March 2020 - Linux-stable-mirror

Re: [PATCH v2 11/12] mac80211: drop data frames without key on encrypted links

by Sasha Levin

Hi [This is an automated email] This commit has been processed because it contains a -stable tag. The stable tag indicates that it's relevant for the following trees: all The bot has tested the following trees: v5.5.11, v5.4.27, v4.19.112, v4.14.174, v4.9.217, v4.4.217. v5.5.11: Build OK! v5.4.27: Build OK! v4.19.112: Failed to apply! Possible dependencies: 03512ceb60ae ("ieee80211: remove redundant leading zeroes") 09b4a4faf9d0 ("mac80211: introduce capability flags for VHT EXT NSS support") 0eeb2b674f05 ("mac80211: add an option for station management TXQ") 1c9559734eca ("mac80211: remove unnecessary key condition") 57a3a454f303 ("iwlwifi: split HE capabilities between AP and STA") 62872a9b9a10 ("mac80211: Fix PTK rekey freezes and clear text leak") 77f7ffdc335d ("mac80211: minstrel_ht: add flag to indicate missing/inaccurate tx A-MPDU length") 77ff2c6b4984 ("mac80211: update HE IEs to D3.3") 80aaa9c16415 ("mac80211: Add he_capa debugfs entry") 96fc6efb9ad9 ("mac80211: IEEE 802.11 Extended Key ID support") add7453ad62f ("wireless: align to draft 11ax D3.0") adf8ed01e4fd ("mac80211: add an optional TXQ for other PS-buffered frames") caf56338c22f ("mac80211: indicate support for multiple BSSID") daa5b83513a7 ("mac80211: update HE operation fields to D3.0") v4.14.174: Failed to apply! Possible dependencies: 110b32f065f3 ("iwlwifi: mvm: rs: add basic implementation of the new RS API handlers") 1c73acf58bd6 ("iwlwifi: acpi: move ACPI method definitions to acpi.h") 28e9c00fe1f0 ("iwlwifi: remove upper case letters in sku_capa_band_*_enable") 4ae80f6c8d86 ("iwlwifi: support api ver2 of NVM_GET_INFO resp") 4b82455ca51e ("iwlwifi: use flags to denote modifiers for the channel maps") 4c625c564ba2 ("iwlwifi: get rid of fw/nvm.c") 514c30696fbc ("iwlwifi: add support for IEEE802.11ax") 57a3a454f303 ("iwlwifi: split HE capabilities between AP and STA") 77ff2c6b4984 ("mac80211: update HE IEs to D3.3") 813df5cef3bb ("iwlwifi: acpi: add common code to read from ACPI") 8a6171a7b601 ("iwlwifi: fw: add FW APIs for HE") 9c4f7d512740 ("iwlwifi: move all NVM parsing code to the common files") 9f66a397c877 ("iwlwifi: mvm: rs: add ops for the new rate scaling in the FW") e7a3b8d87910 ("iwlwifi: acpi: move ACPI-related definitions to acpi.h") v4.9.217: Failed to apply! Possible dependencies: 01796ff2fa6e ("iwlwifi: mvm: always free inactive queue when moving ownership") 0aaece81114e ("iwlwifi: split firmware API from iwl-trans.h") 1ea423b0e047 ("iwlwifi: remove unnecessary dev_cmd_headroom parameter") 310181ec34e2 ("iwlwifi: move to TVQM mode") 5594d80e9bf4 ("iwlwifi: support two phys for a000 devices") 623e7766be90 ("iwlwifi: pcie: introduce split point to a000 devices") 65e254821cee ("iwlwifi: mvm: use firmware station PM notification for AP_LINK_PS") 6b35ff91572f ("iwlwifi: pcie: introduce a000 TX queues management") 727c02dfb848 ("iwlwifi: pcie: cleanup rfkill checks") 77ff2c6b4984 ("mac80211: update HE IEs to D3.3") 8236f7db2724 ("iwlwifi: mvm: assign cab queue to the correct station") 87d0e1af9db3 ("iwlwifi: mvm: separate queue mapping from queue enablement") bb49701b41de ("iwlwifi: mvm: support a000 SCD queue configuration") cf90da352a32 ("iwlwifi: mvm: use mvm_disable_queue instead of sharing logic") d172a5eff629 ("iwlwifi: reorganize firmware API") df88c08d5c7e ("iwlwifi: mvm: release static queues on bcast release") eda50cde58de ("iwlwifi: pcie: add context information support") v4.4.217: Failed to apply! Possible dependencies: 0aaece81114e ("iwlwifi: split firmware API from iwl-trans.h") 13555e8ba2f4 ("iwlwifi: mvm: add 9000-series RX API") 1a616dd2f171 ("iwlwifi: dump prph registers in a common place for all transports") 1e0bbebaae66 ("mac80211: enable starting BA session with custom timeout") 2f89a5d7d377 ("iwlwifi: mvm: move fw-dbg code to separate file") 39bdb17ebb5b ("iwlwifi: update host command messages to new format") 41837ca962ec ("iwlwifi: pcie: allow to pretend to have Tx CSUM for debug") 4707fde5cdef ("iwlwifi: mvm: use build-time assertion for fw trigger ID") 5b88792cd850 ("iwlwifi: move to wide ID for all commands") 6c4fbcbc1c95 ("iwlwifi: add support for 12K Receive Buffers") 77ff2c6b4984 ("mac80211: update HE IEs to D3.3") 92fe83430b89 ("iwlwifi: uninline iwl_trans_send_cmd") d172a5eff629 ("iwlwifi: reorganize firmware API") dcbb4746286a ("iwlwifi: trans: support a callback for ASYNC commands") NOTE: The patch will not be queued to stable trees until it is upstream. How should we proceed with this patch? -- Thanks Sasha

3 years, 4 months

5
8
0 0

[PATCH] ARM: dts: at91: sama5d4: fix pinctrl muxing

by Ludovic Desroches

Fix pinctrl muxing, PD28, PD29 and PD31 can be muxed to peripheral A. It allows to use SCK0, SCK1 and SPI0_NPCS2 signals. Signed-off-by: Ludovic Desroches <ludovic.desroches(a)microchip.com> Fixes: 679f8d92bb01 ("ARM: at91/dt: sama5d4: add pioD pin mux mask and enable pioD") Cc: stable(a)vger.kernel.org --- arch/arm/boot/dts/sama5d4.dtsi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm/boot/dts/sama5d4.dtsi b/arch/arm/boot/dts/sama5d4.dtsi index 6ab27a7b388d..a4cef07c38cb 100644 --- a/arch/arm/boot/dts/sama5d4.dtsi +++ b/arch/arm/boot/dts/sama5d4.dtsi @@ -914,7 +914,7 @@ /* A B C */ 0xffffffff 0x3ffcfe7c 0x1c010101 /* pioA */ 0x7fffffff 0xfffccc3a 0x3f00cc3a /* pioB */ 0xffffffff 0x3ff83fff 0xff00ffff /* pioC */ - 0x0003ff00 0x8002a800 0x00000000 /* pioD */ + 0xb003ff00 0x8002a800 0x00000000 /* pioD */ 0xffffffff 0x7fffffff 0x76fff1bf /* pioE */ >; -- 2.24.0.rc0

3 years, 6 months

3
2
0 0

[BACKPORT] xen/pvh: correctly setup the PV EFI interface for dom0

by Roger Pau Monne

commit 72813bfbf0276a97c82af038efb5f02dcdd9e310 upstream This involves initializing the boot params EFI related fields and the efi global variable. Without this fix a PVH dom0 doesn't detect when booted from EFI, and thus doesn't support accessing any of the EFI related data. Reported-by: PGNet Dev <pgnet.dev(a)gmail.com> Signed-off-by: Roger Pau Monné <roger.pau(a)citrix.com> Reviewed-by: Boris Ostrovsky <boris.ostrovsky(a)oracle.com> Signed-off-by: Boris Ostrovsky <boris.ostrovsky(a)oracle.com> Cc: stable(a)vger.kernel.org # 4.19+ --- arch/x86/xen/efi.c | 12 ++++++------ arch/x86/xen/enlighten_pv.c | 2 +- arch/x86/xen/enlighten_pvh.c | 4 ++++ arch/x86/xen/xen-ops.h | 4 ++-- 4 files changed, 13 insertions(+), 9 deletions(-) diff --git a/arch/x86/xen/efi.c b/arch/x86/xen/efi.c index 1804b27f9632..30edb9bc58e2 100644 --- a/arch/x86/xen/efi.c +++ b/arch/x86/xen/efi.c @@ -170,7 +170,7 @@ static enum efi_secureboot_mode xen_efi_get_secureboot(void) return efi_secureboot_mode_unknown; } -void __init xen_efi_init(void) +void __init xen_efi_init(struct boot_params *boot_params) { efi_system_table_t *efi_systab_xen; @@ -179,12 +179,12 @@ void __init xen_efi_init(void) if (efi_systab_xen == NULL) return; - strncpy((char *)&boot_params.efi_info.efi_loader_signature, "Xen", - sizeof(boot_params.efi_info.efi_loader_signature)); - boot_params.efi_info.efi_systab = (__u32)__pa(efi_systab_xen); - boot_params.efi_info.efi_systab_hi = (__u32)(__pa(efi_systab_xen) >> 32); + strncpy((char *)&boot_params->efi_info.efi_loader_signature, "Xen", + sizeof(boot_params->efi_info.efi_loader_signature)); + boot_params->efi_info.efi_systab = (__u32)__pa(efi_systab_xen); + boot_params->efi_info.efi_systab_hi = (__u32)(__pa(efi_systab_xen) >> 32); - boot_params.secure_boot = xen_efi_get_secureboot(); + boot_params->secure_boot = xen_efi_get_secureboot(); set_bit(EFI_BOOT, &efi.flags); set_bit(EFI_PARAVIRT, &efi.flags); diff --git a/arch/x86/xen/enlighten_pv.c b/arch/x86/xen/enlighten_pv.c index 782f98b332f0..0f8da4aebe7b 100644 --- a/arch/x86/xen/enlighten_pv.c +++ b/arch/x86/xen/enlighten_pv.c @@ -1399,7 +1399,7 @@ asmlinkage __visible void __init xen_start_kernel(void) /* We need this for printk timestamps */ xen_setup_runstate_info(0); - xen_efi_init(); + xen_efi_init(&boot_params); /* Start the world */ #ifdef CONFIG_X86_32 diff --git a/arch/x86/xen/enlighten_pvh.c b/arch/x86/xen/enlighten_pvh.c index dab07827d25e..f04d22bcf08d 100644 --- a/arch/x86/xen/enlighten_pvh.c +++ b/arch/x86/xen/enlighten_pvh.c @@ -14,6 +14,8 @@ #include <xen/interface/memory.h> #include <xen/interface/hvm/start_info.h> +#include "xen-ops.h" + /* * PVH variables. * @@ -79,6 +81,8 @@ static void __init init_pvh_bootparams(void) pvh_bootparams.hdr.type_of_loader = (9 << 4) | 0; /* Xen loader */ x86_init.acpi.get_root_pointer = pvh_get_root_pointer; + + xen_efi_init(&pvh_bootparams); } /* diff --git a/arch/x86/xen/xen-ops.h b/arch/x86/xen/xen-ops.h index 0e60bd918695..2f111f47ba98 100644 --- a/arch/x86/xen/xen-ops.h +++ b/arch/x86/xen/xen-ops.h @@ -122,9 +122,9 @@ static inline void __init xen_init_vga(const struct dom0_vga_console_info *info, void __init xen_init_apic(void); #ifdef CONFIG_XEN_EFI -extern void xen_efi_init(void); +extern void xen_efi_init(struct boot_params *boot_params); #else -static inline void __init xen_efi_init(void) +static inline void __init xen_efi_init(struct boot_params *boot_params) { } #endif -- 2.20.1 (Apple Git-117)

