KABI_BROKEN_INSERT + * RH_KABI_BROKEN_REMOVE + * Insert a field to the middle of a struct / delete a field from a struct. + * Note that this breaks kABI! It can be done only when it's certain that + * no 3rd party driver can validly reach into the struct. A typical + * example is a struct that is: both (a) referenced only through a long + * chain of pointers from another struct that is part of a whitelisted + * symbol and (b) kernel internal only, it should have never been visible + * to genksyms in the first place. + * + * Another example are structs that are explicitly exempt from kABI + * guarantee but we did not have enough foresight to use RH_KABI_EXCLUDE. + * In this case, the warning for RH_KABI_EXCLUDE applies. + * + * A detailed explanation of correctness of every RH_KABI_BROKEN_* macro + * use is especially important. + * + * RH_KABI_BROKEN_INSERT_BLOCK + * RH_KABI_BROKEN_REMOVE_BLOCK + * A version of RH_KABI_BROKEN_INSERT / REMOVE that allows multiple fields + * to be inserted or removed together. All fields need to be terminated + * by ';' inside(!) the macro parameter. The macro itself must not be + * terminated by ';'. + * + * RH_KABI_BROKEN_REPLACE + * Replace a field by a different one without doing any checking. This + * allows replacing a field by another with a different size. Similarly + * to other RH_KABI_BROKEN macros, use of this indicates a kABI breakage. + * + * RH_KABI_BROKEN_INSERT_ENUM + * RH_KABI_BROKEN_REMOVE_ENUM + * Insert a field to the middle of an enumaration type / delete a field from + * an enumaration type. Note that this can break kABI especially if the + * number of enum fields is used in an array within a structure. It can be + * done only when it is certain that no 3rd party driver will use the + * enumeration type or a structure that embeds an array with size determined + * by an enumeration type. + * + * RH_KABI_EXTEND_ENUM + * Adds a new field to an enumeration type. This must always be added to + * the end of the enum. Before using this macro, make sure this is actually + * safe to do. + */ + +#undef linux +#define linux linux + +#ifdef __GENKSYMS__ + +# define RH_KABI_CONST +# define RH_KABI_ADD_MODIFIER(_new) +# define RH_KABI_EXTEND(_new) +# define RH_KABI_FILL_HOLE(_new) +# define RH_KABI_FORCE_CHANGE(ver) __attribute__((rh_kabi_change ## ver)) +# define RH_KABI_RENAME(_orig, _new) _orig +# define RH_KABI_HIDE_INCLUDE(_file) +# define RH_KABI_FAKE_INCLUDE(_file) _file +# define RH_KABI_BROKEN_INSERT(_new) +# define RH_KABI_BROKEN_REMOVE(_orig) _orig; +# define RH_KABI_BROKEN_INSERT_BLOCK(_new) +# define RH_KABI_BROKEN_REMOVE_BLOCK(_orig) _orig +# define RH_KABI_BROKEN_REPLACE(_orig, _new) _orig; +# define RH_KABI_BROKEN_INSERT_ENUM(_new) +# define RH_KABI_BROKEN_REMOVE_ENUM(_orig) _orig, +# define RH_KABI_EXTEND_ENUM(_new) + +# define _RH_KABI_DEPRECATE(_type, _orig) _type _orig +# define _RH_KABI_DEPRECATE_FN(_type, _orig, _args...) _type (*_orig)(_args) +# define _RH_KABI_REPLACE(_orig, _new) _orig +# define _RH_KABI_EXCLUDE(_elem) + +# define __RH_KABI_CHECK_SIZE(_item, _size) + +#else + +# define RH_KABI_ALIGN_WARNING ". Disable CONFIG_RH_KABI_SIZE_ALIGN_CHECKS if debugging." + +# define RH_KABI_CONST const +# define RH_KABI_ADD_MODIFIER(_new) _new +# define RH_KABI_EXTEND(_new) _new; +# define RH_KABI_FILL_HOLE(_new) _new; +# define RH_KABI_FORCE_CHANGE(ver) +# define RH_KABI_RENAME(_orig, _new) _new +# define RH_KABI_HIDE_INCLUDE(_file) _file +# define RH_KABI_FAKE_INCLUDE(_file) +# define RH_KABI_BROKEN_INSERT(_new) _new; +# define RH_KABI_BROKEN_REMOVE(_orig) +# define RH_KABI_BROKEN_INSERT_BLOCK(_new) _new +# define RH_KABI_BROKEN_REMOVE_BLOCK(_orig) +# define RH_KABI_BROKEN_REPLACE(_orig, _new) _new; +# define RH_KABI_BROKEN_INSERT_ENUM(_new) _new, +# define RH_KABI_BROKEN_REMOVE_ENUM(_orig) +# define RH_KABI_EXTEND_ENUM(_new) _new, + +#if IS_BUILTIN(CONFIG_RH_KABI_SIZE_ALIGN_CHECKS) +# define __RH_KABI_CHECK_SIZE_ALIGN(_orig, _new) \ + union { \ + _Static_assert(sizeof(struct{_new;}) <= sizeof(struct{_orig;}), \ + __FILE__ ":" __stringify(__LINE__) ": " __stringify(_new) " is larger than " __stringify(_orig) RH_KABI_ALIGN_WARNING); \ + _Static_assert(__alignof__(struct{_new;}) <= __alignof__(struct{_orig;}), \ + __FILE__ ":" __stringify(__LINE__) ": " __stringify(_orig) " is not aligned the same as " __stringify(_new) RH_KABI_ALIGN_WARNING); \ + } +# define __RH_KABI_CHECK_SIZE(_item, _size) \ + _Static_assert(sizeof(struct{_item;}) <= _size, \ + __FILE__ ":" __stringify(__LINE__) ": " __stringify(_item) " is larger than the reserved size (" __stringify(_size) " bytes)" RH_KABI_ALIGN_WARNING); +#else +# define __RH_KABI_CHECK_SIZE_ALIGN(_orig, _new) +# define __RH_KABI_CHECK_SIZE(_item, _size) +#endif + +#define RH_KABI_UNIQUE_ID __PASTE(rh_kabi_hidden_, __LINE__) + +# define _RH_KABI_DEPRECATE(_type, _orig) _type rh_reserved_##_orig +# define _RH_KABI_DEPRECATE_FN(_type, _orig, _args...) \ + _type (* rh_reserved_##_orig)(_args) +# define _RH_KABI_REPLACE(_orig, _new) \ + union { \ + _new; \ + struct { \ + _orig; \ + } RH_KABI_UNIQUE_ID; \ + __RH_KABI_CHECK_SIZE_ALIGN(_orig, _new); \ + } + +# define _RH_KABI_EXCLUDE(_elem) _elem + +#endif /* __GENKSYMS__ */ + +# define RH_KABI_DEPRECATE(_type, _orig) _RH_KABI_DEPRECATE(_type, _orig); +# define RH_KABI_DEPRECATE_FN(_type, _orig, _args...) \ + _RH_KABI_DEPRECATE_FN(_type, _orig, _args); +# define RH_KABI_REPLACE(_orig, _new) _RH_KABI_REPLACE(_orig, _new); + +#define _RH_KABI_REPLACE1(_new) _new; +#define _RH_KABI_REPLACE2(_new, ...) _new; _RH_KABI_REPLACE1(__VA_ARGS__) +#define _RH_KABI_REPLACE3(_new, ...) _new; _RH_KABI_REPLACE2(__VA_ARGS__) +#define _RH_KABI_REPLACE4(_new, ...) _new; _RH_KABI_REPLACE3(__VA_ARGS__) +#define _RH_KABI_REPLACE5(_new, ...) _new; _RH_KABI_REPLACE4(__VA_ARGS__) +#define _RH_KABI_REPLACE6(_new, ...) _new; _RH_KABI_REPLACE5(__VA_ARGS__) +#define _RH_KABI_REPLACE7(_new, ...) _new; _RH_KABI_REPLACE6(__VA_ARGS__) +#define _RH_KABI_REPLACE8(_new, ...) _new; _RH_KABI_REPLACE7(__VA_ARGS__) +#define _RH_KABI_REPLACE9(_new, ...) _new; _RH_KABI_REPLACE8(__VA_ARGS__) +#define _RH_KABI_REPLACE10(_new, ...) _new; _RH_KABI_REPLACE9(__VA_ARGS__) +#define _RH_KABI_REPLACE11(_new, ...) _new; _RH_KABI_REPLACE10(__VA_ARGS__) +#define _RH_KABI_REPLACE12(_new, ...) _new; _RH_KABI_REPLACE11(__VA_ARGS__) + +#define RH_KABI_REPLACE_SPLIT(_orig, ...) _RH_KABI_REPLACE(_orig, \ + struct { __PASTE(_RH_KABI_REPLACE, COUNT_ARGS(__VA_ARGS__))(__VA_ARGS__) }); + +# define RH_KABI_RESERVE(n) _RH_KABI_RESERVE(n); + +#define _RH_KABI_USE1(n, _new) _RH_KABI_RESERVE(n), _new +#define _RH_KABI_USE2(n, ...) _RH_KABI_RESERVE(n); _RH_KABI_USE1(__VA_ARGS__) +#define _RH_KABI_USE3(n, ...) _RH_KABI_RESERVE(n); _RH_KABI_USE2(__VA_ARGS__) +#define _RH_KABI_USE4(n, ...) _RH_KABI_RESERVE(n); _RH_KABI_USE3(__VA_ARGS__) +#define _RH_KABI_USE5(n, ...) _RH_KABI_RESERVE(n); _RH_KABI_USE4(__VA_ARGS__) +#define _RH_KABI_USE6(n, ...) _RH_KABI_RESERVE(n); _RH_KABI_USE5(__VA_ARGS__) +#define _RH_KABI_USE7(n, ...) _RH_KABI_RESERVE(n); _RH_KABI_USE6(__VA_ARGS__) +#define _RH_KABI_USE8(n, ...) _RH_KABI_RESERVE(n); _RH_KABI_USE7(__VA_ARGS__) +#define _RH_KABI_USE9(n, ...) _RH_KABI_RESERVE(n); _RH_KABI_USE8(__VA_ARGS__) +#define _RH_KABI_USE10(n, ...) _RH_KABI_RESERVE(n); _RH_KABI_USE9(__VA_ARGS__) +#define _RH_KABI_USE11(n, ...) _RH_KABI_RESERVE(n); _RH_KABI_USE10(__VA_ARGS__) +#define _RH_KABI_USE12(n, ...) _RH_KABI_RESERVE(n); _RH_KABI_USE11(__VA_ARGS__) + +#define _RH_KABI_USE(...) _RH_KABI_REPLACE(__VA_ARGS__) +#define RH_KABI_USE(n, ...) _RH_KABI_USE(__PASTE(_RH_KABI_USE, COUNT_ARGS(__VA_ARGS__))(n, __VA_ARGS__)); + +# define RH_KABI_USE_SPLIT(n, ...) RH_KABI_REPLACE_SPLIT(_RH_KABI_RESERVE(n), __VA_ARGS__) + +# define _RH_KABI_RESERVE(n) unsigned long rh_reserved##n + +#define RH_KABI_EXCLUDE(_elem) _RH_KABI_EXCLUDE(_elem); + +#define RH_KABI_EXCLUDE_WITH_SIZE(_new, _size) \ + union { \ + RH_KABI_EXCLUDE(_new) \ + unsigned long RH_KABI_UNIQUE_ID[_size]; \ + __RH_KABI_CHECK_SIZE(_new, 8 * (_size)) \ + }; + +#define RH_KABI_EXTEND_WITH_SIZE(_new, _size) \ + RH_KABI_EXTEND(union { \ + _new; \ + unsigned long RH_KABI_UNIQUE_ID[_size]; \ + __RH_KABI_CHECK_SIZE(_new, 8 * (_size)) \ + }) + +#define _RH_KABI_AUX_PTR(_struct) \ + size_t _struct##_size_rh; \ + _RH_KABI_EXCLUDE(struct _struct##_rh *_rh) +#define RH_KABI_AUX_PTR(_struct) \ + _RH_KABI_AUX_PTR(_struct); + +#define _RH_KABI_AUX_EMBED(_struct) \ + size_t _struct##_size_rh; \ + _RH_KABI_EXCLUDE(struct _struct##_rh _rh) +#define RH_KABI_AUX_EMBED(_struct) \ + _RH_KABI_AUX_EMBED(_struct); + +#define RH_KABI_USE_AUX_PTR(n1, n2, _struct) \ + RH_KABI_USE(n1, n2, \ + struct { RH_KABI_AUX_PTR(_struct) }) + +#define RH_KABI_AUX_SET_SIZE(_name, _struct) ({ \ + (_name)->_struct##_size_rh = sizeof(struct _struct##_rh); \ +}) + +#define RH_KABI_AUX_INIT_SIZE(_struct) \ + ._struct##_size_rh = sizeof(struct _struct##_rh), + +#define RH_KABI_AUX(_ptr, _struct, _field) ({ \ + size_t __off = offsetof(struct _struct##_rh, _field); \ + (_ptr)->_struct##_size_rh > __off ? true : false; \ +}) + +#endif /* _LINUX_RH_KABI_H */ diff --git a/include/linux/rh_waived.h b/include/linux/rh_waived.h new file mode 100644 index 000000000000..945dd71cc082 --- /dev/null +++ b/include/linux/rh_waived.h @@ -0,0 +1,19 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * include/linux/rh_waived.h + * + * rh_waived cmdline parameter interface. + * + * Copyright (C) 2024, Red Hat, Inc. Ricardo Robaina + */ +#ifndef _RH_WAIVED_H +#define _RH_WAIVED_H + +enum rh_waived_feat { + /* RH_WAIVED_FEAT_ITEMS must always be the last item in the enum */ + RH_WAIVED_FEAT_ITEMS, +}; + +bool is_rh_waived(enum rh_waived_feat feat); + +#endif /* _RH_WAIVED_H */ diff --git a/include/linux/rmi.h b/include/linux/rmi.h index ab7eea01ab42..fff7c5f737fc 100644 --- a/include/linux/rmi.h +++ b/include/linux/rmi.h @@ -364,6 +364,7 @@ struct rmi_driver_data { struct rmi4_attn_data attn_data; DECLARE_KFIFO(attn_fifo, struct rmi4_attn_data, 16); + struct work_struct attn_work; }; int rmi_register_transport_device(struct rmi_transport_dev *xport); diff --git a/include/linux/security.h b/include/linux/security.h index 1390f1efb4f0..b9a8ccb1dbdc 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -507,6 +507,7 @@ int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen); int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen); int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen); int security_locked_down(enum lockdown_reason what); +int security_lock_kernel_down(const char *where, enum lockdown_reason level); int lsm_fill_user_ctx(struct lsm_ctx __user *uctx, u32 *uctx_len, void *val, size_t val_len, u64 id, u64 flags); #else /* CONFIG_SECURITY */ @@ -1477,6 +1478,10 @@ static inline int security_locked_down(enum lockdown_reason what) { return 0; } +static inline int security_lock_kernel_down(const char *where, enum lockdown_reason level) +{ + return 0; +} static inline int lsm_fill_user_ctx(struct lsm_ctx __user *uctx, u32 *uctx_len, void *val, size_t val_len, u64 id, u64 flags) diff --git a/init/main.c b/init/main.c index 206acdde51f5..2296734522f7 100644 --- a/init/main.c +++ b/init/main.c @@ -1182,6 +1182,9 @@ static bool __init_or_module initcall_blacklisted(initcall_t fn) */ strreplace(fn_name, ' ', '\0'); +#ifdef CONFIG_RHEL_DIFFERENCES + init_rh_check_status(fn_name); +#endif list_for_each_entry(entry, &blacklisted_initcalls, next) { if (!strcmp(fn_name, entry->buf)) { pr_debug("initcall %s blacklisted\n", fn_name); diff --git a/kernel/Makefile b/kernel/Makefile index 3c13240dfc9f..dc6723d84302 100644 --- a/kernel/Makefile +++ b/kernel/Makefile @@ -12,6 +12,7 @@ obj-y = fork.o exec_domain.o panic.o \ notifier.o ksysfs.o cred.o reboot.o \ async.o range.o smpboot.o ucount.o regset.o ksyms_common.o +obj-$(CONFIG_RHEL_DIFFERENCES) += rh_messages.o rh_flags.o rh_waived.o obj-$(CONFIG_USERMODE_DRIVER) += usermode_driver.o obj-$(CONFIG_MULTIUSER) += groups.o obj-$(CONFIG_VHOST_TASK) += vhost_task.o diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c index 7ee62e38faf0..63817aceb71f 100644 --- a/kernel/bpf/core.c +++ b/kernel/bpf/core.c @@ -566,7 +566,12 @@ void bpf_prog_kallsyms_del_all(struct bpf_prog *fp) /* All BPF JIT sysctl knobs here. */ int bpf_jit_enable __read_mostly = IS_BUILTIN(CONFIG_BPF_JIT_DEFAULT_ON); int bpf_jit_kallsyms __read_mostly = IS_BUILTIN(CONFIG_BPF_JIT_DEFAULT_ON); +#ifdef CONFIG_RHEL_DIFFERENCES +/* RHEL-only: set it to 1 by default */ +int bpf_jit_harden __read_mostly = 1; +#else int bpf_jit_harden __read_mostly; +#endif /* CONFIG_RHEL_DIFFERENCES */ long bpf_jit_limit __read_mostly; long bpf_jit_limit_max __read_mostly; diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c index bf6c5f685ea2..649f2fccaddd 100644 --- a/kernel/bpf/syscall.c +++ b/kernel/bpf/syscall.c @@ -26,6 +26,7 @@ #include #include #include +#include #include #include #include @@ -58,6 +59,23 @@ static DEFINE_SPINLOCK(map_idr_lock); static DEFINE_IDR(link_idr); static DEFINE_SPINLOCK(link_idr_lock); +static int __init unprivileged_bpf_setup(char *str) +{ + unsigned long disabled; + if (!kstrtoul(str, 0, &disabled)) + sysctl_unprivileged_bpf_disabled = !!disabled; + + if (!sysctl_unprivileged_bpf_disabled) { + pr_warn("Unprivileged BPF has been enabled " + "(unprivileged_bpf_disabled=0 has been supplied " + "in boot parameters), tainting the kernel"); + add_taint(TAINT_UNPRIVILEGED_BPF, LOCKDEP_STILL_OK); + } + + return 1; +} +__setup("unprivileged_bpf_disabled=", unprivileged_bpf_setup); + int sysctl_unprivileged_bpf_disabled __read_mostly = IS_BUILTIN(CONFIG_BPF_UNPRIV_DEFAULT_OFF) ? 