hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/IB5YWN
CVE: NA
--------------------------------
Remove the ".. failed to self-initialize" printing following the failure
of an RoT candidate's initialization, as it may raise unnessary concerns
from users, who may be misguided and think this message indicates some
sort of serious problems.
Fixes: 036012386e44 ("ima: rot: Introduce basic framework")
Signed-off-by: GONG Ruiqi <gongruiqi1(a)huawei.com>
---
security/integrity/ima/ima_rot.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/security/integrity/ima/ima_rot.c b/security/integrity/ima/ima_rot.c
index 45d2ea314790..9c73389e2220 100644
--- a/security/integrity/ima/ima_rot.c
+++ b/security/integrity/ima/ima_rot.c
@@ -79,7 +79,6 @@ struct ima_rot * __init ima_rot_init(void)
pr_info("%s initialized and taken as IMA RoT\n", ima_rots[i].name);
return &ima_rots[i];
}
- pr_info("%s failed to self-initialize\n", ima_rots[i].name);
}
return NULL;
--
2.25.1
Hi David,
FYI, the error/warning still remains.
tree: https://gitee.com/openeuler/kernel.git openEuler-1.0-LTS
head: 81e029d5dd0cae934243168eee37ef303ebcce38
commit: 46fc033eba42f5a4fb583b2ab53f0a9918468452 [1304/1304] regulator: add QCOM RPMh regulator driver
config: x86_64-buildonly-randconfig-005-20241122 (https://download.01.org/0day-ci/archive/20241122/202411220702.De8xAify-lkp@…)
compiler: clang version 19.1.3 (https://github.com/llvm/llvm-project ab51eccf88f5321e7c60591c5546b254b6afab99)
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20241122/202411220702.De8xAify-lkp@…)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp(a)intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202411220702.De8xAify-lkp@intel.com/
All warnings (new ones prefixed by >>):
>> drivers/regulator/qcom-rpmh-regulator.c:742:34: warning: unused variable 'rpmh_regulator_match_table' [-Wunused-const-variable]
742 | static const struct of_device_id rpmh_regulator_match_table[] = {
| ^~~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.
drivers/regulator/qcom-rpmh-regulator.c:33: warning: Enum value 'VRM' not described in enum 'rpmh_regulator_type'
drivers/regulator/qcom-rpmh-regulator.c:33: warning: Enum value 'XOB' not described in enum 'rpmh_regulator_type'
drivers/regulator/qcom-rpmh-regulator.c:402: warning: Function parameter or member 'vreg' not described in 'rpmh_regulator_init_vreg'
drivers/regulator/qcom-rpmh-regulator.c:402: warning: Function parameter or member 'dev' not described in 'rpmh_regulator_init_vreg'
drivers/regulator/qcom-rpmh-regulator.c:402: warning: Function parameter or member 'node' not described in 'rpmh_regulator_init_vreg'
drivers/regulator/qcom-rpmh-regulator.c:402: warning: Function parameter or member 'pmic_id' not described in 'rpmh_regulator_init_vreg'
drivers/regulator/qcom-rpmh-regulator.c:402: warning: Function parameter or member 'pmic_rpmh_data' not described in 'rpmh_regulator_init_vreg'
vim +/rpmh_regulator_match_table +742 drivers/regulator/qcom-rpmh-regulator.c
741
> 742 static const struct of_device_id rpmh_regulator_match_table[] = {
743 {
744 .compatible = "qcom,pm8998-rpmh-regulators",
745 .data = pm8998_vreg_data,
746 },
747 {
748 .compatible = "qcom,pmi8998-rpmh-regulators",
749 .data = pmi8998_vreg_data,
750 },
751 {
752 .compatible = "qcom,pm8005-rpmh-regulators",
753 .data = pm8005_vreg_data,
754 },
755 {}
756 };
757 MODULE_DEVICE_TABLE(of, rpmh_regulator_match_table);
758
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
Hi Johannes,
FYI, the error/warning still remains.