3 years, 11 months

3
2
0 0

[PATCH v3 0/6] Memory corruption may occur due to incorrent tlb flush

by Santosh Sivaraj

The TLB flush optimisation (a46cc7a90f: powerpc/mm/radix: Improve TLB/PWC flushes) may result in random memory corruption. Any concurrent page-table walk could end up with a Use-after-Free. Even on UP this might give issues, since mmu_gather is preemptible these days. An interrupt or preempted task accessing user pages might stumble into the free page if the hardware caches page directories. The series is a backport of the fix sent by Peter [1]. The first three patches are dependencies for the last patch (avoid potential double flush). If the performance impact due to double flush is considered trivial then the first three patches and last patch may be dropped. This is only for v4.19 stable. [1] https://patchwork.kernel.org/cover/11284843/ -- Changelog: v2: Send the patches with the correct format (commit sha1 upstream) for stable v3: Fix compilation issue on ppc40x_defconfig and ppc44x_defconfig -- Aneesh Kumar K.V (1): powerpc/mmu_gather: enable RCU_TABLE_FREE even for !SMP case Peter Zijlstra (4): asm-generic/tlb: Track freeing of page-table directories in struct mmu_gather asm-generic/tlb, arch: Invert CONFIG_HAVE_RCU_TABLE_INVALIDATE mm/mmu_gather: invalidate TLB correctly on batch allocation failure and flush asm-generic/tlb: avoid potential double flush Will Deacon (1): asm-generic/tlb: Track which levels of the page tables have been cleared arch/Kconfig | 3 - arch/powerpc/Kconfig | 2 +- arch/powerpc/include/asm/book3s/32/pgalloc.h | 8 -- arch/powerpc/include/asm/book3s/64/pgalloc.h | 2 - arch/powerpc/include/asm/nohash/32/pgalloc.h | 8 -- arch/powerpc/include/asm/nohash/64/pgalloc.h | 9 +- arch/powerpc/include/asm/tlb.h | 11 ++ arch/powerpc/mm/pgtable-book3s64.c | 7 -- arch/sparc/include/asm/tlb_64.h | 9 ++ arch/x86/Kconfig | 1 - include/asm-generic/tlb.h | 103 ++++++++++++++++--- mm/memory.c | 20 ++-- 12 files changed, 123 insertions(+), 60 deletions(-) -- 2.24.1

3 years, 11 months

2
8
0 0

[PATCH 5.2 00/20] 5.2.6-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.2.6 release. There are 20 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun 04 Aug 2019 09:19:34 AM UTC. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.2.6-rc1.… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.2.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.2.6-rc1 Yan, Zheng <zyan(a)redhat.com> ceph: hold i_ceph_lock when removing caps for freeing inode Yoshinori Sato <ysato(a)users.sourceforge.jp> Fix allyesconfig output. Miroslav Lichvar <mlichvar(a)redhat.com> drivers/pps/pps.c: clear offset flags in PPS_SETPARAMS ioctl Linus Torvalds <torvalds(a)linux-foundation.org> /proc/<pid>/cmdline: add back the setproctitle() special case Linus Torvalds <torvalds(a)linux-foundation.org> /proc/<pid>/cmdline: remove all the special cases Jann Horn <jannh(a)google.com> sched/fair: Use RCU accessors consistently for ->numa_group Jann Horn <jannh(a)google.com> sched/fair: Don't free p->numa_faults with concurrent readers Vladis Dronov <vdronov(a)redhat.com> Bluetooth: hci_uart: check for missing tty operations Marta Rybczynska <mrybczyn(a)kalray.eu> nvme: fix multipath crash when ANA is deactivated Florian Westphal <fw(a)strlen.de> xfrm: policy: fix bydst hlist corruption on hash rebuild Luke Nowakowski-Krijger <lnowakow(a)eng.ucsd.edu> media: radio-raremono: change devm_k*alloc to k*alloc Benjamin Coddington <bcodding(a)redhat.com> NFS: Cleanup if nfs_match_client is interrupted Andrey Konovalov <andreyknvl(a)google.com> media: pvrusb2: use a different format for warnings Oliver Neukum <oneukum(a)suse.com> media: cpia2_usb: first wake up, then free in disconnect Fabio Estevam <festevam(a)gmail.com> ath10k: Change the warning message string Sean Young <sean(a)mess.org> media: au0828: fix null dereference in error path Stanislav Fomichev <sdf(a)google.com> bpf: fix NULL deref in btf_type_is_resolve_source_only Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Sanity checks for each pipe and EP types Phong Tran <tranmanphong(a)gmail.com> ISDN: hfcsusb: checking idx of ep configuration Sunil Muthuswamy <sunilmut(a)microsoft.com> vsock: correct removal of socket from the list ------------- Diffstat: Makefile | 4 +- arch/sh/boards/Kconfig | 14 +-- drivers/bluetooth/hci_ath.c | 3 + drivers/bluetooth/hci_bcm.c | 3 + drivers/bluetooth/hci_intel.c | 3 + drivers/bluetooth/hci_ldisc.c | 13 +++ drivers/bluetooth/hci_mrvl.c | 3 + drivers/bluetooth/hci_qca.c | 3 + drivers/bluetooth/hci_uart.h | 1 + drivers/isdn/hardware/mISDN/hfcsusb.c | 3 + drivers/media/radio/radio-raremono.c | 30 ++++-- drivers/media/usb/au0828/au0828-core.c | 12 +-- drivers/media/usb/cpia2/cpia2_usb.c | 3 +- drivers/media/usb/pvrusb2/pvrusb2-hdw.c | 4 +- drivers/media/usb/pvrusb2/pvrusb2-i2c-core.c | 6 +- drivers/media/usb/pvrusb2/pvrusb2-std.c | 2 +- drivers/net/wireless/ath/ath10k/usb.c | 2 +- drivers/nvme/host/multipath.c | 8 +- drivers/nvme/host/nvme.h | 6 +- drivers/pps/pps.c | 8 ++ fs/ceph/caps.c | 10 +- fs/ceph/inode.c | 2 +- fs/ceph/super.h | 2 +- fs/exec.c | 2 +- fs/nfs/client.c | 4 +- fs/proc/base.c | 132 +++++++++++++----------- include/linux/sched.h | 10 +- include/linux/sched/numa_balancing.h | 4 +- kernel/bpf/btf.c | 12 +-- kernel/fork.c | 2 +- kernel/sched/fair.c | 144 +++++++++++++++++++-------- net/vmw_vsock/af_vsock.c | 38 ++----- net/xfrm/xfrm_policy.c | 12 ++- sound/usb/helper.c | 17 ++++ sound/usb/helper.h | 1 + sound/usb/quirks.c | 18 +++- tools/testing/selftests/net/xfrm_policy.sh | 27 ++++- 37 files changed, 368 insertions(+), 200 deletions(-)

