September 2018 - Linux-stable-mirror

Re: [PATCH 1/6] drm/dp_mst: Introduce drm_dp_mst_connector_atomic_check() (fwd)

by Julia Lawall

Hello, I don't think you can update the loop index variable in list_for_each_entry, because the mcro uses th index variable to get to the next element. Perhaps list_for_each_entry_safe would be more suitable? julia ---------- Forwarded message ---------- Date: Thu, 20 Sep 2018 04:30:13 +0800 From: kbuild test robot <lkp(a)intel.com> To: kbuild(a)01.org Cc: Julia Lawall <julia.lawall(a)lip6.fr> Subject: Re: [PATCH 1/6] drm/dp_mst: Introduce drm_dp_mst_connector_atomic_check() CC: kbuild-all(a)01.org In-Reply-To: <20180918230637.20700-2-lyude(a)redhat.com> References: <20180918230637.20700-2-lyude(a)redhat.com> TO: Lyude Paul <lyude(a)redhat.com> CC: dri-devel(a)lists.freedesktop.org, nouveau(a)lists.freedesktop.org, intel-gfx(a)lists.freedesktop.org, amd-gfx(a)lists.freedesktop.org CC: David Airlie <airlied(a)linux.ie>, linux-kernel(a)vger.kernel.org, stable(a)vger.kernel.org, Sean Paul <sean(a)poorly.run> Hi Lyude, Thank you for the patch! Perhaps something to improve: [auto build test WARNING on drm-intel/for-linux-next] [also build test WARNING on v4.19-rc4 next-20180919] [if your patch is applied to the wrong git tree, please drop us a note to help improve the system] url: https://github.com/0day-ci/linux/commits/Lyude-Paul/Fix-legacy-DPMS-changes… base: git://anongit.freedesktop.org/drm-intel for-linux-next :::::: branch date: 8 hours ago :::::: commit date: 8 hours ago >> drivers/gpu/drm/drm_dp_mst_topology.c:3144:1-20: iterator with update on line 3145 # https://github.com/0day-ci/linux/commit/f8df31d5221b9a6da6698d4a37e622253bb… git remote add linux-review https://github.com/0day-ci/linux git remote update linux-review git checkout f8df31d5221b9a6da6698d4a37e622253bb17cdc vim +3144 drivers/gpu/drm/drm_dp_mst_topology.c 3f3353b7 Pandiyan, Dhinakaran 2017-04-20 3131 f8df31d5 Lyude Paul 2018-09-18 3132 static bool f8df31d5 Lyude Paul 2018-09-18 3133 drm_dp_mst_connector_still_exists(struct drm_connector *connector, f8df31d5 Lyude Paul 2018-09-18 3134 struct drm_dp_mst_topology_mgr *mgr, f8df31d5 Lyude Paul 2018-09-18 3135 struct drm_dp_mst_branch *mstb) f8df31d5 Lyude Paul 2018-09-18 3136 { f8df31d5 Lyude Paul 2018-09-18 3137 struct drm_dp_mst_port *port; f8df31d5 Lyude Paul 2018-09-18 3138 bool exists = false; f8df31d5 Lyude Paul 2018-09-18 3139 f8df31d5 Lyude Paul 2018-09-18 3140 mstb = drm_dp_get_validated_mstb_ref(mgr, mstb); f8df31d5 Lyude Paul 2018-09-18 3141 if (!mstb) f8df31d5 Lyude Paul 2018-09-18 3142 return false; f8df31d5 Lyude Paul 2018-09-18 3143 f8df31d5 Lyude Paul 2018-09-18 @3144 list_for_each_entry(port, &mstb->ports, next) { f8df31d5 Lyude Paul 2018-09-18 @3145 port = drm_dp_get_validated_port_ref(mgr, port); f8df31d5 Lyude Paul 2018-09-18 3146 if (!port) f8df31d5 Lyude Paul 2018-09-18 3147 continue; f8df31d5 Lyude Paul 2018-09-18 3148 f8df31d5 Lyude Paul 2018-09-18 3149 exists = (port->connector == connector || f8df31d5 Lyude Paul 2018-09-18 3150 (port->mstb && f8df31d5 Lyude Paul 2018-09-18 3151 drm_dp_mst_connector_still_exists(connector, mgr, f8df31d5 Lyude Paul 2018-09-18 3152 port->mstb))); f8df31d5 Lyude Paul 2018-09-18 3153 f8df31d5 Lyude Paul 2018-09-18 3154 drm_dp_put_port(port); f8df31d5 Lyude Paul 2018-09-18 3155 if (exists) f8df31d5 Lyude Paul 2018-09-18 3156 break; f8df31d5 Lyude Paul 2018-09-18 3157 } f8df31d5 Lyude Paul 2018-09-18 3158 f8df31d5 Lyude Paul 2018-09-18 3159 drm_dp_put_mst_branch_device(mstb); f8df31d5 Lyude Paul 2018-09-18 3160 return exists; f8df31d5 Lyude Paul 2018-09-18 3161 } f8df31d5 Lyude Paul 2018-09-18 3162 --- 0-DAY kernel test infrastructure Open Source Technology Center https://lists.01.org/pipermail/kbuild-all Intel Corporation

6 years, 7 months

2
1
0 0

[PATCH 00/11] OPP: Don't create multiple OPP tables for devices sharing OPP table

by Viresh Kumar

Hello, Niklas Cassle recently reported some regressions with his Qcom cpufreq driver where he was getting some errors while creating the OPPs tables. After looking into it I realized that the OPP core incorrectly creates multiple OPP tables for the devices even if they are sharing the OPP table in DT. This happens when the request comes using different CPU devices. For example, dev_pm_opp_set_supported_hw() getting called using CPU0 and dev_pm_opp_of_add_table() getting called using CPU1. This series redesigns the internals of the OPP core to fix that. The redesign has simplified the core itself though. @Niklas: Can you please confirm that this series fixes the issues you have reported ? I have already tested it on Hikey960. -- viresh Viresh Kumar (11): OPP: Free OPP table properly on performance state irregularities OPP: Protect dev_list with opp_table lock OPP: Pass index to _of_init_opp_table() OPP: Parse OPP table's DT properties from _of_init_opp_table() OPP: Don't take OPP table's kref for static OPPs OPP: Create separate kref for static OPPs list cpufreq: mvebu: Remove OPPs using dev_pm_opp_remove() OPP: Don't remove dynamic OPPs from _dev_pm_opp_remove_table() OPP: Use a single mechanism to free the OPP table OPP: Prevent creating multiple OPP tables for devices sharing OPP nodes OPP: Pass OPP table to _of_add_opp_table_v{1|2}() drivers/cpufreq/mvebu-cpufreq.c | 9 +- drivers/opp/core.c | 147 ++++++++++++++++--------- drivers/opp/cpu.c | 11 +- drivers/opp/of.c | 186 +++++++++++++++++--------------- drivers/opp/opp.h | 19 ++-- include/linux/pm_opp.h | 6 ++ 6 files changed, 221 insertions(+), 157 deletions(-) -- 2.18.0.rc1.242.g61856ae69a2c

6 years, 7 months

2
5
0 0

[PATCH] IB/srp: Avoid that sg_reset -d ${srp_device} triggers an infinite loop

by Bart Van Assche

Use different loop variables for the inner and outer loop. This avoids that an infinite loop occurs if there are more RDMA channels than target->req_ring_size. Fixes: d92c0da71a35 ("IB/srp: Add multichannel support") Signed-off-by: Bart Van Assche <bvanassche(a)acm.org> Cc: Max Gurtovoy <maxg(a)mellanox.com> Cc: Laurence Oberman <loberman(a)redhat.com> Cc: <stable(a)vger.kernel.org> --- drivers/infiniband/ulp/srp/ib_srp.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/drivers/infiniband/ulp/srp/ib_srp.c b/drivers/infiniband/ulp/srp/ib_srp.c index 444d16520506..0b34e909505f 100644 --- a/drivers/infiniband/ulp/srp/ib_srp.c +++ b/drivers/infiniband/ulp/srp/ib_srp.c @@ -2951,7 +2951,7 @@ static int srp_reset_device(struct scsi_cmnd *scmnd) { struct srp_target_port *target = host_to_target(scmnd->device->host); struct srp_rdma_ch *ch; - int i; + int i, j; u8 status; shost_printk(KERN_ERR, target->scsi_host, "SRP reset_device called\n"); @@ -2965,8 +2965,8 @@ static int srp_reset_device(struct scsi_cmnd *scmnd) for (i = 0; i < target->ch_count; i++) { ch = &target->ch[i]; - for (i = 0; i < target->req_ring_size; ++i) { - struct srp_request *req = &ch->req_ring[i]; + for (j = 0; j < target->req_ring_size; ++j) { + struct srp_request *req = &ch->req_ring[j]; srp_finish_req(ch, req, scmnd->device, DID_RESET << 16); } -- 2.18.0

6 years, 7 months

2
1
0 0

Linux 4.4.157

by Greg KH

I'm announcing the release of the 4.4.157 kernel. All users of the 4.4 kernel series must upgrade. The updated 4.4.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.4.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 - arch/arc/configs/axs101_defconfig | 1 arch/arc/configs/axs103_defconfig | 1 arch/arc/configs/axs103_smp_defconfig | 1 arch/mips/cavium-octeon/octeon-platform.c | 2 + arch/mips/include/asm/io.h | 8 ++--- arch/mips/kernel/process.c | 1 arch/mips/mm/c-r4k.c | 6 ++- arch/openrisc/kernel/process.c | 2 - arch/x86/include/asm/processor.h | 4 +- arch/x86/kernel/cpu/bugs.c | 47 ++++++++++++++++++++++++++---- arch/x86/kernel/cpu/common.c | 2 + arch/x86/mm/fault.c | 2 - block/blk-cgroup.c | 9 +++-- block/cfq-iosched.c | 6 ++- block/partitions/aix.c | 13 +++++--- drivers/ata/libahci.c | 2 + drivers/bluetooth/Kconfig | 1 drivers/crypto/vmx/aes_cbc.c | 30 ++++++++----------- drivers/gpio/gpio-ml-ioh.c | 3 + drivers/gpio/gpio-tegra.c | 2 - drivers/i2c/busses/i2c-i801.c | 7 +++- drivers/i2c/busses/i2c-xiic.c | 4 ++ drivers/infiniband/core/cma.c | 13 ++++++-- drivers/input/touchscreen/atmel_mxt_ts.c | 7 ++-- drivers/iommu/ipmmu-vmsa.c | 9 ++--- drivers/macintosh/via-pmu.c | 9 +++-- drivers/md/raid5.c | 6 +++ drivers/mfd/ti_am335x_tscadc.c | 3 - drivers/misc/mic/scif/scif_api.c | 20 +++++------- drivers/misc/ti-st/st_kim.c | 4 +- drivers/misc/vmw_balloon.c | 1 drivers/mtd/ubi/wl.c | 8 +++-- drivers/net/ethernet/marvell/mvneta.c | 1 drivers/net/ethernet/ti/cpsw.c | 14 ++++---- drivers/net/ethernet/ti/cpsw.h | 1 drivers/net/ethernet/ti/davinci_emac.c | 1 drivers/net/wireless/ath/ath10k/mac.c | 7 ++++ drivers/net/wireless/ath/ath10k/wmi-tlv.c | 5 +++ drivers/net/wireless/ath/ath10k/wmi-tlv.h | 5 +++ drivers/scsi/3w-9xxx.c | 6 +++ drivers/scsi/3w-sas.c | 3 + drivers/scsi/3w-xxxx.c | 2 + drivers/staging/rts5208/rtsx_scsi.c | 2 - drivers/staging/rts5208/xd.c | 2 - drivers/target/target_core_transport.c | 5 +-- drivers/tty/rocket.c | 2 - drivers/uio/uio.c | 3 - drivers/usb/host/xhci.c | 3 + fs/autofs4/autofs_i.h | 4 +- fs/autofs4/inode.c | 1 fs/f2fs/segment.h | 3 + fs/f2fs/super.c | 21 ++++++++++++- fs/nfs/callback_xdr.c | 11 +++++-- include/linux/mm_types.h | 2 - include/linux/sched.h | 2 - include/linux/vm_event_item.h | 1 include/linux/vmacache.h | 5 --- include/uapi/linux/ethtool.h | 4 +- kernel/fork.c | 17 +++++++--- kernel/locking/osq_lock.c | 13 ++++++++ kernel/locking/rwsem-xadd.c | 27 +++++++++++++++++ mm/debug.c | 4 +- mm/vmacache.c | 38 ------------------------ net/bluetooth/hidp/core.c | 2 - net/dcb/dcbnl.c | 11 ++++--- net/netfilter/x_tables.c | 4 +- security/selinux/avc.c | 14 +++----- sound/pci/hda/hda_codec.c | 3 + tools/perf/perf.h | 2 + 70 files changed, 311 insertions(+), 176 deletions(-) Alexey Brodkin (1): ARC: [plat-axs*]: Enable SWAP Andi Kleen (1): x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ Anton Vasilyev (4): misc: ti-st: Fix memory leak in the error path of probe() tty: rocket: Fix possible buffer overwrite on register_PCI scsi: 3ware: fix return 0 on the error path of probe gpio: ml-ioh: Fix buffer underwrite on probe error path BingJing Chang (1): md/raid5: fix data corruption of replacements after originals dropped Chao Yu (1): f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize Christophe Leroy (1): perf tools: Allow overriding MAX_NR_CPUS at compile time Dan Carpenter (2): misc: mic: SCIF Fix scif_get_new_port() error handling uio: potential double frees if __uio_register_device() fails Daniel Micay (1): staging/rts5208: Fix read overflow in memcpy David Rivshin (1): drivers: net: cpsw: fix parsing of phy-handle DT property in dual_emac config Dmitry Osipenko (1): gpio: tegra: Move driver registration to subsys_init level Eric Dumazet (1): netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_user Felipe Balbi (1): i2c: i801: fix DNV's SMBCTRL register offset Finn Thain (1): macintosh/via-pmu: Add missing mmio accessors Florian Fainelli (1): ethtool: Remove trailing semicolon for static inline Geert Uytterhoeven (1): iommu/ipmmu-vmsa: Fix allocation in atomic context Greg Kroah-Hartman (1): Linux 4.4.157 Ian Kent (1): autofs: fix autofs_sbi() does not check super block type Jia-Ju Bai (1): staging: rt5208: Fix a sleep-in-atomic bug in xd_copy_page Joerg Roedel (1): x86/mm: Remove in_nmi() warning from vmalloc_fault() Johan Hedberg (1): Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV Johan Hovold (1): net: ethernet: ti: cpsw: fix mdio device reference leak Linus Torvalds (1): mm: get rid of vmacache_flush_all() entirely Marcel Holtmann (1): Bluetooth: hidp: Fix handling of strncpy for hid->name information Mathias Nyman (1): xhci: Fix use-after-free in xhci_free_virt_device Mauricio Faria de Oliveira (2): partitions/aix: append null character to print data from disk partitions/aix: fix usage of uninitialized lv_info and lvname structures Michal Hocko (1): selinux: use GFP_NOWAIT in the AVC kmem_caches Mike Christie (1): scsi: target: fix __transport_register_session locking Nadav Amit (1): vmw_balloon: include asm/io.h Nicholas Mc Guire (1): MIPS: Octeon: add missing of_node_put() Nick Dyer (1): Input: atmel_mxt_ts - only use first T9 instance Olga Kornievskaia (1): NFSv4.0 fix client reference leak in callback Ondrej Mosnacek (1): crypto: vmx - Fix sleep-in-atomic bugs Parav Pandit (1): RDMA/cma: Do not ignore net namespace for unbound cm_id Paul Burton (2): MIPS: Fix ISA virt/bus conversion for non-zero PHYS_OFFSET MIPS: WARN_ON invalid DMA cache maintenance, not BUG_ON Peter Chen (1): ethernet: ti: davinci_emac: add missing of_node_put after calling of_parse_phandle Petr Machata (1): net: dcb: For wild-card lookups, use priority -1, not 0 Prateek Sood (2): locking/rwsem-xadd: Fix missed wakeup due to reordering of load locking/osq_lock: Fix osq_lock queue corruption Ritesh Harjani (1): cfq: Give a chance for arming slice idle timer in case of group_idle Shubhrajyoti Datta (1): i2c: xiic: Make the start and the byte count write atomic Srinivas Pandruvada (1): ata: libahci: Correct setting of DEVSLP register Surabhi Vishnoi (1): ath10k: disable bundle mgmt tx completion event support Sven Eckelmann (1): ath10k: prevent active scans on potential unusable channels Takashi Iwai (1): ALSA: hda - Fix cancel_work_sync() stall from jackpoll work Tejun Heo (1): block,blkcg: use __GFP_NOWARN for best-effort allocations in blkcg Vegard Nossum (2): kthread: Fix use-after-free if kthread fork fails kthread: fix boot hang (regression) on MIPS/OpenRISC Wei Yongjun (1): mtd: ubi: wl: Fix error return code in ubi_wl_init() Yelena Krivosheev (1): net: mvneta: fix mtu change on port without link Yunlong Song (1): f2fs: do not set free of current section Zumeng Chen (1): mfd: ti_am335x_tscadc: Fix struct clk memory leak

6 years, 7 months

1
1
0 0

Linux 4.9.128

by Greg KH

I'm announcing the release of the 4.9.128 kernel. All users of the 4.9 kernel series must upgrade. The updated 4.9.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.9.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 - arch/arc/configs/axs101_defconfig | 1 arch/arc/configs/axs103_defconfig | 1 arch/arc/configs/axs103_smp_defconfig | 1 arch/mips/cavium-octeon/octeon-platform.c | 2 + arch/mips/generic/init.c | 1 arch/mips/include/asm/io.h | 8 +++--- arch/mips/kernel/process.c | 1 arch/mips/mm/c-r4k.c | 6 +++- arch/openrisc/kernel/process.c | 2 - arch/s390/kvm/vsie.c | 3 +- arch/x86/mm/fault.c | 2 - block/blk-cgroup.c | 9 +++---- block/cfq-iosched.c | 6 +++- block/partitions/aix.c | 13 +++++++--- drivers/ata/libahci.c | 2 + drivers/bluetooth/Kconfig | 1 drivers/char/tpm/tpm_i2c_infineon.c | 8 +++--- drivers/char/tpm/tpm_tis_spi.c | 9 ++++++- drivers/gpio/gpio-ml-ioh.c | 3 +- drivers/gpio/gpio-tegra.c | 2 - drivers/i2c/busses/i2c-i801.c | 7 ++++- drivers/i2c/busses/i2c-xiic.c | 4 +++ drivers/infiniband/core/cma.c | 13 +++++++--- drivers/infiniband/sw/rxe/rxe_resp.c | 4 ++- drivers/input/touchscreen/atmel_mxt_ts.c | 7 +++-- drivers/iommu/ipmmu-vmsa.c | 9 +++---- drivers/macintosh/via-pmu.c | 9 +++---- drivers/md/raid5.c | 6 ++++ drivers/media/dvb-frontends/helene.c | 5 +++ drivers/media/platform/s5p-mfc/s5p_mfc.c | 23 +++++++++--------- drivers/mfd/ti_am335x_tscadc.c | 3 -- drivers/misc/mic/scif/scif_api.c | 20 +++++++-------- drivers/misc/ti-st/st_kim.c | 4 +-- drivers/mtd/ubi/wl.c | 8 ++++-- drivers/net/ethernet/marvell/mvneta.c | 1 drivers/net/phy/mdio-mux-bcm-iproc.c | 20 +++++++++++---- drivers/net/wireless/ath/ath10k/mac.c | 7 +++++ drivers/net/wireless/ath/ath10k/wmi-tlv.c | 5 +++ drivers/net/wireless/ath/ath10k/wmi-tlv.h | 5 +++ drivers/net/wireless/ath/ath9k/hw.c | 7 +++-- drivers/net/wireless/ath/ath9k/xmit.c | 3 +- drivers/net/wireless/ti/wlcore/rx.c | 8 ++++-- drivers/scsi/3w-9xxx.c | 6 +++- drivers/scsi/3w-sas.c | 3 ++ drivers/scsi/3w-xxxx.c | 2 + drivers/staging/rts5208/rtsx_scsi.c | 2 - drivers/staging/rts5208/xd.c | 2 - drivers/target/target_core_transport.c | 5 ++- drivers/tty/rocket.c | 2 - drivers/uio/uio.c | 3 -- drivers/usb/host/xhci.c | 3 ++ fs/autofs4/autofs_i.h | 4 ++- fs/autofs4/inode.c | 1 fs/f2fs/file.c | 2 - fs/f2fs/gc.c | 8 +++++- fs/f2fs/inline.c | 21 ++++++++++++++++ fs/f2fs/node.c | 4 ++- fs/f2fs/segment.h | 3 ++ fs/f2fs/super.c | 21 +++++++++++++++- fs/nfs/callback_proc.c | 4 +-- fs/nfs/callback_xdr.c | 11 ++++++-- include/linux/mm_types.h | 2 - include/linux/sched.h | 2 - include/linux/vm_event_item.h | 1 include/linux/vmacache.h | 5 --- include/uapi/linux/ethtool.h | 4 +-- kernel/fork.c | 17 +++++++++---- kernel/locking/osq_lock.c | 13 ++++++++++ kernel/locking/rwsem-xadd.c | 27 +++++++++++++++++++++ kernel/time/timer.c | 29 ++++++++++++---------- mm/debug.c | 4 +-- mm/vmacache.c | 38 ------------------------------ mm/vmscan.c | 3 +- net/bluetooth/hidp/core.c | 2 - net/dcb/dcbnl.c | 11 +++++--- net/netfilter/x_tables.c | 4 +-- net/wireless/nl80211.c | 3 ++ security/selinux/avc.c | 14 ++++------- sound/pci/hda/hda_codec.c | 3 +- tools/perf/perf.h | 2 + 81 files changed, 357 insertions(+), 195 deletions(-) Alexey Brodkin (1): ARC: [plat-axs*]: Enable SWAP Anton Vasilyev (4): misc: ti-st: Fix memory leak in the error path of probe() tty: rocket: Fix possible buffer overwrite on register_PCI scsi: 3ware: fix return 0 on the error path of probe gpio: ml-ioh: Fix buffer underwrite on probe error path Arun Parameswaran (1): net: phy: Fix the register offsets in Broadcom iProc mdio mux driver BingJing Chang (1): md/raid5: fix data corruption of replacements after originals dropped Chao Yu (4): f2fs: try grabbing node page lock aggressively in sync scenario f2fs: fix to skip GC if type in SSA and SIT is inconsistent f2fs: fix to do sanity check with reserved blkaddr of inline inode f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize Christophe Leroy (1): perf tools: Allow overriding MAX_NR_CPUS at compile time Dan Carpenter (3): misc: mic: SCIF Fix scif_get_new_port() error handling uio: potential double frees if __uio_register_device() fails f2fs: Fix uninitialized return in f2fs_ioc_shutdown() Daniel Micay (1): staging/rts5208: Fix read overflow in memcpy Dmitry Osipenko (1): gpio: tegra: Move driver registration to subsys_init level Eric Dumazet (1): netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_user Felipe Balbi (1): i2c: i801: fix DNV's SMBCTRL register offset Felix Fietkau (2): ath9k: report tx status on EOSP ath9k_hw: fix channel maximum power level test Finn Thain (1): macintosh/via-pmu: Add missing mmio accessors Florian Fainelli (1): ethtool: Remove trailing semicolon for static inline Gaurav Kohli (1): timers: Clear timer_base::must_forward_clk with timer_base::lock held Geert Uytterhoeven (1): iommu/ipmmu-vmsa: Fix allocation in atomic context Greg Kroah-Hartman (1): Linux 4.9.128 Ian Kent (1): autofs: fix autofs_sbi() does not check super block type Jia-Ju Bai (1): staging: rt5208: Fix a sleep-in-atomic bug in xd_copy_page Joerg Roedel (1): x86/mm: Remove in_nmi() warning from vmalloc_fault() Johan Hedberg (1): Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV Johannes Berg (1): nl80211: fix null-ptr dereference on invalid mesh configuration Johannes Weiner (1): mm: remove seemingly spurious reclaimability check from laptop_mode gating Katsuhiro Suzuki (1): media: helene: fix xtal frequency setting at power on Kees Cook (1): IB/rxe: do not copy extra stack memory to skb Linus Torvalds (1): mm: get rid of vmacache_flush_all() entirely Linus Walleij (1): tpm_tis_spi: Pass the SPI IRQ down to the driver Loic Poulain (1): wlcore: Set rx_status boottime_ns field on rx Marcel Holtmann (1): Bluetooth: hidp: Fix handling of strncpy for hid->name information Mathias Nyman (1): xhci: Fix use-after-free in xhci_free_virt_device Mauricio Faria de Oliveira (2): partitions/aix: append null character to print data from disk partitions/aix: fix usage of uninitialized lv_info and lvname structures Mel Gorman (1): mm, vmscan: clear PGDAT_WRITEBACK when zone is balanced Michal Hocko (1): selinux: use GFP_NOWAIT in the AVC kmem_caches Mike Christie (1): scsi: target: fix __transport_register_session locking Nicholas Mc Guire (2): MIPS: Octeon: add missing of_node_put() MIPS: generic: fix missing of_node_put() Nick Dyer (1): Input: atmel_mxt_ts - only use first T9 instance Olga Kornievskaia (1): NFSv4.0 fix client reference leak in callback Parav Pandit (1): RDMA/cma: Do not ignore net namespace for unbound cm_id Paul Burton (2): MIPS: Fix ISA virt/bus conversion for non-zero PHYS_OFFSET MIPS: WARN_ON invalid DMA cache maintenance, not BUG_ON Peter Rosin (1): tpm/tpm_i2c_infineon: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) Petr Machata (1): net: dcb: For wild-card lookups, use priority -1, not 0 Pierre Morel (1): KVM: s390: vsie: copy wrapping keys to right place Prateek Sood (2): locking/rwsem-xadd: Fix missed wakeup due to reordering of load locking/osq_lock: Fix osq_lock queue corruption Ritesh Harjani (1): cfq: Give a chance for arming slice idle timer in case of group_idle Shubhrajyoti Datta (1): i2c: xiic: Make the start and the byte count write atomic Srinivas Pandruvada (1): ata: libahci: Correct setting of DEVSLP register Surabhi Vishnoi (1): ath10k: disable bundle mgmt tx completion event support Sven Eckelmann (1): ath10k: prevent active scans on potential unusable channels Sylwester Nawrocki (1): media: s5p-mfc: Fix buffer look up in s5p_mfc_handle_frame_{new, copy_time} functions Takashi Iwai (1): ALSA: hda - Fix cancel_work_sync() stall from jackpoll work Tejun Heo (1): block,blkcg: use __GFP_NOWARN for best-effort allocations in blkcg Trond Myklebust (1): NFSv4.1: Fix a potential layoutget/layoutrecall deadlock Vegard Nossum (2): kthread: Fix use-after-free if kthread fork fails kthread: fix boot hang (regression) on MIPS/OpenRISC Wei Yongjun (1): mtd: ubi: wl: Fix error return code in ubi_wl_init() Yelena Krivosheev (1): net: mvneta: fix mtu change on port without link Yunlong Song (1): f2fs: do not set free of current section Zumeng Chen (1): mfd: ti_am335x_tscadc: Fix struct clk memory leak

