Linux v5.4-rc6

4 files changed, 7 insertions, 315 deletions

diff --git a/efi-efi_test-lock-down-dev-efi_test-and-require-CAP_.patch b/efi-efi_test-lock-down-dev-efi_test-and-require-CAP_.patch
deleted file mode 100644
index 61a52c6fd..000000000
--- a/efi-efi_test-lock-down-dev-efi_test-and-require-CAP_.patch
+++ /dev/null
@@ -1,87 +0,0 @@
-From: Javier Martinez Canillas <javierm@redhat.com>
-Subject: [PATCH v2] efi/efi_test: lock down /dev/efi_test and require
- CAP_SYS_ADMIN
-Date: Tue,  8 Oct 2019 12:55:10 +0200
-
-The driver exposes EFI runtime services to user-space through an IOCTL
-interface, calling the EFI services function pointers directly without
-using the efivar API.
-
-Disallow access to the /dev/efi_test character device when the kernel is
-locked down to prevent arbitrary user-space to call EFI runtime services.
-
-Also require CAP_SYS_ADMIN to open the chardev to prevent unprivileged
-users to call the EFI runtime services, instead of just relying on the
-chardev file mode bits for this.
-
-The main user of this driver is the fwts [0] tool that already checks if
-the effective user ID is 0 and fails otherwise. So this change shouldn't
-cause any regression to this tool.
-
-[0]: https://wiki.ubuntu.com/FirmwareTestSuite/Reference/uefivarinfo
-
-Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
-Acked-by: Laszlo Ersek <lersek@redhat.com>
-Acked-by: Matthew Garrett <mjg59@google.com>
----
-
-Changes in v2:
-- Also disable /dev/efi_test access when the kernel is locked down as
-  suggested by Matthew Garrett.
-- Add Acked-by tag from Laszlo Ersek.
-
- drivers/firmware/efi/test/efi_test.c | 8 ++++++++
- include/linux/security.h             | 1 +
- security/lockdown/lockdown.c         | 1 +
- 3 files changed, 10 insertions(+)
-
-diff --git a/drivers/firmware/efi/test/efi_test.c b/drivers/firmware/efi/test/efi_test.c
-index 877745c3aaf..7baf48c01e7 100644
---- a/drivers/firmware/efi/test/efi_test.c
-+++ b/drivers/firmware/efi/test/efi_test.c
-@@ -14,6 +14,7 @@
- #include <linux/init.h>
- #include <linux/proc_fs.h>
- #include <linux/efi.h>
-+#include <linux/security.h>
- #include <linux/slab.h>
- #include <linux/uaccess.h>
- 
-@@ -717,6 +718,13 @@ static long efi_test_ioctl(struct file *file, unsigned int cmd,
- 
- static int efi_test_open(struct inode *inode, struct file *file)
- {
-+	int ret = security_locked_down(LOCKDOWN_EFI_TEST);
-+
-+	if (ret)
-+		return ret;
-+
-+	if (!capable(CAP_SYS_ADMIN))
-+		return -EACCES;
- 	/*
- 	 * nothing special to do here
- 	 * We do accept multiple open files at the same time as we
-diff --git a/include/linux/security.h b/include/linux/security.h
-index a8d59d612d2..9df7547afc0 100644
---- a/include/linux/security.h
-+++ b/include/linux/security.h
-@@ -105,6 +105,7 @@ enum lockdown_reason {
- 	LOCKDOWN_NONE,
- 	LOCKDOWN_MODULE_SIGNATURE,
- 	LOCKDOWN_DEV_MEM,
-+	LOCKDOWN_EFI_TEST,
- 	LOCKDOWN_KEXEC,
- 	LOCKDOWN_HIBERNATION,
- 	LOCKDOWN_PCI_ACCESS,
-diff --git a/security/lockdown/lockdown.c b/security/lockdown/lockdown.c
-index 8a10b43daf7..40b790536de 100644
---- a/security/lockdown/lockdown.c
-+++ b/security/lockdown/lockdown.c
-@@ -20,6 +20,7 @@ static const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1] = {
- 	[LOCKDOWN_NONE] = "none",
- 	[LOCKDOWN_MODULE_SIGNATURE] = "unsigned module loading",
- 	[LOCKDOWN_DEV_MEM] = "/dev/mem,kmem,port",
-+	[LOCKDOWN_EFI_TEST] = "/dev/efi_test access",
- 	[LOCKDOWN_KEXEC] = "kexec of unsigned images",
- 	[LOCKDOWN_HIBERNATION] = "hibernation",
- 	[LOCKDOWN_PCI_ACCESS] = "direct PCI access",
diff --git a/efi-libstub-arm-account-for-firmware-reserved-memory-at-the-base-of-RAM.patch b/efi-libstub-arm-account-for-firmware-reserved-memory-at-the-base-of-RAM.patch