2 : 0; @@ -6033,6 +6051,11 @@ static int bpf_unpriv_handler(const struct ctl_table *table, int write, if (write && !ret) { if (locked_state && unpriv_enable != 1) return -EPERM; + if (!unpriv_enable) { + pr_warn("Unprivileged BPF has been enabled, " + "tainting the kernel"); + add_taint(TAINT_UNPRIVILEGED_BPF, LOCKDEP_STILL_OK); + } *(int *)table->data = unpriv_enable; } diff --git a/kernel/module/main.c b/kernel/module/main.c index 71396e297499..29e469418075 100644 --- a/kernel/module/main.c +++ b/kernel/module/main.c @@ -65,6 +65,8 @@ #define CREATE_TRACE_POINTS #include +#include + /* * Mutex protects: * 1) List of modules (also safely readable with preempt_disable), @@ -530,6 +532,7 @@ static struct module_attribute modinfo_##field = { \ MODINFO_ATTR(version); MODINFO_ATTR(srcversion); +MODINFO_ATTR(rhelversion); static struct { char name[MODULE_NAME_LEN + 1]; @@ -982,6 +985,7 @@ struct module_attribute *modinfo_attrs[] = { &module_uevent, &modinfo_version, &modinfo_srcversion, + &modinfo_rhelversion, &modinfo_initstate, &modinfo_coresize, #ifdef CONFIG_ARCH_WANTS_MODULES_DATA_IN_VMALLOC @@ -2828,6 +2832,11 @@ static int early_mod_check(struct load_info *info, int flags) return -EPERM; } +#ifdef CONFIG_RHEL_DIFFERENCES + if (get_modinfo(info, "intree")) + module_rh_check_status(info->name); +#endif + err = rewrite_section_headers(info, flags); if (err) return err; @@ -3403,6 +3412,10 @@ void print_modules(void) pr_cont(" [last unloaded: %s%s]", last_unloaded_module.name, last_unloaded_module.taints); pr_cont("\n"); + +#ifdef CONFIG_RHEL_DIFFERENCES + rh_print_flags(); +#endif } #ifdef CONFIG_MODULE_DEBUGFS diff --git a/kernel/module/signing.c b/kernel/module/signing.c index a2ff4242e623..f0d2be1ee4f1 100644 --- a/kernel/module/signing.c +++ b/kernel/module/signing.c @@ -61,10 +61,17 @@ int mod_verify_sig(const void *mod, struct load_info *info) modlen -= sig_len + sizeof(ms); info->len = modlen; - return verify_pkcs7_signature(mod, modlen, mod + modlen, sig_len, + ret = verify_pkcs7_signature(mod, modlen, mod + modlen, sig_len, VERIFY_USE_SECONDARY_KEYRING, VERIFYING_MODULE_SIGNATURE, NULL, NULL); + if (ret == -ENOKEY && IS_ENABLED(CONFIG_INTEGRITY_PLATFORM_KEYRING)) { + ret = verify_pkcs7_signature(mod, modlen, mod + modlen, sig_len, + VERIFY_USE_PLATFORM_KEYRING, + VERIFYING_MODULE_SIGNATURE, + NULL, NULL); + } + return ret; } int module_sig_check(struct load_info *info, int flags) diff --git a/kernel/panic.c b/kernel/panic.c index 2a0449144f82..a8feef83d920 100644 --- a/kernel/panic.c +++ b/kernel/panic.c @@ -508,6 +508,19 @@ const struct taint_flag taint_flags[TAINT_FLAGS_COUNT] = { TAINT_FLAG(AUX, 'X', ' ', true), TAINT_FLAG(RANDSTRUCT, 'T', ' ', true), TAINT_FLAG(TEST, 'N', ' ', true), + TAINT_FLAG(19, '?', '-', false ), + TAINT_FLAG(20, '?', '-', false ), + TAINT_FLAG(21, '?', '-', false ), + TAINT_FLAG(22, '?', '-', false ), + TAINT_FLAG(23, '?', '-', false ), + TAINT_FLAG(24, '?', '-', false ), + TAINT_FLAG(25, '?', '-', false ), + TAINT_FLAG(PARTNER_SUPPORTED, 'p', ' ', true ), + TAINT_FLAG(SUPPORT_REMOVED, 'h', ' ', false ), + TAINT_FLAG(RESERVED28, '?', '-', false ), + TAINT_FLAG(RESERVED29, '?', '-', false ), + TAINT_FLAG(RESERVED30, '?', '-', false ), + TAINT_FLAG(UNPRIVILEGED_BPF, 'u', ' ', false ), }; #undef TAINT_FLAG diff --git a/kernel/rh_flags.c b/kernel/rh_flags.c new file mode 100644 index 000000000000..10d26958f840 --- /dev/null +++ b/kernel/rh_flags.c @@ -0,0 +1,115 @@ +#include +#include +#include +#include +#include +#include +#include + +#define RH_FLAG_NAME_LEN 32 +#define MAX_RH_FLAGS 128 +#define MAX_RH_FLAG_NAME_LEN (MAX_RH_FLAGS * RH_FLAG_NAME_LEN) + +struct rh_flag { + struct list_head list; + char name[RH_FLAG_NAME_LEN]; +}; + +static LIST_HEAD(rh_flag_list); +static DEFINE_SPINLOCK(rh_flag_lock); + +bool __rh_add_flag(const char *flag_name) +{ + struct rh_flag *feat, *iter; + + BUG_ON(in_interrupt()); + feat = kzalloc(sizeof(*feat), GFP_ATOMIC); + if (WARN(!feat, "Adding Red Hat flag %s.\n", flag_name)) + return false; + strscpy(feat->name, flag_name, RH_FLAG_NAME_LEN); + + spin_lock(&rh_flag_lock); + list_for_each_entry_rcu(iter, &rh_flag_list, list) { + if (!strcmp(iter->name, flag_name)) { + kfree(feat); + feat = NULL; + break; + } + } + if (feat) + list_add_rcu(&feat->list, &rh_flag_list); + spin_unlock(&rh_flag_lock); + + if (feat) + pr_info("Adding Red Hat flag %s.\n", flag_name); + return true; +} +EXPORT_SYMBOL(__rh_add_flag); + +void rh_print_flags(void) +{ + struct rh_flag *feat; + + /* + * This function cannot do any locking, we're oopsing. Traversing + * rh_flag_list is okay, though, even without the rcu_read_lock + * taken: we never delete from that list and thus don't need the + * delayed free. All we need are the smp barriers invoked by the rcu + * list manipulation routines. + */ + if (list_empty(&rh_flag_list)) + return; + printk(KERN_DEFAULT "Red Hat flags:"); + list_for_each_entry_lockless(feat, &rh_flag_list, list) { + pr_cont(" %s", feat->name); + } + pr_cont("\n"); +} +EXPORT_SYMBOL(rh_print_flags); + +#ifdef CONFIG_SYSCTL +static int rh_flags_show(const struct ctl_table *ctl, int write, + void __user *buffer, size_t *lenp, + loff_t *ppos) +{ + struct ctl_table tbl = { .maxlen = MAX_RH_FLAG_NAME_LEN, }; + struct rh_flag *feat; + size_t offs = 0; + int ret; + + tbl.data = kmalloc(tbl.maxlen, GFP_KERNEL); + if (!tbl.data) + return -ENOMEM; + ((char *)tbl.data)[0] = '\0'; + + rcu_read_lock(); + list_for_each_entry_rcu(feat, &rh_flag_list, list) { + offs += scnprintf(tbl.data + offs, tbl.maxlen - offs, "%s%s", + offs == 0 ? "" : " ", feat->name); + } + rcu_read_unlock(); + + ret = proc_dostring(&tbl, write, buffer, lenp, ppos); + kfree(tbl.data); + return ret; +} + +static struct ctl_table rh_flags_table[] = { + { + .procname = "rh_flags", + .data = &rh_flag_list, + .maxlen = MAX_RH_FLAG_NAME_LEN, + .mode = 0444, + .proc_handler = rh_flags_show, + }, +}; +#endif + +static __init int rh_flags_init(void) +{ +#ifdef CONFIG_SYSCTL + register_sysctl_init("kernel", rh_flags_table); +#endif + return 0; +} +subsys_initcall(rh_flags_init); diff --git a/kernel/rh_messages.c b/kernel/rh_messages.c new file mode 100644 index 000000000000..bb69e8965748 --- /dev/null +++ b/kernel/rh_messages.c @@ -0,0 +1,414 @@ +/* + * The following functions are used by Red Hat to indicate to users that + * hardware and drivers are unsupported, or have limited support in RHEL major + * and minor releases. These functions output loud warning messages to the end + * user and should be USED WITH CAUTION. + * + * Any use of these functions _MUST_ be documented in the RHEL Release Notes, + * and have approval of management. + * + * Generally, the process of disabling a driver or device in RHEL requires the + * driver or device to be marked as 'deprecated' in all existing releases, and + * then either 'unmaintained' or 'disabled' in a future release. + * + * In general, deprecated and unmaintained drivers continue to receive security + * related fixes until they are disabled. + */ + +#include +#include +#include +#include "rh_messages.h" + +/** + * mark_hardware_unmaintained() - Mark hardware as unmaintained. + * @driver_name: driver name + * @fmt: format for device description + * @...: args for device description + * + * Called to notify users that the device will no longer be tested on a routine + * basis and driver code associated with this device is no longer being updated. + * Red Hat may, at their own discretion, fix security-related and critical + * issues. Support for this device will be disabled in a future major release + * and users deploying this device should plan to replace the device in + * production systems. + * + * This function should be used when the driver's usage can be tied to a + * specific hardware device. For example, a network device driver loading on a + * specific device that is no longer maintained by the manufacturer. + * + * Reserved for Internal Red Hat use only. + */ +void __maybe_unused mark_hardware_unmaintained(const char *driver_name, char *fmt, ...) +{ + char device_description[DEV_DESC_LEN]; + va_list args; + + va_start(args, fmt); + vsnprintf(device_description, DEV_DESC_LEN, fmt, args); + pr_crit(RH_UNMAINT_HW, + driver_name, device_description); + va_end(args); +} +EXPORT_SYMBOL(mark_hardware_unmaintained); + +/** + * mark_hardware_deprecated() - Mark hardware as deprecated. + * @driver_name: driver name + * @fmt: format for device description + * @...: args for device description + * + * Called to notify users that support for the device is planned to be + * unmaintained in a future major release, and will eventually be disabled in a + * future major release. This device should not be used in new production + * environments and users should replace the device in production systems. + * + * This function should be used when the driver's usage can be tied to a + * specific hardware device. For example, a network device driver loading on a + * specific device that is no longer maintained by the manufacturer. + * + * Reserved for Internal Red Hat use only. + */ +void __maybe_unused mark_hardware_deprecated(const char *driver_name, char *fmt, ...) +{ + char device_description[DEV_DESC_LEN]; + va_list args; + + va_start(args, fmt); + vsnprintf(device_description, DEV_DESC_LEN, fmt, args); + pr_crit(RH_DEPRECATED_HW, + driver_name, device_description); + va_end(args); +} + +/** + * mark_hardware_disabled() - Mark a driver as removed. + * @driver_name: driver name + * @fmt: format for device description + * @...: args for device description + * + * Called to notify users that a device's support has been completely disabled + * and no future support updates will occur. This device cannot be used in new + * production environments, and users must replace the device in production + * systems. + * + * This function should be used when the driver's usage can be tied to a + * specific hardware device. For example, a network device driver loading on a + * specific device that is no longer maintained by the manufacturer. + * + * Reserved for Internal Red Hat use only. + */ +static void __maybe_unused mark_hardware_disabled(const char *driver_name, char *fmt, ...) +{ + char device_description[DEV_DESC_LEN]; + va_list args; + + va_start(args, fmt); + vsnprintf(device_description, DEV_DESC_LEN, fmt, args); + pr_crit(RH_DISABLED_HW, + driver_name, device_description); + va_end(args); +} + +#ifdef CONFIG_PCI +/** + * pci_hw_deprecated() - Mark a PCI device deprecated. + * @dev: the PCI device structure to match against + * + * Called to check if this @dev is in the list of deprecated devices. + * + * Reserved for Internal Red Hat use only. + */ +static void __maybe_unused pci_hw_deprecated(struct pci_dev *dev) +{ + const struct pci_device_id *ret = pci_match_id(rh_deprecated_pci_devices, dev); + + if (!ret) + return; + + mark_hardware_deprecated(dev_driver_string(&dev->dev), "%04X:%04X @ %s", + dev->device, dev->vendor, pci_name(dev)); +} + +/** + * pci_hw_unmaintained() - Mark a PCI device unmaintained. + * @dev: the PCI device structure to match against + * + * Called to check if this @dev is in the list of unmaintained devices. + * + * Reserved for Internal Red Hat use only. + */ +static void pci_hw_unmaintained(struct pci_dev *dev) +{ + const struct pci_device_id *ret = pci_match_id(rh_unmaintained_pci_devices, dev); + + if (!ret) + return; + + mark_hardware_unmaintained(dev_driver_string(&dev->dev), "%04X:%04X @ %s", + dev->device, dev->vendor, pci_name(dev)); +} + +/** + * pci_hw_disabled() - Mark a PCI device disabled. + * @dev: the PCI device structure to match against + * + * Called to check if this @dev is in the list of disabled devices. + * + * Reserved for Internal Red Hat use only. + */ +static bool __maybe_unused pci_hw_disabled(struct pci_dev *dev) +{ + const struct pci_device_id *ret = pci_match_id(rh_disabled_pci_devices, dev); + + if (!ret) + return false; + + mark_hardware_disabled(dev_driver_string(&dev->dev), "%04X:%04X @ %s", + dev->device, dev->vendor, pci_name(dev)); + return true; +} +#endif + +/** + * driver_unmaintained() - check to see if a driver is unmaintained + * @module_name: module name + * + * Called to notify users that a driver will no longer be tested on a routine + * basis and the driver code is no longer being updated. Red Hat may fix + * security-related and critical issues. Support for this driver will be + * disabled in a future major release, and users should replace any affected + * devices in production systems. + * + * This function should be used when a driver's usage cannot be tied to a + * specific hardware device. For example, a network bonding driver or a higher + * level storage layer driver that is no longer maintained upstream. + * + * Reserved for Internal Red Hat use only. + */ +static void __maybe_unused driver_unmaintained(const char* module_name) +{ + int i = 0; + + while (rh_unmaintained_drivers[i]) { + if (strcmp(rh_unmaintained_drivers[i], module_name) == 0) { + pr_crit(RH_UNMAINT_DR, module_name); + return; + } + i++; + } +} + +/** + * driver_deprecated() - check to see if a driver is deprecated + * @driver_name: module name + * + * Called to notify users that support for this driver is planned to be + * unmaintained in a future major release, and will eventually be disabled in a + * future major release. This driver should not be used in new production + * environments and users should replace any affected devices in production + * systems. + * + * This function should be used when a driver's usage cannot be tied to a + * specific hardware device. For example, a network bonding driver or a higher + * level storage layer driver that is no longer maintained upstream. + * + * Reserved for Internal Red Hat use only. + */ +static void __maybe_unused driver_deprecated(const char* module_name) +{ + int i = 0; + + while (rh_deprecated_drivers[i]) { + if (strcmp(rh_deprecated_drivers[i], module_name) == 