6 years, 7 months

1
1
0 0

Linux 4.14.71

by Greg KH

I'm announcing the release of the 4.14.71 kernel. All users of the 4.14 kernel series must upgrade. The updated 4.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.14.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/networking/ip-sysctl.txt | 13 Makefile | 2 arch/arc/configs/axs101_defconfig | 1 arch/arc/configs/axs103_defconfig | 1 arch/arc/configs/axs103_smp_defconfig | 1 arch/mips/cavium-octeon/octeon-platform.c | 2 arch/mips/generic/init.c | 1 arch/mips/include/asm/io.h | 8 arch/mips/kernel/vdso.c | 20 arch/mips/mm/c-r4k.c | 6 arch/powerpc/platforms/powernv/npu-dma.c | 5 arch/s390/kvm/vsie.c | 3 arch/x86/kernel/cpu/microcode/amd.c | 24 arch/x86/kernel/cpu/microcode/intel.c | 17 arch/x86/kvm/vmx.c | 4 arch/x86/mm/fault.c | 2 block/bfq-cgroup.c | 4 block/blk-mq-tag.c | 8 block/partitions/aix.c | 13 crypto/Makefile | 2 drivers/android/binder_alloc.c | 42 + drivers/ata/libahci.c | 20 drivers/block/nbd.c | 3 drivers/block/pktcdvd.c | 4 drivers/bluetooth/Kconfig | 1 drivers/char/tpm/tpm-interface.c | 50 + drivers/char/tpm/tpm.h | 12 drivers/char/tpm/tpm2-space.c | 16 drivers/char/tpm/tpm_crb.c | 101 --- drivers/char/tpm/tpm_i2c_infineon.c | 8 drivers/char/tpm/tpm_tis_spi.c | 9 drivers/firmware/google/vpd.c | 5 drivers/gpio/gpio-ml-ioh.c | 3 drivers/gpio/gpio-tegra.c | 2 drivers/gpu/drm/i915/i915_reg.h | 1 drivers/gpu/drm/i915/intel_ddi.c | 4 drivers/gpu/ipu-v3/ipu-common.c | 2 drivers/hv/hv.c | 14 drivers/i2c/busses/i2c-aspeed.c | 2 drivers/i2c/busses/i2c-i801.c | 7 drivers/i2c/busses/i2c-xiic.c | 4 drivers/infiniband/core/cma.c | 13 drivers/input/touchscreen/atmel_mxt_ts.c | 7 drivers/iommu/ipmmu-vmsa.c | 9 drivers/macintosh/via-pmu.c | 9 drivers/md/dm-cache-target.c | 19 drivers/md/raid5.c | 6 drivers/media/dvb-frontends/helene.c | 5 drivers/media/platform/davinci/vpif_display.c | 24 drivers/media/platform/qcom/camss-8x16/camss-csid.c | 16 drivers/media/platform/s5p-mfc/s5p_mfc.c | 23 drivers/media/usb/dvb-usb/dw2102.c | 19 drivers/mfd/ti_am335x_tscadc.c | 3 drivers/misc/mic/scif/scif_api.c | 20 drivers/misc/ti-st/st_kim.c | 4 drivers/mtd/ubi/wl.c | 8 drivers/net/ethernet/marvell/mvneta.c | 1 drivers/net/phy/mdio-mux-bcm-iproc.c | 20 drivers/net/tun.c | 21 drivers/net/wireless/ath/ath10k/mac.c | 7 drivers/net/wireless/ath/ath10k/wmi-tlv.c | 5 drivers/net/wireless/ath/ath10k/wmi-tlv.h | 5 drivers/net/wireless/ath/ath9k/hw.c | 7 drivers/net/wireless/ath/ath9k/xmit.c | 3 drivers/net/wireless/ti/wlcore/rx.c | 8 drivers/pci/switch/switchtec.c | 4 drivers/pinctrl/freescale/pinctrl-imx.c | 2 drivers/pinctrl/pinctrl-amd.c | 3 drivers/rpmsg/rpmsg_core.c | 7 drivers/scsi/3w-9xxx.c | 6 drivers/scsi/3w-sas.c | 3 drivers/scsi/3w-xxxx.c | 2 drivers/scsi/lpfc/lpfc.h | 2 drivers/target/target_core_transport.c | 5 drivers/tty/rocket.c | 2 drivers/uio/uio.c | 3 fs/autofs4/autofs_i.h | 4 fs/autofs4/inode.c | 1 fs/btrfs/ioctl.c | 19 fs/cifs/inode.c | 2 fs/cifs/smb2ops.c | 35 - fs/cifs/smb2pdu.c | 3 fs/f2fs/f2fs.h | 7 fs/f2fs/file.c | 2 fs/f2fs/gc.c | 8 fs/f2fs/inline.c | 22 fs/f2fs/node.c | 4 fs/f2fs/segment.h | 3 fs/f2fs/super.c | 21 fs/f2fs/sysfs.c | 10 fs/nfs/callback_proc.c | 4 fs/nfs/callback_xdr.c | 11 include/linux/mm_types.h | 2 include/linux/mm_types_task.h | 2 include/linux/rhashtable.h | 8 include/linux/skbuff.h | 50 + include/linux/tpm.h | 2 include/linux/vm_event_item.h | 1 include/linux/vmacache.h | 5 include/net/inet_frag.h | 135 ++-- include/net/ip.h | 1 include/net/ipv6.h | 26 include/uapi/linux/ethtool.h | 4 include/uapi/linux/snmp.h | 1 kernel/cpu.c | 11 kernel/time/timer.c | 29 - lib/rhashtable.c | 2 mm/debug.c | 4 mm/vmacache.c | 38 - net/bluetooth/hidp/core.c | 2 net/core/skbuff.c | 31 - net/dcb/dcbnl.c | 11 net/ieee802154/6lowpan/6lowpan_i.h | 26 net/ieee802154/6lowpan/reassembly.c | 153 ++--- net/ipv4/inet_fragment.c | 378 ++----------- net/ipv4/ip_fragment.c | 578 +++++++++++--------- net/ipv4/proc.c | 7 net/ipv4/tcp_fastopen.c | 8 net/ipv4/tcp_input.c | 33 - net/ipv6/netfilter/nf_conntrack_reasm.c | 105 +-- net/ipv6/proc.c | 5 net/ipv6/reassembly.c | 217 +++---- net/sched/sch_netem.c | 14 sound/pci/hda/hda_codec.c | 3 tools/perf/builtin-c2c.c | 3 tools/perf/perf.h | 2 tools/perf/util/evsel.c | 14 tools/testing/nvdimm/pmem-dax.c | 12 tools/testing/selftests/bpf/test_verifier.c | 6 129 files changed, 1472 insertions(+), 1361 deletions(-) Alexey Brodkin (1): ARC: [plat-axs*]: Enable SWAP Anton Vasilyev (7): media: davinci: vpif_display: Mix memory leak on probe error path media: dw2102: Fix memleak on sequence of probes misc: ti-st: Fix memory leak in the error path of probe() firmware: vpd: Fix section enabled flag on vpd_section_destroy tty: rocket: Fix possible buffer overwrite on register_PCI scsi: 3ware: fix return 0 on the error path of probe gpio: ml-ioh: Fix buffer underwrite on probe error path Arnd Bergmann (1): crypto: aes-generic - fix aes-generic regression on powerpc Arun Parameswaran (1): net: phy: Fix the register offsets in Broadcom iProc mdio mux driver BingJing Chang (1): md/raid5: fix data corruption of replacements after originals dropped Chao Yu (6): f2fs: fix to active page in lru list for read path f2fs: try grabbing node page lock aggressively in sync scenario f2fs: fix to skip GC if type in SSA and SIT is inconsistent f2fs: fix to do sanity check with reserved blkaddr of inline inode f2fs: fix to wait on page writeback before updating page f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize Christophe Leroy (1): perf tools: Allow overriding MAX_NR_CPUS at compile time Dan Carpenter (5): misc: mic: SCIF Fix scif_get_new_port() error handling uio: potential double frees if __uio_register_device() fails pinctrl: imx: off by one in imx_pinconf_group_dbg_show() f2fs: Fix uninitialized return in f2fs_ioc_shutdown() ipv4: frags: precedence bug in ip_expire() Daniel Kurtz (1): pinctrl/amd: only handle irq if it is pending and unmasked Dmitry Osipenko (1): gpio: tegra: Move driver registration to subsys_init level Eric Dumazet (22): inet: frags: change inet_frags_init_net() return value inet: frags: add a pointer to struct netns_frags inet: frags: refactor ipfrag_init() inet: frags: refactor ipv6_frag_init() inet: frags: refactor lowpan_net_frag_init() ipv6: export ip6 fragments sysctl to unprivileged users rhashtable: add schedule points inet: frags: use rhashtables for reassembly units inet: frags: remove some helpers inet: frags: get rif of inet_frag_evicting() inet: frags: remove inet_frag_maybe_warn_overflow() inet: frags: break the 2GB limit for frags storage inet: frags: do not clone skb in ip_expire() ipv6: frags: rewrite ip6_expire_frag_queue() rhashtable: reorganize struct rhashtable layout inet: frags: reorganize struct netns_frags inet: frags: get rid of ipfrag_skb_cb/FRAG_CB inet: frags: fix ip6frag_low_thresh boundary net: speed up skb_rbtree_purge() net: pskb_trim_rcsum() and CHECKSUM_COMPLETE are friends net: add rb_to_skb() and other rb tree helpers net: sk_buff rbnode reorg Felipe Balbi (1): i2c: i801: fix DNV's SMBCTRL register offset Felix Fietkau (2): ath9k: report tx status on EOSP ath9k_hw: fix channel maximum power level test Filipe Manana (1): Btrfs: fix data corruption when deduplicating between different files Filippo Sironi (1): x86/microcode: Update the new microcode revision unconditionally Finn Thain (1): macintosh/via-pmu: Add missing mmio accessors Florian Fainelli (1): ethtool: Remove trailing semicolon for static inline Florian Westphal (1): ipv6: defrag: drop non-last frags smaller than min mtu Gaurav Kohli (1): timers: Clear timer_base::must_forward_clk with timer_base::lock held Geert Uytterhoeven (1): iommu/ipmmu-vmsa: Fix allocation in atomic context Greg Kroah-Hartman (1): Linux 4.14.71 Gustavo A. R. Silva (1): switchtec: Fix Spectre v1 vulnerability Huaisheng Ye (1): tools/testing/nvdimm: kaddr and pfn can be NULL to ->direct_access() Ian Kent (1): autofs: fix autofs_sbi() does not check super block type Jae Hyun Yoo (1): i2c: aspeed: Add an explicit type casting for *get_clk_reg_val James Smart (1): scsi: lpfc: Correct MDS diag and nvmet configuration Jani Nikula (1): drm/i915: set DP Main Stream Attribute for color range on DDI platforms Jason Wang (2): tun: fix use after free for ptr_ring tuntap: fix use after free during release Jens Axboe (1): nbd: don't allow invalid blocksize settings Jinbum Park (1): pktcdvd: Fix possible Spectre-v1 for pkt_devs Jiri Olsa (1): perf c2c report: Fix crash for empty browser Joerg Roedel (1): x86/mm: Remove in_nmi() warning from vmalloc_fault() Johan Hedberg (1): Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV John Pittman (1): dm cache: only allow a single io_mode cache feature to be requested Kan Liang (1): perf evlist: Fix error out while applying initial delay and LBR Katsuhiro Suzuki (1): media: helene: fix xtal frequency setting at power on Kees Cook (1): inet: frags: Convert timers to use timer_setup() Konstantin Khlebnikov (1): block: bfq: swap puts in bfqg_and_blkg_put Linus Torvalds (1): mm: get rid of vmacache_flush_all() entirely Linus Walleij (1): tpm_tis_spi: Pass the SPI IRQ down to the driver Loic Poulain (1): wlcore: Set rx_status boottime_ns field on rx Marcel Holtmann (1): Bluetooth: hidp: Fix handling of strncpy for hid->name information Mauricio Faria de Oliveira (2): partitions/aix: append null character to print data from disk partitions/aix: fix usage of uninitialized lv_info and lvname structures Michael Kelley (1): Drivers: hv: vmbus: Cleanup synic memory free path Mike Christie (1): scsi: target: fix __transport_register_session locking Minchan Kim (1): android: binder: fix the race mmap and alloc_new_buf_locked Ming Lei (1): blk-mq: fix updating tags depth Neeraj Upadhyay (1): cpu/hotplug: Adjust misplaced smb() in cpuhp_thread_fun() Nicholas Mc Guire (2): MIPS: Octeon: add missing of_node_put() MIPS: generic: fix missing of_node_put() Nick Dyer (1): Input: atmel_mxt_ts - only use first T9 instance Olga Kornievskaia (1): NFSv4.0 fix client reference leak in callback Parav Pandit (1): RDMA/cma: Do not ignore net namespace for unbound cm_id Paul Burton (3): MIPS: VDSO: Match data page cache colouring when D$ aliases MIPS: Fix ISA virt/bus conversion for non-zero PHYS_OFFSET MIPS: WARN_ON invalid DMA cache maintenance, not BUG_ON Peter Oskolkov (4): ip: discard IPv4 datagrams with overlapping segments. net: modify skb_rbtree_purge to return the truesize of all purged skbs. ip: add helpers to process in-order fragments faster. ip: process in-order fragments efficiently Peter Rosin (1): tpm/tpm_i2c_infineon: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) Petr Machata (1): net: dcb: For wild-card lookups, use priority -1, not 0 Philipp Zabel (1): gpu: ipu-v3: default to id 0 on missing OF alias Pierre Morel (1): KVM: s390: vsie: copy wrapping keys to right place Prarit Bhargava (1): x86/microcode: Make sure boot_cpu_data.microcode is up-to-date Randy Dunlap (1): f2fs: fix defined but not used build warnings Reza Arbab (1): powerpc/powernv: Fix concurrency issue with npu->mmio_atsd_usage Roman Gushchin (1): selftests/bpf: fix a typo in map in map test Sean Christopherson (1): KVM: VMX: Do not allow reexecute_instruction() when skipping MMIO instr Shubhrajyoti Datta (1): i2c: xiic: Make the start and the byte count write atomic Srinivas Kandagatla (1): rpmsg: core: add support to power domains for devices Srinivas Pandruvada (2): ata: libahci: Allow reconfigure of DEVSLP register ata: libahci: Correct setting of DEVSLP register Steve French (2): SMB3: Backup intent flag missing for directory opens with backupuid mounts smb3: check for and properly advertise directory lease support Surabhi Vishnoi (1): ath10k: disable bundle mgmt tx completion event support Sven Eckelmann (1): ath10k: prevent active scans on potential unusable channels Sylwester Nawrocki (1): media: s5p-mfc: Fix buffer look up in s5p_mfc_handle_frame_{new, copy_time} functions Taehee Yoo (1): ip: frags: fix crash in ip_do_fragment() Takashi Iwai (1): ALSA: hda - Fix cancel_work_sync() stall from jackpoll work Thomas Gleixner (1): cpu/hotplug: Prevent state corruption on error rollback Todor Tomov (1): media: camss: csid: Configure data type and decode format properly Tomas Winkler (1): tpm: separate cmd_ready/go_idle from runtime_pm Trond Myklebust (1): NFSv4.1: Fix a potential layoutget/layoutrecall deadlock Wei Yongjun (1): mtd: ubi: wl: Fix error return code in ubi_wl_init() Yelena Krivosheev (1): net: mvneta: fix mtu change on port without link Yunlong Song (1): f2fs: do not set free of current section Zumeng Chen (1): mfd: ti_am335x_tscadc: Fix struct clk memory leak

6 years, 7 months

1
1
0 0

[PATCH 4.9] MIPS: VDSO: Match data page cache colouring when D$ aliases

by Paul Burton

[ Upstream commit 0f02cfbc3d9e413d450d8d0fd660077c23f67eff ] When a system suffers from dcache aliasing a user program may observe stale VDSO data from an aliased cache line. Notably this can break the expectation that clock_gettime(CLOCK_MONOTONIC, ...) is, as its name suggests, monotonic. In order to ensure that users observe updates to the VDSO data page as intended, align the user mappings of the VDSO data page such that their cache colouring matches that of the virtual address range which the kernel will use to update the data page - typically its unmapped address within kseg0. This ensures that we don't introduce aliasing cache lines for the VDSO data page, and therefore that userland will observe updates without requiring cache invalidation. Signed-off-by: Paul Burton <paul.burton(a)mips.com> Reported-by: Hauke Mehrtens <hauke(a)hauke-m.de> Reported-by: Rene Nielsen <rene.nielsen(a)microsemi.com> Reported-by: Alexandre Belloni <alexandre.belloni(a)bootlin.com> Fixes: ebb5e78cc634 ("MIPS: Initial implementation of a VDSO") Patchwork: https://patchwork.linux-mips.org/patch/20344/ Tested-by: Alexandre Belloni <alexandre.belloni(a)bootlin.com> Tested-by: Hauke Mehrtens <hauke(a)hauke-m.de> Cc: James Hogan <jhogan(a)kernel.org> Cc: linux-mips(a)linux-mips.org Cc: stable(a)vger.kernel.org # v4.4+ --- arch/mips/kernel/vdso.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/arch/mips/kernel/vdso.c b/arch/mips/kernel/vdso.c index f9dbfb14af33..e88344e3d508 100644 --- a/arch/mips/kernel/vdso.c +++ b/arch/mips/kernel/vdso.c @@ -14,12 +14,14 @@ #include <linux/init.h> #include <linux/ioport.h> #include <linux/irqchip/mips-gic.h> +#include <linux/kernel.h> #include <linux/mm.h> #include <linux/sched.h> #include <linux/slab.h> #include <linux/timekeeper_internal.h> #include <asm/abi.h> +#include <asm/page.h> #include <asm/vdso.h> /* Kernel-provided data used by the VDSO. */ @@ -129,12 +131,30 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp) vvar_size = gic_size + PAGE_SIZE; size = vvar_size + image->size; + /* + * Find a region that's large enough for us to perform the + * colour-matching alignment below. + */ + if (cpu_has_dc_aliases) + size += shm_align_mask + 1; + base = get_unmapped_area(NULL, 0, size, 0, 0); if (IS_ERR_VALUE(base)) { ret = base; goto out; } + /* + * If we suffer from dcache aliasing, ensure that the VDSO data page + * mapping is coloured the same as the kernel's mapping of that memory. + * This ensures that when the kernel updates the VDSO data userland + * will observe it without requiring cache invalidations. + */ + if (cpu_has_dc_aliases) { + base = __ALIGN_MASK(base, shm_align_mask); + base += ((unsigned long)&vdso_data - gic_size) & shm_align_mask; + } + data_addr = base + gic_size; vdso_addr = data_addr + PAGE_SIZE; -- 2.18.0

6 years, 7 months

1
0
0 0

Linux 4.18.9

by Greg KH

I'm announcing the release of the 4.18.9 kernel. All users of the 4.18 kernel series must upgrade. The updated 4.18.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.18.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arc/boot/dts/axs10x_mb.dtsi | 7 arch/arc/boot/dts/hsdk.dts | 7 arch/arc/configs/axs101_defconfig | 1 arch/arc/configs/axs103_defconfig | 1 arch/arc/configs/axs103_smp_defconfig | 1 arch/arm64/kvm/hyp/switch.c | 9 - arch/mips/boot/dts/mscc/ocelot.dtsi | 2 arch/mips/cavium-octeon/octeon-platform.c | 2 arch/mips/generic/init.c | 1 arch/mips/include/asm/io.h | 8 - arch/mips/kernel/vdso.c | 20 ++ arch/mips/mm/c-r4k.c | 6 arch/powerpc/include/asm/book3s/64/pgalloc.h | 23 ++- arch/powerpc/kvm/book3s_64_mmu_radix.c | 6 arch/powerpc/platforms/4xx/msi.c | 51 ++++-- arch/powerpc/platforms/powernv/npu-dma.c | 5 arch/powerpc/platforms/pseries/setup.c | 25 ++- arch/s390/kvm/vsie.c | 3 arch/x86/include/asm/kdebug.h | 12 + arch/x86/include/asm/kvm_host.h | 16 +- arch/x86/kernel/apic/vector.c | 2 arch/x86/kernel/cpu/microcode/amd.c | 24 ++- arch/x86/kernel/cpu/microcode/intel.c | 17 +- arch/x86/kernel/dumpstack.c | 11 - arch/x86/kernel/process_32.c | 4 arch/x86/kernel/process_64.c | 12 + arch/x86/kvm/mmu.c | 21 ++ arch/x86/kvm/svm.c | 4 arch/x86/kvm/vmx.c | 4 arch/x86/kvm/x86.c | 10 + arch/x86/mm/fault.c | 2 block/bfq-cgroup.c | 4 block/blk-core.c | 5 block/blk-mq-tag.c | 8 - block/partitions/aix.c | 13 + drivers/acpi/acpi_lpss.c | 2 drivers/android/binder_alloc.c | 43 ++++- drivers/ata/libahci.c | 20 +- drivers/base/memory.c | 20 +- drivers/block/nbd.c | 3 drivers/block/pktcdvd.c | 4 drivers/bluetooth/Kconfig | 1 drivers/char/tpm/tpm_i2c_infineon.c | 8 - drivers/char/tpm/tpm_tis_spi.c | 9 + drivers/clk/clk-scmi.c | 5 drivers/dax/pmem.c | 12 + drivers/firmware/google/vpd.c | 5 drivers/gpio/gpio-ml-ioh.c | 3 drivers/gpio/gpio-pxa.c | 35 +++- drivers/gpio/gpio-tegra.c | 2 drivers/gpu/drm/amd/display/dc/dce/dce_dmcu.c | 38 +++-- drivers/gpu/drm/amd/display/dc/inc/hw/dmcu.h | 2 drivers/gpu/ipu-v3/ipu-common.c | 2 drivers/hid/hid-ids.h | 1 drivers/hid/hid-input.c | 5 drivers/hid/hid-multitouch.c | 19 ++ drivers/hid/i2c-hid/i2c-hid.c | 2 drivers/hv/hv.c | 14 + drivers/i2c/busses/i2c-aspeed.c | 2 drivers/i2c/busses/i2c-i801.c | 7 drivers/i2c/busses/i2c-xiic.c | 4 drivers/infiniband/core/cma.c | 13 + drivers/infiniband/hw/hns/hns_roce_hem.c | 3 drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 12 + drivers/infiniband/hw/hns/hns_roce_hw_v2.h | 6 drivers/infiniband/ulp/ipoib/ipoib_multicast.c | 1 drivers/input/touchscreen/atmel_mxt_ts.c | 7 drivers/iommu/arm-smmu-v3.c | 22 ++- drivers/iommu/ipmmu-vmsa.c | 9 - drivers/macintosh/via-pmu.c | 9 - drivers/md/dm-cache-target.c | 19 ++ drivers/md/raid5.c | 6 drivers/media/dvb-frontends/helene.c | 5 drivers/media/platform/davinci/vpif_display.c | 24 ++- drivers/media/platform/qcom/camss-8x16/camss-csid.c | 16 +- drivers/media/platform/rcar-vin/rcar-csi2.c | 20 +- drivers/media/platform/s5p-mfc/s5p_mfc.c | 23 +-- drivers/media/usb/dvb-usb/dw2102.c | 19 +- drivers/media/usb/em28xx/em28xx-cards.c | 4 drivers/media/usb/em28xx/em28xx-core.c | 4 drivers/media/usb/em28xx/em28xx-dvb.c | 4 drivers/memory/ti-aemif.c | 2 drivers/mfd/rave-sp.c | 7 drivers/mfd/ti_am335x_tscadc.c | 3 drivers/misc/mic/scif/scif_api.c | 20 +- drivers/misc/ti-st/st_kim.c | 4 drivers/mtd/nand/raw/nand_base.c | 44 +++--- drivers/net/ethernet/marvell/mvneta.c | 1 drivers/net/phy/mdio-mux-bcm-iproc.c | 20 ++ drivers/net/wireless/ath/ath10k/mac.c | 7 drivers/net/wireless/ath/ath10k/wmi-tlv.c | 5 drivers/net/wireless/ath/ath10k/wmi-tlv.h | 5 drivers/net/wireless/ath/ath9k/hw.c | 7 drivers/net/wireless/ath/ath9k/xmit.c | 3 drivers/net/wireless/intel/iwlwifi/pcie/drv.c | 4 drivers/net/wireless/intel/iwlwifi/pcie/trans.c | 24 +-- drivers/net/wireless/ti/wlcore/rx.c | 8 - drivers/pci/controller/pcie-mobiveil.c | 4 drivers/pci/switch/switchtec.c | 4 drivers/pinctrl/berlin/berlin.c | 14 + drivers/pinctrl/freescale/pinctrl-imx.c | 2 drivers/pinctrl/pinctrl-amd.c | 3 drivers/regulator/tps65217-regulator.c | 2 drivers/rpmsg/rpmsg_core.c | 7 drivers/scsi/3w-9xxx.c | 6 drivers/scsi/3w-sas.c | 3 drivers/scsi/3w-xxxx.c | 2 drivers/scsi/lpfc/lpfc.h | 2 drivers/scsi/lpfc/lpfc_nvme.c | 22 +-- drivers/scsi/qla2xxx/qla_init.c | 9 - drivers/scsi/qla2xxx/qla_target.c | 3 drivers/scsi/qla2xxx/qla_tmpl.c | 9 + drivers/target/target_core_transport.c | 5 drivers/target/target_core_user.c | 73 +++++----- drivers/thermal/rcar_thermal.c | 2 drivers/thermal/thermal_hwmon.c | 1 drivers/tty/rocket.c | 2 drivers/uio/uio.c | 19 -- fs/autofs/autofs_i.h | 4 fs/autofs/inode.c | 1 fs/btrfs/extent-tree.c | 17 +- fs/btrfs/ioctl.c | 19 ++ fs/cifs/connect.c | 2 fs/cifs/inode.c | 2 fs/cifs/smb2ops.c | 35 +++- fs/cifs/smb2pdu.c | 3 fs/f2fs/f2fs.h | 15 +- fs/f2fs/file.c | 2 fs/f2fs/gc.c | 8 - fs/f2fs/inline.c | 22 +++ fs/f2fs/inode.c | 19 ++ fs/f2fs/node.c | 46 ++++-- fs/f2fs/recovery.c | 4 fs/f2fs/segment.c | 20 ++ fs/f2fs/segment.h | 3 fs/f2fs/super.c | 25 ++- fs/f2fs/sysfs.c | 16 +- fs/nfs/callback_proc.c | 4 fs/nfs/callback_xdr.c | 11 + fs/nfs/nfs4client.c | 6 include/linux/hid.h | 1 include/linux/mm_types.h | 2 include/linux/mm_types_task.h | 2 include/linux/mtd/rawnand.h | 16 +- include/linux/vm_event_item.h | 1 include/linux/vmacache.h | 5 include/uapi/linux/ethtool.h | 4 kernel/cpu.c | 11 - kernel/time/clocksource.c | 40 ++++- kernel/time/timer.c | 29 ++- mm/debug.c | 4 mm/memory_hotplug.c | 3 mm/page_alloc.c | 4 mm/vmacache.c | 38 ----- net/bluetooth/hidp/core.c | 2 net/dcb/dcbnl.c | 11 - net/mac80211/rx.c | 1 sound/pci/hda/hda_codec.c | 3 sound/pci/hda/patch_realtek.c | 1 sound/soc/soc-pcm.c | 5 tools/perf/Makefile.config | 4 tools/perf/builtin-c2c.c | 3 tools/perf/perf.h | 2 tools/perf/util/evsel.c | 14 + tools/testing/nvdimm/pmem-dax.c | 12 + tools/testing/selftests/bpf/test_verifier.c | 6 tools/testing/selftests/tc-testing/tc-tests/actions/connmark.json | 24 +-- tools/testing/selftests/tc-testing/tc-tests/actions/mirred.json | 3 virt/kvm/arm/mmu.c | 9 + 170 files changed, 1166 insertions(+), 579 deletions(-) AceLan Kao (1): HID: i2c-hid: Fix flooded incomplete report after S3 on Rayd touchscreen Akshu Agrawal (1): ASoC: soc-pcm: Use delay set in component pointer function Alexandru Gagniuc (1): ALSA: hda/realtek - Add mute LED quirk for HP Spectre x360 Alexey Brodkin (2): ARC: [plat-axs*/plat-hsdk]: Allow U-Boot to pass MAC-address to the kernel ARC: [plat-axs*]: Enable SWAP Amit Daniel Kachhap (1): clk: scmi: Fix the rounding of clock rate Andrey Smirnov (1): mfd: rave-sp: Initialize flow control and parity of the port Aneesh Kumar K.V (1): mm/hugetlb: filter out hugetlb pages if HUGEPAGE migration is not supported. Anthony Koo (1): drm/amd/display: Prevent PSR from being enabled if initialization fails Anton Vasilyev (8): media: davinci: vpif_display: Mix memory leak on probe error path media: dw2102: Fix memleak on sequence of probes misc: ti-st: Fix memory leak in the error path of probe() firmware: vpd: Fix section enabled flag on vpd_section_destroy tty: rocket: Fix possible buffer overwrite on register_PCI scsi: 3ware: fix return 0 on the error path of probe regulator: tps65217: Fix NULL pointer dereference on probe gpio: ml-ioh: Fix buffer underwrite on probe error path Arun Parameswaran (1): net: phy: Fix the register offsets in Broadcom iProc mdio mux driver Bartosz Golaszewski (1): memory: ti-aemif: fix a potential NULL-pointer dereference Benjamin Tissoires (2): HID: multitouch: fix Elan panels with 2 input modes declaration HID: core: fix grouping by application BingJing Chang (1): md/raid5: fix data corruption of replacements after originals dropped Brad Love (2): media: em28xx: Fix dual transport stream operation media: em28xx: Fix DualHD disconnect oops Calum Mackay (1): nfs: Referrals not inheriting proto setting from parent Chao Yu (10): f2fs: fix to active page in lru list for read path f2fs: fix to detect looped node chain correctly f2fs: try grabbing node page lock aggressively in sync scenario f2fs: fix to skip GC if type in SSA and SIT is inconsistent f2fs: fix to do sanity check with reserved blkaddr of inline inode f2fs: fix to wait on page writeback before updating page f2fs: fix to do sanity check with secs_per_zone f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize f2fs: fix to propagate return value of scan_nat_page() f2fs: fix to do sanity check with extra_attr feature Christophe Leroy (1): perf tools: Allow overriding MAX_NR_CPUS at compile time Dan Carpenter (4): misc: mic: SCIF Fix scif_get_new_port() error handling uio: potential double frees if __uio_register_device() fails pinctrl: imx: off by one in imx_pinconf_group_dbg_show() f2fs: Fix uninitialized return in f2fs_ioc_shutdown() Daniel Kurtz (1): pinctrl/amd: only handle irq if it is pending and unmasked Daniel Mack (1): gpio: pxa: disable pinctrl calls for PXA3xx Daniel Rosenberg (1): f2fs: Keep alloc_valid_block_count in sync Denis Drozdov (1): IB/IPoIB: Set ah valid flag in multicast send flow Dmitry Osipenko (1): gpio: tegra: Move driver registration to subsys_init level Emmanuel Grumbach (2): mac80211: don't update the PM state of a peer upon a multicast frame iwlwifi: pcie: don't access periphery registers when not available Felipe Balbi (1): i2c: i801: fix DNV's SMBCTRL register offset Felix Fietkau (2): ath9k: report tx status on EOSP ath9k_hw: fix channel maximum power level test Filipe Manana (1): Btrfs: fix data corruption when deduplicating between different files Filippo Sironi (1): x86/microcode: Update the new microcode revision unconditionally Finn Thain (1): macintosh/via-pmu: Add missing mmio accessors Florian Fainelli (1): ethtool: Remove trailing semicolon for static inline Gaurav Kohli (1): timers: Clear timer_base::must_forward_clk with timer_base::lock held Geert Uytterhoeven (1): iommu/ipmmu-vmsa: Fix allocation in atomic context Greg Kroah-Hartman (1): Linux 4.18.9 Guenter Roeck (1): powerpc/4xx: Fix error return path in ppc4xx_msi_probe() Gustavo A. R. Silva (1): switchtec: Fix Spectre v1 vulnerability Huaisheng Ye (1): tools/testing/nvdimm: kaddr and pfn can be NULL to ->direct_access() Ian Kent (1): autofs: fix autofs_sbi() does not check super block type Jae Hyun Yoo (1): i2c: aspeed: Add an explicit type casting for *get_clk_reg_val Jaegeuk Kim (1): f2fs: avoid potential deadlock in f2fs_sbi_store James Smart (2): scsi: lpfc: Correct MDS diag and nvmet configuration scsi: lpfc: Fix driver crash when re-registering NVME rports. Jann Horn (1): x86/process: Don't mix user/kernel regs in 64bit __show_regs() Jens Axboe (1): nbd: don't allow invalid blocksize settings Jinbum Park (1): pktcdvd: Fix possible Spectre-v1 for pkt_devs Jiri Olsa (1): perf c2c report: Fix crash for empty browser Joerg Roedel (1): x86/mm: Remove in_nmi() warning from vmalloc_fault() Johan Hedberg (1): Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV John Pittman (1): dm cache: only allow a single io_mode cache feature to be requested Kan Liang (1): perf evlist: Fix error out while applying initial delay and LBR Katsuhiro Suzuki (1): media: helene: fix xtal frequency setting at power on Konstantin Khlebnikov (1): block: bfq: swap puts in bfqg_and_blkg_put Lijun Ou (2): RDMA/hns: Add illegal hop_num judgement RDMA/hns: Update the data type of immediate data Linus Torvalds (1): mm: get rid of vmacache_flush_all() entirely Linus Walleij (1): tpm_tis_spi: Pass the SPI IRQ down to the driver Loic Poulain (1): wlcore: Set rx_status boottime_ns field on rx Lorenzo Pieralisi (2): PCI: mobiveil: Add missing ../pci.h include PCI: mobiveil: Fix struct mobiveil_pcie.pcie_reg_base address type Lu Fengqi (1): btrfs: fix qgroup_free wrong num_bytes in btrfs_subvolume_reserve_metadata Marc Zyngier (3): arm64: KVM: Only force FPEXC32_EL2.EN if trapping FPSIMD KVM: arm/arm64: Clean dcache to PoC when changing PTE due to CoW thermal_hwmon: Sanitize attribute name passed to hwmon Marcel Holtmann (1): Bluetooth: hidp: Fix handling of strncpy for hid->name information Mauricio Faria de Oliveira (2): partitions/aix: append null character to print data from disk partitions/aix: fix usage of uninitialized lv_info and lvname structures Michael Ellerman (1): powerpc/mm: Don't report PUDs as memory leaks when using kmemleak Michael Kelley (1): Drivers: hv: vmbus: Cleanup synic memory free path Mike Christie (2): scsi: target: fix __transport_register_session locking scsi: tcmu: do not set max_blocks if data_bitmap has been setup Mikhail Zaslonko (1): memory_hotplug: fix kernel_panic on offline page processing Mikulas Patocka (1): block: don't warn when doing fsync on read-only devices Minchan Kim (1): android: binder: fix the race mmap and alloc_new_buf_locked Ming Lei (1): blk-mq: fix updating tags depth Miquel Raynal (1): mtd: rawnand: make subop helpers return unsigned values Neeraj Upadhyay (1): cpu/hotplug: Adjust misplaced smb() in cpuhp_thread_fun() Nicholas Mc Guire (2): MIPS: Octeon: add missing of_node_put() MIPS: generic: fix missing of_node_put() Nick Dyer (1): Input: atmel_mxt_ts - only use first T9 instance Niklas Söderlund (1): media: rcar-csi2: update stream start for V3M Olga Kornievskaia (1): NFSv4.0 fix client reference leak in callback Parav Pandit (1): RDMA/cma: Do not ignore net namespace for unbound cm_id Paul Burton (3): MIPS: VDSO: Match data page cache colouring when D$ aliases MIPS: Fix ISA virt/bus conversion for non-zero PHYS_OFFSET MIPS: WARN_ON invalid DMA cache maintenance, not BUG_ON Paul Mackerras (1): KVM: PPC: Book3S HV: Use correct pagesize in kvm_unmap_radix() Peter Rosin (1): tpm/tpm_i2c_infineon: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) Peter Zijlstra (1): clocksource: Revert "Remove kthread" Petr Machata (1): net: dcb: For wild-card lookups, use priority -1, not 0 Philipp Zabel (1): gpu: ipu-v3: default to id 0 on missing OF alias Pierre Morel (1): KVM: s390: vsie: copy wrapping keys to right place Prarit Bhargava (1): x86/microcode: Make sure boot_cpu_data.microcode is up-to-date Quentin Schulz (1): MIPS: mscc: ocelot: fix length of memory address space for MIIM Quinn Tran (3): scsi: qla2xxx: Fix unintended Logout scsi: qla2xxx: Fix session state stuck in Get Port DB scsi: qla2xxx: Silent erroneous message Randy Dunlap (1): f2fs: fix defined but not used build warnings Reza Arbab (1): powerpc/powernv: Fix concurrency issue with npu->mmio_atsd_usage Robert Schlabbach (1): media: em28xx: explicitly disable TS packet filter Roman Gushchin (1): selftests/bpf: fix a typo in map in map test Sam Bobroff (1): powerpc/pseries: fix EEH recovery of some IOV devices Sean Christopherson (6): KVM: x86: SVM: Set EMULTYPE_NO_REEXECUTE for RSM emulation KVM: VMX: Do not allow reexecute_instruction() when skipping MMIO instr KVM: x86: Invert emulation re-execute behavior to make it opt-in KVM: x86: Merge EMULTYPE_RETRY and EMULTYPE_ALLOW_REEXECUTE KVM: x86: Default to not allowing emulation retry in kvm_mmu_page_fault KVM: x86: Do not re-{try,execute} after failed emulation in L2 Shubhrajyoti Datta (1): i2c: xiic: Make the start and the byte count write atomic Simon Horman (1): thermal: rcar_thermal: avoid NULL dereference in absence of IRQ resources Srinivas Kandagatla (1): rpmsg: core: add support to power domains for devices Srinivas Pandruvada (2): ata: libahci: Allow reconfigure of DEVSLP register ata: libahci: Correct setting of DEVSLP register Stefan Agner (1): HID: input: fix leaking custom input node name Stefan Hajnoczi (1): device-dax: avoid hang on error before devm_memremap_pages() Steve French (2): SMB3: Backup intent flag missing for directory opens with backupuid mounts smb3: check for and properly advertise directory lease support Surabhi Vishnoi (1): ath10k: disable bundle mgmt tx completion event support Sven Eckelmann (1): ath10k: prevent active scans on potential unusable channels Sylwester Nawrocki (1): media: s5p-mfc: Fix buffer look up in s5p_mfc_handle_frame_{new, copy_time} functions Takashi Iwai (1): ALSA: hda - Fix cancel_work_sync() stall from jackpoll work Thomas Gleixner (2): cpu/hotplug: Prevent state corruption on error rollback x86/apic/vector: Make error return value negative Thomas Richter (1): perf build: Fix installation directory for eBPF Thomas Werschlein (1): cifs: connect to servername instead of IP for IPC$ share Todor Tomov (1): media: camss: csid: Configure data type and decode format properly Trond Myklebust (1): NFSv4.1: Fix a potential layoutget/layoutrecall deadlock Vlad Buslov (2): tc-testing: flush gact actions on test teardown tc-testing: remove duplicate spaces in connmark match patterns Will Deacon (1): iommu/arm-smmu-v3: Abort all transactions if SMMU is enabled in kdump kernel Xiubo Li (1): uio: fix possible circular locking dependency Yelena Krivosheev (1): net: mvneta: fix mtu change on port without link YueHaibing (1): pinctrl: berlin: fix 'pctrl->functions' allocation in berlin_pinctrl_build_state Yunlong Song (2): f2fs: do not set free of current section f2fs: issue discard align to section in LFS mode Zhang Rui (1): ACPI / LPSS: Force LPSS quirks on boot Zumeng Chen (1): mfd: ti_am335x_tscadc: Fix struct clk memory leak

