August 2022 - Linux-stable-mirror

[PATCH v3 2/2] s390/vfio-ap: fix unlinking of queues from the mdev

by Tony Krowiak

The vfio_ap_mdev_unlink_adapter and vfio_ap_mdev_unlink_domain functions add the associated vfio_ap_queue objects to the hashtable that links them to the matrix mdev to which their APQN is assigned. In order to unlink them, they must be deleted from the hashtable; if not, they will continue to be reset whenever userspace closes the mdev fd or removes the mdev. This patch fixes that issue. Cc: stable(a)vger.kernel.org Fixes: 70aeefe574cb ("s390/vfio-ap: reset queues after adapter/domain unassignment") Reported-by: Tony Krowiak <akrowiak(a)linux.ibm.com> Signed-off-by: Tony Krowiak <akrowiak(a)linux.ibm.com> --- drivers/s390/crypto/vfio_ap_ops.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/drivers/s390/crypto/vfio_ap_ops.c b/drivers/s390/crypto/vfio_ap_ops.c index ee82207b4e60..2493926b5dfb 100644 --- a/drivers/s390/crypto/vfio_ap_ops.c +++ b/drivers/s390/crypto/vfio_ap_ops.c @@ -1049,8 +1049,7 @@ static void vfio_ap_mdev_unlink_adapter(struct ap_matrix_mdev *matrix_mdev, if (q && qtable) { if (test_bit_inv(apid, matrix_mdev->shadow_apcb.apm) && test_bit_inv(apqi, matrix_mdev->shadow_apcb.aqm)) - hash_add(qtable->queues, &q->mdev_qnode, - q->apqn); + vfio_ap_unlink_queue_fr_mdev(q); } } } @@ -1236,8 +1235,7 @@ static void vfio_ap_mdev_unlink_domain(struct ap_matrix_mdev *matrix_mdev, if (q && qtable) { if (test_bit_inv(apid, matrix_mdev->shadow_apcb.apm) && test_bit_inv(apqi, matrix_mdev->shadow_apcb.aqm)) - hash_add(qtable->queues, &q->mdev_qnode, - q->apqn); + vfio_ap_unlink_queue_fr_mdev(q); } } } -- 2.31.1

2 years, 3 months

3
3
0 0

FAILED: patch "[PATCH] x86/nospec: Fix i386 RSB stuffing" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 332924973725e8cdcc783c175f68cf7e162cb9e5 Mon Sep 17 00:00:00 2001 From: Peter Zijlstra <peterz(a)infradead.org> Date: Fri, 19 Aug 2022 13:01:35 +0200 Subject: [PATCH] x86/nospec: Fix i386 RSB stuffing Turns out that i386 doesn't unconditionally have LFENCE, as such the loop in __FILL_RETURN_BUFFER isn't actually speculation safe on such chips. Fixes: ba6e31af2be9 ("x86/speculation: Add LFENCE to RSB fill sequence") Reported-by: Ben Hutchings <ben(a)decadent.org.uk> Signed-off-by: Peter Zijlstra (Intel) <peterz(a)infradead.org> Link: https://lkml.kernel.org/r/Yv9tj9vbQ9nNlXoY@worktop.programming.kicks-ass.net diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h index 10731ccfed37..c936ce9f0c47 100644 --- a/arch/x86/include/asm/nospec-branch.h +++ b/arch/x86/include/asm/nospec-branch.h @@ -50,6 +50,7 @@ * the optimal version - two calls, each with their own speculation * trap should their return address end up getting used, in a loop. */ +#ifdef CONFIG_X86_64 #define __FILL_RETURN_BUFFER(reg, nr) \ mov $(nr/2), reg; \ 771: \ @@ -60,6 +61,17 @@ jnz 771b; \ /* barrier for jnz misprediction */ \ lfence; +#else +/* + * i386 doesn't unconditionally have LFENCE, as such it can't + * do a loop. + */ +#define __FILL_RETURN_BUFFER(reg, nr) \ + .rept nr; \ + __FILL_RETURN_SLOT; \ + .endr; \ + add $(BITS_PER_LONG/8) * nr, %_ASM_SP; +#endif /* * Stuff a single RSB slot.

2 years, 3 months

4
13
0 0

[PATCH] power: supply: avoid nullptr deref in __power_supply_is_system_supplied

by Jason A. Donenfeld

Fix the following OOPS: BUG: kernel NULL pointer dereference, address: 0000000000000000 PGD 0 P4D 0 Oops: 0010 [#1] PREEMPT SMP CPU: 14 PID: 1156 Comm: upowerd Tainted: G S U 6.0.0-rc1+ #366 Hardware name: LENOVO 20Y5CTO1WW/20Y5CTO1WW, BIOS N40ET36W (1.18 ) 07/19/2022 RIP: 0010:0x0 Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. RSP: 0018:ffff88815350bd08 EFLAGS: 00010212 RAX: ffff88810207d620 RBX: ffff88815350bd7c RCX: 000000000000394e RDX: ffff88815350bd10 RSI: 0000000000000004 RDI: ffff888111722c00 RBP: ffff88815350bd68 R08: ffff8881187a8af8 R09: ffff8881187a8af8 R10: 0000000000000000 R11: 000000000000005f R12: ffffffff8162d0b0 R13: ffff88810159a038 R14: ffffffff823b3768 R15: ffff88810159a000 FS: 00007fd1f0958140(0000) GS:ffff88901f780000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffffffffd6 CR3: 0000000152c7a004 CR4: 0000000000770ee0 PKRU: 55555554 Call Trace: <TASK> __power_supply_is_system_supplied+0x26/0x40 class_for_each_device+0xa5/0xd0 ? acpi_battery_get_state+0x4e/0x1f0 power_supply_is_system_supplied+0x26/0x40 acpi_battery_get_property+0x301/0x310 power_supply_show_property+0xa5/0x1d0 dev_attr_show+0x10/0x30 sysfs_kf_seq_show+0x78/0xc0 seq_read_iter+0xfd/0x3e0 vfs_read+0x1cb/0x290 ksys_read+0x4e/0xc0 do_syscall_64+0x2b/0x50 entry_SYSCALL_64_after_hwframe+0x46/0xb0 RIP: 0033:0x7fd1f0bed70c Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 39 a4 f8 ff 41 89 c0 48 8b 54 24 18 48 8b 74 24 10 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 8f a4 f8 ff 48 RSP: 002b:00007ffc8d3f27e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd1f0bed70c RDX: 0000000000001000 RSI: 000055957d534850 RDI: 000000000000000c RBP: 000055957d50b1d0 R08: 0000000000000000 R09: 0000000000001000 R10: 000000000000006f R11: 0000000000000246 R12: 00007ffc8d3f2910 R13: 0000000000000000 R14: 0000000000000000 R15: 000000000000000c </TASK> CR2: 0000000000000000 ---[ end trace 0000000000000000 ]--- RIP: 0010:0x0 Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. RSP: 0018:ffff88815350bd08 EFLAGS: 00010212 RAX: ffff88810207d620 RBX: ffff88815350bd7c RCX: 000000000000394e RDX: ffff88815350bd10 RSI: 0000000000000004 RDI: ffff888111722c00 RBP: ffff88815350bd68 R08: ffff8881187a8af8 R09: ffff8881187a8af8 R10: 0000000000000000 R11: 000000000000005f R12: ffffffff8162d0b0 R13: ffff88810159a038 R14: ffffffff823b3768 R15: ffff88810159a000 FS: 00007fd1f0958140(0000) GS:ffff88901f780000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffffffffd6 CR3: 0000000152c7a004 CR4: 0000000000770ee0 The disassembly of the top function in the stack trace is: .text:0000000000000000 __power_supply_is_system_supplied proc near .text:0000000000000000 ; DATA XREF: power_supply_is_system_supplied+12↓o .text:0000000000000000 .text:0000000000000000 var_8 = qword ptr -8 .text:0000000000000000 .text:0000000000000000 sub rsp, 8 .text:0000000000000004 mov rdi, [rdi+78h] .text:0000000000000008 inc dword ptr [rsi] .text:000000000000000A mov [rsp+8+var_8], 0 .text:0000000000000012 mov rax, [rdi] .text:0000000000000015 cmp dword ptr [rax+8], 1 .text:0000000000000019 jz short loc_2A .text:000000000000001B mov rdx, rsp .text:000000000000001E mov esi, 4 .text:0000000000000023 call qword ptr [rax+30h] .text:0000000000000026 test eax, eax .text:0000000000000028 jz short loc_31 .text:000000000000002A .text:000000000000002A loc_2A: ; CODE XREF: __power_supply_is_system_supplied+19↑j .text:000000000000002A xor eax, eax .text:000000000000002C add rsp, 8 .text:0000000000000030 retn .text:0000000000000031 ; --------------------------------------------------------------------------- .text:0000000000000031 .text:0000000000000031 loc_31: ; CODE XREF: __power_supply_is_system_supplied+28↑j .text:0000000000000031 mov eax, dword ptr [rsp+8+var_8] .text:0000000000000034 add rsp, 8 .text:0000000000000038 retn .text:0000000000000038 __power_supply_is_system_supplied endp So presumably `call qword ptr [rax+30h]` is jumping to NULL. Cc: stable(a)vger.kernel.org Cc: Rafael J. Wysocki <rafael(a)kernel.org> Signed-off-by: Jason A. Donenfeld <Jason(a)zx2c4.com> --- drivers/power/supply/power_supply_core.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/power/supply/power_supply_core.c b/drivers/power/supply/power_supply_core.c index 4b5fb172fa99..aa4c97f11588 100644 --- a/drivers/power/supply/power_supply_core.c +++ b/drivers/power/supply/power_supply_core.c @@ -349,7 +349,7 @@ static int __power_supply_is_system_supplied(struct device *dev, void *data) unsigned int *count = data; (*count)++; - if (psy->desc->type != POWER_SUPPLY_TYPE_BATTERY) + if (psy->desc->type != POWER_SUPPLY_TYPE_BATTERY && psy->desc->get_property) if (!psy->desc->get_property(psy, POWER_SUPPLY_PROP_ONLINE, &ret)) return ret.intval; -- 2.37.2