3 years, 11 months

8
39
0 0

[PATCH 4.4 00/70] 4.4.165-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.4.165 release. There are 70 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed Nov 28 10:50:16 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.4.165-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.4.165-rc1 Eric Biggers <ebiggers(a)google.com> HID: uhid: forbid UHID_CREATE under KERNEL_DS or elevated privileges Al Viro <viro(a)zeniv.linux.org.uk> new helper: uaccess_kernel() Hans de Goede <hdegoede(a)redhat.com> ACPI / platform: Add SMB0001 HID to forbidden_id_list Gustavo A. R. Silva <gustavo(a)embeddedor.com> drivers/misc/sgi-gru: fix Spectre v1 vulnerability Mattias Jacobsson <2pi(a)mok.nu> USB: misc: appledisplay: add 20" Apple Cinema Display Nathan Chancellor <natechancellor(a)gmail.com> misc: atmel-ssc: Fix section annotation on atmel_ssc_get_driver_data Emmanuel Pescosta <emmanuelpescosta099(a)gmail.com> usb: quirks: Add delay-init quirk for Corsair K70 LUX RGB Kai-Heng Feng <kai.heng.feng(a)canonical.com> USB: quirks: Add no-lpm quirk for Raydium touchscreens Maarten Jacobs <maarten256(a)outlook.com> usb: cdc-acm: add entry for Hiro (Conexant) modem Dan Carpenter <dan.carpenter(a)oracle.com> uio: Fix an Oops on load Sakari Ailus <sakari.ailus(a)linux.intel.com> media: v4l: event: Add subscription to list before calling "add" operation Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV" Hans Verkuil <hverkuil(a)xs4all.nl> Revert "media: videobuf2-core: don't call memop 'finish' when queueing" Lu Fengqi <lufq.fnst(a)cn.fujitsu.com> btrfs: fix pinned underflow after transaction aborted Andreas Gruenbacher <agruenba(a)redhat.com> gfs2: Put bitmap buffers in put_super YueHaibing <yuehaibing(a)huawei.com> SUNRPC: drop pointless static qualifier in xdr_get_next_encode_buffer() Minchan Kim <minchan(a)kernel.org> zram: close udev startup race condition as default groups Vignesh R <vigneshr(a)ti.com> i2c: omap: Enable for ARCH_K3 Jeremy Linton <jeremy.linton(a)arm.com> lib/raid6: Fix arm64 test build Geert Uytterhoeven <geert(a)linux-m68k.org> hwmon: (ibmpowernv) Remove bogus __init annotations Taehee Yoo <ap420073(a)gmail.com> netfilter: xt_IDLETIMER: add sysfs filename checking routine Jozsef Kadlecsik <kadlec(a)blackhole.kfki.hu> netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment() Justin M. Forbes <jforbes(a)fedoraproject.org> s390/mm: Fix ERROR: "__node_distance" undefined! Eric Westbrook <eric(a)westbrook.io> netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net Vasily Gorbik <gor(a)linux.ibm.com> s390/vdso: add missing FORCE to build targets Nathan Chancellor <natechancellor(a)gmail.com> arm64: percpu: Initialize ret in the default case Paul Gortmaker <paul.gortmaker(a)windriver.com> platform/x86: acerhdf: Add BIOS entry for Gateway LT31 v1.3307 Marek Szyprowski <m.szyprowski(a)samsung.com> clk: samsung: exynos5420: Enable PERIS clocks for suspend Chengguang Xu <cgxu519(a)gmx.com> fs/exofs: fix potential memory leak in mount option parsing Richard Weinberger <richard(a)nod.at> um: Give start_idle_thread() a return code Ernesto A. Fernández <ernesto.mnd.fernandez(a)gmail.com> hfsplus: prevent btree data loss on root split Ernesto A. Fernández <ernesto.mnd.fernandez(a)gmail.com> hfs: prevent btree data loss on root split Jann Horn <jannh(a)google.com> reiserfs: propagate errors from fill_with_dentries() properly Matthias Kaehlcke <mka(a)chromium.org> x86/build: Use cc-option to validate stack alignment parameter Matthias Kaehlcke <mka(a)chromium.org> x86/build: Fix stack alignment for CLang Michael Davidson <md(a)google.com> x86/boot: #undef memcpy() et al in string.c Matthias Kaehlcke <mka(a)chromium.org> x86/build: Specify stack alignment for clang Matthias Kaehlcke <mka(a)chromium.org> x86/build: Use __cc-option for boot code compiler options Matthias Kaehlcke <mka(a)chromium.org> kbuild: Add __cc-option macro Matthias Kaehlcke <mka(a)chromium.org> x86/mm/kaslr: Use the _ASM_MUL macro for multiplication to work around Clang incompatibility Michael Davidson <md(a)google.com> crypto, x86: aesni - fix token pasting for clang Matthias Kaehlcke <mka(a)chromium.org> x86/kbuild: Use cc-option to enable -falign-{jumps/loops} Matthias Kaehlcke <mka(a)chromium.org> arm64: Disable asm-operand-width warning for clang Stefan Agner <stefan(a)agner.ch> kbuild: allow to use GCC toolchain not in Clang search path Stefan Agner <stefan(a)agner.ch> kbuild: set no-integrated-as before incl. arch Makefile Sodagudi Prasad <psodagud(a)codeaurora.org> kbuild: clang: disable unused variable warnings only when constant Nick Desaulniers <nick.desaulniers(a)gmail.com> kbuild: clang: remove crufty HOSTCFLAGS David Lin <dtwlin(a)google.com> kbuild: clang: fix build failures with sparse check Masahiro Yamada <yamada.masahiro(a)socionext.com> kbuild: move cc-option and cc-disable-warning after incl. arch Makefile Chris Fries <cfries(a)google.com> kbuild: Set KBUILD_CFLAGS before incl. arch Makefile Nick Desaulniers <ndesaulniers(a)google.com> kbuild: fix linker feature test macros when cross compiling with Clang Ard Biesheuvel <ard.biesheuvel(a)linaro.org> efi/libstub/arm64: Set -fpie when building the EFI stub Ard Biesheuvel <ard.biesheuvel(a)linaro.org> efi/libstub/arm64: Force 'hidden' visibility for section markers Ard Biesheuvel <ard.biesheuvel(a)linaro.org> crypto: arm64/sha - avoid non-standard inline asm tricks Matthias Kaehlcke <mka(a)chromium.org> kbuild: clang: Disable 'address-of-packed-member' warning Arnd Bergmann <arnd(a)arndb.de> modules: mark __inittest/__exittest as __maybe_unused Vinícius Tinti <viniciustinti(a)gmail.com> kbuild: Add support to generate LLVM assembly files Behan Webster <behanw(a)converseincode.com> kbuild: use -Oz instead of -Os when using clang Mark Charlebois <charlebm(a)gmail.com> kbuild, LLVMLinux: Add -Werror to cc-option to support clang Masahiro Yamada <yamada.masahiro(a)socionext.com> kbuild: drop -Wno-unknown-warning-option from clang options Jeroen Hofstee <jeroen(a)myspectrum.nl> kbuild: fix asm-offset generation to work with clang Masahiro Yamada <yamada.masahiro(a)socionext.com> kbuild: consolidate redundant sed script ASM offset generation Matthias Kaehlcke <mka(a)chromium.org> kbuild: Consolidate header generation from ASM offset information Michael Davidson <md(a)google.com> kbuild: clang: add -no-integrated-as to KBUILD_[AC]FLAGS Behan Webster <behanw(a)converseincode.com> kbuild: Add better clang cross build support David Ahern <dsahern(a)gmail.com> ipv6: Fix PMTU updates for UDP/raw sockets in presence of VRF Siva Reddy Kallam <siva.kallam(a)broadcom.com> tg3: Add PHY reset for 5717/5719/5720 in change ring and flow control paths Eric Dumazet <edumazet(a)google.com> net-gro: reset skb->pkt_type in napi_reuse_skb() Sabrina Dubroca <sd(a)queasysnail.net> ip_tunnel: don't force DF when MTU is locked 배석진 <soukjin.bae(a)samsung.com> flow_dissector: do not dissect l4 ports for fragments ------------- Diffstat: .gitignore | 1 + Kbuild | 25 --------------- Makefile | 41 ++++++++++++++++-------- arch/arm64/Makefile | 4 +++ arch/arm64/crypto/sha1-ce-core.S | 6 ++-- arch/arm64/crypto/sha1-ce-glue.c | 11 ++----- arch/arm64/crypto/sha2-ce-core.S | 6 ++-- arch/arm64/crypto/sha2-ce-glue.c | 13 +++----- arch/arm64/include/asm/percpu.h | 3 ++ arch/ia64/kernel/Makefile | 26 ++-------------- arch/s390/kernel/vdso32/Makefile | 6 ++-- arch/s390/kernel/vdso64/Makefile | 6 ++-- arch/s390/numa/numa.c | 1 + arch/um/os-Linux/skas/process.c | 5 +++ arch/x86/Makefile | 39 +++++++++++++++++------ arch/x86/boot/compressed/aslr.c | 3 +- arch/x86/boot/string.c | 9 ++++++ arch/x86/crypto/aes_ctrby8_avx-x86_64.S | 7 ++--- arch/x86/include/asm/asm.h | 1 + drivers/acpi/acpi_platform.c | 1 + drivers/block/zram/zram_drv.c | 26 ++++------------ drivers/bluetooth/Kconfig | 1 - drivers/clk/samsung/clk-exynos5420.c | 1 + drivers/firmware/efi/libstub/Makefile | 2 +- drivers/firmware/efi/libstub/arm64-stub.c | 10 +++++- drivers/hid/uhid.c | 13 ++++++++ drivers/hwmon/ibmpowernv.c | 7 ++--- drivers/i2c/busses/Kconfig | 2 +- drivers/media/v4l2-core/v4l2-event.c | 43 ++++++++++++++------------ drivers/media/v4l2-core/videobuf2-core.c | 9 ++---- drivers/misc/atmel-ssc.c | 2 +- drivers/misc/sgi-gru/grukdump.c | 4 +++ drivers/net/ethernet/broadcom/tg3.c | 18 +++++++++-- drivers/platform/x86/acerhdf.c | 1 + drivers/uio/uio.c | 7 +++-- drivers/usb/class/cdc-acm.c | 3 ++ drivers/usb/core/quirks.c | 8 +++++ drivers/usb/misc/appledisplay.c | 1 + fs/btrfs/disk-io.c | 19 +++++++++--- fs/exofs/super.c | 5 ++- fs/gfs2/rgrp.c | 3 +- fs/hfs/brec.c | 4 +++ fs/hfsplus/brec.c | 4 +++ fs/reiserfs/xattr.c | 7 +++++ include/linux/kbuild.h | 6 ++-- include/linux/module.h | 4 +-- include/linux/netfilter/ipset/ip_set_comment.h | 4 +-- include/linux/uaccess.h | 3 ++ lib/raid6/test/Makefile | 4 +-- net/core/dev.c | 4 +++ net/core/flow_dissector.c | 4 +-- net/ipv4/ip_tunnel_core.c | 2 +- net/ipv6/route.c | 8 +++-- net/netfilter/ipset/ip_set_hash_netportnet.c | 8 ++--- net/netfilter/xt_IDLETIMER.c | 20 ++++++++++++ net/sunrpc/xdr.c | 2 +- scripts/Kbuild.include | 18 +++++++---- scripts/Makefile.build | 8 +++++ scripts/Makefile.extrawarn | 1 - scripts/Makefile.lib | 31 +++++++++++++++++++ scripts/mod/Makefile | 28 ++--------------- 61 files changed, 349 insertions(+), 220 deletions(-)