0) { + pr_crit(RH_DEPRECATED_DR, module_name); + return; + } + i++; + } +} + +/* There is no driver_disabled() function. Disabled drivers are configured off ;). */ + +/** + * init_fn_unmaintained - check to see if a built-in driver is unmaintained. + * @fn_name: module's module_init function name + * + * Called to notify users that a built-in driver will no longer be tested on a routine + * basis and the built-in driver code is no longer being updated. Red Hat may fix + * security-related and critical issues. Support for this built-in driver will be + * disabled in a future major release, and users should replace any affected + * devices in production systems. + * + * This function should be used when a built-in driver's usage cannot be tied to a + * specific hardware device. For example, a network bonding driver or a higher + * level storage layer driver that is no longer maintained upstream. + * + * Reserved for Internal Red Hat use only. + */ + +static void __maybe_unused init_fn_unmaintained(char* fn_name) +{ + int i = 0; + + while (rh_unmaintained_init_fns[i]) { + if (strcmp(rh_unmaintained_init_fns[i], fn_name) == 0) { + pr_crit(RH_UNMAINT_DR, fn_name); + return; + } + i++; + } +} + +/** + * init_fn_deprecated() - check to see if a built-in driver is deprecated + * @fn_name: module's module_init function name + * + * Called to notify users that support for this built-in driver is planned to be + * unmaintained in a future major release, and will eventually be disabled in a + * future major release. This driver should not be used in new production + * environments and users should replace any affected devices in production + * systems. + * + * This function should be used when a built-in driver's usage cannot be tied to a + * specific hardware device. For example, a network bonding driver or a higher + * level storage layer driver that is no longer maintained upstream. + * + * Reserved for Internal Red Hat use only. + */ +static void __maybe_unused init_fn_deprecated(char* fn_name) +{ + int i = 0; + + while (rh_deprecated_init_fns[i]) { + if (strcmp(rh_deprecated_init_fns[i], fn_name) == 0) { + pr_crit(RH_DEPRECATED_DR, fn_name); + return; + } + i++; + } +} + +/** + * mark_tech_preview() - Mark driver or kernel subsystem as 'Tech Preview' + * @msg: Driver or kernel subsystem name + * + * Called to minimize the support status of a new driver. This does TAINT the + * kernel. Calling this function indicates that the driver or subsystem has + * had limited testing and is not marked for full support within this RHEL + * minor release. The next RHEL minor release may contain full support for + * this driver. Red Hat does not guarantee that bugs reported against this + * driver or subsystem will be resolved. + * + * Reserved for Internal Red Hat use only. + */ +void __maybe_unused mark_tech_preview(const char *msg, struct module *mod) +{ + const char *str = NULL; + + if (msg) + str = msg; +#ifdef CONFIG_MODULES + else if (mod) + str = mod->name; +#endif + + pr_warn(RH_TECH_PREVIEW, (str ? str : "kernel")); + add_taint(TAINT_AUX, LOCKDEP_STILL_OK); +#ifdef CONFIG_MODULES + if (mod) + mod->taints |= (1U << TAINT_AUX); +#endif +} +EXPORT_SYMBOL(mark_tech_preview); + +/** + * mark_partner_supported() - Mark driver or kernel subsystem as 'Partner Supported' + * @msg: Driver or kernel subsystem name + * + * Called to minimize the support status of a new driver. This does TAINT the + * kernel. Calling this function indicates that the driver or subsystem + * is not supported directly by Red Hat but by a partner engineer. + * + * Reserved for Internal Red Hat use only. + */ +void __maybe_unused mark_partner_supported(const char *msg, struct module *mod) +{ + const char *str = NULL; + + if (msg) + str = msg; +#ifdef CONFIG_MODULES + else if (mod) + str = mod->name; +#endif + + pr_warn(RH_PARTNER_SUPPORTED, (str ? str : "kernel")); + add_taint(TAINT_PARTNER_SUPPORTED, LOCKDEP_STILL_OK); +#ifdef CONFIG_MODULES + if (mod) + mod->taints |= (1U << TAINT_PARTNER_SUPPORTED); +#endif +} +EXPORT_SYMBOL(mark_partner_supported); + +/* + * + * Functions called by 'main' kernel code. + * + */ + +#ifdef CONFIG_PCI +/** + * pci_rh_check_status - checks the status of a PCI device. + * @pci_dev: PCI device to be examined + * + * This function is called by the PCI driver subsystem to check the status of a + * PCI device. + * + * This function returns true if the PCI device is disabled, and false otherwise. + * + * Reserved for Internal Red Hat use only. + */ +bool __maybe_unused pci_rh_check_status(struct pci_dev *pci_dev) +{ + if (pci_dev->driver->driver.owner != NULL) { + if (!test_bit(TAINT_OOT_MODULE, &pci_dev->driver->driver.owner->taints)) { + pci_hw_unmaintained(pci_dev); + pci_hw_deprecated(pci_dev); + return pci_hw_disabled(pci_dev); + } + } + return false; +} +#endif + +/** module_rh_check_status - checks the status of a module. + * @module_name: Name of module to be examined + * + * This function is called by the module loading code to check the status of a + * module. + * + * Reserved for Internal Red Hat use only. + */ +void __maybe_unused module_rh_check_status(const char * module_name) +{ + driver_unmaintained(module_name); + driver_deprecated(module_name); +} + +/** + * init_rh_check_status - checks the status of a built-in module. + * @fn_name: init function of module to be examined + * + * This function is called by the init code to check the status of a built-in module. + * When a module is built-in, the module_init() function is converted into an initcall. + * The initcall is the called during boot with the other system initcalls. + * + * Reserved for Internal Red Hat use only. + */ +void __maybe_unused init_rh_check_status(char *fn_name) +{ + init_fn_deprecated(fn_name); + init_fn_unmaintained(fn_name); +} diff --git a/kernel/rh_messages.h b/kernel/rh_messages.h new file mode 100644 index 000000000000..3ac7e00e0def --- /dev/null +++ b/kernel/rh_messages.h @@ -0,0 +1,325 @@ +/* + * WARNING: This file is auto-generated by an internal Red Hat script and, + * in general, should not be modified by hand. + * See: https://gitlab.com/redhat/rhel/src/kernel/hardware-removal-support + */ + +/* + * The following tables are used by Red Hat to define what hardware and drivers + * are unsupported, or have limited support in RHEL major and minor releases. + * + * Generally, the process of disabling a driver or device in RHEL requires the + * driver or device to be marked as 'deprecated' in all existing releases, and + * then either 'unmaintained' or 'disabled' in a future release. + * + * In general, deprecated and unmaintained drivers continue to receive security + * related fixes until they are disabled. + */ + +#ifndef __RH_MESSAGES_H +#define __RH_MESSAGES_H + +#include +#include + +#define DEV_DESC_LEN 256 + +#define RH_UNMAINT_HW "Warning: Unmaintained Hardware is detected: %s:%s\n" + +#define RH_UNMAINT_DR "Warning: Unmaintained driver is detected: %s\n" + +#define RH_DEPRECATED_HW "Warning: Deprecated Hardware is detected: %s:%s " \ + "will not be maintained in a future major release " \ + "and may be disabled\n" + +#define RH_DEPRECATED_DR "Warning: Deprecated Driver is detected: %s will " \ + "not be maintained in a future major release and " \ + "may be disabled\n" + +#define RH_DISABLED_HW "Warning: Disabled Hardware is detected: %s:%s is " \ + "no longer enabled in this release.