Age | Commit message (Collapse) | Author |
|
Register switch device and jack input device.
Brillo audio service will use them.
Change-Id: I95a6459e720668d99a2b28be008eca2bc6e829db
Signed-off-by: fang hui <hui.fang@freescale.com>
|
|
add CONFIG_SPI_SPIDEV=y, so can access /dev/spidevB.C in user space.
Change-Id: I71194db443a0cb4933a7b893fd504a275fb5483e
Signed-off-by: fang hui <hui.fang@freescale.com>
|
|
Sometime the HAL won't set the firmware position in shill
or apmanager. So need the correct default firmware
position for BCM4339 WiFi.
Bug:29035503
Change-Id: I900f5867d17877a608403dc2f968713b3223ec2c
Signed-off-by: Wang Haoran <Haoran.Wang@freescale.com>
|
|
Removed unused def configs for Brillo.
We use BCM4339 WiFi card for Brillo only.
The BRCMFMAC will be conflict with the
BCM4339 if use the Brillo's kernel.mk.
Bug:28768869
Change-Id: I63632373d4a239cdc9e0dfbaff90deda49c6f4e0
Signed-off-by: Haoran Wang <Haoran.Wang@freescale.com>
|
|
Assign the BT_REG_ON pin to rfkill.
Disable lcdif in DTS due the BT_REG_ON reuse in it.
Change-Id: I77d66e8ab745f3a26703c4acb34736d771dd71cf
Signed-off-by: Haoran Wang <Haoran.Wang@freescale.com>
|
|
Bug: 26645308
Change-Id: Ib5f7ef9813819e0f47df5c2eaae64bc9412571a3
|
|
The MDIO interrupt should be triggered when activation type is low.
Change-Id: I42024b58c642805caf9dbd3679ae47f9504632df
Signed-off-by: fang hui <hui.fang@freescale.com>
|
|
(cherry picked from commit https://lkml.org/lkml/2016/2/4/833)
Replace calls to get_random_int() followed by a cast to (unsigned long)
with calls to get_random_long(). Also address shifting bug which, in case
of x86 removed entropy mask for mmap_rnd_bits values > 31 bits.
Signed-off-by: Daniel Cashman <dcashman@android.com>
Signed-off-by: Daniel Cashman <dcashman@google.com>
Bug: 27796957
Patchset: ASLR sysctl
Change-Id: I4dd21814bd7b7ede8faa8f058ccba7b61d45b5ab
Signed-off-by: Kees Cook <keescook@google.com>
|
|
(cherry picked from commit https://lkml.org/lkml/2016/2/4/831)
d07e22597d1d355 ("mm: mmap: add new /proc tunable for mmap_base ASLR")
added the ability to choose from a range of values to use for entropy
count in generating the random offset to the mmap_base address. The
maximum value on this range was set to 32 bits for 64-bit x86 systems, but
this value could be increased further, requiring more than the 32 bits of
randomness provided by get_random_int(), as is already possible for arm64.
Add a new function: get_random_long() which more naturally fits with the
mmap usage of get_random_int() but operates exactly the same as
get_random_int().
Also, fix the shifting constant in mmap_rnd() to be an unsigned long so
that values greater than 31 bits generate an appropriate mask without
overflow. This is especially important on x86, as its shift instruction
uses a 5-bit mask for the shift operand, which meant that any value for
mmap_rnd_bits over 31 acts as a no-op and effectively disables mmap_base
randomization.
Finally, replace calls to get_random_int() with get_random_long() where
appropriate.
Signed-off-by: Daniel Cashman <dcashman@android.com>
Signed-off-by: Daniel Cashman <dcashman@google.com>
Bug: 27796957
Patchset: ASLR sysctl
Change-Id: I45b550f67bdb731afeee866e637d8a4d2ce1e053
Signed-off-by: Kees Cook <keescook@google.com>
|
|
(cherry picked from commit https://lkml.org/lkml/2015/12/21/339)
x86: arch_mmap_rnd() uses hard-coded values, 8 for 32-bit and 28 for
64-bit, to generate the random offset for the mmap base address.
This value represents a compromise between increased ASLR
effectiveness and avoiding address-space fragmentation. Replace it
with a Kconfig option, which is sensibly bounded, so that platform
developers may choose where to place this compromise. Keep default
values as new minimums.
