August 2022 - Linux-stable-mirror

[PATCH] power: supply: avoid nullptr deref in __power_supply_is_system_supplied

by Jason A. Donenfeld

Fix the following OOPS: BUG: kernel NULL pointer dereference, address: 0000000000000000 PGD 0 P4D 0 Oops: 0010 [#1] PREEMPT SMP CPU: 14 PID: 1156 Comm: upowerd Tainted: G S U 6.0.0-rc1+ #366 Hardware name: LENOVO 20Y5CTO1WW/20Y5CTO1WW, BIOS N40ET36W (1.18 ) 07/19/2022 RIP: 0010:0x0 Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. RSP: 0018:ffff88815350bd08 EFLAGS: 00010212 RAX: ffff88810207d620 RBX: ffff88815350bd7c RCX: 000000000000394e RDX: ffff88815350bd10 RSI: 0000000000000004 RDI: ffff888111722c00 RBP: ffff88815350bd68 R08: ffff8881187a8af8 R09: ffff8881187a8af8 R10: 0000000000000000 R11: 000000000000005f R12: ffffffff8162d0b0 R13: ffff88810159a038 R14: ffffffff823b3768 R15: ffff88810159a000 FS: 00007fd1f0958140(0000) GS:ffff88901f780000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffffffffd6 CR3: 0000000152c7a004 CR4: 0000000000770ee0 PKRU: 55555554 Call Trace: <TASK> __power_supply_is_system_supplied+0x26/0x40 class_for_each_device+0xa5/0xd0 ? acpi_battery_get_state+0x4e/0x1f0 power_supply_is_system_supplied+0x26/0x40 acpi_battery_get_property+0x301/0x310 power_supply_show_property+0xa5/0x1d0 dev_attr_show+0x10/0x30 sysfs_kf_seq_show+0x78/0xc0 seq_read_iter+0xfd/0x3e0 vfs_read+0x1cb/0x290 ksys_read+0x4e/0xc0 do_syscall_64+0x2b/0x50 entry_SYSCALL_64_after_hwframe+0x46/0xb0 RIP: 0033:0x7fd1f0bed70c Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 39 a4 f8 ff 41 89 c0 48 8b 54 24 18 48 8b 74 24 10 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 8f a4 f8 ff 48 RSP: 002b:00007ffc8d3f27e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd1f0bed70c RDX: 0000000000001000 RSI: 000055957d534850 RDI: 000000000000000c RBP: 000055957d50b1d0 R08: 0000000000000000 R09: 0000000000001000 R10: 000000000000006f R11: 0000000000000246 R12: 00007ffc8d3f2910 R13: 0000000000000000 R14: 0000000000000000 R15: 000000000000000c </TASK> CR2: 0000000000000000 ---[ end trace 0000000000000000 ]--- RIP: 0010:0x0 Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. RSP: 0018:ffff88815350bd08 EFLAGS: 00010212 RAX: ffff88810207d620 RBX: ffff88815350bd7c RCX: 000000000000394e RDX: ffff88815350bd10 RSI: 0000000000000004 RDI: ffff888111722c00 RBP: ffff88815350bd68 R08: ffff8881187a8af8 R09: ffff8881187a8af8 R10: 0000000000000000 R11: 000000000000005f R12: ffffffff8162d0b0 R13: ffff88810159a038 R14: ffffffff823b3768 R15: ffff88810159a000 FS: 00007fd1f0958140(0000) GS:ffff88901f780000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffffffffd6 CR3: 0000000152c7a004 CR4: 0000000000770ee0 The disassembly of the top function in the stack trace is: .text:0000000000000000 __power_supply_is_system_supplied proc near .text:0000000000000000 ; DATA XREF: power_supply_is_system_supplied+12↓o .text:0000000000000000 .text:0000000000000000 var_8 = qword ptr -8 .text:0000000000000000 .text:0000000000000000 sub rsp, 8 .text:0000000000000004 mov rdi, [rdi+78h] .text:0000000000000008 inc dword ptr [rsi] .text:000000000000000A mov [rsp+8+var_8], 0 .text:0000000000000012 mov rax, [rdi] .text:0000000000000015 cmp dword ptr [rax+8], 1 .text:0000000000000019 jz short loc_2A .text:000000000000001B mov rdx, rsp .text:000000000000001E mov esi, 4 .text:0000000000000023 call qword ptr [rax+30h] .text:0000000000000026 test eax, eax .text:0000000000000028 jz short loc_31 .text:000000000000002A .text:000000000000002A loc_2A: ; CODE XREF: __power_supply_is_system_supplied+19↑j .text:000000000000002A xor eax, eax .text:000000000000002C add rsp, 8 .text:0000000000000030 retn .text:0000000000000031 ; --------------------------------------------------------------------------- .text:0000000000000031 .text:0000000000000031 loc_31: ; CODE XREF: __power_supply_is_system_supplied+28↑j .text:0000000000000031 mov eax, dword ptr [rsp+8+var_8] .text:0000000000000034 add rsp, 8 .text:0000000000000038 retn .text:0000000000000038 __power_supply_is_system_supplied endp So presumably `call qword ptr [rax+30h]` is jumping to NULL. Cc: stable(a)vger.kernel.org Cc: Rafael J. Wysocki <rafael(a)kernel.org> Signed-off-by: Jason A. Donenfeld <Jason(a)zx2c4.com> --- drivers/power/supply/power_supply_core.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/power/supply/power_supply_core.c b/drivers/power/supply/power_supply_core.c index 4b5fb172fa99..aa4c97f11588 100644 --- a/drivers/power/supply/power_supply_core.c +++ b/drivers/power/supply/power_supply_core.c @@ -349,7 +349,7 @@ static int __power_supply_is_system_supplied(struct device *dev, void *data) unsigned int *count = data; (*count)++; - if (psy->desc->type != POWER_SUPPLY_TYPE_BATTERY) + if (psy->desc->type != POWER_SUPPLY_TYPE_BATTERY && psy->desc->get_property) if (!psy->desc->get_property(psy, POWER_SUPPLY_PROP_ONLINE, &ret)) return ret.intval; -- 2.37.2