4 years

9
88
0 0

[PATCH 5.4 000/203] 5.4.13-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.4.13 release. There are 203 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat, 18 Jan 2020 23:16:00 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.4.13-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.4.13-rc1 Kai Li <li.kai4(a)h3c.com> ocfs2: call journal flush to mark journal as empty after journal recovery when mount Nick Desaulniers <ndesaulniers(a)google.com> hexagon: work around compiler crash Nick Desaulniers <ndesaulniers(a)google.com> hexagon: parenthesize registers in asm predicates Ard Biesheuvel <ardb(a)kernel.org> kbuild/deb-pkg: annotate libelf-dev dependency as :native Sakari Ailus <sakari.ailus(a)linux.intel.com> media: intel-ipu3: Align struct ipu3_uapi_awb_fr_config_s to 32 bytes changzhu <Changfeng.Zhu(a)amd.com> drm/amdgpu: enable gfxoff for raven1 refresh Alexander.Barabash(a)dell.com <Alexander.Barabash(a)dell.com> ioat: ioat_alloc_ring() failure handling. Julian Wiedmann <jwi(a)linux.ibm.com> s390/qeth: lock the card while changing its hsuid John Stultz <john.stultz(a)linaro.org> dmaengine: k3dma: Avoid null pointer traversal David Howells <dhowells(a)redhat.com> rxrpc: Fix missing security check on incoming calls David Howells <dhowells(a)redhat.com> rxrpc: Don't take call->user_mutex in rxrpc_new_incoming_call() David Howells <dhowells(a)redhat.com> rxrpc: Unlock new call in rxrpc_new_incoming_call() rather than the caller Ben Dooks (Codethink) <ben.dooks(a)codethink.co.uk> drm/arm/mali: make malidp_mw_connector_helper_funcs static Jouni Hogander <jouni.hogander(a)unikie.com> MIPS: Prevent link failure with kcov instrumentation Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> tomoyo: Suppress RCU warning at list_for_each_entry_rcu(). Vincenzo Frascino <vincenzo.frascino(a)arm.com> mips: Fix gettimeofday() in the vdso library Vladimir Kondratiev <vladimir.kondratiev(a)intel.com> mips: cacheinfo: report shared CPU map Olof Johansson <olof(a)lixom.net> riscv: export flush_icache_all to modules Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com> rseq/selftests: Turn off timeout setting Shuah Khan <skhan(a)linuxfoundation.org> selftests: firmware: Fix it to do root uid check and skip Israel Rukshin <israelr(a)mellanox.com> scsi: target/iblock: Fix protection error with blocks greater than 512B Varun Prakash <varun(a)chelsio.com> scsi: libcxgbi: fix NULL pointer dereference in cxgbi_device_destroy() Johnson CH Chen (陳昭勳) <JohnsonCH.Chen(a)moxa.com> gpio: mpc8xxx: Add platform device to gpiochip->parent Matti Vaittinen <matti.vaittinen(a)fi.rohmeurope.com> rtc: bd70528: Add MODULE ALIAS to autoload module Chuhong Yuan <hslester96(a)gmail.com> rtc: brcmstb-waketimer: add missed clk_disable_unprepare Kars de Jong <jongk(a)linux-m68k.org> rtc: msm6242: Fix reading of 10-hour digit Olga Kornievskaia <olga.kornievskaia(a)gmail.com> NFSD fixing possible null pointer derefering in copy offload Chao Yu <chao(a)kernel.org> f2fs: fix potential overflow Victorien Molle <victorien.molle(a)wifirst.fr> sch_cake: Add missing NLA policy entry TCA_CAKE_SPLIT_GSO Luca Coelho <luciano.coelho(a)intel.com> iwlwifi: mvm: fix support for single antenna diversity Nathan Chancellor <natechancellor(a)gmail.com> rtlwifi: Remove unnecessary NULL check in rtl_regd_init Mordechay Goodstein <mordechay.goodstein(a)intel.com> iwlwifi: mvm: consider ieee80211 station max amsdu value Navid Emamdoost <navid.emamdoost(a)gmail.com> spi: lpspi: fix memory leak in fsl_lpspi_probe Geert Uytterhoeven <geert+renesas(a)glider.be> spi: rspi: Use platform_get_irq_byname_optional() for optional irqs Mans Rullgard <mans(a)mansr.com> spi: atmel: fix handling of cs_change set on non-last xfer Daniel Vetter <daniel.vetter(a)ffwll.ch> spi: pxa2xx: Set controller->max_transfer_size in dma mode Sergei Shtylyov <sergei.shtylyov(a)cogentembedded.com> mtd: spi-nor: fix silent truncation in spi_nor_read_raw() Sergei Shtylyov <sergei.shtylyov(a)cogentembedded.com> mtd: spi-nor: fix silent truncation in spi_nor_read() Huanpeng Xin <huanpeng.xin(a)unisoc.com> spi: sprd: Fix the incorrect SPI register Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: do_kill_orphans: Fix a memory leak bug Ben Dooks (Codethink) <ben.dooks(a)codethink.co.uk> ubifs: Fixed missed le64_to_cpu() in journal Richard Weinberger <richard(a)nod.at> Revert "ubifs: Fix memory leak bug in alloc_ubifs_info() error path" Yong Wu <yong.wu(a)mediatek.com> memory: mtk-smi: Add PM suspend and resume ops Yong Wu <yong.wu(a)mediatek.com> iommu/mediatek: Add a new tlb_lock for tlb_flush Yong Wu <yong.wu(a)mediatek.com> iommu/mediatek: Correct the flush_iotlb_all callback Jonas Karlman <jonas(a)kwiboo.se> media: hantro: Set H264 FIELDPIC_FLAG_E flag correctly Navid Emamdoost <navid.emamdoost(a)gmail.com> media: aspeed-video: Fix memory leaks in aspeed_video_probe Jonas Karlman <jonas(a)kwiboo.se> media: hantro: Do not reorder H264 scaling list Jonas Karlman <jonas(a)kwiboo.se> media: cedrus: Use correct H264 8x8 scaling list Philipp Zabel <p.zabel(a)pengutronix.de> media: coda: fix deadlock between decoder picture run and start command Seung-Woo Kim <sw0312.kim(a)samsung.com> media: exynos4-is: Fix recursive locking in isp_video_release() Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> media: v4l: cadence: Fix how unsued lanes are handled in 'csi2rx_start()' Boris Brezillon <boris.brezillon(a)collabora.com> media: hantro: h264: Fix the frame_num wraparound case Niklas Söderlund <niklas.soderlund+renesas(a)ragnatech.se> media: rcar-vin: Fix incorrect return statement in rvin_try_format() Janusz Krzysztofik <jmkrzyszt(a)gmail.com> media: ov6650: Fix default format not applied on device probe Janusz Krzysztofik <jmkrzyszt(a)gmail.com> media: ov6650: Fix .get_fmt() V4L2_SUBDEV_FORMAT_TRY support Janusz Krzysztofik <jmkrzyszt(a)gmail.com> media: ov6650: Fix some format attributes not under control Janusz Krzysztofik <jmkrzyszt(a)gmail.com> media: ov6650: Fix incorrect use of JPEG colorspace Dietmar Eggemann <dietmar.eggemann(a)arm.com> ARM: 8943/1: Fix topology setup in case of CPU hotplug for CONFIG_SCHED_MC Peng Fan <peng.fan(a)nxp.com> tty: serial: pch_uart: correct usage of dma_unmap_sg Peng Fan <peng.fan(a)nxp.com> tty: serial: imx: use the sg count from dma_map_sg Thomas Bogendoerfer <tbogendoerfer(a)suse.de> MIPS: SGI-IP27: Fix crash, when CPUs are disabled via nr_cpus parameter Tiezhu Yang <yangtiezhu(a)loongson.cn> MIPS: Loongson: Fix return value of loongson_hwmon_init Thomas Bogendoerfer <tbogendoerfer(a)suse.de> MIPS: PCI: remember nasid changed by set interrupt affinity Oliver O'Halloran <oohall(a)gmail.com> powerpc/powernv: Disable native PCIe port management Bjorn Helgaas <bhelgaas(a)google.com> PCI/PTM: Remove spurious "d" from granularity message Hewenliang <hewenliang4(a)huawei.com> tools: PCI: Fix fd leakage Bjorn Helgaas <bhelgaas(a)google.com> PCI/PM: Clear PCIe PME Status even for legacy power management Rob Herring <robh(a)kernel.org> PCI: Fix missing bridge dma_ranges resource list cleanup Niklas Cassel <niklas.cassel(a)linaro.org> PCI: dwc: Fix find_next_bit() usage Remi Pommarel <repk(a)triplefau.lt> PCI: aardvark: Fix PCI_EXP_RTCTL register configuration Remi Pommarel <repk(a)triplefau.lt> PCI: aardvark: Use LTSSM state to build link training flag Arnd Bergmann <arnd(a)arndb.de> compat_ioctl: handle SIOCOUTQNSD Arnd Bergmann <arnd(a)arndb.de> af_unix: add compat_ioctl support Arnd Bergmann <arnd(a)arndb.de> gfs2: add compat_ioctl support Loic Poulain <loic.poulain(a)linaro.org> arm64: dts: apq8096-db820c: Increase load on l21 for SDCARD Arnd Bergmann <arnd(a)arndb.de> scsi: sd: enable compat ioctls for sed-opal Xiaojie Yuan <xiaojie.yuan(a)amd.com> drm/amdgpu/discovery: reserve discovery data at the top of VRAM Christian König <christian.koenig(a)amd.com> drm/amdgpu: cleanup creating BOs at fixed location (v2) Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "drm/virtio: switch virtio_gpu_wait_ioctl() to gem helper." Mika Westerberg <mika.westerberg(a)linux.intel.com> PCI: pciehp: Do not disable interrupt twice on suspend Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> pinctrl: lewisburg: Update pin list according to v1.1v6 Geert Uytterhoeven <geert+renesas(a)glider.be> pinctrl: sh-pfc: Do not use platform_get_irq() to count interrupts Keiya Nobuta <nobuta.keiya(a)fujitsu.com> pinctrl: sh-pfc: Fix PINMUX_IPSR_PHYS() to set GPSR Colin Ian King <colin.king(a)canonical.com> pinctl: ti: iodelay: fix error checking on pinctrl_count_index_with_args call Navid Emamdoost <navid.emamdoost(a)gmail.com> affs: fix a memory leak in affs_remount Denis Efremov <efremov(a)linux.com> rsi: fix potential null dereference in rsi_probe() Leonard Crestez <leonard.crestez(a)nxp.com> clk: imx: pll14xx: Fix quick switch of S/K parameter Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> dmaengine: dw: platform: Mark 'hclk' clock optional Kishon Vijay Abraham I <kishon(a)ti.com> clk: Fix memory leak in clk_unregister() Marian Mihailescu <mihailescu2m(a)gmail.com> clk: samsung: exynos5420: Preserve CPU clocks configuration during suspend/resume Jerome Brunet <jbrunet(a)baylibre.com> clk: meson: axg-audio: fix regmap last register Alexander Usyskin <alexander.usyskin(a)intel.com> mei: fix modalias documentation Alexandru Ardelean <alexandru.ardelean(a)analog.com> iio: imu: adis16480: assign bias value only if operation succeeded Lorenzo Bianconi <lorenzo(a)kernel.org> iio: imu: st_lsm6dsx: fix gyro gain definitions for LSM9DS1 Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4.x: Drop the slot if nfs4_delegreturn_prepare waits for layoutreturn Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4.x: Handle bad/dead sessions correctly in nfs41_sequence_process() Scott Mayhew <smayhew(a)redhat.com> nfsd: v4 support requires CRYPTO_SHA256 Scott Mayhew <smayhew(a)redhat.com> nfsd: Fix cld_net->cn_tfm initialization Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv2: Fix a typo in encode_sattr() Eric Biggers <ebiggers(a)google.com> crypto: geode-aes - convert to skcipher API and make thread-safe Herbert Xu <herbert(a)gondor.apana.org.au> crypto: algif_skcipher - Use chunksize instead of blocksize Ard Biesheuvel <ardb(a)kernel.org> crypto: virtio - implement missing support for output IVs Yunfeng Ye <yeyunfeng(a)huawei.com> crypto: arm64/aes-neonbs - add return value of skcipher_walk_done() in __xts_crypt() Zhou Wang <wangzhou1(a)hisilicon.com> crypto: hisilicon - select NEED_SG_DMA_LENGTH in qm Kconfig Phani Kiran Hemadri <phemadri(a)marvell.com> crypto: cavium/nitrox - fix firmware assignment to AE cores Can Guo <cang(a)codeaurora.org> scsi: ufs: Give an unique ID to each ufs-bsg Diego Calleja <diegocg(a)gmail.com> dm: add dm-clone to the documentation index Chuck Lever <chuck.lever(a)oracle.com> xprtrdma: Fix oops in Receive handler after device removal Chuck Lever <chuck.lever(a)oracle.com> xprtrdma: Fix completion wait during device removal Chuck Lever <chuck.lever(a)oracle.com> xprtrdma: Fix create_qp crash on device unload Vadim Pasternak <vadimp(a)mellanox.com> Documentation/ABI: Add missed attribute for mlxreg-io sysfs interfaces Vadim Pasternak <vadimp(a)mellanox.com> Documentation/ABI: Fix documentation inconsistency for mlxreg-io sysfs interfaces Mike Rapoport <rppt(a)linux.ibm.com> asm-generic/nds32: don't redefine cacheflush primitives Hans de Goede <hdegoede(a)redhat.com> platform/x86: GPD pocket fan: Use default values when wrong modparams are given Jian-Hong Pan <jian-hong(a)endlessm.com> platform/x86: asus-wmi: Fix keyboard brightness cannot be set to 0 Liming Sun <lsun(a)mellanox.com> platform/mellanox: fix potential deadlock in the tmfifo driver Xiang Chen <chenxiang66(a)hisilicon.com> scsi: sd: Clear sdkp->protection_type if disk is reformatted without PI James Bottomley <James.Bottomley(a)HansenPartnership.com> scsi: enclosure: Fix stale device oops with hot replug David Howells <dhowells(a)redhat.com> keys: Fix request_key() cache David Howells <dhowells(a)redhat.com> afs: Fix afs_lookup() to not clobber the version on a new dentry David Howells <dhowells(a)redhat.com> afs: Fix use-after-loss-of-ref Andrii Nakryiko <andriin(a)fb.com> libbpf: Fix Makefile' libbpf symbol mismatch diagnostic Stanislav Fomichev <sdf(a)google.com> bpf: Support pre-2.25-binutils objcopy for vmlinux BTF John Fastabend <john.fastabend(a)gmail.com> bpf: skmsg, fix potential psock NULL pointer dereference Daniel Borkmann <daniel(a)iogearbox.net> bpf: Make use of probe_user_write in probe write helper Daniel Borkmann <daniel(a)iogearbox.net> uaccess: Add non-pagefault user-space write function Bart Van Assche <bvanassche(a)acm.org> RDMA/srpt: Report the SCSI residual to the initiator Leon Romanovsky <leon(a)kernel.org> RDMA/mlx5: Return proper error value Jason Gunthorpe <jgg(a)ziepe.ca> rdma: Remove nes ABI header Yangyang Li <liyangyang20(a)huawei.com> RDMA/hns: Bugfix for qpc/cqc timer configuration Lijun Ou <oulijun(a)huawei.com> RDMA/hns: Fix to support 64K page for srq Chuck Lever <chuck.lever(a)oracle.com> xprtrdma: Close window between waking RPC senders and posting Receives Chuck Lever <chuck.lever(a)oracle.com> xprtrdma: Fix MR list handling Chuck Lever <chuck.lever(a)oracle.com> xprtrdma: Connection becomes unstable after a reconnect Chuck Lever <chuck.lever(a)oracle.com> xprtrdma: Add unique trace points for posting Local Invalidate WRs Yangyang Li <liyangyang20(a)huawei.com> RDMA/hns: Release qp resources when failed to destroy qp Arnd Bergmann <arnd(a)arndb.de> RDMA/hns: Fix build error again Bart Van Assche <bvanassche(a)acm.org> RDMA/siw: Fix port number endianness in a debug message Mark Zhang <markz(a)mellanox.com> RDMA/counter: Prevent QP counter manual binding in auto mode Lang Cheng <chenglang(a)huawei.com> RDMA/hns: Modify return value of restrack functions Weihang Li <liweihang(a)hisilicon.com> RDMA/hns: remove a redundant le16_to_cpu Jason Gunthorpe <jgg(a)ziepe.ca> RDMA/hns: Prevent undefined