September 2022 - Linux-stable-mirror

[PATCH 4.19 000/338] 4.19.238-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.19.238 release. There are 338 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat, 16 Apr 2022 11:07:54 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.19.238-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.19.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.19.238-rc1 Felix Kuehling <Felix.Kuehling(a)amd.com> drm/amdkfd: Use drm_priv to pass VM from KFD to amdgpu Bas Nieuwenhuizen <bas(a)basnieuwenhuizen.nl> drm/amdgpu: Check if fd really is an amdgpu fd. Xin Long <lucien.xin(a)gmail.com> xfrm: policy: match with both mark and mask on user interfaces Tejun Heo <tj(a)kernel.org> selftests: cgroup: Test open-time cgroup namespace usage for migration checks Tejun Heo <tj(a)kernel.org> selftests: cgroup: Test open-time credential usage for migration checks Tejun Heo <tj(a)kernel.org> selftests: cgroup: Make cg_create() use 0755 for permission instead of 0644 Tejun Heo <tj(a)kernel.org> cgroup: Use open-time cgroup namespace for process migration perm checks Tejun Heo <tj(a)kernel.org> cgroup: Allocate cgroup_file_ctx for kernfs_open_file->priv Tejun Heo <tj(a)kernel.org> cgroup: Use open-time credentials for process migraton perm checks Waiman Long <longman(a)redhat.com> mm/sparsemem: fix 'mem_section' will never be NULL gcc 12 warning Fangrui Song <maskray(a)google.com> arm64: module: remove (NOLOAD) from linker script Peter Xu <peterx(a)redhat.com> mm: don't skip swap entry even if zap_details specified Vinod Koul <vkoul(a)kernel.org> dmaengine: Revert "dmaengine: shdma: Fix runtime PM imbalance on error" Arnaldo Carvalho de Melo <acme(a)redhat.com> tools build: Use $(shell ) instead of `` to get embedded libperl's ccopts Arnaldo Carvalho de Melo <acme(a)redhat.com> tools build: Filter out options and warnings not supported by clang Marc Zyngier <maz(a)kernel.org> irqchip/gic-v3: Fix GICR_CTLR.RWP polling Xiaomeng Tong <xiam0nd.tong(a)gmail.com> perf: qcom_l2_pmu: fix an incorrect NULL check on list iterator Christian Lamparter <chunkeey(a)gmail.com> ata: sata_dwc_460ex: Fix crash due to OOB write Guo Ren <guoren(a)linux.alibaba.com> arm64: patch_text: Fixup last cpu should be master Ethan Lien <ethanlien(a)synology.com> btrfs: fix qgroup reserve overflow the qgroup limit Pawan Gupta <pawan.kumar.gupta(a)linux.intel.com> x86/speculation: Restore speculation related MSRs during S3 resume Pawan Gupta <pawan.kumar.gupta(a)linux.intel.com> x86/pm: Save the MSR validity status at context setup Miaohe Lin <linmiaohe(a)huawei.com> mm/mempolicy: fix mpol_new leak in shared_policy_replace Paolo Bonzini <pbonzini(a)redhat.com> mmmremap.c: avoid pointless invalidate_range_start/end on mremap(old_size=0) Wolfram Sang <wsa+renesas(a)sang-engineering.com> mmc: renesas_sdhi: don't overwrite TAP settings when HS400 tuning is complete Pali Rohár <pali(a)kernel.org> Revert "mmc: sdhci-xenon: fix annoying 1.8V regulator warning" Lv Yunlong <lyl2019(a)mail.ustc.edu.cn> drbd: Fix five use after free bugs in get_initial_state Kamal Dasu <kdasu.kdev(a)gmail.com> spi: bcm-qspi: fix MSPI only access with bcm_qspi_exec_mem_op() Jamie Bainbridge <jamie.bainbridge(a)gmail.com> qede: confirm skb is allocated before using Eric Dumazet <edumazet(a)google.com> rxrpc: fix a race in rxrpc_exit_net() Ilya Maximets <i.maximets(a)ovn.org> net: openvswitch: don't send internal clone attribute to the userspace. José Expósito <jose.exposito89(a)gmail.com> drm/imx: Fix memory leak in imx_pd_connector_get_modes Chen-Yu Tsai <wens(a)csie.org> net: stmmac: Fix unset max_speed difference between DT and non-DT platforms Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one() Guilherme G. Piccoli <gpiccoli(a)igalia.com> Drivers: hv: vmbus: Fix potential crash on module unload Dan Carpenter <dan.carpenter(a)oracle.com> drm/amdgpu: fix off by one in amdgpu_gfx_kiq_acquire() James Morse <james.morse(a)arm.com> KVM: arm64: Check arm64_get_bp_hardening_data() didn't return NULL Mauricio Faria de Oliveira <mfo(a)canonical.com> mm: fix race between MADV_FREE reclaim and blkdev direct IO read Willem de Bruijn <willemb(a)google.com> net: add missing SOF_TIMESTAMPING_OPT_ID support Helge Deller <deller(a)gmx.de> parisc: Fix CPU affinity for Lasi, WAX and Dino chips Haimin Zhang <tcs_kernel(a)tencent.com> jfs: prevent NULL deref in diFree Randy Dunlap <rdunlap(a)infradead.org> virtio_console: eliminate anonymous module_init & module_exit Jiri Slaby <jslaby(a)suse.cz> serial: samsung_tty: do not unlock port->lock for uart_write_wakeup() NeilBrown <neilb(a)suse.de> NFS: swap-out must always use STABLE writes. NeilBrown <neilb(a)suse.de> NFS: swap IO handling is slightly different for O_DIRECT IO NeilBrown <neilb(a)suse.de> SUNRPC/call_alloc: async tasks mustn't block waiting for memory Maxime Ripard <maxime(a)cerno.tech> clk: Enforce that disjoints limits are invalid Dongli Zhang <dongli.zhang(a)oracle.com> xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32 Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4: Protect the state recovery thread against direct reclaim Lucas Denefle <lucas.denefle(a)converge.io> w1: w1_therm: fixes w1_seq for ds28ea00 sensors Qinghua Jin <qhjin.dev(a)gmail.com> minix: fix bug when opening a file with O_DIRECT Randy Dunlap <rdunlap(a)infradead.org> init/main.c: return 1 from handled __setup() functions Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: Fix use after free in hci_send_acl Max Filippov <jcmvbkbc(a)gmail.com> xtensa: fix DTC warning unit_address_format H. Nikolaus Schaller <hns(a)goldelico.com> usb: dwc3: omap: fix "unbalanced disables for smps10_out1" on omap5evm Jianglei Nie <niejianglei2021(a)163.com> scsi: libfc: Fix use after free in fc_exch_abts_resp() Alexander Lobakin <alobakin(a)pm.me> MIPS: fix fortify panic when copying asm exception handlers Michael Chan <michael.chan(a)broadcom.com> bnxt_en: Eliminate unintended link toggle during FW reset Sven Eckelmann <sven(a)narfation.org> macvtap: advertise link netns via netlink Dust Li <dust.li(a)linux.alibaba.com> net/smc: correct settings of RMB window update limit Randy Dunlap <rdunlap(a)infradead.org> scsi: aha152x: Fix aha152x_setup() __setup handler return value Damien Le Moal <damien.lemoal(a)opensource.wdc.com> scsi: pm8001: Fix pm8001_mpi_task_abort_resp() Alex Deucher <alexander.deucher(a)amd.com> drm/amdkfd: make CRAT table missing message informational only Jordy Zomer <jordy(a)jordyzomer.github.io> dm ioctl: prevent potential spectre v1 gadget Ido Schimmel <idosch(a)nvidia.com> ipv4: Invalidate neighbour for broadcast address upon address addition Manivannan Sadhasivam <manivannan.sadhasivam(a)linaro.org> PCI: pciehp: Add Qualcomm quirk for Command Completed erratum Neal Liu <neal_liu(a)aspeedtech.com> usb: ehci: add pci device support for Aspeed platforms Zhou Guanghui <zhouguanghui1(a)huawei.com> iommu/arm-smmu-v3: fix event handling soft lockup Pali Rohár <pali(a)kernel.org> PCI: aardvark: Fix support for MSI interrupts Sourabh Jain <sourabhjain(a)linux.ibm.com> powerpc: Set crashkernel offset to mid of RMA region Evgeny Boger <boger(a)wirenboard.com> power: supply: axp20x_battery: properly report current when discharging Yang Guang <yang.guang5(a)zte.com.cn> scsi: bfa: Replace snprintf() with sysfs_emit() Yang Guang <yang.guang5(a)zte.com.cn> scsi: mvsas: Replace snprintf() with sysfs_emit() Maxim Kiselev <bigunclemax(a)gmail.com> powerpc: dts: t104xrdb: fix phy type for FMAN 4/5 Yang Guang <yang.guang5(a)zte.com.cn> ptp: replace snprintf with sysfs_emit Xin Xiong <xiongx18(a)fudan.edu.cn> drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj Zekun Shen <bruceshenzk(a)gmail.com> ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 Anisse Astier <anisse(a)astier.eu> drm: Add orientation quirk for GPD Win Max Jim Mattson <jmattson(a)google.com> KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs Randy Dunlap <rdunlap(a)infradead.org> ARM: 9187/1: JIVE: fix return value of __setup handler Fangrui Song <maskray(a)google.com> riscv module: remove (NOLOAD) Jiasheng Jiang <jiasheng(a)iscas.ac.cn> rtc: wm8350: Handle error for wm8350_register_irq Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: Rectify space amount budget for mkdir/tmpfile operations Vitaly Kuznetsov <vkuznets(a)redhat.com> KVM: x86: Forbid VMM to set SYNIC/STIMER MSRs when SynIC wasn't activated Martin Varghese <martin.varghese(a)nokia.com> openvswitch: Fixed nd target mask field in the flow dump. Anton Ivanov <anton.ivanov(a)cambridgegreys.com> um: Fix uml_mconsole stop/go Kuldeep Singh <singh.kuldeep87k(a)gmail.com> ARM: dts: spear13xx: Update SPI dma properties Kuldeep Singh <singh.kuldeep87k(a)gmail.com> ARM: dts: spear1340: Update serial node properties Amadeusz Sławiński <amadeuszx.slawinski(a)linux.intel.com> ASoC: topology: Allow TLV control to be either read or write Zhihao Cheng <chengzhihao1(a)huawei.com> ubi: fastmap: Return error code if memory allocation fails in add_aeb() Hengqi Chen <hengqi.chen(a)gmail.com> bpf: Fix comment for helper bpf_current_task_under_cgroup() Randy Dunlap <rdunlap(a)infradead.org> mm/usercopy: return 1 from hardened_usercopy __setup() handler Randy Dunlap <rdunlap(a)infradead.org> mm/memcontrol: return 1 from cgroup.memory __setup() handler Randy Dunlap <rdunlap(a)infradead.org> mm/mmap: return 1 from stack_guard_gap __setup() handler Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> ACPI: CPPC: Avoid out of bounds access when parsing _CPC data Baokun Li <libaokun1(a)huawei.com> ubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl Chen-Yu Tsai <wenst(a)chromium.org> pinctrl: pinconf-generic: Print arguments for bias-pull-* Andrew Price <anprice(a)redhat.com> gfs2: Make sure FITRIM minlen is rounded up to fs block size Pavel Skripkin <paskripkin(a)gmail.com> can: mcba_usb: properly check endpoint type Hangyu Hua <hbh25y(a)gmail.com> can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path Baokun Li <libaokun1(a)huawei.com> ubifs: rename_whiteout: correct old_dir size computing Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock() Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: setflags: Make dirtied_ino_d 8 bytes aligned Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: Add missing iput if do_tmpfile() failed in rename whiteout Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: Fix deadlock in concurrent rename whiteout and inode writeback Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: rename_whiteout: Fix double free for whiteout_ui->data Li RongQing <lirongqing(a)baidu.com> KVM: x86: fix sending PV IPI David Matlack <dmatlack(a)google.com> KVM: Prevent module exit until all VMs are freed Manish Rangankar <mrangankar(a)marvell.com> scsi: qla2xxx: Use correct feature type field during RFF_ID processing Quinn Tran <qutran(a)marvell.com> scsi: qla2xxx: Reduce false trigger to login Quinn Tran <qutran(a)marvell.com> scsi: qla2xxx: Fix hang due to session stuck Quinn Tran <qutran(a)marvell.com> scsi: qla2xxx: Fix incorrect reporting of task management failure Saurav Kashyap <skashyap(a)marvell.com> scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair() Joe Carnuccio <joe.carnuccio(a)cavium.com> scsi: qla2xxx: Check for firmware dump already collected Nilesh Javali <njavali(a)marvell.com> scsi: qla2xxx: Fix warning for missing error code Quinn Tran <qutran(a)marvell.com> scsi: qla2xxx: Fix stuck session in gpdb Anders Roxell <anders.roxell(a)linaro.org> powerpc: Fix build errors with newer binutils Anders Roxell <anders.roxell(a)linaro.org> powerpc/lib/sstep: Fix build errors with newer binutils Anders Roxell <anders.roxell(a)linaro.org> powerpc/lib/sstep: Fix 'sthcx' instruction Ulf Hansson <ulf.hansson(a)linaro.org> mmc: host: Return an error when ->enable_sdio_irq() ops is missing Dongliang Mu <mudongliangabcd(a)gmail.com> media: hdpvr: initialize dev->worker at hdpvr_register_videodev Pavel Skripkin <paskripkin(a)gmail.com> media: Revert "media: em28xx: add missing em28xx_close_extension" Zheyu Ma <zheyuma97(a)gmail.com> video: fbdev: sm712fb: Fix crash in smtcfb_write() Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> ARM: mmp: Fix failure to remove sram device Richard Leitner <richard.leitner(a)skidata.com> ARM: tegra: tamonten: Fix I2C3 pad setting Daniel González Cabanelas <dgcbueu(a)gmail.com> media: cx88-mpeg: clear interrupt status register before streaming video Shengjiu Wang <shengjiu.wang(a)nxp.com> ASoC: soc-core: skip zero num_dai component in searching dai name Jing Yao <yao.jing2(a)zte.com.cn> video: fbdev: udlfb: replace snprintf in show functions with sysfs_emit Jing Yao <yao.jing2(a)zte.com.cn> video: fbdev: omapfb: panel-tpo-td043mtea1: Use sysfs_emit() instead of snprintf() Jing Yao <yao.jing2(a)zte.com.cn> video: fbdev: omapfb: panel-dsi-cm: Use sysfs_emit() instead of snprintf() Ard Biesheuvel <ardb(a)kernel.org> ARM: ftrace: avoid redundant loads or clobbering IP Richard Schleich <rs(a)noreya.tech> ARM: dts: bcm2837: Add the missing L1/L2 cache information David Heidelberg <david(a)ixit.cz> ARM: dts: qcom: fix gic_irq_domain_translate warnings for msm8960 Yang Guang <yang.guang5(a)zte.com.cn> video: fbdev: omapfb: acx565akm: replace snprintf with sysfs_emit George Kennedy <george.kennedy(a)oracle.com> video: fbdev: cirrusfb: check pixclock to avoid divide by zero Evgeny Novikov <novikov(a)ispras.ru> video: fbdev: w100fb: Reset global state Tim Gardner <tim.gardner(a)canonical.com> video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow Dongliang Mu <mudongliangabcd(a)gmail.com> ntfs: add sanity check on allocation size Theodore Ts'o <tytso(a)mit.edu> ext4: don't BUG if someone dirty pages without asking ext4 first Minghao Chi <chi.minghao(a)zte.com.cn> spi: tegra20: Use of_device_get_match_data() Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> PM: core: keep irq flags in device_pm_check_callbacks() Darren Hart <darren(a)os.amperecomputing.com> ACPI/APEI: Limit printable size of BERT table data Paolo Valente <paolo.valente(a)linaro.org> Revert "Revert "block, bfq: honor already-setup queue merges"" Paul Menzel <pmenzel(a)molgen.mpg.de> lib/raid6/test/Makefile: Use $(pound) instead of \# for Make 4.3 Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> ACPICA: Avoid walking the ACPI Namespace if it is not there Zhang Wensheng <zhangwensheng5(a)huawei.com> bfq: fix use-after-free in bfq_dispatch_request Souptick Joarder (HPE) <jrdr.linux(a)gmail.com> irqchip/nvic: Release nvic_base upon failure Marc Zyngier <maz(a)kernel.org> irqchip/qcom-pdc: Fix broken locking Casey Schaufler <casey(a)schaufler-ca.com> Fix incorrect type in assignment of ipv6 port for audit Chaitanya Kulkarni <kch(a)nvidia.com> loop: use sysfs_emit() in the sysfs xxx show() Christian Göttsche <cgzones(a)googlemail.com> selinux: use correct type for context length Dan Carpenter <dan.carpenter(a)oracle.com> lib/test: use after free in register_test_dev_kmod() Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4/pNFS: Fix another issue with a list iterator pointing to the head Duoming Zhou <duoming(a)zju.edu.cn> net/x25: Fix null-ptr-deref caused by x25_disconnect Tom Rix <trix(a)redhat.com> qlcnic: dcb: default to returning -EOPNOTSUPP Florian Fainelli <f.fainelli(a)gmail.com> net: phy: broadcom: Fix brcm_fet_config_init() Juergen Gross <jgross(a)suse.com> xen: fix is_xen_pmu() Konrad Dybcio <konrad.dybcio(a)somainline.org> clk: qcom: gcc-msm8994: Fix gpll4 width Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options Pavel Skripkin <paskripkin(a)gmail.com> jfs: fix divide error in dbNextAG Randy Dunlap <rdunlap(a)infradead.org> kgdbts: fix return value of __setup handler Randy Dunlap <rdunlap(a)infradead.org> kgdboc: fix return value of __setup handler Randy Dunlap <rdunlap(a)infradead.org> tty: hvc: fix return value of __setup handler Miaoqian Lin <linmq006(a)gmail.com> pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe Miaoqian Lin <linmq006(a)gmail.com> pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe Miaoqian Lin <linmq006(a)gmail.com> pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init Alexey Khoroshilov <khoroshilov(a)ispras.ru> NFS: remove unneeded check in decode_devicenotify_args() Miaoqian Lin <linmq006(a)gmail.com> clk: tegra: tegra124-emc: Fix missing put_device() call in emc_ensure_emc_driver Jonathan Neuschäfer <j.neuschaefer(a)gmx.net> clk: clps711x: Terminate clk_div_table with sentinel element Jonathan Neuschäfer <j.neuschaefer(a)gmx.net> clk: loongson1: Terminate clk_div_table with sentinel element Jonathan Neuschäfer <j.neuschaefer(a)gmx.net> clk: actions: Terminate clk_div_table with sentinel element Miaoqian Lin <linmq006(a)gmail.com> remoteproc: qcom_wcnss: Add missing of_node_put() in wcnss_alloc_memory_region Taniya Das <tdas(a)codeaurora.org> clk: qcom: clk-rcg2: Update the frac table for pixel clock Randy Dunlap <rdunlap(a)infradead.org> dma-debug: fix return value of __setup handlers Jiasheng Jiang <jiasheng(a)iscas.ac.cn> iio: adc: Add check for devm_request_threaded_irq Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> serial: 8250: Fix race condition in RTS-after-send handling Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> serial: 8250_mid: Balance reference count for PCI DMA device Dirk Buchwalder <buchwalder(a)posteo.de> clk: qcom: ipq8074: Use floor ops for SDCC1 clock Jonathan Cameron <Jonathan.Cameron(a)huawei.com> staging:iio:adc:ad7280a: Fix handing of device address bit reversing. Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> pwm: lpc18xx-sct: Initialize driver data and hardware before pwmchip_add() Jiri Slaby <jslaby(a)suse.cz> mxser: fix xmit_buf leak in activate when LSR == 0xff Miaoqian Lin <linmq006(a)gmail.com> mfd: asic3: Add missing iounmap() on error asic3_mfd_probe Jakub Kicinski <kuba(a)kernel.org> tcp: ensure PMTU updates are processed during fastopen Jeremy Linton <jeremy.linton(a)arm.com> net: bcmgenet: Use stronger register read/writes to assure ordering Hangbin Liu <liuhangbin(a)gmail.com> selftests/bpf/test_lirc_mode2.sh: Exit with proper code Peter Rosin <peda(a)axentia.se> i2c: mux: demux-pinctrl: do not deactivate a master that is not active Petr Machata <petrm(a)nvidia.com> af_netlink: Fix shift out of bounds in group mask calculation Dan Carpenter <dan.carpenter(a)oracle.com> USB: storage: ums-realtek: fix error code in rts51x_read_mem() Xin Xiong <xiongx18(a)fudan.edu.cn> mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init Randy Dunlap <rdunlap(a)infradead.org> MIPS: RB532: fix return value of __setup handler Oliver Hartkopp <socketcan(a)hartkopp.net> vxcan: enable local echo for sent CAN frames Jiasheng Jiang <jiasheng(a)iscas.ac.cn> mfd: mc13xxx: Add check for mc13xxx_irq_request Jakob Koschel <jakobkoschel(a)gmail.com> powerpc/sysdev: fix incorrect use to determine if list is empty Mark Tomlinson <mark.tomlinson(a)alliedtelesis.co.nz> PCI: Reduce warnings on possible RW1C corruption Jiasheng Jiang <jiasheng(a)iscas.ac.cn> power: supply: wm8350-power: Add missing free in free_charger_irq Jiasheng Jiang <jiasheng(a)iscas.ac.cn> power: supply: wm8350-power: Handle error for wm8350_register_irq Robert Hancock <robert.hancock(a)calian.com> i2c: xiic: Make bus names unique Anssi Hannula <anssi.hannula(a)bitwise.fi> hv_balloon: rate-limit "Unhandled message" warning Hou Wenlong <houwenlong.hwl(a)antgroup.com> KVM: x86/emulator: Defer not-present segment check in __load_segment_descriptor() Zhenzhong Duan <zhenzhong.duan(a)intel.com> KVM: x86: Fix emulation in writing cr8 Michael Ellerman <mpe(a)ellerman.id.au> powerpc/Makefile: Don't pass -mcpu=powerpc64 when building 32-bit Nishanth Menon <nm(a)ti.com> drm/bridge: cdns-dsi: Make sure to to create proper aliases for dt Hans de Goede <hdegoede(a)redhat.com> power: supply: bq24190_charger: Fix bq24190_vbus_is_enabled() wrong false return Miaoqian Lin <linmq006(a)gmail.com> drm/tegra: Fix reference leak in tegra_dsi_ganged_probe Zhang Yi <yi.zhang(a)huawei.com> ext2: correct max file size computing Randy Dunlap <rdunlap(a)infradead.org> TOMOYO: fix __setup handlers return values Damien Le Moal <damien.lemoal(a)opensource.wdc.com> scsi: pm8001: Fix abort all task initialization Damien Le Moal <damien.lemoal(a)opensource.wdc.com> scsi: pm8001: Fix payload initialization in pm80xx_set_thermal_config() Damien Le Moal <damien.lemoal(a)opensource.wdc.com> scsi: pm8001: Fix command initialization in pm8001_chip_ssp_tm_req() Damien Le Moal <damien.lemoal(a)opensource.wdc.com> scsi: pm8001: Fix command initialization in pm80XX_send_read_log() Aashish Sharma <shraash(a)google.com> dm crypt: fix get_key_size compiler warning if !CONFIG_KEYS Colin Ian King <colin.king(a)canonical.com> iwlwifi: Fix -EIO error code that is never returned Dmitry Torokhov <dmitry.torokhov(a)gmail.com> HID: i2c-hid: fix GET/SET_REPORT for unnumbered reports Miaoqian Lin <linmq006(a)gmail.com> power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init Jiasheng Jiang <jiasheng(a)iscas.ac.cn> ray_cs: Check ioremap return value Miaoqian Lin <linmq006(a)gmail.com> power: reset: gemini-poweroff: Fix IRQ check in gemini_poweroff_probe Fabiano Rosas <farosas(a)linux.ibm.com> KVM: PPC: Fix vmx/vsx mixup in mmio emulation Pavel Skripkin <paskripkin(a)gmail.com> ath9k_htc: fix uninit value bugs Zhou Qingyang <zhou1615(a)umn.edu> drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes() Maxime Ripard <maxime(a)cerno.tech> drm/edid: Don't clear formats if using deep color Jiasheng Jiang <jiasheng(a)iscas.ac.cn> mtd: onenand: Check for error irq Pavel Skripkin <paskripkin(a)gmail.com> Bluetooth: hci_serdev: call init_rwsem() before p->open() Wen Gong <quic_wgong(a)quicinc.com> ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern Miaoqian Lin <linmq006(a)gmail.com> drm/bridge: Fix free wrong object in sii8620_init_rcp_input_dev Jiasheng Jiang <jiasheng(a)iscas.ac.cn> mmc: davinci_mmc: Handle error for clk_enable Miaoqian Lin <linmq006(a)gmail.com> ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in msm8916_wcd_digital_probe Wang Wensheng <wangwensheng4(a)huawei.com> ASoC: imx-es8328: Fix error return code in imx_es8328_probe() Miaoqian Lin <linmq006(a)gmail.com> ASoC: mxs: Fix error handling in mxs_sgtl5000_probe Codrin Ciubotariu <codrin.ciubotariu(a)microchip.com> ASoC: dmaengine: do not use a NULL prepare_slave_config() callback Miaoqian Lin <linmq006(a)gmail.com> video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of Jiasheng Jiang <jiasheng(a)iscas.ac.cn> ASoC: fsi: Add check for clk_enable Jiasheng Jiang <jiasheng(a)iscas.ac.cn> ASoC: wm8350: Handle error for wm8350_register_irq Miaoqian Lin <linmq006(a)gmail.com> ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe Dafna Hirschfeld <dafna.hirschfeld(a)collabora.com> media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED Takashi Sakamoto <o-takashi(a)sakamocchi.jp> ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction Jia-Ju Bai <baijiaju1990(a)gmail.com> memory: emif: check the pointer temp in get_device_details() Jiasheng Jiang <jiasheng(a)iscas.ac.cn> memory: emif: Add check for setup_interrupts Jiasheng Jiang <jiasheng(a)iscas.ac.cn> ASoC: atmel_ssc_dai: Handle errors for clk_enable Jiasheng Jiang <jiasheng(a)iscas.ac.cn> ASoC: mxs-saif: Handle errors for clk_enable Randy Dunlap <rdunlap(a)infradead.org> printk: fix return value of printk.devkmsg __setup handler Frank Wunderlich <frank-w(a)public-files.de> arm64: dts: broadcom: Fix sata nodename Kuldeep Singh <singh.kuldeep87k(a)gmail.com> arm64: dts: ns2: Fix spi-cpol and spi-cpha property Jiasheng Jiang <jiasheng(a)iscas.ac.cn> ALSA: spi: Add check for clk_enable() Jiasheng Jiang <jiasheng(a)iscas.ac.cn> ASoC: ti: davinci-i2s: Add check for clk_enable() Jia-Ju Bai <baijiaju1990(a)gmail.com> ASoC: rt5663: check the return value of devm_kzalloc() in rt5663_parse_dp() Dan Carpenter <dan.carpenter(a)oracle.com> media: usb: go7007: s2250-board: fix leak in probe() Dongliang Mu <mudongliangabcd(a)gmail.com> media: em28xx: initialize refcount before kref_get Miaoqian Lin <linmq006(a)gmail.com> soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe Pavel Kubelun <be.dissent(a)gmail.com> ARM: dts: qcom: ipq4019: fix sleep clock Dan Carpenter <dan.carpenter(a)oracle.com> video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() Wang Hai <wanghai38(a)huawei.com> video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() Miaoqian Lin <linmq006(a)gmail.com> media: coda: Fix missing put_device() call in coda_get_vdoa_data Adrian Hunter <adrian.hunter(a)intel.com> perf/x86/intel/pt: Fix address filter config for 32-bit kernel Adrian Hunter <adrian.hunter(a)intel.com> perf/core: Fix address filter parser for multiple filters Bharata B Rao <bharata(a)amd.com> sched/debug: Remove mpol_get/put and task_lock/unlock from sched_show_numa Randy Dunlap <rdunlap(a)infradead.org> clocksource: acpi_pm: fix return value of __setup handler Brandon Wyman <bjwyman(a)gmail.com> hwmon: (pmbus) Add Vin unit off handling Dāvis Mosāns <davispuh(a)gmail.com> crypto: ccp - ccp_dmaengine_unregister release dma channels Randy Dunlap <rdunlap(a)infradead.org> ACPI: APEI: fix return value of __setup handlers Guillaume Ranquet <granquet(a)baylibre.com> clocksource/drivers/timer-of: Check return value of of_iomap in timer_of_base_init() Petr Vorel <pvorel(a)suse.cz> crypto: vmx - add missing dependencies Claudiu Beznea <claudiu.beznea(a)microchip.com> hwrng: atmel - disable trng on failure path Randy Dunlap <rdunlap(a)infradead.org> PM: suspend: fix return value of __setup handler Randy Dunlap <rdunlap(a)infradead.org> PM: hibernate: fix __setup handler error handling Eric Biggers <ebiggers(a)google.com> block: don't delete queue kobject before its children Armin Wolf <W_Armin(a)gmx.de> hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING Patrick Rudolph <patrick.rudolph(a)9elements.com> hwmon: (pmbus) Add mutex to regulator ops Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> spi: pxa2xx-pci: Balance reference count for PCI DMA device Muhammad Usama Anjum <usama.anjum(a)collabora.com> selftests/x86: Add validity check and allow field splitting Miaoqian Lin <linmq006(a)gmail.com> spi: tegra114: Add missing IRQ check in tegra_spi_probe Tomas Paukrt <tomaspaukrt(a)email.cz> crypto: mxs-dcp - Fix scatterlist processing Herbert Xu <herbert(a)gondor.apana.org.au> crypto: authenc - Fix sleep in atomic context in decrypt_tail kernel test robot <lkp(a)intel.com> regulator: qcom_smd: fix for_each_child.cocci warnings Liguang Zhang <zhangliguang(a)linux.alibaba.com> PCI: pciehp: Clear cmd_busy bit in polling mode Hector Martin <marcan(a)marcan.st> brcmfmac: pcie: Replace brcmf_pcie_copy_mem_todev with memcpy_toio Hector Martin <marcan(a)marcan.st> brcmfmac: firmware: Allocate space for default boardrev in nvram Johan Hovold <johan(a)kernel.org> media: davinci: vpif: fix unbalanced runtime PM get Maciej W. Rozycki <macro(a)orcam.me.uk> DEC: Limit PMAX memory probing to R3k systems Dirk Müller <dmueller(a)suse.de> lib/raid6/test: fix multiple definition linking error Srinivas Pandruvada <srinivas.pandruvada(a)linux.intel.com> thermal: int340x: Increase bitmap size Colin Ian King <colin.i.king(a)gmail.com> carl9170: fix missing bit-wise or operator for tx_params Krzysztof Kozlowski <krzysztof.kozlowski(a)canonical.com> ARM: dts: exynos: add missing HDMI supplies on SMDK5420 Krzysztof Kozlowski <krzysztof.kozlowski(a)canonical.com> ARM: dts: exynos: add missing HDMI supplies on SMDK5250 Krzysztof Kozlowski <krzysztof.kozlowski(a)canonical.com> ARM: dts: exynos: fix UART3 pins configuration in Exynos5250 Tudor Ambarus <tudor.ambarus(a)microchip.com> ARM: dts: at91: sama5d2: Fix PMERRLOC resource size Michael Schmitz <schmitzmic(a)gmail.com> video: fbdev: atari: Atari 2 bpp (STe) palette bugfix Helge Deller <deller(a)gmx.de> video: fbdev: sm712fb: Fix crash in smtcfb_read() Cooper Chiou <cooper.chiou(a)intel.com> drm/edid: check basic audio support on CEA extension block Tejun Heo <tj(a)kernel.org> block: don't merge across cgroup boundaries if blkcg is enabled Duoming Zhou <duoming(a)zju.edu.cn> drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() Sakari Ailus <sakari.ailus(a)linux.intel.com> ACPI: properties: Consistently return -ENOENT if there are no more references Andreas Gruenbacher <agruenba(a)redhat.com> powerpc/kvm: Fix kvm_use_magic_page Lars Ellenberg <lars.ellenberg(a)linbit.com> drbd: fix potential silent data corruption Rik van Riel <riel(a)surriel.com> mm,hwpoison: unmap poisoned page before invalidation Kai-Heng Feng <kai.heng.feng(a)canonical.com> ALSA: hda/realtek: Fix audio regression on Mi Notebook Pro 2020 Xiaomeng Tong <xiam0nd.tong(a)gmail.com> ALSA: cs4236: fix an incorrect NULL check on list iterator José Expósito <jose.exposito89(a)gmail.com> Revert "Input: clear BTN_RIGHT/MIDDLE on buttonpads" Manish Chopra <manishc(a)marvell.com> qed: validate and restrict untrusted VFs vlan promisc mode Manish Chopra <manishc(a)marvell.com> qed: display VF trust config Damien Le Moal <damien.lemoal(a)opensource.wdc.com> scsi: libsas: Fix sas_ata_qc_issue() handling of NCQ NON DATA commands Hugh Dickins <hughd(a)google.com> mempolicy: mbind_range() set_policy() after vma_merge() Rik van Riel <riel(a)surriel.com> mm: invalidate hwpoison page cache page in fault path Alistair Popple <apopple(a)nvidia.com> mm/pages_alloc.c: don't create ZONE_MOVABLE beyond the end of a node Baokun Li <libaokun1(a)huawei.com> jffs2: fix memory leak in jffs2_scan_medium Baokun Li <libaokun1(a)huawei.com> jffs2: fix memory leak in jffs2_do_mount_fs Baokun Li <libaokun1(a)huawei.com> jffs2: fix use-after-free in jffs2_clear_xattr_subsystem Hangyu Hua <hbh25y(a)gmail.com> can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path Krzysztof Kozlowski <krzysztof.kozlowski(a)canonical.com> pinctrl: samsung: drop pin banks references on error paths Chao Yu <chao(a)kernel.org> f2fs: fix to unlock page correctly in error path of is_alive() Dan Carpenter <dan.carpenter(a)oracle.com> NFSD: prevent integer overflow on 32 bit systems Dan Carpenter <dan.carpenter(a)oracle.com> NFSD: prevent underflow in nfssvc_decode_writeargs() NeilBrown <neilb(a)suse.de> SUNRPC: avoid race between mod_timer() and del_timer_sync() Bagas Sanjaya <bagasdotme(a)gmail.com> Documentation: update stable tree link Bagas Sanjaya <bagasdotme(a)gmail.com> Documentation: add link to stable release candidate tree Jann Horn <jannh(a)google.com> ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE Kunihiko Hayashi <hayashi.kunihiko(a)socionext.com> clk: uniphier: Fix fixed-rate initialization Liam Beguin <liambeguin(a)gmail.com> iio: inkern: make a best effort on offset calculation Liam Beguin <liambeguin(a)gmail.com> iio: inkern: apply consumer scale when no channel scale is available Liam Beguin <liambeguin(a)gmail.com> iio: inkern: apply consumer scale on IIO_VAL_INT cases Liam Beguin <liambeguin(a)gmail.com> iio: afe: rescale: use s64 for temporary scale calculations James Clark <james.clark(a)arm.com> coresight: Fix TRCCONFIGR.QE sysfs interface Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: make xhci_handshake timeout for xhci_reset() adjustable Alan Stern <stern(a)rowland.harvard.edu> USB: usb-storage: Fix use of bitfields for hardware data in ene_ub6250.c Xie Yongji <xieyongji(a)bytedance.com> virtio-blk: Use blk_validate_block_size() to validate block size Xie Yongji <xieyongji(a)bytedance.com> block: Add a helper to validate the block size Lino Sanfilippo <LinoSanfilippo(a)gmx.de> tpm: fix reference counting for struct tpm_chip Miklos Szeredi <mszeredi(a)redhat.com> fuse: fix pipe buffer lifetime for direct_io Haimin Zhang <tcs_kernel(a)tencent.com> af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register Biju Das <biju.das.jz(a)bp.renesas.com> spi: Fix erroneous sgs value with min_t() Minghao Chi (CGEL ZTE) <chi.minghao(a)zte.com.cn> net:mcf8390: Use platform_get_irq() to get the interrupt Biju Das <biju.das.jz(a)bp.renesas.com> spi: Fix invalid sgs value Zheyu Ma <zheyuma97(a)gmail.com> ethernet: sun: Free the coherent when failing in probing Michael S. Tsirkin <mst(a)redhat.com> virtio_console: break out of buf poll on remove Lina Wang <lina.wang(a)mediatek.com> xfrm: fix tunnel model fragmentation behavior Yajun Deng <yajun.deng(a)linux.dev> netdevice: add the case if dev is NULL Randy Dunlap <rdunlap(a)infradead.org> hv: utils: add PTP_1588_CLOCK to Kconfig to fix build Johan Hovold <johan(a)kernel.org> USB: serial: simple: add Nokia phone driver Eddie James <eajames(a)linux.ibm.com> USB: serial: pl2303: add IBM device IDs ------------- Diffstat: Documentation/process/stable-kernel-rules.rst | 11 +- Makefile | 4 +- arch/arm/boot/dts/bcm2837.dtsi | 49 ++++++ arch/arm/boot/dts/exynos5250-pinctrl.dtsi | 2 +- arch/arm/boot/dts/exynos5250-smdk5250.dts | 3 + arch/arm/boot/dts/exynos5420-smdk5420.dts | 3 + arch/arm/boot/dts/qcom-ipq4019.dtsi | 3 +- arch/arm/boot/dts/qcom-msm8960.dtsi | 8 +- arch/arm/boot/dts/sama5d2.dtsi | 2 +- arch/arm/boot/dts/spear1340.dtsi | 6 +- arch/arm/boot/dts/spear13xx.dtsi | 6 +- arch/arm/boot/dts/tegra20-tamonten.dtsi | 6 +- arch/arm/kernel/entry-ftrace.S | 51 +++---- arch/arm/mach-mmp/sram.c | 22 +-- arch/arm/mach-s3c24xx/mach-jive.c | 6 +- .../arm64/boot/dts/broadcom/northstar2/ns2-svk.dts | 8 +- arch/arm64/boot/dts/broadcom/northstar2/ns2.dtsi | 2 +- arch/arm64/include/asm/kvm_mmu.h | 3 +- arch/arm64/kernel/insn.c | 4 +- arch/arm64/kernel/module.lds | 6 +- arch/mips/dec/prom/Makefile | 2 +- arch/mips/include/asm/dec/prom.h | 15 +- arch/mips/include/asm/setup.h | 2 +- arch/mips/kernel/traps.c | 22 +-- arch/mips/rb532/devices.c | 6 +- arch/powerpc/Makefile | 2 +- arch/powerpc/boot/dts/fsl/t104xrdb.dtsi | 4 +- arch/powerpc/include/asm/io.h | 40 ++++- arch/powerpc/include/asm/uaccess.h | 3 + arch/powerpc/kernel/kvm.c | 2 +- arch/powerpc/kernel/machine_kexec.c | 15 +- arch/powerpc/kernel/rtas.c | 6 + arch/powerpc/kvm/powerpc.c | 4 +- arch/powerpc/lib/sstep.c | 8 +- arch/powerpc/platforms/powernv/rng.c | 6 +- arch/powerpc/sysdev/fsl_gtm.c | 4 +- arch/riscv/kernel/module.lds | 6 +- arch/um/drivers/mconsole_kern.c | 3 +- arch/x86/events/intel/pt.c | 2 +- arch/x86/kernel/kvm.c | 2 +- arch/x86/kvm/emulate.c | 14 +- arch/x86/kvm/hyperv.c | 17 ++- arch/x86/kvm/lapic.c | 5 +- arch/x86/kvm/pmu_amd.c | 8 +- arch/x86/power/cpu.c | 21 ++- arch/x86/xen/pmu.c | 10 +- arch/x86/xen/pmu.h | 3 +- arch/x86/xen/smp_hvm.c | 6 + arch/x86/xen/smp_pv.c | 2 +- arch/x86/xen/time.c | 24 ++- arch/xtensa/boot/dts/xtfpga-flash-128m.dtsi | 8 +- arch/xtensa/boot/dts/xtfpga-flash-16m.dtsi | 8 +- arch/xtensa/boot/dts/xtfpga-flash-4m.dtsi | 4 +- block/bfq-iosched.c | 31 ++-- block/blk-merge.c | 12 ++ block/blk-sysfs.c | 8 +- crypto/authenc.c | 2 +- drivers/acpi/acpica/nswalk.c | 3 + drivers/acpi/apei/bert.c | 10 +- drivers/acpi/apei/erst.c | 2 +- drivers/acpi/apei/hest.c | 2 +- drivers/acpi/cppc_acpi.c | 5 + drivers/acpi/property.c | 2 +- drivers/ata/sata_dwc_460ex.c | 6 +- drivers/base/power/main.c | 6 +- drivers/block/drbd/drbd_int.h | 8 +- drivers/block/drbd/drbd_nl.c | 41 +++-- drivers/block/drbd/drbd_req.c | 3 +- drivers/block/drbd/drbd_state.c | 18 +-- drivers/block/drbd/drbd_state_change.h | 8 +- drivers/block/loop.c | 10 +- drivers/block/virtio_blk.c | 12 +- drivers/bluetooth/hci_serdev.c | 3 +- drivers/char/hw_random/atmel-rng.c | 1 + drivers/char/tpm/tpm-chip.c | 46 +----- drivers/char/tpm/tpm.h | 2 + drivers/char/tpm/tpm2-space.c | 65 ++++++++ drivers/char/virtio_console.c | 15 +- drivers/clk/actions/owl-s700.c | 1 + drivers/clk/actions/owl-s900.c | 2 +- drivers/clk/clk-clps711x.c | 2 + drivers/clk/clk.c | 24 +++ drivers/clk/loongson1/clk-loongson1c.c | 1 + drivers/clk/qcom/clk-rcg2.c | 1 + drivers/clk/qcom/gcc-ipq8074.c | 2 +- drivers/clk/qcom/gcc-msm8994.c | 1 + drivers/clk/tegra/clk-emc.c | 1 + drivers/clk/uniphier/clk-uniphier-fixed-rate.c | 1 + drivers/clocksource/acpi_pm.c | 6 +- drivers/clocksource/timer-of.c | 6 +- drivers/crypto/ccp/ccp-dmaengine.c | 16 ++ drivers/crypto/mxs-dcp.c | 2 +- drivers/crypto/vmx/Kconfig | 4 + drivers/dma/sh/shdma-base.c | 4 +- drivers/gpu/drm/amd/amdgpu/amdgpu.h | 2 + drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c | 10 +- drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 16 ++ drivers/gpu/drm/amd/amdgpu/amdgpu_gfx.