- Linux-stable-mirror - lists.linaro.org

[PATCH 4.9 000/177] 4.9.90-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.9.90 release. There are 177 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun Mar 25 09:41:28 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.90-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.9.90-rc1 Krzysztof Opasiak <kopasiak90(a)gmail.com> usb: gadget: f_hid: fix: Move IN request allocation to set_alt() Leon Romanovsky <leonro(a)mellanox.com> RDMA/ucma: Don't allow join attempts for unsupported AF family Leon Romanovsky <leonro(a)mellanox.com> RDMA/ucma: Fix access to non-initialized CM_ID object Jerome Brunet <jbrunet(a)baylibre.com> clk: migrate the count of orphaned clocks at init Boris Pismenny <borisp(a)mellanox.com> IB/mlx5: Fix out-of-bounds read in create_raw_packet_qp_rq Boris Pismenny <borisp(a)mellanox.com> IB/mlx5: Fix integer overflows in mlx5_ib_create_srq Vignesh R <vigneshr(a)ti.com> dmaengine: ti-dma-crossbar: Fix event mapping for TPCC_EVT_MUX_60_63 Sergej Sawazki <sergej(a)taudac.com> clk: si5351: Rename internal plls to avoid name collisions Lars-Peter Clausen <lars(a)metafoo.de> clk: axi-clkgen: Correctly handle nocount bit in recalc_rate() Stephen Boyd <sboyd(a)codeaurora.org> clk: Don't touch hardware when reparenting during registration Benjamin Coddington <bcodding(a)redhat.com> nfsd4: permit layoutget of executable-only files Joel Stanley <joel(a)jms.id.au> ARM: dts: aspeed-evb: Add unit name to memory node Anton Vasilyev <vasilyev(a)ispras.ru> RDMA/ocrdma: Fix permissions for OCRDMA_RESET_STATS Alexey Kodanev <alexey.kodanev(a)oracle.com> ip6_vti: adjust vti mtu according to mtu of lower device Jerry Snitselaar <jsnitsel(a)redhat.com> iommu/vt-d: clean up pr_irq if request_threaded_irq fails Brian Norris <briannorris(a)chromium.org> pinctrl: rockchip: enable clock when reading pin direction register Florian Fainelli <f.fainelli(a)gmail.com> pinctrl: Really force states during suspend/resume Robert Walker <robert.walker(a)arm.com> coresight: Fix disabling of CoreSight TPIU Sahara <keun-o.park(a)darkmatter.ae> pty: cancel pty slave port buf's work in tty_release Peter Ujfalusi <peter.ujfalusi(a)ti.com> drm/omap: DMM: Check for DMM readiness after successful transaction commit H. Nikolaus Schaller <hns(a)goldelico.com> omapdrm: panel: fix compatible vendor string for td028ttec1 Bjorn Helgaas <bhelgaas(a)google.com> vgacon: Set VGA struct resource types Bharat Potnuri <bharat(a)chelsio.com> iser-target: avoid reinitializing rdma contexts for isert commands Artemy Kovalyov <artemyko(a)mellanox.com> IB/umem: Fix use of npages/nmap fields Parav Pandit <parav(a)mellanox.com> RDMA/cma: Use correct size when writing netlink stats Erez Shitrit <erezsh(a)mellanox.com> IB/ipoib: Avoid memory leak if the SA returns a different DGID Alexandre Belloni <alexandre.belloni(a)free-electrons.com> rtc: ac100: Fix multiple race conditions Daniel Drake <drake(a)endlessm.com> mmc: avoid removing non-removable hosts during suspend Logan Gunthorpe <logang(a)deltatee.com> drm/tilcdc: ensure nonatomic iowrite64 is not used Kedareswara rao Appana <appana.durga.rao(a)xilinx.com> dmaengine: zynqmp_dma: Fix race condition in the probe Shawn Nematbakhsh <shawnn(a)chromium.org> platform/chrome: Use proper protocol transfer function Guenter Roeck <linux(a)roeck-us.net> watchdog: Fix potential kref imbalance when opening watchdog Arnd Bergmann <arnd(a)arndb.de> cros_ec: fix nul-termination for firmware build info Stefan Potyra <Stefan.Potyra(a)elektrobit.com> serial: 8250_dw: Disable clock on error Bjørn Mork <bjorn(a)mork.no> qmi_wwan: set FLAG_SEND_ZLP to avoid network initiated disconnect Ron Economos <w6rz(a)comcast.net> media: [RESEND] media: dvb-frontends: Add delay to Si2168 restart Balaji Pothunoori <bpothuno(a)qti.qualcomm.com> ath10k: handling qos at STA side based on AP WMM enable/disable Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> media: bt8xx: Fix err 'bt878_probe()' Tsang-Shian Lin <thlin(a)realtek.com> rtlwifi: rtl_pci: Fix the bug when inactiveps is enabled. Geert Uytterhoeven <geert(a)linux-m68k.org> RDMA/iwpm: Fix uninitialized error code in iwpm_send_mapinfo() Prakash Kamliya <pkamliya(a)codeaurora.org> drm/msm: fix leak in failed get_pages Gustavo A. R. Silva <garsilva(a)embeddedor.com> media: c8sectpfe: fix potential NULL pointer dereference in c8sectpfe_timer_interrupt Loic Poulain <loic.poulain(a)linaro.org> Bluetooth: btqcomsmd: Fix skb double free corruption Loic Poulain <loic.poulain(a)linaro.org> Bluetooth: hci_qca: Avoid setup failure on missing rampatch Peter Zijlstra <peterz(a)infradead.org> block/mq: Cure cpu hotplug lock inversion Kim Phillips <kim.phillips(a)arm.com> perf tests kmod-path: Don't fail if compressed modules aren't supported Michael Mera <dev(a)michaelmera.com> ath10k: fix out of bounds access to local buffer Moritz Fischer <mdf(a)kernel.org> rtc: ds1374: wdt: Fix stop/start ioctl always returning -EINVAL Moritz Fischer <mdf(a)kernel.org> rtc: ds1374: wdt: Fix issue with timeout scaling from secs to wdt ticks Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com> mm: hwpoison: call shake_page() after try_to_unmap() for mlocked page David Rientjes <rientjes(a)google.com> mm, vmstat: suppress pcp stats for unpopulated zones in zoneinfo Johannes Weiner <hannes(a)cmpxchg.org> mm: fix check for reclaimable pages in PF_MEMALLOC reclaim throttling Dan Carpenter <dan.carpenter(a)oracle.com> cifs: small underflow in cnvrtDosUnixTm() Timmy Li <lixiaoping3(a)huawei.com> net: hns: fix ethtool_get_strings overflow in hns driver Trond Myklebust <trond.myklebust(a)primarydata.com> pNFS: Fix a deadlock when coalescing writes and returning the layout Alexey Khoroshilov <khoroshilov(a)ispras.ru> sm501fb: don't return zero on failure path in sm501fb_start() Maksim Salau <maksim.salau(a)gmail.com> video: fbdev: udlfb: Fix buffer on stack Vitaly Kuznetsov <vkuznets(a)redhat.com> x86/xen: split xen_smp_prepare_boot_cpu() Dmitry Monakhov <dmonakhov(a)openvz.org> tcm_fileio: Prevent information leak for short reads Sergei Trofimovich <slyfox(a)gentoo.org> ia64: fix module loading for gcc-5.4 Hans de Goede <hdegoede(a)redhat.com> ACPI / power: Delay turning off unused power resources after suspend Shaohua Li <shli(a)fb.com> md/raid10: skip spare disk as 'first' disk Johannes Thumshirn <jthumshirn(a)suse.de> IB/rxe: Don't clamp residual length to mtu Sebastian Reichel <sebastian.reichel(a)collabora.co.uk> Input: twl4030-pwrbutton - use correct device for irq request Michael Trimarchi <michael(a)amarulasolutions.com> power: supply: pda_power: move from timer to delayed_work Pan Bian <bianpan2016(a)163.com> power: supply: isp1704: Fix unchecked return value of devm_kzalloc Hans de Goede <hdegoede(a)redhat.com> power: supply: bq24190_charger: Add disable-reset device-property Scott Wood <swood(a)redhat.com> bnx2x: Align RX buffers Dan Carpenter <dan.carpenter(a)oracle.com> qed: Unlock on error in qed_vf_pf_acquire() Jiri Benc <jbenc(a)redhat.com> vxlan: correctly handle ipv6.disable module parameter Dean Jenkins <Dean_Jenkins(a)mentor.com> Bluetooth: hci_ldisc: Add protocol check to hci_uart_tx_wakeup() Dean Jenkins <Dean_Jenkins(a)mentor.com> Bluetooth: hci_ldisc: Add protocol check to hci_uart_dequeue() Valentin Longchamp <valentin.longchamp(a)keymile.com> soc/fsl/qe: round brg_freq to 1kHz granularity Christophe Leroy <christophe.leroy(a)c-s.fr> net: ethernet: ucc_geth: fix MEM_PART_MURAM mode Emil Tantilov <emil.s.tantilov(a)intel.com> ixgbevf: fix size of queue stats length Jan Kara <jack(a)suse.cz> jbd2: Fix lockdep splat with generic/270 test Mario Kleiner <mario.kleiner.de(a)gmail.com> drm/nouveau/kms: Increase max retries in scanout position queries. Chunming Zhou <David1.Zhou(a)amd.com> drm/amdgpu: fix gpu reset crash Hans de Goede <hdegoede(a)redhat.com> ACPI / PMIC: xpower: Fix power_table addresses Robert Lippert <roblip(a)gmail.com> ipmi/watchdog: fix wdog hang on panic waiting for ipmi response Oleksij Rempel <linux(a)rempel-privat.de> platform/x86: asus-wmi: try to set als by default Tadeusz Struk <tadeusz.struk(a)intel.com> IB/hfi1: Fix softlockup issue Dan Carpenter <dan.carpenter(a)oracle.com> IB/rdmavt: restore IRQs on error path in rvt_create_ah() Kishon Vijay Abraham I <kishon(a)ti.com> ARM: DRA7: clockdomain: Change the CLKTRCTRL of CM_PCIE_CLKSTCTRL to SW_WKUP Dan Carpenter <dan.carpenter(a)oracle.com> netfilter: x_tables: unlock on error in xt_find_table_lock() yangbo lu <yangbo.lu(a)nxp.com> mmc: sdhci-of-esdhc: limit SD clock for ls1012a/ls1046a Mohammed Shafi Shajakhan <mohammed(a)qti.qualcomm.com> mac80211: Fix possible sband related NULL pointer de-reference Paolo Abeni <pabeni(a)redhat.com> ipvs: explicitly forbid ipv6 service/dest creation if ipv6 mod is disabled Pan Bian <bianpan2016(a)163.com> staging: wilc1000: fix unchecked return value Sameer Wadgaonkar <sameer.wadgaonkar(a)unisys.com> staging: unisys: visorhba: fix s-Par to boot with option CONFIG_VMAP_STACK set to y Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy(a)linux.intel.com> gpio: gpio-wcove: fix GPIO IRQ status mask Baoquan He <bhe(a)redhat.com> x86/KASLR: Fix kexec kernel boot crash when KASLR randomization fails Ming Lei <ming.lei(a)redhat.com> mtip32xx: use runtime tag to initialize command header Keerthy <j-keerthy(a)ti.com> mfd: palmas: Reset the POWERHOLD mux during power off Rask Ingemann Lambertsen <rask(a)formelder.dk> dt-bindings: mfd: axp20x: Add "xpowers,master-mode" property for AXP806 PMICs Colin Ian King <colin.king(a)canonical.com> iio: hid-sensor: fix return of -EINVAL on invalid values in ret or value Lv Zheng <lv.zheng(a)intel.com> ACPICA: iasl: Fix IORT SMMU GSI disassembling Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> mac80211: don't parse encrypted management frames in ieee80211_frame_acked Martin Brandenburg <martin(a)omnibond.com> orangefs: do not wait for timeout if umounting Filipe Manana <fdmanana(a)suse.com> Btrfs: fix extent map leak during fallocate error path Filipe Manana <fdmanana(a)suse.com> Btrfs: send, fix file hole not being preserved due to inline extent Filipe Manana <fdmanana(a)suse.com> Btrfs: fix incorrect space accounting after failure to insert inline extent Pan Bian <bianpan2016(a)163.com> rndis_wlan: add return value validation Pan Bian <bianpan2016(a)163.com> libertas: check return value of alloc_workqueue Pan Bian <bianpan2016(a)163.com> mt7601u: check return value of alloc_skb Shrirang Bagul <shrirang.bagul(a)canonical.com> iio: st_pressure: st_accel: Initialise sensor platform data properly NeilBrown <neilb(a)suse.com> NFS: don't try to cross a mountpount when there isn't one there. Chuck Lever <chuck.lever(a)oracle.com> xprtrdma: Cancel refresh worker during buffer shutdown Trond Myklebust <trond.myklebust(a)primarydata.com> pNFS: Fix use after free issues in pnfs_do_read() Vlad Tsyrklevich <vlad(a)tsyrklevich.net> infiniband/uverbs: Fix integer overflows Finn Thain <fthain(a)telegraphics.com.au> scsi: mac_esp: Replace bogus memory barrier with spinlock Maarten Maathuis <madman2003(a)gmail.com> platform/x86: intel-vbtn: add volume up and down Liping Zhang <zlpnobody(a)gmail.com> netfilter: nft_dynset: continue to next expr if _OP_ADD succeeded Pan Bian <bianpan2016(a)163.com> qlcnic: fix unchecked return value Pan Bian <bianpan2016(a)163.com> wan: pc300too: abort path on failure Pan Bian <bianpan2016(a)163.com> tipc: check return value of nlmsg_new Dan Carpenter <dan.carpenter(a)oracle.com> mmc: host: omap_hsmmc: checking for NULL instead of IS_ERR() Liping Zhang <zlpnobody(a)gmail.com> netfilter: nf_ct_helper: permit cthelpers with different names via nfnetlink Jarno Rajahalme <jarno(a)ovn.org> openvswitch: Delete conntrack entry clashing with an expectation. Gao Feng <fgao(a)ikuai8.com> netfilter: xt_CT: fix refcnt leak on error path Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy(a)linux.intel.com> gpio: gpio-wcove: fix irq pending status bit width James Smart <jsmart2021(a)gmail.com> Fix Express lane queue creation. James Smart <jsmart2021(a)gmail.com> Fix driver usage of 128B WQEs when WQ_CREATE is V1. K. Y. Srinivasan <kys(a)microsoft.com> netvsc: Deal with rescinded channels correctly Brian King <brking(a)linux.vnet.ibm.com> ibmvnic: Disable irq prior to close Dan Carpenter <dan.carpenter(a)oracle.com> ASoC: Intel: Skylake: Uninitialized variable in probe_codec() Moni Shoua <monis(a)mellanox.com> IB/mlx5: Set correct SL in completion for RoCE Maor Gottlieb <maorg(a)mellanox.com> IB/mlx5: Change vma from shared to private Maor Gottlieb <maorg(a)mellanox.com> IB/mlx5: Take write semaphore when changing the vma struct Maor Gottlieb <maorg(a)mellanox.com> IB/mlx4: Change vma from shared to private Maor Gottlieb <maorg(a)mellanox.com> IB/mlx4: Take write semaphore when changing the vma struct Dan Carpenter <dan.carpenter(a)oracle.com> HSI: ssi_protocol: double free in ssip_pn_xmit() Feras Daoud <ferasda(a)mellanox.com> IB/ipoib: Update broadcast object if PKey value was changed in index 0 Feras Daoud <ferasda(a)mellanox.com> IB/ipoib: Fix deadlock between ipoib_stop and mcast join flow Mikhail Paulyshka <me(a)mixaill.tk> ALSA: hda - Fix headset microphone detection for ASUS N551 and N751 Bernd Faust <berndfaust(a)gmail.com> e1000e: fix timing for 82579 Gigabit Ethernet controller Eric Dumazet <edumazet(a)google.com> tcp: remove poll() flakes with FastOpen Benjamin Coddington <bcodding(a)redhat.com> NFS: Fix missing pg_cleanup after nfs_pageio_cond_complete() Guoqing Jiang <gqjiang(a)suse.com> md/raid10: wait up frozen array in handle_write_completed Suman Anna <s-anna(a)ti.com> iommu/omap: Register driver before setting IOMMU ops Paul Burton <paul.burton(a)imgtec.com> irqchip/mips-gic: Separate IPI reservation & usage tracking Abel Vesa <abelvesa(a)linux.com> ARM: 8668/1: ftrace: Fix dynamic ftrace with DEBUG_RODATA and !FRAME_POINTER Tiantian Feng <fengtiantian(a)huawei.com> x86/reboot: Turn off KVM when halting a CPU Brian Norris <briannorris(a)chromium.org> mwifiex: don't leak 'chan_stats' on reset Alexey Kardashevskiy <aik(a)ozlabs.ru> KVM: PPC: Book3S PR: Exit KVM on failed mapping David Gibson <david(a)gibson.dropbear.id.au> scsi: virtio_scsi: Always try to read VPD pages Liad Kaufman <liad.kaufman(a)intel.com> iwlwifi: a000: fix memory offsets and lengths Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> iwlwifi: split the handler and the wake parts of the notification infra Bharat Kumar Reddy Gooty <bharat.gooty(a)broadcom.com> clk: ns2: Correct SDIO bits Mohammed Shafi Shajakhan <mohammed(a)qti.qualcomm.com> ath: Fix updating radar flags for coutry code India Nicholas Piggin <npiggin(a)gmail.com> powerpc/64s: Remove SAO feature from Power9 DD1 Marek Vasut <marex(a)denx.de> spi: dw: Disable clock after unregistering the host Dan Williams <dan.j.williams(a)intel.com> tools/testing/nvdimm: fix nfit_test shutdown crash Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> ASoC: Intel: Atom: update Thinkpad 10 quirk Adam Borowski <kilobyte(a)angband.pl> btrfs: fix a bogus warning when converting only data or metadata Jasmin J <jasmin(a)anw.at> media/dvb-core: Race condition when writing to CAM David Ahern <dsa(a)cumulusnetworks.com> net: ipv6: send unsolicited NA on admin up Edgar Cherkasov <echerkasov(a)dev.rtsoft.ru> i2c: i2c-scmi: add a MS HID Hans de Goede <hdegoede(a)redhat.com> genirq: Use irqd_get_trigger_type to compare the trigger type for shared IRQs Thomas Gleixner <tglx(a)linutronix.de> cpufreq/sh: Replace racy task affinity logic Thomas Gleixner <tglx(a)linutronix.de> ACPI/processor: Replace racy task affinity logic Thomas Gleixner <tglx(a)linutronix.de> ACPI/processor: Fix error handling in __acpi_processor_start() Deepa Dinamani <deepa.kernel(a)gmail.com> time: Change posix clocks ops interfaces to use timespec64 Dmitry Torokhov <dmitry.torokhov(a)gmail.com> Input: ar1021_i2c - fix too long name in driver's device table Hans de Goede <hdegoede(a)redhat.com> rtc: cmos: Do not assume irq 8 for rtc when there are no legacy irqs Hans de Goede <hdegoede(a)redhat.com> x86: i8259: export legacy_pic symbol Liam Breck <kernel(a)networkimprov.net> power: supply: bq24190_charger: Limit over/under voltage fault logging Dong Aisheng <aisheng.dong(a)nxp.com> regulator: anatop: set default voltage selector for pcie Mahesh Bandewar <maheshb(a)google.com> bonding: handle link transition from FAIL