tree: https://gitee.com/openeuler/kernel.git openEuler-1.0-LTS
head: 81e029d5dd0cae934243168eee37ef303ebcce38
commit: 81ceed41d0c2b2c9300de7bc30c1451680257f52 [1297/1297] watchdog: add driver for the MEN 16z069 IP-Core
config: x86_64-buildonly-randconfig-004-20241117 (https://download.01.org/0day-ci/archive/20241122/202411220134.YWoog3yH-lkp@…)
compiler: gcc-12 (Debian 12.2.0-14) 12.2.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20241122/202411220134.YWoog3yH-lkp@…)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp(a)intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202411220134.YWoog3yH-lkp@intel.com/
All warnings (new ones prefixed by >>):
In file included from drivers/watchdog/menz69_wdt.c:10:
include/linux/module.h:138:14: warning: 'cleanup_module' specifies less restrictive attribute than its target 'men_z069_driver_exit': 'cold' [-Wmissing-attributes]
138 | void cleanup_module(void) __attribute__((alias(#exitfn)));
| ^~~~~~~~~~~~~~
include/linux/device.h:1558:1: note: in expansion of macro 'module_exit'
1558 | module_exit(__driver##_exit);
| ^~~~~~~~~~~
include/linux/mcb.h:126:9: note: in expansion of macro 'module_driver'
126 | module_driver(__mcb_driver, mcb_register_driver, mcb_unregister_driver);
| ^~~~~~~~~~~~~
drivers/watchdog/menz69_wdt.c:166:1: note: in expansion of macro 'module_mcb_driver'
166 | module_mcb_driver(men_z069_driver);
| ^~~~~~~~~~~~~~~~~
In file included from include/linux/mcb.h:15,
from drivers/watchdog/menz69_wdt.c:9:
drivers/watchdog/menz69_wdt.c:166:19: note: 'cleanup_module' target declared here
166 | module_mcb_driver(men_z069_driver);
| ^~~~~~~~~~~~~~~
include/linux/device.h:1554:20: note: in definition of macro 'module_driver'
1554 | static void __exit __driver##_exit(void) \
| ^~~~~~~~
drivers/watchdog/menz69_wdt.c:166:1: note: in expansion of macro 'module_mcb_driver'
166 | module_mcb_driver(men_z069_driver);
| ^~~~~~~~~~~~~~~~~
include/linux/module.h:132:13: warning: 'init_module' specifies less restrictive attribute than its target 'men_z069_driver_init': 'cold' [-Wmissing-attributes]
132 | int init_module(void) __attribute__((alias(#initfn)));
| ^~~~~~~~~~~
include/linux/device.h:1553:1: note: in expansion of macro 'module_init'
1553 | module_init(__driver##_init); \
| ^~~~~~~~~~~
include/linux/mcb.h:126:9: note: in expansion of macro 'module_driver'
126 | module_driver(__mcb_driver, mcb_register_driver, mcb_unregister_driver);
| ^~~~~~~~~~~~~
drivers/watchdog/menz69_wdt.c:166:1: note: in expansion of macro 'module_mcb_driver'
166 | module_mcb_driver(men_z069_driver);
| ^~~~~~~~~~~~~~~~~
drivers/watchdog/menz69_wdt.c:166:19: note: 'init_module' target declared here
166 | module_mcb_driver(men_z069_driver);
| ^~~~~~~~~~~~~~~
include/linux/device.h:1549:19: note: in definition of macro 'module_driver'
1549 | static int __init __driver##_init(void) \
| ^~~~~~~~
drivers/watchdog/menz69_wdt.c:166:1: note: in expansion of macro 'module_mcb_driver'
166 | module_mcb_driver(men_z069_driver);
| ^~~~~~~~~~~~~~~~~
>> drivers/watchdog/menz69_wdt.o: warning: objtool: missing symbol for section .init.text
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
From: Jarkko Sakkinen <jarkko(a)kernel.org>
mainline inclusion
from mainline-v6.12-rc1
commit 9265fed6db601ee2ec47577815387458ef4f047a
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/IB5KRG
CVE: CVE-2024-53085
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?…
--------------------------------
Setting TPM_CHIP_FLAG_SUSPENDED in the end of tpm_pm_suspend() can be racy
according, as this leaves window for tpm_hwrng_read() to be called while
the operation is in progress. The recent bug report gives also evidence of
this behaviour.