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_sched.c | 10 +- drivers/gpu/drm/amd/amdkfd/kfd_crat.c | 2 +- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 3 + drivers/gpu/drm/bridge/cdns-dsi.c | 1 + drivers/gpu/drm/bridge/sil-sii8620.c | 2 +- drivers/gpu/drm/drm_edid.c | 11 +- drivers/gpu/drm/drm_panel_orientation_quirks.c | 6 + drivers/gpu/drm/imx/parallel-display.c | 4 +- drivers/gpu/drm/tegra/dsi.c | 4 +- drivers/hid/i2c-hid/i2c-hid-core.c | 32 +++- drivers/hv/Kconfig | 1 + drivers/hv/hv_balloon.c | 2 +- drivers/hv/vmbus_drv.c | 9 +- drivers/hwmon/pmbus/pmbus.h | 1 + drivers/hwmon/pmbus/pmbus_core.c | 18 ++- drivers/hwmon/sch56xx-common.c | 2 +- .../hwtracing/coresight/coresight-etm4x-sysfs.c | 8 +- drivers/i2c/busses/i2c-xiic.c | 3 +- drivers/i2c/muxes/i2c-demux-pinctrl.c | 5 +- drivers/iio/adc/twl6030-gpadc.c | 2 + drivers/iio/afe/iio-rescale.c | 8 +- drivers/iio/inkern.c | 40 +++-- drivers/input/input.c | 6 - drivers/iommu/arm-smmu-v3.c | 1 + drivers/irqchip/irq-gic-v3.c | 8 +- drivers/irqchip/irq-nvic.c | 2 + drivers/irqchip/qcom-pdc.c | 5 +- drivers/md/dm-crypt.c | 2 +- drivers/md/dm-ioctl.c | 2 + drivers/media/pci/cx88/cx88-mpeg.c | 3 + drivers/media/platform/coda/coda-common.c | 1 + drivers/media/platform/davinci/vpif.c | 1 + drivers/media/usb/em28xx/em28xx-cards.c | 13 +- drivers/media/usb/go7007/s2250-board.c | 10 +- drivers/media/usb/hdpvr/hdpvr-video.c | 4 +- drivers/media/usb/stk1160/stk1160-core.c | 2 +- drivers/media/usb/stk1160/stk1160-v4l.c | 10 +- drivers/media/usb/stk1160/stk1160.h | 2 +- drivers/memory/emif.c | 8 +- drivers/mfd/asic3.c | 10 +- drivers/mfd/mc13xxx-core.c | 4 +- drivers/misc/kgdbts.c | 4 +- drivers/mmc/core/host.c | 15 +- drivers/mmc/host/davinci_mmc.c | 6 +- drivers/mmc/host/renesas_sdhi_core.c | 4 +- drivers/mmc/host/sdhci-xenon.c | 10 -- drivers/mtd/nand/onenand/generic.c | 7 +- drivers/mtd/nand/raw/atmel/nand-controller.c | 14 +- drivers/mtd/ubi/build.c | 9 +- drivers/mtd/ubi/fastmap.c | 28 ++-- drivers/mtd/ubi/vmt.c | 8 +- drivers/net/can/usb/ems_usb.c | 1 - drivers/net/can/usb/mcba_usb.c | 27 ++-- drivers/net/can/vxcan.c | 2 +- drivers/net/ethernet/8390/mcf8390.c | 10 +- drivers/net/ethernet/broadcom/bnxt/bnxt_ethtool.c | 4 +- drivers/net/ethernet/broadcom/genet/bcmgenet.c | 4 +- drivers/net/ethernet/qlogic/qed/qed_sriov.c | 29 +++- drivers/net/ethernet/qlogic/qed/qed_sriov.h | 1 + drivers/net/ethernet/qlogic/qede/qede_fp.c | 3 + drivers/net/ethernet/qlogic/qlcnic/qlcnic_dcb.h | 10 +- .../net/ethernet/stmicro/stmmac/stmmac_platform.c | 3 +- drivers/net/ethernet/sun/sunhme.c | 6 +- drivers/net/hamradio/6pack.c | 4 +- drivers/net/macvtap.c | 6 + drivers/net/phy/broadcom.c | 21 +++ drivers/net/wireless/ath/ath10k/wow.c | 7 +- drivers/net/wireless/ath/ath5k/eeprom.c | 3 + drivers/net/wireless/ath/ath9k/htc_hst.c | 5 + drivers/net/wireless/ath/carl9170/main.c | 2 +- .../broadcom/brcm80211/brcmfmac/firmware.c | 2 + .../wireless/broadcom/brcm80211/brcmfmac/pcie.c | 48 +----- drivers/net/wireless/intel/iwlwifi/dvm/mac80211.c | 2 +- drivers/net/wireless/ray_cs.c | 6 + drivers/parisc/dino.c | 41 ++++- drivers/parisc/gsc.c | 31 ++++ drivers/parisc/gsc.h | 1 + drivers/parisc/lasi.c | 7 +- drivers/parisc/wax.c | 7 +- drivers/pci/access.c | 9 +- drivers/pci/controller/pci-aardvark.c | 16 +- drivers/pci/hotplug/pciehp_hpc.c | 4 + drivers/perf/qcom_l2_pmu.c | 6 +- drivers/pinctrl/mediatek/pinctrl-mtk-common.c | 2 + drivers/pinctrl/nomadik/pinctrl-nomadik.c | 4 +- drivers/pinctrl/pinconf-generic.c | 6 +- drivers/pinctrl/pinctrl-rockchip.c | 2 + drivers/pinctrl/samsung/pinctrl-samsung.c | 30 +++- drivers/power/reset/gemini-poweroff.c | 4 +- drivers/power/supply/ab8500_fg.c | 4 +- drivers/power/supply/axp20x_battery.c | 13 +- drivers/power/supply/bq24190_charger.c | 7 +- drivers/power/supply/wm8350_power.c | 97 ++++++++++-- drivers/ptp/ptp_sysfs.c | 4 +- drivers/pwm/pwm-lpc18xx-sct.c | 20 ++- drivers/regulator/qcom_smd-regulator.c | 4 +- drivers/remoteproc/qcom_wcnss.c | 1 + drivers/rtc/rtc-wm8350.c | 11 +- drivers/scsi/aha152x.c | 6 +- drivers/scsi/bfa/bfad_attr.c | 26 ++-- drivers/scsi/libfc/fc_exch.c | 1 + drivers/scsi/libsas/sas_ata.c | 2 +- drivers/scsi/mvsas/mv_init.c | 4 +- drivers/scsi/pm8001/pm8001_hwi.c | 13 +- drivers/scsi/pm8001/pm80xx_hwi.c | 11 +- drivers/scsi/qla2xxx/qla_def.h | 4 + drivers/scsi/qla2xxx/qla_gs.c | 5 +- drivers/scsi/qla2xxx/qla_init.c | 40 ++++- drivers/scsi/qla2xxx/qla_isr.c | 1 + drivers/scsi/qla2xxx/qla_target.c | 1 + drivers/scsi/zorro7xx.c | 2 + drivers/soc/ti/wkup_m3_ipc.c | 4 +- drivers/spi/spi-bcm-qspi.c | 4 +- drivers/spi/spi-pxa2xx-pci.c | 17 ++- drivers/spi/spi-tegra114.c | 4 + drivers/spi/spi-tegra20-slink.c | 8 +- drivers/spi/spi.c | 4 +- drivers/staging/iio/adc/ad7280a.c | 4 +- drivers/thermal/int340x_thermal/int3400_thermal.c | 2 +- drivers/tty/hvc/hvc_iucv.c | 4 +- drivers/tty/mxser.c | 15 +- drivers/tty/serial/8250/8250_mid.c | 19 ++- drivers/tty/serial/8250/8250_port.c | 12 ++ drivers/tty/serial/kgdboc.c | 6 +- drivers/tty/serial/samsung.c | 5 +- drivers/usb/dwc3/dwc3-omap.c | 2 +- drivers/usb/host/ehci-pci.c | 9 ++ drivers/usb/host/xhci-hub.c | 2 +- drivers/usb/host/xhci-mem.c | 2 +- drivers/usb/host/xhci.c | 20 ++- drivers/usb/host/xhci.h | 7 +- drivers/usb/serial/Kconfig | 1 + drivers/usb/serial/pl2303.c | 1 + drivers/usb/serial/pl2303.h | 3 + drivers/usb/serial/usb-serial-simple.c | 7 + drivers/usb/storage/ene_ub6250.c | 155 ++++++++++--------- drivers/usb/storage/realtek_cr.c | 2 +- drivers/video/fbdev/atafb.c | 12 +- drivers/video/fbdev/cirrusfb.c | 16 +- drivers/video/fbdev/core/fbcvt.c | 53 +++---- drivers/video/fbdev/nvidia/nv_i2c.c | 2 +- .../fbdev/omap2/omapfb/displays/connector-dvi.c | 1 + .../fbdev/omap2/omapfb/displays/panel-dsi-cm.c | 8 +- .../omap2/omapfb/displays/panel-sony-acx565akm.c | 2 +- .../omap2/omapfb/displays/panel-tpo-td043mtea1.c | 4 +- drivers/video/fbdev/sm712fb.c | 46 ++---- drivers/video/fbdev/smscufx.c | 3 +- drivers/video/fbdev/udlfb.c | 8 +- drivers/video/fbdev/w100fb.c | 15 +- drivers/w1/slaves/w1_therm.c | 8 +- fs/btrfs/extent_io.h | 2 +- fs/ext2/super.c | 6 +- fs/ext4/inode.c | 25 +++ fs/f2fs/gc.c | 4 +- fs/fuse/dev.c | 12 +- fs/fuse/file.c | 1 + fs/fuse/fuse_i.h | 2 + fs/gfs2/rgrp.c | 3 +- fs/jffs2/build.c | 4 +- fs/jffs2/fs.c | 2 +- fs/jffs2/scan.c | 6 +- fs/jfs/inode.c | 3 +- fs/jfs/jfs_dmap.c | 7 + fs/minix/inode.c | 3 +- fs/nfs/callback_proc.c | 27 ++-- fs/nfs/callback_xdr.c | 4 - fs/nfs/direct.c | 48 ++++-- fs/nfs/file.c | 4 +- fs/nfs/nfs4state.c | 12 ++ fs/nfs/pnfs.c | 11 ++ fs/nfs/pnfs.h | 2 + fs/nfsd/nfsproc.c | 2 +- fs/nfsd/xdr.h | 2 +- fs/ntfs/inode.c | 4 + fs/ubifs/dir.c | 44 ++++-- fs/ubifs/io.c | 34 ++++- fs/ubifs/ioctl.c | 2 +- include/linux/blk-cgroup.h | 17 +++ include/linux/blkdev.h | 8 + include/linux/mmzone.h | 11 +- include/linux/netdevice.h | 6 +- include/linux/nfs_fs.h | 8 +- include/linux/pci.h | 1 + include/linux/sunrpc/xdr.h | 2 + include/net/arp.h | 1 + include/net/sock.h | 25 ++- include/net/xfrm.h | 11 +- include/uapi/linux/bpf.h | 4 +- init/main.c | 6 +- kernel/cgroup/cgroup-internal.h | 19 +++ kernel/cgroup/cgroup-v1.c | 33 ++-- kernel/cgroup/cgroup.c | 81 +++++++--- kernel/dma/debug.c | 4 +- kernel/events/core.c | 3 + kernel/power/hibernate.c | 2 +- kernel/power/suspend_test.c | 8 +- kernel/printk/printk.c | 6 +- kernel/ptrace.c | 47 ++++-- kernel/sched/debug.c | 10 -- lib/raid6/test/Makefile | 4 +- lib/raid6/test/test.c | 1 - lib/test_kmod.c | 1 + mm/memcontrol.c | 2 +- mm/memory.c | 42 ++++-- mm/mempolicy.c | 9 +- mm/mmap.c | 2 +- mm/mremap.c | 3 + mm/page_alloc.c | 9 +- mm/rmap.c | 25 ++- mm/usercopy.c | 5 +- net/bluetooth/hci_event.c | 3 +- net/can/raw.c | 2 +- net/ipv4/arp.c | 9 +- net/ipv4/fib_frontend.c | 5 +- net/ipv4/raw.c | 2 +- net/ipv4/tcp_output.c | 5 +- net/ipv6/raw.c | 2 +- net/ipv6/xfrm6_output.c | 16 ++ net/key/af_key.c | 6 +- net/netfilter/nf_conntrack_proto_tcp.c | 17 ++- net/netlink/af_netlink.c | 2 + net/openvswitch/actions.c | 2 +- net/openvswitch/flow_netlink.c | 8 +- net/packet/af_packet.c | 6 +- net/rxrpc/net_ns.c | 2 +- net/smc/smc_core.c | 2 +- net/sunrpc/sched.c | 4 +- net/sunrpc/xprt.c | 7 + net/sunrpc/xprtrdma/transport.c | 4 +- net/x25/af_x25.c | 11 +- net/xfrm/xfrm_interface.c | 5 +- net/xfrm/xfrm_policy.c | 32 ++-- net/xfrm/xfrm_user.c | 18 ++- security/selinux/xfrm.c | 2 +- security/smack/smack_lsm.c | 2 +- security/tomoyo/load_policy.c | 4 +- sound/firewire/fcp.c | 4 +- sound/isa/cs423x/cs4236.c | 8 +- sound/pci/hda/patch_realtek.c | 4 +- sound/soc/atmel/atmel_ssc_dai.c | 5 +- sound/soc/atmel/sam9g20_wm8731.c | 1 + sound/soc/codecs/msm8916-wcd-digital.c | 5 +- sound/soc/codecs/rt5663.c | 2 + sound/soc/codecs/wm8350.c | 28 +++- sound/soc/davinci/davinci-i2s.c | 5 +- sound/soc/fsl/imx-es8328.c | 1 + sound/soc/mxs/mxs-saif.c | 5 +- sound/soc/mxs/mxs-sgtl5000.c | 3 + sound/soc/sh/fsi.c | 19 ++- sound/soc/soc-core.c | 2 +- sound/soc/soc-generic-dmaengine-pcm.c | 6 +- sound/soc/soc-topology.c | 3 +- sound/spi/at73c213.c | 27 +++- tools/build/feature/Makefile | 9 +- tools/include/uapi/linux/bpf.h | 4 +- tools/perf/Makefile.config | 3 + tools/testing/selftests/bpf/test_lirc_mode2.sh | 5 +- tools/testing/selftests/cgroup/cgroup_util.c | 2 +- tools/testing/selftests/cgroup/test_core.c | 167 +++++++++++++++++++++ tools/testing/selftests/x86/check_cc.sh | 2 +- virt/kvm/kvm_main.c | 13 ++ 360 files changed, 2494 insertions(+), 1147 deletions(-)

