sieni
/
linux
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux/drivers
History
Juergen Gross 1613462be6 xen/privcmd: add boot control for restricted usage in domU 
When running in an unprivileged domU under Xen, the privcmd driver
is restricted to allow only hypercalls against a target domain, for
which the current domU is acting as a device model.

Add a boot parameter "unrestricted" to allow all hypercalls (the
hypervisor will still refuse destructive hypercalls affecting other
guests).

Make this new parameter effective only in case the domU wasn't started
using secure boot, as otherwise hypercalls targeting the domU itself
might result in violating the secure boot functionality.

This is achieved by adding another lockdown reason, which can be
tested to not being set when applying the "unrestricted" option.

This is part of XSA-482

Signed-off-by: Juergen Gross <jgross@suse.com>
---
V2:
- new patch
 		2026-03-20 12:06:01 +01:00
..
accel accel/amdxdna: Fix runtime suspend deadlock when there is pending job 2026-03-10 11:46:40 -07:00
accessibility Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
acpi Merge branches 'acpica' and 'acpi-bus' 2026-03-19 14:57:06 +01:00
amba Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
android rust_binder: use lock_vma_under_rcu() in use_page_slow() 2026-02-26 21:34:14 -08:00
ata ata: libata-eh: Fix detection of deferred qc timeouts 2026-03-06 09:58:47 +01:00
atm Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
auxdisplay Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
base PM: runtime: Fix a race condition related to device removal 2026-03-16 20:33:09 +01:00
bcma Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
block block-7.0-20260312 2026-03-13 10:13:06 -07:00
bluetooth Bluetooth: qca: fix ROM version reading on WCN3998 chips 2026-03-12 15:29:29 -04:00
bus Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
cache cache: ax45mp: Fix device node reference leak in ax45mp_cache_init() 2026-02-06 19:54:40 +00:00
cdrom Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
cdx Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
char Bug fixes for the IPMI driver 2026-02-26 14:34:21 -08:00
clk clk: scu/imx8qxp: do not register driver in probe() 2026-02-24 12:54:17 +01:00
clocksource Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
comedi Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
connector Convert more 'alloc_obj' cases to default GFP_KERNEL arguments 2026-02-21 20:03:00 -08:00
counter Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
cpufreq cpufreq: intel_pstate: Fix crash during turbo disable 2026-02-25 14:39:19 +01:00
cpuidle sched: idle: Make skipping governor callbacks more consistent 2026-03-10 16:03:02 +01:00
crypto Crypto library fixes for v7.0-rc5 2026-03-18 15:50:29 -07:00
cxl cxl/region: Test CXL_DECODER_F_NORMALIZED_ADDRESSING as a bitmask 2026-02-24 08:33:30 -07:00
dax Convert 'alloc_flex' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
dca treewide: Replace kmalloc with kmalloc_obj for non-scalar types 2026-02-21 01:02:28 -08:00
devfreq Convert more 'alloc_obj' cases to default GFP_KERNEL arguments 2026-02-21 20:03:00 -08:00
dibs Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
dio Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
dma Convert more 'alloc_obj' cases to default GFP_KERNEL arguments 2026-02-21 20:03:00 -08:00
dma-buf Convert more 'alloc_obj' cases to default GFP_KERNEL arguments 2026-02-21 20:03:00 -08:00
dpll Including fixes from IPsec, Bluetooth and netfilter 2026-02-26 08:00:13 -08:00
edac Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
eisa Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
extcon Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
firewire bonding: prevent potential infinite loop in bond_header_parse() 2026-03-16 19:29:45 -07:00
firmware soc: fixes for 7.0 2026-03-18 08:28:54 -07:00
fpga Convert more 'alloc_obj' cases to default GFP_KERNEL arguments 2026-02-21 20:03:00 -08:00
fsi Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
fwctl Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
gnss Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
gpib gpib: lpvo_usb: fix unintended binding of FTDI 8U232AM devices 2026-03-11 16:23:32 +01:00
gpio gpiolib: normalize the return value of gc->get() on behalf of buggy drivers 2026-02-23 11:49:23 +01:00
gpu Hi Dave and Sima, 2026-03-13 10:40:17 +10:00
greybus Convert more 'alloc_obj' cases to default GFP_KERNEL arguments 2026-02-21 20:03:00 -08:00
hid hid-for-linus-2026031701 2026-03-17 13:55:51 -07:00
hsi Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
hte Convert 'alloc_flex' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
hv Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
hwmon I3C fixes for 7.0 2026-03-14 16:25:10 -07:00
hwspinlock soc: driver updates for 7.0 2026-02-10 20:45:30 -08:00
hwtracing Convert more 'alloc_obj' cases to default GFP_KERNEL arguments 2026-02-21 20:03:00 -08:00
i2c i2c: i801: Revert "i2c: i801: replace acpi_lock with I2C bus lock" 2026-03-04 12:44:14 +01:00
i3c i3c: dw-i3c-master: Set SIR_REJECT in DAT on device attach and reattach 2026-03-11 22:50:29 +01:00
idle
iio I3C fixes for 7.0 2026-03-14 16:25:10 -07:00
infiniband RDMA/uverbs: Import DMA-BUF module in uverbs_std_types_dmabuf file 2026-02-26 04:58:24 -05:00
input Convert 'alloc_flex' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
interconnect Convert 'alloc_flex' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
iommu Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
ipack Convert more 'alloc_obj' cases to default GFP_KERNEL arguments 2026-02-21 20:03:00 -08:00
irqchip irqchip/riscv-aplic: Register syscore operations only once 2026-03-10 18:42:34 +01:00
isdn Convert more 'alloc_obj' cases to default GFP_KERNEL arguments 2026-02-21 20:03:00 -08:00