2 years, 3 months

3
7
0 0

[PATCH 4.14 000/284] 4.14.276-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.14.276 release. There are 284 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 20 Apr 2022 12:11:14 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.276-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.14.276-rc1 Martin Povišer <povik+lin(a)cutebit.org> i2c: pasemi: Wait for write xfers to finish Nadav Amit <namit(a)vmware.com> smp: Fix offline cpu check in flush_smp_call_function_queue() Nathan Chancellor <nathan(a)kernel.org> ARM: davinci: da850-evm: Avoid NULL pointer dereference Fabio M. De Francesco <fmdefrancesco(a)gmail.com> ALSA: pcm: Test for "silence" field in struct "pcm_format_data" Jason A. Donenfeld <Jason(a)zx2c4.com> gcc-plugins: latent_entropy: use /dev/urandom Patrick Wang <patrick.wang.shcn(a)gmail.com> mm: kmemleak: take a full lowmem check in kmemleak_*_phys() Juergen Gross <jgross(a)suse.com> mm, page_alloc: fix build_zonerefs_node() Duoming Zhou <duoming(a)zju.edu.cn> drivers: net: slip: fix NPD bug in sl_tx_timeout() Alexey Galakhov <agalakhov(a)gmail.com> scsi: mvsas: Add PCI ID of RocketRaid 2640 Leo Ruan <tingquan.ruan(a)cn.bosch.com> gpu: ipu-v3: Fix dev_dbg frequency output Christian Lamparter <chunkeey(a)gmail.com> ata: libata-core: Disable READ LOG DMA EXT for Samsung 840 EVOs Randy Dunlap <rdunlap(a)infradead.org> net: micrel: fix KS8851_MLL Kconfig Tyrel Datwyler <tyreld(a)linux.ibm.com> scsi: ibmvscsis: Increase INITIAL_SRP_LIMIT to 1024 Xiaoguang Wang <xiaoguang.wang(a)linux.alibaba.com> scsi: target: tcmu: Fix possible page UAF Michael Kelley <mikelley(a)microsoft.com> Drivers: hv: vmbus: Prevent load re-ordering when reading ring buffer QintaoShen <unSimple1993(a)163.com> drm/amdkfd: Check for potential null return of kmalloc_array() Aurabindo Pillai <aurabindo.pillai(a)amd.com> drm/amd: Add USBC connector ID Harshit Mogalapalli <harshit.m.mogalapalli(a)oracle.com> cifs: potential buffer overflow in handling symlinks Lin Ma <linma(a)zju.edu.cn> nfc: nci: add flush_workqueue to prevent uaf Dinh Nguyen <dinguyen(a)kernel.org> net: ethernet: stmmac: fix altr_tse_pcs function when using a fixed-link Vadim Pasternak <vadimp(a)nvidia.com> mlxsw: i2c: Fix initialization error flow Linus Torvalds <torvalds(a)linux-foundation.org> gpiolib: acpi: use correct format characters Guillaume Nault <gnault(a)redhat.com> veth: Ensure eth header is in skb's linear part Miaoqian Lin <linmq006(a)gmail.com> memory: atmel-ebi: Fix missing of_node_put in atmel_ebi_probe Xin Long <lucien.xin(a)gmail.com> xfrm: policy: match with both mark and mask on user interfaces Tejun Heo <tj(a)kernel.org> cgroup: Use open-time cgroup namespace for process migration perm checks Tejun Heo <tj(a)kernel.org> cgroup: Allocate cgroup_file_ctx for kernfs_open_file->priv Tejun Heo <tj(a)kernel.org> cgroup: Use open-time credentials for process migraton perm checks Waiman Long <longman(a)redhat.com> mm/sparsemem: fix 'mem_section' will never be NULL gcc 12 warning Fangrui Song <maskray(a)google.com> arm64: module: remove (NOLOAD) from linker script Peter Xu <peterx(a)redhat.com> mm: don't skip swap entry even if zap_details specified Vinod Koul <vkoul(a)kernel.org> dmaengine: Revert "dmaengine: shdma: Fix runtime PM imbalance on error" Arnaldo Carvalho de Melo <acme(a)redhat.com> tools build: Use $(shell ) instead of `` to get embedded libperl's ccopts Xiaomeng Tong <xiam0nd.tong(a)gmail.com> perf: qcom_l2_pmu: fix an incorrect NULL check on list iterator Guo Ren <guoren(a)linux.alibaba.com> arm64: patch_text: Fixup last cpu should be master Ethan Lien <ethanlien(a)synology.com> btrfs: fix qgroup reserve overflow the qgroup limit Pawan Gupta <pawan.kumar.gupta(a)linux.intel.com> x86/speculation: Restore speculation related MSRs during S3 resume Pawan Gupta <pawan.kumar.gupta(a)linux.intel.com> x86/pm: Save the MSR validity status at context setup Miaohe Lin <linmiaohe(a)huawei.com> mm/mempolicy: fix mpol_new leak in shared_policy_replace Paolo Bonzini <pbonzini(a)redhat.com> mmmremap.c: avoid pointless invalidate_range_start/end on mremap(old_size=0) Pali Rohár <pali(a)kernel.org> Revert "mmc: sdhci-xenon: fix annoying 1.8V regulator warning" Lv Yunlong <lyl2019(a)mail.ustc.edu.cn> drbd: Fix five use after free bugs in get_initial_state José Expósito <jose.exposito89(a)gmail.com> drm/imx: Fix memory leak in imx_pd_connector_get_modes Chen-Yu Tsai <wens(a)csie.org> net: stmmac: Fix unset max_speed difference between DT and non-DT platforms Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one() Dan Carpenter <dan.carpenter(a)oracle.com> drm/amdgpu: fix off by one in amdgpu_gfx_kiq_acquire() Mauricio Faria de Oliveira <mfo(a)canonical.com> mm: fix race between MADV_FREE reclaim and blkdev direct IO read Willem de Bruijn <willemb(a)google.com> net: add missing SOF_TIMESTAMPING_OPT_ID support Willem de Bruijn <willemb(a)google.com> ipv6: add missing tx timestamping on IPPROTO_RAW Helge Deller <deller(a)gmx.de> parisc: Fix CPU affinity for Lasi, WAX and Dino chips Haimin Zhang <tcs_kernel(a)tencent.com> jfs: prevent NULL deref in diFree Randy Dunlap <rdunlap(a)infradead.org> virtio_console: eliminate anonymous module_init & module_exit Jiri Slaby <jslaby(a)suse.cz> serial: samsung_tty: do not unlock port->lock for uart_write_wakeup() NeilBrown <neilb(a)suse.de> NFS: swap-out must always use STABLE writes. NeilBrown <neilb(a)suse.de> NFS: swap IO handling is slightly different for O_DIRECT IO NeilBrown <neilb(a)suse.de> SUNRPC/call_alloc: async tasks mustn't block waiting for memory Lucas Denefle <lucas.denefle(a)converge.io> w1: w1_therm: fixes w1_seq for ds28ea00 sensors Randy Dunlap <rdunlap(a)infradead.org> init/main.c: return 1 from handled __setup() functions Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: Fix use after free in hci_send_acl Max Filippov <jcmvbkbc(a)gmail.com> xtensa: fix DTC warning unit_address_format H. Nikolaus Schaller <hns(a)goldelico.com> usb: dwc3: omap: fix "unbalanced disables for smps10_out1" on omap5evm Jianglei Nie <niejianglei2021(a)163.com> scsi: libfc: Fix use after free in fc_exch_abts_resp() Alexander Lobakin <alobakin(a)pm.me> MIPS: fix fortify panic when copying asm exception handlers Michael Chan <michael.chan(a)broadcom.com> bnxt_en: Eliminate unintended link toggle during FW reset Sven Eckelmann <sven(a)narfation.org> macvtap: advertise link netns via netlink Dust Li <dust.li(a)linux.alibaba.com> net/smc: correct settings of RMB window update limit Randy Dunlap <rdunlap(a)infradead.org> scsi: aha152x: Fix aha152x_setup() __setup handler return value Damien Le Moal <damien.lemoal(a)opensource.wdc.com> scsi: pm8001: Fix pm8001_mpi_task_abort_resp() Jordy Zomer <jordy(a)jordyzomer.github.io> dm ioctl: prevent potential spectre v1 gadget Zhou Guanghui <zhouguanghui1(a)huawei.com> iommu/arm-smmu-v3: fix event handling soft lockup Pali Rohár <pali(a)kernel.org> PCI: aardvark: Fix support for MSI interrupts Sourabh Jain <sourabhjain(a)linux.ibm.com> powerpc: Set crashkernel offset to mid of RMA region Evgeny Boger <boger(a)wirenboard.com> power: supply: axp20x_battery: properly report current when discharging Yang Guang <yang.guang5(a)zte.com.cn> scsi: bfa: Replace snprintf() with sysfs_emit() Yang Guang <yang.guang5(a)zte.com.cn> scsi: mvsas: Replace snprintf() with sysfs_emit() Maxim Kiselev <bigunclemax(a)gmail.com> powerpc: dts: t104xrdb: fix phy type for FMAN 4/5 Yang Guang <yang.guang5(a)zte.com.cn> ptp: replace snprintf with sysfs_emit Zekun Shen <bruceshenzk(a)gmail.com> ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 Jim Mattson <jmattson(a)google.com> KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs Randy Dunlap <rdunlap(a)infradead.org> ARM: 9187/1: JIVE: fix return value of __setup handler Jiasheng Jiang <jiasheng(a)iscas.ac.cn> rtc: wm8350: Handle error for wm8350_register_irq Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: Rectify space amount budget for mkdir/tmpfile operations Vitaly Kuznetsov <vkuznets(a)redhat.com> KVM: x86: Forbid VMM to set SYNIC/STIMER MSRs when SynIC wasn't activated Martin Varghese <martin.varghese(a)nokia.com> openvswitch: Fixed nd target mask field in the flow dump. Kuldeep Singh <singh.kuldeep87k(a)gmail.com> ARM: dts: spear13xx: Update SPI dma properties Kuldeep Singh <singh.kuldeep87k(a)gmail.com> ARM: dts: spear1340: Update serial node properties Amadeusz Sławiński <amadeuszx.slawinski(a)linux.intel.com> ASoC: topology: Allow TLV control to be either read or write Zhihao Cheng <chengzhihao1(a)huawei.com> ubi: fastmap: Return error code if memory allocation fails in add_aeb() Randy Dunlap <rdunlap(a)infradead.org> mm/memcontrol: return 1 from cgroup.memory __setup() handler Randy Dunlap <rdunlap(a)infradead.org> mm/mmap: return 1 from stack_guard_gap __setup() handler Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> ACPI: CPPC: Avoid out of bounds access when parsing _CPC data Baokun Li <libaokun1(a)huawei.com> ubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl Chen-Yu Tsai <wenst(a)chromium.org> pinctrl: pinconf-generic: Print arguments for bias-pull-* Andrew Price <anprice(a)redhat.com> gfs2: Make sure FITRIM minlen is rounded up to fs block size Pavel Skripkin <paskripkin(a)gmail.com> can: mcba_usb: properly check endpoint type Hangyu Hua <hbh25y(a)gmail.com> can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path Baokun Li <libaokun1(a)huawei.com> ubifs: rename_whiteout: correct old_dir size computing Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: setflags: Make dirtied_ino_d 8 bytes