Aadress this by locking the TPM chip before checking any chip->flags both
in tpm_pm_suspend() and tpm_hwrng_read(). Move TPM_CHIP_FLAG_SUSPENDED
check inside tpm_get_random() so that it will be always checked only when
the lock is reserved.
Cc: stable(a)vger.kernel.org # v6.4+
Fixes: 99d464506255 ("tpm: Prevent hwrng from activating during resume")
Reported-by: Mike Seo <mikeseohyungjin(a)gmail.com>
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219383
Reviewed-by: Jerry Snitselaar <jsnitsel(a)redhat.com>
Tested-by: Mike Seo <mikeseohyungjin(a)gmail.com>
Signed-off-by: Jarkko Sakkinen <jarkko(a)kernel.org>
Conflicts:
drivers/char/tpm/tpm-interface.c
[df745e25098d ("tpm: Lazily flush the auth session") is not merged]
Signed-off-by: Chen Zhongjin <chenzhongjin(a)huawei.com>
---
drivers/char/tpm/tpm-chip.c | 4 ----
drivers/char/tpm/tpm-interface.c | 28 ++++++++++++++++++++--------
2 files changed, 20 insertions(+), 12 deletions(-)
diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c
index 42b1062e33cd5..78999f7f248cb 100644
--- a/drivers/char/tpm/tpm-chip.c
+++ b/drivers/char/tpm/tpm-chip.c
@@ -519,10 +519,6 @@ static int tpm_hwrng_read(struct hwrng *rng, void *data, size_t max, bool wait)
{
struct tpm_chip *chip = container_of(rng, struct tpm_chip, hwrng);
- /* Give back zero bytes, as TPM chip has not yet fully resumed: */
- if (chip->flags & TPM_CHIP_FLAG_SUSPENDED)
- return 0;
-
return tpm_get_random(chip, data, max);
}
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index 66b16d26eecc7..9789aad5dd0df 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -394,6 +394,13 @@ int tpm_pm_suspend(struct device *dev)
if (!chip)
return -ENODEV;
+ rc = tpm_try_get_ops(chip);
+ if (rc) {
+ /* Can be safely set out of locks, as no action cannot race: */
+ chip->flags |= TPM_CHIP_FLAG_SUSPENDED;
+ goto out;
+ }
+
if (chip->flags & TPM_CHIP_FLAG_ALWAYS_POWERED)
goto suspended;
@@ -401,18 +408,16 @@ int tpm_pm_suspend(struct device *dev)
!pm_suspend_via_firmware())
goto suspended;
- rc = tpm_try_get_ops(chip);
- if (!rc) {
- if (chip->flags & TPM_CHIP_FLAG_TPM2)
- tpm2_shutdown(chip, TPM2_SU_STATE);
- else
- rc = tpm1_pm_suspend(chip, tpm_suspend_pcr);
-
- tpm_put_ops(chip);
+ if (chip->flags & TPM_CHIP_FLAG_TPM2) {
+ tpm2_shutdown(chip, TPM2_SU_STATE);
+ goto suspended;
}
+ rc = tpm1_pm_suspend(chip, tpm_suspend_pcr);
+
suspended:
chip->flags |= TPM_CHIP_FLAG_SUSPENDED;
+ tpm_put_ops(chip);
if (rc)
dev_err(dev, "Ignoring error %d while suspending\n", rc);
@@ -462,11 +467,18 @@ int tpm_get_random(struct tpm_chip *chip, u8 *out, size_t max)
if (!chip)
return -ENODEV;
+ /* Give back zero bytes, as TPM chip has not yet fully resumed: */
+ if (chip->flags & TPM_CHIP_FLAG_SUSPENDED) {
+ rc = 0;
+ goto out;
+ }
+
if (chip->flags & TPM_CHIP_FLAG_TPM2)
rc = tpm2_get_random(chip, out, max);
else
rc = tpm1_get_random(chip, out, max);
+out:
tpm_put_ops(chip);
return rc;
}
--
2.25.1