6 years, 7 months

1
1
0 0

[PATCH 05/40] drm/i915: Handle incomplete Z_FINISH for compressed error states

by Chris Wilson

The final call to zlib_deflate(Z_FINISH) may require more output space to be allocated and so needs to re-invoked. Failure to do so in the current code leads to incomplete zlib streams (albeit intact due to the use of Z_SYNC_FLUSH) resulting in the occasional short object capture. Testcase: igt/i915-error-capture.js Fixes: 0a97015d45ee ("drm/i915: Compress GPU objects in error state") Signed-off-by: Chris Wilson <chris(a)chris-wilson.co.uk> Cc: Joonas Lahtinen <joonas.lahtinen(a)linux.intel.com> Cc: <stable(a)vger.kernel.org> # v4.10+ --- drivers/gpu/drm/i915/i915_gpu_error.c | 60 +++++++++++++++++++++------ 1 file changed, 47 insertions(+), 13 deletions(-) diff --git a/drivers/gpu/drm/i915/i915_gpu_error.c b/drivers/gpu/drm/i915/i915_gpu_error.c index 2835cacd0d08..9789f4ff8c32 100644 --- a/drivers/gpu/drm/i915/i915_gpu_error.c +++ b/drivers/gpu/drm/i915/i915_gpu_error.c @@ -237,6 +237,7 @@ static int compress_page(struct compress *c, struct drm_i915_error_object *dst) { struct z_stream_s *zstream = &c->zstream; + int flush = Z_NO_FLUSH; zstream->next_in = src; if (c->tmp && i915_memcpy_from_wc(c->tmp, src, PAGE_SIZE)) @@ -257,8 +258,11 @@ static int compress_page(struct compress *c, zstream->avail_out = PAGE_SIZE; } - if (zlib_deflate(zstream, Z_SYNC_FLUSH) != Z_OK) + if (zlib_deflate(zstream, flush) != Z_OK) return -EIO; + + if (zstream->avail_out) + flush = Z_SYNC_FLUSH; } while (zstream->avail_in); /* Fallback to uncompressed if we increase size? */ @@ -268,19 +272,43 @@ static int compress_page(struct compress *c, return 0; } -static void compress_fini(struct compress *c, +static int compress_flush(struct compress *c, struct drm_i915_error_object *dst) { struct z_stream_s *zstream = &c->zstream; + unsigned long page; - if (dst) { - zlib_deflate(zstream, Z_FINISH); - dst->unused = zstream->avail_out; - } + do { + switch (zlib_deflate(zstream, Z_FINISH)) { + case Z_OK: /* more space requested */ + page = __get_free_page(GFP_ATOMIC | __GFP_NOWARN); + if (!page) + return -ENOMEM; + + dst->pages[dst->page_count++] = (void *)page; + zstream->next_out = (void *)page; + zstream->avail_out = PAGE_SIZE; + break; + case Z_STREAM_END: + goto end; + default: /* any error */ + return -EIO; + } + } while (1); + +end: + memset(zstream->next_out, 0, zstream->avail_out); + dst->unused = zstream->avail_out; + return 0; +} + +static void compress_fini(struct compress *c, + struct drm_i915_error_object *dst) +{ + struct z_stream_s *zstream = &c->zstream; zlib_deflateEnd(zstream); kfree(zstream->workspace); - if (c->tmp) free_page((unsigned long)c->tmp); } @@ -319,6 +347,12 @@ static int compress_page(struct compress *c, return 0; } +static int compress_flush(struct compress *c, + struct drm_i915_error_object *dst) +{ + return 0; +} + static void compress_fini(struct compress *c, struct drm_i915_error_object *dst) { @@ -951,15 +985,15 @@ i915_error_object_create(struct drm_i915_private *i915, if (ret) goto unwind; } - goto out; + if (compress_flush(&compress, dst)) { unwind: - while (dst->page_count--) - free_page((unsigned long)dst->pages[dst->page_count]); - kfree(dst); - dst = NULL; + while (dst->page_count--) + free_page((unsigned long)dst->pages[dst->page_count]); + kfree(dst); + dst = NULL; + } -out: compress_fini(&compress, dst); ggtt->vm.clear_range(&ggtt->vm, slot, PAGE_SIZE); return dst; -- 2.19.0

6 years, 7 months

1
0
0 0

FAILED: patch "[PATCH] mei: bus: type promotion bug in mei_nfc_if_version()" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From b40b3e9358fbafff6a4ba0f4b9658f6617146f9c Mon Sep 17 00:00:00 2001 From: Dan Carpenter <dan.carpenter(a)oracle.com> Date: Wed, 11 Jul 2018 15:29:31 +0300 Subject: [PATCH] mei: bus: type promotion bug in mei_nfc_if_version() We accidentally removed the check for negative returns without considering the issue of type promotion. The "if_version_length" variable is type size_t so if __mei_cl_recv() returns a negative then "bytes_recv" is type promoted to a high positive value and treated as success. Cc: <stable(a)vger.kernel.org> Fixes: 582ab27a063a ("mei: bus: fix received data size check in NFC fixup") Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com> Signed-off-by: Tomas Winkler <tomas.winkler(a)intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/misc/mei/bus-fixup.c b/drivers/misc/mei/bus-fixup.c index e45fe826d87d..65e28be3c8cc 100644 --- a/drivers/misc/mei/bus-fixup.c +++ b/drivers/misc/mei/bus-fixup.c @@ -341,7 +341,7 @@ static int mei_nfc_if_version(struct mei_cl *cl, ret = 0; bytes_recv = __mei_cl_recv(cl, (u8 *)reply, if_version_length, 0, 0); - if (bytes_recv < if_version_length) { + if (bytes_recv < 0 || bytes_recv < if_version_length) { dev_err(bus->dev, "Could not read IF version\n"); ret = -EIO; goto err;

6 years, 7 months

2
1
0 0

[PATCH 2/2] usb: roles: Take care of driver module reference counting

by Heikki Krogerus

This fixes potential "BUG: unable to handle kernel paging request at ..." from happening. Fixes: fde0aa6c175a ("usb: common: Small class for USB role switches") Cc: <stable(a)vger.kernel.org> Acked-by: Hans de Goede <hdegoede(a)redhat.com> Tested-by: Hans de Goede <hdegoede(a)redhat.com> Signed-off-by: Heikki Krogerus <heikki.krogerus(a)linux.intel.com> --- drivers/usb/common/roles.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/drivers/usb/common/roles.c b/drivers/usb/common/roles.c index 15cc76e22123..99116af07f1d 100644 --- a/drivers/usb/common/roles.c +++ b/drivers/usb/common/roles.c @@ -109,8 +109,15 @@ static void *usb_role_switch_match(struct device_connection *con, int ep, */ struct usb_role_switch *usb_role_switch_get(struct device *dev) { - return device_connection_find_match(dev, "usb-role-switch", NULL, - usb_role_switch_match); + struct usb_role_switch *sw; + + sw = device_connection_find_match(dev, "usb-role-switch", NULL, + usb_role_switch_match); + + if (!IS_ERR_OR_NULL(sw)) + WARN_ON(!try_module_get(sw->dev.parent->driver->owner)); + + return sw; } EXPORT_SYMBOL_GPL(usb_role_switch_get); @@ -122,8 +129,10 @@ EXPORT_SYMBOL_GPL(usb_role_switch_get); */ void usb_role_switch_put(struct usb_role_switch *sw) { - if (!IS_ERR_OR_NULL(sw)) + if (!IS_ERR_OR_NULL(sw)) { put_device(&sw->dev); + module_put(sw->dev.parent->driver->owner); + } } EXPORT_SYMBOL_GPL(usb_role_switch_put); -- 2.18.0

6 years, 7 months

2
1
0 0

Re: [PATCH] printk: Fix panic caused by passing log_buf_len to command line

by Sasha Levin

Hi, [This is an automated email] This commit has been processed because it contains a -stable tag. The stable tag indicates that it's relevant for the following trees: all The bot has tested the following trees: v4.18.8, v4.14.70, v4.9.127, v4.4.156, v3.18.122, v4.18.8: Build OK! v4.14.70: Build OK! v4.9.127: Build OK! v4.4.156: Build OK! v3.18.122: Build failed! Errors: Please let us know how to resolve this. -- Thanks, Sasha

6 years, 7 months

1
0
0 0

[GIT PULL] ring-buffer: Allow for rescheduling when removing pages

by Steven Rostedt

Linus (aka Greg), Vaibhav Nagarnaik found that modifying the ring buffer size could cause a huge latency in the system because it does a while loop to free pages without releasing the CPU (on non preempt kernels). In a case where there are hundreds of thousands of pages to free it could actually cause a system stall. A properly place cond_resched() solves this issue. Please pull the latest trace-v4.19-rc4 tree, which can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace.git trace-v4.19-rc4 Tag SHA1: 977e4fb3741e24151a255ee13bd4a1224545ae4e Head SHA1: 83f365554e47997ec68dc4eca3f5dce525cd15c3 Vaibhav Nagarnaik (1): ring-buffer: Allow for rescheduling when removing pages ---- kernel/trace/ring_buffer.c | 2 ++ 1 file changed, 2 insertions(+) --------------------------- commit 83f365554e47997ec68dc4eca3f5dce525cd15c3 Author: Vaibhav Nagarnaik <vnagarnaik(a)google.com> Date: Fri Sep 7 15:31:29 2018 -0700 ring-buffer: Allow for rescheduling when removing pages When reducing ring buffer size, pages are removed by scheduling a work item on each CPU for the corresponding CPU ring buffer. After the pages are removed from ring buffer linked list, the pages are free()d in a tight loop. The loop does not give up CPU until all pages are removed. In a worst case behavior, when lot of pages are to be freed, it can cause system stall. After the pages are removed from the list, the free() can happen while the work is rescheduled. Call cond_resched() in the loop to prevent the system hangup. Link: http://lkml.kernel.org/r/20180907223129.71994-1-vnagarnaik@google.com Cc: stable(a)vger.kernel.org Fixes: 83f40318dab00 ("ring-buffer: Make removal of ring buffer pages atomic") Reported-by: Jason Behmer <jbehmer(a)google.com> Signed-off-by: Vaibhav Nagarnaik <vnagarnaik(a)google.com> Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c index 1d92d4a982fd..65bd4616220d 100644 --- a/kernel/trace/ring_buffer.c +++ b/kernel/trace/ring_buffer.c @@ -1546,6 +1546,8 @@ rb_remove_pages(struct ring_buffer_per_cpu *cpu_buffer, unsigned long nr_pages) tmp_iter_page = first_page; do { + cond_resched(); + to_remove_page = tmp_iter_page; rb_inc_page(cpu_buffer, &tmp_iter_page);

6 years, 7 months

2
3
0 0

Interested in purchasing posts on your site

by Andy Macia

Hi There, Im reaching out to you because Im interested in purchasing a backlink from your site. The link will go to a high quality drug and alcohol rehabilitation information page. Ive made a short video explaining exactly what Im looking for: http://mtrack.me/tracking/raWzMz50paMkCGD1BQRlZGV5AwLzMKWjqzA2pzSaqaR9AGV4A… Ideally, the link will be placed in a relevant, existing post/page on your website. Please let me know your rates as soon as possible. Thank you for your time and consideration, Andy Macia (949) 467-1404 [Unsubscribe ] <http://mtrack.me/unsub/eng/raWzMz50paMkCGD1BQRlZGV5AwLzMKWjqzA2pzSaqaR9AGV4…>

6 years, 7 months

1
0
0 0

[PATCH 13/19] mtd: nand: pxa3xx: Fix READOOB implementation

by kostap＠marvell.com

From: Boris Brezillon <boris.brezillon(a)free-electrons.com> In the current driver, OOB bytes are accessed in raw mode, and when a page access is done with NDCR_SPARE_EN set and NDCR_ECC_EN cleared, the driver must read the whole spare area (64 bytes in case of a 2k page, 16 bytes for a 512 page). The driver was only reading the free OOB bytes, which was leaving some unread data in the FIFO and was somehow leading to a timeout. We could patch the driver to read ->spare_size + ->ecc_size instead of just ->spare_size when READOOB is requested, but we'd better make in-band and OOB accesses consistent. Since the driver is always accessing in-band data in non-raw mode (with the ECC engine enabled), we should also access OOB data in this mode. That's particularly useful when using the BCH engine because in this mode the free OOB bytes are also ECC protected. Fixes: 43bcfd2bb24a ("mtd: nand: pxa3xx: Add driver-specific ECC BCH support") Cc: stable(a)vger.kernel.org Reported-by: Sean Nyekjær <sean.nyekjaer(a)prevas.dk> Tested-by: Willy Tarreau <w(a)1wt.eu> Signed-off-by: Boris Brezillon <boris.brezillon(a)free-electrons.com> Acked-by: Ezequiel Garcia <ezequiel(a)vanguardiasur.com.ar> Tested-by: Sean Nyekjaer <sean.nyekjaer(a)prevas.dk> Acked-by: Robert Jarzmik <robert.jarzmik(a)free.fr> Signed-off-by: Richard Weinberger <richard(a)nod.at> Signed-off-by: Ofer Heifetz <oferh(a)marvell.com> Reviewed-by: Igal Liberman <igall(a)marvell.com> Cc: Stefan Roese <sr(a)denx.de> Cc: Simon Glass <sjg(a)chromium.org> --- drivers/mtd/nand/pxa3xx_nand.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/mtd/nand/pxa3xx_nand.c b/drivers/mtd/nand/pxa3xx_nand.c index b64dd0d..c1f7d61 100644 --- a/drivers/mtd/nand/pxa3xx_nand.c +++ b/drivers/mtd/nand/pxa3xx_nand.c @@ -750,6 +750,7 @@ static void prepare_start_command(struct pxa3xx_nand_info *info, int command) switch (command) { case NAND_CMD_READ0: + case NAND_CMD_READOOB: case NAND_CMD_PAGEPROG: info->use_ecc = 1; break; -- 2.7.4

6 years, 7 months

2
1
0 0

[PATCH 5/6] drm/i915: Fix intel_dp_mst_best_encoder()

by Lyude Paul

Currently, i915 appears to rely on blocking modesets on no-longer-present MSTB ports by simply returning NULL for ->best_encoder(), which in turn causes any new atomic commits that don't disable the CRTC to fail. This is wrong however, since we still want to allow userspace to disable CRTCs on no-longer-present MSTB ports by changing the DPMS state to off and this still requires that we retrieve an encoder. So, fix this by always returning a valid encoder regardless of the state of the MST port. Additionally, make intel_dp_mst_atomic_check() simply rely on drm_dp_mst_connector_atomic_check() to prevent new modesets on no-longer-present MSTB ports. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org --- drivers/gpu/drm/i915/intel_dp_mst.c | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/drivers/gpu/drm/i915/intel_dp_mst.c b/drivers/gpu/drm/i915/intel_dp_mst.c index a366f32b048a..2b798d4592f0 100644 --- a/drivers/gpu/drm/i915/intel_dp_mst.c +++ b/drivers/gpu/drm/i915/intel_dp_mst.c @@ -106,14 +106,21 @@ static bool intel_dp_mst_compute_config(struct intel_encoder *encoder, } static int intel_dp_mst_atomic_check(struct drm_connector *connector, - struct drm_connector_state *new_conn_state) + struct drm_connector_state *new_conn_state) { struct drm_atomic_state *state = new_conn_state->state; struct drm_connector_state *old_conn_state; struct drm_crtc *old_crtc; struct drm_crtc_state *crtc_state; + struct drm_dp_mst_topology_mgr *mgr = + &to_intel_connector(connector)->mst_port->mst_mgr; int slots, ret = 0; + ret = drm_dp_mst_connector_atomic_check(connector, new_conn_state, + mgr); + if (ret) + return ret; + old_conn_state = drm_atomic_get_old_connector_state(state, connector); old_crtc = old_conn_state->crtc; if (!old_crtc) @@ -122,12 +129,6 @@ static int intel_dp_mst_atomic_check(struct drm_connector *connector, crtc_state = drm_atomic_get_new_crtc_state(state, old_crtc); slots = to_intel_crtc_state(crtc_state)->dp_m_n.tu; if (drm_atomic_crtc_needs_modeset(crtc_state) && slots > 0) { - struct drm_dp_mst_topology_mgr *mgr; - struct drm_encoder *old_encoder; - - old_encoder = old_conn_state->best_encoder; - mgr = &enc_to_mst(old_encoder)->primary->dp.mst_mgr; - ret = drm_dp_atomic_release_vcpi_slots(state, mgr, slots); if (ret) DRM_DEBUG_KMS("failed releasing %d vcpi slots:%d\n", slots, ret); @@ -407,8 +408,6 @@ static struct drm_encoder *intel_mst_atomic_best_encoder(struct drm_connector *c struct intel_dp *intel_dp = intel_connector->mst_port; struct intel_crtc *crtc = to_intel_crtc(state->crtc); - if (intel_connector->mst_port_gone) - return NULL; return &intel_dp->mst_encoders[crtc->pipe]->base.base; } -- 2.17.1

6 years, 7 months

1
0
0 0

[PATCH 4/6] drm/i915: Skip vcpi allocation for MSTB ports that are gone

by Lyude Paul

Since we need to be able to allow DPMS on->off prop changes after an MST port has disappeared from the system, we need to be able to make sure we can compute a config for the resulting atomic commit. Currently this is impossible when the port has disappeared, since the VCPI slot searching we try to do in intel_dp_mst_compute_config() will fail with -EINVAL. Since the only commits we want to allow on no-longer-present MST ports are ones that shut off display hardware, we already know that no VCPI allocations are needed. So, hardcode the VCPI slot count to 0 when intel_dp_mst_compute_config() is called on an MST port that's gone. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org --- drivers/gpu/drm/i915/intel_dp_mst.c | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/drivers/gpu/drm/i915/intel_dp_mst.c b/drivers/gpu/drm/i915/intel_dp_mst.c index fcb9b87b9339..a366f32b048a 100644 --- a/drivers/gpu/drm/i915/intel_dp_mst.c +++ b/drivers/gpu/drm/i915/intel_dp_mst.c @@ -42,7 +42,7 @@ static bool intel_dp_mst_compute_config(struct intel_encoder *encoder, to_intel_connector(conn_state->connector); struct drm_atomic_state *state = pipe_config->base.state; int bpp; - int lane_count, slots; + int lane_count, slots = 0; const struct drm_display_mode *adjusted_mode = &pipe_config->base.adjusted_mode; int mst_pbn; bool reduce_m_n = drm_dp_has_quirk(&intel_dp->desc, @@ -76,11 +76,16 @@ static bool intel_dp_mst_compute_config(struct intel_encoder *encoder, mst_pbn = drm_dp_calc_pbn_mode(adjusted_mode->crtc_clock, bpp); pipe_config->pbn = mst_pbn; - slots = drm_dp_atomic_find_vcpi_slots(state, &intel_dp->mst_mgr, - connector->port, mst_pbn); - if (slots < 0) { - DRM_DEBUG_KMS("failed finding vcpi slots:%d\n", slots); - return false; + if (!connector->mst_port_gone) { + slots = drm_dp_atomic_find_vcpi_slots(state, + &intel_dp->mst_mgr, + connector->port, + mst_pbn); + if (slots < 0) { + DRM_DEBUG_KMS("failed finding vcpi slots:%d\n", + slots); + return false; + } } intel_link_compute_m_n(bpp, lane_count, -- 2.17.1

6 years, 7 months

1
0
0 0

[PATCH 2/6] drm/nouveau: Unbreak nv50_mstc->best_encoder()

by Lyude Paul

As mentioned in the previous commit, we currently prevent new modesets on recently-removed MST connectors by returning no encoder from our ->best_encoder() callback once the MST port has disappeared. This is wrong however, because it prevents legacy modesetting users from being able to disable CRTCs on MST connectors after the connector's respective topology has disappeared. So, fix this by instead using the new drm_dp_mst_connector_atomic_check() helper instead while always returning a valid encoder from ->best_encoder(). Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org --- drivers/gpu/drm/nouveau/dispnv50/disp.c | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/drivers/gpu/drm/nouveau/dispnv50/disp.c b/drivers/gpu/drm/nouveau/dispnv50/disp.c index 9da0bdfe1e1c..8d6f6ee9bc75 100644 --- a/drivers/gpu/drm/nouveau/dispnv50/disp.c +++ b/drivers/gpu/drm/nouveau/dispnv50/disp.c @@ -881,22 +881,16 @@ nv50_mstc_atomic_best_encoder(struct drm_connector *connector, { struct nv50_head *head = nv50_head(connector_state->crtc); struct nv50_mstc *mstc = nv50_mstc(connector); - if (mstc->port) { - struct nv50_mstm *mstm = mstc->mstm; - return &mstm->msto[head->base.index]->encoder; - } - return NULL; + + return &mstc->mstm->msto[head->base.index]->encoder; } static struct drm_encoder * nv50_mstc_best_encoder(struct drm_connector *connector) { struct nv50_mstc *mstc = nv50_mstc(connector); - if (mstc->port) { - struct nv50_mstm *mstm = mstc->mstm; - return &mstm->msto[0]->encoder; - } - return NULL; + + return &mstc->mstm->msto[0]->encoder; } static enum drm_mode_status @@ -926,10 +920,21 @@ nv50_mstc_get_modes(struct drm_connector *connector) return ret; } +static int +nv50_mstc_atomic_check(struct drm_connector *connector, + struct drm_connector_state *state) +{ + struct nv50_mstc *mstc = nv50_mstc(connector); + + return drm_dp_mst_connector_atomic_check(connector, state, + &mstc->mstm->mgr); +} + static const struct drm_connector_helper_funcs nv50_mstc_help = { .get_modes = nv50_mstc_get_modes, .mode_valid = nv50_mstc_mode_valid, + .atomic_check = nv50_mstc_atomic_check, .best_encoder = nv50_mstc_best_encoder, .atomic_best_encoder = nv50_mstc_atomic_best_encoder, }; -- 2.17.1

6 years, 7 months

1
0
0 0

[PATCH v5 0/7] mm: Merge hmm into devm_memremap_pages, mark GPL-only

by Dan Williams

Changes since v4 [1]: * Rebase on v4.19-rc3 * Update changelogs and cover letter [1]: https://lkml.org/lkml/2018/7/11/14 --- Hi Andrew, Back from vacation and this series is still top of mind. devm_memremap_pages() is a facility that can create struct page entries for any arbitrary range and give drivers the ability to subvert core aspects of page management. It, and anything derived from it (e.g. hmm, pcip2p, etc...), is an EXPORT_SYMBOL_GPL() interface. I see that commit 31c5bda3a656 "mm: fix exports that inadvertently make put_page() EXPORT_SYMBOL_GPL" was merged ahead of this series to relieve some of the pressure from innocent consumers of put_page(), but now we need this series to address *producers* of device pages. More details and justification in the changelogs. The 0day infrastructure has reported success across 182 configs and this survives the libnvdimm unit test suite. Aside from the controversial bits the diffstat is compelling at: 7 files changed, 138 insertions(+), 328 deletions(-). Note that the series has some minor collisions with Alex's recent series to improve devm_memremap_pages() scalability [2]. So, whichever you take first the other will need a minor rebase. [2]: https://www.lkml.org/lkml/2018/9/11/10 --- Dan Williams (7): mm, devm_memremap_pages: Mark devm_memremap_pages() EXPORT_SYMBOL_GPL mm, devm_memremap_pages: Kill mapping "System RAM" support mm, devm_memremap_pages: Fix shutdown handling mm, devm_memremap_pages: Add MEMORY_DEVICE_PRIVATE support mm, hmm: Use devm semantics for hmm_devmem_{add,remove} mm, hmm: Replace hmm_devmem_pages_create() with devm_memremap_pages() mm, hmm: Mark hmm_devmem_{add,add_resource} EXPORT_SYMBOL_GPL drivers/dax/pmem.c | 15 -- drivers/nvdimm/pmem.c | 18 +- include/linux/hmm.h | 4 include/linux/memremap.h | 7 + kernel/memremap.c | 98 ++++++++---- mm/hmm.c | 303 +++++-------------------------------- tools/testing/nvdimm/test/iomap.c | 21 ++- 7 files changed, 138 insertions(+), 328 deletions(-)

6 years, 7 months

3
4
0 0

[PATCH v3] tpm: Restore functionality to xen vtpm driver.

by Boris Ostrovsky

From: "Dr. Greg Wettstein" <greg(a)wind.enjellic.com> Functionality of the xen-tpmfront driver was lost secondary to the introduction of xenbus multi-page support in commit ccc9d90a9a8b ("xenbus_client: Extend interface to support multi-page ring"). In this commit pointer to location of where the shared page address is stored was being passed to the xenbus_grant_ring() function rather then the address of the shared page itself. This resulted in a situation where the driver would attach to the vtpm-stubdom but any attempt to send a command to the stub domain would timeout. A diagnostic finding for this regression is the following error message being generated when the xen-tpmfront driver probes for a device: <3>vtpm vtpm-0: tpm_transmit: tpm_send: error -62 <3>vtpm vtpm-0: A TPM error (-62) occurred attempting to determine the timeouts This fix is relevant to all kernels from 4.1 forward which is the release in which multi-page xenbus support was introduced. Daniel De Graaf formulated the fix by code inspection after the regression point was located. Fixes: ccc9d90a9a8b ("xenbus_client: Extend interface to support multi-page ring") Signed-off-by: Dr. Greg Wettstein <greg(a)enjellic.com> [boris: Updated commit message, added Fixes tag] Signed-off-by: Boris Ostrovsky <boris.ostrovsky(a)oracle.com> Cc: stable(a)vger.kernel.org # v4.1+ --- drivers/char/tpm/xen-tpmfront.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/char/tpm/xen-tpmfront.c b/drivers/char/tpm/xen-tpmfront.c index 911475d36800..b150f87f38f5 100644 --- a/drivers/char/tpm/xen-tpmfront.c +++ b/drivers/char/tpm/xen-tpmfront.c @@ -264,7 +264,7 @@ static int setup_ring(struct xenbus_device *dev, struct tpm_private *priv) return -ENOMEM; } - rv = xenbus_grant_ring(dev, &priv->shr, 1, &gref); + rv = xenbus_grant_ring(dev, priv->shr, 1, &gref); if (rv < 0) return rv; -- 2.17.1