aligned Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: Add missing iput if do_tmpfile() failed in rename whiteout Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: rename_whiteout: Fix double free for whiteout_ui->data David Matlack <dmatlack(a)google.com> KVM: Prevent module exit until all VMs are freed Saurav Kashyap <skashyap(a)marvell.com> scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair() Nilesh Javali <njavali(a)marvell.com> scsi: qla2xxx: Fix warning for missing error code Anders Roxell <anders.roxell(a)linaro.org> powerpc/lib/sstep: Fix build errors with newer binutils Anders Roxell <anders.roxell(a)linaro.org> powerpc/lib/sstep: Fix 'sthcx' instruction Ulf Hansson <ulf.hansson(a)linaro.org> mmc: host: Return an error when ->enable_sdio_irq() ops is missing Dongliang Mu <mudongliangabcd(a)gmail.com> media: hdpvr: initialize dev->worker at hdpvr_register_videodev Zheyu Ma <zheyuma97(a)gmail.com> video: fbdev: sm712fb: Fix crash in smtcfb_write() Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> ARM: mmp: Fix failure to remove sram device Richard Leitner <richard.leitner(a)skidata.com> ARM: tegra: tamonten: Fix I2C3 pad setting Daniel González Cabanelas <dgcbueu(a)gmail.com> media: cx88-mpeg: clear interrupt status register before streaming video Shengjiu Wang <shengjiu.wang(a)nxp.com> ASoC: soc-core: skip zero num_dai component in searching dai name Jing Yao <yao.jing2(a)zte.com.cn> video: fbdev: omapfb: panel-tpo-td043mtea1: Use sysfs_emit() instead of snprintf() Jing Yao <yao.jing2(a)zte.com.cn> video: fbdev: omapfb: panel-dsi-cm: Use sysfs_emit() instead of snprintf() Richard Schleich <rs(a)noreya.tech> ARM: dts: bcm2837: Add the missing L1/L2 cache information David Heidelberg <david(a)ixit.cz> ARM: dts: qcom: fix gic_irq_domain_translate warnings for msm8960 Yang Guang <yang.guang5(a)zte.com.cn> video: fbdev: omapfb: acx565akm: replace snprintf with sysfs_emit George Kennedy <george.kennedy(a)oracle.com> video: fbdev: cirrusfb: check pixclock to avoid divide by zero Evgeny Novikov <novikov(a)ispras.ru> video: fbdev: w100fb: Reset global state Tim Gardner <tim.gardner(a)canonical.com> video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow Dongliang Mu <mudongliangabcd(a)gmail.com> ntfs: add sanity check on allocation size Theodore Ts'o <tytso(a)mit.edu> ext4: don't BUG if someone dirty pages without asking ext4 first Minghao Chi <chi.minghao(a)zte.com.cn> spi: tegra20: Use of_device_get_match_data() Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> PM: core: keep irq flags in device_pm_check_callbacks() Darren Hart <darren(a)os.amperecomputing.com> ACPI/APEI: Limit printable size of BERT table data Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> ACPICA: Avoid walking the ACPI Namespace if it is not there Souptick Joarder (HPE) <jrdr.linux(a)gmail.com> irqchip/nvic: Release nvic_base upon failure Casey Schaufler <casey(a)schaufler-ca.com> Fix incorrect type in assignment of ipv6 port for audit Chaitanya Kulkarni <kch(a)nvidia.com> loop: use sysfs_emit() in the sysfs xxx show() Christian Göttsche <cgzones(a)googlemail.com> selinux: use correct type for context length Dan Carpenter <dan.carpenter(a)oracle.com> lib/test: use after free in register_test_dev_kmod() Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4/pNFS: Fix another issue with a list iterator pointing to the head Duoming Zhou <duoming(a)zju.edu.cn> net/x25: Fix null-ptr-deref caused by x25_disconnect Tom Rix <trix(a)redhat.com> qlcnic: dcb: default to returning -EOPNOTSUPP Florian Fainelli <f.fainelli(a)gmail.com> net: phy: broadcom: Fix brcm_fet_config_init() Juergen Gross <jgross(a)suse.com> xen: fix is_xen_pmu() Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options Pavel Skripkin <paskripkin(a)gmail.com> jfs: fix divide error in dbNextAG Randy Dunlap <rdunlap(a)infradead.org> kgdbts: fix return value of __setup handler Randy Dunlap <rdunlap(a)infradead.org> kgdboc: fix return value of __setup handler Randy Dunlap <rdunlap(a)infradead.org> tty: hvc: fix return value of __setup handler Miaoqian Lin <linmq006(a)gmail.com> pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe Miaoqian Lin <linmq006(a)gmail.com> pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe Miaoqian Lin <linmq006(a)gmail.com> pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init Alexey Khoroshilov <khoroshilov(a)ispras.ru> NFS: remove unneeded check in decode_devicenotify_args() Miaoqian Lin <linmq006(a)gmail.com> clk: tegra: tegra124-emc: Fix missing put_device() call in emc_ensure_emc_driver Jonathan Neuschäfer <j.neuschaefer(a)gmx.net> clk: clps711x: Terminate clk_div_table with sentinel element Jonathan Neuschäfer <j.neuschaefer(a)gmx.net> clk: loongson1: Terminate clk_div_table with sentinel element Miaoqian Lin <linmq006(a)gmail.com> remoteproc: qcom_wcnss: Add missing of_node_put() in wcnss_alloc_memory_region Taniya Das <tdas(a)codeaurora.org> clk: qcom: clk-rcg2: Update the frac table for pixel clock Jiasheng Jiang <jiasheng(a)iscas.ac.cn> iio: adc: Add check for devm_request_threaded_irq Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> serial: 8250: Fix race condition in RTS-after-send handling Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> serial: 8250_mid: Balance reference count for PCI DMA device Jonathan Cameron <Jonathan.Cameron(a)huawei.com> staging:iio:adc:ad7280a: Fix handing of device address bit reversing. Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> pwm: lpc18xx-sct: Initialize driver data and hardware before pwmchip_add() Jiri Slaby <jslaby(a)suse.cz> mxser: fix xmit_buf leak in activate when LSR == 0xff Miaoqian Lin <linmq006(a)gmail.com> mfd: asic3: Add missing iounmap() on error asic3_mfd_probe Jakub Kicinski <kuba(a)kernel.org> tcp: ensure PMTU updates are processed during fastopen Peter Rosin <peda(a)axentia.se> i2c: mux: demux-pinctrl: do not deactivate a master that is not active Petr Machata <petrm(a)nvidia.com> af_netlink: Fix shift out of bounds in group mask calculation Dan Carpenter <dan.carpenter(a)oracle.com> USB: storage: ums-realtek: fix error code in rts51x_read_mem() Xin Xiong <xiongx18(a)fudan.edu.cn> mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init Randy Dunlap <rdunlap(a)infradead.org> MIPS: RB532: fix return value of __setup handler Oliver Hartkopp <socketcan(a)hartkopp.net> vxcan: enable local echo for sent CAN frames Jiasheng Jiang <jiasheng(a)iscas.ac.cn> mfd: mc13xxx: Add check for mc13xxx_irq_request Jakob Koschel <jakobkoschel(a)gmail.com> powerpc/sysdev: fix incorrect use to determine if list is empty Mark Tomlinson <mark.tomlinson(a)alliedtelesis.co.nz> PCI: Reduce warnings on possible RW1C corruption Jiasheng Jiang <jiasheng(a)iscas.ac.cn> power: supply: wm8350-power: Add missing free in free_charger_irq Jiasheng Jiang <jiasheng(a)iscas.ac.cn> power: supply: wm8350-power: Handle error for wm8350_register_irq Robert Hancock <robert.hancock(a)calian.com> i2c: xiic: Make bus names unique Hou Wenlong <houwenlong.hwl(a)antgroup.com> KVM: x86/emulator: Defer not-present segment check in __load_segment_descriptor() Zhenzhong Duan <zhenzhong.duan(a)intel.com> KVM: x86: Fix emulation in writing cr8 Hans de Goede <hdegoede(a)redhat.com> power: supply: bq24190_charger: Fix bq24190_vbus_is_enabled() wrong false return Miaoqian Lin <linmq006(a)gmail.com> drm/tegra: Fix reference leak in tegra_dsi_ganged_probe Zhang Yi <yi.zhang(a)huawei.com> ext2: correct max file size computing Randy Dunlap <rdunlap(a)infradead.org> TOMOYO: fix __setup handlers return values Damien Le Moal <damien.lemoal(a)opensource.wdc.com> scsi: pm8001: Fix abort all task initialization Damien Le Moal <damien.lemoal(a)opensource.wdc.com> scsi: pm8001: Fix payload initialization in pm80xx_set_thermal_config() Damien Le Moal <damien.lemoal(a)opensource.wdc.com> scsi: pm8001: Fix command initialization in pm8001_chip_ssp_tm_req() Damien Le Moal <damien.lemoal(a)opensource.wdc.com> scsi: pm8001: Fix command initialization in pm80XX_send_read_log() Aashish Sharma <shraash(a)google.com> dm crypt: fix get_key_size compiler warning if !CONFIG_KEYS Colin Ian King <colin.king(a)canonical.com> iwlwifi: Fix -EIO error code that is never returned Dmitry Torokhov <dmitry.torokhov(a)gmail.com> HID: i2c-hid: fix GET/SET_REPORT for unnumbered reports Miaoqian Lin <linmq006(a)gmail.com> power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init Jiasheng Jiang <jiasheng(a)iscas.ac.cn> ray_cs: Check ioremap return value Miaoqian Lin <linmq006(a)gmail.com> power: reset: gemini-poweroff: Fix IRQ check in gemini_poweroff_probe Pavel Skripkin <paskripkin(a)gmail.com> ath9k_htc: fix uninit value bugs Maxime Ripard <maxime(a)cerno.tech> drm/edid: Don't clear formats if using deep color Jiasheng Jiang <jiasheng(a)iscas.ac.cn> mtd: onenand: Check for error irq Miaoqian Lin <linmq006(a)gmail.com> ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in msm8916_wcd_digital_probe Wang Wensheng <wangwensheng4(a)huawei.com> ASoC: imx-es8328: Fix error return code in imx_es8328_probe() Miaoqian Lin <linmq006(a)gmail.com> ASoC: mxs: Fix error handling in mxs_sgtl5000_probe Codrin Ciubotariu <codrin.ciubotariu(a)microchip.com> ASoC: dmaengine: do not use a NULL prepare_slave_config() callback Miaoqian Lin <linmq006(a)gmail.com> video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of Jiasheng Jiang <jiasheng(a)iscas.ac.cn> ASoC: fsi: Add check for clk_enable Jiasheng Jiang <jiasheng(a)iscas.ac.cn> ASoC: wm8350: Handle error for wm8350_register_irq Miaoqian Lin <linmq006(a)gmail.com> ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe Dafna Hirschfeld <dafna.hirschfeld(a)collabora.com> media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED Takashi Sakamoto <o-takashi(a)sakamocchi.jp> ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction Jia-Ju Bai <baijiaju1990(a)gmail.com> memory: emif: check the pointer temp in get_device_details() Jiasheng Jiang <jiasheng(a)iscas.ac.cn> memory: emif: Add check for setup_interrupts Jiasheng Jiang <jiasheng(a)iscas.ac.cn> ASoC: atmel_ssc_dai: Handle errors for clk_enable Jiasheng Jiang <jiasheng(a)iscas.ac.cn> ASoC: mxs-saif: Handle errors for clk_enable Randy Dunlap <rdunlap(a)infradead.org> printk: fix return value of printk.devkmsg __setup handler Frank Wunderlich <frank-w(a)public-files.de> arm64: dts: broadcom: Fix sata nodename Kuldeep Singh <singh.kuldeep87k(a)gmail.com> arm64: dts: ns2: Fix spi-cpol and spi-cpha property Jiasheng Jiang <jiasheng(a)iscas.ac.cn> ALSA: spi: Add check for clk_enable() Jiasheng Jiang <jiasheng(a)iscas.ac.cn> ASoC: ti: davinci-i2s: Add check for clk_enable() Dan Carpenter <dan.carpenter(a)oracle.com> media: usb: go7007: s2250-board: fix leak in probe() Miaoqian Lin <linmq006(a)gmail.com> soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe Pavel Kubelun <be.dissent(a)gmail.com> ARM: dts: qcom: ipq4019: fix sleep clock Dan Carpenter <dan.carpenter(a)oracle.com> video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() Wang Hai <wanghai38(a)huawei.com> video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() Miaoqian Lin <linmq006(a)gmail.com> media: coda: Fix missing put_device() call in coda_get_vdoa_data Adrian Hunter <adrian.hunter(a)intel.com> perf/x86/intel/pt: Fix address filter config for 32-bit kernel Adrian Hunter <adrian.hunter(a)intel.com> perf/core: Fix address filter parser for multiple filters Bharata B Rao <bharata(a)amd.com> sched/debug: Remove mpol_get/put and task_lock/unlock from sched_show_numa Randy Dunlap <rdunlap(a)infradead.org> clocksource: acpi_pm: fix return value of __setup handler Brandon Wyman <bjwyman(a)gmail.com> hwmon: (pmbus) Add Vin unit off handling Dāvis Mosāns <davispuh(a)gmail.com> crypto: ccp - ccp_dmaengine_unregister release dma channels Randy Dunlap <rdunlap(a)infradead.org> ACPI: APEI: fix return value of __setup handlers Petr Vorel <pvorel(a)suse.cz> crypto: vmx - add missing dependencies Claudiu Beznea <claudiu.beznea(a)microchip.com> hwrng: atmel - disable trng on failure path Randy Dunlap <rdunlap(a)infradead.org> PM: suspend: fix return value of __setup handler Randy Dunlap <rdunlap(a)infradead.org> PM: hibernate: fix __setup handler error handling Armin Wolf <W_Armin(a)gmx.de> hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING Patrick Rudolph <patrick.rudolph(a)9elements.com> hwmon: (pmbus) Add mutex to regulator ops Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> spi: pxa2xx-pci: Balance reference count for PCI DMA device Muhammad Usama Anjum <usama.anjum(a)collabora.com> selftests/x86: Add validity check and allow field splitting Miaoqian Lin <linmq006(a)gmail.com> spi: tegra114: Add missing IRQ check in tegra_spi_probe Tomas Paukrt <tomaspaukrt(a)email.cz> crypto: mxs-dcp - Fix scatterlist processing Herbert Xu <herbert(a)gondor.apana.org.au> crypto: authenc - Fix sleep in atomic context in decrypt_tail Liguang Zhang <zhangliguang(a)linux.alibaba.com> PCI: pciehp: Clear cmd_busy bit in polling mode Hector Martin <marcan(a)marcan.st> brcmfmac: pcie: Replace brcmf_pcie_copy_mem_todev with memcpy_toio Hector Martin <marcan(a)marcan.st> brcmfmac: firmware: Allocate space for default boardrev in nvram Johan Hovold <johan(a)kernel.org> media: davinci: vpif: fix unbalanced runtime PM get Maciej W. Rozycki <macro(a)orcam.me.uk> DEC: Limit PMAX memory probing to R3k systems Dirk Müller <dmueller(a)suse.de> lib/raid6/test: fix multiple definition linking error Srinivas Pandruvada <srinivas.pandruvada(a)linux.intel.com> thermal: int340x: Increase bitmap size Colin Ian King <colin.i.king(a)gmail.com> carl9170: fix missing bit-wise or operator for tx_params Krzysztof Kozlowski <krzysztof.kozlowski(a)canonical.com> ARM: dts: exynos: add missing HDMI supplies on SMDK5420 Krzysztof Kozlowski <krzysztof.kozlowski(a)canonical.com> ARM: dts: exynos: add missing HDMI supplies on SMDK5250 Krzysztof Kozlowski <krzysztof.kozlowski(a)canonical.com> ARM: dts: exynos: fix UART3 pins configuration in Exynos5250 Tudor Ambarus <tudor.ambarus(a)microchip.com> ARM: dts: at91: sama5d2: Fix PMERRLOC resource size Michael Schmitz <schmitzmic(a)gmail.com> video: fbdev: atari: Atari 2 bpp (STe) palette bugfix Helge Deller <deller(a)gmx.de> video: fbdev: sm712fb: Fix crash in smtcfb_read() Duoming Zhou <duoming(a)zju.edu.cn> drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() Sakari Ailus <sakari.ailus(a)linux.intel.com> ACPI: properties: Consistently return -ENOENT if there are no more references Lars Ellenberg <lars.ellenberg(a)linbit.com> drbd: fix potential silent data corruption Xiaomeng Tong <xiam0nd.tong(a)gmail.com> ALSA: cs4236: fix an incorrect NULL check on list iterator José Expósito <jose.exposito89(a)gmail.com> Revert "Input: clear BTN_RIGHT/MIDDLE on buttonpads" Manish Chopra <manishc(a)marvell.com> qed: validate and restrict untrusted VFs vlan promisc mode Manish Chopra <manishc(a)marvell.com> qed: display VF trust config Damien Le Moal <damien.lemoal(a)opensource.wdc.com> scsi: libsas: Fix sas_ata_qc_issue() handling of NCQ NON DATA commands Hugh Dickins <hughd(a)google.com> mempolicy: mbind_range() set_policy() after vma_merge() Alistair Popple <apopple(a)nvidia.com> mm/pages_alloc.c: don't create ZONE_MOVABLE beyond the end of a node Baokun Li <libaokun1(a)huawei.com> jffs2: fix memory leak in jffs2_scan_medium Baokun Li <libaokun1(a)huawei.com> jffs2: fix memory leak in jffs2_do_mount_fs Baokun Li <libaokun1(a)huawei.com> jffs2: fix use-after-free in jffs2_clear_xattr_subsystem Hangyu Hua <hbh25y(a)gmail.com> can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path Krzysztof Kozlowski <krzysztof.kozlowski(a)canonical.com> pinctrl: samsung: drop pin banks references on error paths Dan Carpenter <dan.carpenter(a)oracle.com> NFSD: prevent underflow in nfssvc_decode_writeargs() NeilBrown <neilb(a)suse.de> SUNRPC: avoid race between mod_timer() and del_timer_sync() Bagas Sanjaya <bagasdotme(a)gmail.com> Documentation: update stable tree link Bagas Sanjaya <bagasdotme(a)gmail.com> Documentation: add link to stable release candidate tree Jann Horn <jannh(a)google.com> ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE Kunihiko Hayashi <hayashi.kunihiko(a)socionext.com> clk: uniphier: Fix fixed-rate initialization Liam Beguin <liambeguin(a)gmail.com> iio: inkern: make a best effort on offset calculation Liam Beguin <liambeguin(a)gmail.com> iio: inkern: apply consumer scale when no channel scale is available Liam Beguin <liambeguin(a)gmail.com> iio: inkern: apply consumer scale on IIO_VAL_INT cases James Clark <james.clark(a)arm.com> coresight: Fix TRCCONFIGR.QE sysfs interface Alan Stern <stern(a)rowland.harvard.edu> USB: usb-storage: Fix use of bitfields for hardware data in ene_ub6250.c Xie Yongji <xieyongji(a)bytedance.com> virtio-blk: Use blk_validate_block_size() to validate block size Xie Yongji <xieyongji(a)bytedance.com> block: Add a helper to validate the block size Lino Sanfilippo <LinoSanfilippo(a)gmx.de> tpm: fix reference counting for struct tpm_chip Miklos Szeredi <mszeredi(a)redhat.com> fuse: fix pipe buffer lifetime for direct_io Haimin Zhang <tcs_kernel(a)tencent.com> af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register Biju Das <biju.das.jz(a)bp.renesas.com> spi: Fix erroneous sgs value with min_t() Biju Das <biju.das.jz(a)bp.renesas.com> spi: Fix invalid sgs value Zheyu Ma <zheyuma97(a)gmail.com> ethernet: sun: Free the coherent when failing in probing Michael S. Tsirkin <mst(a)redhat.com> virtio_console: break out of buf poll on remove Yajun Deng <yajun.deng(a)linux.dev> netdevice: add the case if dev is NULL Johan Hovold <johan(a)kernel.org> USB: serial: simple: add Nokia phone driver Eddie James <eajames(a)linux.ibm.com> USB: serial: pl2303: add IBM device IDs ------------- Diffstat: Documentation/process/stable-kernel-rules.rst | 11 +- Makefile | 4 +- arch/arm/boot/dts/bcm2837.dtsi | 49 +++++++ arch/arm/boot/dts/exynos5250-pinctrl.dtsi | 2 +- arch/arm/boot/dts/exynos5250-smdk5250.dts | 3 + arch/arm/boot/dts/exynos5420-smdk5420.dts | 3 + arch/arm/boot/dts/qcom-ipq4019.dtsi | 3 +- arch/arm/boot/dts/qcom-msm8960.dtsi | 8 +- arch/arm/boot/dts/sama5d2.dtsi | 2 +- arch/arm/boot/dts/spear1340.dtsi | 6 +- arch/arm/boot/dts/spear13xx.dtsi | 6 +- arch/arm/boot/dts/tegra20-tamonten.dtsi | 6 +- arch/arm/mach-davinci/board-da850-evm.c | 4 +- arch/arm/mach-mmp/sram.c | 22 +-- arch/arm/mach-s3c24xx/mach-jive.c | 6 +- .../arm64/boot/dts/broadcom/northstar2/ns2-svk.dts | 8 +- arch/arm64/boot/dts/broadcom/northstar2/ns2.dtsi | 2 +- arch/arm64/kernel/insn.c | 4 +- arch/arm64/kernel/module.lds | 6 +- arch/mips/dec/prom/Makefile | 2 +- arch/mips/include/asm/dec/prom.h | 15 +- arch/mips/include/asm/setup.h | 2 +- arch/mips/kernel/traps.c | 22 +-- arch/mips/rb532/devices.c | 6 +- arch/powerpc/boot/dts/fsl/t104xrdb.dtsi | 4 +- arch/powerpc/kernel/machine_kexec.c | 15 +- arch/powerpc/kernel/rtas.c | 6 + arch/powerpc/lib/sstep.c | 8 +- arch/powerpc/sysdev/fsl_gtm.c | 4 +- arch/x86/events/intel/pt.c | 2 +- arch/x86/kvm/emulate.c | 14 +- arch/x86/kvm/hyperv.c | 15 ++ arch/x86/kvm/lapic.c | 5 +- arch/x86/kvm/pmu_amd.c | 8 +- arch/x86/power/cpu.c | 21 ++- arch/x86/xen/pmu.c | 10 +- arch/x86/xen/pmu.h | 3 +- arch/x86/xen/smp_pv.c | 2 +- arch/xtensa/boot/dts/xtfpga-flash-128m.dtsi | 8 +- arch/xtensa/boot/dts/xtfpga-flash-16m.dtsi | 8 +- arch/xtensa/boot/dts/xtfpga-flash-4m.dtsi | 4 +- crypto/authenc.c | 2 +- drivers/acpi/acpica/nswalk.c | 3 + drivers/acpi/apei/bert.c | 10 +- drivers/acpi/apei/erst.c | 2 +- drivers/acpi/apei/hest.c | 2 +- drivers/acpi/cppc_acpi.c | 5 + drivers/acpi/property.c | 2 +- drivers/ata/libata-core.c | 3 + drivers/base/power/main.c | 6 +- drivers/block/drbd/drbd_int.h | 8 +- drivers/block/drbd/drbd_nl.c | 41 +++--- drivers/block/drbd/drbd_req.c | 3 +- drivers/block/drbd/drbd_state.c | 18 +-- drivers/block/drbd/drbd_state_change.h | 8 +- drivers/block/loop.c | 10 +- drivers/block/virtio_blk.c | 12 +- drivers/char/hw_random/atmel-rng.c | 1 + drivers/char/tpm/tpm-chip.c | 46 ++---- drivers/char/tpm/tpm.h | 2 + drivers/char/tpm/tpm2-space.c | 65 +++++++++ drivers/char/virtio_console.c | 15 +- drivers/clk/clk-clps711x.c | 2 + drivers/clk/loongson1/clk-loongson1c.c | 1 + drivers/clk/qcom/clk-rcg2.c | 1 + drivers/clk/tegra/clk-emc.c | 1 + drivers/clk/uniphier/clk-uniphier-fixed-rate.c | 1 + drivers/clocksource/acpi_pm.c | 6 +- drivers/crypto/ccp/ccp-dmaengine.c | 16 +++ drivers/crypto/mxs-dcp.c | 2 +- drivers/crypto/vmx/Kconfig | 4 + drivers/dma/sh/shdma-base.c | 4 +- drivers/gpio/gpiolib-acpi.c | 4 +- drivers/gpu/drm/amd/amdgpu/ObjectID.h | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_gfx.c | 2 +- drivers/gpu/drm/amd/amdkfd/kfd_events.c | 2 + drivers/gpu/drm/drm_edid.c | 8 -- drivers/gpu/drm/imx/parallel-display.c | 4 +- drivers/gpu/drm/tegra/dsi.c | 4 +- drivers/gpu/ipu-v3/ipu-di.c | 5 +- drivers/hid/i2c-hid/i2c-hid-core.c | 32 +++-- drivers/hv/ring_buffer.c | 11 +- drivers/hwmon/pmbus/pmbus.h | 1 + drivers/hwmon/pmbus/pmbus_core.c | 18 ++- drivers/hwmon/sch56xx-common.c | 2 +- .../hwtracing/coresight/coresight-etm4x-sysfs.c | 8 +- drivers/i2c/busses/i2c-pasemi.c | 6 + drivers/i2c/busses/i2c-xiic.c | 3 +- drivers/i2c/muxes/i2c-demux-pinctrl.c | 5 +- drivers/iio/adc/twl6030-gpadc.c | 2 + drivers/iio/inkern.c | 40 ++++-- drivers/input/input.c | 6 - drivers/iommu/arm-smmu-v3.c | 1 + drivers/irqchip/irq-nvic.c | 2 + drivers/md/dm-crypt.c | 2 +- drivers/md/dm-ioctl.c | 2 + drivers/media/pci/cx88/cx88-mpeg.c | 3 + drivers/media/platform/coda/coda-common.c | 1 + drivers/media/platform/davinci/vpif.c | 1 + drivers/media/usb/go7007/s2250-board.c | 10 +- drivers/media/usb/hdpvr/hdpvr-video.c | 4 +- drivers/media/usb/stk1160/stk1160-core.c | 2 +- drivers/media/usb/stk1160/stk1160-v4l.c | 10 +- drivers/media/usb/stk1160/stk1160.h | 2 +- drivers/memory/atmel-ebi.c | 23 ++- drivers/memory/emif.c | 8 +- drivers/mfd/asic3.c | 10 +- drivers/mfd/mc13xxx-core.c | 4 +- drivers/misc/kgdbts.c | 4 +- drivers/mmc/core/host.c | 15 +- drivers/mmc/host/sdhci-xenon.c | 10 -- drivers/mtd/nand/atmel/nand-controller.c | 14 +- drivers/mtd/onenand/generic.c | 7 +- drivers/mtd/ubi/build.c | 9 +- drivers/mtd/ubi/fastmap.c | 28 ++-- drivers/mtd/ubi/vmt.c | 8 +- drivers/net/can/usb/ems_usb.c | 1 - drivers/net/can/usb/mcba_usb.c | 27 ++-- drivers/net/can/vxcan.c | 2 +- drivers/net/ethernet/broadcom/bnxt/bnxt_ethtool.c | 4 +- drivers/net/ethernet/mellanox/mlxsw/i2c.c | 1 + drivers/net/ethernet/micrel/Kconfig | 1 + drivers/net/ethernet/qlogic/qed/qed_sriov.c | 29 +++- drivers/net/ethernet/qlogic/qed/qed_sriov.h | 1 + drivers/net/ethernet/qlogic/qlcnic/qlcnic_dcb.h | 10 +- drivers/net/ethernet/stmicro/stmmac/altr_tse_pcs.c | 8 -- drivers/net/ethernet/stmicro/stmmac/altr_tse_pcs.h | 4 + .../net/ethernet/stmicro/stmmac/dwmac-socfpga.c | 13 +- .../net/ethernet/stmicro/stmmac/stmmac_platform.c | 3 +- drivers/net/ethernet/sun/sunhme.c | 6 +- drivers/net/hamradio/6pack.c | 4 +- drivers/net/macvtap.c | 6 + drivers/net/phy/broadcom.c | 21 +++ drivers/net/slip/slip.c | 2 +- drivers/net/veth.c | 2 +- drivers/net/wireless/ath/ath5k/eeprom.c | 3 + drivers/net/wireless/ath/ath9k/htc_hst.c | 5 + drivers/net/wireless/ath/carl9170/main.c | 2 +- .../broadcom/brcm80211/brcmfmac/firmware.c | 2 + .../wireless/broadcom/brcm80211/brcmfmac/pcie.c | 48 +------ drivers/net/wireless/intel/iwlwifi/dvm/mac80211.c | 2 +- drivers/net/wireless/ray_cs.c | 6 + drivers/parisc/dino.c | 41 ++++-- drivers/parisc/gsc.c | 31 +++++ drivers/parisc/gsc.h | 1 + drivers/parisc/lasi.c | 7 +- drivers/parisc/wax.c | 7 +- drivers/pci/access.c | 9 +- drivers/pci/host/pci-aardvark.c | 16 +-- drivers/pci/hotplug/pciehp_hpc.c | 2 + drivers/perf/qcom_l2_pmu.c | 6 +- drivers/pinctrl/mediatek/pinctrl-mtk-common.c | 2 + drivers/pinctrl/nomadik/pinctrl-nomadik.c | 4 +- drivers/pinctrl/pinconf-generic.c | 6 +- drivers/pinctrl/pinctrl-rockchip.c | 2 + drivers/pinctrl/samsung/pinctrl-samsung.c | 30 +++- drivers/power/reset/gemini-poweroff.c | 4 +- drivers/power/supply/ab8500_fg.c | 4 +- drivers/power/supply/axp20x_battery.c | 13 +- drivers/power/supply/bq24190_charger.c | 7 +- drivers/power/supply/wm8350_power.c | 97 +++++++++++-- drivers/ptp/ptp_sysfs.c | 4 +- drivers/pwm/pwm-lpc18xx-sct.c | 20 ++- drivers/remoteproc/qcom_wcnss.c | 1 + drivers/rtc/rtc-wm8350.c | 11 +- drivers/scsi/aha152x.c | 6 +- drivers/scsi/bfa/bfad_attr.c | 26 ++-- drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c | 2 +- drivers/scsi/libfc/fc_exch.c | 1 + drivers/scsi/libsas/sas_ata.c | 2 +- drivers/scsi/mvsas/mv_init.c | 5 +- drivers/scsi/pm8001/pm8001_hwi.c | 13 +- drivers/scsi/pm8001/pm80xx_hwi.c | 11 +- drivers/scsi/qla2xxx/qla_init.c | 2 +- drivers/scsi/qla2xxx/qla_target.c | 1 + drivers/scsi/zorro7xx.c | 2 + drivers/soc/ti/wkup_m3_ipc.c | 4 +- drivers/spi/spi-pxa2xx-pci.c | 17 ++- drivers/spi/spi-tegra114.c | 4 + drivers/spi/spi-tegra20-slink.c | 8 +- drivers/spi/spi.c | 4 +- drivers/staging/iio/adc/ad7280a.c | 4 +- drivers/target/target_core_user.c | 3 +- drivers/thermal/int340x_thermal/int3400_thermal.c | 2 +- drivers/tty/hvc/hvc_iucv.c | 4 +- drivers/tty/mxser.c | 15 +- drivers/tty/serial/8250/8250_mid.c | 19 ++- drivers/tty/serial/8250/8250_port.c | 12 ++ drivers/tty/serial/kgdboc.c | 6 +- drivers/tty/serial/samsung.c | 5 +- drivers/usb/dwc3/dwc3-omap.c | 2 +- drivers/usb/serial/Kconfig | 1 + drivers/usb/serial/pl2303.c | 1 + drivers/usb/serial/pl2303.h | 3 + drivers/usb/serial/usb-serial-simple.c | 7 + drivers/usb/storage/ene_ub6250.c | 155 ++++++++++----------- drivers/usb/storage/realtek_cr.c | 2 +- drivers/video/fbdev/atafb.c | 12 +- drivers/video/fbdev/cirrusfb.c | 16 +-- drivers/video/fbdev/core/fbcvt.c | 53 +++---- drivers/video/fbdev/nvidia/nv_i2c.c | 2 +- .../fbdev/omap2/omapfb/displays/connector-dvi.c | 1 + .../fbdev/omap2/omapfb/displays/panel-dsi-cm.c | 8 +- .../omap2/omapfb/displays/panel-sony-acx565akm.c | 2 +- .../omap2/omapfb/displays/panel-tpo-td043mtea1.c | 4 +- drivers/video/fbdev/sm712fb.c | 46 ++---- drivers/video/fbdev/smscufx.c | 3 +- drivers/video/fbdev/w100fb.c | 15 +- drivers/w1/slaves/w1_therm.c | 8 +- fs/btrfs/extent_io.h | 2 +- fs/cifs/link.c | 3 + fs/ext2/super.c | 6 +- fs/ext4/inode.c | 25 ++++ fs/fuse/dev.c | 12 +- fs/fuse/file.c | 1 + fs/fuse/fuse_i.h | 2 + fs/gfs2/rgrp.c | 3 +- fs/jffs2/build.c | 4 +- fs/jffs2/fs.c | 2 +- fs/jffs2/scan.c | 6 +- fs/jfs/inode.c | 3 +- fs/jfs/jfs_dmap.c | 7 + fs/nfs/callback_proc.c | 27 ++-- fs/nfs/callback_xdr.c | 4 - fs/nfs/direct.c | 48 ++++--- fs/nfs/file.c | 4 +- fs/nfs/pnfs.c | 11 ++ fs/nfs/pnfs.h | 2 + fs/nfsd/nfsproc.c | 2 +- fs/nfsd/xdr.h | 2 +- fs/ntfs/inode.c | 4 + fs/ubifs/dir.c | 19 ++- fs/ubifs/ioctl.c | 2 +- include/linux/blkdev.h | 8 ++ include/linux/mmzone.h | 11 +- include/linux/netdevice.h | 6 +- include/linux/nfs_fs.h | 8 +- include/linux/pci.h | 1 + include/net/sock.h | 25 +++- include/net/xfrm.h | 9 +- init/main.c | 6 +- kernel/cgroup/cgroup-internal.h | 19 +++ kernel/cgroup/cgroup-v1.c | 33 +++-- kernel/cgroup/cgroup.c | 81 ++++++++--- kernel/events/core.c | 3 + kernel/power/hibernate.c | 2 +- kernel/power/suspend_test.c | 8 +- kernel/printk/printk.c | 6 +- kernel/ptrace.c | 47 +++++-- kernel/sched/debug.c | 10 -- kernel/smp.c | 2 +- lib/raid6/test/test.c | 1 - lib/test_kmod.c | 1 + mm/kmemleak.c | 8 +- mm/memcontrol.c | 2 +- mm/memory.c | 25 +++- mm/mempolicy.c | 9 +- mm/mmap.c | 2 +- mm/mremap.c | 3 + mm/page_alloc.c | 11 +- mm/rmap.c | 25 +++- net/bluetooth/hci_event.c | 3 +- net/can/raw.c | 2 +- net/ipv4/raw.c | 2 +- net/ipv4/tcp_output.c | 5 +- net/ipv6/raw.c | 7 +- net/key/af_key.c | 6 +- net/netfilter/nf_conntrack_proto_tcp.c | 17 ++- net/netlink/af_netlink.c | 2 + net/nfc/nci/core.c | 4 + net/openvswitch/flow_netlink.c | 4 +- net/packet/af_packet.c | 6 +- net/smc/smc_core.c | 2 +- net/sunrpc/sched.c | 4 +- net/sunrpc/xprt.c | 7 + net/sunrpc/xprtrdma/transport.c | 4 +- net/x25/af_x25.c | 11 +- net/xfrm/xfrm_policy.c | 24 ++-- net/xfrm/xfrm_user.c | 14 +- scripts/gcc-plugins/latent_entropy_plugin.c | 44 +++--- security/selinux/xfrm.c | 2 +- security/smack/smack_lsm.c | 2 +- security/tomoyo/load_policy.c | 4 +- sound/core/pcm_misc.c | 2 +- sound/firewire/fcp.c | 4 +- sound/isa/cs423x/cs4236.c | 8 +- sound/soc/atmel/atmel_ssc_dai.c | 5 +- sound/soc/atmel/sam9g20_wm8731.c | 1 + sound/soc/codecs/msm8916-wcd-digital.c | 5 +- sound/soc/codecs/wm8350.c | 28 +++- sound/soc/davinci/davinci-i2s.c | 5 +- sound/soc/fsl/imx-es8328.c | 1 + sound/soc/mxs/mxs-saif.c | 5 +- sound/soc/mxs/mxs-sgtl5000.c | 3 + sound/soc/sh/fsi.c | 19 ++- sound/soc/soc-core.c | 2 +- sound/soc/soc-generic-dmaengine-pcm.c | 6 +- sound/soc/soc-topology.c | 3 +- sound/spi/at73c213.c | 27 +++- tools/build/feature/Makefile | 2 +- tools/testing/selftests/x86/check_cc.sh | 2 +- virt/kvm/kvm_main.c | 13 ++ 302 files changed, 1919 insertions(+), 1013 deletions(-)