deleted file mode 100644
index 47bccc262..000000000
--- a/efi-libstub-arm-account-for-firmware-reserved-memory-at-the-base-of-RAM.patch
+++ /dev/null
@@ -1,216 +0,0 @@
-From patchwork Mon Oct 14 16:33:09 2019
-Content-Type: text/plain; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 7bit
-X-Patchwork-Submitter: Ard Biesheuvel <ard.biesheuvel@linaro.org>
-X-Patchwork-Id: 11189097
-Return-Path: 
- <SRS0=bNJh=YH=lists.infradead.org=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@kernel.org>
-Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
- [172.30.200.123])
-	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E1AD11390
-	for <patchwork-linux-arm@patchwork.kernel.org>;
- Mon, 14 Oct 2019 16:33:28 +0000 (UTC)
-Received: from bombadil.infradead.org (bombadil.infradead.org
- [198.137.202.133])
-	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
-	(No client certificate requested)
-	by mail.kernel.org (Postfix) with ESMTPS id BF9BE217D9
-	for <patchwork-linux-arm@patchwork.kernel.org>;
- Mon, 14 Oct 2019 16:33:28 +0000 (UTC)
-Authentication-Results: mail.kernel.org;
-	dkim=pass (2048-bit key) header.d=lists.infradead.org
- header.i=@lists.infradead.org header.b="AWaZtE0p";
-	dkim=fail reason="signature verification failed" (2048-bit key)
- header.d=linaro.org header.i=@linaro.org header.b="THTDXG/3"
-DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org BF9BE217D9
-Authentication-Results: mail.kernel.org;
- dmarc=fail (p=none dis=none) header.from=linaro.org
-Authentication-Results: mail.kernel.org;
- spf=none
- smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org
-DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
-	d=lists.infradead.org; s=bombadil.20170209; h=Sender:
-	Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post:
-	List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:To
-	:From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:
-	Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:
-	List-Owner; bh=bFVBLmSAI67EKVRVJ976rFVJhb17XzlF5Frmxpt4Q24=; b=AWaZtE0prtFAKn
-	TzXV3jyYung5GM46YpbdIYSXq5utN5mbiOzHoadisQSsfKUn1h5/wpF7esUHXwHaDS5FWUUp5g6F+
-	P0rKmQjVgWN+jVD7Kk7RvmJewoFKWvlUzoG5+Lfin8NLSHMwNg+v2Z+sUayE+SylST1LP8jkK8B7e
-	QiOi647qxPv6IW25Zucu4D+N8DXmh+t6DjJXZ2W1LznbCD0PIPjTpcen0dntkHUYL0FHya3ghdrC3
-	ejo+MjvSDlrs4LgP5ER56hiSeucu58WMLefoUS3oSEYirB+9zt3Qk2Ppxv6k2GY/NBkLjw9jT76kg
-	OIZj83Gck17z+l7+NVmQ==;
-Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org)
-	by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux))
-	id 1iK3Hk-0001ZP-CS; Mon, 14 Oct 2019 16:33:28 +0000
-Received: from mail-wm1-x341.google.com ([2a00:1450:4864:20::341])
- by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux))
- id 1iK3Hf-0001Tp-Mo
- for linux-arm-kernel@lists.infradead.org; Mon, 14 Oct 2019 16:33:26 +0000
-Received: by mail-wm1-x341.google.com with SMTP id y135so386665wmc.1
- for <linux-arm-kernel@lists.infradead.org>;
- Mon, 14 Oct 2019 09:33:23 -0700 (PDT)
-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
- h=from:to:cc:subject:date:message-id:mime-version
- :content-transfer-encoding;
- bh=yuEdphuMWOUGDahWSE97oqgmOlObKgpyvQgzFU8TRQU=;
- b=THTDXG/3mOeZtb6dOK6qrH1eQvV7z52+jijnE+ULOhMbPReKZiIPTLCR3+W7HnWIkL
- RFmtL80kGqOr/FynSqFtzLiwv4TaClqwXnVtULNnpITi/cHhy+AnvWVfQCDZ1THjSHSh
- pduFTV40hbsfQR4K3wm6K4LGLOnaAkS193JT28eOdR7oOcCjbZSKoQKTYCquWrAWTeIo
- oQAUnFNuy4gdBy+94VmzR0AdgNrDXTc5KPDYLaOTSBxZUJQ8+7pDFhxOxm06B6gNgPEp
- fzYcPcRV2R9hc6PtL8jxMKRNQ3PcJnas8KU2DsmaK/FJZxgtzXs97TaHydGKq33TYgst
- Mpow==
-X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
- d=1e100.net; s=20161025;
- h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