\n" + +#define RH_TECH_PREVIEW "TECH PREVIEW: %s may not be fully supported.\n" \ + "Please review provided documentation for " \ + "limitations.\n" + +#define RH_PARTNER_SUPPORTED "Warning: %s is a Partner supported GPL " \ + "module and not supported directly by Red Hat.\n" + +static const char *rh_deprecated_drivers[] = { + 0 /* Terminating entry */ +}; + +static const char *rh_deprecated_init_fns[] = { + 0 /* Terminating entry */ +}; + +static const char *rh_unmaintained_drivers[] = { + "aacraid", + "af_key", + "arp_tables", + "bnx2", + "bnx2fc", + "bnx2i", + "bnx2x", + "cnic", + "dl2k", + "e1000", + "ebtables", + "hdlc_fr", + "hpsa", + "ip6_tables", + "ip_set", + "ip_tables", + "mptbase", + "mptsas", + "mptscsih", + "mptspi", + "myri10ge", + "netxen_nic", + "nft_compat", + "nicpf", + "nicvf", + "nvmet-fc", + "nvmet-tcp", + "team", + 0 /* Terminating entry */ +}; + +static const char *rh_unmaintained_init_fns[] = { + "bnx2_pci_driver_init", + "e1000_init_module", + "rio_driver_init", + "hpsa_init", + "fusion_init", + "mptsas_init", + "fusion_init", + "mptspi_init", + "myri10ge_init_module", + "netxen_init_module", + "hdlc_fr_init", + "nvmet_fc_init_module", + "nvmet_tcp_init", + "team_module_init", + "ebtables_init", + "arp_tables_init", + "ip_tables_init", + "ip6_tables_init", + "ip_set_init", + "nft_compat_module_init", + "nicvf_init_module", + "nic_init_module", + "ipsec_pfkey_init", + "aac_init", + "cnic_init", + "bnx2x_init", + "bnx2fc_mod_init", + "bnx2i_mod_init", + 0 /* Terminating entry */ +}; + +static const struct pci_device_id rh_deprecated_pci_devices[] = { + {0} /* Terminating entry */ +}; + +static const struct pci_device_id rh_disabled_pci_devices[] = { + { 0x1011, 0x0046, 0x103c, 0x10c2 }, + { 0x1011, 0x0046, 0x9005, 0x0364 }, + { 0x1011, 0x0046, 0x9005, 0x0365 }, + { 0x1011, 0x0046, 0x9005, 0x1364 }, + { 0x1028, 0x0001, 0x1028, 0x0001 }, + { 0x1028, 0x0002, 0x1028, 0x0002 }, + { 0x1028, 0x0002, 0x1028, 0x00d1 }, + { 0x1028, 0x0002, 0x1028, 0x00d9 }, + { 0x1028, 0x0003, 0x1028, 0x0003 }, + { 0x1028, 0x0004, 0x1028, 0x00d0 }, + { 0x1028, 0x000a, 0x1028, 0x0106 }, + { 0x1028, 0x000a, 0x1028, 0x011b }, + { 0x1028, 0x000a, 0x1028, 0x0121 }, + { 0x9005, 0x0200, 0x9005, 0x0200 }, + { 0x9005, 0x0283, 0x9005, 0x0283 }, + { 0x9005, 0x0284, 0x9005, 0x0284 }, + { 0x9005, 0x0285, PCI_ANY_ID, PCI_ANY_ID }, + { 0x9005, 0x0285, 0x1014, 0x02F2 }, + { 0x9005, 0x0285, 0x1014, 0x0312 }, + { 0x9005, 0x0285, 0x1028, PCI_ANY_ID }, + { 0x9005, 0x0285, 0x1028, 0x0287 }, + { 0x9005, 0x0285, 0x103C, 0x3227 }, + { 0x9005, 0x0285, 0x17aa, PCI_ANY_ID }, + { 0x9005, 0x0285, 0x17aa, 0x0286 }, + { 0x9005, 0x0285, 0x17aa, 0x0287 }, + { 0x9005, 0x0285, 0x9005, 0x0285 }, + { 0x9005, 0x0285, 0x9005, 0x0286 }, + { 0x9005, 0x0285, 0x9005, 0x0287 }, + { 0x9005, 0x0285, 0x9005, 0x0288 }, + { 0x9005, 0x0285, 0x9005, 0x0289 }, + { 0x9005, 0x0285, 0x9005, 0x028a }, + { 0x9005, 0x0285, 0x9005, 0x028b }, + { 0x9005, 0x0285, 0x9005, 0x028e }, + { 0x9005, 0x0285, 0x9005, 0x028f }, + { 0x9005, 0x0285, 0x9005, 0x0290 }, + { 0x9005, 0x0285, 0x9005, 0x0291 }, + { 0x9005, 0x0285, 0x9005, 0x0292 }, + { 0x9005, 0x0285, 0x9005, 0x0293 }, + { 0x9005, 0x0285, 0x9005, 0x0294 }, + { 0x9005, 0x0285, 0x9005, 0x0296 }, + { 0x9005, 0x0285, 0x9005, 0x0297 }, + { 0x9005, 0x0285, 0x9005, 0x0298 }, + { 0x9005, 0x0285, 0x9005, 0x0299 }, + { 0x9005, 0x0285, 0x9005, 0x029a }, + { 0x9005, 0x0285, 0x9005, 0x02a4 }, + { 0x9005, 0x0285, 0x9005, 0x02a5 }, + { 0x9005, 0x0286, PCI_ANY_ID, PCI_ANY_ID }, + { 0x9005, 0x0286, 0x1014, 0x9540 }, + { 0x9005, 0x0286, 0x1014, 0x9580 }, + { 0x9005, 0x0286, 0x9005, 0x028c }, + { 0x9005, 0x0286, 0x9005, 0x028d }, + { 0x9005, 0x0286, 0x9005, 0x029b }, + { 0x9005, 0x0286, 0x9005, 0x029c }, + { 0x9005, 0x0286, 0x9005, 0x029d }, + { 0x9005, 0x0286, 0x9005, 0x029e }, + { 0x9005, 0x0286, 0x9005, 0x029f }, + { 0x9005, 0x0286, 0x9005, 0x02a0 }, + { 0x9005, 0x0286, 0x9005, 0x02a1 }, + { 0x9005, 0x0286, 0x9005, 0x02a2 }, + { 0x9005, 0x0286, 0x9005, 0x02a3 }, + { 0x9005, 0x0286, 0x9005, 0x02a6 }, + { 0x9005, 0x0286, 0x9005, 0x0800 }, + { 0x9005, 0x0287, 0x9005, 0x0800 }, + { 0x9005, 0x0288, PCI_ANY_ID, PCI_ANY_ID }, + { 0x19a2, 0x0222, PCI_ANY_ID, PCI_ANY_ID }, + { 0x19a2, 0x0712, PCI_ANY_ID, PCI_ANY_ID }, + { 0x19a2, 0x212, PCI_ANY_ID, PCI_ANY_ID }, + { 0x19a2, 0x702, PCI_ANY_ID, PCI_ANY_ID }, + { 0x19a2, 0x703, PCI_ANY_ID, PCI_ANY_ID }, + { 0x19a2, 0x0700, PCI_ANY_ID, PCI_ANY_ID }, + { 0x19a2, 0x0211, PCI_ANY_ID, PCI_ANY_ID }, + { 0x19a2, 0x0710, PCI_ANY_ID, PCI_ANY_ID }, + { 0x19a2, 0x0221, PCI_ANY_ID, PCI_ANY_ID }, + { 0x19a2, 0xe220, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0x1ae5, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xe100, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xe131, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xe180, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xe260, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xf095, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xf098, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xf0a1, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xf0a5, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xf0d1, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xf0d5, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xf0e1, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xf0e5, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xf0f5, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xf0f6, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xf0f7, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xf180, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xf700, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xf800, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xf900, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xf980, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xfa00, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xfb00, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xfc00, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xfc10, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xfc20, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xfc50, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xfd00, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xfd11, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xfd12, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xfe00, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xfe05, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xfe11, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xfe12, PCI_ANY_ID, PCI_ANY_ID }, + { 0x19a2, 0x0704, PCI_ANY_ID, PCI_ANY_ID }, + { 0x19a2, 0x0714, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x0060, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x0078, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x007C, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x0411, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x0413, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1028, 0x0015, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x1002, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x6340, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x634A, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x6354, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x6368, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x6372, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x6732, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x673C, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x6746, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x6750, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x675A, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x6764, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x676E, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x1003, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x1004, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x1005, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x1006, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x1007, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x1008, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x1009, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x100a, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x100b, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x100c, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x100d, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x100e, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x100f, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0x1010, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x0064, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x0065, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x0070, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x0072, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x0074, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x0076, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x0077, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x007E, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1077, 0x2422, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1077, 0x2432, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1077, 0x5422, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1077, 0x5432, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1077, 0x8001, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1077, 0x8021, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1077, 0x8044, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1077, 0x8432, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1077, 0xF000, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1077, 0x8022, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1077, 0x8032, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1077, 0x8042, PCI_ANY_ID, PCI_ANY_ID }, + {0} /* Terminating entry */ +}; + +static const struct pci_device_id rh_unmaintained_pci_devices[] = { + { 0x10df, 0xe220, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0x0724, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xe200, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xf011, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xf015, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xf100, PCI_ANY_ID, PCI_ANY_ID }, + { 0x10df, 0xfc40, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x005b, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x0071, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x0073, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x0079, PCI_ANY_ID, PCI_ANY_ID }, + { 0x15B3, 0xA2DC, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x006E, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x0080, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x0081, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x0082, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x0083, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x0084, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x0085, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x0086, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1000, 0x0087, PCI_ANY_ID, PCI_ANY_ID }, + { 0x177d, 0xa01e, PCI_ANY_ID, PCI_ANY_ID }, + { 0x177d, 0xa034, PCI_ANY_ID, PCI_ANY_ID }, + { 0x177d, 0x0011, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1077, 0x2031, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1077, 0x2532, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1077, 0x8031, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1924, 0x0803, PCI_ANY_ID, PCI_ANY_ID }, + { 0x1924, 0x0813, PCI_ANY_ID, PCI_ANY_ID }, + {0} /* Terminating entry */ +}; + +#endif /* __RH_MESSAGES_H */ diff --git a/kernel/rh_waived.c b/kernel/rh_waived.c new file mode 100644 index 000000000000..84e22b1730cc --- /dev/null +++ b/kernel/rh_waived.c @@ -0,0 +1,104 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * kernel/rh_waived.c + * + * rh_waived cmdline parameter support. + * + * Copyright (C) 2024, Red Hat, Inc. Ricardo Robaina + */ +#include +#include +#include +#include +#include +#include +#include +#include +#include + +/* + * RH_INSERT_WAIVED_FEAT + * This macro is intended to be used to insert items into the + * rh_waived_feat_list array. It expects to get an item from + * enum rh_waived_feat as its first argument, and a string + * holding the feature name as its second argument. + * + * The feature name is also utilized as the token for the + * boot parameter parser. + * + * Example usage: + * struct rh_waived_feat_item foo[RH_WAIVED_FEAT_ITEMS] = { + * RH_INSERT_WAIVED_FEAT(FOO_FEAT, "foo_feat_short_str"), + * }; + */ +#define RH_INSERT_WAIVED_FEAT(enum_item, name) \ + [(enum_item)] = {.feat_name = (name), .enabled = 0,} + +/* Indicates if the rh_flag 'rh_waived' should be added. */ +bool __initdata add_rh_flag = false; + +struct rh_waived_feat_item { + char *feat_name; + unsigned int enabled; +}; + +/* Always use the marco RH_INSERT_WAIVED_FEAT to insert items to this array. */ +struct rh_waived_feat_item rh_waived_feat_list[RH_WAIVED_FEAT_ITEMS] = { +}; + +/* + * is_rh_waived() - Checks if a given waived feature has been enabled. + * + * @feat: waived feature. + */ +__inline__ bool is_rh_waived(enum