6 years, 7 months

2
1
0 0

[PATCH 4.18 000/158] 4.18.9-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.18.9 release. There are 158 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed Sep 19 21:16:14 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.18.9-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.18.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.18.9-rc1 Linus Torvalds <torvalds(a)linux-foundation.org> mm: get rid of vmacache_flush_all() entirely Ian Kent <raven(a)themaw.net> autofs: fix autofs_sbi() does not check super block type Peter Zijlstra <peterz(a)infradead.org> clocksource: Revert "Remove kthread" Parav Pandit <parav(a)mellanox.com> RDMA/cma: Do not ignore net namespace for unbound cm_id Quentin Schulz <quentin.schulz(a)bootlin.com> MIPS: mscc: ocelot: fix length of memory address space for MIIM Paul Burton <paul.burton(a)mips.com> MIPS: WARN_ON invalid DMA cache maintenance, not BUG_ON Lijun Ou <oulijun(a)huawei.com> RDMA/hns: Update the data type of immediate data Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4.1: Fix a potential layoutget/layoutrecall deadlock Lijun Ou <oulijun(a)huawei.com> RDMA/hns: Add illegal hop_num judgement Chao Yu <yuchao0(a)huawei.com> f2fs: fix to do sanity check with extra_attr feature Chao Yu <yuchao0(a)huawei.com> f2fs: fix to propagate return value of scan_nat_page() Chao Yu <yuchao0(a)huawei.com> f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize Zumeng Chen <zumeng.chen(a)gmail.com> mfd: ti_am335x_tscadc: Fix struct clk memory leak Geert Uytterhoeven <geert+renesas(a)glider.be> iommu/ipmmu-vmsa: Fix allocation in atomic context Andrey Smirnov <andrew.smirnov(a)gmail.com> mfd: rave-sp: Initialize flow control and parity of the port Chao Yu <yuchao0(a)huawei.com> f2fs: fix to do sanity check with secs_per_zone Jaegeuk Kim <jaegeuk(a)kernel.org> f2fs: avoid potential deadlock in f2fs_sbi_store Brad Love <brad(a)nextdimension.cc> media: em28xx: Fix DualHD disconnect oops Dan Carpenter <dan.carpenter(a)oracle.com> f2fs: Fix uninitialized return in f2fs_ioc_shutdown() Chao Yu <yuchao0(a)huawei.com> f2fs: fix to wait on page writeback before updating page Will Deacon <will.deacon(a)arm.com> iommu/arm-smmu-v3: Abort all transactions if SMMU is enabled in kdump kernel Brad Love <brad(a)nextdimension.cc> media: em28xx: Fix dual transport stream operation Anthony Koo <Anthony.Koo(a)amd.com> drm/amd/display: Prevent PSR from being enabled if initialization fails Katsuhiro Suzuki <suzuki.katsuhiro(a)socionext.com> media: helene: fix xtal frequency setting at power on Niklas Söderlund <niklas.soderlund+renesas(a)ragnatech.se> media: rcar-csi2: update stream start for V3M Mauricio Faria de Oliveira <mfo(a)canonical.com> partitions/aix: fix usage of uninitialized lv_info and lvname structures Mauricio Faria de Oliveira <mfo(a)canonical.com> partitions/aix: append null character to print data from disk Sylwester Nawrocki <s.nawrocki(a)samsung.com> media: s5p-mfc: Fix buffer look up in s5p_mfc_handle_frame_{new, copy_time} functions Nick Dyer <nick.dyer(a)itdev.co.uk> Input: atmel_mxt_ts - only use first T9 instance John Pittman <jpittman(a)redhat.com> dm cache: only allow a single io_mode cache feature to be requested Petr Machata <petrm(a)mellanox.com> net: dcb: For wild-card lookups, use priority -1, not 0 Marc Zyngier <marc.zyngier(a)arm.com> thermal_hwmon: Sanitize attribute name passed to hwmon Simon Horman <horms+renesas(a)verge.net.au> thermal: rcar_thermal: avoid NULL dereference in absence of IRQ resources Nicholas Mc Guire <hofrat(a)osadl.org> MIPS: generic: fix missing of_node_put() Nicholas Mc Guire <hofrat(a)osadl.org> MIPS: Octeon: add missing of_node_put() Chao Yu <yuchao0(a)huawei.com> f2fs: fix to do sanity check with reserved blkaddr of inline inode Peter Rosin <peda(a)axentia.se> tpm/tpm_i2c_infineon: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) Linus Walleij <linus.walleij(a)linaro.org> tpm_tis_spi: Pass the SPI IRQ down to the driver Chao Yu <yuchao0(a)huawei.com> f2fs: fix to skip GC if type in SSA and SIT is inconsistent Jinbum Park <jinb.park7(a)gmail.com> pktcdvd: Fix possible Spectre-v1 for pkt_devs Chao Yu <yuchao0(a)huawei.com> f2fs: try grabbing node page lock aggressively in sync scenario Yelena Krivosheev <yelena(a)marvell.com> net: mvneta: fix mtu change on port without link Daniel Kurtz <djkurtz(a)chromium.org> pinctrl/amd: only handle irq if it is pending and unmasked Anton Vasilyev <vasilyev(a)ispras.ru> gpio: ml-ioh: Fix buffer underwrite on probe error path Daniel Mack <daniel(a)zonque.org> gpio: pxa: disable pinctrl calls for PXA3xx Dan Carpenter <dan.carpenter(a)oracle.com> pinctrl: imx: off by one in imx_pinconf_group_dbg_show() Anton Vasilyev <vasilyev(a)ispras.ru> regulator: tps65217: Fix NULL pointer dereference on probe Joerg Roedel <jroedel(a)suse.de> x86/mm: Remove in_nmi() warning from vmalloc_fault() Marcel Holtmann <marcel(a)holtmann.org> Bluetooth: hidp: Fix handling of strncpy for hid->name information Michael Ellerman <mpe(a)ellerman.id.au> powerpc/mm: Don't report PUDs as memory leaks when using kmemleak Lorenzo Pieralisi <lorenzo.pieralisi(a)arm.com> PCI: mobiveil: Fix struct mobiveil_pcie.pcie_reg_base address type Lorenzo Pieralisi <lorenzo.pieralisi(a)arm.com> PCI: mobiveil: Add missing ../pci.h include Robert Schlabbach <Robert.Schlabbach(a)gmx.net> media: em28xx: explicitly disable TS packet filter Surabhi Vishnoi <svishnoi(a)codeaurora.org> ath10k: disable bundle mgmt tx completion event support Huaisheng Ye <yehs1(a)lenovo.com> tools/testing/nvdimm: kaddr and pfn can be NULL to ->direct_access() Anton Vasilyev <vasilyev(a)ispras.ru> scsi: 3ware: fix return 0 on the error path of probe Calum Mackay <calum.mackay(a)oracle.com> nfs: Referrals not inheriting proto setting from parent Srinivas Pandruvada <srinivas.pandruvada(a)linux.intel.com> ata: libahci: Correct setting of DEVSLP register Srinivas Pandruvada <srinivas.pandruvada(a)linux.intel.com> ata: libahci: Allow reconfigure of DEVSLP register Paul Burton <paul.burton(a)mips.com> MIPS: Fix ISA virt/bus conversion for non-zero PHYS_OFFSET Mike Christie <mchristi(a)redhat.com> scsi: tcmu: do not set max_blocks if data_bitmap has been setup Miquel Raynal <miquel.raynal(a)bootlin.com> mtd: rawnand: make subop helpers return unsigned values Srinivas Kandagatla <srinivas.kandagatla(a)linaro.org> rpmsg: core: add support to power domains for devices Loic Poulain <loic.poulain(a)linaro.org> wlcore: Set rx_status boottime_ns field on rx Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath10k: prevent active scans on potential unusable channels Felix Fietkau <nbd(a)nbd.name> ath9k_hw: fix channel maximum power level test Felix Fietkau <nbd(a)nbd.name> ath9k: report tx status on EOSP Thomas Richter <tmricht(a)linux.ibm.com> perf build: Fix installation directory for eBPF Finn Thain <fthain(a)telegraphics.com.au> macintosh/via-pmu: Add missing mmio accessors Sam Bobroff <sbobroff(a)linux.ibm.com> powerpc/pseries: fix EEH recovery of some IOV devices Kan Liang <kan.liang(a)linux.intel.com> perf evlist: Fix error out while applying initial delay and LBR Jiri Olsa <jolsa(a)kernel.org> perf c2c report: Fix crash for empty browser Olga Kornievskaia <kolga(a)netapp.com> NFSv4.0 fix client reference leak in callback Stefan Hajnoczi <stefanha(a)redhat.com> device-dax: avoid hang on error before devm_memremap_pages() Christophe Leroy <christophe.leroy(a)c-s.fr> perf tools: Allow overriding MAX_NR_CPUS at compile time Akshu Agrawal <akshu.agrawal(a)amd.com> ASoC: soc-pcm: Use delay set in component pointer function Chao Yu <yuchao0(a)huawei.com> f2fs: fix to detect looped node chain correctly Randy Dunlap <rdunlap(a)infradead.org> f2fs: fix defined but not used build warnings Yunlong Song <yunlong.song(a)huawei.com> f2fs: issue discard align to section in LFS mode Daniel Rosenberg <drosen(a)google.com> f2fs: Keep alloc_valid_block_count in sync Yunlong Song <yunlong.song(a)huawei.com> f2fs: do not set free of current section Chao Yu <yuchao0(a)huawei.com> f2fs: fix to active page in lru list for read path Denis Drozdov <denisd(a)mellanox.com> IB/IPoIB: Set ah valid flag in multicast send flow Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> iwlwifi: pcie: don't access periphery registers when not available Xiubo Li <xiubli(a)redhat.com> uio: fix possible circular locking dependency Anton Vasilyev <vasilyev(a)ispras.ru> tty: rocket: Fix possible buffer overwrite on register_PCI Michael Kelley <mikelley(a)microsoft.com> Drivers: hv: vmbus: Cleanup synic memory free path Anton Vasilyev <vasilyev(a)ispras.ru> firmware: vpd: Fix section enabled flag on vpd_section_destroy Dan Carpenter <dan.carpenter(a)oracle.com> uio: potential double frees if __uio_register_device() fails Anton Vasilyev <vasilyev(a)ispras.ru> misc: ti-st: Fix memory leak in the error path of probe() Philipp Zabel <p.zabel(a)pengutronix.de> gpu: ipu-v3: default to id 0 on missing OF alias Todor Tomov <todor.tomov(a)linaro.org> media: camss: csid: Configure data type and decode format properly Gaurav Kohli <gkohli(a)codeaurora.org> timers: Clear timer_base::must_forward_clk with timer_base::lock held BingJing Chang <bingjingc(a)synology.com> md/raid5: fix data corruption of replacements after originals dropped Mike Christie <mchristi(a)redhat.com> scsi: target: fix __transport_register_session locking James Smart <jsmart2021(a)gmail.com> scsi: lpfc: Fix driver crash when re-registering NVME rports. Ming Lei <ming.lei(a)redhat.com> blk-mq: fix updating tags depth Amit Daniel Kachhap <amit.kachhap(a)arm.com> clk: scmi: Fix the rounding of clock rate Quinn Tran <quinn.tran(a)cavium.com> scsi: qla2xxx: Silent erroneous message Quinn Tran <quinn.tran(a)cavium.com> scsi: qla2xxx: Fix session state stuck in Get Port DB Quinn Tran <quinn.tran(a)cavium.com> scsi: qla2xxx: Fix unintended Logout Arun Parameswaran <arun.parameswaran(a)broadcom.com> net: phy: Fix the register offsets in Broadcom iProc mdio mux driver Anton Vasilyev <vasilyev(a)ispras.ru> media: dw2102: Fix memleak on sequence of probes Anton Vasilyev <vasilyev(a)ispras.ru> media: davinci: vpif_display: Mix memory leak on probe error path Roman Gushchin <guro(a)fb.com> selftests/bpf: fix a typo in map in map test Guenter Roeck <linux(a)roeck-us.net> powerpc/4xx: Fix error return path in ppc4xx_msi_probe() Reza Arbab <arbab(a)linux.ibm.com> powerpc/powernv: Fix concurrency issue with npu->mmio_atsd_usage Dmitry Osipenko <digetx(a)gmail.com> gpio: tegra: Move driver registration to subsys_init level YueHaibing <yuehaibing(a)huawei.com> pinctrl: berlin: fix 'pctrl->functions' allocation in berlin_pinctrl_build_state Johan Hedberg <johan.hedberg(a)intel.com> Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV Jae Hyun Yoo <jae.hyun.yoo(a)linux.intel.com> i2c: aspeed: Add an explicit type casting for *get_clk_reg_val Florian Fainelli <f.fainelli(a)gmail.com> ethtool: Remove trailing semicolon for static inline Alexandru Gagniuc <mr.nuke.me(a)gmail.com> ALSA: hda/realtek - Add mute LED quirk for HP Spectre x360 Dan Carpenter <dan.carpenter(a)oracle.com> misc: mic: SCIF Fix scif_get_new_port() error handling Vlad Buslov <vladbu(a)mellanox.com> tc-testing: remove duplicate spaces in connmark match patterns Vlad Buslov <vladbu(a)mellanox.com> tc-testing: flush gact actions on test teardown Alexey Brodkin <abrodkin(a)synopsys.com> ARC: [plat-axs*]: Enable SWAP Gustavo A. R. Silva <gustavo(a)embeddedor.com> switchtec: Fix Spectre v1 vulnerability Thomas Gleixner <tglx(a)linutronix.de> x86/apic/vector: Make error return value negative Jann Horn <jannh(a)google.com> x86/process: Don't mix user/kernel regs in 64bit __show_regs() Filippo Sironi <sironi(a)amazon.de> x86/microcode: Update the new microcode revision unconditionally Prarit Bhargava <prarit(a)redhat.com> x86/microcode: Make sure boot_cpu_data.microcode is up-to-date Thomas Gleixner <tglx(a)linutronix.de> cpu/hotplug: Prevent state corruption on error rollback Neeraj Upadhyay <neeraju(a)codeaurora.org> cpu/hotplug: Adjust misplaced smb() in cpuhp_thread_fun() Takashi Iwai <tiwai(a)suse.de> ALSA: hda - Fix cancel_work_sync() stall from jackpoll work Bartosz Golaszewski <bgolaszewski(a)baylibre.com> memory: ti-aemif: fix a potential NULL-pointer dereference Zhang Rui <rui.zhang(a)intel.com> ACPI / LPSS: Force LPSS quirks on boot Alexey Brodkin <abrodkin(a)synopsys.com> ARC: [plat-axs*/plat-hsdk]: Allow U-Boot to pass MAC-address to the kernel Sean Christopherson <sean.j.christopherson(a)intel.com> KVM: x86: Do not re-{try,execute} after failed emulation in L2 Sean Christopherson <sean.j.christopherson(a)intel.com> KVM: x86: Default to not allowing emulation retry in kvm_mmu_page_fault Sean Christopherson <sean.j.christopherson(a)intel.com> KVM: x86: Merge EMULTYPE_RETRY and EMULTYPE_ALLOW_REEXECUTE Sean Christopherson <sean.j.christopherson(a)intel.com> KVM: x86: Invert emulation re-execute behavior to make it opt-in Sean Christopherson <sean.j.christopherson(a)intel.com> KVM: VMX: Do not allow reexecute_instruction() when skipping MMIO instr Sean Christopherson <sean.j.christopherson(a)intel.com> KVM: x86: SVM: Set EMULTYPE_NO_REEXECUTE for RSM emulation Pierre Morel <pmorel(a)linux.ibm.com> KVM: s390: vsie: copy wrapping keys to right place Paul Mackerras <paulus(a)ozlabs.org> KVM: PPC: Book3S HV: Use correct pagesize in kvm_unmap_radix() Marc Zyngier <marc.zyngier(a)arm.com> KVM: arm/arm64: Clean dcache to PoC when changing PTE due to CoW Marc Zyngier <marc.zyngier(a)arm.com> arm64: KVM: Only force FPEXC32_EL2.EN if trapping FPSIMD Filipe Manana <fdmanana(a)suse.com> Btrfs: fix data corruption when deduplicating between different files Lu Fengqi <lufq.fnst(a)cn.fujitsu.com> btrfs: fix qgroup_free wrong num_bytes in btrfs_subvolume_reserve_metadata Thomas Werschlein <thomas.werschlein(a)geo.uzh.ch> cifs: connect to servername instead of IP for IPC$ share Steve French <stfrench(a)microsoft.com> smb3: check for and properly advertise directory lease support Steve French <stfrench(a)microsoft.com> SMB3: Backup intent flag missing for directory opens with backupuid mounts Paul Burton <paul.burton(a)mips.com> MIPS: VDSO: Match data page cache colouring when D$ aliases Minchan Kim <minchan(a)kernel.org> android: binder: fix the race mmap and alloc_new_buf_locked Konstantin Khlebnikov <khlebnikov(a)yandex-team.ru> block: bfq: swap puts in bfqg_and_blkg_put Mikulas Patocka <mpatocka(a)redhat.com> block: don't warn when doing fsync on read-only devices Jens Axboe <axboe(a)kernel.dk> nbd: don't allow invalid blocksize settings James Smart <jsmart2021(a)gmail.com> scsi: lpfc: Correct MDS diag and nvmet configuration Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> mac80211: don't update the PM state of a peer upon a multicast frame Mikhail Zaslonko <zaslonko(a)linux.ibm.com> memory_hotplug: fix kernel_panic on offline page processing Aneesh Kumar K.V <aneesh.kumar(a)linux.ibm.com> mm/hugetlb: filter out hugetlb pages if HUGEPAGE migration is not supported. Stefan Agner <stefan(a)agner.ch> HID: input: fix leaking custom input node name AceLan Kao <acelan.kao(a)canonical.com> HID: i2c-hid: Fix flooded incomplete report after S3 on Rayd touchscreen Benjamin Tissoires <benjamin.tissoires(a)redhat.com> HID: core: fix grouping by application Benjamin Tissoires <benjamin.tissoires(a)redhat.com> HID: multitouch: fix Elan panels with 2 input modes declaration Felipe Balbi <felipe.balbi(a)linux.intel.com> i2c: i801: fix DNV's SMBCTRL register offset Shubhrajyoti Datta <shubhrajyoti.datta(a)xilinx.com> i2c: xiic: Make the start and the byte count write atomic ------------- Diffstat: Makefile | 4 +- arch/arc/boot/dts/axs10x_mb.dtsi | 7 ++- arch/arc/boot/dts/hsdk.dts | 7 ++- arch/arc/configs/axs101_defconfig | 1 - arch/arc/configs/axs103_defconfig | 1 - arch/arc/configs/axs103_smp_defconfig | 1 - arch/arm64/kvm/hyp/switch.c | 9 ++- arch/mips/boot/dts/mscc/ocelot.dtsi | 2 +- arch/mips/cavium-octeon/octeon-platform.c | 2 + arch/mips/generic/init.c | 1 + arch/mips/include/asm/io.h | 8 +-- arch/mips/kernel/vdso.c | 20 ++++++ arch/mips/mm/c-r4k.c | 6 +- arch/powerpc/include/asm/book3s/64/pgalloc.h | 23 ++++++- arch/powerpc/kvm/book3s_64_mmu_radix.c | 6 +- arch/powerpc/platforms/4xx/msi.c | 51 ++++++++------- arch/powerpc/platforms/powernv/npu-dma.c | 5 +- arch/powerpc/platforms/pseries/setup.c | 25 +++++--- arch/s390/kvm/vsie.c | 3 +- arch/x86/include/asm/kdebug.h | 12 +++- arch/x86/include/asm/kvm_host.h | 16 +++-- arch/x86/kernel/apic/vector.c | 2 +- arch/x86/kernel/cpu/microcode/amd.c | 24 ++++--- arch/x86/kernel/cpu/microcode/intel.c | 17 +++-- arch/x86/kernel/dumpstack.c | 11 +--- arch/x86/kernel/process_32.c | 4 +- arch/x86/kernel/process_64.c | 12 +++- arch/x86/kvm/mmu.c | 21 +++++-- arch/x86/kvm/svm.c | 4 +- arch/x86/kvm/vmx.c | 4 +- arch/x86/kvm/x86.c | 10 ++- arch/x86/mm/fault.c | 2 - block/bfq-cgroup.c | 4 +- block/blk-core.c | 5 +- block/blk-mq-tag.c | 8 +-- block/partitions/aix.c | 13 ++-- drivers/acpi/acpi_lpss.c | 2 +- drivers/android/binder_alloc.c | 43 ++++++++++--- drivers/ata/libahci.c | 20 +++--- drivers/base/memory.c | 20 +++--- drivers/block/nbd.c | 3 + drivers/block/pktcdvd.c | 4 +- drivers/bluetooth/Kconfig | 1 + drivers/char/tpm/tpm_i2c_infineon.c | 8 +-- drivers/char/tpm/tpm_tis_spi.c | 9 ++- drivers/clk/clk-scmi.c | 5 +- drivers/dax/pmem.c | 12 ++-- drivers/firmware/google/vpd.c | 5 +- drivers/gpio/gpio-ml-ioh.c | 3 +- drivers/gpio/gpio-pxa.c | 35 ++++++++--- drivers/gpio/gpio-tegra.c | 2 +- drivers/gpu/drm/amd/display/dc/dce/dce_dmcu.c | 38 ++++++----- drivers/gpu/drm/amd/display/dc/inc/hw/dmcu.h | 2 +- drivers/gpu/ipu-v3/ipu-common.c | 2 + drivers/hid/hid-ids.h | 1 + drivers/hid/hid-input.c | 5 +- drivers/hid/hid-multitouch.c | 19 +++++- drivers/hid/i2c-hid/i2c-hid.c | 2 + drivers/hv/hv.c | 14 +++-- drivers/i2c/busses/i2c-aspeed.c | 2 +- drivers/i2c/busses/i2c-i801.c | 7 ++- drivers/i2c/busses/i2c-xiic.c | 4 ++ drivers/infiniband/core/cma.c | 13 +++- drivers/infiniband/hw/hns/hns_roce_hem.c | 3 + drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 12 ++-- drivers/infiniband/hw/hns/hns_roce_hw_v2.h | 6 +- drivers/infiniband/ulp/ipoib/ipoib_multicast.c | 1 + drivers/input/touchscreen/atmel_mxt_ts.c | 7 ++- drivers/iommu/arm-smmu-v3.c | 22 +++++-- drivers/iommu/ipmmu-vmsa.c | 9 ++- drivers/macintosh/via-pmu.c | 9 +-- drivers/md/dm-cache-target.c | 19 ++++-- drivers/md/raid5.c | 6 ++ drivers/media/dvb-frontends/helene.c | 5 +- drivers/media/platform/davinci/vpif_display.c | 24 ++++--- .../media/platform/qcom/camss-8x16/camss-csid.c | 16 +++-- drivers/media/platform/rcar-vin/rcar-csi2.c | 20 ++++-- drivers/media/platform/s5p-mfc/s5p_mfc.c | 23 +++---- drivers/media/usb/dvb-usb/dw2102.c | 19 ++++-- drivers/media/usb/em28xx/em28xx-cards.c | 4 +- drivers/media/usb/em28xx/em28xx-core.c | 4 +- drivers/media/usb/em28xx/em28xx-dvb.c | 4 +- drivers/memory/ti-aemif.c | 2 +- drivers/mfd/rave-sp.c | 7 +++ drivers/mfd/ti_am335x_tscadc.c | 3 +- drivers/misc/mic/scif/scif_api.c | 20 +++--- drivers/misc/ti-st/st_kim.c | 4 +- drivers/mtd/nand/raw/nand_base.c | 44 ++++++------- drivers/net/ethernet/marvell/mvneta.c | 1 - drivers/net/phy/mdio-mux-bcm-iproc.c | 20 ++++-- drivers/net/wireless/ath/ath10k/mac.c | 7 +++ drivers/net/wireless/ath/ath10k/wmi-tlv.c | 5 ++ drivers/net/wireless/ath/ath10k/wmi-tlv.h | 5 ++ drivers/net/wireless/ath/ath9k/hw.c | 7 ++- drivers/net/wireless/ath/ath9k/xmit.c | 3 +- drivers/net/wireless/intel/iwlwifi/pcie/drv.c | 4 ++ drivers/net/wireless/intel/iwlwifi/pcie/trans.c | 24 +++---- drivers/net/wireless/ti/wlcore/rx.c | 8 ++- drivers/pci/controller/pcie-mobiveil.c | 4 +- drivers/pci/switch/switchtec.c | 4 ++ drivers/pinctrl/berlin/berlin.c | 14 +++-- drivers/pinctrl/freescale/pinctrl-imx.c | 2 +- drivers/pinctrl/pinctrl-amd.c | 3 +- drivers/regulator/tps65217-regulator.c | 2 + drivers/rpmsg/rpmsg_core.c | 7 +++ drivers/scsi/3w-9xxx.c | 6 +- drivers/scsi/3w-sas.c | 3 + drivers/scsi/3w-xxxx.c | 2 + drivers/scsi/lpfc/lpfc.h | 2 +- drivers/scsi/lpfc/lpfc_nvme.c | 22 ++++--- drivers/scsi/qla2xxx/qla_init.c | 9 ++- drivers/scsi/qla2xxx/qla_target.c | 3 +- drivers/scsi/qla2xxx/qla_tmpl.c | 9 +++ drivers/target/target_core_transport.c | 5 +- drivers/target/target_core_user.c | 73 ++++++++++++---------- drivers/thermal/rcar_thermal.c | 2 +- drivers/thermal/thermal_hwmon.c | 1 + drivers/tty/rocket.c | 2 +- drivers/uio/uio.c | 19 +++--- fs/autofs/autofs_i.h | 4 +- fs/autofs/inode.c | 1 - fs/btrfs/extent-tree.c | 17 +++-- fs/btrfs/ioctl.c | 19 ++++++ fs/cifs/connect.c | 2 +- fs/cifs/inode.c | 2 + fs/cifs/smb2ops.c | 35 ++++++++--- fs/cifs/smb2pdu.c | 3 + fs/f2fs/f2fs.h | 15 +++-- fs/f2fs/file.c | 2 +- fs/f2fs/gc.c | 8 ++- fs/f2fs/inline.c | 22 +++++++ fs/f2fs/inode.c | 19 ++++-- fs/f2fs/node.c | 46 ++++++++++---- fs/f2fs/recovery.c | 4 +- fs/f2fs/segment.c | 20 +++++- fs/f2fs/segment.h | 3 + fs/f2fs/super.c | 25 ++++++-- fs/f2fs/sysfs.c | 16 +++-- fs/nfs/callback_proc.c | 4 +- fs/nfs/callback_xdr.c | 11 +++- fs/nfs/nfs4client.c | 6 +- include/linux/hid.h | 1 + include/linux/mm_types.h | 2 +- include/linux/mm_types_task.h | 2 +- include/linux/mtd/rawnand.h | 16 ++--- include/linux/vm_event_item.h | 1 - include/linux/vmacache.h | 5 -- include/uapi/linux/ethtool.h | 4 +- kernel/cpu.c | 11 ++-- kernel/time/clocksource.c | 40 +++++++++--- kernel/time/timer.c | 29 +++++---- mm/debug.c | 4 +- mm/memory_hotplug.c | 3 +- mm/page_alloc.c | 4 ++ mm/vmacache.c | 38 ----------- net/bluetooth/hidp/core.c | 2 +- net/dcb/dcbnl.c | 11 ++-- net/mac80211/rx.c | 1 + sound/pci/hda/hda_codec.c | 3 +- sound/pci/hda/patch_realtek.c | 1 + sound/soc/soc-pcm.c | 5 ++ tools/perf/Makefile.config | 4 +- tools/perf/builtin-c2c.c | 3 + tools/perf/perf.h | 2 + tools/perf/util/evsel.c | 14 +++++ tools/testing/nvdimm/pmem-dax.c | 12 ++-- tools/testing/selftests/bpf/test_verifier.c | 6 +- .../tc-testing/tc-tests/actions/connmark.json | 24 +++---- .../tc-testing/tc-tests/actions/mirred.json | 3 +- virt/kvm/arm/mmu.c | 9 ++- 170 files changed, 1167 insertions(+), 580 deletions(-)

6 years, 7 months

3
162
0 0

patch "serial: 8250: Fix clearing FIFOs in RS485 mode again" added to tty-next

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled serial: 8250: Fix clearing FIFOs in RS485 mode again to my tty git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git in the tty-next branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will also be merged in the next major kernel release during the merge window. If you have any questions about this process, please let me know. >From f6aa5beb45be27968a4df90176ca36dfc4363d37 Mon Sep 17 00:00:00 2001 From: Marek Vasut <marex(a)denx.de> Date: Mon, 3 Sep 2018 02:44:52 +0200 Subject: serial: 8250: Fix clearing FIFOs in RS485 mode again The 8250 FIFOs indeed need to be cleared after stopping transmission in RS485 mode without SER_RS485_RX_DURING_TX flag set. But there are two problems with the approach taken by the previous patch from Fixes tag. First, serial8250_clear_fifos() should clear fifos, but what it really does is it enables the FIFOs unconditionally if present, clears them and then sets the FCR register to zero, which effectively disables the FIFOs. In case the FIFO is disabled, enabling it and clearing it makes no sense and in fact can trigger misbehavior of the 8250 core. Moreover, the FCR register may contain other FIFO configuration bits which may not be writable unconditionally and writing them incorrectly can trigger misbehavior of the 8250 core too. (ie. AM335x UART swallows the first byte and retransmits the last byte twice because of this FCR write). Second, serial8250_clear_and_reinit_fifos() completely reloads the FCR, but what really has to happen at the end of the RS485 transmission is clearing of the FIFOs and nothing else. This patch repairs serial8250_clear_fifos() so that it really only clears the FIFOs by operating on FCR[2:1] bits and leaves all the other bits alone. It also undoes serial8250_clear_and_reinit_fifos() from __do_stop_tx_rs485() as serial8250_clear_fifos() is sufficient. Signed-off-by: Marek Vasut <marex(a)denx.de> Fixes: 2bed8a8e7072 ("Clearing FIFOs in RS485 emulation mode causes subsequent transmits to break") Cc: Daniel Jedrychowski <avistel(a)gmail.com> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: stable <stable(a)vger.kernel.org> # let it bake a bit before merging Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/tty/serial/8250/8250_port.c | 29 ++++++++++++++++++++++++----- 1 file changed, 24 insertions(+), 5 deletions(-) diff --git a/drivers/tty/serial/8250/8250_port.c b/drivers/tty/serial/8250/8250_port.c index 3f779d25ec0c..f776b3eafb96 100644 --- a/drivers/tty/serial/8250/8250_port.c +++ b/drivers/tty/serial/8250/8250_port.c @@ -552,11 +552,30 @@ static unsigned int serial_icr_read(struct uart_8250_port *up, int offset) */ static void serial8250_clear_fifos(struct uart_8250_port *p) { + unsigned char fcr; + unsigned char clr_mask = UART_FCR_CLEAR_RCVR | UART_FCR_CLEAR_XMIT; + if (p->capabilities & UART_CAP_FIFO) { - serial_out(p, UART_FCR, UART_FCR_ENABLE_FIFO); - serial_out(p, UART_FCR, UART_FCR_ENABLE_FIFO | - UART_FCR_CLEAR_RCVR | UART_FCR_CLEAR_XMIT); - serial_out(p, UART_FCR, 0); + /* + * Make sure to avoid changing FCR[7:3] and ENABLE_FIFO bits. + * In case ENABLE_FIFO is not set, there is nothing to flush + * so just return. Furthermore, on certain implementations of + * the 8250 core, the FCR[7:3] bits may only be changed under + * specific conditions and changing them if those conditions + * are not met can have nasty side effects. One such core is + * the 8250-omap present in TI AM335x. + */ + fcr = serial_in(p, UART_FCR); + + /* FIFO is not enabled, there's nothing to clear. */ + if (!(fcr & UART_FCR_ENABLE_FIFO)) + return; + + fcr |= clr_mask; + serial_out(p, UART_FCR, fcr); + + fcr &= ~clr_mask; + serial_out(p, UART_FCR, fcr); } } @@ -1448,7 +1467,7 @@ static void __do_stop_tx_rs485(struct uart_8250_port *p) * Enable previously disabled RX interrupts. */ if (!(p->port.rs485.flags & SER_RS485_RX_DURING_TX)) { - serial8250_clear_and_reinit_fifos(p); + serial8250_clear_fifos(p); p->ier |= UART_IER_RLSI | UART_IER_RDI; serial_port_out(&p->port, UART_IER, p->ier); -- 2.19.0