11 months, 3 weeks

15
356
0 0

[PATCH 3/9] bfq: Split shared queues on move between cgroups

by Jan Kara

When bfqq is shared by multiple processes it can happen that one of the processes gets moved to a different cgroup (or just starts submitting IO for different cgroup). In case that happens we need to split the merged bfqq as otherwise we will have IO for multiple cgroups in one bfqq and we will just account IO time to wrong entities etc. Similarly if the bfqq is scheduled to merge with another bfqq but the merge didn't happen yet, cancel the merge as it need not be valid anymore. CC: stable(a)vger.kernel.org Fixes: e21b7a0b9887 ("block, bfq: add full hierarchical scheduling and cgroups support") Signed-off-by: Jan Kara <jack(a)suse.cz> --- block/bfq-cgroup.c | 36 +++++++++++++++++++++++++++++++++--- block/bfq-iosched.c | 2 +- block/bfq-iosched.h | 1 + 3 files changed, 35 insertions(+), 4 deletions(-) diff --git a/block/bfq-cgroup.c b/block/bfq-cgroup.c index 420eda2589c0..9352f3cc2377 100644 --- a/block/bfq-cgroup.c +++ b/block/bfq-cgroup.c @@ -743,9 +743,39 @@ static struct bfq_group *__bfq_bic_change_cgroup(struct bfq_data *bfqd, } if (sync_bfqq) { - entity = &sync_bfqq->entity; - if (entity->sched_data != &bfqg->sched_data) - bfq_bfqq_move(bfqd, sync_bfqq, bfqg); + if (!sync_bfqq->new_bfqq && !bfq_bfqq_coop(sync_bfqq)) { + /* We are the only user of this bfqq, just move it */ + if (sync_bfqq->entity.sched_data != &bfqg->sched_data) + bfq_bfqq_move(bfqd, sync_bfqq, bfqg); + } else { + struct bfq_queue *bfqq; + + /* + * The queue was merged to a different queue. Check + * that the merge chain still belongs to the same + * cgroup. + */ + for (bfqq = sync_bfqq; bfqq; bfqq = bfqq->new_bfqq) + if (bfqq->entity.sched_data != + &bfqg->sched_data) + break; + if (bfqq) { + /* + * Some queue changed cgroup so the merge is + * not valid anymore. We cannot easily just + * cancel the merge (by clearing new_bfqq) as + * there may be other processes using this + * queue and holding refs to all queues below + * sync_bfqq->new_bfqq. Similarly if the merge + * already happened, we need to detach from + * bfqq now so that we cannot merge bio to a + * request from the old cgroup. + */ + bfq_put_cooperator(sync_bfqq); + bfq_release_process_ref(bfqd, sync_bfqq); + bic_set_bfqq(bic, NULL, 1); + } + } } return bfqg; diff --git a/block/bfq-iosched.c b/block/bfq-iosched.c index 7d00b21ebe5d..89fe3f85eb3c 100644 --- a/block/bfq-iosched.c +++ b/block/bfq-iosched.c @@ -5315,7 +5315,7 @@ static void bfq_put_stable_ref(struct bfq_queue *bfqq) bfq_put_queue(bfqq); } -static void bfq_put_cooperator(struct bfq_queue *bfqq) +void bfq_put_cooperator(struct bfq_queue *bfqq) { struct bfq_queue *__bfqq, *next; diff --git a/block/bfq-iosched.h b/block/bfq-iosched.h index 3b83e3d1c2e5..a56763045d19 100644 --- a/block/bfq-iosched.h +++ b/block/bfq-iosched.h @@ -979,6 +979,7 @@ void bfq_weights_tree_remove(struct bfq_data *bfqd, void bfq_bfqq_expire(struct bfq_data *bfqd, struct bfq_queue *bfqq, bool compensate, enum bfqq_expiration reason); void bfq_put_queue(struct bfq_queue *bfqq); +void bfq_put_cooperator(struct bfq_queue *bfqq); void bfq_end_wr_async_queues(struct bfq_data *bfqd, struct bfq_group *bfqg); void bfq_release_process_ref(struct bfq_data *bfqd, struct bfq_queue *bfqq); void bfq_schedule_dispatch(struct bfq_data *bfqd); -- 2.34.1