to UP correctly Santeri Toivonen <santeri.toivonen(a)vatsul.com> platform/x86: asus-nb-wmi: Add wapf4 quirk for the X302UA Jacek Anaszewski <jacek.anaszewski(a)gmail.com> led: core: Clear LED_BLINK_SW flag in led_blink_set() Jacek Anaszewski <jacek.anaszewski(a)gmail.com> Revert "led: core: Fix brightness setting when setting delay_off=0" Yisheng Xie <xieyisheng1(a)huawei.com> staging: android: ashmem: Fix possible deadlock in ashmem_ioctl Pavel Shilovsky <pshilov(a)microsoft.com> CIFS: Enable encryption during session setup phase Steve French <smfrench(a)gmail.com> SMB3: Validate negotiate request must always be signed Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: rsnd: check src mod pointer for rsnd_mod_id() Jeremy Boone <jeremy.boone(a)nccgroup.trust> tpm: fix potential buffer overruns caused by bit glitches on the bus ------------- Diffstat: .../{toppoly,td028ttec1.txt => tpo,td028ttec1.txt} | 4 +- Documentation/devicetree/bindings/mfd/axp20x.txt | 3 + Makefile | 4 +- arch/alpha/kernel/console.c | 1 + arch/arm/boot/dts/aspeed-ast2500-evb.dts | 2 +- arch/arm/kernel/ftrace.c | 11 +-- arch/arm/mach-omap2/clockdomains7xx_data.c | 2 +- arch/ia64/kernel/module.c | 4 +- arch/powerpc/include/asm/cputable.h | 3 +- arch/powerpc/kvm/book3s_64_mmu_host.c | 5 +- arch/powerpc/kvm/book3s_pr.c | 6 +- arch/x86/boot/compressed/kaslr.c | 11 ++- arch/x86/kernel/i8259.c | 1 + arch/x86/kernel/smp.c | 3 + arch/x86/xen/smp.c | 49 +++++++----- block/blk-mq.c | 4 +- drivers/acpi/pmic/intel_pmic_xpower.c | 50 ++++++------ drivers/acpi/power.c | 10 +++ drivers/acpi/processor_driver.c | 10 ++- drivers/acpi/processor_throttling.c | 62 ++++++++------- drivers/acpi/sleep.c | 1 + drivers/acpi/sleep.h | 1 + drivers/block/mtip32xx/mtip32xx.c | 36 ++++++--- drivers/bluetooth/btqcomsmd.c | 3 +- drivers/bluetooth/hci_ldisc.c | 11 ++- drivers/bluetooth/hci_qca.c | 3 + drivers/char/ipmi/ipmi_watchdog.c | 8 +- drivers/char/tpm/tpm-interface.c | 5 ++ drivers/char/tpm/tpm2-cmd.c | 6 ++ drivers/clk/bcm/clk-ns2.c | 2 +- drivers/clk/clk-axi-clkgen.c | 29 +++++-- drivers/clk/clk-si5351.c | 2 +- drivers/clk/clk.c | 32 +++++--- drivers/cpufreq/sh-cpufreq.c | 45 ++++++----- drivers/dma/ti-dma-crossbar.c | 10 ++- drivers/dma/xilinx/zynqmp_dma.c | 3 +- drivers/gpio/gpio-wcove.c | 8 +- drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 7 +- drivers/gpu/drm/msm/msm_gem.c | 14 +++- drivers/gpu/drm/nouveau/nouveau_display.c | 2 +- .../drm/omapdrm/displays/panel-tpo-td028ttec1.c | 3 + drivers/gpu/drm/omapdrm/omap_dmm_tiler.c | 5 ++ drivers/gpu/drm/tilcdc/tilcdc_regs.h | 2 +- drivers/hsi/clients/ssi_protocol.c | 5 +- drivers/hwtracing/coresight/coresight-tpiu.c | 13 +++- drivers/i2c/busses/i2c-scmi.c | 4 + drivers/iio/accel/st_accel_core.c | 7 +- .../iio/common/hid-sensors/hid-sensor-attributes.c | 4 +- drivers/iio/pressure/st_pressure_core.c | 8 +- drivers/infiniband/core/cma.c | 5 +- drivers/infiniband/core/iwpm_util.c | 1 + drivers/infiniband/core/ucma.c | 8 +- drivers/infiniband/core/umem.c | 2 +- drivers/infiniband/core/uverbs_cmd.c | 13 +++- drivers/infiniband/hw/hfi1/chip.c | 86 ++++++++++++--------- drivers/infiniband/hw/hfi1/hfi.h | 7 +- drivers/infiniband/hw/hfi1/init.c | 2 +- drivers/infiniband/hw/mlx4/main.c | 6 +- drivers/infiniband/hw/mlx5/cq.c | 19 ++++- drivers/infiniband/hw/mlx5/main.c | 5 +- drivers/infiniband/hw/mlx5/qp.c | 24 ++++-- drivers/infiniband/hw/mlx5/srq.c | 15 ++-- drivers/infiniband/hw/ocrdma/ocrdma_stats.c | 2 +- drivers/infiniband/sw/rdmavt/ah.c | 2 +- drivers/infiniband/sw/rxe/rxe_resp.c | 2 - drivers/infiniband/ulp/ipoib/ipoib_ib.c | 13 ++++ drivers/infiniband/ulp/ipoib/ipoib_main.c | 16 ++++ drivers/infiniband/ulp/ipoib/ipoib_multicast.c | 11 ++- drivers/infiniband/ulp/isert/ib_isert.c | 7 ++ drivers/infiniband/ulp/isert/ib_isert.h | 1 + drivers/input/misc/twl4030-pwrbutton.c | 2 +- drivers/input/touchscreen/ar1021_i2c.c | 2 +- drivers/iommu/intel-svm.c | 9 ++- drivers/iommu/omap-iommu.c | 21 ++++- drivers/irqchip/irq-mips-gic.c | 12 +-- drivers/leds/led-core.c | 3 +- drivers/md/raid10.c | 6 ++ drivers/media/dvb-core/dvb_ca_en50221.c | 23 ++++++ drivers/media/dvb-frontends/si2168.c | 3 + drivers/media/pci/bt8xx/bt878.c | 3 +- .../media/platform/sti/c8sectpfe/c8sectpfe-core.c | 4 +- drivers/mfd/palmas.c | 14 ++++ drivers/mmc/core/core.c | 8 ++ drivers/mmc/host/omap_hsmmc.c | 4 +- drivers/mmc/host/sdhci-of-esdhc.c | 14 ++++ drivers/net/bonding/bond_main.c | 3 +- drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c | 1 + drivers/net/ethernet/freescale/ucc_geth.c | 8 +- drivers/net/ethernet/hisilicon/hns/hns_dsaf_gmac.c | 2 +- drivers/net/ethernet/hisilicon/hns/hns_dsaf_ppe.c | 2 +- drivers/net/ethernet/hisilicon/hns/hns_dsaf_rcb.c | 2 +- .../net/ethernet/hisilicon/hns/hns_dsaf_xgmac.c | 2 +- drivers/net/ethernet/ibm/ibmvnic.c | 18 +++++ drivers/net/ethernet/intel/e1000e/netdev.c | 6 ++ drivers/net/ethernet/intel/ixgbevf/ethtool.c | 2 +- drivers/net/ethernet/qlogic/qed/qed_vf.c | 2 +- .../ethernet/qlogic/qlcnic/qlcnic_sriov_common.c | 2 + drivers/net/hyperv/netvsc.c | 16 ++++ drivers/net/usb/qmi_wwan.c | 4 +- drivers/net/vxlan.c | 10 ++- drivers/net/wan/pc300too.c | 1 + drivers/net/wireless/ath/ath10k/debug.c | 16 ++-- drivers/net/wireless/ath/ath10k/mac.c | 2 +- drivers/net/wireless/ath/regd.c | 19 +++-- drivers/net/wireless/intel/iwlwifi/iwl-a000.c | 6 +- .../net/wireless/intel/iwlwifi/iwl-notif-wait.c | 10 +-- .../net/wireless/intel/iwlwifi/iwl-notif-wait.h | 25 ++++-- drivers/net/wireless/marvell/libertas/if_spi.c | 5 ++ drivers/net/wireless/marvell/mwifiex/main.c | 4 +- drivers/net/wireless/mediatek/mt7601u/mcu.c | 10 ++- drivers/net/wireless/realtek/rtlwifi/pci.c | 7 ++ drivers/net/wireless/rndis_wlan.c | 4 + drivers/pinctrl/core.c | 24 ++++-- drivers/pinctrl/pinctrl-rockchip.c | 8 ++ drivers/platform/chrome/cros_ec_proto.c | 8 +- drivers/platform/chrome/cros_ec_sysfs.c | 2 +- drivers/platform/x86/asus-nb-wmi.c | 22 ++++++ drivers/platform/x86/asus-wmi.c | 12 +++ drivers/platform/x86/asus-wmi.h | 1 + drivers/platform/x86/intel-vbtn.c | 4 + drivers/power/supply/bq24190_charger.c | 10 ++- drivers/power/supply/isp1704_charger.c | 4 + drivers/power/supply/pda_power.c | 49 ++++++------ drivers/ptp/ptp_clock.c | 18 ++--- drivers/regulator/anatop-regulator.c | 5 ++ drivers/rtc/rtc-ac100.c | 19 +++-- drivers/rtc/rtc-cmos.c | 17 ++++- drivers/rtc/rtc-ds1374.c | 10 ++- drivers/scsi/lpfc/lpfc_init.c | 6 +- drivers/scsi/lpfc/lpfc_sli.c | 3 + drivers/scsi/mac_esp.c | 33 +++++--- drivers/scsi/virtio_scsi.c | 24 ++++++ drivers/soc/fsl/qe/qe.c | 13 ++++ drivers/spi/spi-dw-mmio.c | 2 +- drivers/staging/android/ashmem.c | 8 +- drivers/staging/unisys/visorhba/visorhba_main.c | 8 +- drivers/staging/wilc1000/linux_mon.c | 2 + drivers/target/target_core_file.c | 23 ++++-- drivers/tty/serial/8250/8250_dw.c | 3 +- drivers/tty/tty_io.c | 2 + drivers/usb/gadget/function/f_hid.c | 89 ++++++++++++++++------ drivers/video/console/vgacon.c | 34 +++++++-- .../omap2/omapfb/displays/panel-tpo-td028ttec1.c | 3 + drivers/video/fbdev/sm501fb.c | 1 + drivers/video/fbdev/udlfb.c | 14 +++- drivers/watchdog/watchdog_dev.c | 6 +- fs/btrfs/file.c | 4 +- fs/btrfs/inode.c | 6 +- fs/btrfs/send.c | 23 +++++- fs/btrfs/volumes.c | 12 ++- fs/cifs/netmisc.c | 6 +- fs/cifs/sess.c | 22 +++--- fs/cifs/smb2pdu.c | 15 ++-- fs/jbd2/journal.c | 15 +++- fs/nfs/pagelist.c | 6 +- fs/nfs/pnfs.c | 18 +++-- fs/nfsd/nfs4proc.c | 6 +- fs/nfsd/vfs.c | 24 +++++- fs/orangefs/waitqueue.c | 9 ++- include/acpi/actbl2.h | 9 +++ include/linux/mlx5/driver.h | 4 +- include/linux/posix-clock.h | 10 +-- include/soc/fsl/qe/qe.h | 1 + kernel/irq/manage.c | 4 +- kernel/time/posix-clock.c | 34 ++++++--- mm/memory-failure.c | 8 ++ mm/vmscan.c | 6 +- mm/vmstat.c | 20 +++-- net/ipv4/tcp_input.c | 16 ++-- net/ipv6/ip6_vti.c | 20 +++++ net/ipv6/ndisc.c | 2 + net/mac80211/cfg.c | 30 ++++---- net/mac80211/ibss.c | 6 +- net/mac80211/ieee80211_i.h | 36 +++++---- net/mac80211/mesh.c | 29 ++++--- net/mac80211/mesh_plink.c | 37 ++++++--- net/mac80211/mlme.c | 14 +++- net/mac80211/rate.c | 4 +- net/mac80211/sta_info.c | 13 +++- net/mac80211/status.c | 1 + net/mac80211/tdls.c | 29 ++++--- net/mac80211/tx.c | 5 +- net/mac80211/util.c | 6 +- net/netfilter/ipvs/ip_vs_ctl.c | 22 ++++-- net/netfilter/nf_conntrack_helper.c | 26 +++++-- net/netfilter/nft_dynset.c | 5 +- net/netfilter/x_tables.c | 4 +- net/netfilter/xt_CT.c | 11 ++- net/openvswitch/conntrack.c | 30 +++++++- net/sunrpc/xprtrdma/verbs.c | 1 + net/tipc/node.c | 2 + sound/pci/hda/patch_realtek.c | 12 ++- sound/soc/intel/atom/sst/sst_acpi.c | 16 +++- sound/soc/intel/skylake/skl.c | 2 +- sound/soc/sh/rcar/cmd.c | 3 + tools/perf/tests/kmod-path.c | 2 + tools/testing/nvdimm/test/nfit.c | 10 ++- 197 files changed, 1624 insertions(+), 607 deletions(-)

7 years, 8 months

4
179
0 0

[PATCH 4.14 00/77] 4.14.30-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.14.30 release. There are 77 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun Mar 25 09:41:18 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.30-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.14.30-rc1 Adit Ranadive <aditr(a)vmware.com> RDMA/vmw_pvrdma: Fix usage of user response structures in ABI file Nick Desaulniers <ndesaulniers(a)google.com> kbuild: fix linker feature test macros when cross compiling with Clang Leon Romanovsky <leonro(a)mellanox.com> RDMA/ucma: Don't allow join attempts for unsupported AF family Leon Romanovsky <leonro(a)mellanox.com> RDMA/ucma: Fix access to non-initialized CM_ID object Jerome Brunet <jbrunet(a)baylibre.com> clk: migrate the count of orphaned clocks at init Tatyana Nikolova <tatyana.e.nikolova(a)intel.com> RDMA/core: Do not use invalid destination in determining port reuse Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> serial: 8250_pci: Don't fail on multiport card class Boris Pismenny <borisp(a)mellanox.com> IB/mlx5: Fix out-of-bounds read in create_raw_packet_qp_rq Boris Pismenny <borisp(a)mellanox.com> IB/mlx5: Fix integer overflows in mlx5_ib_create_srq Sreekanth Reddy <sreekanth.reddy(a)broadcom.com> scsi: mpt3sas: wait for and flush running commands on shutdown/unload Mauricio Faria de Oliveira <mauricfo(a)linux.vnet.ibm.com> scsi: mpt3sas: fix oops in error handlers after shutdown/unload Vignesh R <vigneshr(a)ti.com> dmaengine: ti-dma-crossbar: Fix event mapping for TPCC_EVT_MUX_60_63 Lars Persson <lars.persson(a)axis.com> crypto: artpec6 - set correct iv size for gcm(aes) Sergej Sawazki <sergej(a)taudac.com> clk: si5351: Rename internal plls to avoid name collisions Lars-Peter Clausen <lars(a)metafoo.de> clk: axi-clkgen: Correctly handle nocount bit in recalc_rate() Stephen Boyd <sboyd(a)codeaurora.org> clk: Don't touch hardware when reparenting during registration Romain Izard <romain.izard.pro(a)gmail.com> clk: at91: pmc: Wait for clocks when resuming Benjamin Coddington <bcodding(a)redhat.com> nfsd4: permit layoutget of executable-only files Joel Stanley <joel(a)jms.id.au> ARM: dts: aspeed-evb: Add unit name to memory node Anton Vasilyev <vasilyev(a)ispras.ru> RDMA/ocrdma: Fix permissions for OCRDMA_RESET_STATS James Smart <jsmart2021(a)gmail.com> scsi: lpfc: Fix issues connecting with nvme initiator James Smart <jsmart2021(a)gmail.com> scsi: lpfc: Fix SCSI LUN discovery when SCSI and NVME enabled Johan Hovold <johan(a)kernel.org> soc: qcom: smsm: fix child-node lookup Haishuang Yan <yanhaishuang(a)cmss.chinamobile.com> ip_gre: fix potential memory leak in erspan_rcv Haishuang Yan <yanhaishuang(a)cmss.chinamobile.com> ip_gre: fix error path when erspan_rcv failed Alexey Kodanev <alexey.kodanev(a)oracle.com> ip6_vti: adjust vti mtu according to mtu of lower device Jerry Snitselaar <jsnitsel(a)redhat.com> iommu/vt-d: clean up pr_irq if request_threaded_irq fails Brian Norris <briannorris(a)chromium.org> pinctrl: rockchip: enable clock when reading pin direction register Florian Fainelli <f.fainelli(a)gmail.com> pinctrl: Really force states during suspend/resume Mauro Carvalho Chehab <mchehab(a)kernel.org> media: davinci: fix a debug printk Geert Uytterhoeven <geert+renesas(a)glider.be> PCI: rcar: Handle rcar_pcie_parse_request_of_pci_ranges() failures Niklas Cassel <niklas.cassel(a)axis.com> PCI: endpoint: Fix find_first_zero_bit() usage Kishon Vijay Abraham I <kishon(a)ti.com> PCI: designware-ep: Fix ->get_msi() to check MSI_EN bit Robert Walker <robert.walker(a)arm.com> coresight: Fix disabling of CoreSight TPIU Sahara <keun-o.park(a)darkmatter.ae> pty: cancel pty slave port buf's work in tty_release Peter Ujfalusi <peter.ujfalusi(a)ti.com> drm/omap: DMM: Check for DMM readiness after successful transaction commit Zhoujie Wu <zjwu(a)marvell.com> mmc: sdhci-xenon: wait 5ms after set 1.8V signal enable H. Nikolaus Schaller <hns(a)goldelico.com> omapdrm: panel: fix compatible vendor string for td028ttec1 Bjorn Helgaas <bhelgaas(a)google.com> vgacon: Set VGA struct resource types Bharat Potnuri <bharat(a)chelsio.com> iser-target: avoid reinitializing rdma contexts for isert commands Artemy Kovalyov <artemyko(a)mellanox.com> IB/umem: Fix use of npages/nmap fields Parav Pandit <parav(a)mellanox.com> RDMA/cma: Use correct size when writing netlink stats Erez Shitrit <erezsh(a)mellanox.com> IB/ipoib: Avoid memory leak if the SA returns a different DGID Alexandre Belloni <alexandre.belloni(a)free-electrons.com> rtc: ac100: Fix multiple race conditions Shuah Khan <shuah(a)kernel.org> media: s5p-mfc: Fix lock contention - request_firmware() once Russell King <rmk+kernel(a)armlinux.org.uk> sfp: fix non-detection of PHY Russell King <rmk+kernel(a)armlinux.org.uk> sfp: fix EEPROM reading in the case of non-SFF8472 SFPs Jerome Brunet <jbrunet(a)baylibre.com> net: phy: meson-gxl: check phy_write return value Kees Cook <keescook(a)chromium.org> /dev/mem: Add bounce buffer for copy-out Liu, Changcheng <changcheng.liu(a)intel.com> mmc: block: fix logical error to avoid memory leak Daniel Drake <drake(a)endlessm.com> mmc: avoid removing non-removable hosts during suspend Logan Gunthorpe <logang(a)deltatee.com> drm/tilcdc: ensure nonatomic iowrite64 is not used Kedareswara rao Appana <appana.durga.rao(a)xilinx.com> dmaengine: zynqmp_dma: Fix race condition in the probe Shawn Nematbakhsh <shawnn(a)chromium.org> platform/chrome: Use proper protocol transfer function Guenter Roeck <linux(a)roeck-us.net> watchdog: Fix kref imbalance seen if handle_boot_enabled=0 Guenter Roeck <linux(a)roeck-us.net> watchdog: Fix potential kref imbalance when opening watchdog Arnd Bergmann <arnd(a)arndb.de> cros_ec: fix nul-termination for firmware build info Stefan Potyra <Stefan.Potyra(a)elektrobit.com> serial: 8250_dw: Disable clock on error Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> tty: goldfish: Enable 'earlycon' only if built-in Bjørn Mork <bjorn(a)mork.no> qmi_wwan: set FLAG_SEND_ZLP to avoid network initiated disconnect Ron Economos <w6rz(a)comcast.net> media: [RESEND] media: dvb-frontends: Add delay to Si2168 restart Balaji Pothunoori <bpothuno(a)qti.qualcomm.com> ath10k: handling qos at STA side based on AP WMM enable/disable Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> media: bt8xx: Fix err 'bt878_probe()' Nicolas Iooss <nicolas.iooss_linux(a)m4x.org> rtlwifi: always initialize variables given to RT_TRACE() Tsang-Shian Lin <thlin(a)realtek.com> rtlwifi: rtl_pci: Fix the bug when inactiveps is enabled. Geert Uytterhoeven <geert+renesas(a)glider.be> spi: sh-msiof: Avoid writing to registers from spi_master.setup() Haiyang Zhang <haiyangz(a)microsoft.com> hv_netvsc: Fix the TX/RX buffer default sizes Haiyang Zhang <haiyangz(a)microsoft.com> hv_netvsc: Fix the receive buffer size limit Geert Uytterhoeven <geert(a)linux-m68k.org> RDMA/iwpm: Fix uninitialized error code in iwpm_send_mapinfo() Richard Leitner <richard.leitner(a)skidata.com> net: fec: add phy_reset_after_clk_enable() support Prakash Kamliya <pkamliya(a)codeaurora.org> drm/msm: fix leak in failed get_pages Gustavo A. R. Silva <garsilva(a)embeddedor.com> media: c8sectpfe: fix potential NULL pointer dereference in c8sectpfe_timer_interrupt Viresh Kumar <viresh.kumar(a)linaro.org> cpufreq: longhaul: Revert transition_delay_us to 200 ms Loic Poulain <loic.poulain(a)linaro.org> Bluetooth: btqcomsmd: Fix skb double free corruption Loic Poulain <loic.poulain(a)linaro.org> Bluetooth: hci_qca: Avoid setup failure on missing rampatch Yisheng Xie <xieyisheng1(a)huawei.com> staging: android: ashmem: Fix