This enables toggling between ro/rw for btrfs subvolumes under shiftfs.
Currently, btrfs workloads employing shiftfs cause regression.
With btrfs unprivileged users can already toggle whether a subvolume
will be ro or rw. This is broken on current shiftfs as we haven't
whitelisted these ioctls().
To prevent such regression, we need to whitelist the ioctls
BTRFS_IOC_FS_INFO, BTRFS_IOC_SUBVOL_GETFLAGS, and
BTRFS_IOC_SUBVOL_SETFLAGS. All of them should be safe for unprivileged
users.
Struct ca is copied from userspace. It is not checked whether the "name"
field is NULL terminated, which allows local users to obtain potentially
sensitive information from kernel stack memory, via a HIDPCONNADD command.
This vulnerability is similar to CVE-2011-1079.
Signed-off-by: Young Xiao <email address hidden>
Signed-off-by: Marcel Holtmann <email address hidden>
Cc: <email address hidden>
(cherry picked from commit a1616a5ac99ede5d605047a9012481ce7ff18b16)
Signed-off-by: Connor Kuehl <email address hidden>
Acked-by: Kamal Mostafa <email address hidden>
Acked-by: Colin Ian King <email address hidden>
Acked-by: Po-Hsu Lin <email address hidden>
Signed-off-by: Khalid Elmously <email address hidden>
e09b101...
by
Geert Uytterhoeven <email address hidden>
While devm_gpiod_get_index_optional() returns NULL if the GPIO is not
present (i.e. -ENOENT), it may still return other error codes, like
-EPROBE_DEFER. Currently these are not handled, leading to
unrecoverable failures later in case of probe deferral:
The DW controller also supports platforms specifying
native chipselects. When I enforce the use of high CS
for drivers opting in for using GPIO descriptors, I
inadvertedly switched the driver to also use active
high chip select for native chip selects.
As it turns out, the DW hardware driving chip selects
also thinks it is weird with active low chip selects
so all we need to do is remove an inversion in the
driver.
Cc: Jan Kotas <email address hidden>
Reported-by: Jan Kotas <email address hidden>
Tested-by: Jan Kotas <email address hidden>
Fixes: 9400c41e77b8 ("spi: dw: Convert to use CS GPIO descriptors")
Signed-off-by: Linus Walleij <email address hidden>
Signed-off-by: Mark Brown <email address hidden>
(cherry picked from commit 6e0a32d6f376ea22a34ae3a8df60adafbcdb0c86)
Signed-off-by: Ike Panhc <email address hidden>
Acked-by: Khalid Elmously <email address hidden>
Acked-by: Connor Kuehl <email address hidden>
Signed-off-by: Kleber Sacilotto de Souza <email address hidden>
This augments the SPI core to optionally use GPIO descriptors
for chip select on a per-master-driver opt-in basis.
Drivers using this will rely on the SPI core to look up
GPIO descriptors associated with the device, such as
when using device tree or board files with GPIO descriptor
tables.
When getting descriptors from the device tree, this will in
turn activate the code in gpiolib that was
added in commit 6953c57ab172
("gpio: of: Handle SPI chipselect legacy bindings")
which means that these descriptors are aware of the active
low semantics that is the default for SPI CS GPIO lines
and we can assume that all of these are "active high" and
thus assign SPI_CS_HIGH to all CS lines on the DT path.
The previously used gpio_set_value() would call down into
gpiod_set_raw_value() and ignore the polarity inversion
semantics.
It seems like many drivers go to great lengths to set up the
CS GPIO line as non-asserted, respecting SPI_CS_HIGH. We pull
this out of the SPI drivers and into the core, and by simply
requesting the line as GPIOD_OUT_LOW when retrieveing it from
the device and relying on the gpiolib to handle any inversion
semantics. This way a lot of code can be simplified and
removed in each converted driver.
The end goal after dealing with each driver in turn, is to
delete the non-descriptor path (of_spi_register_master() for
example) and let the core deal with only descriptors.
The different SPI drivers have complex interactions with the
core so we cannot simply change them all over, we need to use
a stepwise, bisectable approach so that each driver can be
converted and fixed in isolation.
This patch has the intended side effect of adding support for
ACPI GPIOs as it starts relying on gpiod_get_*() to get
the GPIO handle associated with the device.
Cc: Linuxarm <email address hidden>
Acked-by: Jonathan Cameron <email address hidden>
Tested-by: Fangjian (Turing) <email address hidden>
Signed-off-by: Linus Walleij <email address hidden>
Signed-off-by: Mark Brown <email address hidden>
(cherry picked from commit f3186dd876697e696d07136623d5cf0a6fb0bc0f)
Signed-off-by: Ike Panhc <email address hidden>
Acked-by: Khalid Elmously <email address hidden>
Acked-by: Connor Kuehl <email address hidden>
Signed-off-by: Kleber Sacilotto de Souza <email address hidden>