If blk-crypto-fallback is needed but is disabled by kconfig, make
blk_crypto_start_using_mode() return an error rather than succeeding.
Use ENOPKG, which matches the error code used by fscrypt when crypto API
support is missing with fs-layer encryption.
Also, if blk-crypto-fallback is needed but the algorithm is missing from
the kernel's crypto API, change the error code from ENOENT to ENOPKG.
This is needed for VtsKernelEncryptionTest to pass on some devices.
Bug: 137270441
Bug: 151100202
Test: 'atest vts_kernel_encryption_test' on Pixel 4 with the
inline crypto patches backported, and also on Cuttlefish.
Change-Id: Iedf00ca8e48c74a5d4c40b12712f38738a04ef11
Signed-off-by: Eric Biggers <ebiggers@google.com>
Git-commit: ce1ccfb9ef
Git-repo: https://android.googlesource.com/kernel/common/+/refs/heads/android-4.19
[neersoni@codeaurora.org: Back port the change]
Signed-off-by: Neeraj Soni <neersoni@codeaurora.org>
Add an ioctl FS_IOC_GET_ENCRYPTION_NONCE which retrieves the nonce from
an encrypted file or directory. The nonce is the 16-byte random value
stored in the inode's encryption xattr. It is normally used together
with the master key to derive the inode's actual encryption key.
The nonces are needed by automated tests that verify the correctness of
the ciphertext on-disk. Except for the IV_INO_LBLK_64 case, there's no
way to replicate a file's ciphertext without knowing that file's nonce.
The nonces aren't secret, and the existing ciphertext verification tests
in xfstests retrieve them from disk using debugfs or dump.f2fs. But in
environments that lack these debugging tools, getting the nonces by
manually parsing the filesystem structure would be very hard.
To make this important type of testing much easier, let's just add an
ioctl that retrieves the nonce.
Link: https://lore.kernel.org/r/20200314205052.93294-2-ebiggers@kernel.org
Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Bug: 151100202
Change-Id: Ieef2c57b9257ae38eb2e5c1a018ca6f325bb62dd
Signed-off-by: Eric Biggers <ebiggers@google.com>
Git-commit: e98ad464750c0894bc560d10503dae8ff90ccdac
Git-repo: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
[neersoni@codeaurora.org: Back port the changes]
Signed-off-by: Neeraj Soni <neersoni@codeaurora.org>
While setting boost to cluster_data, we iterate clusters with local
uninitialized cluster variable, it is possible that, the cluster
could be null and is used in trace point.
Fix it by moving trace print to cluster validated point.
Change-Id: I466a92f2640cd5058f79355ee0cf354c41c79f7b
Signed-off-by: Lingutla Chandrasekhar <clingutla@codeaurora.org>
Commit 2733ec307c ("sound: usb: Clear in_use if wait_event
fails while disconnect") added ENODEV check with EINVAL in the
error path if chip is removed while handling uaudio stream request.
Instead, both the error codes should be checked exclusively in the
return path to avoid NULL pointer access.
Change-Id: Iebf12b6f13fc6a22c679ed3482759c9173004bb8
Signed-off-by: Pratham Pratap <prathampratap@codeaurora.org>
lt9611_bridge_pre_enable is not supposed to do lt9611uxc IC's
reset for it will reset the irq status reg and hpd status reg
which may cause many interrupts.
Change-Id: I9bde734c3227adca170208ca642792be64b4a72c
Signed-off-by: GG Hou <renjhou@codeaurora.org>
Old platforms ex:SDM660 still uses hypervisor call
for WLAN MSA region to be controlled via HLOS.
Add hypervisor call for supporting wlan on legacy
platforms.
Use "qcom,hyp_enabled" bool for enabling hypervisor call
for legacy platforms.
Change-Id: Iae046a45e12228b99f43ef986fb180bd3720db5e
Signed-off-by: Govind Singh <govinds@codeaurora.org>
DEBUGFS will be disabled on android R perf builds. Since tz logs
are dependent on debugfs, CONFIG_MSM_TZ_LOG needs to be removed
as well.
Change-Id: Ic09c4782cf1a79422f08a191b3d99a6b44550991
Signed-off-by: Prerna Kalla <prernak@codeaurora.org>
The binder driver makes the assumption proc->context pointer is invariant after
initialization (as documented in the kerneldoc header for struct proc).
However, in commit f0fe2c0f050d ("binder: prevent UAF for binderfs devices II")
proc->context is set to NULL during binder_deferred_release().
Another proc was in the middle of setting up a transaction to the dying
process and crashed on a NULL pointer deref on "context" which is a local
set to &proc->context:
new_ref->data.desc = (node == context->binder_context_mgr_node) ? 0 : 1;
Here's the stack:
[ 5237.855435] Call trace:
[ 5237.855441] binder_get_ref_for_node_olocked+0x100/0x2ec
[ 5237.855446] binder_inc_ref_for_node+0x140/0x280
[ 5237.855451] binder_translate_binder+0x1d0/0x388
[ 5237.855456] binder_transaction+0x2228/0x3730
[ 5237.855461] binder_thread_write+0x640/0x25bc
[ 5237.855466] binder_ioctl_write_read+0xb0/0x464
[ 5237.855471] binder_ioctl+0x30c/0x96c
[ 5237.855477] do_vfs_ioctl+0x3e0/0x700
[ 5237.855482] __arm64_sys_ioctl+0x78/0xa4
[ 5237.855488] el0_svc_common+0xb4/0x194
[ 5237.855493] el0_svc_handler+0x74/0x98
[ 5237.855497] el0_svc+0x8/0xc
The fix is to move the kfree of the binder_device to binder_free_proc()
so the binder_device is freed when we know there are no references
remaining on the binder_proc.