- :content-transfer-encoding;
- bh=yuEdphuMWOUGDahWSE97oqgmOlObKgpyvQgzFU8TRQU=;
- b=PJHaADcio6H7WwVXfMpYGT2fr/FMtU5GUUbNeD+td9rfpid6nfbHrh2TCAQtpxAMaS
- B63nd+HNchQoPhWWHWMMx8gbY9KwOKzc5/FO5wqeDo5gbpI/eWidH+ieGLaxozX/Aqku
- BLTdsnGMIB+FxmFCmtaY1y9wuqdVmS/4RiobjBycBZmXBYOYxZc3I81zM1u+nBjRKsNZ
- h2D/gN8sjkRbT4f5kU/xpHbh+8CbpVp4ze5cpKOf35Iwf+ASNw/l53NHft0Y41ehG2NA
- YFsdBpquso+CNhTGqN5VOBlpGdMFRJ4SIseygRQbXVT4KEeZBP60so7Ed8MwxoXmG6sw
- gM5w==
-X-Gm-Message-State: APjAAAUc9u8vjoe8La6L5Z/DMvnvVKz828SBRtfClkhDufJCaEZaQ1S9
- nO3+g66C+iOliANLi0dTY/L7SkabogZiQQ==
-X-Google-Smtp-Source: 
- APXvYqz0XzN3uY3m31zQi76ZEDZQMtYggJ6COqe0WCePJ5GuE+rYLNtFHVBakYmvlBvQjlPYRU+lrg==
-X-Received: by 2002:a1c:a516:: with SMTP id
- o22mr16781400wme.116.1571070801893;
- Mon, 14 Oct 2019 09:33:21 -0700 (PDT)
-Received: from localhost.localdomain
- (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120])
- by smtp.gmail.com with ESMTPSA id o70sm25785240wme.29.2019.10.14.09.33.20
- (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
- Mon, 14 Oct 2019 09:33:21 -0700 (PDT)
-From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
-To: linux-arm-kernel@lists.infradead.org
-Subject: [PATCH] efi: libstub/arm: account for firmware reserved memory at the
- base of RAM
-Date: Mon, 14 Oct 2019 18:33:09 +0200
-Message-Id: <20191014163309.2860-1-ard.biesheuvel@linaro.org>
-X-Mailer: git-send-email 2.20.1
-MIME-Version: 1.0
-X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
-X-CRM114-CacheID: sfid-20191014_093323_781941_B57BEE97 
-X-CRM114-Status: GOOD (  13.99  )
-X-Spam-Score: -0.2 (/)
-X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary:
- Content analysis details:   (-0.2 points)
- pts rule name              description
- ---- ----------------------
- --------------------------------------------------
- -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at https://www.dnswl.org/,
- no trust [2a00:1450:4864:20:0:0:0:341 listed in]
- [list.dnswl.org]
- 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
- -0.0 SPF_PASS               SPF: sender matches SPF record
- -0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from
- author's domain
- 0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
- not necessarily
- valid
- -0.1 DKIM_VALID_EF          Message has a valid DKIM or DK signature from
- envelope-from domain
- -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
-X-BeenThere: linux-arm-kernel@lists.infradead.org
-X-Mailman-Version: 2.1.29
-Precedence: list
-List-Id: <linux-arm-kernel.lists.infradead.org>
-List-Unsubscribe: 
- <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
- <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
-List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
-List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
-List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
-List-Subscribe: 
- <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
- <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
-Cc: Chester Lin <clin@suse.com>, Guillaume Gardet <Guillaume.Gardet@arm.com>,
- linux-efi@vger.kernel.org, Ard Biesheuvel <ard.biesheuvel@linaro.org>
-Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
-Errors-To: 
- linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org
-
-The EFI stubloader for ARM starts out by allocating a 32 MB window
-at the base of RAM, in order to ensure that the decompressor (which
-blindly copies the uncompressed kernel into that window) does not
-overwrite other allocations that are made while running in the context
-of the EFI firmware.
-
-In some cases, (e.g., U-Boot running on the Raspberry Pi 2), this is