behavior in hns_roce_set_user_sq_size() Nilkanth Ahirrao <anilkanth(a)jp.adit-jv.com> ASoC: rsnd: fix DALIGN register for SSIU Takashi Iwai <tiwai(a)suse.de> ASoC: core: Fix compile warning with CONFIG_DEBUG_FS=n Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> ASoC: SOF: Intel: Broadwell: clarify mutual exclusion with legacy driver Shengjiu Wang <shengjiu.wang(a)nxp.com> ASoC: fsl_esai: Add spin lock to protect reset, stop and start Daniel Baluta <daniel.baluta(a)nxp.com> ASoC: simple_card_utils.h: Add missing include Tzung-Bi Shih <tzungbi(a)google.com> ASoC: dt-bindings: mt8183: add missing update Arnd Bergmann <arnd(a)arndb.de> netfilter: nft_meta: use 64-bit time arithmetic Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables_offload: release flow_rule on error from commit path Goldwyn Rodrigues <rgoldwyn(a)suse.com> btrfs: simplify inode locking for RWF_NOWAIT Taehee Yoo <ap420073(a)gmail.com> hsr: fix slab-out-of-bounds Read in hsr_debugfs_rename() Sami Tolvanen <samitolvanen(a)google.com> syscalls/x86: Fix function types in COND_SYSCALL Sami Tolvanen <samitolvanen(a)google.com> syscalls/x86: Use the correct function type for sys_ni_syscall Sami Tolvanen <samitolvanen(a)google.com> syscalls/x86: Use COMPAT_SYSCALL_DEFINE0 for IA32 (rt_)sigreturn Andy Lutomirski <luto(a)kernel.org> syscalls/x86: Wire up COMPAT_SYSCALL_DEFINE0 Ed Maste <emaste(a)freebsd.org> perf vendor events s390: Remove name from L1D_RO_EXCL_WRITES description David Howells <dhowells(a)redhat.com> afs: Fix missing cell comparison in afs_test_super() Florian Fainelli <f.fainelli(a)gmail.com> reset: brcmstb: Remove resource checks Florian Fainelli <f.fainelli(a)gmail.com> dt-bindings: reset: Fix brcmstb-reset example Marc Kleine-Budde <mkl(a)pengutronix.de> can: j1939: fix address claim code example Christian Lamparter <chunkeey(a)gmail.com> ath9k: use iowrite32 over __raw_writel Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> MAINTAINERS: Append missed file to the database Paul Menzel <pmenzel(a)molgen.mpg.de> scsi: smartpqi: Update attribute name to `driver_version` Nathan Chancellor <natechancellor(a)gmail.com> cifs: Adjust indentation in smb2_open_file Julian Wiedmann <jwi(a)linux.ibm.com> s390/qeth: fix initialization on old HW Alexandra Winter <wintera(a)linux.ibm.com> s390/qeth: vnicc Fix init to default Alexandra Winter <wintera(a)linux.ibm.com> s390/qeth: Fix vnicc_is_in_use if rx_bcast not set Alexandra Winter <wintera(a)linux.ibm.com> s390/qeth: fix false reporting of VNIC CHAR config failure Julian Wiedmann <jwi(a)linux.ibm.com> s390/qeth: fix qdio teardown after early init error Taehee Yoo <ap420073(a)gmail.com> hsr: reset network header when supervision frame is created Taehee Yoo <ap420073(a)gmail.com> hsr: rename debugfs file when interface name is changed Taehee Yoo <ap420073(a)gmail.com> hsr: add hsr root debugfs directory Thierry Reding <treding(a)nvidia.com> drm/tegra: Fix ordering of cleanup code Neil Armstrong <narmstrong(a)baylibre.com> PCI: amlogic: Fix probed clock names Arnd Bergmann <arnd(a)arndb.de> PM / devfreq: tegra: Add COMMON_CLK dependency Geert Uytterhoeven <geert+renesas(a)glider.be> gpio: Fix error message on out-of-range GPIO in lookup table Dan Carpenter <dan.carpenter(a)oracle.com> scsi: mpt3sas: Fix double free in attach error handling Ming Lei <ming.lei(a)redhat.com> fs: move guard_bio_eod() after bio_set_op_attrs Roman Gushchin <guro(a)fb.com> bpf: cgroup: prevent out-of-order release of cgroup bpf Jon Derrick <jonathan.derrick(a)intel.com> iommu: Remove device link to group on failure Jon Derrick <jonathan.derrick(a)intel.com> iommu/vt-d: Unlink device if failed to add to group Hangbin Liu <liuhangbin(a)gmail.com> selftests: loopback.sh: skip this test if the driver does not support Qianggui Song <qianggui.song(a)amlogic.com> pinctrl: meson: Fix wrong shift value when get drive-strength Swapna Manupati <swapna.manupati(a)xilinx.com> gpio: zynq: Fix for bug in zynq_gpio_restore_context API Peter Ujfalusi <peter.ujfalusi(a)ti.com> mtd: onenand: omap2: Pass correct flags for prep_dma_memcpy Daniel Baluta <daniel.baluta(a)nxp.com> ASoC: SOF: imx8: Fix dsp_box offset wenxu <wenxu(a)ucloud.cn> netfilter: nft_flow_offload: fix underflow in flowtable reference counter Arnd Bergmann <arnd(a)arndb.de> pinctrl: lochnagar: select GPIOLIB Olivier Moysan <olivier.moysan(a)st.com> ASoC: stm32: spdifrx: fix input pin state management Olivier Moysan <olivier.moysan(a)st.com> ASoC: stm32: spdifrx: fix race condition in irq handler Olivier Moysan <olivier.moysan(a)st.com> ASoC: stm32: spdifrx: fix inconsistent lock state Daniel Baluta <daniel.baluta(a)nxp.com> ASoC: soc-core: Set dpcm_playback / dpcm_capture Colin Ian King <colin.king(a)canonical.com> ASoC: SOF: imx8: fix memory allocation failure check on priv->pd_dev Stefan Wahren <wahrenst(a)gmx.net> i2c: bcm2835: Store pointer to bus clock Christophe Kerello <christophe.kerello(a)st.com> mtd: rawnand: stm32_fmc2: avoid to lock the CPU bus Kaike Wan <kaike.wan(a)intel.com> IB/hfi1: Don't cancel unused work item Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Fix Send Work Entry state check while polling completions Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Avoid freeing MR resources if dereg fails Tony Lindgren <tony(a)atomide.com> phy: mapphone-mdm6600: Fix uninitialized status value regression Ran Bi <ran.bi(a)mediatek.com> rtc: mt6397: fix alarm register overwrite Jiri Kosina <jkosina(a)suse.cz> HID: hidraw, uhid: Always report EPOLLOUT ------------- Diffstat: Documentation/ABI/stable/sysfs-driver-mlxreg-io | 13 +- Documentation/ABI/testing/sysfs-bus-mei | 2 +- Documentation/admin-guide/device-mapper/index.rst | 1 + .../bindings/reset/brcm,brcmstb-reset.txt | 2 +- .../sound/mt8183-mt6358-ts3a227-max98357.txt | 4 +- Documentation/networking/j1939.rst | 2 +- Documentation/scsi/smartpqi.txt | 2 +- MAINTAINERS | 1 + Makefile | 4 +- arch/arm/kernel/smp.c | 4 + arch/arm/kernel/topology.c | 10 +- arch/arm64/boot/dts/qcom/apq8096-db820c.dtsi | 2 + arch/arm64/crypto/aes-neonbs-glue.c | 2 +- arch/hexagon/include/asm/atomic.h | 8 +- arch/hexagon/include/asm/bitops.h | 8 +- arch/hexagon/include/asm/cmpxchg.h | 2 +- arch/hexagon/include/asm/futex.h | 6 +- arch/hexagon/include/asm/spinlock.h | 20 +- arch/hexagon/kernel/stacktrace.c | 4 +- arch/hexagon/kernel/vm_entry.S | 2 +- arch/mips/boot/compressed/Makefile | 3 + arch/mips/include/asm/vdso/gettimeofday.h | 13 - arch/mips/kernel/cacheinfo.c | 27 +- arch/mips/pci/pci-xtalk-bridge.c | 5 +- arch/mips/sgi-ip27/ip27-irq.c | 4 + arch/mips/vdso/vgettimeofday.c | 20 + arch/nds32/include/asm/cacheflush.h | 11 +- arch/powerpc/platforms/powernv/pci.c | 17 + arch/riscv/mm/cacheflush.c | 1 + arch/x86/entry/syscall_32.c | 8 +- arch/x86/entry/syscall_64.c | 14 +- arch/x86/entry/syscalls/syscall_32.tbl | 8 +- arch/x86/ia32/ia32_signal.c | 5 +- arch/x86/include/asm/syscall_wrapper.h | 53 ++- block/bio.c | 12 +- crypto/algif_skcipher.c | 2 +- drivers/clk/clk.c | 1 + drivers/clk/imx/clk-pll14xx.c | 40 +- drivers/clk/meson/axg-audio.c | 2 +- drivers/clk/samsung/clk-exynos5420.c | 2 + drivers/crypto/cavium/nitrox/nitrox_main.c | 9 +- drivers/crypto/geode-aes.c | 440 +++++++-------------- drivers/crypto/geode-aes.h | 15 +- drivers/crypto/hisilicon/Kconfig | 1 + drivers/crypto/virtio/virtio_crypto_algs.c | 9 + drivers/devfreq/Kconfig | 1 + drivers/dma/dw/platform.c | 2 +- drivers/dma/ioat/dma.c | 3 +- drivers/dma/k3dma.c | 12 +- drivers/gpio/gpio-mpc8xxx.c | 1 + drivers/gpio/gpio-zynq.c | 8 +- drivers/gpio/gpiolib.c | 5 +- drivers/gpu/drm/amd/amdgpu/amdgpu.h | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c | 4 +- drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.h | 2 + drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 61 +++ drivers/gpu/drm/amd/amdgpu/amdgpu_object.h | 3 + drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c | 85 +--- drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c | 99 ++--- drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c | 15 +- drivers/gpu/drm/amd/include/discovery.h | 1 - drivers/gpu/drm/arm/malidp_mw.c | 2 +- drivers/gpu/drm/tegra/drm.c | 14 +- drivers/gpu/drm/virtio/virtgpu_ioctl.c | 28 +- drivers/hid/hidraw.c | 7 +- drivers/hid/uhid.c | 5 +- drivers/i2c/busses/i2c-bcm2835.c | 17 +- drivers/iio/imu/adis16480.c | 6 +- drivers/iio/imu/st_lsm6dsx/st_lsm6dsx_core.c | 7 +- drivers/infiniband/core/counters.c | 12 +- drivers/infiniband/hw/bnxt_re/ib_verbs.c | 4 +- drivers/infiniband/hw/bnxt_re/qplib_fp.c | 12 +- drivers/infiniband/hw/hfi1/iowait.c | 4 +- drivers/infiniband/hw/hns/Kconfig | 17 +- drivers/infiniband/hw/hns/Makefile | 8 +- drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 18 +- drivers/infiniband/hw/hns/hns_roce_hw_v2.h | 4 +- drivers/infiniband/hw/hns/hns_roce_qp.c | 10 +- drivers/infiniband/hw/hns/hns_roce_restrack.c | 2 +- drivers/infiniband/hw/mlx5/mr.c | 2 +- drivers/infiniband/sw/siw/siw_cm.c | 9 +- drivers/infiniband/ulp/srpt/ib_srpt.c | 24 ++ drivers/iommu/intel-iommu.c | 13 +- drivers/iommu/iommu.c | 1 + drivers/iommu/mtk_iommu.c | 25 +- drivers/iommu/mtk_iommu.h | 1 + drivers/media/i2c/ov6650.c | 79 ++-- drivers/media/platform/aspeed-video.c | 3 +- drivers/media/platform/cadence/cdns-csi2rx.c | 2 +- drivers/media/platform/coda/coda-common.c | 4 +- drivers/media/platform/exynos4-is/fimc-isp-video.c | 2 +- drivers/media/platform/rcar-vin/rcar-v4l2.c | 3 +- drivers/memory/mtk-smi.c | 4 + drivers/misc/enclosure.c | 3 +- drivers/mtd/nand/onenand/omap2.c | 3 +- drivers/mtd/nand/raw/stm32_fmc2_nand.c | 38 +- drivers/mtd/spi-nor/spi-nor.c | 4 +- .../net/wireless/ath/ath9k/ath9k_pci_owl_loader.c | 2 +- drivers/net/wireless/intel/iwlwifi/mvm/fw.c | 20 +- drivers/net/wireless/intel/iwlwifi/mvm/rs-fw.c | 8 +- drivers/net/wireless/intel/iwlwifi/mvm/tx.c | 7 +- drivers/net/wireless/realtek/rtlwifi/regd.c | 2 +- drivers/net/wireless/rsi/rsi_91x_usb.c | 2 +- drivers/pci/controller/dwc/pci-meson.c | 6 +- drivers/pci/controller/dwc/pcie-designware-host.c | 11 +- drivers/pci/controller/pci-aardvark.c | 42 +- drivers/pci/hotplug/pciehp_core.c | 25 +- drivers/pci/pci-driver.c | 3 +- drivers/pci/pcie/ptm.c | 2 +- drivers/pci/probe.c | 1 + drivers/phy/motorola/phy-mapphone-mdm6600.c | 11 +- drivers/pinctrl/cirrus/Kconfig | 1 + drivers/pinctrl/intel/pinctrl-lewisburg.c | 171 ++++---- drivers/pinctrl/meson/pinctrl-meson.c | 1 + drivers/pinctrl/sh-pfc/core.c | 16 +- drivers/pinctrl/sh-pfc/sh_pfc.h | 4 +- drivers/pinctrl/ti/pinctrl-ti-iodelay.c | 2 +- drivers/platform/mellanox/mlxbf-tmfifo.c | 19 +- drivers/platform/mips/cpu_hwmon.c | 2 +- drivers/platform/x86/asus-wmi.c | 8 +- drivers/platform/x86/gpd-pocket-fan.c | 25 +- drivers/reset/reset-brcmstb.c | 6 - drivers/rtc/rtc-bd70528.c | 1 + drivers/rtc/rtc-brcmstb-waketimer.c | 1 + drivers/rtc/rtc-msm6242.c | 3 +- drivers/rtc/rtc-mt6397.c | 47 ++- drivers/s390/net/qeth_core_main.c | 29 +- drivers/s390/net/qeth_l2_main.c | 10 +- drivers/s390/net/qeth_l3_main.c | 2 +- drivers/s390/net/qeth_l3_sys.c | 40 +- drivers/scsi/cxgbi/libcxgbi.c | 3 +- drivers/scsi/mpt3sas/mpt3sas_base.c | 1 - drivers/scsi/sd.c | 18 +- drivers/scsi/ufs/ufs_bsg.c | 2 +- drivers/spi/spi-atmel.c | 10 +- drivers/spi/spi-fsl-lpspi.c | 2 +- drivers/spi/spi-pxa2xx.c | 7 + drivers/spi/spi-rspi.c | 8 +- drivers/spi/spi-sprd.c | 2 +- drivers/staging/media/hantro/hantro_g1_h264_dec.c | 2 +- drivers/staging/media/hantro/hantro_h264.c | 73 ++-- drivers/staging/media/ipu3/include/intel-ipu3.h | 2 +- drivers/staging/media/sunxi/cedrus/cedrus_h264.c | 4 +- drivers/target/target_core_iblock.c | 4 +- drivers/tty/serial/imx.c | 2 +- drivers/tty/serial/pch_uart.c | 5 +- fs/affs/super.c | 6 - fs/afs/dir.c | 18 +- fs/afs/super.c | 1 + fs/btrfs/file.c | 5 +- fs/buffer.c | 8 +- fs/cifs/smb2file.c | 2 +- fs/f2fs/data.c | 2 +- fs/f2fs/file.c | 2 +- fs/gfs2/file.c | 30 ++ fs/internal.h | 2 +- fs/mpage.c | 2 +- fs/nfs/nfs2xdr.c | 2 +- fs/nfs/nfs4proc.c | 38 +- fs/nfsd/Kconfig | 2 +- fs/nfsd/nfs4proc.c | 3 +- fs/nfsd/nfs4recover.c | 12 +- fs/ocfs2/journal.c | 8 + fs/ubifs/journal.c | 2 +- fs/ubifs/orphan.c | 17 +- fs/ubifs/super.c | 4 +- include/asm-generic/cacheflush.h | 33 +- include/crypto/internal/skcipher.h | 30 -- include/crypto/skcipher.h | 30 ++ include/linux/uaccess.h | 12 + include/sound/simple_card_utils.h | 1 + include/trace/events/afs.h | 12 +- include/trace/events/rpcrdma.h | 25 ++ include/uapi/rdma/nes-abi.h | 115 ------ kernel/bpf/cgroup.c | 11 +- kernel/cred.c | 4 +- kernel/trace/bpf_trace.c | 6 +- mm/maccess.c | 45 ++- net/core/skmsg.c | 13 +- net/hsr/hsr_debugfs.c | 36 +- net/hsr/hsr_device.c | 2 + net/hsr/hsr_main.c | 5 + net/hsr/hsr_main.h | 10 + net/hsr/hsr_netlink.c | 1 + net/netfilter/nf_tables_offload.c | 26 +- net/netfilter/nft_flow_offload.c | 3 - net/netfilter/nft_meta.c | 10 +- net/rxrpc/ar-internal.h | 10 +- net/rxrpc/call_accept.c | 60 +-- net/rxrpc/conn_event.c | 16 +- net/rxrpc/conn_service.c | 4 + net/rxrpc/input.c | 18 - net/rxrpc/rxkad.c | 5 +- net/rxrpc/security.c | 70 ++-- net/sched/sch_cake.c | 1 + net/socket.c | 1 + net/sunrpc/xprtrdma/frwr_ops.c | 4 +- net/sunrpc/xprtrdma/rpc_rdma.c | 1 + net/sunrpc/xprtrdma/transport.c | 3 + net/sunrpc/xprtrdma/verbs.c | 103 +++-- net/sunrpc/xprtrdma/xprt_rdma.h | 3 + net/unix/af_unix.c | 19 + scripts/link-vmlinux.sh | 7 +- scripts/package/mkdebian | 2 +- security/tomoyo/common.c | 9 +- security/tomoyo/domain.c | 15 +- security/tomoyo/group.c | 9 +- security/tomoyo/util.c | 6 +- sound/soc/fsl/fsl_esai.c | 12 + sound/soc/intel/Kconfig | 3 + sound/soc/sh/rcar/core.c | 20 +- sound/soc/soc-core.c | 2 + sound/soc/soc-pcm.c | 2 + sound/soc/sof/imx/imx8.c | 5 +- sound/soc/sof/intel/Kconfig | 10 +- sound/soc/stm/stm32_spdifrx.c | 40 +- tools/lib/bpf/Makefile | 2 +- tools/pci/pcitest.c | 1 + .../perf/pmu-events/arch/s390/cf_z14/extended.json | 2 +- tools/testing/selftests/firmware/fw_lib.sh | 6 + tools/testing/selftests/net/forwarding/loopback.sh | 8 + tools/testing/selftests/rseq/settings | 1 + 222 files changed, 1849 insertions(+), 1423 deletions(-)