Change-Id: Icb74dba032540a67854deb00e1e78e32326717b6
Fixes: f0fe2c0f050d ("binder: prevent UAF for binderfs devices II")
Signed-off-by: Todd Kjos <tkjos@google.com>
Patch-mainline: linux-kernel @ 06/22/20, 13:07:15 -0700
Signed-off-by: Neeraj Upadhyay <neeraju@codeaurora.org>
Do not set BC1P2_START_ON_CC on detecting a DAM cable to
avoid a device brown-out.
Change-Id: I9192c6d2e89170585b98cbbaa8762aeffe66949e
Signed-off-by: Kiran Gunda <kgunda@codeaurora.org>
Fix a null pointer dereference issue when data packets trigger the
queuing of powersave work before the powersave workqueue is initialized.
Change-Id: Ia3515a7aaa47cb41568c39462bca73ceae11ea9c
Acked-by: Weiyi Chen <weiyic@qti.qualcomm.com>
Signed-off-by: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org>
Add watchdog timer to recover potential data stall when data is
not going to the expected DRB and no DFC indication is received.
Change-Id: Iaa4b4814967cf9400c36115a083922376d23928d
Acked-by: Weiyi Chen <weiyic@qti.qualcomm.com>
Signed-off-by: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org>
With the valid SMMU IOVA range WLAN firmware is able to detect invalid
host DDR access before SMMU fault happens.
Change-Id: I9663d9405bdb5907bcc1ca36e2d743d1ef8cb279
Signed-off-by: Mohammed Siddiq <msiddiq@codeaurora.org>
The following race is observable when onlining the first memory block of
a zone. Consider 2 processes, P1 and P2, where P1 is onlining the first
memory block of a zone(say movable) and P2 is trying to allocate the
pages from the same.
P1 P2
Online the first memory block in
the movable zone. Zone lists are
built but the pcp struct are yet
to update thus the values are
pcp's ->high = 0, ->count = 1.
Allocate the pages from the
movable zone. Since the pages
are available in buddy, it gets
from movable zone.
This process is entered into
the exit path thus it tries
to release the order-0 pages
to pcp lists through
free_unref_page_commit().
As pcp->high = 0, pcp->count = 1
proceed calling the function
free_pcppages_bulk().
Call zone_pcp_update().
Update the pcp values thus the new
pcp values are like, say, pcp's
->high = 378, ->batch = 63.
Read the pcp's batch value using
READ_ONCE() and pass the same to
free_pcppages_bulk(), pcp values
passed here are, batch = 63,
count = 1.
Since num of pages in the pcp
lists are less than ->batch,
then it will stuck in
while(list_empty(list)) loop
with interrupts disabled thus
a core hung.
Avoid this by skipping free_pcppages_bulk() when pcp struct is not
initialized.
Change-Id: I8407b8e91e13ac699233f61f8c2e893061825b4b
Signed-off-by: Charan Teja Reddy <charante@codeaurora.org>
Move the clock/regulator dumps to LPM suspend entry to avoid the
possibility of scheduling while in atomic context as a mutex needs to
be acquired before dumping the enabled clocks list.
Change-Id: Ic3d65d78a3896aa969c759fc45193f3a4e3e772c
Signed-off-by: Taniya Das <tdas@codeaurora.org>
Clear keys after unwrap or kdf as a failsafe, which is
expected to return failure if keyslots are empty. Hence
move error message to debug to avoid unnecessary logs
during normal boot flow.
Change-Id: If8e03ad70df6e0f09ac565bced04b272706a5628
Signed-off-by: AnilKumar Chimata <anilc@codeaurora.org>
Enable the Hardware key manager driver that interfaces
with the master and slave blocks for crypto functionality.
Change-Id: I6dba16df655855790b395ede052ed15040119872
Signed-off-by: AnilKumar Chimata <anilc@codeaurora.org>
When onlining a first memory block in a zone, pcp lists are not updated
thus pcp struct will have the default setting of ->high = 0,->batch = 1.
This means till the second memory block in a zone(if it have) is onlined
the pcp lists of this zone will not contain any pages because pcp's
->count is always greater than ->high thus free_pcppages_bulk() is
called to free batch size(=1) pages every time system wants to add a
page to the pcp list through free_unref_page(). To put this in a word,
system is not using benefits offered by the pcp lists when there is a
single onlineable memory block in a zone. Correct this by always
updating the pcp lists when memory block is onlined.
Change-Id: I5a0c5cc128481fdb48b9dc4e1fe2860f59e958e3
Signed-off-by: Charan Teja Reddy <charante@codeaurora.org>