-causing boot failures because this initial allocation conflicts with
-a page of reserved memory at the base of RAM that contains the SMP spin
-tables and other pieces of firmware data and which was put there by
-the bootloader under the assumption that the TEXT_OFFSET window right
-below the kernel is only used partially during early boot, and will be
-left alone once the memory reservations are processed and taken into
-account.
-
-So let's permit reserved memory regions to exist in the region starting
-at the base of RAM, and ending at TEXT_OFFSET - 5 * PAGE_SIZE, which is
-the window below the kernel that is not touched by the early boot code.
-
-Cc: Guillaume Gardet <Guillaume.Gardet@arm.com>
-Cc: Chester Lin <clin@suse.com> 
-Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
----
- drivers/firmware/efi/libstub/Makefile     |  1 +
- drivers/firmware/efi/libstub/arm32-stub.c | 16 +++++++++++++---
- 2 files changed, 14 insertions(+), 3 deletions(-)
-
-diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile
-index 0460c7581220..ee0661ddb25b 100644
---- a/drivers/firmware/efi/libstub/Makefile
-+++ b/drivers/firmware/efi/libstub/Makefile
-@@ -52,6 +52,7 @@ lib-$(CONFIG_EFI_ARMSTUB)	+= arm-stub.o fdt.o string.o random.o \
- 
- lib-$(CONFIG_ARM)		+= arm32-stub.o
- lib-$(CONFIG_ARM64)		+= arm64-stub.o
-+CFLAGS_arm32-stub.o		:= -DTEXT_OFFSET=$(TEXT_OFFSET)
- CFLAGS_arm64-stub.o		:= -DTEXT_OFFSET=$(TEXT_OFFSET)
- 
- #
-diff --git a/drivers/firmware/efi/libstub/arm32-stub.c b/drivers/firmware/efi/libstub/arm32-stub.c
-index e8f7aefb6813..47aafeff3e01 100644
---- a/drivers/firmware/efi/libstub/arm32-stub.c
-+++ b/drivers/firmware/efi/libstub/arm32-stub.c
-@@ -195,6 +195,7 @@ efi_status_t handle_kernel_image(efi_system_table_t *sys_table,
- 				 unsigned long dram_base,
- 				 efi_loaded_image_t *image)
- {
-+	unsigned long kernel_base;
- 	efi_status_t status;
- 
- 	/*
-@@ -204,9 +205,18 @@ efi_status_t handle_kernel_image(efi_system_table_t *sys_table,
- 	 * loaded. These assumptions are made by the decompressor,
- 	 * before any memory map is available.
- 	 */
--	dram_base = round_up(dram_base, SZ_128M);
-+	kernel_base = round_up(dram_base, SZ_128M);
- 
--	status = reserve_kernel_base(sys_table, dram_base, reserve_addr,
-+	/*
-+	 * Note that some platforms (notably, the Raspberry Pi 2) put
-+	 * spin-tables and other pieces of firmware at the base of RAM,
-+	 * abusing the fact that the window of TEXT_OFFSET bytes at the
-+	 * base of the kernel image is only partially used at the moment.
-+	 * (Up to 5 pages are used for the swapper page table)
-+	 */
-+	kernel_base += TEXT_OFFSET - 5 * PAGE_SIZE;
-+
-+	status = reserve_kernel_base(sys_table, kernel_base, reserve_addr,
- 				     reserve_size);
- 	if (status != EFI_SUCCESS) {
- 		pr_efi_err(sys_table, "Unable to allocate memory for uncompressed kernel.\n");
-@@ -220,7 +230,7 @@ efi_status_t handle_kernel_image(efi_system_table_t *sys_table,
- 	*image_size = image->image_size;
- 	status = efi_relocate_kernel(sys_table, image_addr, *image_size,
- 				     *image_size,
--				     dram_base + MAX_UNCOMP_KERNEL_SIZE, 0);
-+				     kernel_base + MAX_UNCOMP_KERNEL_SIZE, 0);
- 	if (status != EFI_SUCCESS) {
- 		pr_efi_err(sys_table, "Failed to relocate kernel.\n");
- 		efi_free(sys_table, *reserve_size, *reserve_addr);
diff --git a/kernel.spec b/kernel.spec
index 397001d79..407167f8f 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -73,7 +73,7 @@ Summary: The Linux kernel
 # For non-released -rc kernels, this will be appended after the rcX and
 # gitX tags, so a 3 here would become part of release "0.rcX.gitX.3"
 #
-%global baserelease 3
+%global baserelease 1
 %global fedora_build %{baserelease}
 