4 years, 1 month

8
215
0 0

[PATCH] ext4: Fix checksum errors with indexed dirs

by Jan Kara

DIR_INDEX has been introduced as a compat ext4 feature. That means that even kernels / tools that don't understand the feature may modify the filesystem. This works because for kernels not understanding indexed dir format, internal htree nodes appear just as empty directory entries. Index dir aware kernels then check the htree structure is still consistent before using the data. This all worked reasonably well until metadata checksums were introduced. The problem is that these effectively made DIR_INDEX only ro-compatible because internal htree nodes store checksums in a different place than normal directory blocks. Thus any modification ignorant to DIR_INDEX (or just clearing EXT4_INDEX_FL from the inode) will effectively cause checksum mismatch and trigger kernel errors. So we have to be more careful when dealing with indexed directories on filesystems with checksumming enabled. 1) We just disallow loading and directory inodes with EXT4_INDEX_FL when DIR_INDEX is not enabled. This is harsh but it should be very rare (it means someone disabled DIR_INDEX on existing filesystem and didn't run e2fsck), e2fsck can fix the problem, and we don't want to answer the difficult question: "Should we rather corrupt the directory more or should we ignore that DIR_INDEX feature is not set?" 2) When we find out htree structure is corrupted (but the filesystem and the directory should in support htrees), we continue just ignoring htree information for reading but we refuse to add new entries to the directory to avoid corrupting it more. CC: stable(a)vger.kernel.org Fixes: dbe89444042a ("ext4: Calculate and verify checksums for htree nodes") Signed-off-by: Jan Kara <jack(a)suse.cz> --- fs/ext4/dir.c | 14 ++++++++------ fs/ext4/ext4.h | 5 ++++- fs/ext4/inode.c | 13 +++++++++++++ fs/ext4/namei.c | 7 +++++++ 4 files changed, 32 insertions(+), 7 deletions(-) diff --git a/fs/ext4/dir.c b/fs/ext4/dir.c index 9f00fc0bf21d..cb9ea593b544 100644 --- a/fs/ext4/dir.c +++ b/fs/ext4/dir.c @@ -129,12 +129,14 @@ static int ext4_readdir(struct file *file, struct dir_context *ctx) if (err != ERR_BAD_DX_DIR) { return err; } - /* - * We don't set the inode dirty flag since it's not - * critical that it get flushed back to the disk. - */ - ext4_clear_inode_flag(file_inode(file), - EXT4_INODE_INDEX); + /* Can we just clear INDEX flag to ignore htree information? */ + if (!ext4_has_metadata_csum(sb)) { + /* + * We don't set the inode dirty flag since it's not + * critical that it gets flushed back to the disk. + */ + ext4_clear_inode_flag(inode, EXT4_INODE_INDEX); + } } if (ext4_has_inline_data(inode)) { diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h index f8578caba40d..1fd6c1e2ce2a 100644 --- a/fs/ext4/ext4.h +++ b/fs/ext4/ext4.h @@ -2482,8 +2482,11 @@ void ext4_insert_dentry(struct inode *inode, struct ext4_filename *fname); static inline void ext4_update_dx_flag(struct inode *inode) { - if (!ext4_has_feature_dir_index(inode->i_sb)) + if (!ext4_has_feature_dir_index(inode->i_sb)) { + /* ext4_iget() should have caught this... */ + WARN_ON_ONCE(ext4_has_feature_metadata_csum(inode->i_sb)); ext4_clear_inode_flag(inode, EXT4_INODE_INDEX); + } } static const unsigned char ext4_filetype_table[] = { DT_UNKNOWN, DT_REG, DT_DIR, DT_CHR, DT_BLK, DT_FIFO, DT_SOCK, DT_LNK diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c index 629a25d999f0..d33135308c1b 100644 --- a/fs/ext4/inode.c +++ b/fs/ext4/inode.c @@ -4615,6 +4615,19 @@ struct inode *__ext4_iget(struct super_block *sb, unsigned long ino, ret = -EFSCORRUPTED; goto bad_inode; } + /* + * If dir_index is not enabled but there's dir with INDEX flag set, + * we'd normally treat htree data as empty space. But with metadata + * checksumming that corrupts checksums so forbid that. + */ + if (!ext4_has_feature_dir_index(sb) && ext4_has_metadata_csum(sb) && + ext4_test_inode_flag(inode, EXT4_INODE_INDEX)) { + ext4_error_inode(inode, function, line, 0, + "iget: Dir with htree data on filesystem " + "without dir_index feature."); + ret = -EFSCORRUPTED; + goto bad_inode; + } ei->i_disksize = inode->i_size; #ifdef CONFIG_QUOTA ei->i_reserved_quota = 0; diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c index 1cb42d940784..deb9f7a02976 100644 --- a/fs/ext4/namei.c +++ b/fs/ext4/namei.c @@ -2207,6 +2207,13 @@ static int ext4_add_entry(handle_t *handle, struct dentry *dentry, retval = ext4_dx_add_entry(handle, &fname, dir, inode); if (!retval || (retval != ERR_BAD_DX_DIR)) goto out; + /* Can we just ignore htree data? */ + if (ext4_has_metadata_csum(sb)) { + EXT4_ERROR_INODE(dir, + "Directory has corrupted htree index."); + retval = -EFSCORRUPTED; + goto out; + } ext4_clear_inode_flag(dir, EXT4_INODE_INDEX); dx_fallback++; ext4_mark_inode_dirty(handle, dir); -- 2.16.4