1 year, 7 months

3
7
0 0

[PATCH 4.14 000/284] 4.14.276-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.14.276 release. There are 284 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 20 Apr 2022 12:11:14 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.276-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.14.276-rc1 Martin Povišer <povik+lin(a)cutebit.org> i2c: pasemi: Wait for write xfers to finish Nadav Amit <namit(a)vmware.com> smp: Fix offline cpu check in flush_smp_call_function_queue() Nathan Chancellor <nathan(a)kernel.org> ARM: davinci: da850-evm: Avoid NULL pointer dereference Fabio M. De Francesco <fmdefrancesco(a)gmail.com> ALSA: pcm: Test for "silence" field in struct "pcm_format_data" Jason A. Donenfeld <Jason(a)zx2c4.com> gcc-plugins: latent_entropy: use /dev/urandom Patrick Wang <patrick.wang.shcn(a)gmail.com> mm: kmemleak: take a full lowmem check in kmemleak_*_phys() Juergen Gross <jgross(a)suse.com> mm, page_alloc: fix build_zonerefs_node() Duoming Zhou <duoming(a)zju.edu.cn> drivers: net: slip: fix NPD bug in sl_tx_timeout() Alexey Galakhov <agalakhov(a)gmail.com> scsi: mvsas: Add PCI ID of RocketRaid 2640 Leo Ruan <tingquan.ruan(a)cn.bosch.com> gpu: ipu-v3: Fix dev_dbg frequency output Christian Lamparter <chunkeey(a)gmail.com> ata: libata-core: Disable READ LOG DMA EXT for Samsung 840 EVOs Randy Dunlap <rdunlap(a)infradead.org> net: micrel: fix KS8851_MLL Kconfig Tyrel Datwyler <tyreld(a)linux.ibm.com> scsi: ibmvscsis: Increase INITIAL_SRP_LIMIT to 1024 Xiaoguang Wang <xiaoguang.wang(a)linux.alibaba.com> scsi: target: tcmu: Fix possible page UAF Michael Kelley <mikelley(a)microsoft.com> Drivers: hv: vmbus: Prevent load re-ordering when reading ring buffer QintaoShen <unSimple1993(a)163.com> drm/amdkfd: Check for potential null return of kmalloc_array() Aurabindo Pillai <aurabindo.pillai(a)amd.com> drm/amd: Add USBC connector ID Harshit Mogalapalli <harshit.m.mogalapalli(a)oracle.com> cifs: potential buffer overflow in handling symlinks Lin Ma <linma(a)zju.edu.cn> nfc: nci: add flush_workqueue to prevent uaf Dinh Nguyen <dinguyen(a)kernel.org> net: ethernet: stmmac: fix altr_tse_pcs function when using a fixed-link Vadim Pasternak <vadimp(a)nvidia.com> mlxsw: i2c: Fix initialization error flow Linus Torvalds <torvalds(a)linux-foundation.org> gpiolib: acpi: use correct format characters Guillaume Nault <gnault(a)redhat.com> veth: Ensure eth header is in skb's linear part Miaoqian Lin <linmq006(a)gmail.com> memory: atmel-ebi: Fix missing of_node_put in atmel_ebi_probe Xin Long <lucien.xin(a)gmail.com> xfrm: policy: match with both mark and mask on user interfaces Tejun Heo <tj(a)kernel.org> cgroup: Use open-time cgroup namespace for process migration perm checks Tejun Heo <tj(a)kernel.org> cgroup: Allocate cgroup_file_ctx for kernfs_open_file->priv Tejun Heo <tj(a)kernel.org> cgroup: Use open-time credentials for process migraton perm checks Waiman Long <longman(a)redhat.com> mm/sparsemem: fix 'mem_section' will never be NULL gcc 12 warning Fangrui Song <maskray(a)google.com> arm64: module: remove (NOLOAD) from linker script Peter Xu <peterx(a)redhat.com> mm: don't skip swap entry even if zap_details specified Vinod Koul <vkoul(a)kernel.org> dmaengine: Revert "dmaengine: shdma: Fix runtime PM imbalance on error" Arnaldo Carvalho de Melo <acme(a)redhat.com> tools build: Use $(shell ) instead of `` to get embedded libperl's ccopts Xiaomeng Tong <xiam0nd.tong(a)gmail.com> perf: qcom_l2_pmu: fix an incorrect NULL check on list iterator Guo Ren <guoren(a)linux.alibaba.com> arm64: patch_text: Fixup last cpu should be master Ethan Lien <ethanlien(a)synology.com> btrfs: fix qgroup reserve overflow the qgroup limit Pawan Gupta <pawan.kumar.gupta(a)linux.intel.com> x86/speculation: Restore speculation related MSRs during S3 resume Pawan Gupta <pawan.kumar.gupta(a)linux.intel.com> x86/pm: Save the MSR validity status at context setup Miaohe Lin <linmiaohe(a)huawei.com> mm/mempolicy: fix mpol_new leak in shared_policy_replace Paolo Bonzini <pbonzini(a)redhat.com> mmmremap.c: avoid pointless invalidate_range_start/end on mremap(old_size=0) Pali Rohár <pali(a)kernel.org> Revert "mmc: sdhci-xenon: fix annoying 1.8V regulator warning" Lv Yunlong <lyl2019(a)mail.ustc.edu.cn> drbd: Fix five use after free bugs in get_initial_state José Expósito <jose.exposito89(a)gmail.com> drm/imx: Fix memory leak in imx_pd_connector_get_modes Chen-Yu Tsai <wens(a)csie.org> net: stmmac: Fix unset max_speed difference between DT and non-DT platforms Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one() Dan Carpenter <dan.carpenter(a)oracle.com> drm/amdgpu: fix off by one in amdgpu_gfx_kiq_acquire() Mauricio Faria de Oliveira <mfo(a)canonical.com> mm: fix race between MADV_FREE reclaim and blkdev direct IO read Willem de Bruijn <willemb(a)google.com> net: add missing SOF_TIMESTAMPING_OPT_ID support Willem de Bruijn <willemb(a)google.com> ipv6: add missing tx timestamping on IPPROTO_RAW Helge Deller <deller(a)gmx.de> parisc: Fix CPU affinity for Lasi, WAX and Dino chips Haimin Zhang <tcs_kernel(a)tencent.com> jfs: prevent NULL deref in diFree Randy Dunlap <rdunlap(a)infradead.org> virtio_console: eliminate anonymous module_init & module_exit Jiri Slaby <jslaby(a)suse.cz> serial: samsung_tty: do not unlock port->lock for uart_write_wakeup() NeilBrown <neilb(a)suse.de> NFS: swap-out must always use STABLE writes. NeilBrown <neilb(a)suse.de> NFS: swap IO handling is slightly different for O_DIRECT IO NeilBrown <neilb(a)suse.de> SUNRPC/call_alloc: async tasks mustn't block waiting for memory Lucas Denefle <lucas.denefle(a)converge.io> w1: w1_therm: fixes w1_seq for ds28ea00 sensors Randy Dunlap <rdunlap(a)infradead.org> init/main.c: return 1 from handled __setup() functions Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: Fix use after free in hci_send_acl Max Filippov <jcmvbkbc(a)gmail.com> xtensa: fix DTC warning unit_address_format H. Nikolaus Schaller <hns(a)goldelico.com> usb: dwc3: omap: fix "unbalanced disables for smps10_out1" on omap5evm Jianglei Nie <niejianglei2021(a)163.com> scsi: libfc: Fix use after free in fc_exch_abts_resp() Alexander Lobakin <alobakin(a)pm.me> MIPS: fix fortify panic when copying asm exception handlers Michael Chan <michael.chan(a)broadcom.com> bnxt_en: Eliminate unintended link toggle during FW reset Sven Eckelmann <sven(a)narfation.org> macvtap: advertise link netns via netlink Dust Li <dust.li(a)linux.alibaba.com> net/smc: correct settings of RMB window update limit Randy Dunlap <rdunlap(a)infradead.org> scsi: aha152x: Fix aha152x_setup() __setup handler return value Damien Le Moal <damien.lemoal(a)opensource.wdc.com> scsi: pm8001: Fix pm8001_mpi_task_abort_resp() Jordy Zomer <jordy(a)jordyzomer.github.io> dm ioctl: prevent potential spectre v1 gadget Zhou Guanghui <zhouguanghui1(a)huawei.com> iommu/arm-smmu-v3: fix event handling soft lockup Pali Rohár <pali(a)kernel.org> PCI: aardvark: Fix support for MSI interrupts Sourabh Jain <sourabhjain(a)linux.ibm.com> powerpc: Set crashkernel offset to mid of RMA region Evgeny Boger <boger(a)wirenboard.com> power: supply: axp20x_battery: properly report current when discharging Yang Guang <yang.guang5(a)zte.com.cn> scsi: bfa: Replace snprintf() with sysfs_emit() Yang Guang <yang.guang5(a)zte.com.cn> scsi: mvsas: Replace snprintf() with sysfs_emit() Maxim Kiselev <bigunclemax(a)gmail.com> powerpc: dts: t104xrdb: fix phy type for FMAN 4/5 Yang Guang <yang.guang5(a)zte.com.cn> ptp: replace snprintf with sysfs_emit Zekun Shen <bruceshenzk(a)gmail.com> ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 Jim Mattson <jmattson(a)google.com> KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs Randy Dunlap <rdunlap(a)infradead.org> ARM: 9187/1: JIVE: fix return value of __setup handler Jiasheng Jiang <jiasheng(a)iscas.ac.cn> rtc: wm8350: Handle error for wm8350_register_irq Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: Rectify space amount budget for mkdir/tmpfile operations Vitaly Kuznetsov <vkuznets(a)redhat.com> KVM: x86: Forbid VMM to set SYNIC/STIMER MSRs when SynIC wasn't activated Martin Varghese <martin.varghese(a)nokia.com> openvswitch: Fixed nd target mask field in the flow dump. Kuldeep Singh <singh.kuldeep87k(a)gmail.com> ARM: dts: spear13xx: Update SPI dma properties Kuldeep Singh <singh.kuldeep87k(a)gmail.com> ARM: dts: spear1340: Update serial node properties Amadeusz Sławiński <amadeuszx.slawinski(a)linux.intel.com> ASoC: topology: Allow TLV control to be either read or write Zhihao Cheng <chengzhihao1(a)huawei.com> ubi: fastmap: Return error code if memory allocation fails in add_aeb() Randy Dunlap <rdunlap(a)infradead.org> mm/memcontrol: return 1 from cgroup.memory __setup() handler Randy Dunlap <rdunlap(a)infradead.org> mm/mmap: return 1 from stack_guard_gap __setup() handler Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> ACPI: CPPC: Avoid out of bounds access when parsing _CPC data Baokun Li <libaokun1(a)huawei.com> ubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl Chen-Yu Tsai <wenst(a)chromium.org> pinctrl: pinconf-generic: Print arguments for bias-pull-* Andrew Price <anprice(a)redhat.com> gfs2: Make sure FITRIM minlen is rounded up to fs block size Pavel Skripkin <paskripkin(a)gmail.com> can: mcba_usb: properly check endpoint type Hangyu Hua <hbh25y(a)gmail.com> can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path Baokun Li <libaokun1(a)huawei.com> ubifs: rename_whiteout: correct old_dir size computing Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: setflags: Make dirtied_ino_d 8 bytes