possible deadlock in ashmem_ioctl Shivasharan S <shivasharan.srikanteshwara(a)broadcom.com> scsi: megaraid_sas: Do not use 32-bit atomic request descriptor for Ventura controllers ------------- Diffstat: .../{toppoly,td028ttec1.txt => tpo,td028ttec1.txt} | 4 +- Makefile | 4 +- arch/alpha/kernel/console.c | 1 + arch/arm/boot/dts/aspeed-ast2500-evb.dts | 2 +- drivers/bluetooth/btqcomsmd.c | 3 +- drivers/bluetooth/hci_qca.c | 3 ++ drivers/char/mem.c | 27 +++++++++--- drivers/clk/at91/pmc.c | 24 +++++++---- drivers/clk/clk-axi-clkgen.c | 29 ++++++++++--- drivers/clk/clk-si5351.c | 2 +- drivers/clk/clk.c | 32 ++++++++------ drivers/cpufreq/longhaul.c | 2 +- drivers/crypto/axis/artpec6_crypto.c | 5 ++- drivers/dma/ti-dma-crossbar.c | 10 ++++- drivers/dma/xilinx/zynqmp_dma.c | 3 +- drivers/gpu/drm/msm/msm_gem.c | 14 ++++-- .../drm/omapdrm/displays/panel-tpo-td028ttec1.c | 3 ++ drivers/gpu/drm/omapdrm/omap_dmm_tiler.c | 5 +++ drivers/gpu/drm/tilcdc/tilcdc_regs.h | 2 +- drivers/hwtracing/coresight/coresight-tpiu.c | 13 ++++-- drivers/infiniband/core/cma.c | 17 +++++--- drivers/infiniband/core/iwpm_util.c | 1 + drivers/infiniband/core/ucma.c | 8 +++- drivers/infiniband/core/umem.c | 2 +- drivers/infiniband/hw/mlx5/qp.c | 24 ++++++++--- drivers/infiniband/hw/mlx5/srq.c | 15 ++++--- drivers/infiniband/hw/ocrdma/ocrdma_stats.c | 2 +- drivers/infiniband/hw/vmw_pvrdma/pvrdma_cq.c | 4 +- drivers/infiniband/hw/vmw_pvrdma/pvrdma_verbs.c | 4 +- drivers/infiniband/ulp/ipoib/ipoib_main.c | 16 +++++++ drivers/infiniband/ulp/isert/ib_isert.c | 7 +++ drivers/infiniband/ulp/isert/ib_isert.h | 1 + drivers/iommu/intel-svm.c | 9 ++-- drivers/media/dvb-frontends/si2168.c | 3 ++ drivers/media/pci/bt8xx/bt878.c | 3 +- drivers/media/platform/davinci/vpif_capture.c | 4 +- drivers/media/platform/s5p-mfc/s5p_mfc.c | 6 +++ drivers/media/platform/s5p-mfc/s5p_mfc_common.h | 3 ++ drivers/media/platform/s5p-mfc/s5p_mfc_ctrl.c | 5 +++ .../media/platform/sti/c8sectpfe/c8sectpfe-core.c | 4 +- drivers/mmc/core/block.c | 1 + drivers/mmc/core/core.c | 8 ++++ drivers/mmc/host/sdhci-xenon.c | 7 +++ drivers/net/ethernet/freescale/fec_main.c | 20 +++++++++ drivers/net/hyperv/hyperv_net.h | 19 ++++++-- drivers/net/hyperv/netvsc.c | 5 +++ drivers/net/hyperv/netvsc_drv.c | 4 -- drivers/net/phy/meson-gxl.c | 50 ++++++++++++++++------ drivers/net/phy/sfp.c | 15 +++---- drivers/net/usb/qmi_wwan.c | 4 +- drivers/net/wireless/ath/ath10k/mac.c | 2 +- drivers/net/wireless/realtek/rtlwifi/base.c | 2 +- drivers/net/wireless/realtek/rtlwifi/pci.c | 7 +++ drivers/pci/dwc/pcie-designware-ep.c | 12 ++---- drivers/pci/dwc/pcie-designware.h | 1 + drivers/pci/endpoint/pci-ep-cfs.c | 5 ++- drivers/pci/host/pcie-rcar.c | 5 ++- drivers/pinctrl/core.c | 24 ++++++++--- drivers/pinctrl/pinctrl-rockchip.c | 8 ++++ drivers/platform/chrome/cros_ec_proto.c | 8 ++-- drivers/platform/chrome/cros_ec_sysfs.c | 2 +- drivers/rtc/rtc-ac100.c | 19 +++++--- drivers/scsi/lpfc/lpfc_ct.c | 1 + drivers/scsi/lpfc/lpfc_els.c | 30 ++++++++----- drivers/scsi/lpfc/lpfc_nportdisc.c | 34 +++++++-------- drivers/scsi/megaraid/megaraid_sas_fusion.c | 42 ++++++------------ drivers/scsi/mpt3sas/mpt3sas_base.c | 8 ++-- drivers/scsi/mpt3sas/mpt3sas_base.h | 3 ++ drivers/scsi/mpt3sas/mpt3sas_scsih.c | 21 ++++++--- drivers/soc/qcom/smsm.c | 6 ++- drivers/spi/spi-sh-msiof.c | 35 ++++++++++----- drivers/staging/android/ashmem.c | 8 ++-- drivers/tty/Kconfig | 6 ++- drivers/tty/goldfish.c | 2 + drivers/tty/serial/8250/8250_dw.c | 3 +- drivers/tty/serial/8250/8250_pci.c | 10 +++-- drivers/tty/tty_io.c | 2 + drivers/video/console/vgacon.c | 34 +++++++++++---- .../omap2/omapfb/displays/panel-tpo-td028ttec1.c | 3 ++ drivers/watchdog/watchdog_dev.c | 17 ++++---- fs/nfsd/nfs4proc.c | 6 +-- include/linux/mlx5/driver.h | 4 +- net/ipv4/ip_gre.c | 6 ++- net/ipv6/ip6_vti.c | 20 +++++++++ scripts/Kbuild.include | 5 ++- security/Kconfig | 1 + 86 files changed, 606 insertions(+), 255 deletions(-)

7 years, 8 months

4
78
0 0

[Linux-stable-mirror] [PATCH] ath9k: Protect queue draining by rcu_read_lock()

by Toke Høiland-Jørgensen

When ath9k was switched over to use the mac80211 intermediate queues, node cleanup now drains the mac80211 queues. However, this call path is not protected by rcu_read_lock() as it was previously entirely internal to the driver which uses its own locking. This leads to a possible rcu_dereference() without holding rcu_read_lock(); but only if a station is cleaned up while having packets queued on the TXQ. Fix this by adding the rcu_read_lock() to the caller in ath9k. Fixes: 50f08edf9809 ("ath9k: Switch to using mac80211 intermediate software queues.") Cc: stable(a)vger.kernel.org Reported-by: Ben Greear <greearb(a)candelatech.com> Signed-off-by: Toke Høiland-Jørgensen <toke(a)toke.dk> --- drivers/net/wireless/ath/ath9k/xmit.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/net/wireless/ath/ath9k/xmit.c b/drivers/net/wireless/ath/ath9k/xmit.c index 396bf05c6bf6..d8b041f48ca8 100644 --- a/drivers/net/wireless/ath/ath9k/xmit.c +++ b/drivers/net/wireless/ath/ath9k/xmit.c @@ -2892,6 +2892,8 @@ void ath_tx_node_cleanup(struct ath_softc *sc, struct ath_node *an) struct ath_txq *txq; int tidno; + rcu_read_lock(); + for (tidno = 0; tidno < IEEE80211_NUM_TIDS; tidno++) { tid = ath_node_to_tid(an, tidno); txq = tid->txq; @@ -2909,6 +2911,8 @@ void ath_tx_node_cleanup(struct ath_softc *sc, struct ath_node *an) if (!an->sta) break; /* just one multicast ath_atx_tid */ } + + rcu_read_unlock(); } #ifdef CONFIG_ATH9K_TX99 -- 2.16.0