6 years, 7 months

1
0
0 0

[PATCH 4.4 00/56] 4.4.157-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.4.157 release. There are 56 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed Sep 19 21:38:11 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.4.157-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.4.157-rc1 Linus Torvalds <torvalds(a)linux-foundation.org> mm: get rid of vmacache_flush_all() entirely Andi Kleen <ak(a)linux.intel.com> x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ Ian Kent <raven(a)themaw.net> autofs: fix autofs_sbi() does not check super block type Wei Yongjun <weiyongjun1(a)huawei.com> mtd: ubi: wl: Fix error return code in ubi_wl_init() Ondrej Mosnacek <omosnace(a)redhat.com> crypto: vmx - Fix sleep-in-atomic bugs Peter Chen <peter.chen(a)nxp.com> ethernet: ti: davinci_emac: add missing of_node_put after calling of_parse_phandle Johan Hovold <johan(a)kernel.org> net: ethernet: ti: cpsw: fix mdio device reference leak David Rivshin <drivshin(a)allworx.com> drivers: net: cpsw: fix parsing of phy-handle DT property in dual_emac config Eric Dumazet <edumazet(a)google.com> netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_user Nadav Amit <namit(a)vmware.com> vmw_balloon: include asm/io.h Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: Fix use-after-free in xhci_free_virt_device Parav Pandit <parav(a)mellanox.com> RDMA/cma: Do not ignore net namespace for unbound cm_id Paul Burton <paul.burton(a)imgtec.com> MIPS: WARN_ON invalid DMA cache maintenance, not BUG_ON Chao Yu <yuchao0(a)huawei.com> f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize Zumeng Chen <zumeng.chen(a)gmail.com> mfd: ti_am335x_tscadc: Fix struct clk memory leak Geert Uytterhoeven <geert+renesas(a)glider.be> iommu/ipmmu-vmsa: Fix allocation in atomic context Mauricio Faria de Oliveira <mfo(a)canonical.com> partitions/aix: fix usage of uninitialized lv_info and lvname structures Mauricio Faria de Oliveira <mfo(a)canonical.com> partitions/aix: append null character to print data from disk Nick Dyer <nick.dyer(a)itdev.co.uk> Input: atmel_mxt_ts - only use first T9 instance Petr Machata <petrm(a)mellanox.com> net: dcb: For wild-card lookups, use priority -1, not 0 Nicholas Mc Guire <hofrat(a)osadl.org> MIPS: Octeon: add missing of_node_put() Yelena Krivosheev <yelena(a)marvell.com> net: mvneta: fix mtu change on port without link Anton Vasilyev <vasilyev(a)ispras.ru> gpio: ml-ioh: Fix buffer underwrite on probe error path Joerg Roedel <jroedel(a)suse.de> x86/mm: Remove in_nmi() warning from vmalloc_fault() Marcel Holtmann <marcel(a)holtmann.org> Bluetooth: hidp: Fix handling of strncpy for hid->name information Surabhi Vishnoi <svishnoi(a)codeaurora.org> ath10k: disable bundle mgmt tx completion event support Anton Vasilyev <vasilyev(a)ispras.ru> scsi: 3ware: fix return 0 on the error path of probe Srinivas Pandruvada <srinivas.pandruvada(a)linux.intel.com> ata: libahci: Correct setting of DEVSLP register Paul Burton <paul.burton(a)mips.com> MIPS: Fix ISA virt/bus conversion for non-zero PHYS_OFFSET Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath10k: prevent active scans on potential unusable channels Finn Thain <fthain(a)telegraphics.com.au> macintosh/via-pmu: Add missing mmio accessors Olga Kornievskaia <kolga(a)netapp.com> NFSv4.0 fix client reference leak in callback Christophe Leroy <christophe.leroy(a)c-s.fr> perf tools: Allow overriding MAX_NR_CPUS at compile time Yunlong Song <yunlong.song(a)huawei.com> f2fs: do not set free of current section Anton Vasilyev <vasilyev(a)ispras.ru> tty: rocket: Fix possible buffer overwrite on register_PCI Dan Carpenter <dan.carpenter(a)oracle.com> uio: potential double frees if __uio_register_device() fails Anton Vasilyev <vasilyev(a)ispras.ru> misc: ti-st: Fix memory leak in the error path of probe() BingJing Chang <bingjingc(a)synology.com> md/raid5: fix data corruption of replacements after originals dropped Mike Christie <mchristi(a)redhat.com> scsi: target: fix __transport_register_session locking Dmitry Osipenko <digetx(a)gmail.com> gpio: tegra: Move driver registration to subsys_init level Johan Hedberg <johan.hedberg(a)intel.com> Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV Florian Fainelli <f.fainelli(a)gmail.com> ethtool: Remove trailing semicolon for static inline Dan Carpenter <dan.carpenter(a)oracle.com> misc: mic: SCIF Fix scif_get_new_port() error handling Alexey Brodkin <abrodkin(a)synopsys.com> ARC: [plat-axs*]: Enable SWAP Prateek Sood <prsood(a)codeaurora.org> locking/osq_lock: Fix osq_lock queue corruption Michal Hocko <mhocko(a)kernel.org> selinux: use GFP_NOWAIT in the AVC kmem_caches Prateek Sood <prsood(a)codeaurora.org> locking/rwsem-xadd: Fix missed wakeup due to reordering of load Tejun Heo <tj(a)kernel.org> block,blkcg: use __GFP_NOWARN for best-effort allocations in blkcg Daniel Micay <danielmicay(a)gmail.com> staging/rts5208: Fix read overflow in memcpy Jia-Ju Bai <baijiaju1990(a)163.com> staging: rt5208: Fix a sleep-in-atomic bug in xd_copy_page Vegard Nossum <vegard.nossum(a)oracle.com> kthread: fix boot hang (regression) on MIPS/OpenRISC Vegard Nossum <vegard.nossum(a)oracle.com> kthread: Fix use-after-free if kthread fork fails Ritesh Harjani <riteshh(a)codeaurora.org> cfq: Give a chance for arming slice idle timer in case of group_idle Takashi Iwai <tiwai(a)suse.de> ALSA: hda - Fix cancel_work_sync() stall from jackpoll work Felipe Balbi <felipe.balbi(a)linux.intel.com> i2c: i801: fix DNV's SMBCTRL register offset Shubhrajyoti Datta <shubhrajyoti.datta(a)xilinx.com> i2c: xiic: Make the start and the byte count write atomic ------------- Diffstat: Makefile | 4 +-- arch/arc/configs/axs101_defconfig | 1 - arch/arc/configs/axs103_defconfig | 1 - arch/arc/configs/axs103_smp_defconfig | 1 - arch/mips/cavium-octeon/octeon-platform.c | 2 ++ arch/mips/include/asm/io.h | 8 +++--- arch/mips/kernel/process.c | 1 - arch/mips/mm/c-r4k.c | 6 ++-- arch/openrisc/kernel/process.c | 2 -- arch/x86/include/asm/processor.h | 4 ++- arch/x86/kernel/cpu/bugs.c | 47 +++++++++++++++++++++++++++---- arch/x86/kernel/cpu/common.c | 2 ++ arch/x86/mm/fault.c | 2 -- block/blk-cgroup.c | 9 +++--- block/cfq-iosched.c | 6 ++-- block/partitions/aix.c | 13 ++++++--- drivers/ata/libahci.c | 2 ++ drivers/bluetooth/Kconfig | 1 + drivers/crypto/vmx/aes_cbc.c | 30 +++++++++----------- drivers/gpio/gpio-ml-ioh.c | 3 +- drivers/gpio/gpio-tegra.c | 2 +- drivers/i2c/busses/i2c-i801.c | 7 ++++- drivers/i2c/busses/i2c-xiic.c | 4 +++ drivers/infiniband/core/cma.c | 13 +++++++-- drivers/input/touchscreen/atmel_mxt_ts.c | 7 +++-- drivers/iommu/ipmmu-vmsa.c | 9 +++--- drivers/macintosh/via-pmu.c | 9 +++--- drivers/md/raid5.c | 6 ++++ drivers/mfd/ti_am335x_tscadc.c | 3 +- drivers/misc/mic/scif/scif_api.c | 20 ++++++------- drivers/misc/ti-st/st_kim.c | 4 +-- drivers/misc/vmw_balloon.c | 1 + drivers/mtd/ubi/wl.c | 8 ++++-- drivers/net/ethernet/marvell/mvneta.c | 1 - drivers/net/ethernet/ti/cpsw.c | 14 ++++----- drivers/net/ethernet/ti/cpsw.h | 1 + drivers/net/ethernet/ti/davinci_emac.c | 1 + drivers/net/wireless/ath/ath10k/mac.c | 7 +++++ drivers/net/wireless/ath/ath10k/wmi-tlv.c | 5 ++++ drivers/net/wireless/ath/ath10k/wmi-tlv.h | 5 ++++ drivers/scsi/3w-9xxx.c | 6 +++- drivers/scsi/3w-sas.c | 3 ++ drivers/scsi/3w-xxxx.c | 2 ++ drivers/staging/rts5208/rtsx_scsi.c | 2 +- drivers/staging/rts5208/xd.c | 2 +- drivers/target/target_core_transport.c | 5 ++-- drivers/tty/rocket.c | 2 +- drivers/uio/uio.c | 3 +- drivers/usb/host/xhci.c | 3 ++ fs/autofs4/autofs_i.h | 4 ++- fs/autofs4/inode.c | 1 - fs/f2fs/segment.h | 3 ++ fs/f2fs/super.c | 21 ++++++++++++-- fs/nfs/callback_xdr.c | 11 ++++++-- include/linux/mm_types.h | 2 +- include/linux/sched.h | 2 +- include/linux/vm_event_item.h | 1 - include/linux/vmacache.h | 5 ---- include/uapi/linux/ethtool.h | 4 +-- kernel/fork.c | 17 +++++++---- kernel/locking/osq_lock.c | 13 +++++++++ kernel/locking/rwsem-xadd.c | 27 ++++++++++++++++++ mm/debug.c | 4 +-- mm/vmacache.c | 38 ------------------------- net/bluetooth/hidp/core.c | 2 +- net/dcb/dcbnl.c | 11 +++++--- net/netfilter/x_tables.c | 4 +-- security/selinux/avc.c | 14 ++++----- sound/pci/hda/hda_codec.c | 3 +- tools/perf/perf.h | 2 ++ 70 files changed, 312 insertions(+), 177 deletions(-)

6 years, 7 months

4
59
0 0

[PATCH 4.9 00/70] 4.9.128-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.9.128 release. There are 70 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed Sep 19 21:16:09 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.128-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.9.128-rc1 Linus Torvalds <torvalds(a)linux-foundation.org> mm: get rid of vmacache_flush_all() entirely Ian Kent <raven(a)themaw.net> autofs: fix autofs_sbi() does not check super block type Wei Yongjun <weiyongjun1(a)huawei.com> mtd: ubi: wl: Fix error return code in ubi_wl_init() Eric Dumazet <edumazet(a)google.com> netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_user Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: Fix use-after-free in xhci_free_virt_device Parav Pandit <parav(a)mellanox.com> RDMA/cma: Do not ignore net namespace for unbound cm_id Paul Burton <paul.burton(a)imgtec.com> MIPS: WARN_ON invalid DMA cache maintenance, not BUG_ON Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4.1: Fix a potential layoutget/layoutrecall deadlock Chao Yu <yuchao0(a)huawei.com> f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize Zumeng Chen <zumeng.chen(a)gmail.com> mfd: ti_am335x_tscadc: Fix struct clk memory leak Geert Uytterhoeven <geert+renesas(a)glider.be> iommu/ipmmu-vmsa: Fix allocation in atomic context Dan Carpenter <dan.carpenter(a)oracle.com> f2fs: Fix uninitialized return in f2fs_ioc_shutdown() Katsuhiro Suzuki <suzuki.katsuhiro(a)socionext.com> media: helene: fix xtal frequency setting at power on Mauricio Faria de Oliveira <mfo(a)canonical.com> partitions/aix: fix usage of uninitialized lv_info and lvname structures Mauricio Faria de Oliveira <mfo(a)canonical.com> partitions/aix: append null character to print data from disk Sylwester Nawrocki <s.nawrocki(a)samsung.com> media: s5p-mfc: Fix buffer look up in s5p_mfc_handle_frame_{new, copy_time} functions Nick Dyer <nick.dyer(a)itdev.co.uk> Input: atmel_mxt_ts - only use first T9 instance Petr Machata <petrm(a)mellanox.com> net: dcb: For wild-card lookups, use priority -1, not 0 Nicholas Mc Guire <hofrat(a)osadl.org> MIPS: generic: fix missing of_node_put() Nicholas Mc Guire <hofrat(a)osadl.org> MIPS: Octeon: add missing of_node_put() Chao Yu <yuchao0(a)huawei.com> f2fs: fix to do sanity check with reserved blkaddr of inline inode Peter Rosin <peda(a)axentia.se> tpm/tpm_i2c_infineon: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) Linus Walleij <linus.walleij(a)linaro.org> tpm_tis_spi: Pass the SPI IRQ down to the driver Chao Yu <yuchao0(a)huawei.com> f2fs: fix to skip GC if type in SSA and SIT is inconsistent Chao Yu <yuchao0(a)huawei.com> f2fs: try grabbing node page lock aggressively in sync scenario Yelena Krivosheev <yelena(a)marvell.com> net: mvneta: fix mtu change on port without link Anton Vasilyev <vasilyev(a)ispras.ru> gpio: ml-ioh: Fix buffer underwrite on probe error path Joerg Roedel <jroedel(a)suse.de> x86/mm: Remove in_nmi() warning from vmalloc_fault() Marcel Holtmann <marcel(a)holtmann.org> Bluetooth: hidp: Fix handling of strncpy for hid->name information Surabhi Vishnoi <svishnoi(a)codeaurora.org> ath10k: disable bundle mgmt tx completion event support Anton Vasilyev <vasilyev(a)ispras.ru> scsi: 3ware: fix return 0 on the error path of probe Srinivas Pandruvada <srinivas.pandruvada(a)linux.intel.com> ata: libahci: Correct setting of DEVSLP register Paul Burton <paul.burton(a)mips.com> MIPS: Fix ISA virt/bus conversion for non-zero PHYS_OFFSET Loic Poulain <loic.poulain(a)linaro.org> wlcore: Set rx_status boottime_ns field on rx Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath10k: prevent active scans on potential unusable channels Felix Fietkau <nbd(a)nbd.name> ath9k_hw: fix channel maximum power level test Felix Fietkau <nbd(a)nbd.name> ath9k: report tx status on EOSP Finn Thain <fthain(a)telegraphics.com.au> macintosh/via-pmu: Add missing mmio accessors Olga Kornievskaia <kolga(a)netapp.com> NFSv4.0 fix client reference leak in callback Christophe Leroy <christophe.leroy(a)c-s.fr> perf tools: Allow overriding MAX_NR_CPUS at compile time Yunlong Song <yunlong.song(a)huawei.com> f2fs: do not set free of current section Anton Vasilyev <vasilyev(a)ispras.ru> tty: rocket: Fix possible buffer overwrite on register_PCI Dan Carpenter <dan.carpenter(a)oracle.com> uio: potential double frees if __uio_register_device() fails Anton Vasilyev <vasilyev(a)ispras.ru> misc: ti-st: Fix memory leak in the error path of probe() Gaurav Kohli <gkohli(a)codeaurora.org> timers: Clear timer_base::must_forward_clk with timer_base::lock held BingJing Chang <bingjingc(a)synology.com> md/raid5: fix data corruption of replacements after originals dropped Mike Christie <mchristi(a)redhat.com> scsi: target: fix __transport_register_session locking Arun Parameswaran <arun.parameswaran(a)broadcom.com> net: phy: Fix the register offsets in Broadcom iProc mdio mux driver Dmitry Osipenko <digetx(a)gmail.com> gpio: tegra: Move driver registration to subsys_init level Johan Hedberg <johan.hedberg(a)intel.com> Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV Florian Fainelli <f.fainelli(a)gmail.com> ethtool: Remove trailing semicolon for static inline Dan Carpenter <dan.carpenter(a)oracle.com> misc: mic: SCIF Fix scif_get_new_port() error handling Alexey Brodkin <abrodkin(a)synopsys.com> ARC: [plat-axs*]: Enable SWAP Johannes Weiner <hannes(a)cmpxchg.org> mm: remove seemingly spurious reclaimability check from laptop_mode gating Mel Gorman <mgorman(a)suse.de> mm, vmscan: clear PGDAT_WRITEBACK when zone is balanced Prateek Sood <prsood(a)codeaurora.org> locking/osq_lock: Fix osq_lock queue corruption Michal Hocko <mhocko(a)kernel.org> selinux: use GFP_NOWAIT in the AVC kmem_caches Prateek Sood <prsood(a)codeaurora.org> locking/rwsem-xadd: Fix missed wakeup due to reordering of load Johannes Berg <johannes.berg(a)intel.com> nl80211: fix null-ptr dereference on invalid mesh configuration Tejun Heo <tj(a)kernel.org> block,blkcg: use __GFP_NOWARN for best-effort allocations in blkcg Kees Cook <keescook(a)chromium.org> IB/rxe: do not copy extra stack memory to skb Daniel Micay <danielmicay(a)gmail.com> staging/rts5208: Fix read overflow in memcpy Jia-Ju Bai <baijiaju1990(a)163.com> staging: rt5208: Fix a sleep-in-atomic bug in xd_copy_page Vegard Nossum <vegard.nossum(a)oracle.com> kthread: fix boot hang (regression) on MIPS/OpenRISC Vegard Nossum <vegard.nossum(a)oracle.com> kthread: Fix use-after-free if kthread fork fails Ritesh Harjani <riteshh(a)codeaurora.org> cfq: Give a chance for arming slice idle timer in case of group_idle Takashi Iwai <tiwai(a)suse.de> ALSA: hda - Fix cancel_work_sync() stall from jackpoll work Pierre Morel <pmorel(a)linux.ibm.com> KVM: s390: vsie: copy wrapping keys to right place Felipe Balbi <felipe.balbi(a)linux.intel.com> i2c: i801: fix DNV's SMBCTRL register offset Shubhrajyoti Datta <shubhrajyoti.datta(a)xilinx.com> i2c: xiic: Make the start and the byte count write atomic ------------- Diffstat: Makefile | 4 ++-- arch/arc/configs/axs101_defconfig | 1 - arch/arc/configs/axs103_defconfig | 1 - arch/arc/configs/axs103_smp_defconfig | 1 - arch/mips/cavium-octeon/octeon-platform.c | 2 ++ arch/mips/generic/init.c | 1 + arch/mips/include/asm/io.h | 8 +++---- arch/mips/kernel/process.c | 1 - arch/mips/mm/c-r4k.c | 6 +++-- arch/openrisc/kernel/process.c | 2 -- arch/s390/kvm/vsie.c | 3 ++- arch/x86/mm/fault.c | 2 -- block/blk-cgroup.c | 9 ++++---- block/cfq-iosched.c | 6 +++-- block/partitions/aix.c | 13 +++++++---- drivers/ata/libahci.c | 2 ++ drivers/bluetooth/Kconfig | 1 + drivers/char/tpm/tpm_i2c_infineon.c | 8 +++---- drivers/char/tpm/tpm_tis_spi.c | 9 +++++++- drivers/gpio/gpio-ml-ioh.c | 3 ++- drivers/gpio/gpio-tegra.c | 2 +- drivers/i2c/busses/i2c-i801.c | 7 +++++- drivers/i2c/busses/i2c-xiic.c | 4 ++++ drivers/infiniband/core/cma.c | 13 ++++++++--- drivers/infiniband/sw/rxe/rxe_resp.c | 4 +++- drivers/input/touchscreen/atmel_mxt_ts.c | 7 +++--- drivers/iommu/ipmmu-vmsa.c | 9 ++++---- drivers/macintosh/via-pmu.c | 9 ++++---- drivers/md/raid5.c | 6 +++++ drivers/media/dvb-frontends/helene.c | 5 +++- drivers/media/platform/s5p-mfc/s5p_mfc.c | 23 ++++++++++--------- drivers/mfd/ti_am335x_tscadc.c | 3 +-- drivers/misc/mic/scif/scif_api.c | 20 ++++++++-------- drivers/misc/ti-st/st_kim.c | 4 ++-- drivers/mtd/ubi/wl.c | 8 +++++-- drivers/net/ethernet/marvell/mvneta.c | 1 - drivers/net/phy/mdio-mux-bcm-iproc.c | 20 ++++++++++++---- drivers/net/wireless/ath/ath10k/mac.c | 7 ++++++ drivers/net/wireless/ath/ath10k/wmi-tlv.c | 5 ++++ drivers/net/wireless/ath/ath10k/wmi-tlv.h | 5 ++++ drivers/net/wireless/ath/ath9k/hw.c | 7 ++++-- drivers/net/wireless/ath/ath9k/xmit.c | 3 ++- drivers/net/wireless/ti/wlcore/rx.c | 8 +++++-- drivers/scsi/3w-9xxx.c | 6 ++++- drivers/scsi/3w-sas.c | 3 +++ drivers/scsi/3w-xxxx.c | 2 ++ drivers/staging/rts5208/rtsx_scsi.c | 2 +- drivers/staging/rts5208/xd.c | 2 +- drivers/target/target_core_transport.c | 5 ++-- drivers/tty/rocket.c | 2 +- drivers/uio/uio.c | 3 +-- drivers/usb/host/xhci.c | 3 +++ fs/autofs4/autofs_i.h | 4 +++- fs/autofs4/inode.c | 1 - fs/f2fs/file.c | 2 +- fs/f2fs/gc.c | 8 ++++++- fs/f2fs/inline.c | 21 +++++++++++++++++ fs/f2fs/node.c | 4 +++- fs/f2fs/segment.h | 3 +++ fs/f2fs/super.c | 21 +++++++++++++++-- fs/nfs/callback_proc.c | 4 ++-- fs/nfs/callback_xdr.c | 11 ++++++--- include/linux/mm_types.h | 2 +- include/linux/sched.h | 2 +- include/linux/vm_event_item.h | 1 - include/linux/vmacache.h | 5 ---- include/uapi/linux/ethtool.h | 4 ++-- kernel/fork.c | 17 ++++++++++---- kernel/locking/osq_lock.c | 13 +++++++++++ kernel/locking/rwsem-xadd.c | 27 ++++++++++++++++++++++ kernel/time/timer.c | 29 ++++++++++++----------- mm/debug.c | 4 ++-- mm/vmacache.c | 38 ------------------------------- mm/vmscan.c | 3 ++- net/bluetooth/hidp/core.c | 2 +- net/dcb/dcbnl.c | 11 +++++---- net/netfilter/x_tables.c | 4 ++-- net/wireless/nl80211.c | 3 +++ security/selinux/avc.c | 14 +++++------- sound/pci/hda/hda_codec.c | 3 ++- tools/perf/perf.h | 2 ++ 81 files changed, 358 insertions(+), 196 deletions(-)

6 years, 7 months

4
73
0 0

[PATCH 1/4] ovl: fix memory leak on unlink of indexed file

by Amir Goldstein

Fixes: caf70cb2ba5d ("ovl: cleanup orphan index entries") Cc: <stable(a)vger.kernel.org> # v4.13 Signed-off-by: Amir Goldstein <amir73il(a)gmail.com> --- fs/overlayfs/util.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/fs/overlayfs/util.c b/fs/overlayfs/util.c index 8cfb62cc8672..ace4fe4c39a9 100644 --- a/fs/overlayfs/util.c +++ b/fs/overlayfs/util.c @@ -683,7 +683,7 @@ static void ovl_cleanup_index(struct dentry *dentry) struct dentry *upperdentry = ovl_dentry_upper(dentry); struct dentry *index = NULL; struct inode *inode; - struct qstr name; + struct qstr name = { }; int err; err = ovl_get_index_name(lowerdentry, &name); @@ -726,6 +726,7 @@ static void ovl_cleanup_index(struct dentry *dentry) goto fail; out: + kfree(name.name); dput(index); return; -- 2.17.1

6 years, 7 months

2
2
0 0

patch "serial: cpm_uart: return immediately from console poll" added to tty-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled serial: cpm_uart: return immediately from console poll to my tty git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git in the tty-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From be28c1e3ca29887e207f0cbcd294cefe5074bab6 Mon Sep 17 00:00:00 2001 From: Christophe Leroy <christophe.leroy(a)c-s.fr> Date: Fri, 14 Sep 2018 10:32:50 +0000 Subject: serial: cpm_uart: return immediately from console poll kgdb expects poll function to return immediately and returning NO_POLL_CHAR when no character is available. Fixes: f5316b4aea024 ("kgdb,8250,pl011: Return immediately from console poll") Cc: Jason Wessel <jason.wessel(a)windriver.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Christophe Leroy <christophe.leroy(a)c-s.fr> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/tty/serial/cpm_uart/cpm_uart_core.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/drivers/tty/serial/cpm_uart/cpm_uart_core.c b/drivers/tty/serial/cpm_uart/cpm_uart_core.c index 24a5f05e769b..e5389591bb4f 100644 --- a/drivers/tty/serial/cpm_uart/cpm_uart_core.c +++ b/drivers/tty/serial/cpm_uart/cpm_uart_core.c @@ -1054,8 +1054,8 @@ static int poll_wait_key(char *obuf, struct uart_cpm_port *pinfo) /* Get the address of the host memory buffer. */ bdp = pinfo->rx_cur; - while (bdp->cbd_sc & BD_SC_EMPTY) - ; + if (bdp->cbd_sc & BD_SC_EMPTY) + return NO_POLL_CHAR; /* If the buffer address is in the CPM DPRAM, don't * convert it. @@ -1090,7 +1090,11 @@ static int cpm_get_poll_char(struct uart_port *port) poll_chars = 0; } if (poll_chars <= 0) { - poll_chars = poll_wait_key(poll_buf, pinfo); + int ret = poll_wait_key(poll_buf, pinfo); + + if (ret == NO_POLL_CHAR) + return ret; + poll_chars = ret; pollp = poll_buf; } poll_chars--; -- 2.19.0

6 years, 7 months

1
0
0 0

patch "serial: mvebu-uart: Fix reporting of effective CSIZE to userspace" added to tty-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled serial: mvebu-uart: Fix reporting of effective CSIZE to userspace to my tty git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git in the tty-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From e0bf2d4982fe7d9ddaf550dd023803ea286f47fc Mon Sep 17 00:00:00 2001 From: Jan Kiszka <jan.kiszka(a)siemens.com> Date: Sun, 26 Aug 2018 19:49:32 +0200 Subject: serial: mvebu-uart: Fix reporting of effective CSIZE to userspace Apparently, this driver (or the hardware) does not support character length settings. It's apparently running in 8-bit mode, but it makes userspace believe it's in 5-bit mode. That makes tcsetattr with CS8 incorrectly fail, breaking e.g. getty from busybox, thus the login shell on ttyMVx. Fix by hard-wiring CS8 into c_cflag. Signed-off-by: Jan Kiszka <jan.kiszka(a)siemens.com> Fixes: 30530791a7a0 ("serial: mvebu-uart: initial support for Armada-3700 serial port") Cc: stable <stable(a)vger.kernel.org> # 4.6+ Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/tty/serial/mvebu-uart.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/tty/serial/mvebu-uart.c b/drivers/tty/serial/mvebu-uart.c index d04b5eeea3c6..170e446a2f62 100644 --- a/drivers/tty/serial/mvebu-uart.c +++ b/drivers/tty/serial/mvebu-uart.c @@ -511,6 +511,7 @@ static void mvebu_uart_set_termios(struct uart_port *port, termios->c_iflag |= old->c_iflag & ~(INPCK | IGNPAR); termios->c_cflag &= CREAD | CBAUD; termios->c_cflag |= old->c_cflag & ~(CREAD | CBAUD); + termios->c_cflag |= CS8; } spin_unlock_irqrestore(&port->lock, flags); -- 2.19.0

6 years, 7 months

1
0
0 0

patch "serial: 8250: Fix clearing FIFOs in RS485 mode again" added to tty-testing

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled serial: 8250: Fix clearing FIFOs in RS485 mode again to my tty git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git in the tty-testing branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will be merged to the tty-next branch sometime soon, after it passes testing, and the merge window is open. If you have any questions about this process, please let me know. >From b268203fc327a8f480ef70b70acace7f4a80f525 Mon Sep 17 00:00:00 2001 From: Marek Vasut <marex(a)denx.de> Date: Mon, 3 Sep 2018 02:44:52 +0200 Subject: serial: 8250: Fix clearing FIFOs in RS485 mode again The 8250 FIFOs indeed need to be cleared after stopping transmission in RS485 mode without SER_RS485_RX_DURING_TX flag set. But there are two problems with the approach taken by the previous patch from Fixes tag. First, serial8250_clear_fifos() should clear fifos, but what it really does is it enables the FIFOs unconditionally if present, clears them and then sets the FCR register to zero, which effectively disables the FIFOs. In case the FIFO is disabled, enabling it and clearing it makes no sense and in fact can trigger misbehavior of the 8250 core. Moreover, the FCR register may contain other FIFO configuration bits which may not be writable unconditionally and writing them incorrectly can trigger misbehavior of the 8250 core too. (ie. AM335x UART swallows the first byte and retransmits the last byte twice because of this FCR write). Second, serial8250_clear_and_reinit_fifos() completely reloads the FCR, but what really has to happen at the end of the RS485 transmission is clearing of the FIFOs and nothing else. This patch repairs serial8250_clear_fifos() so that it really only clears the FIFOs by operating on FCR[2:1] bits and leaves all the other bits alone. It also undoes serial8250_clear_and_reinit_fifos() from __do_stop_tx_rs485() as serial8250_clear_fifos() is sufficient. Signed-off-by: Marek Vasut <marex(a)denx.de> Fixes: 2bed8a8e7072 ("Clearing FIFOs in RS485 emulation mode causes subsequent transmits to break") Cc: Daniel Jedrychowski <avistel(a)gmail.com> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: stable <stable(a)vger.kernel.org> # let it bake a bit before merging Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/tty/serial/8250/8250_port.c | 29 ++++++++++++++++++++++++----- 1 file changed, 24 insertions(+), 5 deletions(-) diff --git a/drivers/tty/serial/8250/8250_port.c b/drivers/tty/serial/8250/8250_port.c index 3f779d25ec0c..f776b3eafb96 100644 --- a/drivers/tty/serial/8250/8250_port.c +++ b/drivers/tty/serial/8250/8250_port.c @@ -552,11 +552,30 @@ static unsigned int serial_icr_read(struct uart_8250_port *up, int offset) */ static void serial8250_clear_fifos(struct uart_8250_port *p) { + unsigned char fcr; + unsigned char clr_mask = UART_FCR_CLEAR_RCVR | UART_FCR_CLEAR_XMIT; + if (p->capabilities & UART_CAP_FIFO) { - serial_out(p, UART_FCR, UART_FCR_ENABLE_FIFO); - serial_out(p, UART_FCR, UART_FCR_ENABLE_FIFO | - UART_FCR_CLEAR_RCVR | UART_FCR_CLEAR_XMIT); - serial_out(p, UART_FCR, 0); + /* + * Make sure to avoid changing FCR[7:3] and ENABLE_FIFO bits. + * In case ENABLE_FIFO is not set, there is nothing to flush + * so just return. Furthermore, on certain implementations of + * the 8250 core, the FCR[7:3] bits may only be changed under + * specific conditions and changing them if those conditions + * are not met can have nasty side effects. One such core is + * the 8250-omap present in TI AM335x. + */ + fcr = serial_in(p, UART_FCR); + + /* FIFO is not enabled, there's nothing to clear. */ + if (!(fcr & UART_FCR_ENABLE_FIFO)) + return; + + fcr |= clr_mask; + serial_out(p, UART_FCR, fcr); + + fcr &= ~clr_mask; + serial_out(p, UART_FCR, fcr); } } @@ -1448,7 +1467,7 @@ static void __do_stop_tx_rs485(struct uart_8250_port *p) * Enable previously disabled RX interrupts. */ if (!(p->port.rs485.flags & SER_RS485_RX_DURING_TX)) { - serial8250_clear_and_reinit_fifos(p); + serial8250_clear_fifos(p); p->ier |= UART_IER_RLSI | UART_IER_RDI; serial_port_out(&p->port, UART_IER, p->ier); -- 2.19.0