 # base_sublevel is the kernel version we're starting with and patching
@@ -98,9 +98,9 @@ Summary: The Linux kernel
 # The next upstream release sublevel (base_sublevel+1)
 %define upstream_sublevel %(echo $((%{base_sublevel} + 1)))
 # The rc snapshot level
-%global rcrev 5
+%global rcrev 6
 # The git snapshot level
-%define gitrev 1
+%define gitrev 0
 # Set rpm version accordingly
 %define rpmversion 5.%{upstream_sublevel}.0
 %endif
@@ -666,10 +666,6 @@ Patch204: efi-secureboot.patch
 
 Patch205: lift-lockdown-sysrq.patch
 
-# https://bugzilla.redhat.com/show_bug.cgi?id=1759325
-# Submitted upstream at https://lore.kernel.org/patchwork/patch/1136967/
-Patch206: efi-efi_test-lock-down-dev-efi_test-and-require-CAP_.patch
-
 # 300 - ARM patches
 Patch300: arm64-Add-option-of-13-for-FORCE_MAX_ZONEORDER.patch
 
@@ -696,9 +692,6 @@ Patch324: arm64-tegra186-enable-USB-on-Jetson-TX2.patch
 # https://patchwork.kernel.org/patch/11224177/
 Patch325: arm64-usb-host-xhci-tegra-set-MODULE_FIRMWARE-for-tegra186.patch
 
-# https://www.spinics.net/lists/arm-kernel/msg761152.html
-Patch342: efi-libstub-arm-account-for-firmware-reserved-memory-at-the-base-of-RAM.patch
-
 # 400 - IBM (ppc/s390x) patches
 
 # 500 - Temp fixes/CVEs etc
@@ -2420,6 +2413,9 @@ fi
 #
 #
 %changelog
+* Mon Nov 04 2019 Jeremy Cline <jcline@redhat.com> - 5.4.0-0.rc6.git0.1
+- Linux v5.4-rc6
+
 * Mon Nov 04 2019 Jeremy Cline <jcline@redhat.com>
 - Disable debugging options.
 
diff --git a/sources b/sources
index 99df8e5af..825fdefa3 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,2 @@
 SHA512 (linux-5.3.tar.xz) = 6b5edef47c319a3fa7f6c20a3e0903a5acd89ec75e32dc5f99adcb60c9fe118ea312722d9c3d27e2e3900afa2455afb86e83a8b6bb131009bc79ddbe6fb0595d
-SHA512 (patch-5.4-rc5.xz) = 4cfdbd263b243490e9aec0f320a6ecf5d1706ed0e92129c3a107fa25fc32536e7e016086d7271196c21be39cd7cde3c4f57413eed4a07ffe28355856af500c14
-SHA512 (patch-5.4-rc5-git1.xz) = 56dbcc36eb07d37871a0a3ad59c88061a01b2e26f81bd0686e90c908684c66460a73bf1fcca866829c8d14b75a78de44e5d639d504a129db8ce8cac6d7c823cd
+SHA512 (patch-5.4-rc6.xz) = 6322ec5b2e5de13fe05abf031dea7274230c3ce77cf93f631dc504eb779f10c6658e8df083a9e96f6eca6f0bf4974bc9b4103d1399eee32c7dedadbab0692d7b