Signed-off-by: Daniel Cashman <dcashman@android.com>
Signed-off-by: Daniel Cashman <dcashman@google.com>
Bug: 27796957
Patchset: ASLR sysctl
Change-Id: I52a6ca5b9483ccaaf5106af41e405da44e157894
Signed-off-by: Kees Cook <keescook@google.com>
|
|
(cherry picked from commit https://lkml.org/lkml/2015/12/21/340)
arm64: arch_mmap_rnd() uses STACK_RND_MASK to generate the
random offset for the mmap base address. This value represents a
compromise between increased ASLR effectiveness and avoiding
address-space fragmentation. Replace it with a Kconfig option, which
is sensibly bounded, so that platform developers may choose where to
place this compromise. Keep default values as new minimums.
Signed-off-by: Daniel Cashman <dcashman@android.com>
Signed-off-by: Daniel Cashman <dcashman@google.com>
Bug: 27796957
Patchset: ASLR sysctl
Change-Id: Ic81409f45c8025c63419558df8b43ec9ec478082
Signed-off-by: Kees Cook <keescook@google.com>
|
|
(cherry picked from commit https://lkml.org/lkml/2015/12/21/341)
arm: arch_mmap_rnd() uses a hard-code value of 8 to generate the
random offset for the mmap base address. This value represents a
compromise between increased ASLR effectiveness and avoiding
address-space fragmentation. Replace it with a Kconfig option, which
is sensibly bounded, so that platform developers may choose where to
place this compromise. Keep 8 as the minimum acceptable value.
Signed-off-by: Daniel Cashman <dcashman@android.com>
Signed-off-by: Daniel Cashman <dcashman@google.com>
Bug: 27796957
Patchset: ASLR sysctl
Change-Id: I064c9b7ef8162ba748a138510161f7f09837832e
Signed-off-by: Kees Cook <keescook@google.com>
|
|
(cherry picked from commit https://lkml.org/lkml/2015/12/21/337)
ASLR only uses as few as 8 bits to generate the random offset for the
mmap base address on 32 bit architectures. This value was chosen to
prevent a poorly chosen value from dividing the address space in such
a way as to prevent large allocations. This may not be an issue on all
platforms. Allow the specification of a minimum number of bits so that
platforms desiring greater ASLR protection may determine where to place
the trade-off.
Signed-off-by: Daniel Cashman <dcashman@android.com>
Signed-off-by: Daniel Cashman <dcashman@google.com>
Bug: 27796957
Patchset: ASLR sysctl
Change-Id: Iaf2c4ca27146a7d9ed03f34aefab82cd0735368e
Signed-off-by: Kees Cook <keescook@google.com>
|
|
Check the datalen field is less than the size of
packet received from the network.
Signed-off-by: Patrick Tjin <pattjin@google.com>
Bug: 27335472
[fixes CVE-2016-0802]
Signed-off-by: Kees Cook <keescook@chromium.org>
Change-Id: I87171cf09bb8dc55da21c4d8ee3101f0ed0a9a70
|
|
(cherry picked from commit b149dd5d22c3e4c2faab0bb934a018888ff99ef3)
Signed-off-by: Patrick Tjin <pattjin@google.com>
Bug: 27335848
[fixes CVE-2016-0801]
Signed-off-by: Kees Cook <keescook@chromium.org>
Change-Id: Ibc0f58c816cae76aeebb9f57b88f4873c788e981
|
|
These two checks prevent exploitable buffer overflows in two scenarios.
1. Long WPS_ID_DEVICE_NAME in WPS info elements
2. Invalid SSID determined in certain scan results
Bug: 27335848
[fixes CVE-2016-0801]
Signed-off-by: Kees Cook <keescook@chromium.org>
Change-Id: Id75d12bd09dded1b2af905175da7b8fd0c862318
|
|
move sgtl5000 from i2c3 to i2c2.
change pin function for MX6UL_PAD_CSI_DATA06__SAI1_RX_DATA.
Change-Id: Iafac1212ce126cd0eaa7861b59ac83071643ef57
Signed-off-by: fang hui <hui.fang@freescale.com>
|
|
picosom-hobbit: add support for 8-bit emmc.
Change-Id: I2351573e22dca01f8957abae9b4e029027c50384
Signed-off-by: fang hui <hui.fang@freescale.com>
|
|
hobbitboard: add reference voltage regulator for adc081c.
Change-Id: I78d4093243903e6b69bafe60a3297fdd5de4e824
Signed-off-by: fang hui <hui.fang@freescale.com>
|
|
The 'umidi' object will be free'd on the error path by snd_usbmidi_free()
when tearing down the rawmidi interface. So we shouldn't try to free it
in snd_usbmidi_create() after having registered the rawmidi interface.
Found by KASAN.