leds Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
macintosh Convert more 'alloc_obj' cases to default GFP_KERNEL arguments 2026-02-21 20:03:00 -08:00
mailbox treewide: Replace kmalloc with kmalloc_obj for non-scalar types 2026-02-21 01:02:28 -08:00
mcb Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
md Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
media [GIT PULL for v7.0-rc3] media fixes 2026-03-04 08:12:06 -08:00
memory Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
memstick Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
message Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
mfd Convert more 'alloc_obj' cases to default GFP_KERNEL arguments 2026-02-21 20:03:00 -08:00
misc i3c: simplify combined i3c/i2c dependencies 2026-02-27 16:33:07 +01:00
mmc mmc: sdhci-brcmstb: use correct register offset for V1 pin_sel restore 2026-02-23 12:05:20 +01:00
most Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
mtd Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
mux Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
net net: dsa: bcm_sf2: fix missing clk_disable_unprepare() in error paths 2026-03-19 09:26:40 -07:00
nfc NFC: nxp-nci: allow GPIOs to sleep 2026-03-18 17:20:51 -07:00
ntb kmalloc_obj treewide refactoring for v7.0-rc1 2026-02-21 11:02:58 -08:00
nubus Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
nvdimm nvdimm/bus: Fix potential use after free in asynchronous initialization 2026-03-09 09:38:22 -05:00
nvme block-7.0-20260312 2026-03-13 10:13:06 -07:00
nvmem Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
of Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
opp Convert more 'alloc_obj' cases to default GFP_KERNEL arguments 2026-02-21 20:03:00 -08:00
parisc Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
parport Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
pci pci-v7.0-fixes-4 2026-03-19 16:13:51 -07:00
pcmcia Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
peci Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
perf Convert more 'alloc_obj' cases to default GFP_KERNEL arguments 2026-02-21 20:03:00 -08:00
phy Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
pinctrl pinctrl: cy8c95x0: Don't miss reading the last bank registers 2026-02-26 23:41:04 +01:00
platform platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data 2026-03-03 14:45:17 +02:00
pmdomain pmdomain providers: 2026-03-06 09:16:39 -08:00
pnp Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
power power: sequencing: pcie-m2: Fix device node reference leak in probe 2026-03-04 09:16:41 +01:00
powercap Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
pps Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
ps3 Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
ptp Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
pwm Convert 'alloc_flex' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
rapidio Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
ras Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
regulator regulator: pca9450: Correct probed name for PCA9452 2026-03-10 14:52:42 +00:00
remoteproc remoteproc: imx_rproc: Fix unreachable platform prepare_ops 2026-03-05 10:18:23 -07:00
resctrl Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
reset reset: rzg2l-usbphy-ctrl: Check pwrrdy is valid before using it 2026-02-23 17:03:28 +01:00
rpmsg Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
rtc RTC for 7.0 2026-02-22 09:43:11 -08:00
s390 s390 updates for 7.0-rc4 2026-03-13 14:18:13 -07:00
sbus Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
scsi SCSI fixes on 20260315 2026-03-15 13:15:39 -07:00
sh Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
siox Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
slimbus Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
soc Fixing a missing of_node_put() call. 2026-03-17 09:35:40 +01:00
soundwire Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
spi spi: atcspi200: Handle invalid buswidth and fix compiler warning 2026-03-11 19:08:43 +00:00
spmi Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
ssb Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
staging staging: rtl8723bs: fix potential out-of-bounds read in rtw_restruct_wmm_ie 2026-02-24 10:01:20 -08:00
target scsi: target: Fix recursive locking in __configfs_open_file() 2026-02-28 20:41:52 -05:00
tc Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
tee tee: shm: Remove refcounting of kernel pages 2026-03-03 09:03:04 +01:00
thermal Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
thunderbolt Convert more 'alloc_obj' cases to default GFP_KERNEL arguments 2026-02-21 20:03:00 -08:00
tty Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
ufs scsi: ufs: core: Fix SError in ufshcd_rtc_work() during UFS suspend 2026-03-07 11:08:39 -05:00
uio Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
usb USB: ezcap401 needs USB_QUIRK_NO_BOS to function on 10gbs usb speed 2026-03-13 18:19:07 +01:00
vdpa Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
vfio Convert more 'alloc_obj' cases to default GFP_KERNEL arguments 2026-02-21 20:03:00 -08:00
vhost Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
video fbdev: au1100fb: Fix build on MIPS64 2026-03-05 17:35:12 +01:00
virt Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
virtio Convert more 'alloc_obj' cases to default GFP_KERNEL arguments 2026-02-21 20:03:00 -08:00
w1 Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
watchdog Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
xen xen/privcmd: add boot control for restricted usage in domU 2026-03-20 12:06:01 +01:00
zorro Convert 'alloc_flex' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
Kconfig
Makefile phy: enter drivers/phy/Makefile even without CONFIG_GENERIC_PHY 2026-02-04 20:45:26 +05:30