aligned Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: Add missing iput if do_tmpfile() failed in rename whiteout Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: rename_whiteout: Fix double free for whiteout_ui->data David Matlack <dmatlack(a)google.com> KVM: Prevent module exit until all VMs are freed Saurav Kashyap <skashyap(a)marvell.com> scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair() Nilesh Javali <njavali(a)marvell.com> scsi: qla2xxx: Fix warning for missing error code Anders Roxell <anders.roxell(a)linaro.org> powerpc/lib/sstep: Fix build errors with newer binutils Anders Roxell <anders.roxell(a)linaro.org> powerpc/lib/sstep: Fix 'sthcx' instruction Ulf Hansson <ulf.hansson(a)linaro.org> mmc: host: Return an error when ->enable_sdio_irq() ops is missing Dongliang Mu <mudongliangabcd(a)gmail.com> media: hdpvr: initialize dev->worker at hdpvr_register_videodev Zheyu Ma <zheyuma97(a)gmail.com> video: fbdev: sm712fb: Fix crash in smtcfb_write() Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> ARM: mmp: Fix failure to remove sram device Richard Leitner <richard.leitner(a)skidata.com> ARM: tegra: tamonten: Fix I2C3 pad setting Daniel González Cabanelas <dgcbueu(a)gmail.com> media: cx88-mpeg: clear interrupt status register before streaming video Shengjiu Wang <shengjiu.wang(a)nxp.com> ASoC: soc-core: skip zero num_dai component in searching dai name Jing Yao <yao.jing2(a)zte.com.cn> video: fbdev: omapfb: panel-tpo-td043mtea1: Use sysfs_emit() instead of snprintf() Jing Yao <yao.jing2(a)zte.com.cn> video: fbdev: omapfb: panel-dsi-cm: Use sysfs_emit() instead of snprintf() Richard Schleich <rs(a)noreya.tech> ARM: dts: bcm2837: Add the missing L1/L2 cache information David Heidelberg <david(a)ixit.cz> ARM: dts: qcom: fix gic_irq_domain_translate warnings for msm8960 Yang Guang <yang.guang5(a)zte.com.cn> video: fbdev: omapfb: acx565akm: replace snprintf with sysfs_emit George Kennedy <george.kennedy(a)oracle.com> video: fbdev: cirrusfb: check pixclock to avoid divide by zero Evgeny Novikov <novikov(a)ispras.ru> video: fbdev: w100fb: Reset global state Tim Gardner <tim.gardner(a)canonical.com> video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow Dongliang Mu <mudongliangabcd(a)gmail.com> ntfs: add sanity check on allocation size Theodore Ts'o <tytso(a)mit.edu> ext4: don't BUG if someone dirty pages without asking ext4 first Minghao Chi <chi.minghao(a)zte.com.cn> spi: tegra20: Use of_device_get_match_data() Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> PM: core: keep irq flags in device_pm_check_callbacks() Darren Hart <darren(a)os.amperecomputing.com> ACPI/APEI: Limit printable size of BERT table data Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> ACPICA: Avoid walking the ACPI Namespace if it is not there Souptick Joarder (HPE) <jrdr.linux(a)gmail.com> irqchip/nvic: Release nvic_base upon failure Casey Schaufler <casey(a)schaufler-ca.com> Fix incorrect type in assignment of ipv6 port for audit Chaitanya Kulkarni <kch(a)nvidia.com> loop: use sysfs_emit() in the sysfs xxx show() Christian Göttsche <cgzones(a)googlemail.com> selinux: use correct type for context length Dan Carpenter <dan.carpenter(a)oracle.com> lib/test: use after free in register_test_dev_kmod() Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4/pNFS: Fix another issue with a list iterator pointing to the head Duoming Zhou <duoming(a)zju.edu.cn> net/x25: Fix null-ptr-deref caused by x25_disconnect Tom Rix <trix(a)redhat.com> qlcnic: dcb: default to returning -EOPNOTSUPP Florian Fainelli <f.fainelli(a)gmail.com> net: phy: broadcom: Fix brcm_fet_config_init() Juergen Gross <jgross(a)suse.com> xen: fix is_xen_pmu() Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options Pavel Skripkin <paskripkin(a)gmail.com> jfs: fix divide error in dbNextAG Randy Dunlap <rdunlap(a)infradead.org> kgdbts: fix return value of __setup handler Randy Dunlap <rdunlap(a)infradead.org> kgdboc: fix return value of __setup handler Randy Dunlap <rdunlap(a)infradead.org> tty: hvc: fix return value of __setup handler Miaoqian Lin <linmq006(a)gmail.com> pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe Miaoqian Lin <linmq006(a)gmail.com> pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe Miaoqian Lin <linmq006(a)gmail.com> pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init Alexey Khoroshilov <khoroshilov(a)ispras.ru> NFS: remove unneeded check in decode_devicenotify_args() Miaoqian Lin <linmq006(a)gmail.com> clk: tegra: tegra124-emc: Fix missing put_device() call in emc_ensure_emc_driver Jonathan Neuschäfer <j.neuschaefer(a)gmx.net> clk: clps711x: Terminate clk_div_table with sentinel element Jonathan Neuschäfer <j.neuschaefer(a)gmx.net> clk: loongson1: Terminate clk_div_table with sentinel element Miaoqian Lin <linmq006(a)gmail.com> remoteproc: qcom_wcnss: Add missing of_node_put() in wcnss_alloc_memory_region Taniya Das <tdas(a)codeaurora.org> clk: qcom: clk-rcg2: Update the frac table for pixel clock Jiasheng Jiang <jiasheng(a)iscas.ac.cn> iio: adc: Add check for devm_request_threaded_irq Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> serial: 8250: Fix race condition in RTS-after-send handling Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> serial: 8250_mid: Balance reference count for PCI DMA device Jonathan Cameron <Jonathan.Cameron(a)huawei.com> staging:iio:adc:ad7280a: Fix handing of device address bit reversing. Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> pwm: lpc18xx-sct: Initialize driver data and hardware before pwmchip_add() Jiri Slaby <jslaby(a)suse.cz> mxser: fix xmit_buf leak in activate when LSR == 0xff Miaoqian Lin <linmq006(a)gmail.com> mfd: asic3: Add missing iounmap() on error asic3_mfd_probe Jakub Kicinski <kuba(a)kernel.org> tcp: ensure PMTU updates are processed during fastopen Peter Rosin <peda(a)axentia.se> i2c: mux: demux-pinctrl: do not deactivate a master that is not active Petr Machata <petrm(a)nvidia.com> af_netlink: Fix shift out of bounds in group mask calculation Dan Carpenter <dan.carpenter(a)oracle.com> USB: storage: ums-realtek: fix error code in rts51x_read_mem() Xin Xiong <xiongx18(a)fudan.edu.cn> mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init Randy Dunlap <rdunlap(a)infradead.org> MIPS: RB532: fix return value of __setup handler Oliver Hartkopp <socketcan(a)hartkopp.net> vxcan: enable local echo for sent CAN frames Jiasheng Jiang <jiasheng(a)iscas.ac.cn> mfd: mc13xxx: Add check for mc13xxx_irq_request Jakob Koschel <jakobkoschel(a)gmail.com> powerpc/sysdev: fix incorrect use to determine if list is empty Mark Tomlinson <mark.tomlinson(a)alliedtelesis.co.nz> PCI: Reduce warnings on possible RW1C corruption Jiasheng Jiang <jiasheng(a)iscas.ac.cn> power: supply: wm8350-power: Add missing free in free_charger_irq Jiasheng Jiang <jiasheng(a)iscas.ac.cn> power: supply: wm8350-power: Handle error for wm8350_register_irq Robert Hancock <robert.hancock(a)calian.com> i2c: xiic: Make bus names unique Hou Wenlong <houwenlong.hwl(a)antgroup.com> KVM: x86/emulator: Defer not-present segment check in __load_segment_descriptor() Zhenzhong Duan <zhenzhong.duan(a)intel.com> KVM: x86: Fix emulation in writing cr8 Hans de Goede <hdegoede(a)redhat.com> power: supply: bq24190_charger: Fix bq24190_vbus_is_enabled() wrong false return Miaoqian Lin <linmq006(a)gmail.com> drm/tegra: Fix reference leak in tegra_dsi_ganged_probe Zhang Yi <yi.zhang(a)huawei.com> ext2: correct max file size computing Randy Dunlap <rdunlap(a)infradead.org> TOMOYO: fix __setup handlers return values Damien Le Moal <damien.lemoal(a)opensource.wdc.com> scsi: pm8001: Fix abort all task initialization Damien Le Moal <damien.lemoal(a)opensource.wdc.com> scsi: pm8001: Fix payload initialization in pm80xx_set_thermal_config() Damien Le Moal <damien.lemoal(a)opensource.wdc.com> scsi: pm8001: Fix command initialization in pm8001_chip_ssp_tm_req() Damien Le Moal <damien.lemoal(a)opensource.wdc.com> scsi: pm8001: Fix command initialization in pm80XX_send_read_log() Aashish Sharma <shraash(a)google.com> dm crypt: fix get_key_size compiler warning if !CONFIG_KEYS Colin Ian King <colin.king(a)canonical.com> iwlwifi: Fix -EIO error code that is never returned Dmitry Torokhov <dmitry.torokhov(a)gmail.com> HID: i2c-hid: fix GET/SET_REPORT for unnumbered reports Miaoqian Lin <linmq006(a)gmail.com> power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init Jiasheng Jiang <jiasheng(a)iscas.ac.cn> ray_cs: Check ioremap return value Miaoqian Lin <linmq006(a)gmail.com> power: reset: gemini-poweroff: Fix IRQ check in gemini_poweroff_probe Pavel Skripkin <paskripkin(a)gmail.com> ath9k_htc: fix uninit value bugs Maxime Ripard <maxime(a)cerno.tech> drm/edid: Don't clear formats if using deep color Jiasheng Jiang <jiasheng(a)iscas.ac.cn> mtd: onenand: Check for error irq Miaoqian Lin <linmq006(a)gmail.com> ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in msm8916_wcd_digital_probe Wang Wensheng <wangwensheng4(a)huawei.com> ASoC: imx-es8328: Fix error return code in imx_es8328_probe() Miaoqian Lin <linmq006(a)gmail.com> ASoC: mxs: Fix error handling in mxs_sgtl5000_probe Codrin Ciubotariu <codrin.ciubotariu(a)microchip.com> ASoC: dmaengine: do not use a NULL prepare_slave_config() callback Miaoqian Lin <linmq006(a)gmail.com> video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of Jiasheng Jiang <jiasheng(a)iscas.ac.cn> ASoC: fsi: Add check for clk_enable Jiasheng Jiang <jiasheng(a)iscas.ac.cn> ASoC: wm8350: Handle error for wm8350_register_irq Miaoqian Lin <linmq006(a)gmail.com> ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe Dafna Hirschfeld <dafna.hirschfeld(a)collabora.com> media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED Takashi Sakamoto <o-takashi(a)sakamocchi.jp> ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction Jia-Ju Bai <baijiaju1990(a)gmail.com> memory: emif: check the pointer temp in get_device_details() Jiasheng Jiang <jiasheng(a)iscas.ac.cn> memory: emif: Add check for setup_interrupts Jiasheng Jiang <jiasheng(a)iscas.ac.cn> ASoC: atmel_ssc_dai: Handle errors for clk_enable Jiasheng Jiang <jiasheng(a)iscas.ac.cn> ASoC: mxs-saif: Handle errors for clk_enable Randy Dunlap <rdunlap(a)infradead.org> printk: fix return value of printk.devkmsg __setup handler Frank Wunderlich <frank-w(a)public-files.de> arm64: dts: broadcom: Fix sata nodename Kuldeep Singh <singh.kuldeep87k(a)gmail.com> arm64: dts: ns2: Fix spi-cpol and spi-cpha property Jiasheng Jiang <jiasheng(a)iscas.ac.cn> ALSA: spi: Add check for clk_enable() Jiasheng Jiang <jiasheng(a)iscas.ac.cn> ASoC: ti: davinci-i2s: Add check for clk_enable() Dan Carpenter <dan.carpenter(a)oracle.com> media: usb: go7007: s2250-board: fix leak in probe() Miaoqian Lin <linmq006(a)gmail.com> soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe Pavel Kubelun <be.dissent(a)gmail.com> ARM: dts: qcom: ipq4019: fix sleep clock Dan Carpenter <dan.carpenter(a)oracle.com> video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() Wang Hai <wanghai38(a)huawei.com> video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() Miaoqian Lin <linmq006(a)gmail.com> media: coda: Fix missing put_device() call in coda_get_vdoa_data Adrian Hunter <adrian.hunter(a)intel.com> perf/x86/intel/pt: Fix address filter config for 32-bit kernel Adrian Hunter <adrian.hunter(a)intel.com> perf/core: Fix address filter parser for multiple filters Bharata B Rao <bharata(a)amd.com> sched/debug: Remove mpol_get/put and task_lock/unlock from sched_show_numa Randy Dunlap <rdunlap(a)infradead.org> clocksource: acpi_pm: fix return value of __setup handler Brandon Wyman <bjwyman(a)gmail.com> hwmon: (pmbus) Add Vin unit off handling Dāvis Mosāns <davispuh(a)gmail.com> crypto: ccp - ccp_dmaengine_unregister release dma channels Randy Dunlap <rdunlap(a)infradead.org> ACPI: APEI: fix return value of __setup handlers Petr Vorel <pvorel(a)suse.cz> crypto: vmx - add missing dependencies Claudiu Beznea <claudiu.beznea(a)microchip.com> hwrng: atmel - disable trng on failure path Randy Dunlap <rdunlap(a)infradead.org> PM: suspend: fix return value of __setup handler Randy Dunlap <rdunlap(a)infradead.org> PM: hibernate: fix __setup handler error handling Armin Wolf <W_Armin(a)gmx.de> hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING Patrick Rudolph <patrick.rudolph(a)9elements.com> hwmon: (pmbus) Add mutex to regulator ops Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> spi: pxa2xx-pci: Balance reference count for PCI DMA device Muhammad Usama Anjum <usama.anjum(a)collabora.com> selftests/x86: Add validity check and allow field splitting Miaoqian Lin <linmq006(a)gmail.com> spi: tegra114: Add missing IRQ check in tegra_spi_probe Tomas Paukrt <tomaspaukrt(a)email.cz> crypto: mxs-dcp - Fix scatterlist processing Herbert Xu <herbert(a)gondor.apana.org.au> crypto: authenc - Fix sleep in atomic context in decrypt_tail Liguang Zhang <zhangliguang(a)linux.alibaba.com> PCI: pciehp: Clear cmd_busy bit in polling mode Hector Martin <marcan(a)marcan.st> brcmfmac: pcie: Replace brcmf_pcie_copy_mem_todev with memcpy_toio Hector Martin <marcan(a)marcan.st> brcmfmac: firmware: Allocate space for default boardrev in nvram Johan Hovold <johan(a)kernel.org> media: davinci: vpif: fix unbalanced runtime PM get Maciej W. Rozycki <macro(a)orcam.me.uk> DEC: Limit PMAX memory probing to R3k systems Dirk Müller <dmueller(a)suse.de> lib/raid6/test: fix multiple definition linking error Srinivas Pandruvada <srinivas.pandruvada(a)linux.intel.com> thermal: int340x: Increase bitmap size Colin Ian King <colin.i.king(a)gmail.com> carl9170: fix missing bit-wise or operator for tx_params Krzysztof Kozlowski <krzysztof.kozlowski(a)canonical.com> ARM: dts: exynos: add missing HDMI supplies on SMDK5420 Krzysztof Kozlowski <krzysztof.kozlowski(a)canonical.com> ARM: dts: exynos: add missing HDMI supplies on SMDK5250 Krzysztof Kozlowski <krzysztof.kozlowski(a)canonical.com> ARM: dts: exynos: fix UART3 pins configuration in Exynos5250 Tudor Ambarus <tudor.ambarus(a)microchip.com> ARM: dts: at91: sama5d2: Fix PMERRLOC resource size Michael Schmitz <schmitzmic(a)gmail.com> video: fbdev: atari: Atari 2 bpp (STe) palette bugfix Helge Deller <deller(a)gmx.de> video: fbdev: sm712fb: Fix crash in smtcfb_read() Duoming Zhou <duoming(a)zju.edu.cn> drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() Sakari Ailus <sakari.ailus(a)linux.intel.com> ACPI: properties: Consistently return -ENOENT if there are no more references Lars Ellenberg <lars.ellenberg(a)linbit.com> drbd: fix potential silent data corruption Xiaomeng Tong <xiam0nd.tong(a)gmail.com> ALSA: cs4236: fix an incorrect NULL check on list iterator José Expósito <jose.exposito89(a)gmail.com> Revert "Input: clear BTN_RIGHT/MIDDLE on buttonpads" Manish Chopra <manishc(a)marvell.com> qed: validate and restrict untrusted VFs vlan promisc mode Manish Chopra <manishc(a)marvell.com> qed: display VF trust config Damien Le Moal <damien.lemoal(a)opensource.wdc.com> scsi: libsas: Fix sas_ata_qc_issue() handling of NCQ NON DATA commands Hugh Dickins <hughd(a)google.com> mempolicy: mbind_range() set_policy() after vma_merge() Alistair Popple <apopple(a)nvidia.com> mm/pages_alloc.c: don't create ZONE_MOVABLE beyond the end of a node Baokun Li <libaokun1(a)huawei.com> jffs2: fix memory leak in jffs2_scan_medium Baokun Li <libaokun1(a)huawei.com> jffs2: fix memory leak in jffs2_do_mount_fs Baokun Li <libaokun1(a)huawei.com> jffs2: fix use-after-free in jffs2_clear_xattr_subsystem Hangyu Hua <hbh25y(a)gmail.com> can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path Krzysztof Kozlowski <krzysztof.kozlowski(a)canonical.com> pinctrl: samsung: drop pin banks references on error paths Dan Carpenter <dan.carpenter(a)oracle.com> NFSD: prevent underflow in nfssvc_decode_writeargs() NeilBrown <neilb(a)suse.de> SUNRPC: avoid race between mod_timer() and del_timer_sync() Bagas Sanjaya <bagasdotme(a)gmail.com> Documentation: update stable tree link Bagas Sanjaya <bagasdotme(a)gmail.com> Documentation: add link to stable release candidate tree Jann Horn <jannh(a)google.com> ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE Kunihiko Hayashi <hayashi.kunihiko(a)socionext.com> clk: uniphier: Fix fixed-rate initialization Liam Beguin <liambeguin(a)gmail.com> iio: inkern: make a best effort on offset calculation Liam Beguin <liambeguin(a)gmail.com> iio: inkern: apply consumer scale when no channel scale is available Liam Beguin <liambeguin(a)gmail.com> iio: inkern: apply consumer scale on IIO_VAL_INT cases James Clark <james.clark(a)arm.com> coresight: Fix TRCCONFIGR.QE sysfs interface Alan Stern <stern(a)rowland.harvard.edu> USB: usb-storage: Fix use of bitfields for hardware data in ene_ub6250.c Xie Yongji <xieyongji(a)bytedance.com> virtio-blk: Use blk_validate_block_size() to validate block size Xie Yongji <xieyongji(a)bytedance.com> block: Add a helper to validate the block size Lino Sanfilippo <LinoSanfilippo(a)gmx.de> tpm: fix reference counting for struct tpm_chip Miklos Szeredi <mszeredi(a)redhat.com> fuse: fix pipe buffer lifetime for direct_io Haimin Zhang <tcs_kernel(a)tencent.com> af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register Biju Das <biju.das.jz(a)bp.renesas.com> spi: Fix erroneous sgs value with min_t() Biju Das <biju.das.jz(a)bp.renesas.com> spi: Fix invalid sgs value Zheyu Ma <zheyuma97(a)gmail.com> ethernet: sun: Free the coherent when failing in probing Michael S. Tsirkin <mst(a)redhat.com> virtio_console: break out of buf poll on remove Yajun Deng <yajun.deng(a)linux.dev> netdevice: add the case if dev is NULL Johan Hovold <johan(a)kernel.org> USB: serial: simple: add Nokia phone driver Eddie James <eajames(a)linux.ibm.com> USB: serial: pl2303: add IBM device IDs ------------- Diffstat: Documentation/process/stable-kernel-rules.rst | 11 +- Makefile | 4 +- arch/arm/boot/dts/bcm2837.dtsi | 49 +++++++ arch/arm/boot/dts/exynos5250-pinctrl.dtsi | 2 +- arch/arm/boot/dts/exynos5250-smdk5250.dts | 3 + arch/arm/boot/dts/exynos5420-smdk5420.dts | 3 + arch/arm/boot/dts/qcom-ipq4019.dtsi | 3 +- arch/arm/boot/dts/qcom-msm8960.dtsi | 8 +- arch/arm/boot/dts/sama5d2.dtsi | 2 +- arch/arm/boot/dts/spear1340.dtsi | 6 +- arch/arm/boot/dts/spear13xx.dtsi | 6 +- arch/arm/boot/dts/tegra20-tamonten.dtsi | 6 +- arch/arm/mach-davinci/board-da850-evm.c | 4 +- arch/arm/mach-mmp/sram.c | 22 +-- arch/arm/mach-s3c24xx/mach-jive.c | 6 +- .../arm64/boot/dts/broadcom/northstar2/ns2-svk.dts | 8 +- arch/arm64/boot/dts/broadcom/northstar2/ns2.dtsi | 2 +- arch/arm64/kernel/insn.c | 4 +- arch/arm64/kernel/module.lds | 6 +- arch/mips/dec/prom/Makefile | 2 +- arch/mips/include/asm/dec/prom.h | 15 +- arch/mips/include/asm/setup.h | 2 +- arch/mips/kernel/traps.c | 22 +-- arch/mips/rb532/devices.c | 6 +- arch/powerpc/boot/dts/fsl/t104xrdb.dtsi | 4 +- arch/powerpc/kernel/machine_kexec.c | 15 +- arch/powerpc/kernel/rtas.c | 6 + arch/powerpc/lib/sstep.c | 8 +- arch/powerpc/sysdev/fsl_gtm.c | 4 +- arch/x86/events/intel/pt.c | 2 +- arch/x86/kvm/emulate.c | 14 +- arch/x86/kvm/hyperv.c | 15 ++ arch/x86/kvm/lapic.c | 5 +- arch/x86/kvm/pmu_amd.c | 8 +- arch/x86/power/cpu.c | 21 ++- arch/x86/xen/pmu.c | 10 +- arch/x86/xen/pmu.h | 3 +- arch/x86/xen/smp_pv.c | 2 +- arch/xtensa/boot/dts/xtfpga-flash-128m.dtsi | 8 +- arch/xtensa/boot/dts/xtfpga-flash-16m.dtsi | 8 +- arch/xtensa/boot/dts/xtfpga-flash-4m.dtsi | 4 +- crypto/authenc.c | 2 +- drivers/acpi/acpica/nswalk.c | 3 + drivers/acpi/apei/bert.c | 10 +- drivers/acpi/apei/erst.c | 2 +- drivers/acpi/apei/hest.c | 2 +- drivers/acpi/cppc_acpi.c | 5 + drivers/acpi/property.c | 2 +- drivers/ata/libata-core.c | 3 + drivers/base/power/main.c | 6 +- drivers/block/drbd/drbd_int.h | 8 +- drivers/block/drbd/drbd_nl.c | 41 +++--- drivers/block/drbd/drbd_req.c | 3 +- drivers/block/drbd/drbd_state.c | 18 +-- drivers/block/drbd/drbd_state_change.h | 8 +- drivers/block/loop.c | 10 +- drivers/block/virtio_blk.c | 12 +- drivers/char/hw_random/atmel-rng.c | 1 + drivers/char/tpm/tpm-chip.c | 46 ++---- drivers/char/tpm/tpm.h | 2 + drivers/char/tpm/tpm2-space.c | 65 +++++++++ drivers/char/virtio_console.c | 15 +- drivers/clk/clk-clps711x.c | 2 + drivers/clk/loongson1/clk-loongson1c.c | 1 + drivers/clk/qcom/clk-rcg2.c | 1 + drivers/clk/tegra/clk-emc.c | 1 + drivers/clk/uniphier/clk-uniphier-fixed-rate.c | 1 + drivers/clocksource/acpi_pm.c | 6 +- drivers/crypto/ccp/ccp-dmaengine.c | 16 +++ drivers/crypto/mxs-dcp.c | 2 +- drivers/crypto/vmx/Kconfig | 4 + drivers/dma/sh/shdma-base.c | 4 +- drivers/gpio/gpiolib-acpi.c | 4 +- drivers/gpu/drm/amd/amdgpu/ObjectID.h | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_gfx.c | 2 +- drivers/gpu/drm/amd/amdkfd/kfd_events.c | 2 + drivers/gpu/drm/drm_edid.c | 8 -- drivers/gpu/drm/imx/parallel-display.c | 4 +- drivers/gpu/drm/tegra/dsi.c | 4 +- drivers/gpu/ipu-v3/ipu-di.c | 5 +- drivers/hid/i2c-hid/i2c-hid-core.c | 32 +++-- drivers/hv/ring_buffer.c | 11 +- drivers/hwmon/pmbus/pmbus.h | 1 + drivers/hwmon/pmbus/pmbus_core.c | 18 ++- drivers/hwmon/sch56xx-common.c | 2 +- .../hwtracing/coresight/coresight-etm4x-sysfs.c | 8 +- drivers/i2c/busses/i2c-pasemi.c | 6 + drivers/i2c/busses/i2c-xiic.c | 3 +- drivers/i2c/muxes/i2c-demux-pinctrl.c | 5 +- drivers/iio/adc/twl6030-gpadc.c | 2 + drivers/iio/inkern.c | 40 ++++-- drivers/input/input.c | 6 - drivers/iommu/arm-smmu-v3.c | 1 + drivers/irqchip/irq-nvic.c | 2 + drivers/md/dm-crypt.c | 2 +- drivers/md/dm-ioctl.c | 2 + drivers/media/pci/cx88/cx88-mpeg.c | 3 + drivers/media/platform/coda/coda-common.c | 1 + drivers/media/platform/davinci/vpif.c | 1 + drivers/media/usb/go7007/s2250-board.c | 10 +- drivers/media/usb/hdpvr/hdpvr-video.c | 4 +- drivers/media/usb/stk1160/stk1160-core.c | 2 +- drivers/media/usb/stk1160/stk1160-v4l.c | 10 +- drivers/media/usb/stk1160/stk1160.h | 2 +- drivers/memory/atmel-ebi.c | 23 ++- drivers/memory/emif.c | 8 +- drivers/mfd/asic3.c | 10 +- drivers/mfd/mc13xxx-core.c | 4 +- drivers/misc/kgdbts.c | 4 +- drivers/mmc/core/host.c | 15 +- drivers/mmc/host/sdhci-xenon.c | 10 -- drivers/mtd/nand/atmel/nand-controller.c | 14 +- drivers/mtd/onenand/generic.c | 7 +- drivers/mtd/ubi/build.c | 9 +- drivers/mtd/ubi/fastmap.c | 28 ++-- drivers/mtd/ubi/vmt.c | 8 +- drivers/net/can/usb/ems_usb.c | 1 - drivers/net/can/usb/mcba_usb.c | 27 ++-- drivers/net/can/vxcan.c | 2 +- drivers/net/ethernet/broadcom/bnxt/bnxt_ethtool.c | 4 +- drivers/net/ethernet/mellanox/mlxsw/i2c.c | 1 + drivers/net/ethernet/micrel/Kconfig | 1 + drivers/net/ethernet/qlogic/qed/qed_sriov.c | 29 +++- drivers/net/ethernet/qlogic/qed/qed_sriov.h | 1 + drivers/net/ethernet/qlogic/qlcnic/qlcnic_dcb.h | 10 +- drivers/net/ethernet/stmicro/stmmac/altr_tse_pcs.c | 8 -- drivers/net/ethernet/stmicro/stmmac/altr_tse_pcs.h | 4 + .../net/ethernet/stmicro/stmmac/dwmac-socfpga.c | 13 +- .../net/ethernet/stmicro/stmmac/stmmac_platform.c | 3 +- drivers/net/ethernet/sun/sunhme.c | 6 +- drivers/net/hamradio/6pack.c | 4 +- drivers/net/macvtap.c | 6 + drivers/net/phy/broadcom.c | 21 +++ drivers/net/slip/slip.c | 2 +- drivers/net/veth.c | 2 +- drivers/net/wireless/ath/ath5k/eeprom.c | 3 + drivers/net/wireless/ath/ath9k/htc_hst.c | 5 + drivers/net/wireless/ath/carl9170/main.c | 2 +- .../broadcom/brcm80211/brcmfmac/firmware.c | 2 + .../wireless/broadcom/brcm80211/brcmfmac/pcie.c | 48 +------ drivers/net/wireless/intel/iwlwifi/dvm/mac80211.c | 2 +- drivers/net/wireless/ray_cs.c | 6 + drivers/parisc/dino.c | 41 ++++-- drivers/parisc/gsc.c | 31 +++++ drivers/parisc/gsc.h | 1 + drivers/parisc/lasi.c | 7 +- drivers/parisc/wax.c | 7 +- drivers/pci/access.c | 9 +- drivers/pci/host/pci-aardvark.c | 16 +-- drivers/pci/hotplug/pciehp_hpc.c | 2 + drivers/perf/qcom_l2_pmu.c | 6 +- drivers/pinctrl/mediatek/pinctrl-mtk-common.c | 2 + drivers/pinctrl/nomadik/pinctrl-nomadik.c | 4 +- drivers/pinctrl/pinconf-generic.c | 6 +- drivers/pinctrl/pinctrl-rockchip.c | 2 + drivers/pinctrl/samsung/pinctrl-samsung.c | 30 +++- drivers/power/reset/gemini-poweroff.c | 4 +- drivers/power/supply/ab8500_fg.c | 4 +- drivers/power/supply/axp20x_battery.c | 13 +- drivers/power/supply/bq24190_charger.c | 7 +- drivers/power/supply/wm8350_power.c | 97 +++++++++++-- drivers/ptp/ptp_sysfs.c | 4 +- drivers/pwm/pwm-lpc18xx-sct.c | 20 ++- drivers/remoteproc/qcom_wcnss.c | 1 + drivers/rtc/rtc-wm8350.c | 11 +- drivers/scsi/aha152x.c | 6 +- drivers/scsi/bfa/bfad_attr.c | 26 ++-- drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c | 2 +- drivers/scsi/libfc/fc_exch.c | 1 + drivers/scsi/libsas/sas_ata.c | 2 +- drivers/scsi/mvsas/mv_init.c | 5 +- drivers/scsi/pm8001/pm8001_hwi.c | 13 +- drivers/scsi/pm8001/pm80xx_hwi.c | 11 +- drivers/scsi/qla2xxx/qla_init.c | 2 +- drivers/scsi/qla2xxx/qla_target.c | 1 + drivers/scsi/zorro7xx.c | 2 + drivers/soc/ti/wkup_m3_ipc.c | 4 +- drivers/spi/spi-pxa2xx-pci.c | 17 ++- drivers/spi/spi-tegra114.c | 4 + drivers/spi/spi-tegra20-slink.c | 8 +- drivers/spi/spi.c | 4 +- drivers/staging/iio/adc/ad7280a.c | 4 +- drivers/target/target_core_user.c | 3 +- drivers/thermal/int340x_thermal/int3400_thermal.c | 2 +- drivers/tty/hvc/hvc_iucv.c | 4 +- drivers/tty/mxser.c | 15 +- drivers/tty/serial/8250/8250_mid.c | 19 ++- drivers/tty/serial/8250/8250_port.c | 12 ++ drivers/tty/serial/kgdboc.c | 6 +- drivers/tty/serial/samsung.c | 5 +- drivers/usb/dwc3/dwc3-omap.c | 2 +- drivers/usb/serial/Kconfig | 1 + drivers/usb/serial/pl2303.c | 1 + drivers/usb/serial/pl2303.h | 3 + drivers/usb/serial/usb-serial-simple.c | 7 + drivers/usb/storage/ene_ub6250.c | 155 ++++++++++----------- drivers/usb/storage/realtek_cr.c | 2 +- drivers/video/fbdev/atafb.c | 12 +- drivers/video/fbdev/cirrusfb.c | 16 +-- drivers/video/fbdev/core/fbcvt.c | 53 +++---- drivers/video/fbdev/nvidia/nv_i2c.c | 2 +- .../fbdev/omap2/omapfb/displays/connector-dvi.c | 1 + .../fbdev/omap2/omapfb/displays/panel-dsi-cm.c | 8 +- .../omap2/omapfb/displays/panel-sony-acx565akm.c | 2 +- .../omap2/omapfb/displays/panel-tpo-td043mtea1.c | 4 +- drivers/video/fbdev/sm712fb.c | 46 ++---- drivers/video/fbdev/smscufx.c | 3 +- drivers/video/fbdev/w100fb.c | 15 +- drivers/w1/slaves/w1_therm.c | 8 +- fs/btrfs/extent_io.h | 2 +- fs/cifs/link.c | 3 + fs/ext2/super.c | 6 +- fs/ext4/inode.c | 25 ++++ fs/fuse/dev.c | 12 +- fs/fuse/file.c | 1 + fs/fuse/fuse_i.h | 2 + fs/gfs2/rgrp.c | 3 +- fs/jffs2/build.c | 4 +- fs/jffs2/fs.c | 2 +- fs/jffs2/scan.c | 6 +- fs/jfs/inode.c | 3 +- fs/jfs/jfs_dmap.c | 7 + fs/nfs/callback_proc.c | 27 ++-- fs/nfs/callback_xdr.c | 4 - fs/nfs/direct.c | 48 ++++--- fs/nfs/file.c | 4 +- fs/nfs/pnfs.c | 11 ++ fs/nfs/pnfs.h | 2 + fs/nfsd/nfsproc.c | 2 +- fs/nfsd/xdr.h | 2 +- fs/ntfs/inode.c | 4 + fs/ubifs/dir.c | 19 ++- fs/ubifs/ioctl.c | 2 +- include/linux/blkdev.h | 8 ++ include/linux/mmzone.h | 11 +- include/linux/netdevice.h | 6 +- include/linux/nfs_fs.h | 8 +- include/linux/pci.h | 1 + include/net/sock.h | 25 +++- include/net/xfrm.h | 9 +- init/main.c | 6 +- kernel/cgroup/cgroup-internal.h | 19 +++ kernel/cgroup/cgroup-v1.c | 33 +++-- kernel/cgroup/cgroup.c | 81 ++++++++--- kernel/events/core.c | 3 + kernel/power/hibernate.c | 2 +- kernel/power/suspend_test.c | 8 +- kernel/printk/printk.c | 6 +- kernel/ptrace.c | 47 +++++-- kernel/sched/debug.c | 10 -- kernel/smp.c | 2 +- lib/raid6/test/test.c | 1 - lib/test_kmod.c | 1 + mm/kmemleak.c | 8 +- mm/memcontrol.c | 2 +- mm/memory.c | 25 +++- mm/mempolicy.c | 9 +- mm/mmap.c | 2 +- mm/mremap.c | 3 + mm/page_alloc.c | 11 +- mm/rmap.c | 25 +++- net/bluetooth/hci_event.c | 3 +- net/can/raw.c | 2 +- net/ipv4/raw.c | 2 +- net/ipv4/tcp_output.c | 5 +- net/ipv6/raw.c | 7 +- net/key/af_key.c | 6 +- net/netfilter/nf_conntrack_proto_tcp.c | 17 ++- net/netlink/af_netlink.c | 2 + net/nfc/nci/core.c | 4 + net/openvswitch/flow_netlink.c | 4 +- net/packet/af_packet.c | 6 +- net/smc/smc_core.c | 2 +- net/sunrpc/sched.c | 4 +- net/sunrpc/xprt.c | 7 + net/sunrpc/xprtrdma/transport.c | 4 +- net/x25/af_x25.c | 11 +- net/xfrm/xfrm_policy.c | 24 ++-- net/xfrm/xfrm_user.c | 14 +- scripts/gcc-plugins/latent_entropy_plugin.c | 44 +++--- security/selinux/xfrm.c | 2 +- security/smack/smack_lsm.c | 2 +- security/tomoyo/load_policy.c | 4 +- sound/core/pcm_misc.c | 2 +- sound/firewire/fcp.c | 4 +- sound/isa/cs423x/cs4236.c | 8 +- sound/soc/atmel/atmel_ssc_dai.c | 5 +- sound/soc/atmel/sam9g20_wm8731.c | 1 + sound/soc/codecs/msm8916-wcd-digital.c | 5 +- sound/soc/codecs/wm8350.c | 28 +++- sound/soc/davinci/davinci-i2s.c | 5 +- sound/soc/fsl/imx-es8328.c | 1 + sound/soc/mxs/mxs-saif.c | 5 +- sound/soc/mxs/mxs-sgtl5000.c | 3 + sound/soc/sh/fsi.c | 19 ++- sound/soc/soc-core.c | 2 +- sound/soc/soc-generic-dmaengine-pcm.c | 6 +- sound/soc/soc-topology.c | 3 +- sound/spi/at73c213.c | 27 +++- tools/build/feature/Makefile | 2 +- tools/testing/selftests/x86/check_cc.sh | 2 +- virt/kvm/kvm_main.c | 13 ++ 302 files changed, 1919 insertions(+), 1013 deletions(-)

