Mizar board doesn't have rh850 can controller
Change-Id: Ie3eb224fc4dfa71da7d290bfaf47ae4b9fcaceb4
Signed-off-by: Alex Yakavenka <ayakav@codeaurora.org>
This change add check to existing vblank request state. It will avoid
enable vblank multiple times. It will also avoid disable vblank
multiple times.
Change-Id: I10781c33e51b1032b72fcbc1a01a7d01be8be510
Signed-off-by: Camus Wong <camusw@codeaurora.org>
Send context ID in rpc header instead of context pointer.
Validate context ID received in response and get context pointer.
Change-Id: I9cfd10d0c1b25c3085b8e15c7ca1c8ff214bf10d
Acked-by: Viswanatham Paduchuri <vpaduchu@qti.qualcomm.com>
Signed-off-by: Tharun Kumar Merugu <mtharu@codeaurora.org>
We call arm64_apply_bp_hardening() from post_ttbr_update_workaround,
which has the unexpected consequence of being triggered on every
exception return to userspace when ARM64_SW_TTBR0_PAN is selected,
even if no context switch actually occured.
This is a bit suboptimal, and it would be more logical to only
invalidate the branch predictor when we actually switch to
a different mm.
In order to solve this, move the call to arm64_apply_bp_hardening()
into check_and_switch_context(), where we're guaranteed to pick
a different mm context.
Change-Id: I28f2fb09b77544e5ead095e9dad1ad64b2b3ae36
Acked-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Git-commit: a8e4c0a919ae310944ed2c9ace11cf3ccd8a609b
Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Signed-off-by: Srinivas Ramana <sramana@codeaurora.org>
Kryo cores are exposed to two vulnerabilities due to subroutine return
(called LINK-STACK) and branch target predictors.
These two issues can be mitigated through software workarounds.
Kernel:
- Apply LINK-STACK mitigation which is to issue 16 nested BL instructions
on process context switch 'cpu_do_switch_mm()' where ASID changes.
- Apply psci based branch predictor invalidation.
use the kryo core detection routine (based on MIDR) from the
commit bb48711800e6d ("arm64: cpu_errata: Add Kryo to Falkor 1003 errata")
by Stephen Boyd <sboyd@codeaurora.org>.
Change-Id: I81e8e72e7fa219f12dfe8ec39836eb8eb3c4c7b0
Signed-off-by: Srinivas Ramana <sramana@codeaurora.org>
Falkor is susceptible to branch predictor aliasing and can
theoretically be attacked by malicious code. This patch
implements a mitigation for these attacks, preventing any
malicious entries from affecting other victim contexts.
Change-Id: I535d423c2cefaf93627267b867bf0846e502d4c1
Signed-off-by: Shanker Donthineni <shankerd@codeaurora.org>
[will: fix label name when !CONFIG_KVM and remove references to MIDR_FALKOR]
Signed-off-by: Will Deacon <will.deacon@arm.com>
Git-commit: ec82b567a74fbdffdf418d4bb381d55f6a9096af
Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
[sramana@codeaurora.org: Use only the link stack sanitization routines,
and leave Falkor related BP hardening code]
Signed-off-by: Srinivas Ramana <sramana@codeaurora.org>
Set the appropriate regulator voltage to run csiphy in
cphy mode.
Change-Id: I1d6d65115e294dbf72560c8066b45bed0b03b92a
Signed-off-by: Vijay kumar Tumati <vtumati@codeaurora.org>
MAC addresses provisioning thru CNSS is usually done by OEM drivers.
Debugfs interfaces can be used for internal testing.
Change-Id: I1a2693835ac09619baf03ee7d2e1b69dbe48559f
Signed-off-by: Sameer Thalappil <sameert@codeaurora.org>
When multiple threads is trying to tag/delete the same socket at the
same time, there is a chance the tag_ref_entry of the target socket to
be null before the uid_tag_data entry is freed. It is caused by the
ctrl_cmd_tag function where it doesn't correctly grab the spinlocks
when tagging a socket.
Signed-off-by: Chenbo Feng <fengc@google.com>
Bug: 65853158
Change-Id: I5d89885918054cf835370a52bff2d693362ac5f0
Add midr value for kryo2xx big cores to apply errata workarounds for
branch prediction hardening.
Change-Id: I7ca9cfa3e6b48d5af78a5297cb76ebe6f52e519e
Signed-off-by: Srinivas Ramana <sramana@codeaurora.org>
Cortex-A57, A72, A73 and A75 are susceptible to branch predictor aliasing
and can theoretically be attacked by malicious code.
This patch implements a PSCI-based mitigation for these CPUs when available.
The call into firmware will invalidate the branch predictor state, preventing
any malicious entries from affecting other victim contexts.