6 years, 7 months

1
0
0 0

[GIT PULL 2/3] intel_th: Fix resource handling for ACPI glue layer

by Alexander Shishkin

The core of the driver expects the resource array from the glue layer to be indexed by even numbers, as is the case for 64-bit PCI resources. This doesn't hold true for others, ACPI in this instance, which leads to an out-of-bounds access and an ioremap() on whatever address that access fetches. This patch fixes the problem by reading resource array differently based on whether the 64-bit flag is set, which would indicate PCI glue layer. Signed-off-by: Alexander Shishkin <alexander.shishkin(a)linux.intel.com> Fixes: ebc57e399b8e ("intel_th: Add ACPI glue layer") CC: stable(a)vger.kernel.org # v4.17+ --- drivers/hwtracing/intel_th/core.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/drivers/hwtracing/intel_th/core.c b/drivers/hwtracing/intel_th/core.c index 4e70ecee2103..fc6b7f8b62fb 100644 --- a/drivers/hwtracing/intel_th/core.c +++ b/drivers/hwtracing/intel_th/core.c @@ -488,7 +488,7 @@ static const struct intel_th_subdevice { .flags = IORESOURCE_MEM, }, { - .start = TH_MMIO_SW, + .start = 1, /* use resource[1] */ .end = 0, .flags = IORESOURCE_MEM, }, @@ -581,6 +581,7 @@ intel_th_subdevice_alloc(struct intel_th *th, struct intel_th_device *thdev; struct resource res[3]; unsigned int req = 0; + bool is64bit = false; int r, err; thdev = intel_th_device_alloc(th, subdev->type, subdev->name, @@ -590,12 +591,18 @@ intel_th_subdevice_alloc(struct intel_th *th, thdev->drvdata = th->drvdata; + for (r = 0; r < th->num_resources; r++) + if (th->resource[r].flags & IORESOURCE_MEM_64) { + is64bit = true; + break; + } + memcpy(res, subdev->res, sizeof(struct resource) * subdev->nres); for (r = 0; r < subdev->nres; r++) { struct resource *devres = th->resource; - int bar = TH_MMIO_CONFIG; + int bar = 0; /* cut subdevices' MMIO from resource[0] */ /* * Take .end == 0 to mean 'take the whole bar', @@ -604,6 +611,8 @@ intel_th_subdevice_alloc(struct intel_th *th, */ if (!res[r].end && res[r].flags == IORESOURCE_MEM) { bar = res[r].start; + if (is64bit) + bar *= 2; res[r].start = 0; res[r].end = resource_size(&devres[bar]) - 1; } -- 2.18.0

6 years, 7 months

1
0
0 0

[GIT PULL 1/3] intel_th: Fix device removal logic

by Alexander Shishkin

Commit a753bfcfdb1f ("intel_th: Make the switch allocate its subdevices") brings in new subdevice addition/removal logic that's broken for "host mode": the SWITCH device has no children to begin with, which is not handled in the code. This results in a null dereference bug later down the path. This patch fixes the subdevice removal code to handle host mode correctly. Signed-off-by: Alexander Shishkin <alexander.shishkin(a)linux.intel.com> Fixes: a753bfcfdb1f ("intel_th: Make the switch allocate its subdevices") CC: stable(a)vger.kernel.org # v4.14+ --- drivers/hwtracing/intel_th/core.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/hwtracing/intel_th/core.c b/drivers/hwtracing/intel_th/core.c index da962aa2cef5..4e70ecee2103 100644 --- a/drivers/hwtracing/intel_th/core.c +++ b/drivers/hwtracing/intel_th/core.c @@ -139,7 +139,8 @@ static int intel_th_remove(struct device *dev) th->thdev[i] = NULL; } - th->num_thdevs = lowest; + if (lowest >= 0) + th->num_thdevs = lowest; } if (thdrv->attr_group) -- 2.18.0

6 years, 7 months

1
0
0 0

[PATCH v2] mtd: devices: m25p80: Make sure the buffer passed in op is DMA-able

by Boris Brezillon

As documented in spi-mem.h, spi_mem_op->data.buf.{in,out} must be DMA-able, and commit 4120f8d158ef ("mtd: spi-nor: Use the spi_mem_xx() API") failed to follow this rule as buffers passed to ->{read,write}_reg() are usually placed on the stack. Fix that by allocating a scratch buffer and copying the data around. Fixes: 4120f8d158ef ("mtd: spi-nor: Use the spi_mem_xx() API") Reported-by: Jarkko Nikula <jarkko.nikula(a)linux.intel.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Boris Brezillon <boris.brezillon(a)bootlin.com> --- Note that the ->{read,write}() path is still buggy since nothing guarantees that buffers passed by the MTD layer to the SPI NOR layer are DMA-able, but this is a long-standing issue which we'll have to address at the spi-nor level (this layer can choose the bounce buffer size based on nor->page_size). Changes in v2: - Copy the data from scratchbuf in the ->read_reg() path --- drivers/mtd/devices/m25p80.c | 26 +++++++++++++++++++++++--- 1 file changed, 23 insertions(+), 3 deletions(-) diff --git a/drivers/mtd/devices/m25p80.c b/drivers/mtd/devices/m25p80.c index cbfafc453274..270d3c9580c5 100644 --- a/drivers/mtd/devices/m25p80.c +++ b/drivers/mtd/devices/m25p80.c @@ -39,13 +39,23 @@ static int m25p80_read_reg(struct spi_nor *nor, u8 code, u8 *val, int len) struct spi_mem_op op = SPI_MEM_OP(SPI_MEM_OP_CMD(code, 1), SPI_MEM_OP_NO_ADDR, SPI_MEM_OP_NO_DUMMY, - SPI_MEM_OP_DATA_IN(len, val, 1)); + SPI_MEM_OP_DATA_IN(len, NULL, 1)); + void *scratchbuf; int ret; + scratchbuf = kmalloc(len, GFP_KERNEL); + if (!scratchbuf) + return -ENOMEM; + + op.data.buf.in = scratchbuf; ret = spi_mem_exec_op(flash->spimem, &op); if (ret < 0) dev_err(&flash->spimem->spi->dev, "error %d reading %x\n", ret, code); + else + memcpy(val, scratchbuf, len); + + kfree(scratchbuf); return ret; } @@ -56,9 +66,19 @@ static int m25p80_write_reg(struct spi_nor *nor, u8 opcode, u8 *buf, int len) struct spi_mem_op op = SPI_MEM_OP(SPI_MEM_OP_CMD(opcode, 1), SPI_MEM_OP_NO_ADDR, SPI_MEM_OP_NO_DUMMY, - SPI_MEM_OP_DATA_OUT(len, buf, 1)); + SPI_MEM_OP_DATA_OUT(len, NULL, 1)); + void *scratchbuf; + int ret; - return spi_mem_exec_op(flash->spimem, &op); + scratchbuf = kmemdup(buf, len, GFP_KERNEL); + if (!scratchbuf) + return -ENOMEM; + + op.data.buf.out = scratchbuf; + ret = spi_mem_exec_op(flash->spimem, &op); + kfree(scratchbuf); + + return ret; } static ssize_t m25p80_write(struct spi_nor *nor, loff_t to, size_t len, -- 2.14.1

6 years, 7 months

2
2
0 0

[PATCH v2] tpm: Restore functionality to xen vtpm driver.

by Boris Ostrovsky

From: "Dr. Greg Wettstein" <greg(a)wind.enjellic.com> Functionality of the xen-tpmfront driver was lost secondary to the introduction of xenbus multi-page support in commit ccc9d90a9a8b ("xenbus_client: Extend interface to support multi-page ring"). In this commit a pointer to the shared page address was being passed to the xenbus_grant_ring() function rather then the address of the shared page itself. This resulted in a situation where the driver would attach to the vtpm-stubdom but any attempt to send a command to the stub domain would timeout. A diagnostic finding for this regression is the following error message being generated when the xen-tpmfront driver probes for a device: <3>vtpm vtpm-0: tpm_transmit: tpm_send: error -62 <3>vtpm vtpm-0: A TPM error (-62) occurred attempting to determine the timeouts This fix is relevant to all kernels from 4.1 forward which is the release in which multi-page xenbus support was introduced. Daniel De Graaf formulated the fix by code inspection after the regression point was located. Fixes: ccc9d90a9a8b ("xenbus_client: Extend interface to support multi-page ring") Signed-off-by: Dr. Greg Wettstein <greg(a)enjellic.com> [boris: fixed commit message formatting, added Fixes tag] Signed-off-by: Boris Ostrovsky <boris.ostrovsky(a)oracle.com> Cc: stable(a)vger.kernel.org # v4.1+ --- drivers/char/tpm/xen-tpmfront.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/char/tpm/xen-tpmfront.c b/drivers/char/tpm/xen-tpmfront.c index 911475d36800..b150f87f38f5 100644 --- a/drivers/char/tpm/xen-tpmfront.c +++ b/drivers/char/tpm/xen-tpmfront.c @@ -264,7 +264,7 @@ static int setup_ring(struct xenbus_device *dev, struct tpm_private *priv) return -ENOMEM; } - rv = xenbus_grant_ring(dev, &priv->shr, 1, &gref); + rv = xenbus_grant_ring(dev, priv->shr, 1, &gref); if (rv < 0) return rv; -- 2.17.1

6 years, 7 months

3
5
0 0

[PATCH] drm/atomic: Use drm_drv_uses_atomic_modeset() for debugfs creation

by Lyude Paul

As pointed out by Daniel Vetter, we should be usinng drm_drv_uses_atomic_modeset() for determining whether or not we want to make the debugfs nodes for atomic instead of checking DRIVER_ATOMIC, as the former isn't an accurate representation of whether or not the driver is actually using atomic modesetting internally (even though it might not be exposing atomic capabilities). Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: Daniel Vetter <daniel.vetter(a)ffwll.ch> Cc: stable(a)vger.kernel.org --- drivers/gpu/drm/drm_atomic.c | 2 +- drivers/gpu/drm/drm_debugfs.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/drm_atomic.c b/drivers/gpu/drm/drm_atomic.c index 3eb061e11e2e..018fcdb353d2 100644 --- a/drivers/gpu/drm/drm_atomic.c +++ b/drivers/gpu/drm/drm_atomic.c @@ -2067,7 +2067,7 @@ static void __drm_state_dump(struct drm_device *dev, struct drm_printer *p, struct drm_connector *connector; struct drm_connector_list_iter conn_iter; - if (!drm_core_check_feature(dev, DRIVER_ATOMIC)) + if (!drm_drv_uses_atomic_modeset(dev)) return; list_for_each_entry(plane, &config->plane_list, head) { diff --git a/drivers/gpu/drm/drm_debugfs.c b/drivers/gpu/drm/drm_debugfs.c index 6f28fe58f169..373bd4c2b698 100644 --- a/drivers/gpu/drm/drm_debugfs.c +++ b/drivers/gpu/drm/drm_debugfs.c @@ -151,7 +151,7 @@ int drm_debugfs_init(struct drm_minor *minor, int minor_id, return ret; } - if (drm_core_check_feature(dev, DRIVER_ATOMIC)) { + if (drm_drv_uses_atomic_modeset(dev)) { ret = drm_atomic_debugfs_init(minor); if (ret) { DRM_ERROR("Failed to create atomic debugfs files\n"); -- 2.17.1

6 years, 7 months

3
2
0 0

[PATCH net] net/ipv4: defensive cipso option parsing

by Stefan Nuernberger

commit 40413955ee26 ("Cipso: cipso_v4_optptr enter infinite loop") fixed a possible infinite loop in the IP option parsing of CIPSO. The fix assumes that ip_options_compile filtered out all zero length options and that no other one-byte options beside IPOPT_END and IPOPT_NOOP exist. While this assumption currently holds true, add explicit checks for zero length and invalid length options to be safe for the future. Even though ip_options_compile should have validated the options, the introduction of new one-byte options can still confuse this code without the additional checks. Signed-off-by: Stefan Nuernberger <snu(a)amazon.com> Reviewed-by: David Woodhouse <dwmw(a)amazon.co.uk> Reviewed-by: Simon Veith <sveith(a)amazon.de> Cc: stable(a)vger.kernel.org --- net/ipv4/cipso_ipv4.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/net/ipv4/cipso_ipv4.c b/net/ipv4/cipso_ipv4.c index 82178cc69c96..f291b57b8474 100644 --- a/net/ipv4/cipso_ipv4.c +++ b/net/ipv4/cipso_ipv4.c @@ -1512,7 +1512,7 @@ static int cipso_v4_parsetag_loc(const struct cipso_v4_doi *doi_def, * * Description: * Parse the packet's IP header looking for a CIPSO option. Returns a pointer - * to the start of the CIPSO option on success, NULL if one if not found. + * to the start of the CIPSO option on success, NULL if one is not found. * */ unsigned char *cipso_v4_optptr(const struct sk_buff *skb) @@ -1522,9 +1522,11 @@ unsigned char *cipso_v4_optptr(const struct sk_buff *skb) int optlen; int taglen; - for (optlen = iph->ihl*4 - sizeof(struct iphdr); optlen > 0; ) { + for (optlen = iph->ihl*4 - sizeof(struct iphdr); optlen > 1; ) { switch (optptr[0]) { case IPOPT_CIPSO: + if (!optptr[1] || optptr[1] > optlen) + return NULL; return optptr; case IPOPT_END: return NULL; @@ -1534,6 +1536,10 @@ unsigned char *cipso_v4_optptr(const struct sk_buff *skb) default: taglen = optptr[1]; } + + if (!taglen || taglen > optlen) + break; + optlen -= taglen; optptr += taglen; } -- 2.19.0

6 years, 7 months

4
5
0 0

[GIT PULL] commits for Linux 3.18

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 3.18 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit a5f9be3576c3f9dd871f68eaf482278c0b3a6df2: Linux 3.18.120 (2018-08-28 07:21:37 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-3.18-17092018 for you to fetch changes up to 7058136ea11e4f5b2d0d65f6f6dbb714d2beec42: platform/x86: toshiba_acpi: Fix defined but not used build warnings (2018-09-04 13:44:36 -0400) - ---------------------------------------------------------------- for-greg-3.18-17092018 - ---------------------------------------------------------------- Andreas Gruenbacher (1): gfs2: Special-case rindex for gfs2_grow Anton Vasilyev (1): video: goldfishfb: fix memory leak on driver remove Bob Peterson (1): gfs2: Don't reject a supposedly full bitmap if we have blocks reserved Dan Carpenter (1): fbdev: omapfb: off by one in omapfb_register_client() Felix Fietkau (1): MIPS: ath79: fix system restart Fredrik Noring (1): fbdev: Distinguish between interlaced and progressive modes Julian Wiedmann (2): s390/qeth: fix race in used-buffer accounting s390/qeth: reset layer2 attribute on layer switch Lars-Peter Clausen (1): iio: ad9523: Fix displayed phase Manikanta Pubbisetty (1): mac80211: restrict delayed tailroom needed decrement Nicholas Piggin (1): powerpc/powernv: opal_put_chars partial write fix Randy Dunlap (3): mtd/maps: fix solutionengine.c printk format warnings fbdev/via: fix defined but not used warning platform/x86: toshiba_acpi: Fix defined but not used build warnings Sandipan Das (2): perf powerpc: Fix callchain ip filtering when return address is in a register perf powerpc: Fix callchain ip filtering Takashi Iwai (2): ALSA: msnd: Fix the default sample sizes ALSA: usb-audio: Fix multiple definitions in AU0828_DEVICE() macro YueHaibing (1): xfrm: fix 'passing zero to ERR_PTR()' warning arch/mips/ath79/setup.c | 1 + arch/mips/include/asm/mach-ath79/ath79.h | 1 + arch/powerpc/platforms/powernv/opal.c | 2 +- drivers/iio/frequency/ad9523.c | 2 +- drivers/mtd/maps/solutionengine.c | 6 ++-- drivers/platform/x86/toshiba_acpi.c | 3 +- drivers/s390/net/qeth_core_main.c | 3 +- drivers/s390/net/qeth_core_sys.c | 1 + drivers/video/fbdev/core/modedb.c | 41 +++++++++++++++++------ drivers/video/fbdev/goldfishfb.c | 1 + drivers/video/fbdev/omap/omapfb_main.c | 2 +- drivers/video/fbdev/via/viafbdev.c | 3 +- fs/gfs2/bmap.c | 2 +- fs/gfs2/rgrp.c | 3 +- net/mac80211/cfg.c | 2 +- net/mac80211/key.c | 24 ++++++++----- net/xfrm/xfrm_policy.c | 5 ++- sound/isa/msnd/msnd_pinnacle.c | 4 +-- sound/usb/quirks-table.h | 3 +- tools/perf/arch/powerpc/util/skip-callchain-idx.c | 10 ++++-- 20 files changed, 80 insertions(+), 39 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlugPO8ACgkQ3qZv95d3 LNygexAAvz2wzEaH/mDTnQ0085ODaIA6wmr/U7dlzXjoE1vPko4EOg0y8GJPmRD0 DsFkX7fqCLoLT/LQcCMK+KKq5IsPNPDs35tOvCc1T0WofnIE1KVifz4zalmW3upc gT1HjZaza+agnw5QDs9RI0Y/y5vfR9Pwpmfi1e9V8vsNX8iR7i3YMI3HwS8g2Ggq gjVOlH2UyiyJpqruV1B6tRwZA+KE3RNmj7xIXwvRVd29MLI0CMs/mSOo57TvGvxp Wcn0IA0TK6T0LvNqgXNv+vjJhohfIN1TzhGiH0oEMiZVkRoHs1wqmkVQdkRPBApV GXMGvb1suh1NE8IRl4OP/z27zZoUBr+ksoLgFD+o6tzgiBp0zR+gPV87PVzPLN32 PKyru9V0LOrF3nnCS9k6iMboFUS/vWrctrxRIdd2oUPkljPwkzxx8jz6HUNJ606B 6vPeNMBdxH1Vqiptt29Qn6c9Lg35OkOi+6JMS0WWkTPCArvHBPKOodf/4DIslm4O 2ewBiq8ewmhfUTAxxQfk+xR0+YR6d4g82Q3PvZ4jyDsSosQWnThAwLjketoTRBmc BRcZKrqFvIMpVky0I2sl9U3ZFzlWWr2Z4PEKxu98o0AhUDCctzBHvXwL45c+7K0k CQEs5a76ecC99mAf5AjtrbAcnTjKx9R6Y1RJ8XS9gCjT5/CMA7M= =gANE -----END PGP SIGNATURE-----

6 years, 7 months

1
0
0 0

[GIT PULL] commits for Linux 4.4

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.4 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit c40a7b3592b3b7519eadc130c5583db2aaf70f68: Linux 4.4.156 (2018-09-15 09:40:42 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.4-17092018 for you to fetch changes up to 86d8d800d31c13b8c14a5a18da2ec8715da5fe0a: xen-netfront: fix warn message as irq device name has '/' (2018-09-15 10:24:32 -0400) - ---------------------------------------------------------------- for-greg-4.4-17092018 - ---------------------------------------------------------------- Andreas Gruenbacher (1): gfs2: Special-case rindex for gfs2_grow Anton Vasilyev (1): video: goldfishfb: fix memory leak on driver remove Bob Peterson (1): gfs2: Don't reject a supposedly full bitmap if we have blocks reserved Dan Carpenter (1): fbdev: omapfb: off by one in omapfb_register_client() Felix Fietkau (1): MIPS: ath79: fix system restart Fredrik Noring (1): fbdev: Distinguish between interlaced and progressive modes Hans Verkuil (1): media: videobuf2-core: check for q->error in vb2_core_qbuf() John Keeping (1): dmaengine: pl330: fix irq race with terminate_all Julian Wiedmann (2): s390/qeth: fix race in used-buffer accounting s390/qeth: reset layer2 attribute on layer switch Krzysztof Kozlowski (1): ARM: exynos: Clear global variable on init error path Loic Poulain (1): arm64: dts: qcom: db410c: Fix Bluetooth LED trigger Manikanta Pubbisetty (1): mac80211: restrict delayed tailroom needed decrement Masahiro Yamada (1): kbuild: add .DELETE_ON_ERROR special target Miao Zhong (1): iommu/arm-smmu-v3: sync the OVACKFLG to PRIQ consumer register Michael MÃ¼ller (1): crypto: sharah - Unregister correct algorithms for SAHARA 3 Nicholas Mc Guire (1): clk: imx6ul: fix missing of_node_put() Nicholas Piggin (1): powerpc/powernv: opal_put_chars partial write fix Paul Cercueil (1): MIPS: jz4740: Bump zload address Randy Dunlap (3): mtd/maps: fix solutionengine.c printk format warnings fbdev/via: fix defined but not used warning platform/x86: toshiba_acpi: Fix defined but not used build warnings Sandipan Das (2): perf powerpc: Fix callchain ip filtering when return address is in a register perf powerpc: Fix callchain ip filtering Takashi Iwai (2): ALSA: msnd: Fix the default sample sizes ALSA: usb-audio: Fix multiple definitions in AU0828_DEVICE() macro Vitaly Kuznetsov (1): xen-netfront: fix queue name setting Xiao Liang (1): xen-netfront: fix warn message as irq device name has '/' YueHaibing (1): xfrm: fix 'passing zero to ERR_PTR()' warning arch/arm/mach-exynos/suspend.c | 1 + arch/arm64/boot/dts/qcom/apq8016-sbc.dtsi | 2 +- arch/mips/ath79/setup.c | 1 + arch/mips/include/asm/mach-ath79/ath79.h | 1 + arch/mips/jz4740/Platform | 2 +- arch/powerpc/platforms/powernv/opal.c | 2 +- drivers/clk/imx/clk-imx6ul.c | 1 + drivers/crypto/sahara.c | 4 +-- drivers/dma/pl330.c | 5 +-- drivers/iommu/arm-smmu-v3.c | 1 + drivers/media/v4l2-core/videobuf2-core.c | 5 +++ drivers/mtd/maps/solutionengine.c | 6 ++-- drivers/net/xen-netfront.c | 6 ++-- drivers/platform/x86/toshiba_acpi.c | 3 +- drivers/s390/net/qeth_core_main.c | 3 +- drivers/s390/net/qeth_core_sys.c | 1 + drivers/video/fbdev/core/modedb.c | 41 +++++++++++++++++------ drivers/video/fbdev/goldfishfb.c | 1 + drivers/video/fbdev/omap/omapfb_main.c | 2 +- drivers/video/fbdev/via/viafbdev.c | 3 +- fs/gfs2/bmap.c | 2 +- fs/gfs2/rgrp.c | 3 +- net/mac80211/cfg.c | 2 +- net/mac80211/key.c | 24 ++++++++----- net/xfrm/xfrm_policy.c | 5 ++- scripts/Kbuild.include | 3 ++ sound/isa/msnd/msnd_pinnacle.c | 4 +-- sound/usb/quirks-table.h | 3 +- tools/perf/arch/powerpc/util/skip-callchain-idx.c | 10 ++++-- 29 files changed, 101 insertions(+), 46 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlugPOcACgkQ3qZv95d3 LNxQzhAAl454mfpZ6ZQIy0kRvfw9BZrlBF0yIZYS/QQ1cBJ7+j8sOdS1s/dtJkRK zpEvSImx6aUgKiuXrJUt6EJbWTUkLeZnfqoRkWe543T6oMgPJGXObmafkF3GlT1A d0AY17gdH2CB5IlovnrgyuUkMCNaB3Kv2yimo9fWVaIU4wuAfFt7HKHHWE/SQX2L SUiajdhGvWwBLcry7FefV/fU8Ug2sBSHoucxEkkb64SYl2jwC3lNB5U0upJkiCOe jtT7o0JQ3v3SzJLN2fRsYb64aVqLjp3OpQg4RODOO7f5NAzbyOATqtjQTxDUJ6wa wGiD+BjIWrd99oiWC/nIAgZS8adAtiRJ/NOgH/kR8OR3BgP7Wk4M6Zqej6YxXEw3 pid6/ZMiYIymj+YVqwQt0W0p8L2RwMK4R0eoDeZD1aeJTvkEJPmWov80B2nBdu2I XyB2A/Jay7+M3jnDZPVMjGVAh1ukGNglpsYgi7tkzxmSCS9oz10lgt1i5N9DXPBG WLlbCyPwof9JJLpiT1mlqx6PZYPy3XfUyq+bAFOpAEzdqv69lT3gtY5krz1iydIJ C+y1n8vFwmsVbrBACMIYFAbwxsH2kdwComA/nQKf9g1urMZGNrMgKO4qoZR5o9zX dZG26OrKCwbHAfV1aAvcQrH27Jc9VFEXYG31iShh+tdbymIWzgU= =/dVc -----END PGP SIGNATURE-----

6 years, 7 months

1
0
0 0

[GIT PULL] commits for Linux 4.9

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.9 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 927556eb3a72306db1ba5ab8b9bb9914433302ba: Linux 4.9.127 (2018-09-15 09:43:07 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.9-17092018 for you to fetch changes up to bb180cbca65d450c5bd1b0e10995ef5eb56ff1e1: xen-netfront: fix warn message as irq device name has '/' (2018-09-15 10:24:21 -0400) - ---------------------------------------------------------------- for-greg-4.9-17092018 - ---------------------------------------------------------------- Andreas Gruenbacher (1): gfs2: Special-case rindex for gfs2_grow Anton Vasilyev (1): video: goldfishfb: fix memory leak on driver remove Ard Biesheuvel (1): efi/arm: preserve early mapping of UEFI memory map longer for BGRT Bhushan Shah (1): ARM: dts: qcom: msm8974-hammerhead: increase load on l20 for sdhci Bob Peterson (1): gfs2: Don't reject a supposedly full bitmap if we have blocks reserved Christoffer Dall (1): KVM: arm/arm64: Fix vgic init race Dan Carpenter (1): fbdev: omapfb: off by one in omapfb_register_client() Daniel Mack (1): video: fbdev: pxafb: clear allocated memory for video modes Felix Fietkau (1): MIPS: ath79: fix system restart Fredrik Noring (1): fbdev: Distinguish between interlaced and progressive modes Hanna Hawa (1): dmaengine: mv_xor_v2: kill the tasklets upon exit Hans Verkuil (1): media: videobuf2-core: check for q->error in vb2_core_qbuf() Jakub Kicinski (1): nfp: avoid buffer leak when FW communication fails John Keeping (1): dmaengine: pl330: fix irq race with terminate_all Julian Wiedmann (2): s390/qeth: fix race in used-buffer accounting s390/qeth: reset layer2 attribute on layer switch Krzysztof Ha?asa (1): media: tw686x: Fix oops on buffer alloc failure Krzysztof Kozlowski (1): ARM: exynos: Clear global variable on init error path Loic Poulain (1): arm64: dts: qcom: db410c: Fix Bluetooth LED trigger Manikanta Pubbisetty (1): mac80211: restrict delayed tailroom needed decrement Masahiro Yamada (1): kbuild: add .DELETE_ON_ERROR special target Miao Zhong (1): iommu/arm-smmu-v3: sync the OVACKFLG to PRIQ consumer register Michael MÃ¼ller (1): crypto: sharah - Unregister correct algorithms for SAHARA 3 Nicholas Mc Guire (1): clk: imx6ul: fix missing of_node_put() Nicholas Piggin (1): powerpc/powernv: opal_put_chars partial write fix Paul Cercueil (1): MIPS: jz4740: Bump zload address Pingfan Liu (1): drivers/base: stop new probing during shutdown Piotr Sawicki (1): Smack: Fix handling of IPv4 traffic received by PF_INET6 sockets Rajan Vaja (1): clk: clk-fixed-factor: Clear OF_POPULATED flag in case of failure Randy Dunlap (3): mtd/maps: fix solutionengine.c printk format warnings fbdev/via: fix defined but not used warning platform/x86: toshiba_acpi: Fix defined but not used build warnings Sandipan Das (2): perf powerpc: Fix callchain ip filtering when return address is in a register perf powerpc: Fix callchain ip filtering Takashi Iwai (2): ALSA: msnd: Fix the default sample sizes ALSA: usb-audio: Fix multiple definitions in AU0828_DEVICE() macro Thomas Richter (1): perf test: Fix subtest number when showing results Vitaly Kuznetsov (1): xen-netfront: fix queue name setting Xiao Liang (1): xen-netfront: fix warn message as irq device name has '/' YueHaibing (2): xfrm: fix 'passing zero to ERR_PTR()' warning wan/fsl_ucc_hdlc: use IS_ERR_VALUE() to check return value of qe_muram_alloc Zhu Yanjun (1): IB/rxe: Drop QP0 silently .../dts/qcom-msm8974-lge-nexus5-hammerhead.dts | 2 ++ arch/arm/mach-exynos/suspend.c | 1 + arch/arm64/boot/dts/qcom/apq8016-sbc.dtsi | 2 +- arch/mips/ath79/setup.c | 1 + arch/mips/include/asm/mach-ath79/ath79.h | 1 + arch/mips/jz4740/Platform | 2 +- arch/powerpc/platforms/powernv/opal.c | 2 +- drivers/base/core.c | 3 ++ drivers/clk/clk-fixed-factor.c | 9 ++++- drivers/clk/imx/clk-imx6ul.c | 1 + drivers/crypto/sahara.c | 4 +-- drivers/dma/mv_xor_v2.c | 2 ++ drivers/dma/pl330.c | 5 +-- drivers/firmware/efi/arm-init.c | 1 - drivers/firmware/efi/arm-runtime.c | 4 ++- drivers/infiniband/sw/rxe/rxe_recv.c | 9 +++-- drivers/iommu/arm-smmu-v3.c | 1 + drivers/media/pci/tw686x/tw686x-video.c | 11 ++++-- drivers/media/v4l2-core/videobuf2-core.c | 5 +++ drivers/mtd/maps/solutionengine.c | 6 ++-- .../net/ethernet/netronome/nfp/nfp_net_common.c | 13 +++++-- drivers/net/wan/fsl_ucc_hdlc.c | 6 ++-- drivers/net/xen-netfront.c | 6 ++-- drivers/platform/x86/toshiba_acpi.c | 3 +- drivers/s390/net/qeth_core_main.c | 3 +- drivers/s390/net/qeth_core_sys.c | 1 + drivers/video/fbdev/core/modedb.c | 41 ++++++++++++++++------ drivers/video/fbdev/goldfishfb.c | 1 + drivers/video/fbdev/omap/omapfb_main.c | 2 +- drivers/video/fbdev/pxafb.c | 4 +-- drivers/video/fbdev/via/viafbdev.c | 3 +- fs/gfs2/bmap.c | 2 +- fs/gfs2/rgrp.c | 3 +- net/mac80211/cfg.c | 2 +- net/mac80211/key.c | 24 ++++++++----- net/xfrm/xfrm_policy.c | 5 ++- scripts/Kbuild.include | 3 ++ security/smack/smack_lsm.c | 14 +++++--- sound/isa/msnd/msnd_pinnacle.c | 4 +-- sound/usb/quirks-table.h | 3 +- tools/perf/arch/powerpc/util/skip-callchain-idx.c | 10 ++++-- tools/perf/tests/builtin-test.c | 2 +- virt/kvm/arm/vgic/vgic-init.c | 4 +++ 43 files changed, 163 insertions(+), 68 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlugPOAACgkQ3qZv95d3 LNyTIxAAicYE/fiFKVcZc37qZPFV4MPSVH5J4aXbObvIy85IzJUSJ/hnwoymvYX+ 8fS+a3ctAC/lpMlSjxz+TtcIyMscEWEQcOZSFQPST+RycohywsADCZhweYFlw04m D88nGiffYRBU151TyORd0mXaklN1rMqx/5wWgRBAi9c5p9h9gx+DpJaXQGTD2/6C qL4q8UM92rNs8UnIEG3A2z6M5PlVgEaPkQzHrjfUUNLlHIwXYAtSJ7AT5WQdzO7+ l2V+9/EyGlLWQY9Rm3/QIVxWJv2b106K8uA/q8olt1pqlwsGZX8yMWwHWzwQMK9v lU9ri5ZbgEYjNvUbE8y7nhRtajSa/AJuY8P+Ytk/iFtryo809Y/JUss03eu6KU75 hgTB7cBeB7Fb4ircFQ9MVmeccmLmXemvuH87YFUNNlaZBwOJWf/0MqGLFtJ5s4c3 ie9aW9jw96xbWB9SJDKT6dpnCBibus43TYF4bniRsMWpSnNbRYCDruRzQCzj5qnW 2ew1noQpr2st0fJtJEcQgjd/gMbVmQEkUOxdnTGL3y3dSDppHWBGDVzbkudTkwCg Y1hfFJTpf9dYeTN4vrNPm2GYAIBINjW0m38b5PpM/NH9cOnC8jq9ogG+8OGTvqAz V01J8xPOPXWX/kunc5rFYxRN+MhF1k64iT7W4DhUW3999BHJ410= =csQ/ -----END PGP SIGNATURE-----