rh_waived_feat feat) +{ + return !!rh_waived_feat_list[feat].enabled; +} +EXPORT_SYMBOL(is_rh_waived); + +static int __init rh_waived_setup(char *s) +{ + int i; + char *token; + + pr_info(KERN_CONT "rh_waived: "); + + if (!s) { + for (i = 0; i < RH_WAIVED_FEAT_ITEMS; i++) { + rh_waived_feat_list[i].enabled = 1; + pr_info(KERN_CONT "%s%s", rh_waived_feat_list[i].feat_name, + i < RH_WAIVED_FEAT_ITEMS - 1 ? " " : "\n"); + } + } + + while ((token = strsep(&s, ",")) != NULL) { + for (i = 0; i < RH_WAIVED_FEAT_ITEMS; i++) { + if (!strcmp(token, rh_waived_feat_list[i].feat_name)) { + rh_waived_feat_list[i].enabled = 1; + pr_info(KERN_CONT "%s%s", rh_waived_feat_list[i].feat_name, + i < RH_WAIVED_FEAT_ITEMS - 1 ? " " : "\n"); + } + } + } + + add_rh_flag = true; + + return 0; +} +early_param("rh_waived", rh_waived_setup); + +/* + * rh_flags is initialized at subsys_initcall, calling rh_add_flag() + * from rh_waived_setup() would result in a can't boot situation. + * Deffering the inclusion 'rh_waived' rh_flag to late_initcall to + * avoid this issue. + */ +static int __init __add_rh_flag(void) +{ + if (add_rh_flag) + rh_add_flag("rh_waived"); + + return 0; +} +late_initcall(__add_rh_flag); diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c index d16d0ace2775..e0aab60d74c4 100644 --- a/scripts/mod/modpost.c +++ b/scripts/mod/modpost.c @@ -25,6 +25,7 @@ #include #include "modpost.h" #include "../../include/linux/license.h" +#include "../../include/generated/uapi/linux/version.h" static bool module_enabled; /* Are we using CONFIG_MODVERSIONS? */ @@ -1931,6 +1932,12 @@ static void write_buf(struct buffer *b, const char *fname) } } +static void add_rhelversion(struct buffer *b, struct module *mod) +{ + buf_printf(b, "MODULE_INFO(rhelversion, \"%d.%d\");\n", RHEL_MAJOR, + RHEL_MINOR); +} + static void write_if_changed(struct buffer *b, const char *fname) { char *tmp; @@ -1991,6 +1998,7 @@ static void write_mod_c_file(struct module *mod) add_depends(&buf, mod); add_moddevtable(&buf, mod); add_srcversion(&buf, mod); + add_rhelversion(&buf, mod); ret = snprintf(fname, sizeof(fname), "%s.mod.c", mod->name); if (ret >= sizeof(fname)) { diff --git a/scripts/sign-file.c b/scripts/sign-file.c index 3edb156ae52c..0114ae1dbf7f 100644 --- a/scripts/sign-file.c +++ b/scripts/sign-file.c @@ -27,7 +27,6 @@ #include #include #include -#include /* * OpenSSL 3.0 deprecates the OpenSSL's ENGINE API. @@ -99,16 +98,6 @@ static void display_openssl_errors(int l) } } -static void drain_openssl_errors(void) -{ - const char *file; - int line; - - if (ERR_peek_error() == 0) - return; - while (ERR_get_error_line(&file, &line)) {} -} - #define ERR(cond, fmt, ...) \ do { \ bool __cond = (cond); \ @@ -144,22 +133,8 @@ static EVP_PKEY *read_private_key(const char *private_key_name) EVP_PKEY *private_key; if (!strncmp(private_key_name, "pkcs11:", 7)) { - ENGINE *e; - - ENGINE_load_builtin_engines(); - drain_openssl_errors(); - e = ENGINE_by_id("pkcs11"); - ERR(!e, "Load PKCS#11 ENGINE"); - if (ENGINE_init(e)) - drain_openssl_errors(); - else - ERR(1, "ENGINE_init"); - if (key_pass) - ERR(!ENGINE_ctrl_cmd_string(e, "PIN", key_pass, 0), - "Set PKCS#11 PIN"); - private_key = ENGINE_load_private_key(e, private_key_name, - NULL, NULL); - ERR(!private_key, "%s", private_key_name); + fprintf(stderr, "Error: pkcs11 not implemented\n"); + exit(1); } else { BIO *b; diff --git a/scripts/tags.sh b/scripts/tags.sh index 191e0461d6d5..e6f418b3e948 100755 --- a/scripts/tags.sh +++ b/scripts/tags.sh @@ -16,6 +16,8 @@ fi ignore="$(echo "$RCS_FIND_IGNORE" | sed 's|\\||g' )" # tags and cscope files should also ignore MODVERSION *.mod.c files ignore="$ignore ( -name *.mod.c ) -prune -o" +# RHEL tags and cscope should also ignore redhat/rpm +ignore="$ignore ( -path redhat/rpm ) -prune -o" # ignore arbitrary directories if [ -n "${IGNORE_DIRS}" ]; then diff --git a/security/integrity/platform_certs/load_uefi.c b/security/integrity/platform_certs/load_uefi.c index d1fdd113450a..182e8090cfe8 100644 --- a/security/integrity/platform_certs/load_uefi.c +++ b/security/integrity/platform_certs/load_uefi.c @@ -74,7 +74,8 @@ static __init void *get_cert_list(efi_char16_t *name, efi_guid_t *guid, return NULL; if (*status != EFI_BUFFER_TOO_SMALL) { - pr_err("Couldn't get size: 0x%lx\n", *status); + pr_err("Couldn't get size: %s (0x%lx)\n", + efi_status_to_str(*status), *status); return NULL; } @@ -85,7 +86,8 @@ static __init void *get_cert_list(efi_char16_t *name, efi_guid_t *guid, *status = efi.get_variable(name, guid, NULL, &lsize, db); if (*status != EFI_SUCCESS) { kfree(db); - pr_err("Error reading db var: 0x%lx\n", *status); + pr_err("Error reading db var: %s (0x%lx)\n", + efi_status_to_str(*status), *status); return NULL; } diff --git a/security/lockdown/Kconfig b/security/lockdown/Kconfig index e84ddf484010..d0501353a4b9 100644 --- a/security/lockdown/Kconfig +++ b/security/lockdown/Kconfig @@ -16,6 +16,19 @@ config SECURITY_LOCKDOWN_LSM_EARLY subsystem is fully initialised. If enabled, lockdown will unconditionally be called before any other LSMs. +config LOCK_DOWN_IN_EFI_SECURE_BOOT + bool "Lock down the kernel in EFI Secure Boot mode" + default n + depends on EFI && SECURITY_LOCKDOWN_LSM_EARLY + help + UEFI Secure Boot provides a mechanism for ensuring that the firmware + will only load signed bootloaders and kernels. Secure boot mode may + be determined from EFI variables provided by the system firmware if + not indicated by the boot parameters. + + Enabling this option results in kernel lockdown being triggered if + EFI Secure Boot is set. + choice prompt "Kernel default lockdown mode" default LOCK_DOWN_KERNEL_FORCE_NONE diff --git a/security/lockdown/lockdown.c b/security/lockdown/lockdown.c index cd84d8ea1dfb..e4c70a0312bc 100644 --- a/security/lockdown/lockdown.c +++ b/security/lockdown/lockdown.c @@ -74,6 +74,7 @@ static int lockdown_is_locked_down(enum lockdown_reason what) static struct security_hook_list lockdown_hooks[] __ro_after_init = { LSM_HOOK_INIT(locked_down, lockdown_is_locked_down), + LSM_HOOK_INIT(lock_kernel_down, lock_kernel_down), }; const struct lsm_id lockdown_lsmid = { diff --git a/security/security.c b/security/security.c index 8cee5b6c6e6d..489e25946bf9 100644 --- a/security/security.c +++ b/security/security.c @@ -5596,6 +5596,18 @@ int security_locked_down(enum lockdown_reason what) } EXPORT_SYMBOL(security_locked_down); +/** + * security_lock_kernel_down() - Put the kernel into lock-down mode. + * + * @where: Where the lock-down is originating from (e.g. command line option) + * @level: The lock-down level (can only increase) + */ +int security_lock_kernel_down(const char *where, enum lockdown_reason level) +{ + return call_int_hook(lock_kernel_down, where, level); +} +EXPORT_SYMBOL(security_lock_kernel_down); + #ifdef CONFIG_PERF_EVENTS /** * security_perf_event_open() - Check if a perf event open is allowed