Signed-off-by: Andrey Konovalov <andreyknvl@gmail.com>
Acked-by: Clemens Ladisch <clemens@ladisch.de>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Bug: 27300729
(cherry picked from commit 07d86ca93db7e5cdf4743564d98292042ec21af7)
Signed-off-by: Kees Cook <keescook@google.com>
Change-Id: I1b68e347c30a72e3393ae359aeec15ec453d4e7b
|
|
This fixes CVE-2016-0728.
If a thread is asked to join as a session keyring the keyring that's already
set as its session, we leak a keyring reference.
This can be tested with the following program:
#include <stddef.h>
#include <stdio.h>
#include <sys/types.h>
#include <keyutils.h>
int main(int argc, const char *argv[])
{
int i = 0;
key_serial_t serial;
serial = keyctl(KEYCTL_JOIN_SESSION_KEYRING,
"leaked-keyring");
if (serial < 0) {
perror("keyctl");
return -1;
}
if (keyctl(KEYCTL_SETPERM, serial,
KEY_POS_ALL | KEY_USR_ALL) < 0) {
perror("keyctl");
return -1;
}
for (i = 0; i < 100; i++) {
serial = keyctl(KEYCTL_JOIN_SESSION_KEYRING,
"leaked-keyring");
if (serial < 0) {
perror("keyctl");
return -1;
}
}
return 0;
}
If, after the program has run, there something like the following line in
/proc/keys:
3f3d898f I--Q--- 100 perm 3f3f0000 0 0 keyring leaked-keyring: empty
with a usage count of 100 * the number of times the program has been run,
then the kernel is malfunctioning. If leaked-keyring has zero usages or
has been garbage collected, then the problem is fixed.
Reported-by: Yevgeny Pats <yevgeny@perception-point.io>
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Don Zickus <dzickus@redhat.com>
Acked-by: Prarit Bhargava <prarit@redhat.com>
Acked-by: Jarod Wilson <jarod@redhat.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
Bug: 26692844
(cherry picked from commit 23567fd052a9abb6d67fe8e7a9ccdd9800a540f2)
Signed-off-by: Kees Cook <keescook@chromium.org>
Change-Id: I48316d6133b577977e53be55e560f51e35e6f1d1
|
|
Bug: 26388044
Change-Id: I12122cceb832ccb36dde261384a4618118860005
|
|
Modify LED name to "led0" for Brillo common lights
HAL.
Set LED mode to be timer by default.It will blink
in 1Hz when kernel boot.
Signed-off-by: Haoran Wang <Haoran.Wang@freescale.com>
Change-Id: I884e013f7316be9c9ca006949a4b0ea52981f2ed
|
|
Merge defconfig from picosom-imx6ul_defconfig to
imx_v7_android_defconfig.
Signed-off-by: Haoran Wang <Haoran.Wang@freescale.com>
Change-Id: Id854daed68f03646909b06094314ad8bfdfa3712
|
|
Added basic DTS for habbitboard.
Enabled bcmdhd wifi, PWM clocks, adc081c and GPIO LED
in dts.
Signed-off-by: Haoran Wang <Haoran.Wang@freescale.com>
Change-Id: Iccf2fd7b9af43cedb09bbfefe65b6a8692c746e8
|
|
Add Micron mt25ql512 support for pico-imx6ul.
Signed-off-by: Haoran Wang <Haoran.Wang@freescale.com>
Change-Id: I7c188173adffb8fa5a4bfa3e5ff0f4bfa1968804
|
|
Avoid to access the null interface before update tx status.
This patch workaround to fix the panic when the p2p connection
disconnect in the p2p stress test. The interface will be
released during the disconnect process.
Signed-off-by: Haoran Wang <b50027@freescale.com>
|
|
Configured GPIO1_IO03 to be gpio-leds to
control the LED.
This patch disabled the tsc on evk_6ul as
the GPIO is occupied by it.
Signed-off-by: Haoran Wang <Haoran.Wang@freescale.com>
|
|
Add vmap and vunmap interface for ION module.
Because they are called by UVC driver.
Signed-off-by: Xiaowen Liu <xiaowen.liu@freescale.com>
|
|
3.14 branch
When use zImage compiled with android imx_3.14 branch in mfgtool,
It will show erro "No device connected"
The root cause is DP is not pull up.
This patch distinguish mfgtool zImage and android zImage with macro CONFIG_FSL_UTP.
Signed-off-by: Zhang Sanshan <b51434@freescale.com>
|
|
different with 6Q_SD, 90 degree difference. 100%
The position of MMA8451Q on 6qp board is not the same with 6q.