1 year, 7 months

11
298
0 0

[PATCH v2] iio: light: tsl2583: Fix module unloading

by Shreeya Patel

tsl2583 uses devm_iio_device_register() function and calling iio_device_unregister() in remove breaks the module unloading. Fix this by using iio_device_register() instead of devm_iio_device_register() function in probe. Cc: stable(a)vger.kernel.org Fixes: 371894f5d1a0 ("iio: tsl2583: add runtime power management support") Signed-off-by: Shreeya Patel <shreeya.patel(a)collabora.com> --- Changes in v2 - Use iio_device_register() instead of devm_iio_device_register() - Add fixes and stable tags drivers/iio/light/tsl2583.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/iio/light/tsl2583.c b/drivers/iio/light/tsl2583.c index 82662dab87c0..94d75ec687c3 100644 --- a/drivers/iio/light/tsl2583.c +++ b/drivers/iio/light/tsl2583.c @@ -858,7 +858,7 @@ static int tsl2583_probe(struct i2c_client *clientp, TSL2583_POWER_OFF_DELAY_MS); pm_runtime_use_autosuspend(&clientp->dev); - ret = devm_iio_device_register(indio_dev->dev.parent, indio_dev); + ret = iio_device_register(indio_dev); if (ret) { dev_err(&clientp->dev, "%s: iio registration failed\n", __func__); -- 2.30.2

1 year, 7 months

2
4
0 0

[PATCH AUTOSEL 5.4 01/16] Revert "evm: Fix memleak in init_desc"

by Sasha Levin

From: Xiu Jianfeng <xiujianfeng(a)huawei.com> [ Upstream commit 51dd64bb99e4478fc5280171acd8e1b529eadaf7 ] This reverts commit ccf11dbaa07b328fa469415c362d33459c140a37. Commit ccf11dbaa07b ("evm: Fix memleak in init_desc") said there is memleak in init_desc. That may be incorrect, as we can see, tmp_tfm is saved in one of the two global variables hmac_tfm or evm_tfm[hash_algo], then if init_desc is called next time, there is no need to alloc tfm again, so in the error path of kmalloc desc or crypto_shash_init(desc), It is not a problem without freeing tmp_tfm. And also that commit did not reset the global variable to NULL after freeing tmp_tfm and this makes *tfm a dangling pointer which may cause a UAF issue. Reported-by: Guozihua (Scott) <guozihua(a)huawei.com> Signed-off-by: Xiu Jianfeng <xiujianfeng(a)huawei.com> Signed-off-by: Mimi Zohar <zohar(a)linux.ibm.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- security/integrity/evm/evm_crypto.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c index 25dac691491b..ee6bd945f3d6 100644 --- a/security/integrity/evm/evm_crypto.c +++ b/security/integrity/evm/evm_crypto.c @@ -75,7 +75,7 @@ static struct shash_desc *init_desc(char type, uint8_t hash_algo) { long rc; const char *algo; - struct crypto_shash **tfm, *tmp_tfm = NULL; + struct crypto_shash **tfm, *tmp_tfm; struct shash_desc *desc; if (type == EVM_XATTR_HMAC) { @@ -120,16 +120,13 @@ static struct shash_desc *init_desc(char type, uint8_t hash_algo) alloc: desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(*tfm), GFP_KERNEL); - if (!desc) { - crypto_free_shash(tmp_tfm); + if (!desc) return ERR_PTR(-ENOMEM); - } desc->tfm = *tfm; rc = crypto_shash_init(desc); if (rc) { - crypto_free_shash(tmp_tfm); kfree(desc); return ERR_PTR(rc); } -- 2.35.1

1 year, 7 months

3
18
0 0

[PATCH v2 1/3] slimbus: qcom-ngd: use correct error in message of pdr_add_lookup() failure

by Krzysztof Kozlowski

Use correct error code, instead of previous 'ret' value, when printing error from pdr_add_lookup() failure. Cc: <stable(a)vger.kernel.org> Fixes: e1ae85e1830e ("slimbus: qcom-ngd-ctrl: add Protection Domain Restart Support") Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> --- Changes since v1: 1. Correct typo 2. Return 'ret' instead of again PTR_ERR --- drivers/slimbus/qcom-ngd-ctrl.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/slimbus/qcom-ngd-ctrl.c b/drivers/slimbus/qcom-ngd-ctrl.c index 0aa8408464ad..f4f330b9fa72 100644 --- a/drivers/slimbus/qcom-ngd-ctrl.c +++ b/drivers/slimbus/qcom-ngd-ctrl.c @@ -1581,8 +1581,9 @@ static int qcom_slim_ngd_ctrl_probe(struct platform_device *pdev) pds = pdr_add_lookup(ctrl->pdr, "avs/audio", "msm/adsp/audio_pd"); if (IS_ERR(pds) && PTR_ERR(pds) != -EALREADY) { + ret = PTR_ERR(pds); dev_err(dev, "pdr add lookup failed: %d\n", ret); - return PTR_ERR(pds); + return ret; } platform_driver_register(&qcom_slim_ngd_driver); -- 2.34.1

1 year, 7 months

2
2
0 0

[PATCH AUTOSEL 5.19 01/33] firmware: dmi: Use the proper accessor for the version field

by Sasha Levin

From: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> [ Upstream commit d2139dfca361a1f5bfc4d4a23455b1a409a69cd4 ] The byte at offset 6 represents length. Don't take it and drop it immediately by using proper accessor, i.e. get_unaligned_be24(). [JD: Change the subject to something less frightening] Signed-off-by: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Signed-off-by: Jean Delvare <jdelvare(a)suse.de> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/firmware/dmi_scan.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/firmware/dmi_scan.c b/drivers/firmware/dmi_scan.c index f191a1f901ac7..0eb6b617f709a 100644 --- a/drivers/firmware/dmi_scan.c +++ b/drivers/firmware/dmi_scan.c @@ -630,7 +630,7 @@ static int __init dmi_smbios3_present(const u8 *buf) { if (memcmp(buf, "_SM3_", 5) == 0 && buf[6] < 32 && dmi_checksum(buf, buf[6])) { - dmi_ver = get_unaligned_be32(buf + 6) & 0xFFFFFF; + dmi_ver = get_unaligned_be24(buf + 7); dmi_num = 0; /* No longer specified */ dmi_len = get_unaligned_le32(buf + 12); dmi_base = get_unaligned_le64(buf + 16); -- 2.35.1

1 year, 7 months

4
37
0 0

[REGRESSION] v5.17-rc1+: FIFREEZE ioctl system call hangs

by Thomas Deutschmann

Hi, while trying to backup a Dell R7525 system running Debian bookworm/testing using LVM snapshots I noticed that the system will 'freeze' sometimes (not all the times) when creating the snapshot. First I thought this was related to LVM so I created https://listman.redhat.com/archives/linux-lvm/2022-July/026228.html (continued at https://listman.redhat.com/archives/linux-lvm/2022-August/thread.html#26229) Long story short: I was even able to reproduce with fsfreeze, see last strace lines > [...] > 14471 1659449870.984635 openat(AT_FDCWD, "/var/lib/machines", O_RDONLY) = 3 > 14471 1659449870.984658 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 > 14471 1659449870.984678 ioctl(3, FIFREEZE so I started to bisect kernel and found the following bad commit: > md: add support for REQ_NOWAIT > > commit 021a24460dc2 ("block: add QUEUE_FLAG_NOWAIT") added support > for checking whether a given bdev supports handling of REQ_NOWAIT or not. > Since then commit 6abc49468eea ("dm: add support for REQ_NOWAIT and enable > it for linear target") added support for REQ_NOWAIT for dm. This uses > a similar approach to incorporate REQ_NOWAIT for md based bios. > > This patch was tested using t/io_uring tool within FIO. A nvme drive > was partitioned into 2 partitions and a simple raid 0 configuration > /dev/md0 was created. > > md0 : active raid0 nvme4n1p1[1] nvme4n1p2[0] > 937423872 blocks super 1.2 512k chunks > > Before patch: > > $ ./t/io_uring /dev/md0 -p 0 -a 0 -d 1 -r 100 > > Running top while the above runs: > > $ ps -eL | grep $(pidof io_uring) > > 38396 38396 pts/2 00:00:00 io_uring > 38396 38397 pts/2 00:00:15 io_uring > 38396 38398 pts/2 00:00:13 iou-wrk-38397 > > We can see iou-wrk-38397 io worker thread created which gets created > when io_uring sees that the underlying device (/dev/md0 in this case) > doesn't support nowait. > > After patch: > > $ ./t/io_uring /dev/md0 -p 0 -a 0 -d 1 -r 100 > > Running top while the above runs: > > $ ps -eL | grep $(pidof io_uring) > > 38341 38341 pts/2 00:10:22 io_uring > 38341 38342 pts/2 00:10:37 io_uring > > After running this patch, we don't see any io worker thread > being created which indicated that io_uring saw that the > underlying device does support nowait. This is the exact behaviour > noticed on a dm device which also supports nowait. > > For all the other raid personalities except raid0, we would need > to train pieces which involves make_request fn in order for them > to correctly handle REQ_NOWAIT. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i d=f51d46d0e7cb5b8494aa534d276a9d8915a2443d After reverting this commit (and follow up commit 0f9650bd838efe5c52f7e5f40c3204ad59f1964d) v5.18.15 and v5.19 worked for me again. At this point I still wonder why I experienced the same problem even after I removed one nvme device from the mdraid array and tested it separately. So maybe there is another nowait/REQ_NOWAIT problem somewhere. During bisect I only tested against the mdraid array. #regzbot introduced: f51d46d0e7cb5b8494aa534d276a9d8915a2443d #regzbot link: https://listman.redhat.com/archives/linux-lvm/2022-July/026228.html #regzbot link: https://listman.redhat.com/archives/linux-lvm/2022-August/thread.html#26229 -- Regards, Thomas