4 years, 1 month

3
5
0 0

[PATCH] x86/mpx: fix recursive munmap() corruption

by Dave Hansen

This is a bit of a mess, to put it mildly. But, it's a bug that seems to have gone unticked up to now, probably because nobody uses MPX. The other alternative to this fix is to just deprecate MPX, even in -stable kernels. MPX has the arch_unmap() hook inside of munmap() because MPX uses bounds tables that protect other areas of memory. When memory is unmapped, there is also a need to unmap the MPX bounds tables. Barring this, unused bounds tables can eat 80% of the address space. But, the recursive do_munmap() that gets called vi arch_unmap() wreaks havoc with __do_munmap()'s state. It can result in freeing populated page tables, accessing bogus VMA state, double-freed VMAs and more. To fix this, call arch_unmap() before __do_unmap() has a chance to do anything meaningful. Also, remove the 'vma' argument and force the MPX code to do its own, independent VMA lookup. For the common success case this is functionally identical to what was there before. For the munmap() failure case, it's possible that some MPX tables will be zapped for memory that continues to be in use. But, this is an extraordinarily unlikely scenario and the harm would be that MPX provides no protection since the bounds table got reset (zeroed). I can't imagine anyone doing this: ptr = mmap(); // use ptr ret = munmap(ptr); if (ret) // oh, there was an error, I'll // keep using ptr. Because if you're doing munmap(), you are *done* with the memory. There's probably no good data in there _anyway_. This passes the original reproducer from Richard Biener as well as the existing mpx selftests/. ==== The long story: munmap() has a couple of pieces: 1. Find the affected VMA(s) 2. Split the start/end one(s) if neceesary 3. Pull the VMAs out of the rbtree 4. Actually zap the memory via unmap_region(), including freeing page tables (or queueing them to be freed). 5. Fixup some of the accounting (like fput()) and actually free the VMA itself. I decided to put the arch_unmap() call right afer #3. This was *just* before mmap_sem looked like it might get downgraded (it won't in this context), but it looked right. It wasn't. Richard Biener reported a test that shows this in dmesg: [1216548.787498] BUG: Bad rss-counter state mm:0000000017ce560b idx:1 val:551 [1216548.787500] BUG: non-zero pgtables_bytes on freeing mm: 24576 What triggered this was the recursive do_munmap() called via arch_unmap(). It was freeing page tables that has not been properly zapped. But, the problem was bigger than this. For one, arch_unmap() can free VMAs. But, the calling __do_munmap() has variables that *point* to VMAs and obviously can't handle them just getting freed while the pointer is still valid. I tried a couple of things here. First, I tried to fix the page table freeing problem in isolation, but I then found the VMA issue. I also tried having the MPX code return a flag if it modified the rbtree which would force __do_munmap() to re-walk to restart. That spiralled out of control in complexity pretty fast. Just moving arch_unmap() and accepting that the bonkers failure case might eat some bounds tables seems like the simplest viable fix. Reported-by: Richard Biener <rguenther(a)suse.de> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: Andy Lutomirski <luto(a)amacapital.net> Cc: x86(a)kernel.org Cc: Andrew Morton <akpm(a)linux-foundation.org> Cc: linux-kernel(a)vger.kernel.org Cc: linux-mm(a)kvack.org Cc: stable(a)vger.kernel.org --- b/arch/x86/include/asm/mmu_context.h | 6 +++--- b/arch/x86/include/asm/mpx.h | 5 ++--- b/arch/x86/mm/mpx.c | 10 ++++++---- b/include/asm-generic/mm_hooks.h | 1 - b/mm/mmap.c | 15 ++++++++------- 5 files changed, 19 insertions(+), 18 deletions(-) diff -puN mm/mmap.c~mpx-rss-pass-no-vma mm/mmap.c --- a/mm/mmap.c~mpx-rss-pass-no-vma 2019-04-01 06:56:53.409411123 -0700 +++ b/mm/mmap.c 2019-04-01 06:56:53.423411123 -0700 @@ -2731,9 +2731,17 @@ int __do_munmap(struct mm_struct *mm, un return -EINVAL; len = PAGE_ALIGN(len); + end = start + len; if (len == 0) return -EINVAL; + /* + * arch_unmap() might do unmaps itself. It must be called + * and finish any rbtree manipulation before this code + * runs and also starts to manipulate the rbtree. + */ + arch_unmap(mm, start, end); + /* Find the first overlapping VMA */ vma = find_vma(mm, start); if (!vma) @@ -2742,7 +2750,6 @@ int __do_munmap(struct mm_struct *mm, un /* we have start < vma->vm_end */ /* if it doesn't overlap, we have nothing.. */ - end = start + len; if (vma->vm_start >= end) return 0; @@ -2812,12 +2819,6 @@ int __do_munmap(struct mm_struct *mm, un /* Detach vmas from rbtree */ detach_vmas_to_be_unmapped(mm, vma, prev, end); - /* - * mpx unmap needs to be called with mmap_sem held for write. - * It is safe to call it before unmap_region(). - */ - arch_unmap(mm, vma, start, end); - if (downgrade) downgrade_write(&mm->mmap_sem); diff -puN arch/x86/include/asm/mmu_context.h~mpx-rss-pass-no-vma arch/x86/include/asm/mmu_context.h --- a/arch/x86/include/asm/mmu_context.h~mpx-rss-pass-no-vma 2019-04-01 06:56:53.412411123 -0700 +++ b/arch/x86/include/asm/mmu_context.h 2019-04-01 06:56:53.423411123 -0700 @@ -277,8 +277,8 @@ static inline void arch_bprm_mm_init(str mpx_mm_init(mm); } -static inline void arch_unmap(struct mm_struct *mm, struct vm_area_struct *vma, - unsigned long start, unsigned long end) +static inline void arch_unmap(struct mm_struct *mm, unsigned long start, + unsigned long end) { /* * mpx_notify_unmap() goes and reads a rarely-hot @@ -298,7 +298,7 @@ static inline void arch_unmap(struct mm_ * consistently wrong. */ if (unlikely(cpu_feature_enabled(X86_FEATURE_MPX))) - mpx_notify_unmap(mm, vma, start, end); + mpx_notify_unmap(mm, start, end); } /* diff -puN include/asm-generic/mm_hooks.h~mpx-rss-pass-no-vma include/asm-generic/mm_hooks.h --- a/include/asm-generic/mm_hooks.h~mpx-rss-pass-no-vma 2019-04-01 06:56:53.414411123 -0700 +++ b/include/asm-generic/mm_hooks.h 2019-04-01 06:56:53.423411123 -0700 @@ -18,7 +18,6 @@ static inline void arch_exit_mmap(struct } static inline void arch_unmap(struct mm_struct *mm, - struct vm_area_struct *vma, unsigned long start, unsigned long end) { } diff -puN arch/x86/mm/mpx.c~mpx-rss-pass-no-vma arch/x86/mm/mpx.c --- a/arch/x86/mm/mpx.c~mpx-rss-pass-no-vma 2019-04-01 06:56:53.416411123 -0700 +++ b/arch/x86/mm/mpx.c 2019-04-01 06:56:53.423411123 -0700 @@ -881,9 +881,10 @@ static int mpx_unmap_tables(struct mm_st * the virtual address region start...end have already been split if * necessary, and the 'vma' is the first vma in this range (start -> end). */ -void mpx_notify_unmap(struct mm_struct *mm, struct vm_area_struct *vma, - unsigned long start, unsigned long end) +void mpx_notify_unmap(struct mm_struct *mm, unsigned long start, + unsigned long end) { + struct vm_area_struct *vma; int ret; /* @@ -902,11 +903,12 @@ void mpx_notify_unmap(struct mm_struct * * which should not occur normally. Being strict about it here * helps ensure that we do not have an exploitable stack overflow. */ - do { + vma = find_vma(mm, start); + while (vma && vma->vm_start < end) { if (vma->vm_flags & VM_MPX) return; vma = vma->vm_next; - } while (vma && vma->vm_start < end); + } ret = mpx_unmap_tables(mm, start, end); if (ret) diff -puN arch/x86/include/asm/mpx.h~mpx-rss-pass-no-vma arch/x86/include/asm/mpx.h --- a/arch/x86/include/asm/mpx.h~mpx-rss-pass-no-vma 2019-04-01 06:56:53.418411123 -0700 +++ b/arch/x86/include/asm/mpx.h 2019-04-01 06:56:53.424411123 -0700 @@ -78,8 +78,8 @@ static inline void mpx_mm_init(struct mm */ mm->context.bd_addr = MPX_INVALID_BOUNDS_DIR; } -void mpx_notify_unmap(struct mm_struct *mm, struct vm_area_struct *vma, - unsigned long start, unsigned long end); +void mpx_notify_unmap(struct mm_struct *mm, unsigned long start, + unsigned long end); unsigned long mpx_unmapped_area_check(unsigned long addr, unsigned long len, unsigned long flags); @@ -100,7 +100,6 @@ static inline void mpx_mm_init(struct mm { } static inline void mpx_notify_unmap(struct mm_struct *mm, - struct vm_area_struct *vma, unsigned long start, unsigned long end) { } _