Correct the init position value in 6qp sabresd dts.
Signed-off-by: zhang sanshan <b51434@freescale.com>
|
|
The BCMDHD and cfg80211 will be build-in
the kernel.
Signed-off-by: Haoran Wang <b50027@freescale.com>
|
|
logcat error info in mm6.0
01-01 04:59:56.628 1089 1105 E KernelUidCpuTimeReader: Failed to read uid_cputime
01-01 04:59:56.628 1089 1105 E KernelUidCpuTimeReader: java.io.FileNotFoundException:
/proc/uid_cputime/show_uid_stat: open failed: ENOENT (No such file or directory)
This patch add the configure to support /proc/uid_cputime/show_uid_stat.
Signed-off-by: Zhang Sanshan <b51434@freescale.com>
|
|
error.
proc: uid_cputime: fix show_uid_stat permission
Change-Id: Ice9084e39da599261df0be6dc305b817b50cfbbf
Signed-off-by: Jin Qian <jinqian@google.com>
|
|
proc: uid_cputime: create uids from kuids
Create uids from kuids using from_kuid_munged(),
otherwise we run into following build error and warnings:
--------------------
CC drivers/misc/uid_cputime.o
drivers/misc/uid_cputime.c: In function ‘uid_stat_show’:
drivers/misc/uid_cputime.c:90:36: error: incompatible type for argument 1 of ‘find_or_register_uid’
drivers/misc/uid_cputime.c:54:26: note: expected ‘uid_t’ but argument is of type ‘kuid_t’
drivers/misc/uid_cputime.c:94:4: warning: format ‘%d’ expects argument of type ‘int’, but argument 3 has type ‘kuid_t’ [-Wformat]
drivers/misc/uid_cputime.c: In function ‘process_notifier’:
drivers/misc/uid_cputime.c:194:6: error: incompatible types when assigning to type ‘uid_t’ from type ‘kuid_t’
make[2]: *** [drivers/misc/uid_cputime.o] Error 1
--------------------
Change-Id: Ifecb98001f7fe2fac74d1ef3e1abd03d43fc9059
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
|
|
/proc/uid_cputime/show_uid_stat
proc: uid: Adds accounting for the cputimes per uid.
Adds proc files /proc/uid_cputime/show_uid_stat and
/proc/uid_cputime/remove_uid_range.
show_uid_stat lists the total utime and stime for the active as well as
terminated processes for each of the uids.
Writing a range of uids to remove_uid_range will delete the accounting
for all the uids within that range.
Change-Id: I21d9210379da730b33ddc1a0ea663c8c9d2ac15b
|
|
Do not emit EV_SYN/SYN_REPORT on suspend if there were no keys that are
still pressed as we are suspending the device (and in all other cases when
input core is forcibly releasing keys via input_dev_release_keys() call).
Reviewed-by: Benson Leung <bleung@chromium.org>
Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
Conflicts:
drivers/input/input.c
|
|
launche on SX_SD than SX_ARD. 100%
Correct the pin of CABC_EN on sabresd 6SX board.
Signed-off-by: zhang sanshan <b51434@freescale.com>
|
|
|
|
- previous patch makes the wrong qspi port on imx6sx sdb and
sabreauto boards.
- nor flash is used qspi2 on imx6sx-sdb board, and qspi1 on
sabreauto board.
Signed-off-by: Richard Zhu <Richard.Zhu@freescale.com>
|
|
imx pcie used the wrab mode to do the cached access
methods on axi bus. There is 64bytes address mis-aligned
problem.
Disable the cached operations.
Signed-off-by: Richard Zhu <Richard.Zhu@freescale.com>
|
|
Save M4 tcm in ddr. Copy memory after exit from DSM.
Also hold M4 in reset when entering DSM.
Signed-off-by: Teo Hall <teo.hall@freescale.com>
|
|
add tcm and bootrom to device tree for m4 re-kick after DSM.
Signed-off-by: Teo Hall <teo.hall@freescale.com>
|
|
change the slots to persistent to be congruent with
M4 image. Also change so that slots do read/modify/write
so that M4 settings are not overwritten.
Signed-off-by: Teo Hall <teo.hall@freescale.com>
|
|
Added DTS file configuration for Murata V1+EX
BCM4339 module on evk_6ul platform.
Signed-off-by: Haoran Wang <Haoran.Wang@freescale.com>
|
|
add LPM messages for:
-M4 reporting state
-M4 Request/Release High Bus Freq
-A7 tell M4 it is ready
Signed-off-by: Teo Hall <teo.hall@freescale.com>
|
|
offset high_bus_count+1 when m4 is enabled
Signed-off-by: Teo Hall <teo.hall@freescale.com>
|
|
The spi nor port1 is used by m4 on imx6sx sabreauto board.