12 months

2
3
0 0

[PATCH 4.9 00/42] 4.9.328-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.9.328 release. There are 42 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 15 Sep 2022 14:03:27 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.328-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.9.328-rc1 NeilBrown <neilb(a)suse.de> SUNRPC: use _bh spinlocking on ->transport_lock Yang Ling <gnaygnil(a)gmail.com> MIPS: loongson32: ls1c: Fix hang during startup Johan Hovold <johan+linaro(a)kernel.org> usb: dwc3: fix PHY disable sequence Toke Høiland-Jørgensen <toke(a)toke.dk> sch_sfb: Also store skb len before calling child enqueue Neal Cardwell <ncardwell(a)google.com> tcp: fix early ETIMEDOUT after spurious non-SACK RTO Dan Carpenter <dan.carpenter(a)oracle.com> tipc: fix shift wrapping bug in map_get() Toke Høiland-Jørgensen <toke(a)toke.dk> sch_sfb: Don't assume the skb is still around after enqueueing to child David Leadbeater <dgl(a)dgl.cx> netfilter: nf_conntrack_irc: Fix forged IP logic Harsh Modi <harshmodi(a)google.com> netfilter: br_netfilter: Drop dst references before setting. Isaac J. Manjarres <isaacmanjarres(a)google.com> driver core: Don't probe devices after bus_type.match() probe deferral Sreekanth Reddy <sreekanth.reddy(a)broadcom.com> scsi: mpt3sas: Fix use-after-free warning Dongxiang Ke <kdx.glider(a)gmail.com> ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() Pattara Teerapong <pteerapong(a)chromium.org> ALSA: aloop: Fix random zeros in capture data when using jiffies timer Tasos Sahanidis <tasos(a)tasossah.com> ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() Yang Yingliang <yangyingliang(a)huawei.com> fbdev: chipsfb: Add missing pci_disable_device() in chipsfb_pci_init() Helge Deller <deller(a)gmx.de> parisc: Add runtime check to prevent PA2.0 kernels on PA1.x machines Li Qiong <liqiong(a)nfschina.com> parisc: ccio-dma: Handle kmalloc failure in ccio_init_resources() Zhenneng Li <lizhenneng(a)kylinos.cn> drm/radeon: add a force flush to delay work when radeon Yee Lee <yee.lee(a)mediatek.com> Revert "mm: kmemleak: take a full lowmem check in kmemleak_*_phys()" Linus Torvalds <torvalds(a)linux-foundation.org> fs: only do a memory barrier for the first set_buffer_uptodate() Takashi Iwai <tiwai(a)suse.de> ALSA: seq: Fix data-race at module auto-loading Takashi Iwai <tiwai(a)suse.de> ALSA: seq: oss: Fix data-race for max_midi_devs access Miquel Raynal <miquel.raynal(a)bootlin.com> net: mac802154: Fix a condition in the receive path Siddh Raman Pant <code(a)siddh.me> wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected Krishna Kurapati <quic_kriskura(a)quicinc.com> usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS Alan Stern <stern(a)rowland.harvard.edu> USB: core: Prevent nested device-reset calls Josh Poimboeuf <jpoimboe(a)kernel.org> s390: fix nospec table alignments Gerald Schaefer <gerald.schaefer(a)linux.ibm.com> s390/hugetlb: fix prepare_hugepage_range() check for 2 GB hugepages Witold Lipieta <witold.lipieta(a)thaumatec.com> usb-storage: Add ignore-residue quirk for NXP PN7462AU Thierry GUIBERT <thierry.guibert(a)croix-rouge.fr> USB: cdc-acm: Add Icom PMR F3400 support (0c26:0020) Slark Xiao <slark_xiao(a)163.com> USB: serial: option: add support for Cinterion MV32-WA/WB RmNet mode Yan Xinyu <sdlyyxy(a)bupt.edu.cn> USB: serial: option: add support for OPPO R11 diag port Johan Hovold <johan(a)kernel.org> USB: serial: cp210x: add Decagon UCA device id Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: Add grace period after xHC start to prevent premature runtime suspend. Armin Wolf <W_Armin(a)gmx.de> hwmon: (gpio-fan) Fix array out of bounds access Niek Nooijens <niek.nooijens(a)omron.com> USB: serial: ftdi_sio: add Omron CS1W-CIF31 device id Helge Deller <deller(a)gmx.de> vt: Clear selection before changing the font Dan Carpenter <dan.carpenter(a)oracle.com> staging: rtl8712: fix use after free bugs Shenwei Wang <shenwei.wang(a)nxp.com> serial: fsl_lpuart: RS485 RTS polariy is inverse Dan Carpenter <dan.carpenter(a)oracle.com> wifi: cfg80211: debugfs: fix return type in ht40allow_map_read() Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask Letu Ren <fantasquex(a)gmail.com> fbdev: fb_pm2fb: Avoid potential divide by zero error ------------- Diffstat: Makefile | 4 +-- arch/mips/loongson32/ls1c/board.c | 1 - arch/parisc/kernel/head.S | 43 +++++++++++++++++++++++++++- arch/s390/include/asm/hugetlb.h | 6 ++-- arch/s390/kernel/vmlinux.lds.S | 1 + arch/x86/include/asm/pmc_atom.h | 6 ++-- arch/x86/platform/atom/pmc_atom.c | 2 +- drivers/base/dd.c | 10 +++++++ drivers/gpu/drm/radeon/radeon_device.c | 3 ++ drivers/hwmon/gpio-fan.c | 3 ++ drivers/parisc/ccio-dma.c | 11 +++++-- drivers/scsi/mpt3sas/mpt3sas_scsih.c | 2 +- drivers/staging/rtl8712/rtl8712_cmd.c | 36 ----------------------- drivers/tty/serial/fsl_lpuart.c | 4 +-- drivers/tty/vt/vt.c | 12 +++++--- drivers/usb/class/cdc-acm.c | 3 ++ drivers/usb/core/hub.c | 10 +++++++ drivers/usb/dwc3/core.c | 20 ++++++------- drivers/usb/gadget/function/storage_common.c | 6 ++-- drivers/usb/host/xhci-hub.c | 11 +++++++ drivers/usb/host/xhci.c | 4 ++- drivers/usb/host/xhci.h | 2 +- drivers/usb/serial/cp210x.c | 1 + drivers/usb/serial/ftdi_sio.c | 2 ++ drivers/usb/serial/ftdi_sio_ids.h | 6 ++++ drivers/usb/serial/option.c | 11 +++++++ drivers/usb/storage/unusual_devs.h | 7 +++++ drivers/video/fbdev/chipsfb.c | 1 + drivers/video/fbdev/pm2fb.c | 5 ++++ include/linux/buffer_head.h | 11 +++++++ include/linux/usb.h | 2 ++ mm/kmemleak.c | 8 +++--- net/bridge/br_netfilter_hooks.c | 2 ++ net/bridge/br_netfilter_ipv6.c | 1 + net/ipv4/tcp_input.c | 25 +++++++++++----- net/mac80211/ibss.c | 4 +++ net/mac802154/rx.c | 2 +- net/netfilter/nf_conntrack_irc.c | 5 ++-- net/sched/sch_sfb.c | 13 +++++---- net/sunrpc/xprt.c | 4 +-- net/tipc/monitor.c | 2 +- net/wireless/debugfs.c | 3 +- sound/core/seq/oss/seq_oss_midi.c | 2 ++ sound/core/seq/seq_clientmgr.c | 12 ++++---- sound/drivers/aloop.c | 7 +++-- sound/pci/emu10k1/emupcm.c | 2 +- sound/usb/stream.c | 2 +- 47 files changed, 236 insertions(+), 104 deletions(-)

1 year

7
49
0 0

[PATCH] ext4: Add extend check to prevent BUG() in ext4_es_end

by Tadeusz Struk

Syzbot reported an issue with ext4 extents. The reproducer creates a corrupted ext4 fs image in memory, and mounts it as a loop device. It invokes the ext4_cache_extents() and ext4_find_extent(), which eventually triggers a BUG() in ext4_es_end() causing a kernel crash. It triggers on mainline, and every kernel version back to v4.14. Add a call ext4_ext_check_inode() in ext4_find_extent() to prevent the crash. To: "Theodore Ts'o" <tytso(a)mit.edu> Cc: "Andreas Dilger" <adilger.kernel(a)dilger.ca> Cc: <linux-ext4(a)vger.kernel.org> Cc: <linux-kernel(a)vger.kernel.org> Cc: <stable(a)vger.kernel.org> Link: https://syzkaller.appspot.com/bug?id=641e7a4b900015c5d7a729d6cc1fba7a928a88… Reported-by: syzbot+a22dc4b0744ac658ed9b(a)syzkaller.appspotmail.com Signed-off-by: Tadeusz Struk <tadeusz.struk(a)linaro.org> --- fs/ext4/extents.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/fs/ext4/extents.c b/fs/ext4/extents.c index 5235974126bd..c7b5a11e1abc 100644 --- a/fs/ext4/extents.c +++ b/fs/ext4/extents.c @@ -897,6 +897,12 @@ ext4_find_extent(struct inode *inode, ext4_lblk_t block, goto err; } + ret = ext4_ext_check_inode(inode); + if (ret) { + EXT4_ERROR_INODE(inode, "inode has invalid extent"); + goto err; + } + if (path) { ext4_ext_drop_refs(path); if (depth > path[0].p_maxdepth) { -- 2.37.3

1 year

2
2
0 0

[PATCH v2] mtd: spi-nor: Check for zero erase size in spi_nor_find_best_erase_type()

by Alexander A Sverdlin

From: Alexander Sverdlin <alexander.sverdlin(a)nokia.com> Erase can be zeroed in spi_nor_parse_4bait() or spi_nor_init_non_uniform_erase_map(). In practice it happened with mt25qu256a, which supports 4K, 32K, 64K erases with 3b address commands, but only 4K and 64K erase with 4b address commands. Fixes: dc92843159a7 ("mtd: spi-nor: fix erase_type array to indicate current map conf") Cc: stable(a)vger.kernel.org Signed-off-by: Alexander Sverdlin <alexander.sverdlin(a)nokia.com> --- Changes in v2: erase->opcode -> erase->size drivers/mtd/spi-nor/core.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/mtd/spi-nor/core.c b/drivers/mtd/spi-nor/core.c index 88dd090..183ea9d 100644 --- a/drivers/mtd/spi-nor/core.c +++ b/drivers/mtd/spi-nor/core.c @@ -1400,6 +1400,8 @@ spi_nor_find_best_erase_type(const struct spi_nor_erase_map *map, continue; erase = &map->erase_type[i]; + if (!erase->size) + continue; /* Alignment is not mandatory for overlaid regions */ if (region->offset & SNOR_OVERLAID_REGION && -- 2.10.2

1 year

4
5
0 0

[PATCH v2 1/2] iommu/amd: Fix ivrs_acpihid cmdline parsing code

by Kim Phillips

The second (UID) strcmp in acpi_dev_hid_uid_match considers "0" and "00" different, which can prevent device registration. Have the AMD IOMMU driver's ivrs_acpihid parsing code remove any leading zeroes to make the UID strcmp succeed. Now users can safely specify "AMDxxxxx:00" or "AMDxxxxx:0" and expect the same behaviour. Fixes: ca3bf5d47cec ("iommu/amd: Introduces ivrs_acpihid kernel parameter") Signed-off-by: Kim Phillips <kim.phillips(a)amd.com> Cc: stable(a)vger.kernel.org Cc: Suravee Suthikulpanit <Suravee.Suthikulpanit(a)amd.com> Cc: Joerg Roedel <jroedel(a)suse.de> --- v2: no changes drivers/iommu/amd/init.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/drivers/iommu/amd/init.c b/drivers/iommu/amd/init.c index fdc642362c14..ef0e1a4b5a11 100644 --- a/drivers/iommu/amd/init.c +++ b/drivers/iommu/amd/init.c @@ -3471,6 +3471,13 @@ static int __init parse_ivrs_acpihid(char *str) return 1; } + /* + * Ignore leading zeroes after ':', so e.g., AMDI0095:00 + * will match AMDI0095:0 in the second strcmp in acpi_dev_hid_uid_match + */ + while (*uid == '0' && *(uid + 1)) + uid++; + i = early_acpihid_map_size++; memcpy(early_acpihid_map[i].hid, hid, strlen(hid)); memcpy(early_acpihid_map[i].uid, uid, strlen(uid)); -- 2.34.1