4 years, 1 month

7
13
0 0

[PATCH 4.19 00/81] 4.19.80-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.19.80 release. There are 81 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri 18 Oct 2019 09:43:41 PM UTC. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.19.80-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.19.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.19.80-rc1 Mark-PK Tsai <mark-pk.tsai(a)mediatek.com> perf/hw_breakpoint: Fix arch_hw_breakpoint use-before-initialization Jon Derrick <jonathan.derrick(a)intel.com> PCI: vmd: Fix config addressing when using bus offsets Janakarajan Natarajan <Janakarajan.Natarajan(a)amd.com> x86/asm: Fix MWAITX C-state hint value Nuno Sá <nuno.sa(a)analog.com> hwmon: Fix HWMON_P_MIN_ALARM mask Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Get trace_array reference for available_tracers files Steven Rostedt (VMware) <rostedt(a)goodmis.org> ftrace: Get a reference counter for the trace_array on filter files Srivatsa S. Bhat (VMware) <srivatsa(a)csail.mit.edu> tracing/hwlat: Don't ignore outer-loop duration when calculating max_latency Srivatsa S. Bhat (VMware) <srivatsa(a)csail.mit.edu> tracing/hwlat: Report total time spent in all NMIs during the sample Masayoshi Mizuma <m.mizuma(a)jp.fujitsu.com> arm64/sve: Fix wrong free for task->thread.sve_state Johan Hovold <johan(a)kernel.org> media: stkwebcam: fix runtime PM after driver unbind Al Viro <viro(a)zeniv.linux.org.uk> Fix the locking in dcache_readdir() and friends Jeremy Linton <jeremy.linton(a)arm.com> arm64: topology: Use PPTT to determine if PE is a thread Jeremy Linton <jeremy.linton(a)arm.com> ACPI/PPTT: Add support for ACPI 6.3 thread flag Erik Schmauss <erik.schmauss(a)intel.com> ACPICA: ACPI 6.3: PPTT add additional fields in Processor Structure Flags Jiaxun Yang <jiaxun.yang(a)flygoat.com> MIPS: elf_hwcap: Export userspace ASEs Paul Burton <paul.burton(a)mips.com> MIPS: Disable Loongson MMI instructions for kernel build Trond Myklebust <trondmy(a)gmail.com> NFS: Fix O_DIRECT accounting of number of bytes read/written Josef Bacik <josef(a)toxicpanda.com> btrfs: fix uninitialized ret in ref-verify Josef Bacik <josef(a)toxicpanda.com> btrfs: fix incorrect updating of log root tree Dave Wysochanski <dwysocha(a)redhat.com> cifs: use cifsInodeInfo->open_file_lock while iterating to avoid a panic Fabrice Gasnier <fabrice.gasnier(a)st.com> iio: adc: stm32-adc: fix a race when using several adcs with dma and irq Fabrice Gasnier <fabrice.gasnier(a)st.com> iio: adc: stm32-adc: move registers definitions Bartosz Golaszewski <bgolaszewski(a)baylibre.com> gpiolib: don't clear FLAG_IS_OUT when emulating open-drain/open-source Brian Norris <briannorris(a)chromium.org> firmware: google: increment VPD key_len properly Dan Carpenter <dan.carpenter(a)oracle.com> mm/vmpressure.c: fix a signedness bug in vmpressure_register_event() Michal Hocko <mhocko(a)suse.com> kernel/sysctl.c: do not override max_threads provided by userspace Pavel Shilovsky <piastryyy(a)gmail.com> CIFS: Force reval dentry if LOOKUP_REVAL flag is set Pavel Shilovsky <piastryyy(a)gmail.com> CIFS: Force revalidate inode when dentry is stale Pavel Shilovsky <piastryyy(a)gmail.com> CIFS: Gracefully handle QueryInfo errors during open Harshad Shirwadkar <harshadshirwadkar(a)gmail.com> blk-wbt: fix performance regression in wbt scale_up/scale_down Steve MacLean <Steve.MacLean(a)microsoft.com> perf inject jit: Fix JIT_CODE_MOVE filename Ian Rogers <irogers(a)google.com> perf llvm: Don't access out-of-scope array Ard Biesheuvel <ard.biesheuvel(a)linaro.org> efivar/ssdt: Don't iterate over EFI vars if no SSDT override was specified David Frey <dpfrey(a)gmail.com> iio: light: opt3001: fix mutex unlock race Hans de Goede <hdegoede(a)redhat.com> iio: adc: axp288: Override TS pin bias current for some models Marco Felsch <m.felsch(a)pengutronix.de> iio: adc: ad799x: fix probe error handling Andreas Klinger <ak(a)it-klinger.de> iio: adc: hx711: fix bug in sampling of data Navid Emamdoost <navid.emamdoost(a)gmail.com> staging: vt6655: Fix memory leak in vt6655_probe Navid Emamdoost <navid.emamdoost(a)gmail.com> Staging: fbtft: fix memory leak in fbtft_framebuffer_alloc Bruce Chen <bruce.chen(a)unisoc.com> gpio: eic: sprd: Fix the incorrect EIC offset when toggling Alexander Usyskin <alexander.usyskin(a)intel.com> mei: avoid FW version request on Ibex Peak and earlier Tomas Winkler <tomas.winkler(a)intel.com> mei: me: add comet point (lake) LP device ids Johan Hovold <johan(a)kernel.org> USB: legousbtower: fix use-after-free on release Johan Hovold <johan(a)kernel.org> USB: legousbtower: fix open after failed reset request Johan Hovold <johan(a)kernel.org> USB: legousbtower: fix potential NULL-deref on disconnect Johan Hovold <johan(a)kernel.org> USB: legousbtower: fix deadlock on disconnect Johan Hovold <johan(a)kernel.org> USB: legousbtower: fix slab info leak at probe Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> usb: renesas_usbhs: gadget: Fix usb_ep_set_{halt,wedge}() behavior Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> usb: renesas_usbhs: gadget: Do not discard queues in usb_ep_set_{halt,wedge}() Jacky.Cao(a)sony.com <Jacky.Cao(a)sony.com> USB: dummy-hcd: fix power budget for SuperSpeed mode Johan Hovold <johan(a)kernel.org> USB: microtek: fix info-leak at probe Johan Hovold <johan(a)kernel.org> USB: usblcd: fix I/O after disconnect Johan Hovold <johan(a)kernel.org> USB: serial: fix runtime PM after driver unbind Reinhard Speyerer <rspmn(a)arcor.de> USB: serial: option: add support for Cinterion CLS8 devices Daniele Palmas <dnlplm(a)gmail.com> USB: serial: option: add Telit FN980 compositions Beni Mahler <beni.mahler(a)gmx.net> USB: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20 Johan Hovold <johan(a)kernel.org> USB: serial: keyspan: fix NULL-derefs on open() and write() Randy Dunlap <rdunlap(a)infradead.org> serial: uartlite: fix exit path null pointer Johan Hovold <johan(a)kernel.org> USB: ldusb: fix NULL-derefs on driver unbind Johan Hovold <johan(a)kernel.org> USB: chaoskey: fix use-after-free on release Johan Hovold <johan(a)kernel.org> USB: usblp: fix runtime PM after driver unbind Johan Hovold <johan(a)kernel.org> USB: iowarrior: fix use-after-free after driver unbind Johan Hovold <johan(a)kernel.org> USB: iowarrior: fix use-after-free on release Johan Hovold <johan(a)kernel.org> USB: iowarrior: fix use-after-free on disconnect Johan Hovold <johan(a)kernel.org> USB: adutux: fix use-after-free on release Johan Hovold <johan(a)kernel.org> USB: adutux: fix NULL-derefs on disconnect Johan Hovold <johan(a)kernel.org> USB: adutux: fix use-after-free on disconnect Kai-Heng Feng <kai.heng.feng(a)canonical.com> xhci: Increase STS_SAVE timeout in xhci_suspend() Bill Kuzeja <William.Kuzeja(a)stratus.com> xhci: Prevent deadlock when xhci adapter breaks during init Rick Tseng <rtseng(a)nvidia.com> usb: xhci: wait for CNR controller not ready bit in xhci resume Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: Fix USB 3.1 capability detection on early xHCI 1.1 spec based hosts Jan Schmidt <jan(a)centricular.com> xhci: Check all endpoints for LPM timeout Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: Prevent device initiated U1/U2 link pm if exit latency is too long Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: Fix false warning message about wrong bounce buffer write length Johan Hovold <johan(a)kernel.org> USB: usb-skeleton: fix NULL-deref on disconnect Johan Hovold <johan(a)kernel.org> USB: usb-skeleton: fix runtime PM after driver unbind Johan Hovold <johan(a)kernel.org> USB: yurex: fix NULL-derefs on disconnect Alan Stern <stern(a)rowland.harvard.edu> USB: yurex: Don't retry on unexpected errors Bastien Nocera <hadess(a)hadess.net> USB: rio500: Remove Rio 500 kernel driver Icenowy Zheng <icenowy(a)aosc.io> f2fs: use EINVAL for superblock with invalid magic Will Deacon <will(a)kernel.org> panic: ensure preemption is disabled during panic() ------------- Diffstat: Documentation/usb/rio.txt | 138 -------- MAINTAINERS | 7 - Makefile | 4 +- arch/arm/configs/badge4_defconfig | 1 - arch/arm/configs/corgi_defconfig | 1 - arch/arm/configs/pxa_defconfig | 1 - arch/arm/configs/s3c2410_defconfig | 1 - arch/arm/configs/spitz_defconfig | 1 - arch/arm64/kernel/process.c | 32 +- arch/arm64/kernel/topology.c | 19 +- arch/mips/configs/mtx1_defconfig | 1 - arch/mips/configs/rm200_defconfig | 1 - arch/mips/include/uapi/asm/hwcap.h | 11 + arch/mips/kernel/cpu-probe.c | 33 ++ arch/mips/loongson64/Platform | 4 + arch/mips/vdso/Makefile | 1 + arch/x86/include/asm/mwait.h | 2 +- arch/x86/lib/delay.c | 4 +- block/blk-rq-qos.c | 14 +- block/blk-rq-qos.h | 4 +- block/blk-wbt.c | 6 +- drivers/acpi/pptt.c | 52 +++ drivers/firmware/efi/efi.c | 3 + drivers/firmware/google/vpd_decode.c | 2 +- drivers/gpio/gpio-eic-sprd.c | 7 +- drivers/gpio/gpiolib.c | 27 +- drivers/iio/adc/ad799x.c | 4 +- drivers/iio/adc/axp288_adc.c | 32 ++ drivers/iio/adc/hx711.c | 10 +- drivers/iio/adc/stm32-adc-core.c | 70 ++-- drivers/iio/adc/stm32-adc-core.h | 137 ++++++++ drivers/iio/adc/stm32-adc.c | 109 ------ drivers/iio/light/opt3001.c | 6 +- drivers/media/usb/stkwebcam/stk-webcam.c | 3 +- drivers/misc/mei/bus-fixup.c | 14 +- drivers/misc/mei/hw-me-regs.h | 3 + drivers/misc/mei/hw-me.c | 21 +- drivers/misc/mei/hw-me.h | 8 +- drivers/misc/mei/mei_dev.h | 4 + drivers/misc/mei/pci-me.c | 13 +- drivers/pci/controller/vmd.c | 16 +- drivers/staging/fbtft/fbtft-core.c | 7 +- drivers/staging/vt6655/device_main.c | 4 +- drivers/tty/serial/uartlite.c | 3 +- drivers/usb/class/usblp.c | 8 +- drivers/usb/gadget/udc/dummy_hcd.c | 3 +- drivers/usb/host/xhci-ring.c | 4 +- drivers/usb/host/xhci.c | 70 +++- drivers/usb/image/microtek.c | 4 + drivers/usb/misc/Kconfig | 10 - drivers/usb/misc/Makefile | 1 - drivers/usb/misc/adutux.c | 24 +- drivers/usb/misc/chaoskey.c | 5 +- drivers/usb/misc/iowarrior.c | 16 +- drivers/usb/misc/ldusb.c | 24 +- drivers/usb/misc/legousbtower.c | 58 ++-- drivers/usb/misc/rio500.c | 561 ------------------------------- drivers/usb/misc/rio500_usb.h | 20 -- drivers/usb/misc/usblcd.c | 33 +- drivers/usb/misc/yurex.c | 18 +- drivers/usb/renesas_usbhs/common.h | 1 + drivers/usb/renesas_usbhs/fifo.c | 2 +- drivers/usb/renesas_usbhs/fifo.h | 1 + drivers/usb/renesas_usbhs/mod_gadget.c | 18 +- drivers/usb/renesas_usbhs/pipe.c | 15 + drivers/usb/renesas_usbhs/pipe.h | 1 + drivers/usb/serial/ftdi_sio.c | 3 + drivers/usb/serial/ftdi_sio_ids.h | 9 + drivers/usb/serial/keyspan.c | 4 +- drivers/usb/serial/option.c | 11 + drivers/usb/serial/usb-serial.c | 5 +- drivers/usb/usb-skeleton.c | 15 +- fs/btrfs/ref-verify.c | 2 +- fs/btrfs/tree-log.c | 36 +- fs/cifs/dir.c | 8 +- fs/cifs/file.c | 33 +- fs/cifs/inode.c | 4 + fs/f2fs/super.c | 36 +- fs/libfs.c | 134 ++++---- fs/nfs/direct.c | 78 +++-- include/acpi/actbl2.h | 7 +- include/linux/acpi.h | 5 + include/linux/hwmon.h | 2 +- kernel/events/hw_breakpoint.c | 4 +- kernel/fork.c | 4 +- kernel/panic.c | 1 + kernel/trace/ftrace.c | 27 +- kernel/trace/trace.c | 17 +- kernel/trace/trace_hwlat.c | 4 +- mm/vmpressure.c | 20 +- tools/perf/util/jitdump.c | 6 +- tools/perf/util/llvm-utils.c | 6 +- 92 files changed, 967 insertions(+), 1252 deletions(-)

4 years, 2 months

13
103
0 0

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror March 2020