1 year, 7 months

5
21
0 0

Regression in 5.19.0: USB errors during boot

by Alan J. Wylie

Apologies for the delay in reporting this: I messed up my first attempt at bisecting, then I've spent a week going to, enjoying, returning from and recovering from a music festival. Up to and including 5.18.18 things are fine. With 5.19.0 (and .1 and .2) I see lots of errors and hangs on the USB2 chipset, e.g. $ grep "usb 9-4" dmesg.5.19.2 [ 6.669075] usb 9-4: new full-speed USB device number 2 using ohci-pci [ 6.829087] usb 9-4: device descriptor read/64, error -32 [ 7.097094] usb 9-4: device descriptor read/64, error -32 [ 7.361087] usb 9-4: new full-speed USB device number 3 using ohci-pci [ 7.521152] usb 9-4: device descriptor read/64, error -32 [ 7.789066] usb 9-4: device descriptor read/64, error -32 [ 8.081070] usb 9-4: new full-speed USB device number 4 using ohci-pci [ 8.497138] usb 9-4: device not accepting address 4, error -32 [ 8.653140] usb 9-4: new full-speed USB device number 5 using ohci-pci [ 9.069141] usb 9-4: device not accepting address 5, error -32 $ $ grep "usb 1-2" dmesg.5.19.2 [ 5.917102] usb 1-2: new high-speed USB device number 2 using ehci-pci [ 6.277076] usb 1-2: device descriptor read/64, error -71 [ 6.513143] usb 1-2: device descriptor read/64, error -32 [ 6.753146] usb 1-2: new high-speed USB device number 3 using ehci-pci [ 6.881143] usb 1-2: device descriptor read/64, error -32 [ 7.117144] usb 1-2: device descriptor read/64, error -32 [ 7.429141] usb 1-2: new high-speed USB device number 4 using ehci-pci [ 7.845134] usb 1-2: device not accepting address 4, error -32 [ 7.977142] usb 1-2: new high-speed USB device number 5 using ehci-pci [ 8.393158] usb 1-2: device not accepting address 5, error -32 $ the USB port is then no longer usable This is not reproducible on the other chipset (USB3) on this machine, nor on two other systems. Swapping USB cables doesn't help. I have bisected it to $ git bisect bad 78013eaadf696d2105982abb4018fbae394ca08f is the first bad commit commit 78013eaadf696d2105982abb4018fbae394ca08f Author: Christoph Hellwig <hch(a)lst.de> Date: Mon Feb 14 14:11:44 2022 +0100 x86: remove the IOMMU table infrastructure however it will not easily revert I'll be more than happy to assist with any debugging/testing. $ git revert 78013eaadf696d2105982abb4018fbae394ca08f Auto-merging arch/x86/include/asm/dma-mapping.h CONFLICT (content): Merge conflict in arch/x86/include/asm/dma-mapping.h Auto-merging arch/x86/include/asm/iommu.h Auto-merging arch/x86/include/asm/xen/swiotlb-xen.h Auto-merging arch/x86/kernel/Makefile Auto-merging arch/x86/kernel/pci-dma.c CONFLICT (content): Merge conflict in arch/x86/kernel/pci-dma.c Auto-merging arch/x86/kernel/vmlinux.lds.S Auto-merging drivers/iommu/amd/init.c Auto-merging drivers/iommu/amd/iommu.c CONFLICT (content): Merge conflict in drivers/iommu/amd/iommu.c Auto-merging drivers/iommu/intel/dmar.c error: could not revert 78013eaadf69... x86: remove the IOMMU table infrastructure # dmidecode | grep -A2 "^Base Board" Base Board Information Manufacturer: Gigabyte Technology Co., Ltd. Product Name: 970A-DS3P # # lspci -nn | grep -i usb 00:12.0 USB controller [0c03]: Advanced Micro Devices, Inc. [AMD/ATI] SB7x0/SB8x0/SB9x0 USB OHCI0 Controller [1002:4397] 00:12.2 USB controller [0c03]: Advanced Micro Devices, Inc. [AMD/ATI] SB7x0/SB8x0/SB9x0 USB EHCI Controller [1002:4396] 00:13.0 USB controller [0c03]: Advanced Micro Devices, Inc. [AMD/ATI] SB7x0/SB8x0/SB9x0 USB OHCI0 Controller [1002:4397] 00:13.2 USB controller [0c03]: Advanced Micro Devices, Inc. [AMD/ATI] SB7x0/SB8x0/SB9x0 USB EHCI Controller [1002:4396] 00:14.5 USB controller [0c03]: Advanced Micro Devices, Inc. [AMD/ATI] SB7x0/SB8x0/SB9x0 USB OHCI2 Controller [1002:4399] 00:16.0 USB controller [0c03]: Advanced Micro Devices, Inc. [AMD/ATI] SB7x0/SB8x0/SB9x0 USB OHCI0 Controller [1002:4397] 00:16.2 USB controller [0c03]: Advanced Micro Devices, Inc. [AMD/ATI] SB7x0/SB8x0/SB9x0 USB EHCI Controller [1002:4396] 02:00.0 USB controller [0c03]: VIA Technologies, Inc. VL805/806 xHCI USB 3.0 Controller [1106:3483] (rev 01) # # lspci -v -s 00:12 00:12.0 USB controller: Advanced Micro Devices, Inc. [AMD/ATI] SB7x0/SB8x0/SB9x0 USB OHCI0 Controller (prog-if 10 [OHCI]) Subsystem: Gigabyte Technology Co., Ltd GA-880GMA-USB3 Flags: bus master, 66MHz, medium devsel, latency 32, IRQ 18 Memory at fe50a000 (32-bit, non-prefetchable) [size=4K] Kernel driver in use: ohci-pci Kernel modules: ohci_pci 00:12.2 USB controller: Advanced Micro Devices, Inc. [AMD/ATI] SB7x0/SB8x0/SB9x0 USB EHCI Controller (prog-if 20 [EHCI]) Subsystem: Gigabyte Technology Co., Ltd GA-880GMA-USB3 Flags: bus master, 66MHz, medium devsel, latency 32, IRQ 17 Memory at fe509000 (32-bit, non-prefetchable) [size=256] Capabilities: [c0] Power Management version 2 Capabilities: [e4] Debug port: BAR=1 offset=00e0 Kernel driver in use: ehci-pci Kernel modules: ehci_pci # # lsusb Bus 005 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 009 Device 002: ID 067b:2303 Prolific Technology, Inc. PL2303 Serial Port / Mobile Action MA-8910P Bus 009 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 008 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 004 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 007 Device 002: ID 03f0:0317 HP, Inc LaserJet 1200 Bus 007 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 001 Device 002: ID 04e8:6860 Samsung Electronics Co., Ltd Galaxy A5 (MTP) Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 006 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 003 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub Bus 002 Device 002: ID 2109:3431 VIA Labs, Inc. Hub Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub # $ git bisect log git bisect start # good: [4b0986a3613c92f4ec1bdc7f60ec66fea135991f] Linux 5.18 git bisect good 4b0986a3613c92f4ec1bdc7f60ec66fea135991f # good: [07e0b709cab7dc987b5071443789865e20481119] Linux 5.18.18 git bisect good 07e0b709cab7dc987b5071443789865e20481119 # bad: [3d7cb6b04c3f3115719235cc6866b10326de34cd] Linux 5.19 git bisect bad 3d7cb6b04c3f3115719235cc6866b10326de34cd # bad: [c011dd537ffe47462051930413fed07dbdc80313] Merge tag 'arm-soc-5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc git bisect bad c011dd537ffe47462051930413fed07dbdc80313 # good: [7e062cda7d90543ac8c7700fc7c5527d0c0f22ad] Merge tag 'net-next-5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next git bisect good 7e062cda7d90543ac8c7700fc7c5527d0c0f22ad # good: [f8122500a039abeabfff41b0ad8b6a2c94c1107d] Merge branch 'etnaviv/next' of https://git.pengutronix.de/git/lst/linux into drm-next git bisect good f8122500a039abeabfff41b0ad8b6a2c94c1107d # good: [2518f226c60d8e04d18ba4295500a5b0b8ac7659] Merge tag 'drm-next-2022-05-25' of git://anongit.freedesktop.org/drm/drm git bisect good 2518f226c60d8e04d18ba4295500a5b0b8ac7659 # good: [f7a344468105ef8c54086dfdc800e6f5a8417d3e] ASoC: max98090: Move check for invalid values before casting in max98090_put_enab_tlv() git bisect good f7a344468105ef8c54086dfdc800e6f5a8417d3e # good: [fbe86daca0ba878b04fa241b85e26e54d17d4229] Merge tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi git bisect good fbe86daca0ba878b04fa241b85e26e54d17d4229 # good: [709c8632597c3276cd21324b0256628f1a7fd4df] xfs: rework deferred attribute operation setup git bisect good 709c8632597c3276cd21324b0256628f1a7fd4df # bad: [babf0bb978e3c9fce6c4eba6b744c8754fd43d8e] Merge tag 'xfs-5.19-for-linus' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux git bisect bad babf0bb978e3c9fce6c4eba6b744c8754fd43d8e # bad: [8b728edc5be161799434cc17e1279db2f8eabe29] Merge tag 'fs_for_v5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs git bisect bad 8b728edc5be161799434cc17e1279db2f8eabe29 # bad: [3f70356edf5611c28a68d8d5a9c2b442c9eb81e6] swiotlb: merge swiotlb-xen initialization into swiotlb git bisect bad 3f70356edf5611c28a68d8d5a9c2b442c9eb81e6 # good: [f39f8d0eb081407e470396fd4cc376c526d13066] MIPS/octeon: use swiotlb_init instead of open coding it git bisect good f39f8d0eb081407e470396fd4cc376c526d13066 # bad: [c6af2aa9ffc9763826607bc2664ef3ea4475ed18] swiotlb: make the swiotlb_init interface more useful git bisect bad c6af2aa9ffc9763826607bc2664ef3ea4475ed18 # bad: [a3e230926708125205ffd06d3dc2175a8263ae7e] x86: centralize setting SWIOTLB_FORCE when guest memory encryption is enabled git bisect bad a3e230926708125205ffd06d3dc2175a8263ae7e # bad: [78013eaadf696d2105982abb4018fbae394ca08f] x86: remove the IOMMU table infrastructure git bisect bad 78013eaadf696d2105982abb4018fbae394ca08f # first bad commit: [78013eaadf696d2105982abb4018fbae394ca08f] x86: remove the IOMMU table infrastructure $ -- Alan J. Wylie https://www.wylie.me.uk/ Dance like no-one's watching. / Encrypt like everyone is. Security is inversely proportional to convenience