2 years, 3 months

11
298
0 0

[PATCH v2] iio: light: tsl2583: Fix module unloading

by Shreeya Patel

tsl2583 uses devm_iio_device_register() function and calling iio_device_unregister() in remove breaks the module unloading. Fix this by using iio_device_register() instead of devm_iio_device_register() function in probe. Cc: stable(a)vger.kernel.org Fixes: 371894f5d1a0 ("iio: tsl2583: add runtime power management support") Signed-off-by: Shreeya Patel <shreeya.patel(a)collabora.com> --- Changes in v2 - Use iio_device_register() instead of devm_iio_device_register() - Add fixes and stable tags drivers/iio/light/tsl2583.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/iio/light/tsl2583.c b/drivers/iio/light/tsl2583.c index 82662dab87c0..94d75ec687c3 100644 --- a/drivers/iio/light/tsl2583.c +++ b/drivers/iio/light/tsl2583.c @@ -858,7 +858,7 @@ static int tsl2583_probe(struct i2c_client *clientp, TSL2583_POWER_OFF_DELAY_MS); pm_runtime_use_autosuspend(&clientp->dev); - ret = devm_iio_device_register(indio_dev->dev.parent, indio_dev); + ret = iio_device_register(indio_dev); if (ret) { dev_err(&clientp->dev, "%s: iio registration failed\n", __func__); -- 2.30.2