1 year

2
3
0 0

[PATCH] nouveau: explicitly wait on the fence in nouveau_bo_move_m2mf

by Karol Herbst

It is a bit unlcear to us why that's helping, but it does and unbreaks suspend/resume on a lot of GPUs without any known drawbacks. Cc: stable(a)vger.kernel.org # v5.15+ Closes: https://gitlab.freedesktop.org/drm/nouveau/-/issues/156 Signed-off-by: Karol Herbst <kherbst(a)redhat.com> --- drivers/gpu/drm/nouveau/nouveau_bo.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/drivers/gpu/drm/nouveau/nouveau_bo.c b/drivers/gpu/drm/nouveau/nouveau_bo.c index 35bb0bb3fe61..126b3c6e12f9 100644 --- a/drivers/gpu/drm/nouveau/nouveau_bo.c +++ b/drivers/gpu/drm/nouveau/nouveau_bo.c @@ -822,6 +822,15 @@ nouveau_bo_move_m2mf(struct ttm_buffer_object *bo, int evict, if (ret == 0) { ret = nouveau_fence_new(chan, false, &fence); if (ret == 0) { + /* TODO: figure out a better solution here + * + * wait on the fence here explicitly as going through + * ttm_bo_move_accel_cleanup somehow doesn't seem to do it. + * + * Without this the operation can timeout and we'll fallback to a + * software copy, which might take several minutes to finish. + */ + nouveau_fence_wait(fence, false, false); ret = ttm_bo_move_accel_cleanup(bo, &fence->base, evict, false, -- 2.37.1

1 year

4
6
0 0

significant drop fio IOPS performance on v5.10

by Lu, Davina

Hello, I was profiling the 5.10 kernel and comparing it to 4.14. On a system with 64 virtual CPUs and 256 GiB of RAM, I am observing a significant drop in IO performance. Using the following FIO with the script "sudo ftest_write.sh <dev_name>" in attachment, I saw FIO iops result drop from 22K to less than 1K. The script simply does: mount a the EXT4 16GiB volume with max IOPS 64000K, mounting option is " -o noatime,nodiratime,data=ordered", then run fio with 2048 fio wring thread with 28800000 file size with { --name=16kb_rand_write_only_2048_jobs --directory=/rdsdbdata1 --rw=randwrite --ioengine=sync --buffered=1 --bs=16k --max-jobs=2048 --numjobs=2048 --runtime=60 --time_based --thread --filesize=28800000 --fsync=1 --group_reporting }. My analyzing is that the degradation is introduce by commit {244adf6426ee31a83f397b700d964cff12a247d3} and the issue is the contention on rsv_conversion_wq. The simplest option is to increase the journal size, but that introduces more operational complexity. Another option is to add the following change in attachment "allow more ext4-rsv-conversion workqueue.patch" From 27e1b0e14275a281b3529f6a60c7b23a81356751 Mon Sep 17 00:00:00 2001 From: davinalu <davinalu(a)amazon.com> Date: Fri, 23 Sep 2022 00:43:53 +0000 Subject: [PATCH] allow more ext4-rsv-conversion workqueue to speedup fio writing --- fs/ext4/super.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/ext4/super.c b/fs/ext4/super.c index a0af833f7da7..6b34298cdc3b 100644 --- a/fs/ext4/super.c +++ b/fs/ext4/super.c @@ -4963,7 +4963,7 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent) * concurrency isn't really necessary. Limit it to 1. */ EXT4_SB(sb)->rsv_conversion_wq = - alloc_workqueue("ext4-rsv-conversion", WQ_MEM_RECLAIM | WQ_UNBOUND, 1); + alloc_workqueue("ext4-rsv-conversion", WQ_MEM_RECLAIM | + WQ_UNBOUND | __WQ_ORDERED, 0); if (!EXT4_SB(sb)->rsv_conversion_wq) { printk(KERN_ERR "EXT4-fs: failed to create workqueue\n"); ret = -ENOMEM; My thought is: If the max_active is 1, it means the "__WQ_ORDERED" combined with WQ_UNBOUND setting, based on alloc_workqueue(). So I added it . I am not sure should we need "__WQ_ORDERED" or not? without "__WQ_ORDERED" it looks also work at my testbed, but I added since not much fio TP difference on my testbed result with/out "__WQ_ORDERED". From My understanding and observation: with dioread_unlock and delay_alloc both enabled, the bio_endio() and ext4_writepages() will trigger this work queue to ext4_do_flush_completed_IO(). Looks like the work queue is an one-by-one updating: at EXT4 extend.c io_end->list_vec list only have one io_end_vec each time. So if the BIO has high performance, and we have only one thread to do EXT4 flush will be an bottleneck here. The "ext4-rsv-conversion" this workqueue is mainly for update the EXT4_IO_END_UNWRITTEN extend block(only exist on dioread_unlock and delay_alloc options are set) and extend status if I understand correctly here. Am I correct? This works on my test system and passes xfstests, but will this cause any corruption on ext4 extends blocks updates, not even sure about the journal transaction updates either? Can you tell me what I will break if this change is made? Thanks Davina

1 year

3
5
0 0

[PATCH] tee: add overflow check in tee_ioctl_shm_register()

by Jens Wiklander

commit 573ae4f13f630d6660008f1974c0a8a29c30e18a upstream. With special lengths supplied by user space, tee_shm_register() has an integer overflow when calculating the number of pages covered by a supplied user space memory region. This may cause pin_user_pages_fast() to do a NULL pointer dereference. Fix this by adding an an explicit call to access_ok() in tee_ioctl_shm_register() to catch an invalid user space address early. Fixes: 033ddf12bcf5 ("tee: add register user memory") Cc: stable(a)vger.kernel.org # 5.4 Cc: stable(a)vger.kernel.org # 5.10 Reported-by: Nimish Mishra <neelam.nimish(a)gmail.com> Reported-by: Anirban Chakraborty <ch.anirban00727(a)gmail.com> Reported-by: Debdeep Mukhopadhyay <debdeep.mukhopadhyay(a)gmail.com> Suggested-by: Jerome Forissier <jerome.forissier(a)linaro.org> Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> [JW: backport to stable 5.4 and 5.10 + update commit message] Signed-off-by: Jens Wiklander <jens.wiklander(a)linaro.org> --- drivers/tee/tee_core.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/tee/tee_core.c b/drivers/tee/tee_core.c index a7ccd4d2bd10..2db144d2d26f 100644 --- a/drivers/tee/tee_core.c +++ b/drivers/tee/tee_core.c @@ -182,6 +182,9 @@ tee_ioctl_shm_register(struct tee_context *ctx, if (data.flags) return -EINVAL; + if (!access_ok((void __user *)(unsigned long)data.addr, data.length)) + return -EFAULT; + shm = tee_shm_register(ctx, data.addr, data.length, TEE_SHM_DMA_BUF | TEE_SHM_USER_MAPPED); if (IS_ERR(shm)) -- 2.31.1

1 year

4
7
0 0

[PATCH v2] ext4: fix use-after-free in ext4_ext_shift_extents

by Baokun Li

If the starting position of our insert range happens to be in the hole between the two ext4_extent_idx, because the lblk of the ext4_extent in the previous ext4_extent_idx is always less than the start, which leads to the "extent" variable access across the boundary, the following UAF is triggered: ================================================================== BUG: KASAN: use-after-free in ext4_ext_shift_extents+0x257/0x790 Read of size 4 at addr ffff88819807a008 by task fallocate/8010 CPU: 3 PID: 8010 Comm: fallocate Tainted: G E 5.10.0+ #492 Call Trace: dump_stack+0x7d/0xa3 print_address_description.constprop.0+0x1e/0x220 kasan_report.cold+0x67/0x7f ext4_ext_shift_extents+0x257/0x790 ext4_insert_range+0x5b6/0x700 ext4_fallocate+0x39e/0x3d0 vfs_fallocate+0x26f/0x470 ksys_fallocate+0x3a/0x70 __x64_sys_fallocate+0x4f/0x60 do_syscall_64+0x33/0x40 entry_SYSCALL_64_after_hwframe+0x44/0xa9 ================================================================== For right shifts, we can divide them into the following situations： 1. When the first ee_block of ext4_extent_idx is greater than or equal to start, make right shifts directly from the first ee_block. 1) If it is greater than start, we need to continue searching in the previous ext4_extent_idx. 2) If it is equal to start, we can exit the loop (iterator=NULL). 2. When the first ee_block of ext4_extent_idx is less than start, then traverse from the last extent to find the first extent whose ee_block is less than start. 1) If extent is still the last extent after traversal, it means that the last ee_block of ext4_extent_idx is less than start, that is, start is located in the hole between idx and (idx+1), so we can exit the loop directly (break) without right shifts. 2) Otherwise, make right shifts at the corresponding position of the found extent, and then exit the loop (iterator=NULL). Fixes: 331573febb6a ("ext4: Add support FALLOC_FL_INSERT_RANGE for fallocate") Cc: stable(a)vger.kernel.org # v4.2+ Signed-off-by: Zhihao Cheng <chengzhihao1(a)huawei.com> Signed-off-by: Baokun Li <libaokun1(a)huawei.com> --- V1->V2: Initialize "ret" after the "again:" label to avoid return value mismatch. Refactoring reduces cycles and makes code more readable. fs/ext4/extents.c | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/fs/ext4/extents.c b/fs/ext4/extents.c index c148bb97b527..39c9f87de0be 100644 --- a/fs/ext4/extents.c +++ b/fs/ext4/extents.c @@ -5179,6 +5179,7 @@ ext4_ext_shift_extents(struct inode *inode, handle_t *handle, * and it is decreased till we reach start. */ again: + ret = 0; if (SHIFT == SHIFT_LEFT) iterator = &start; else @@ -5222,14 +5223,21 @@ ext4_ext_shift_extents(struct inode *inode, handle_t *handle, ext4_ext_get_actual_len(extent); } else { extent = EXT_FIRST_EXTENT(path[depth].p_hdr); - if (le32_to_cpu(extent->ee_block) > 0) + if (le32_to_cpu(extent->ee_block) > start) *iterator = le32_to_cpu(extent->ee_block) - 1; - else - /* Beginning is reached, end of the loop */ + else if (le32_to_cpu(extent->ee_block) == start) iterator = NULL; - /* Update path extent in case we need to stop */ - while (le32_to_cpu(extent->ee_block) < start) + else { + extent = EXT_LAST_EXTENT(path[depth].p_hdr); + while (le32_to_cpu(extent->ee_block) >= start) + extent--; + + if (extent == EXT_LAST_EXTENT(path[depth].p_hdr)) + break; + extent++; + iterator = NULL; + } path[depth].p_ext = extent; } ret = ext4_ext_shift_path_extents(path, shift, inode, -- 2.31.1

1 year, 1 month

3
3
0 0

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror September 2022