Signed-off-by: Richard Zhu <Richard.Zhu@freescale.com>
|
|
Current driver will meet the following warning on MX6SL platform which does
not support ADMA.
It is caused by the driver is using fixed scatter gather DMA not matter whether
the host supports or not. Then the host without ADMA capability will warning
if found the DMA sg_count is non-1.
Change the driver a bit to avoid multi DMA scatter list if found the
host->max_segs is only 1 to fix the issue.
root@imx6slevk:~# udhcpc -i wlan0
udhcpc (v1.23.1) started
Sending discover...
Sending select for 192.168.1.11...
Lease of 192.168.1.11 obtained, lease time 86400
/etc/udhcpc.d/50default: Adding DNS 192.168.1.1
root@imx6slevk:~# ------------[ cut here ]------------
WARNING: CPU: 0 PID: 954 at /home/jenkins/jobs/Standalone-X11_with_mfgtools/workspace/temp_build_dir/build_fsl-imx-internal-x11/tmp/work-shared/imx6slevk/kernel-source/drivers/mmc/host/sdhci.c:839 sdhci_send_command+0xc64/0xd10()
Modules linked in: bcmdhd evbug [last unloaded: bcmdhd]
CPU: 0 PID: 954 Comm: dhd_dpc Tainted: G W 3.14.52-1.1.0_ga+g76946e8 #1
[<80014a68>] (unwind_backtrace) from [<80011758>] (show_stack+0x10/0x14)
[<80011758>] (show_stack) from [<80720180>] (dump_stack+0x7c/0xbc)
[<80720180>] (dump_stack) from [<80031df8>] (warn_slowpath_common+0x70/0x8c)
[<80031df8>] (warn_slowpath_common) from [<80031eb0>] (warn_slowpath_null+0x1c/0x24)
[<80031eb0>] (warn_slowpath_null) from [<804d5d2c>] (sdhci_send_command+0xc64/0xd10)
[<804d5d2c>] (sdhci_send_command) from [<804d74e8>] (sdhci_request+0xc0/0x1f0)
[<804d74e8>] (sdhci_request) from [<804c218c>] (__mmc_start_req+0x60/0x84)
[<804c218c>] (__mmc_start_req) from [<804c25a4>] (mmc_wait_for_req+0x10/0x20)
[<804c25a4>] (mmc_wait_for_req) from [<7f27ff6c>] (sdioh_request_packet_chain+0x368/0x400 [bcmdhd])
[<7f27ff6c>] (sdioh_request_packet_chain [bcmdhd]) from [<7f280da4>] (sdioh_request_buffer+0x124/0x294 [bcmdhd])
[<7f280da4>] (sdioh_request_buffer [bcmdhd]) from [<7f27f6dc>] (bcmsdh_send_buf+0x94/0x108 [bcmdhd])
[<7f27f6dc>] (bcmsdh_send_buf [bcmdhd]) from [<7f28e98c>] (dhd_bcmsdh_send_buf.constprop.25+0x80/0x220 [bcmdhd])
[<7f28e98c>] (dhd_bcmsdh_send_buf.constprop.25 [bcmdhd]) from [<7f28f454>] (dhdsdio_txpkt.constprop.24+0x928/0xa2c [bcmdhd])
[<7f28f454>] (dhdsdio_txpkt.constprop.24 [bcmdhd]) from [<7f28f6b0>] (dhdsdio_sendfromq+0x158/0x3c4 [bcmdhd])
[<7f28f6b0>] (dhdsdio_sendfromq [bcmdhd]) from [<7f2913d4>] (dhdsdio_dpc+0x2e8/0x1034 [bcmdhd])
[<7f2913d4>] (dhdsdio_dpc [bcmdhd]) from [<7f24a270>] (dhd_dpc_thread+0xe8/0x124 [bcmdhd])
[<7f24a270>] (dhd_dpc_thread [bcmdhd]) from [<8004ca6c>] (kthread+0xcc/0xe4)
[<8004ca6c>] (kthread) from [<8000e500>] (ret_from_fork+0x14/0x34)
Signed-off-by: Dong Aisheng <aisheng.dong@freescale.com>
|
|
Ignore the compilation error caused by gcc4.9
Werror=date-time in rtl8821as driver.
Signed-off-by: Haoran Wang <b50027@freescale.com>
|