2 years, 3 months

2
4
0 0

[PATCH AUTOSEL 5.4 01/16] Revert "evm: Fix memleak in init_desc"

by Sasha Levin

From: Xiu Jianfeng <xiujianfeng(a)huawei.com> [ Upstream commit 51dd64bb99e4478fc5280171acd8e1b529eadaf7 ] This reverts commit ccf11dbaa07b328fa469415c362d33459c140a37. Commit ccf11dbaa07b ("evm: Fix memleak in init_desc") said there is memleak in init_desc. That may be incorrect, as we can see, tmp_tfm is saved in one of the two global variables hmac_tfm or evm_tfm[hash_algo], then if init_desc is called next time, there is no need to alloc tfm again, so in the error path of kmalloc desc or crypto_shash_init(desc), It is not a problem without freeing tmp_tfm. And also that commit did not reset the global variable to NULL after freeing tmp_tfm and this makes *tfm a dangling pointer which may cause a UAF issue. Reported-by: Guozihua (Scott) <guozihua(a)huawei.com> Signed-off-by: Xiu Jianfeng <xiujianfeng(a)huawei.com> Signed-off-by: Mimi Zohar <zohar(a)linux.ibm.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- security/integrity/evm/evm_crypto.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c index 25dac691491b..ee6bd945f3d6 100644 --- a/security/integrity/evm/evm_crypto.c +++ b/security/integrity/evm/evm_crypto.c @@ -75,7 +75,7 @@ static struct shash_desc *init_desc(char type, uint8_t hash_algo) { long rc; const char *algo; - struct crypto_shash **tfm, *tmp_tfm = NULL; + struct crypto_shash **tfm, *tmp_tfm; struct shash_desc *desc; if (type == EVM_XATTR_HMAC) { @@ -120,16 +120,13 @@ static struct shash_desc *init_desc(char type, uint8_t hash_algo) alloc: desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(*tfm), GFP_KERNEL); - if (!desc) { - crypto_free_shash(tmp_tfm); + if (!desc) return ERR_PTR(-ENOMEM); - } desc->tfm = *tfm; rc = crypto_shash_init(desc); if (rc) { - crypto_free_shash(tmp_tfm); kfree(desc); return ERR_PTR(rc); } -- 2.35.1

2 years, 3 months

3
18
0 0

[PATCH v2 1/3] slimbus: qcom-ngd: use correct error in message of pdr_add_lookup() failure

by Krzysztof Kozlowski

Use correct error code, instead of previous 'ret' value, when printing error from pdr_add_lookup() failure. Cc: <stable(a)vger.kernel.org> Fixes: e1ae85e1830e ("slimbus: qcom-ngd-ctrl: add Protection Domain Restart Support") Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> --- Changes since v1: 1. Correct typo 2. Return 'ret' instead of again PTR_ERR --- drivers/slimbus/qcom-ngd-ctrl.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/slimbus/qcom-ngd-ctrl.c b/drivers/slimbus/qcom-ngd-ctrl.c index 0aa8408464ad..f4f330b9fa72 100644 --- a/drivers/slimbus/qcom-ngd-ctrl.c +++ b/drivers/slimbus/qcom-ngd-ctrl.c @@ -1581,8 +1581,9 @@ static int qcom_slim_ngd_ctrl_probe(struct platform_device *pdev) pds = pdr_add_lookup(ctrl->pdr, "avs/audio", "msm/adsp/audio_pd"); if (IS_ERR(pds) && PTR_ERR(pds) != -EALREADY) { + ret = PTR_ERR(pds); dev_err(dev, "pdr add lookup failed: %d\n", ret); - return PTR_ERR(pds); + return ret; } platform_driver_register(&qcom_slim_ngd_driver); -- 2.34.1

2 years, 3 months

2
2
0 0

[PATCH AUTOSEL 5.19 01/33] firmware: dmi: Use the proper accessor for the version field

by Sasha Levin

From: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> [ Upstream commit d2139dfca361a1f5bfc4d4a23455b1a409a69cd4 ] The byte at offset 6 represents length. Don't take it and drop it immediately by using proper accessor, i.e. get_unaligned_be24(). [JD: Change the subject to something less frightening] Signed-off-by: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Signed-off-by: Jean Delvare <jdelvare(a)suse.de> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/firmware/dmi_scan.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/firmware/dmi_scan.c b/drivers/firmware/dmi_scan.c index f191a1f901ac7..0eb6b617f709a 100644 --- a/drivers/firmware/dmi_scan.c +++ b/drivers/firmware/dmi_scan.c @@ -630,7 +630,7 @@ static int __init dmi_smbios3_present(const u8 *buf) { if (memcmp(buf, "_SM3_", 5) == 0 && buf[6] < 32 && dmi_checksum(buf, buf[6])) { - dmi_ver = get_unaligned_be32(buf + 6) & 0xFFFFFF; + dmi_ver = get_unaligned_be24(buf + 7); dmi_num = 0; /* No longer specified */ dmi_len = get_unaligned_le32(buf + 12); dmi_base = get_unaligned_le64(buf + 16); -- 2.35.1

2 years, 3 months

4
37
0 0

[REGRESSION] v5.17-rc1+: FIFREEZE ioctl system call hangs

by Thomas Deutschmann

Hi, while trying to backup a Dell R7525 system running Debian bookworm/testing using LVM snapshots I noticed that the system will 'freeze' sometimes (not all the times) when creating the snapshot. First I thought this was related to LVM so I created https://listman.redhat.com/archives/linux-lvm/2022-July/026228.html (continued at https://listman.redhat.com/archives/linux-lvm/2022-August/thread.html#26229) Long story short: I was even able to reproduce with fsfreeze, see last strace lines > [...] > 14471 1659449870.984635 openat(AT_FDCWD, "/var/lib/machines", O_RDONLY) = 3 > 14471 1659449870.984658 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 > 14471 1659449870.984678 ioctl(3, FIFREEZE so I started to bisect kernel and found the following bad commit: > md: add support for REQ_NOWAIT > > commit 021a24460dc2 ("block: add QUEUE_FLAG_NOWAIT") added support > for checking whether a given bdev supports handling of REQ_NOWAIT or not. > Since then commit 6abc49468eea ("dm: add support for REQ_NOWAIT and enable > it for linear target") added support for REQ_NOWAIT for dm. This uses > a similar approach to incorporate REQ_NOWAIT for md based bios. > > This patch was tested using t/io_uring tool within FIO. A nvme drive > was partitioned into 2 partitions and a simple raid 0 configuration > /dev/md0 was created. > > md0 : active raid0 nvme4n1p1[1] nvme4n1p2[0] > 937423872 blocks super 1.2 512k chunks > > Before patch: > > $ ./t/io_uring /dev/md0 -p 0 -a 0 -d 1 -r 100 > > Running top while the above runs: > > $ ps -eL | grep $(pidof io_uring) > > 38396 38396 pts/2 00:00:00 io_uring > 38396 38397 pts/2 00:00:15 io_uring > 38396 38398 pts/2 00:00:13 iou-wrk-38397 > > We can see iou-wrk-38397 io worker thread created which gets created > when io_uring sees that the underlying device (/dev/md0 in this case) > doesn't support nowait. > > After patch: > > $ ./t/io_uring /dev/md0 -p 0 -a 0 -d 1 -r 100 > > Running top while the above runs: > > $ ps -eL | grep $(pidof io_uring) > > 38341 38341 pts/2 00:10:22 io_uring > 38341 38342 pts/2 00:10:37 io_uring > > After running this patch, we don't see any io worker thread > being created which indicated that io_uring saw that the > underlying device does support nowait. This is the exact behaviour > noticed on a dm device which also supports nowait. > > For all the other raid personalities except raid0, we would need > to train pieces which involves make_request fn in order for them > to correctly handle REQ_NOWAIT. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i d=f51d46d0e7cb5b8494aa534d276a9d8915a2443d After reverting this commit (and follow up commit 0f9650bd838efe5c52f7e5f40c3204ad59f1964d) v5.18.15 and v5.19 worked for me again. At this point I still wonder why I experienced the same problem even after I removed one nvme device from the mdraid array and tested it separately. So maybe there is another nowait/REQ_NOWAIT problem somewhere. During bisect I only tested against the mdraid array. #regzbot introduced: f51d46d0e7cb5b8494aa534d276a9d8915a2443d #regzbot link: https://listman.redhat.com/archives/linux-lvm/2022-July/026228.html #regzbot link: https://listman.redhat.com/archives/linux-lvm/2022-August/thread.html#26229 -- Regards, Thomas