6 years, 7 months

1
0
0 0

[GIT PULL] commits for Linux 4.14

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.14 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 5dfe87ac34e2326ae2957fc68b63212d84f78701: Linux 4.14.70 (2018-09-15 09:45:37 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.14-17092018 for you to fetch changes up to 64190d73856692f63af6becf8787c94a2df34432: xen-netfront: fix warn message as irq device name has '/' (2018-09-15 10:22:53 -0400) - ---------------------------------------------------------------- for-greg-4.14-17092018 - ---------------------------------------------------------------- Andreas Gruenbacher (1): gfs2: Special-case rindex for gfs2_grow Anton Vasilyev (1): video: goldfishfb: fix memory leak on driver remove Ard Biesheuvel (1): efi/arm: preserve early mapping of UEFI memory map longer for BGRT Bhushan Shah (1): ARM: dts: qcom: msm8974-hammerhead: increase load on l20 for sdhci Bob Peterson (1): gfs2: Don't reject a supposedly full bitmap if we have blocks reserved Christoffer Dall (1): KVM: arm/arm64: Fix vgic init race Dan Carpenter (1): fbdev: omapfb: off by one in omapfb_register_client() Daniel Mack (1): video: fbdev: pxafb: clear allocated memory for video modes Erich E. Hoover (1): usb: dwc3: change stream event enable bit back to 13 Felix Fietkau (1): MIPS: ath79: fix system restart Fredrik Noring (1): fbdev: Distinguish between interlaced and progressive modes Hanna Hawa (1): dmaengine: mv_xor_v2: kill the tasklets upon exit Hans Verkuil (1): media: videobuf2-core: check for q->error in vb2_core_qbuf() Jae Hyun Yoo (1): i2c: aspeed: Fix initial values of master and slave state Jakub Kicinski (1): nfp: avoid buffer leak when FW communication fails Jean-Philippe Brucker (1): iommu/io-pgtable-arm-v7s: Abort allocation when table address overflows the PTE Jiang Biao (2): x86/pti: Check the return value of pti_user_pagetable_walk_p4d() x86/pti: Check the return value of pti_user_pagetable_walk_pmd() Jiri Olsa (2): perf tools: Synthesize GROUP_DESC feature in pipe mode perf tools: Fix struct comm_str removal crash Joerg Roedel (1): x86/mm/pti: Add an overflow check to pti_clone_pmds() John Keeping (1): dmaengine: pl330: fix irq race with terminate_all Julian Wiedmann (2): s390/qeth: fix race in used-buffer accounting s390/qeth: reset layer2 attribute on layer switch Krzysztof Ha?asa (1): media: tw686x: Fix oops on buffer alloc failure Krzysztof Kozlowski (1): ARM: exynos: Clear global variable on init error path Leonard Crestez (1): reset: imx7: Fix always writing bits as 0 Loic Poulain (1): arm64: dts: qcom: db410c: Fix Bluetooth LED trigger Manikanta Pubbisetty (1): mac80211: restrict delayed tailroom needed decrement Mark Rutland (2): KVM: arm/arm64: vgic: Fix possible spectre-v1 write in vgic_mmio_write_apr() arm64: fix possible spectre-v1 write in ptrace_hbp_set_event() Masahiro Yamada (1): kbuild: add .DELETE_ON_ERROR special target Miao Zhong (1): iommu/arm-smmu-v3: sync the OVACKFLG to PRIQ consumer register Michael MÃ¼ller (1): crypto: sharah - Unregister correct algorithms for SAHARA 3 Mike Snitzer (1): block: allow max_discard_segments to be stacked Mikko Perttunen (1): clk: core: Potentially free connection id Nicholas Mc Guire (3): clk: imx6ul: fix missing of_node_put() staging: bcm2835-camera: fix timeout handling in wait_for_completion_timeout staging: bcm2835-camera: handle wait_for_completion_timeout return properly Nicholas Piggin (1): powerpc/powernv: opal_put_chars partial write fix Oder Chiou (1): ASoC: rt5514: Fix the issue of the delay volume applied Paul Cercueil (1): MIPS: jz4740: Bump zload address Pingfan Liu (1): drivers/base: stop new probing during shutdown Piotr Sawicki (1): Smack: Fix handling of IPv4 traffic received by PF_INET6 sockets Rajan Vaja (1): clk: clk-fixed-factor: Clear OF_POPULATED flag in case of failure Randy Dunlap (3): mtd/maps: fix solutionengine.c printk format warnings fbdev/via: fix defined but not used warning platform/x86: toshiba_acpi: Fix defined but not used build warnings Sagi Grimberg (1): nvme-rdma: unquiesce queues when deleting the controller Sandipan Das (2): perf powerpc: Fix callchain ip filtering when return address is in a register perf powerpc: Fix callchain ip filtering Takashi Iwai (3): ALSA: pcm: Add __force to cast in snd_pcm_lib_read/write() ALSA: msnd: Fix the default sample sizes ALSA: usb-audio: Fix multiple definitions in AU0828_DEVICE() macro Thomas Richter (1): perf test: Fix subtest number when showing results Todor Tomov (1): media: ov5645: Supported external clock is 24MHz Vitaly Kuznetsov (1): xen-netfront: fix queue name setting Wei Yongjun (1): IB/ipoib: Fix error return code in ipoib_dev_init() Xiao Liang (1): xen-netfront: fix warn message as irq device name has '/' YueHaibing (3): xfrm: fix 'passing zero to ERR_PTR()' warning amd-xgbe: use dma_mapping_error to check map errors wan/fsl_ucc_hdlc: use IS_ERR_VALUE() to check return value of qe_muram_alloc Zhu Yanjun (1): IB/rxe: Drop QP0 silently .../dts/qcom-msm8974-lge-nexus5-hammerhead.dts | 2 ++ arch/arm/mach-exynos/suspend.c | 1 + arch/arm64/boot/dts/qcom/apq8016-sbc.dtsi | 2 +- arch/arm64/kernel/ptrace.c | 19 +++++----- arch/mips/ath79/setup.c | 1 + arch/mips/include/asm/mach-ath79/ath79.h | 1 + arch/mips/jz4740/Platform | 2 +- arch/powerpc/platforms/powernv/opal.c | 2 +- arch/x86/mm/pti.c | 25 ++++++++++--- block/blk-settings.c | 2 +- drivers/base/core.c | 3 ++ drivers/clk/clk-fixed-factor.c | 9 ++++- drivers/clk/clk.c | 3 ++ drivers/clk/imx/clk-imx6ul.c | 1 + drivers/crypto/sahara.c | 4 +-- drivers/dma/mv_xor_v2.c | 2 ++ drivers/dma/pl330.c | 5 +-- drivers/firmware/efi/arm-init.c | 1 - drivers/firmware/efi/arm-runtime.c | 4 ++- drivers/i2c/busses/i2c-aspeed.c | 4 +-- drivers/infiniband/sw/rxe/rxe_recv.c | 9 +++-- drivers/infiniband/ulp/ipoib/ipoib_main.c | 3 +- drivers/iommu/arm-smmu-v3.c | 1 + drivers/iommu/io-pgtable-arm-v7s.c | 7 +++- drivers/media/i2c/ov5645.c | 13 +++---- drivers/media/pci/tw686x/tw686x-video.c | 11 ++++-- drivers/media/v4l2-core/videobuf2-core.c | 5 +++ drivers/mtd/maps/solutionengine.c | 6 ++-- drivers/net/ethernet/amd/xgbe/xgbe-desc.c | 7 ++-- .../net/ethernet/netronome/nfp/nfp_net_common.c | 13 +++++-- drivers/net/wan/fsl_ucc_hdlc.c | 6 ++-- drivers/net/xen-netfront.c | 6 ++-- drivers/nvme/host/rdma.c | 2 ++ drivers/platform/x86/toshiba_acpi.c | 3 +- drivers/reset/reset-imx7.c | 2 +- drivers/s390/net/qeth_core_main.c | 3 +- drivers/s390/net/qeth_core_sys.c | 1 + .../vc04_services/bcm2835-camera/bcm2835-camera.c | 7 ++-- .../vc04_services/bcm2835-camera/mmal-vchiq.c | 11 +++--- drivers/usb/dwc3/gadget.h | 2 +- drivers/video/fbdev/core/modedb.c | 41 ++++++++++++++++------ drivers/video/fbdev/goldfishfb.c | 1 + drivers/video/fbdev/omap/omapfb_main.c | 2 +- drivers/video/fbdev/pxafb.c | 4 +-- drivers/video/fbdev/via/viafbdev.c | 3 +- fs/gfs2/bmap.c | 2 +- fs/gfs2/rgrp.c | 3 +- include/sound/pcm.h | 4 +-- net/mac80211/cfg.c | 2 +- net/mac80211/key.c | 24 ++++++++----- net/xfrm/xfrm_policy.c | 5 ++- scripts/Kbuild.include | 3 ++ security/smack/smack_lsm.c | 14 +++++--- sound/isa/msnd/msnd_pinnacle.c | 4 +-- sound/soc/codecs/rt5514.c | 8 ++--- sound/usb/quirks-table.h | 3 +- tools/perf/arch/powerpc/util/skip-callchain-idx.c | 10 ++++-- tools/perf/tests/builtin-test.c | 2 +- tools/perf/util/comm.c | 16 ++++++--- tools/perf/util/header.c | 2 +- virt/kvm/arm/vgic/vgic-init.c | 4 +++ virt/kvm/arm/vgic/vgic-mmio-v2.c | 3 ++ 62 files changed, 253 insertions(+), 118 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlugPNMACgkQ3qZv95d3 LNzARxAAvjj18hSYWqS/PbHjOFUtAuZmEwNQPvj0oVaLLfLAFKs362ZYILvN5oV+ 4MfDuDoWhGQ8qF4yXlLg2yqTtUX9geKf92m6rr11tily7VA1BbYBtk+j4gk7IKP6 1EMZ/hOm7jAn2AyCgWsQPgSmUR544peOCdHaUg/Qmi2JjAzMGEG9iclaWcgq79Y9 qjZjNdJGQh7OtSqQfsA3nfnG2zNLjU6u2q5BXxtVDB4bPkk8exU+oUNBw5Izb7ww hWsNSQFjas/ulzh8prM0gNyqPn5iGWqzmdyW5VAoxsDy0KSfw8CT9KUzk81Gz/DO OZBIGjodzkfqsQ8UgBZPd9DDJfnyGIPuNUHsk5kNaEZiSBdt+iZKVbY6BkuVU5Qa E0Af4x6vBkOEO9ofpIwQSbpjm3IwpHuM0sBnzU8TDa7vpYoaxqUSXx0C8nm/0nZ4 EzFw+BTUn3T1Zo8zsnBBXDlnHa+fx/RpUeMCuPrHrAL/ZrJltkrVRzmPbpfnBWqT elX23+RZTG3BDTcbgXuB5na2BnppXZyG6L3aoY+68kk9fyACe5CD+6a320N9dueM kxWgQ9n2byKiiofS7quip7hMcRKVnqvFdiBXTd+zZEcpE2uPue8NQ04BAzrp+DKH p3/R5SDjCFTiqJCtB/W6RdkYFZGZK9yTsDKNdjEHq1DlyzyV+t4= =KTqg -----END PGP SIGNATURE-----

6 years, 7 months

1
0
0 0

+ mm-thp-fix-mlocking-thp-page-with-migration-enabled.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm, thp: fix mlocking THP page with migration enabled has been added to the -mm tree. Its filename is mm-thp-fix-mlocking-thp-page-with-migration-enabled.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/mm-thp-fix-mlocking-thp-page-with-… and later at http://ozlabs.org/~akpm/mmotm/broken-out/mm-thp-fix-mlocking-thp-page-with-… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: "Kirill A. Shutemov" <kirill.shutemov(a)linux.intel.com> Subject: mm, thp: fix mlocking THP page with migration enabled A transparent huge page is represented by a single entry on an LRU list. Therefore, we can only make unevictable an entire compound page, not individual subpages. If a user tries to mlock() part of a huge page, we want the rest of the page to be reclaimable. We handle this by keeping PTE-mapped huge pages on normal LRU lists: the PMD on border of VM_LOCKED VMA will be split into PTE table. Introduction of THP migration breaks[1] the rules around mlocking THP pages. If we had a single PMD mapping of the page in mlocked VMA, the page will get mlocked, regardless of PTE mappings of the page. For tmpfs/shmem it's easy to fix by checking PageDoubleMap() in remove_migration_pmd(). Anon THP pages can only be shared between processes via fork(). Mlocked page can only be shared if parent mlocked it before forking, otherwise CoW will be triggered on mlock(). For Anon-THP, we can fix the issue by munlocking the page on removing PTE migration entry for the page. PTEs for the page will always come after mlocked PMD: rmap walks VMAs from oldest to newest. Test-case: #include <unistd.h> #include <sys/mman.h> #include <sys/wait.h> #include <linux/mempolicy.h> #include <numaif.h> int main(void) { unsigned long nodemask = 4; void *addr; addr = mmap((void *)0x20000000UL, 2UL << 20, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS | MAP_LOCKED, -1, 0); if (fork()) { wait(NULL); return 0; } mlock(addr, 4UL << 10); mbind(addr, 2UL << 20, MPOL_PREFERRED | MPOL_F_RELATIVE_NODES, &nodemask, 4, MPOL_MF_MOVE); return 0; } [1] https://lkml.kernel.org/r/CAOMGZ=G52R-30rZvhGxEbkTw7rLLwBGadVYeo--iizcD3upL… Link: http://lkml.kernel.org/r/20180917133816.43995-1-kirill.shutemov@linux.intel… Fixes: 616b8371539a ("mm: thp: enable thp migration in generic path") Signed-off-by: Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> Reported-by: Vegard Nossum <vegard.nossum(a)oracle.com> Reviewed-by: Zi Yan <zi.yan(a)cs.rutgers.edu> Cc: Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: <stable(a)vger.kernel.org> [4.14+] Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/huge_memory.c | 2 +- mm/migrate.c | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) --- a/mm/huge_memory.c~mm-thp-fix-mlocking-thp-page-with-migration-enabled +++ a/mm/huge_memory.c @@ -2931,7 +2931,7 @@ void remove_migration_pmd(struct page_vm else page_add_file_rmap(new, true); set_pmd_at(mm, mmun_start, pvmw->pmd, pmde); - if (vma->vm_flags & VM_LOCKED) + if ((vma->vm_flags & VM_LOCKED) && !PageDoubleMap(new)) mlock_vma_page(new); update_mmu_cache_pmd(vma, address, pvmw->pmd); } --- a/mm/migrate.c~mm-thp-fix-mlocking-thp-page-with-migration-enabled +++ a/mm/migrate.c @@ -275,6 +275,9 @@ static bool remove_migration_pte(struct if (vma->vm_flags & VM_LOCKED && !PageTransCompound(new)) mlock_vma_page(new); + if (PageTransHuge(page) && PageMlocked(page)) + clear_page_mlock(page); + /* No need to invalidate - it was non-present before */ update_mmu_cache(vma, pvmw.address, pvmw.pte); } _ Patches currently in -mm which might be from kirill.shutemov(a)linux.intel.com are mm-thp-fix-mlocking-thp-page-with-migration-enabled.patch

6 years, 7 months

1
0
0 0

+ mm-thp-fix-mlocking-thp-page-with-migration-enabled.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm, thp: fix mlocking THP page with migration enabled has been added to the -mm tree. Its filename is mm-thp-fix-mlocking-thp-page-with-migration-enabled.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/mm-thp-fix-mlocking-thp-page-with-… and later at http://ozlabs.org/~akpm/mmotm/broken-out/mm-thp-fix-mlocking-thp-page-with-… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: "Kirill A. Shutemov" <kirill.shutemov(a)linux.intel.com> Subject: mm, thp: fix mlocking THP page with migration enabled A transparent huge page is represented by a single entry on an LRU list. Therefore, we can only make unevictable an entire compound page, not individual subpages. If a user tries to mlock() part of a huge page, we want the rest of the page to be reclaimable. We handle this by keeping PTE-mapped huge pages on normal LRU lists: the PMD on border of VM_LOCKED VMA will be split into PTE table. Introduction of THP migration breaks[1] the rules around mlocking THP pages. If we had a single PMD mapping of the page in mlocked VMA, the page will get mlocked, regardless of PTE mappings of the page. For tmpfs/shmem it's easy to fix by checking PageDoubleMap() in remove_migration_pmd(). Anon THP pages can only be shared between processes via fork(). Mlocked page can only be shared if parent mlocked it before forking, otherwise CoW will be triggered on mlock(). For Anon-THP, we can fix the issue by munlocking the page on removing PTE migration entry for the page. PTEs for the page will always come after mlocked PMD: rmap walks VMAs from oldest to newest. Test-case: #include <unistd.h> #include <sys/mman.h> #include <sys/wait.h> #include <linux/mempolicy.h> #include <numaif.h> int main(void) { unsigned long nodemask = 4; void *addr; addr = mmap((void *)0x20000000UL, 2UL << 20, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS | MAP_LOCKED, -1, 0); if (fork()) { wait(NULL); return 0; } mlock(addr, 4UL << 10); mbind(addr, 2UL << 20, MPOL_PREFERRED | MPOL_F_RELATIVE_NODES, &nodemask, 4, MPOL_MF_MOVE); return 0; } [1] https://lkml.kernel.org/r/CAOMGZ=G52R-30rZvhGxEbkTw7rLLwBGadVYeo--iizcD3upL… Link: http://lkml.kernel.org/r/20180917133816.43995-1-kirill.shutemov@linux.intel… Fixes: 616b8371539a ("mm: thp: enable thp migration in generic path") Signed-off-by: Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> Reported-by: Vegard Nossum <vegard.nossum(a)oracle.com> Reviewed-by: Zi Yan <zi.yan(a)cs.rutgers.edu> Cc: Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: <stable(a)vger.kernel.org> [4.14+] Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/huge_memory.c | 2 +- mm/migrate.c | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) --- a/mm/huge_memory.c~mm-thp-fix-mlocking-thp-page-with-migration-enabled +++ a/mm/huge_memory.c @@ -2931,7 +2931,7 @@ void remove_migration_pmd(struct page_vm else page_add_file_rmap(new, true); set_pmd_at(mm, mmun_start, pvmw->pmd, pmde); - if (vma->vm_flags & VM_LOCKED) + if ((vma->vm_flags & VM_LOCKED) && !PageDoubleMap(new)) mlock_vma_page(new); update_mmu_cache_pmd(vma, address, pvmw->pmd); } --- a/mm/migrate.c~mm-thp-fix-mlocking-thp-page-with-migration-enabled +++ a/mm/migrate.c @@ -275,6 +275,9 @@ static bool remove_migration_pte(struct if (vma->vm_flags & VM_LOCKED && !PageTransCompound(new)) mlock_vma_page(new); + if (PageTransHuge(page) && PageMlocked(page)) + clear_page_mlock(page); + /* No need to invalidate - it was non-present before */ update_mmu_cache(vma, pvmw.address, pvmw.pte); } _ Patches currently in -mm which might be from kirill.shutemov(a)linux.intel.com are mm-thp-fix-mlocking-thp-page-with-migration-enabled.patch

6 years, 7 months

1
0
0 0

[PATCH 13/17] target/core: Avoid that LUN reset sporadically triggers data corruption

by Bart Van Assche

If on an initiator system a LUN reset is issued while I/O is in progress with queue depth > 1, avoid that data corruption occurs as follows: - The initiator submits a READ (a). - The initiator submits a LUN reset before READ (a) completes. - The target responds that the LUN reset succeeded after READ (a) has been marked as CMD_T_COMPLETE and before .queue_status() has been called. - The initiator receives the LUN reset response and frees the tag used by READ (a). - The initiator submits READ (b) and reuses the tag of READ (a). - The initiator receives the response for READ (a) and interprets this as a completion for READ (b). - The initiator receives the completion for READ (b) and discards it. With the SRP initiator and target drivers and when running fio concurrently with sg_reset -d it only takes a few minutes to reproduce this. Signed-off-by: Bart Van Assche <bvanassche(a)acm.org> Fixes: commit febe562c20df ("target: Fix LUN_RESET active I/O handling for ACK_KREF") Cc: Nicholas Bellinger <nab(a)linux-iscsi.org> Cc: Mike Christie <mchristi(a)redhat.com> Cc: Christoph Hellwig <hch(a)lst.de> Cc: Hannes Reinecke <hare(a)suse.de> Cc: <stable(a)vger.kernel.org> --- drivers/target/target_core_tmr.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/drivers/target/target_core_tmr.c b/drivers/target/target_core_tmr.c index 2750a2c7b563..6e419396c1e4 100644 --- a/drivers/target/target_core_tmr.c +++ b/drivers/target/target_core_tmr.c @@ -90,7 +90,7 @@ static int target_check_cdb_and_preempt(struct list_head *list, return 1; } -static bool __target_check_io_state(struct se_cmd *se_cmd, +static bool __target_check_io_state(struct se_cmd *se_cmd, u32 skip_flags, struct se_session *tmr_sess, int tas) { struct se_session *sess = se_cmd->se_sess; @@ -108,7 +108,7 @@ static bool __target_check_io_state(struct se_cmd *se_cmd, * long as se_cmd->cmd_kref is still active unless zero. */ spin_lock(&se_cmd->t_state_lock); - if (se_cmd->transport_state & (CMD_T_COMPLETE | CMD_T_FABRIC_STOP)) { + if (se_cmd->transport_state & (skip_flags | CMD_T_FABRIC_STOP)) { pr_debug("Attempted to abort io tag: %llu already complete or" " fabric stop, skipping\n", se_cmd->tag); spin_unlock(&se_cmd->t_state_lock); @@ -165,7 +165,8 @@ void core_tmr_abort_task( printk("ABORT_TASK: Found referenced %s task_tag: %llu\n", se_cmd->se_tfo->get_fabric_name(), ref_tag); - if (!__target_check_io_state(se_cmd, se_sess, 0)) + if (!__target_check_io_state(se_cmd, CMD_T_COMPLETE, se_sess, + 0)) continue; spin_unlock_irqrestore(&se_sess->sess_cmd_lock, flags); @@ -349,7 +350,7 @@ static void core_tmr_drain_state_list( continue; spin_lock(&sess->sess_cmd_lock); - rc = __target_check_io_state(cmd, tmr_sess, tas); + rc = __target_check_io_state(cmd, 0, tmr_sess, tas); spin_unlock(&sess->sess_cmd_lock); if (!rc) continue; -- 2.18.0