Change-Id: I554536e8e5cb3839e102299da8f5b944415b1880
Co-developed-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Git-commit: aa6acde65e03186b5add8151e1ffe36c3c62639b
Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Signed-off-by: Srinivas Ramana <sramana@codeaurora.org>
As we're about to introduce a new workaround that is specific to
Cortex-A73, let's define the coresponding MIDR.
Change-Id: Iabb0e83a0eadddbde458fdafd1224e442b6f3e63
Acked-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Git-commit: 199fd2bff4040985fbd7853cc39b7245fcf54bb9
Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
[sramana@codeaurora.org: Resolve trivial merge conflicts]
Signed-off-by: Srinivas Ramana <sramana@codeaurora.org>
Hook up MIDR values for the Cortex-A72 and Cortex-A75 CPUs, since they
will soon need MIDR matches for hardening the branch predictor.
Change-Id: I59af5ea4af17198aa70d2ba4b25f729a562727ee
Signed-off-by: Will Deacon <will.deacon@arm.com>
Git-commit: a65d219fe5dc7887fd5ca04c2ac3e9a34feb8dfc
Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
[sramana@codeaurora.org: Resolve trivial merge conflicts]
Signed-off-by: Srinivas Ramana <sramana@codeaurora.org>
Some minor erratum may not be fixed in further revisions of a core,
leading to a situation where the workaround needs to be updated each
time an updated core is released.
Introduce a MIDR_ALL_VERSIONS match helper that will work for all
versions of that MIDR, once and for all.
Change-Id: Icbb685f79205ba45f9c990d83cf961616b0d96b7
Acked-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Mark Rutland <mark.rutland@arm.com>
Acked-by: Daniel Lezcano <daniel.lezcano@linaro.org>
Reviewed-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Git-commit: 06f1494f837da8997d670a1ba87add7963b08922
Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
[sramana@codeaurora.org: Fix merge conflicts]
Signed-off-by: Srinivas Ramana <sramana@codeaurora.org>
Aliasing attacks against CPU branch predictors can allow the attacks to
redirect speculative control flow on some CPUs and potentially divulge
information from one context to another.
This patch adds initial skeleton code behind a new Kconfig option to
enable implementation-specific mitigations against these attacks for
CPUs that are affected.
Change-Id: I07fba1943dd63df8951bf68fac947666100e5559
Co-developed-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Git-commit: 0f15adbb2861ce6f75ccfc5a92b19eae0ef327d0
Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
[sramana@codeaurora.org: Fix merge conflicts and make it
compilable on msm-4.4]
Signed-off-by: Srinivas Ramana <sramana@codeaurora.org>
Adding support to decode 12 bit raw metadata
at CSID.
Change-Id: I89bb9f69f3f004df29b1498761e9a54fb88cdef0
Signed-off-by: Vijay kumar Tumati <vtumati@codeaurora.org>
The i2c-msm-v2 driver trying to get the clocks too early, but
the clock framework is not initialized yet. The change of the
initcall type reducing deferred calls and improving boot time.
Info:
[0.212999] i2c-msm-v2 78b6000.i2c: probing driver i2c-msm-v2
[0.213172] i2c-msm-v2 78b6000.i2c: error on clk_get(core_clk):-517
-- snipped --
[0.275922] i2c-msm-v2 78b6000.i2c: probing driver i2c-msm-v2
[0.276086] i2c-msm-v2 78b6000.i2c: error on clk_get(core_clk):-517
-- snipped --
[0.302980] msm_mpm_dev_probe(): Cannot get clk resource for XO: -517
[0.303394] i2c-msm-v2 78b6000.i2c: probing driver i2c-msm-v2
-- snipped --
Change-Id: Ia8c110b5f67eeec07586adb30ec3a7aff7ce265a
Signed-off-by: Atanas Filipov <afilipov@codeaurora.org>
Upgrade machine driver to support 32 channels include expose mixer
controls for TERT/QUAT slot_number and slot_width and also slot
mapping configuration.
Change-Id: Ie0a73cf45a6daf3d4aced02cd99aa0ec09cb7c48
Signed-off-by: Cong Tang <congt@codeaurora.org>
MAC address programmed thru CNSS could be provisioned or
derived MAC address. So add support for programming the derived
MAC address.
Change-Id: I2fae232e32a8600949c286346acd05afefd94ef8
Signed-off-by: Sameer Thalappil <sameert@codeaurora.org>
Update audio header files include new macro and structure definitions
for 32 channels support.
Change-Id: Idf5e92f7fda4b820b1a7f01001a683772281d8ba
Signed-off-by: Cong Tang <congt@codeaurora.org>
Disable the SPI based CAN controller on msm8996 CV2X boards
since they are using the USB based CAN controller now.
Change-Id: I57cccee0b9ffa59f516747350160907960048a6a
Signed-off-by: Gustavo Solaira <gustavos@codeaurora.org>
Entry into recent versions of ARM Trusted Firmware will invalidate the CPU
branch predictor state in order to protect against aliasing attacks.