1 year, 7 months

4
8
0 0

[PATCH v3] iommu/virtio: Fix interaction with VFIO

by Jean-Philippe Brucker

Commit e8ae0e140c05 ("vfio: Require that devices support DMA cache coherence") requires IOMMU drivers to advertise IOMMU_CAP_CACHE_COHERENCY, in order to be used by VFIO. Since VFIO does not provide to userspace the ability to maintain coherency through cache invalidations, it requires hardware coherency. Advertise the capability in order to restore VFIO support. The meaning of IOMMU_CAP_CACHE_COHERENCY also changed from "IOMMU can enforce cache coherent DMA transactions" to "IOMMU_CACHE is supported". While virtio-iommu cannot enforce coherency (of PCIe no-snoop transactions), it does support IOMMU_CACHE. We can distinguish different cases of non-coherent DMA: (1) When accesses from a hardware endpoint are not coherent. The host would describe such a device using firmware methods ('dma-coherent' in device-tree, '_CCA' in ACPI), since they are also needed without a vIOMMU. In this case mappings are created without IOMMU_CACHE. virtio-iommu doesn't need any additional support. It sends the same requests as for coherent devices. (2) When the physical IOMMU supports non-cacheable mappings. Supporting those would require a new feature in virtio-iommu, new PROBE request property and MAP flags. Device drivers would use a new API to discover this since it depends on the architecture and the physical IOMMU. (3) When the hardware supports PCIe no-snoop. It is possible for assigned PCIe devices to issue no-snoop transactions, and the virtio-iommu specification is lacking any mention of this. Arm platforms don't necessarily support no-snoop, and those that do cannot enforce coherency of no-snoop transactions. Device drivers must be careful about assuming that no-snoop transactions won't end up cached; see commit e02f5c1bb228 ("drm: disable uncached DMA optimization for ARM and arm64"). On x86 platforms, the host may or may not enforce coherency of no-snoop transactions with the physical IOMMU. But according to the above commit, on x86 a driver which assumes that no-snoop DMA is compatible with uncached CPU mappings will also work if the host enforces coherency. Although these issues are not specific to virtio-iommu, it could be used to facilitate discovery and configuration of no-snoop. This would require a new feature bit, PROBE property and ATTACH/MAP flags. Cc: stable(a)vger.kernel.org Fixes: e8ae0e140c05 ("vfio: Require that devices support DMA cache coherence") Signed-off-by: Jean-Philippe Brucker <jean-philippe(a)linaro.org> --- Since v2 [1], I tried to refine the commit message. This fix is needed for v5.19 and v6.0. I can improve the check once Robin's change [2] is merged: capable(IOMMU_CAP_CACHE_COHERENCY) could return dev->dma_coherent for case (1) above. [1] https://lore.kernel.org/linux-iommu/20220818163801.1011548-1-jean-philippe@… [2] https://lore.kernel.org/linux-iommu/d8bd8777d06929ad8f49df7fc80e1b9af32a41b… --- drivers/iommu/virtio-iommu.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/drivers/iommu/virtio-iommu.c b/drivers/iommu/virtio-iommu.c index 08eeafc9529f..80151176ba12 100644 --- a/drivers/iommu/virtio-iommu.c +++ b/drivers/iommu/virtio-iommu.c @@ -1006,7 +1006,18 @@ static int viommu_of_xlate(struct device *dev, struct of_phandle_args *args) return iommu_fwspec_add_ids(dev, args->args, 1); } +static bool viommu_capable(enum iommu_cap cap) +{ + switch (cap) { + case IOMMU_CAP_CACHE_COHERENCY: + return true; + default: + return false; + } +} + static struct iommu_ops viommu_ops = { + .capable = viommu_capable, .domain_alloc = viommu_domain_alloc, .probe_device = viommu_probe_device, .probe_finalize = viommu_probe_finalize, -- 2.37.1

1 year, 7 months

3
2
0 0

[PATCH v2 1/2] drm/amdgpu: Move HDP remapping earlier during init

by Lijo Lazar

HDP flush is used early in the init sequence as part of memory controller block initialization. Hence remapping of HDP registers needed for flush needs to happen earlier. This also fixes the Unsupported Request error reported through AER during driver load. The error happens as a write happens to the remap offset before real remapping is done. Link: https://bugzilla.kernel.org/show_bug.cgi?id=216373 The error was unnoticed before and got visible because of the commit referenced below. This doesn't fix anything in the commit below, rather fixes the issue in amdgpu exposed by the commit. The reference is only to associate this commit with below one so that both go together. Fixes: 8795e182b02d ("PCI/portdrv: Don't disable AER reporting in get_port_device_capability()") Reported-by: Tom Seewald <tseewald(a)gmail.com> Signed-off-by: Lijo Lazar <lijo.lazar(a)amd.com> Cc: stable(a)vger.kernel.org --- v2: Take care of IP resume cases (Alex Deucher) Add NULL check to nbio.funcs to cover older (GFXv8) ASICs (Felix Kuehling) Add more details in commit message and associate with AER patch (Bjorn Helgaas) drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 24 ++++++++++++++++++++++ drivers/gpu/drm/amd/amdgpu/nv.c | 6 ------ drivers/gpu/drm/amd/amdgpu/soc15.c | 6 ------ drivers/gpu/drm/amd/amdgpu/soc21.c | 6 ------ 4 files changed, 24 insertions(+), 18 deletions(-) diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_device.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_device.c index ce7d117efdb5..e420118769a5 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_device.c +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_device.c @@ -2334,6 +2334,26 @@ static int amdgpu_device_init_schedulers(struct amdgpu_device *adev) return 0; } +/** + * amdgpu_device_prepare_ip - prepare IPs for hardware initialization + * + * @adev: amdgpu_device pointer + * + * Any common hardware initialization sequence that needs to be done before + * hw init of individual IPs is performed here. This is different from the + * 'common block' which initializes a set of IPs. + */ +static void amdgpu_device_prepare_ip(struct amdgpu_device *adev) +{ + /* Remap HDP registers to a hole in mmio space, for the purpose + * of exposing those registers to process space. This needs to be + * done before hw init of ip blocks to take care of HDP flush + * operations through registers during hw_init. + */ + if (adev->nbio.funcs && adev->nbio.funcs->remap_hdp_registers && + !amdgpu_sriov_vf(adev)) + adev->nbio.funcs->remap_hdp_registers(adev); +} /** * amdgpu_device_ip_init - run init for hardware IPs @@ -2376,6 +2396,8 @@ static int amdgpu_device_ip_init(struct amdgpu_device *adev) DRM_ERROR("amdgpu_vram_scratch_init failed %d\n", r); goto init_failed; } + + amdgpu_device_prepare_ip(adev); r = adev->ip_blocks[i].version->funcs->hw_init((void *)adev); if (r) { DRM_ERROR("hw_init %d failed %d\n", i, r); @@ -3058,6 +3080,7 @@ static int amdgpu_device_ip_reinit_early_sriov(struct amdgpu_device *adev) AMD_IP_BLOCK_TYPE_IH, }; + amdgpu_device_prepare_ip(adev); for (i = 0; i < adev->num_ip_blocks; i++) { int j; struct amdgpu_ip_block *block; @@ -3139,6 +3162,7 @@ static int amdgpu_device_ip_resume_phase1(struct amdgpu_device *adev) { int i, r; + amdgpu_device_prepare_ip(adev); for (i = 0; i < adev->num_ip_blocks; i++) { if (!adev->ip_blocks[i].status.valid || adev->ip_blocks[i].status.hw) continue; diff --git a/drivers/gpu/drm/amd/amdgpu/nv.c b/drivers/gpu/drm/amd/amdgpu/nv.c index b3fba8dea63c..3ac7fef74277 100644 --- a/drivers/gpu/drm/amd/amdgpu/nv.c +++ b/drivers/gpu/drm/amd/amdgpu/nv.c @@ -1032,12 +1032,6 @@ static int nv_common_hw_init(void *handle) nv_program_aspm(adev); /* setup nbio registers */ adev->nbio.funcs->init_registers(adev); - /* remap HDP registers to a hole in mmio space, - * for the purpose of expose those registers - * to process space - */ - if (adev->nbio.funcs->remap_hdp_registers && !amdgpu_sriov_vf(adev)) - adev->nbio.funcs->remap_hdp_registers(adev); /* enable the doorbell aperture */ nv_enable_doorbell_aperture(adev, true); diff --git a/drivers/gpu/drm/amd/amdgpu/soc15.c b/drivers/gpu/drm/amd/amdgpu/soc15.c index fde6154f2009..a0481e37d7cf 100644 --- a/drivers/gpu/drm/amd/amdgpu/soc15.c +++ b/drivers/gpu/drm/amd/amdgpu/soc15.c @@ -1240,12 +1240,6 @@ static int soc15_common_hw_init(void *handle) soc15_program_aspm(adev); /* setup nbio registers */ adev->nbio.funcs->init_registers(adev); - /* remap HDP registers to a hole in mmio space, - * for the purpose of expose those registers - * to process space - */ - if (adev->nbio.funcs->remap_hdp_registers && !amdgpu_sriov_vf(adev)) - adev->nbio.funcs->remap_hdp_registers(adev); /* enable the doorbell aperture */ soc15_enable_doorbell_aperture(adev, true); diff --git a/drivers/gpu/drm/amd/amdgpu/soc21.c b/drivers/gpu/drm/amd/amdgpu/soc21.c index 55284b24f113..16b447055102 100644 --- a/drivers/gpu/drm/amd/amdgpu/soc21.c +++ b/drivers/gpu/drm/amd/amdgpu/soc21.c @@ -660,12 +660,6 @@ static int soc21_common_hw_init(void *handle) soc21_program_aspm(adev); /* setup nbio registers */ adev->nbio.funcs->init_registers(adev); - /* remap HDP registers to a hole in mmio space, - * for the purpose of expose those registers - * to process space - */ - if (adev->nbio.funcs->remap_hdp_registers) - adev->nbio.funcs->remap_hdp_registers(adev); /* enable the doorbell aperture */ soc21_enable_doorbell_aperture(adev, true); -- 2.25.1

1 year, 7 months

3
12
0 0

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror August 2022