2 years, 3 months

5
21
0 0

Regression in 5.19.0: USB errors during boot

by Alan J. Wylie

Apologies for the delay in reporting this: I messed up my first attempt at bisecting, then I've spent a week going to, enjoying, returning from and recovering from a music festival. Up to and including 5.18.18 things are fine. With 5.19.0 (and .1 and .2) I see lots of errors and hangs on the USB2 chipset, e.g. $ grep "usb 9-4" dmesg.5.19.2 [ 6.669075] usb 9-4: new full-speed USB device number 2 using ohci-pci [ 6.829087] usb 9-4: device descriptor read/64, error -32 [ 7.097094] usb 9-4: device descriptor read/64, error -32 [ 7.361087] usb 9-4: new full-speed USB device number 3 using ohci-pci [ 7.521152] usb 9-4: device descriptor read/64, error -32 [ 7.789066] usb 9-4: device descriptor read/64, error -32 [ 8.081070] usb 9-4: new full-speed USB device number 4 using ohci-pci [ 8.497138] usb 9-4: device not accepting address 4, error -32 [ 8.653140] usb 9-4: new full-speed USB device number 5 using ohci-pci [ 9.069141] usb 9-4: device not accepting address 5, error -32 $ $ grep "usb 1-2" dmesg.5.19.2 [ 5.917102] usb 1-2: new high-speed USB device number 2 using ehci-pci [ 6.277076] usb 1-2: device descriptor read/64, error -71 [ 6.513143] usb 1-2: device descriptor read/64, error -32 [ 6.753146] usb 1-2: new high-speed USB device number 3 using ehci-pci [ 6.881143] usb 1-2: device descriptor read/64, error -32 [ 7.117144] usb 1-2: device descriptor read/64, error -32 [ 7.429141] usb 1-2: new high-speed USB device number 4 using ehci-pci [ 7.845134] usb 1-2: device not accepting address 4, error -32 [ 7.977142] usb 1-2: new high-speed USB device number 5 using ehci-pci [ 8.393158] usb 1-2: device not accepting address 5, error -32 $ the USB port is then no longer usable This is not reproducible on the other chipset (USB3) on this machine, nor on two other systems. Swapping USB cables doesn't help. I have bisected it to $ git bisect bad 78013eaadf696d2105982abb4018fbae394ca08f is the first bad commit commit 78013eaadf696d2105982abb4018fbae394ca08f Author: Christoph Hellwig <hch(a)lst.de> Date: Mon Feb 14 14:11:44 2022 +0100 x86: remove the IOMMU table infrastructure however it will not easily revert I'll be more than happy to assist with any debugging/testing. $ git revert 78013eaadf696d2105982abb4018fbae394ca08f Auto-merging arch/x86/include/asm/dma-mapping.h CONFLICT (content): Merge conflict in arch/x86/include/asm/dma-mapping.h Auto-merging arch/x86/include/asm/iommu.h Auto-merging arch/x86/include/asm/xen/swiotlb-xen.h Auto-merging arch/x86/kernel/Makefile Auto-merging arch/x86/kernel/pci-dma.c CONFLICT (content): Merge conflict in arch/x86/kernel/pci-dma.c Auto-merging arch/x86/kernel/vmlinux.lds.S Auto-merging drivers/iommu/amd/init.c Auto-merging drivers/iommu/amd/iommu.c CONFLICT (content): Merge conflict in drivers/iommu/amd/iommu.c Auto-merging drivers/iommu/intel/dmar.c error: could not revert 78013eaadf69... x86: remove the IOMMU table infrastructure # dmidecode | grep -A2 "^Base Board" Base Board Information Manufacturer: Gigabyte Technology Co., Ltd. Product Name: 970A-DS3P # # lspci -nn | grep -i usb 00:12.0 USB controller [0c03]: Advanced Micro Devices, Inc. [AMD/ATI] SB7x0/SB8x0/SB9x0 USB OHCI0 Controller [1002:4397] 00:12.2 USB controller [0c03]: Advanced Micro Devices, Inc. [AMD/ATI] SB7x0/SB8x0/SB9x0 USB EHCI Controller [1002:4396] 00:13.0 USB controller [0c03]: Advanced Micro Devices, Inc. [AMD/ATI] SB7x0/SB8x0/SB9x0 USB OHCI0 Controller [1002:4397] 00:13.2 USB controller [0c03]: Advanced Micro Devices, Inc. [AMD/ATI] SB7x0/SB8x0/SB9x0 USB EHCI Controller [1002:4396] 00:14.5 USB controller [0c03]: Advanced Micro Devices, Inc. [AMD/ATI] SB7x0/SB8x0/SB9x0 USB OHCI2 Controller [1002:4399] 00:16.0 USB controller [0c03]: Advanced Micro Devices, Inc. [AMD/ATI] SB7x0/SB8x0/SB9x0 USB OHCI0 Controller [1002:4397] 00:16.2 USB controller [0c03]: Advanced Micro Devices, Inc. [AMD/ATI] SB7x0/SB8x0/SB9x0 USB EHCI Controller [1002:4396] 02:00.0 USB controller [0c03]: VIA Technologies, Inc. VL805/806 xHCI USB 3.0 Controller [1106:3483] (rev 01) # # lspci -v -s 00:12 00:12.0 USB controller: Advanced Micro Devices, Inc. [AMD/ATI] SB7x0/SB8x0/SB9x0 USB OHCI0 Controller (prog-if 10 [OHCI]) Subsystem: Gigabyte Technology Co., Ltd GA-880GMA-USB3 Flags: bus master, 66MHz, medium devsel, latency 32, IRQ 18 Memory at fe50a000 (32-bit, non-prefetchable) [size=4K] Kernel driver in use: ohci-pci Kernel modules: ohci_pci 00:12.2 USB controller: Advanced Micro Devices, Inc. [AMD/ATI] SB7x0/SB8x0/SB9x0 USB EHCI Controller (prog-if 20 [EHCI]) Subsystem: Gigabyte Technology Co., Ltd GA-880GMA-USB3 Flags: bus master, 66MHz, medium devsel, latency 32, IRQ 17 Memory at fe509000 (32-bit, non-prefetchable) [size=256] Capabilities: [c0] Power Management version 2 Capabilities: [e4] Debug port: BAR=1 offset=00e0 Kernel driver in use: ehci-pci Kernel modules: ehci_pci # # lsusb Bus 005 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 009 Device 002: ID 067b:2303 Prolific Technology, Inc. PL2303 Serial Port / Mobile Action MA-8910P Bus 009 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 008 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 004 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 007 Device 002: ID 03f0:0317 HP, Inc LaserJet 1200 Bus 007 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 001 Device 002: ID 04e8:6860 Samsung Electronics Co., Ltd Galaxy A5 (MTP) Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 006 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 003 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub Bus 002 Device 002: ID 2109:3431 VIA Labs, Inc. Hub Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub # $ git bisect log git bisect start # good: [4b0986a3613c92f4ec1bdc7f60ec66fea135991f] Linux 5.18 git bisect good 4b0986a3613c92f4ec1bdc7f60ec66fea135991f # good: [07e0b709cab7dc987b5071443789865e20481119] Linux 5.18.18 git bisect good 07e0b709cab7dc987b5071443789865e20481119 # bad: [3d7cb6b04c3f3115719235cc6866b10326de34cd] Linux 5.19 git bisect bad 3d7cb6b04c3f3115719235cc6866b10326de34cd # bad: [c011dd537ffe47462051930413fed07dbdc80313] Merge tag 'arm-soc-5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc git bisect bad c011dd537ffe47462051930413fed07dbdc80313 # good: [7e062cda7d90543ac8c7700fc7c5527d0c0f22ad] Merge tag 'net-next-5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next git bisect good 7e062cda7d90543ac8c7700fc7c5527d0c0f22ad # good: [f8122500a039abeabfff41b0ad8b6a2c94c1107d] Merge branch 'etnaviv/next' of https://git.pengutronix.de/git/lst/linux into drm-next git bisect good f8122500a039abeabfff41b0ad8b6a2c94c1107d # good: [2518f226c60d8e04d18ba4295500a5b0b8ac7659] Merge tag 'drm-next-2022-05-25' of git://anongit.freedesktop.org/drm/drm git bisect good 2518f226c60d8e04d18ba4295500a5b0b8ac7659 # good: [f7a344468105ef8c54086dfdc800e6f5a8417d3e] ASoC: max98090: Move check for invalid values before casting in max98090_put_enab_tlv() git bisect good f7a344468105ef8c54086dfdc800e6f5a8417d3e # good: [fbe86daca0ba878b04fa241b85e26e54d17d4229] Merge tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi git bisect good fbe86daca0ba878b04fa241b85e26e54d17d4229 # good: [709c8632597c3276cd21324b0256628f1a7fd4df] xfs: rework deferred attribute operation setup git bisect good 709c8632597c3276cd21324b0256628f1a7fd4df # bad: [babf0bb978e3c9fce6c4eba6b744c8754fd43d8e] Merge tag 'xfs-5.19-for-linus' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux git bisect bad babf0bb978e3c9fce6c4eba6b744c8754fd43d8e # bad: [8b728edc5be161799434cc17e1279db2f8eabe29] Merge tag 'fs_for_v5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs git bisect bad 8b728edc5be161799434cc17e1279db2f8eabe29 # bad: [3f70356edf5611c28a68d8d5a9c2b442c9eb81e6] swiotlb: merge swiotlb-xen initialization into swiotlb git bisect bad 3f70356edf5611c28a68d8d5a9c2b442c9eb81e6 # good: [f39f8d0eb081407e470396fd4cc376c526d13066] MIPS/octeon: use swiotlb_init instead of open coding it git bisect good f39f8d0eb081407e470396fd4cc376c526d13066 # bad: [c6af2aa9ffc9763826607bc2664ef3ea4475ed18] swiotlb: make the swiotlb_init interface more useful git bisect bad c6af2aa9ffc9763826607bc2664ef3ea4475ed18 # bad: [a3e230926708125205ffd06d3dc2175a8263ae7e] x86: centralize setting SWIOTLB_FORCE when guest memory encryption is enabled git bisect bad a3e230926708125205ffd06d3dc2175a8263ae7e # bad: [78013eaadf696d2105982abb4018fbae394ca08f] x86: remove the IOMMU table infrastructure git bisect bad 78013eaadf696d2105982abb4018fbae394ca08f # first bad commit: [78013eaadf696d2105982abb4018fbae394ca08f] x86: remove the IOMMU table infrastructure $ -- Alan J. Wylie https://www.wylie.me.uk/ Dance like no-one's watching. / Encrypt like everyone is. Security is inversely proportional to convenience

2 years, 3 months

4
8
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror August 2022