This patch exposes the PSCI "VERSION" function via psci_ops, so that it
can be invoked outside of the PSCI driver where necessary.
Change-Id: Id6edce067d098ed7aca19ad9321c858c89097966
Acked-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Git-commit: d68e3ba5303f7e1099f51fdcd155f5263da8569b
Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Signed-off-by: Srinivas Ramana <sramana@codeaurora.org>
In order to invoke the CPU capability ->matches callback from the ->enable
callback for applying local-CPU workarounds, we need a handle on the
capability structure.
This patch passes a pointer to the capability structure to the ->enable
callback.
Change-Id: Ie9a18c7a5d721dcb3d3d6c6001c74366525cf87e
Reviewed-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Git-commit: 0a0d111d40fd1dc588cc590fab6b55d86ddc71d3
Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Signed-off-by: Srinivas Ramana <sramana@codeaurora.org>
Currently we call the (optional) enable function for CPU _features_
only. As CPU _errata_ descriptions share the same data structure and
having an enable function is useful for errata as well (for instance
to set bits in SCTLR), lets call it when enumerating erratas too.
Change-Id: Ie5d4d14dc1c0006423196e9fc1b102655f0c13b2
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Git-commit: 8e2318521bf5837dae093413f81292b59d49d030
Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
[sramana@codeaurora.org: Resolve trivial merge conflicts]
Signed-off-by: Srinivas Ramana <sramana@codeaurora.org>
during list_for_each_entry_reverse iteration, cleanup_stats
recursively on current operated stats node could result it
will be freed at the end of that cleanup_stats progress.
De-referencing it again should not happen.
CRs-Fixed: 2182622
Change-Id: Icf837b0aa796fed5fe1721f9fe66fd0dd36ccfd7
Signed-off-by: John Zhao <yuankuiz@codeaurora.org>
binder_poll() passes the thread->wait waitqueue that
can be slept on for work. When a thread that uses
epoll explicitly exits using BINDER_THREAD_EXIT,
the waitqueue is freed, but it is never removed
from the corresponding epoll data structure. When
the process subsequently exits, the epoll cleanup
code tries to access the waitlist, which results in
a use-after-free.
Prevent this by using POLLFREE when the thread exits.
(cherry picked from commit f5cb779ba16334b45ba8946d6bfa6d9834d1527f)
Change-Id: Ib34b1cbb8ab2192d78c3d9956b2f963a66ecad2e
Signed-off-by: Martijn Coenen <maco@android.com>
Reported-by: syzbot <syzkaller@googlegroups.com>
Cc: stable <stable@vger.kernel.org> # 4.14
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This is a fix for dynamic memory leak seen with incorrectly
allocating memory of a different size than with intended
size.
Change-Id: I350719dadad9fd5c7f35a334e81c8d9f2298f888
Acked-by: Jyothi Jayanthi <jyothij@qti.qualcomm.com>
Acked-by: Ashok Vuyyuru <avuyyuru@qti.qualcomm.com>
Signed-off-by: Michael Adisumarta <madisuma@codeaurora.org>
Signed-off-by: Mohammed Javid <mjavid@codeaurora.org>
The firmware is always enabled in the mission mode,
even if the driver is in the utf mode. This causes
unexpected behaviour when driver is in utf mode.
Enable the firmware in FTM mode if the driver is
started in UTF mode, else enable the firmware in
the normal mission mode.
Change-Id: I4da204b6d19d41e208465a8314bfb8cacc346f4b
Signed-off-by: Rakesh Pillai <pillair@codeaurora.org>
The region index is not validated against the region size.
This causes out-of-bound read on the KASAN kernel. Hence
adding restriction that region index is smaller than region size.
Change-Id: I3ebccee89f6e48a84389eb3b9055bc6e09e0310b
Signed-off-by: Rahul Sharma <sharah@codeaurora.org>
Changes introduced in the upstream version of libfdt pulled in by commit
91feabc2e224 ("scripts/dtc: Update to upstream commit b06e55c88b9b") use
the strnlen() function, which isn't currently available to the EFI name-
space. Add it to the EFI namespace to avoid a linker error.
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Rob Herring <robh@kernel.org>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Thierry Reding <treding@nvidia.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
(cherry picked from commit 7f4e346263f59ff50b531dda94609fb13ca12401)
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Recent versions of libfdt add a dependency on strnlen. Copy the
implementation in lib/string.c here, so we can update libfdt.
Acked-by: Russell King <rmk+kernel@arm.linux.org.uk>
Signed-off-by: Rob Herring <robh@kernel.org>
Change-Id: I18ac2af16d541f99a3b0b39e51baa60fa57dd537
(cherry picked from commit 76df69806b7fafea013e2f4f82b0bd54498f3406)
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