6 years, 7 months

1
0
0 0

[PATCH] tpm: separate cmd_ready/go_idle from runtime_pm

by Jarkko Sakkinen

From: Tomas Winkler <tomas.winkler(a)intel.com> commit 627448e85c766587f6fdde1ea3886d6615081c77 upstream Fix tpm ptt initialization error: tpm tpm0: A TPM error (378) occurred get tpm pcr allocation. We cannot use go_idle cmd_ready commands via runtime_pm handles as with the introduction of localities this is no longer an optional feature, while runtime pm can be not enabled. Though cmd_ready/go_idle provides a power saving, it's also a part of TPM2 protocol and should be called explicitly. This patch exposes cmd_read/go_idle via tpm class ops and removes runtime pm support as it is not used by any driver. When calling from nested context always use both flags: TPM_TRANSMIT_UNLOCKED and TPM_TRANSMIT_RAW. Both are needed to resolve tpm spaces and locality request recursive calls to tpm_transmit(). TPM_TRANSMIT_RAW should never be used standalone as it will fail on double locking. While TPM_TRANSMIT_UNLOCKED standalone should be called from non-recursive locked contexts. New wrappers are added tpm_cmd_ready() and tpm_go_idle() to streamline tpm_try_transmit code. tpm_crb no longer needs own power saving functions and can drop using tpm_pm_suspend/resume. This patch cannot be really separated from the locality fix. Fixes: 888d867df441 (tpm: cmd_ready command can be issued only after granting locality) Cc: stable(a)vger.kernel.org Fixes: 888d867df441 (tpm: cmd_ready command can be issued only after granting locality) Signed-off-by: Tomas Winkler <tomas.winkler(a)intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen(a)linux.intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen(a)linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen(a)linux.intel.com> --- drivers/char/tpm/tpm-interface.c | 50 ++++++++++++--- drivers/char/tpm/tpm.h | 12 +++- drivers/char/tpm/tpm2-space.c | 16 +++-- drivers/char/tpm/tpm_crb.c | 101 +++++++++---------------------- include/linux/tpm.h | 2 + 5 files changed, 90 insertions(+), 91 deletions(-) diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c index 86b526b7d990..a2070ab86c82 100644 --- a/drivers/char/tpm/tpm-interface.c +++ b/drivers/char/tpm/tpm-interface.c @@ -369,10 +369,13 @@ static int tpm_validate_command(struct tpm_chip *chip, return -EINVAL; } -static int tpm_request_locality(struct tpm_chip *chip) +static int tpm_request_locality(struct tpm_chip *chip, unsigned int flags) { int rc; + if (flags & TPM_TRANSMIT_RAW) + return 0; + if (!chip->ops->request_locality) return 0; @@ -385,10 +388,13 @@ static int tpm_request_locality(struct tpm_chip *chip) return 0; } -static void tpm_relinquish_locality(struct tpm_chip *chip) +static void tpm_relinquish_locality(struct tpm_chip *chip, unsigned int flags) { int rc; + if (flags & TPM_TRANSMIT_RAW) + return; + if (!chip->ops->relinquish_locality) return; @@ -399,6 +405,28 @@ static void tpm_relinquish_locality(struct tpm_chip *chip) chip->locality = -1; } +static int tpm_cmd_ready(struct tpm_chip *chip, unsigned int flags) +{ + if (flags & TPM_TRANSMIT_RAW) + return 0; + + if (!chip->ops->cmd_ready) + return 0; + + return chip->ops->cmd_ready(chip); +} + +static int tpm_go_idle(struct tpm_chip *chip, unsigned int flags) +{ + if (flags & TPM_TRANSMIT_RAW) + return 0; + + if (!chip->ops->go_idle) + return 0; + + return chip->ops->go_idle(chip); +} + static ssize_t tpm_try_transmit(struct tpm_chip *chip, struct tpm_space *space, u8 *buf, size_t bufsiz, @@ -449,14 +477,15 @@ static ssize_t tpm_try_transmit(struct tpm_chip *chip, /* Store the decision as chip->locality will be changed. */ need_locality = chip->locality == -1; - if (!(flags & TPM_TRANSMIT_RAW) && need_locality) { - rc = tpm_request_locality(chip); + if (need_locality) { + rc = tpm_request_locality(chip, flags); if (rc < 0) goto out_no_locality; } - if (chip->dev.parent) - pm_runtime_get_sync(chip->dev.parent); + rc = tpm_cmd_ready(chip, flags); + if (rc) + goto out; rc = tpm2_prepare_space(chip, space, ordinal, buf); if (rc) @@ -516,13 +545,16 @@ static ssize_t tpm_try_transmit(struct tpm_chip *chip, } rc = tpm2_commit_space(chip, space, ordinal, buf, &len); + if (rc) + dev_err(&chip->dev, "tpm2_commit_space: error %d\n", rc); out: - if (chip->dev.parent) - pm_runtime_put_sync(chip->dev.parent); + rc = tpm_go_idle(chip, flags); + if (rc) + goto out; if (need_locality) - tpm_relinquish_locality(chip); + tpm_relinquish_locality(chip, flags); out_no_locality: if (chip->ops->clk_enable != NULL) diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h index b83b30a3eea5..4bb9b4aa9b49 100644 --- a/drivers/char/tpm/tpm.h +++ b/drivers/char/tpm/tpm.h @@ -511,9 +511,17 @@ extern const struct file_operations tpm_fops; extern const struct file_operations tpmrm_fops; extern struct idr dev_nums_idr; +/** + * enum tpm_transmit_flags + * + * @TPM_TRANSMIT_UNLOCKED: used to lock sequence of tpm_transmit calls. + * @TPM_TRANSMIT_RAW: prevent recursive calls into setup steps + * (go idle, locality,..). Always use with UNLOCKED + * as it will fail on double locking. + */ enum tpm_transmit_flags { - TPM_TRANSMIT_UNLOCKED = BIT(0), - TPM_TRANSMIT_RAW = BIT(1), + TPM_TRANSMIT_UNLOCKED = BIT(0), + TPM_TRANSMIT_RAW = BIT(1), }; ssize_t tpm_transmit(struct tpm_chip *chip, struct tpm_space *space, diff --git a/drivers/char/tpm/tpm2-space.c b/drivers/char/tpm/tpm2-space.c index d26ea7513226..dabb2ae4e779 100644 --- a/drivers/char/tpm/tpm2-space.c +++ b/drivers/char/tpm/tpm2-space.c @@ -39,7 +39,8 @@ static void tpm2_flush_sessions(struct tpm_chip *chip, struct tpm_space *space) for (i = 0; i < ARRAY_SIZE(space->session_tbl); i++) { if (space->session_tbl[i]) tpm2_flush_context_cmd(chip, space->session_tbl[i], - TPM_TRANSMIT_UNLOCKED); + TPM_TRANSMIT_UNLOCKED | + TPM_TRANSMIT_RAW); } } @@ -84,7 +85,7 @@ static int tpm2_load_context(struct tpm_chip *chip, u8 *buf, tpm_buf_append(&tbuf, &buf[*offset], body_size); rc = tpm_transmit_cmd(chip, NULL, tbuf.data, PAGE_SIZE, 4, - TPM_TRANSMIT_UNLOCKED, NULL); + TPM_TRANSMIT_UNLOCKED | TPM_TRANSMIT_RAW, NULL); if (rc < 0) { dev_warn(&chip->dev, "%s: failed with a system error %d\n", __func__, rc); @@ -133,7 +134,7 @@ static int tpm2_save_context(struct tpm_chip *chip, u32 handle, u8 *buf, tpm_buf_append_u32(&tbuf, handle); rc = tpm_transmit_cmd(chip, NULL, tbuf.data, PAGE_SIZE, 0, - TPM_TRANSMIT_UNLOCKED, NULL); + TPM_TRANSMIT_UNLOCKED | TPM_TRANSMIT_RAW, NULL); if (rc < 0) { dev_warn(&chip->dev, "%s: failed with a system error %d\n", __func__, rc); @@ -170,7 +171,8 @@ static void tpm2_flush_space(struct tpm_chip *chip) for (i = 0; i < ARRAY_SIZE(space->context_tbl); i++) if (space->context_tbl[i] && ~space->context_tbl[i]) tpm2_flush_context_cmd(chip, space->context_tbl[i], - TPM_TRANSMIT_UNLOCKED); + TPM_TRANSMIT_UNLOCKED | + TPM_TRANSMIT_RAW); tpm2_flush_sessions(chip, space); } @@ -377,7 +379,8 @@ static int tpm2_map_response_header(struct tpm_chip *chip, u32 cc, u8 *rsp, return 0; out_no_slots: - tpm2_flush_context_cmd(chip, phandle, TPM_TRANSMIT_UNLOCKED); + tpm2_flush_context_cmd(chip, phandle, + TPM_TRANSMIT_UNLOCKED | TPM_TRANSMIT_RAW); dev_warn(&chip->dev, "%s: out of slots for 0x%08X\n", __func__, phandle); return -ENOMEM; @@ -465,7 +468,8 @@ static int tpm2_save_space(struct tpm_chip *chip) return rc; tpm2_flush_context_cmd(chip, space->context_tbl[i], - TPM_TRANSMIT_UNLOCKED); + TPM_TRANSMIT_UNLOCKED | + TPM_TRANSMIT_RAW); space->context_tbl[i] = ~0; } diff --git a/drivers/char/tpm/tpm_crb.c b/drivers/char/tpm/tpm_crb.c index bb756ad7897e..5c7ce5aaaf6f 100644 --- a/drivers/char/tpm/tpm_crb.c +++ b/drivers/char/tpm/tpm_crb.c @@ -137,7 +137,7 @@ static bool crb_wait_for_reg_32(u32 __iomem *reg, u32 mask, u32 value, } /** - * crb_go_idle - request tpm crb device to go the idle state + * __crb_go_idle - request tpm crb device to go the idle state * * @dev: crb device * @priv: crb private data @@ -151,7 +151,7 @@ static bool crb_wait_for_reg_32(u32 __iomem *reg, u32 mask, u32 value, * * Return: 0 always */ -static int crb_go_idle(struct device *dev, struct crb_priv *priv) +static int __crb_go_idle(struct device *dev, struct crb_priv *priv) { if ((priv->flags & CRB_FL_ACPI_START) || (priv->flags & CRB_FL_CRB_SMC_START)) @@ -166,11 +166,20 @@ static int crb_go_idle(struct device *dev, struct crb_priv *priv) dev_warn(dev, "goIdle timed out\n"); return -ETIME; } + return 0; } +static int crb_go_idle(struct tpm_chip *chip) +{ + struct device *dev = &chip->dev; + struct crb_priv *priv = dev_get_drvdata(dev); + + return __crb_go_idle(dev, priv); +} + /** - * crb_cmd_ready - request tpm crb device to enter ready state + * __crb_cmd_ready - request tpm crb device to enter ready state * * @dev: crb device * @priv: crb private data @@ -183,7 +192,7 @@ static int crb_go_idle(struct device *dev, struct crb_priv *priv) * * Return: 0 on success -ETIME on timeout; */ -static int crb_cmd_ready(struct device *dev, struct crb_priv *priv) +static int __crb_cmd_ready(struct device *dev, struct crb_priv *priv) { if ((priv->flags & CRB_FL_ACPI_START) || (priv->flags & CRB_FL_CRB_SMC_START)) @@ -201,6 +210,14 @@ static int crb_cmd_ready(struct device *dev, struct crb_priv *priv) return 0; } +static int crb_cmd_ready(struct tpm_chip *chip) +{ + struct device *dev = &chip->dev; + struct crb_priv *priv = dev_get_drvdata(dev); + + return __crb_cmd_ready(dev, priv); +} + static int __crb_request_locality(struct device *dev, struct crb_priv *priv, int loc) { @@ -393,6 +410,8 @@ static const struct tpm_class_ops tpm_crb = { .send = crb_send, .cancel = crb_cancel, .req_canceled = crb_req_canceled, + .go_idle = crb_go_idle, + .cmd_ready = crb_cmd_ready, .request_locality = crb_request_locality, .relinquish_locality = crb_relinquish_locality, .req_complete_mask = CRB_DRV_STS_COMPLETE, @@ -508,7 +527,7 @@ static int crb_map_io(struct acpi_device *device, struct crb_priv *priv, * PTT HW bug w/a: wake up the device to access * possibly not retained registers. */ - ret = crb_cmd_ready(dev, priv); + ret = __crb_cmd_ready(dev, priv); if (ret) return ret; @@ -553,7 +572,7 @@ static int crb_map_io(struct acpi_device *device, struct crb_priv *priv, if (!ret) priv->cmd_size = cmd_size; - crb_go_idle(dev, priv); + __crb_go_idle(dev, priv); __crb_relinquish_locality(dev, priv, 0); @@ -624,32 +643,7 @@ static int crb_acpi_add(struct acpi_device *device) chip->acpi_dev_handle = device->handle; chip->flags = TPM_CHIP_FLAG_TPM2; - rc = __crb_request_locality(dev, priv, 0); - if (rc) - return rc; - - rc = crb_cmd_ready(dev, priv); - if (rc) - goto out; - - pm_runtime_get_noresume(dev); - pm_runtime_set_active(dev); - pm_runtime_enable(dev); - - rc = tpm_chip_register(chip); - if (rc) { - crb_go_idle(dev, priv); - pm_runtime_put_noidle(dev); - pm_runtime_disable(dev); - goto out; - } - - pm_runtime_put_sync(dev); - -out: - __crb_relinquish_locality(dev, priv, 0); - - return rc; + return tpm_chip_register(chip); } static int crb_acpi_remove(struct acpi_device *device) @@ -659,52 +653,11 @@ static int crb_acpi_remove(struct acpi_device *device) tpm_chip_unregister(chip); - pm_runtime_disable(dev); - return 0; } -static int __maybe_unused crb_pm_runtime_suspend(struct device *dev) -{ - struct tpm_chip *chip = dev_get_drvdata(dev); - struct crb_priv *priv = dev_get_drvdata(&chip->dev); - - return crb_go_idle(dev, priv); -} - -static int __maybe_unused crb_pm_runtime_resume(struct device *dev) -{ - struct tpm_chip *chip = dev_get_drvdata(dev); - struct crb_priv *priv = dev_get_drvdata(&chip->dev); - - return crb_cmd_ready(dev, priv); -} - -static int __maybe_unused crb_pm_suspend(struct device *dev) -{ - int ret; - - ret = tpm_pm_suspend(dev); - if (ret) - return ret; - - return crb_pm_runtime_suspend(dev); -} - -static int __maybe_unused crb_pm_resume(struct device *dev) -{ - int ret; - - ret = crb_pm_runtime_resume(dev); - if (ret) - return ret; - - return tpm_pm_resume(dev); -} - static const struct dev_pm_ops crb_pm = { - SET_SYSTEM_SLEEP_PM_OPS(crb_pm_suspend, crb_pm_resume) - SET_RUNTIME_PM_OPS(crb_pm_runtime_suspend, crb_pm_runtime_resume, NULL) + SET_SYSTEM_SLEEP_PM_OPS(tpm_pm_suspend, tpm_pm_resume) }; static const struct acpi_device_id crb_device_ids[] = { diff --git a/include/linux/tpm.h b/include/linux/tpm.h index 2a6c3d96b31f..7f7b29f86c59 100644 --- a/include/linux/tpm.h +++ b/include/linux/tpm.h @@ -48,6 +48,8 @@ struct tpm_class_ops { u8 (*status) (struct tpm_chip *chip); bool (*update_timeouts)(struct tpm_chip *chip, unsigned long *timeout_cap); + int (*go_idle)(struct tpm_chip *chip); + int (*cmd_ready)(struct tpm_chip *chip); int (*request_locality)(struct tpm_chip *chip, int loc); int (*relinquish_locality)(struct tpm_chip *chip, int loc); void (*clk_enable)(struct tpm_chip *chip, bool value); -- 2.17.1

6 years, 7 months

5
6
0 0

Re: Patch "x86/kexec: Allocate 8k PGDs for PTI" has been added to the 3.18-stable tree

by Hugh Dickins

On Mon, 17 Sep 2018, gregkh(a)linuxfoundation.org wrote: > > This is a note to let you know that I've just added the patch titled > > x86/kexec: Allocate 8k PGDs for PTI > > to the 3.18-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > x86-kexec-allocate-8k-pgds-for-pti.patch > and it can be found in the queue-3.18 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. I believe this commit is an example of the auto-selector being too eager, and this should not be in *any* of the stable trees. As the commit message indicates, it's a fix by Joerg for his PTI-x86-32 implementation - which has not been backported to any of the stable trees (yet), has it? In several of the recent stable trees, I think this will not do any actual harm; but it looks as if it will prevent relevant x86-32 configs from building on 3.18 (I see no definition of PGD_ALLOCATION_ORDER in linux-3.18.y - you preferred not to have any PTI in that tree), and I haven't checked whether its definition in older backports will build correctly here or not. Hugh > > > From foo@baz Mon Sep 17 11:45:57 CEST 2018 > From: Joerg Roedel <jroedel(a)suse.de> > Date: Wed, 25 Jul 2018 17:48:03 +0200 > Subject: x86/kexec: Allocate 8k PGDs for PTI > > From: Joerg Roedel <jroedel(a)suse.de> > > [ Upstream commit ca38dc8f2724d101038b1205122c93a1c7f38f11 ] > > Fuzzing the PTI-x86-32 code with trinity showed unhandled > kernel paging request oops-messages that looked a lot like > silent data corruption. > > Lot's of debugging and testing lead to the kexec-32bit code, > which is still allocating 4k PGDs when PTI is enabled. But > since it uses native_set_pud() to build the page-table, it > will unevitably call into __pti_set_user_pgtbl(), which > writes beyond the allocated 4k page. > > Use PGD_ALLOCATION_ORDER to allocate PGDs in the kexec code > to fix the issue. > > Signed-off-by: Joerg Roedel <jroedel(a)suse.de> > Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> > Tested-by: David H. Gutteridge <dhgutteridge(a)sympatico.ca> > Cc: "H . Peter Anvin" <hpa(a)zytor.com> > Cc: linux-mm(a)kvack.org > Cc: Linus Torvalds <torvalds(a)linux-foundation.org> > Cc: Andy Lutomirski <luto(a)kernel.org> > Cc: Dave Hansen <dave.hansen(a)intel.com> > Cc: Josh Poimboeuf <jpoimboe(a)redhat.com> > Cc: Juergen Gross <jgross(a)suse.com> > Cc: Peter Zijlstra <peterz(a)infradead.org> > Cc: Borislav Petkov <bp(a)alien8.de> > Cc: Jiri Kosina <jkosina(a)suse.cz> > Cc: Boris Ostrovsky <boris.ostrovsky(a)oracle.com> > Cc: Brian Gerst <brgerst(a)gmail.com> > Cc: David Laight <David.Laight(a)aculab.com> > Cc: Denys Vlasenko <dvlasenk(a)redhat.com> > Cc: Eduardo Valentin <eduval(a)amazon.com> > Cc: Greg KH <gregkh(a)linuxfoundation.org> > Cc: Will Deacon <will.deacon(a)arm.com> > Cc: aliguori(a)amazon.com > Cc: daniel.gruss(a)iaik.tugraz.at > Cc: hughd(a)google.com > Cc: keescook(a)google.com > Cc: Andrea Arcangeli <aarcange(a)redhat.com> > Cc: Waiman Long <llong(a)redhat.com> > Cc: Pavel Machek <pavel(a)ucw.cz> > Cc: Arnaldo Carvalho de Melo <acme(a)kernel.org> > Cc: Alexander Shishkin <alexander.shishkin(a)linux.intel.com> > Cc: Jiri Olsa <jolsa(a)redhat.com> > Cc: Namhyung Kim <namhyung(a)kernel.org> > Cc: joro(a)8bytes.org > Link: https://lkml.kernel.org/r/1532533683-5988-4-git-send-email-joro@8bytes.org > Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> > Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> > --- > arch/x86/kernel/machine_kexec_32.c | 5 +++-- > 1 file changed, 3 insertions(+), 2 deletions(-) > > --- a/arch/x86/kernel/machine_kexec_32.c > +++ b/arch/x86/kernel/machine_kexec_32.c > @@ -69,7 +69,7 @@ static void load_segments(void) > > static void machine_kexec_free_page_tables(struct kimage *image) > { > - free_page((unsigned long)image->arch.pgd); > + free_pages((unsigned long)image->arch.pgd, PGD_ALLOCATION_ORDER); > image->arch.pgd = NULL; > #ifdef CONFIG_X86_PAE > free_page((unsigned long)image->arch.pmd0); > @@ -85,7 +85,8 @@ static void machine_kexec_free_page_tabl > > static int machine_kexec_alloc_page_tables(struct kimage *image) > { > - image->arch.pgd = (pgd_t *)get_zeroed_page(GFP_KERNEL); > + image->arch.pgd = (pgd_t *)__get_free_pages(GFP_KERNEL | __GFP_ZERO, > + PGD_ALLOCATION_ORDER); > #ifdef CONFIG_X86_PAE > image->arch.pmd0 = (pmd_t *)get_zeroed_page(GFP_KERNEL); > image->arch.pmd1 = (pmd_t *)get_zeroed_page(GFP_KERNEL); > > > Patches currently in stable-queue which might be from jroedel(a)suse.de are > > queue-3.18/x86-kexec-allocate-8k-pgds-for-pti.patch > queue-3.18/x86-mm-remove-in_nmi-warning-from-vmalloc_fault.patch >

6 years, 7 months

3
2
0 0

4.4.y build failure

by Dan Rue

I'm seeing the following i386 build failure with defconfig on 4.4-rc branch: $ make ARCH=i386 CHK include/config/kernel.release CHK include/generated/uapi/linux/version.h CHK include/generated/utsrelease.h CHK include/generated/bounds.h CHK include/generated/timeconst.h CHK include/generated/asm-offsets.h CALL scripts/checksyscalls.sh CHK include/generated/compile.h CC arch/x86/kernel/machine_kexec_32.o arch/x86/kernel/machine_kexec_32.c: In function ‘machine_kexec_free_page_tables’: arch/x86/kernel/machine_kexec_32.c:73:45: error: ‘PGD_ALLOCATION_ORDER’ undeclared (first use in this function); did you mean ‘PAGE_ALLOC_COSTLY_ORDER’? free_pages((unsigned long)image->arch.pgd, PGD_ALLOCATION_ORDER); ^~~~~~~~~~~~~~~~~~~~ PAGE_ALLOC_COSTLY_ORDER arch/x86/kernel/machine_kexec_32.c:73:45: note: each undeclared identifier is reported only once for each function it appears in arch/x86/kernel/machine_kexec_32.c: In function ‘machine_kexec_alloc_page_tables’: arch/x86/kernel/machine_kexec_32.c:90:11: error: ‘PGD_ALLOCATION_ORDER’ undeclared (first use in this function); did you mean ‘PAGE_ALLOC_COSTLY_ORDER’? PGD_ALLOCATION_ORDER); ^~~~~~~~~~~~~~~~~~~~ PAGE_ALLOC_COSTLY_ORDER scripts/Makefile.build:269: recipe for target 'arch/x86/kernel/machine_kexec_32.o' failed make[2]: *** [arch/x86/kernel/machine_kexec_32.o] Error 1 scripts/Makefile.build:476: recipe for target 'arch/x86/kernel' failed make[1]: *** [arch/x86/kernel] Error 2 Makefile:980: recipe for target 'arch/x86' failed make: *** [arch/x86] Error 2 Dan

6 years, 7 months

2
1
0 0

[PATCH] ALSA: fireworks: fix memory leak of response buffer at error path

by Takashi Sakamoto

After allocating memory object for response buffer, ALSA fireworks driver has leak of the memory object at error path. This commit releases the object at the error path. Fixes: 7d3c1d5901aa('ALSA: fireworks: delayed registration of sound card') Cc: <stable(a)vger.kernel.org> # v4.7+ Signed-off-by: Takashi Sakamoto <o-takashi(a)sakamocchi.jp> --- sound/firewire/fireworks/fireworks.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sound/firewire/fireworks/fireworks.c b/sound/firewire/fireworks/fireworks.c index 71a0613d3da0..f2d073365cf6 100644 --- a/sound/firewire/fireworks/fireworks.c +++ b/sound/firewire/fireworks/fireworks.c @@ -301,6 +301,8 @@ do_registration(struct work_struct *work) snd_efw_transaction_remove_instance(efw); snd_efw_stream_destroy_duplex(efw); snd_card_free(efw->card); + kfree(efw->resp_buf); + efw->resp_buf = NULL; dev_info(&efw->unit->device, "Sound card registration failed: %d\n", err); } -- 2.17.1

6 years, 7 months

2
1
0 0

[PATCH] ALSA: oxfw: fix memory leak of discovered stream formats at error path

by Takashi Sakamoto

After finishing discover of stream formats, ALSA OXFW driver has memory leak of allocated memory object at error path. This commit releases the memory object at the error path. Fixes: 6c29230e2a5f ('ALSA: oxfw: delayed registration of sound card') Cc: <stable(a)vger.kernel.org> # v4.7+ Signed-off-by: Takashi Sakamoto <o-takashi(a)sakamocchi.jp> --- sound/firewire/oxfw/oxfw.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/sound/firewire/oxfw/oxfw.c b/sound/firewire/oxfw/oxfw.c index 1e5b2c802635..63b3e1ce986e 100644 --- a/sound/firewire/oxfw/oxfw.c +++ b/sound/firewire/oxfw/oxfw.c @@ -207,6 +207,7 @@ static int detect_quirks(struct snd_oxfw *oxfw) static void do_registration(struct work_struct *work) { struct snd_oxfw *oxfw = container_of(work, struct snd_oxfw, dwork.work); + int i; int err; if (oxfw->registered) @@ -269,6 +270,12 @@ static void do_registration(struct work_struct *work) snd_oxfw_stream_destroy_simplex(oxfw, &oxfw->rx_stream); if (oxfw->has_output) snd_oxfw_stream_destroy_simplex(oxfw, &oxfw->tx_stream); + for (i = 0; i < SND_OXFW_STREAM_FORMAT_ENTRIES; ++i) { + kfree(oxfw->tx_stream_formats[i]); + oxfw->tx_stream_formats[i] = NULL; + kfree(oxfw->rx_stream_formats[i]); + oxfw->rx_stream_formats[i] = NULL; + } snd_card_free(oxfw->card); dev_info(&oxfw->unit->device, "Sound card registration failed: %d\n", err); -- 2.17.1

6 years, 7 months

2
1
0 0

[PATCH] ALSA: oxfw: fix memory leak for model-dependent data at error path

by Takashi Sakamoto

After allocating model-dependent data, ALSA OXFW driver has memory leak of the data at error path. This commit releases the data at the error path. Fixes: 6c29230e2a5f ('ALSA: oxfw: delayed registration of sound card') Cc: <stable(a)vger.kernel.org> # v4.7+ Signed-off-by: Takashi Sakamoto <o-takashi(a)sakamocchi.jp> --- sound/firewire/oxfw/oxfw.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sound/firewire/oxfw/oxfw.c b/sound/firewire/oxfw/oxfw.c index 63b3e1ce986e..9c8c527ebff9 100644 --- a/sound/firewire/oxfw/oxfw.c +++ b/sound/firewire/oxfw/oxfw.c @@ -277,6 +277,8 @@ static void do_registration(struct work_struct *work) oxfw->rx_stream_formats[i] = NULL; } snd_card_free(oxfw->card); + kfree(oxfw->spec); + oxfw->spec = NULL; dev_info(&oxfw->unit->device, "Sound card registration failed: %d\n", err); } -- 2.17.1

6 years, 7 months

2
1
0 0

[PATCH] ALSA: bebob: fix memory leak for M-Audio FW1814 and ProjectMix I/O at error path

by Takashi Sakamoto

After allocating model-dependent data for M-Audio FW1814 and ProjectMix I/O, ALSA bebob driver has memory leak at error path. This commit releases the allocated data at the error path. Fixes: 04a2c73c97eb('ALSA: bebob: delayed registration of sound card') Cc: <stable(a)vger.kernel.org> # v4.7+ Signed-off-by: Takashi Sakamoto <o-takashi(a)sakamocchi.jp> --- sound/firewire/bebob/bebob.c | 2 ++ sound/firewire/bebob/bebob_maudio.c | 4 ---- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/sound/firewire/bebob/bebob.c b/sound/firewire/bebob/bebob.c index 730ea91d9be8..93676354f87f 100644 --- a/sound/firewire/bebob/bebob.c +++ b/sound/firewire/bebob/bebob.c @@ -263,6 +263,8 @@ do_registration(struct work_struct *work) error: mutex_unlock(&devices_mutex); snd_bebob_stream_destroy_duplex(bebob); + kfree(bebob->maudio_special_quirk); + bebob->maudio_special_quirk = NULL; snd_card_free(bebob->card); dev_info(&bebob->unit->device, "Sound card registration failed: %d\n", err); diff --git a/sound/firewire/bebob/bebob_maudio.c b/sound/firewire/bebob/bebob_maudio.c index bd55620c6a47..164f2126a676 100644 --- a/sound/firewire/bebob/bebob_maudio.c +++ b/sound/firewire/bebob/bebob_maudio.c @@ -290,10 +290,6 @@ snd_bebob_maudio_special_discover(struct snd_bebob *bebob, bool is1814) bebob->midi_output_ports = 2; } end: - if (err < 0) { - kfree(params); - bebob->maudio_special_quirk = NULL; - } mutex_unlock(&bebob->mutex); return err; } -- 2.17.1

6 years, 7 months

2
1
0 0

FAILED: patch "[PATCH] x86/mm: Use WRITE_ONCE() when setting PTEs" failed to apply to 4.18-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.18-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 9bc4f28af75a91aea0ae383f50b0a430c4509303 Mon Sep 17 00:00:00 2001 From: Nadav Amit <namit(a)vmware.com> Date: Sun, 2 Sep 2018 11:14:50 -0700 Subject: [PATCH] x86/mm: Use WRITE_ONCE() when setting PTEs When page-table entries are set, the compiler might optimize their assignment by using multiple instructions to set the PTE. This might turn into a security hazard if the user somehow manages to use the interim PTE. L1TF does not make our lives easier, making even an interim non-present PTE a security hazard. Using WRITE_ONCE() to set PTEs and friends should prevent this potential security hazard. I skimmed the differences in the binary with and without this patch. The differences are (obviously) greater when CONFIG_PARAVIRT=n as more code optimizations are possible. For better and worse, the impact on the binary with this patch is pretty small. Skimming the code did not cause anything to jump out as a security hazard, but it seems that at least move_soft_dirty_pte() caused set_pte_at() to use multiple writes. Signed-off-by: Nadav Amit <namit(a)vmware.com> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Acked-by: Peter Zijlstra (Intel) <peterz(a)infradead.org> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: Andi Kleen <ak(a)linux.intel.com> Cc: Josh Poimboeuf <jpoimboe(a)redhat.com> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: Sean Christopherson <sean.j.christopherson(a)intel.com> Cc: Andy Lutomirski <luto(a)kernel.org> Cc: stable(a)vger.kernel.org Link: https://lkml.kernel.org/r/20180902181451.80520-1-namit@vmware.com diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h index e4ffa565a69f..690c0307afed 100644 --- a/arch/x86/include/asm/pgtable.h +++ b/arch/x86/include/asm/pgtable.h @@ -1195,7 +1195,7 @@ static inline pmd_t pmdp_establish(struct vm_area_struct *vma, return xchg(pmdp, pmd); } else { pmd_t old = *pmdp; - *pmdp = pmd; + WRITE_ONCE(*pmdp, pmd); return old; } } diff --git a/arch/x86/include/asm/pgtable_64.h b/arch/x86/include/asm/pgtable_64.h index f773d5e6c8cc..ce2b59047cb8 100644 --- a/arch/x86/include/asm/pgtable_64.h +++ b/arch/x86/include/asm/pgtable_64.h @@ -55,15 +55,15 @@ struct mm_struct; void set_pte_vaddr_p4d(p4d_t *p4d_page, unsigned long vaddr, pte_t new_pte); void set_pte_vaddr_pud(pud_t *pud_page, unsigned long vaddr, pte_t new_pte); -static inline void native_pte_clear(struct mm_struct *mm, unsigned long addr, - pte_t *ptep) +static inline void native_set_pte(pte_t *ptep, pte_t pte) { - *ptep = native_make_pte(0); + WRITE_ONCE(*ptep, pte); } -static inline void native_set_pte(pte_t *ptep, pte_t pte) +static inline void native_pte_clear(struct mm_struct *mm, unsigned long addr, + pte_t *ptep) { - *ptep = pte; + native_set_pte(ptep, native_make_pte(0)); } static inline void native_set_pte_atomic(pte_t *ptep, pte_t pte) @@ -73,7 +73,7 @@ static inline void native_set_pte_atomic(pte_t *ptep, pte_t pte) static inline void native_set_pmd(pmd_t *pmdp, pmd_t pmd) { - *pmdp = pmd; + WRITE_ONCE(*pmdp, pmd); } static inline void native_pmd_clear(pmd_t *pmd) @@ -109,7 +109,7 @@ static inline pmd_t native_pmdp_get_and_clear(pmd_t *xp) static inline void native_set_pud(pud_t *pudp, pud_t pud) { - *pudp = pud; + WRITE_ONCE(*pudp, pud); } static inline void native_pud_clear(pud_t *pud) @@ -137,13 +137,13 @@ static inline void native_set_p4d(p4d_t *p4dp, p4d_t p4d) pgd_t pgd; if (pgtable_l5_enabled() || !IS_ENABLED(CONFIG_PAGE_TABLE_ISOLATION)) { - *p4dp = p4d; + WRITE_ONCE(*p4dp, p4d); return; } pgd = native_make_pgd(native_p4d_val(p4d)); pgd = pti_set_user_pgtbl((pgd_t *)p4dp, pgd); - *p4dp = native_make_p4d(native_pgd_val(pgd)); + WRITE_ONCE(*p4dp, native_make_p4d(native_pgd_val(pgd))); } static inline void native_p4d_clear(p4d_t *p4d) @@ -153,7 +153,7 @@ static inline void native_p4d_clear(p4d_t *p4d) static inline void native_set_pgd(pgd_t *pgdp, pgd_t pgd) { - *pgdp = pti_set_user_pgtbl(pgdp, pgd); + WRITE_ONCE(*pgdp, pti_set_user_pgtbl(pgdp, pgd)); } static inline void native_pgd_clear(pgd_t *pgd) diff --git a/arch/x86/mm/pgtable.c b/arch/x86/mm/pgtable.c index e848a4811785..ae394552fb94 100644 --- a/arch/x86/mm/pgtable.c +++ b/arch/x86/mm/pgtable.c @@ -269,7 +269,7 @@ static void mop_up_one_pmd(struct mm_struct *mm, pgd_t *pgdp) if (pgd_val(pgd) != 0) { pmd_t *pmd = (pmd_t *)pgd_page_vaddr(pgd); - *pgdp = native_make_pgd(0); + pgd_clear(pgdp); paravirt_release_pmd(pgd_val(pgd) >> PAGE_SHIFT); pmd_free(mm, pmd); @@ -494,7 +494,7 @@ int ptep_set_access_flags(struct vm_area_struct *vma, int changed = !pte_same(*ptep, entry); if (changed && dirty) - *ptep = entry; + set_pte(ptep, entry); return changed; } @@ -509,7 +509,7 @@ int pmdp_set_access_flags(struct vm_area_struct *vma, VM_BUG_ON(address & ~HPAGE_PMD_MASK); if (changed && dirty) { - *pmdp = entry; + set_pmd(pmdp, entry); /* * We had a write-protection fault here and changed the pmd * to to more permissive. No need to flush the TLB for that, @@ -529,7 +529,7 @@ int pudp_set_access_flags(struct vm_area_struct *vma, unsigned long address, VM_BUG_ON(address & ~HPAGE_PUD_MASK); if (changed && dirty) { - *pudp = entry; + set_pud(pudp, entry); /* * We had a write-protection fault here and changed the pud * to to more permissive. No need to flush the TLB for that,

6 years, 7 months

3
3
0 0

[git:media_tree/master] media: em28xx: make v4l2-compliance happier by starting sequence on zero

by Mauro Carvalho Chehab

This is an automatic generated email to let you know that the following patch were queued: Subject: media: em28xx: make v4l2-compliance happier by starting sequence on zero Author: Mauro Carvalho Chehab <mchehab+samsung(a)kernel.org> Date: Thu Sep 13 22:46:29 2018 -0400 The v4l2-compliance tool complains if a video doesn't start with a zero sequence number. While this shouldn't cause any real problem for apps, let's make it happier, in order to better check the v4l2-compliance differences before and after patchsets. This is actually an old issue. It is there since at least its videobuf2 conversion, e. g. changeset 3829fadc461 ("[media] em28xx: convert to videobuf2"), if VB1 wouldn't suffer from the same issue. Cc: stable(a)vger.kernel.org Fixes: d3829fadc461 ("[media] em28xx: convert to videobuf2") Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung(a)kernel.org> drivers/media/usb/em28xx/em28xx-video.c | 2 ++ 1 file changed, 2 insertions(+) --- diff --git a/drivers/media/usb/em28xx/em28xx-video.c b/drivers/media/usb/em28xx/em28xx-video.c index 4b08da45032d..f43717ea831d 100644 --- a/drivers/media/usb/em28xx/em28xx-video.c +++ b/drivers/media/usb/em28xx/em28xx-video.c @@ -1093,6 +1093,8 @@ int em28xx_start_analog_streaming(struct vb2_queue *vq, unsigned int count) em28xx_videodbg("%s\n", __func__); + dev->v4l2->field_count = 0; + /* * Make sure streaming is not already in progress for this type * of filehandle (e.g. video, vbi)

6 years, 7 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror September 2018