7 years, 8 months

3
3
0 0

[PATCH 3.18 00/47] 3.18.102-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 3.18.102 release. There are 47 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun Mar 25 09:42:36 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v3.x/stable-review/patch-3.18.102-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-3.18.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 3.18.102-rc1 Leon Romanovsky <leonro(a)mellanox.com> RDMA/ucma: Fix access to non-initialized CM_ID object Sergej Sawazki <sergej(a)taudac.com> clk: si5351: Rename internal plls to avoid name collisions Florian Fainelli <f.fainelli(a)gmail.com> pinctrl: Really force states during suspend/resume Peter Ujfalusi <peter.ujfalusi(a)ti.com> drm/omap: DMM: Check for DMM readiness after successful transaction commit Bjorn Helgaas <bhelgaas(a)google.com> vgacon: Set VGA struct resource types Parav Pandit <parav(a)mellanox.com> RDMA/cma: Use correct size when writing netlink stats Erez Shitrit <erezsh(a)mellanox.com> IB/ipoib: Avoid memory leak if the SA returns a different DGID Daniel Drake <drake(a)endlessm.com> mmc: avoid removing non-removable hosts during suspend Ron Economos <w6rz(a)comcast.net> media: [RESEND] media: dvb-frontends: Add delay to Si2168 restart Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> media: bt8xx: Fix err 'bt878_probe()' Prakash Kamliya <pkamliya(a)codeaurora.org> drm/msm: fix leak in failed get_pages Dan Carpenter <dan.carpenter(a)oracle.com> cifs: small underflow in cnvrtDosUnixTm() Alexey Khoroshilov <khoroshilov(a)ispras.ru> sm501fb: don't return zero on failure path in sm501fb_start() Maksim Salau <maksim.salau(a)gmail.com> video: fbdev: udlfb: Fix buffer on stack Sergei Trofimovich <slyfox(a)gentoo.org> ia64: fix module loading for gcc-5.4 Shaohua Li <shli(a)fb.com> md/raid10: skip spare disk as 'first' disk Michael Trimarchi <michael(a)amarulasolutions.com> power: supply: pda_power: move from timer to delayed_work Scott Wood <swood(a)redhat.com> bnx2x: Align RX buffers Robert Lippert <roblip(a)gmail.com> ipmi/watchdog: fix wdog hang on panic waiting for ipmi response Kishon Vijay Abraham I <kishon(a)ti.com> ARM: DRA7: clockdomain: Change the CLKTRCTRL of CM_PCIE_CLKSTCTRL to SW_WKUP Keerthy <j-keerthy(a)ti.com> mfd: palmas: Reset the POWERHOLD mux during power off Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> mac80211: don't parse encrypted management frames in ieee80211_frame_acked Filipe Manana <fdmanana(a)suse.com> Btrfs: send, fix file hole not being preserved due to inline extent Pan Bian <bianpan2016(a)163.com> rndis_wlan: add return value validation Finn Thain <fthain(a)telegraphics.com.au> scsi: mac_esp: Replace bogus memory barrier with spinlock Pan Bian <bianpan2016(a)163.com> qlcnic: fix unchecked return value Pan Bian <bianpan2016(a)163.com> wan: pc300too: abort path on failure Dan Carpenter <dan.carpenter(a)oracle.com> mmc: host: omap_hsmmc: checking for NULL instead of IS_ERR() James Smart <jsmart2021(a)gmail.com> Fix driver usage of 128B WQEs when WQ_CREATE is V1. Dan Carpenter <dan.carpenter(a)oracle.com> HSI: ssi_protocol: double free in ssip_pn_xmit() Feras Daoud <ferasda(a)mellanox.com> IB/ipoib: Update broadcast object if PKey value was changed in index 0 Mikhail Paulyshka <me(a)mixaill.tk> ALSA: hda - Fix headset microphone detection for ASUS N551 and N751 Bernd Faust <berndfaust(a)gmail.com> e1000e: fix timing for 82579 Gigabit Ethernet controller Eric Dumazet <edumazet(a)google.com> tcp: remove poll() flakes with FastOpen Alexey Kardashevskiy <aik(a)ozlabs.ru> KVM: PPC: Book3S PR: Exit KVM on failed mapping David Gibson <david(a)gibson.dropbear.id.au> scsi: virtio_scsi: Always try to read VPD pages Mohammed Shafi Shajakhan <mohammed(a)qti.qualcomm.com> ath: Fix updating radar flags for coutry code India Marek Vasut <marex(a)denx.de> spi: dw: Disable clock after unregistering the host Jasmin J <jasmin(a)anw.at> media/dvb-core: Race condition when writing to CAM David Ahern <dsa(a)cumulusnetworks.com> net: ipv6: send unsolicited NA on admin up Edgar Cherkasov <echerkasov(a)dev.rtsoft.ru> i2c: i2c-scmi: add a MS HID Hans de Goede <hdegoede(a)redhat.com> genirq: Use irqd_get_trigger_type to compare the trigger type for shared IRQs Thomas Gleixner <tglx(a)linutronix.de> cpufreq/sh: Replace racy task affinity logic Thomas Gleixner <tglx(a)linutronix.de> ACPI/processor: Replace racy task affinity logic Dmitry Torokhov <dmitry.torokhov(a)gmail.com> Input: ar1021_i2c - fix too long name in driver's device table Hans de Goede <hdegoede(a)redhat.com> x86: i8259: export legacy_pic symbol Santeri Toivonen <santeri.toivonen(a)vatsul.com> platform/x86: asus-nb-wmi: Add wapf4 quirk for the X302UA ------------- Diffstat: Makefile | 4 +- arch/alpha/kernel/console.c | 1 + arch/arm/mach-omap2/clockdomains7xx_data.c | 2 +- arch/ia64/kernel/module.c | 4 +- arch/powerpc/kvm/book3s_64_mmu_host.c | 5 +- arch/powerpc/kvm/book3s_pr.c | 6 ++- arch/x86/kernel/i8259.c | 1 + drivers/acpi/processor_driver.c | 7 ++- drivers/acpi/processor_throttling.c | 62 +++++++++++++--------- drivers/char/ipmi/ipmi_watchdog.c | 8 +-- drivers/clk/clk-si5351.c | 2 +- drivers/cpufreq/sh-cpufreq.c | 45 +++++++++------- drivers/gpu/drm/msm/msm_gem.c | 14 +++-- drivers/gpu/drm/omapdrm/omap_dmm_tiler.c | 5 ++ drivers/hsi/clients/ssi_protocol.c | 5 +- drivers/i2c/busses/i2c-scmi.c | 4 ++ drivers/infiniband/core/cma.c | 5 +- drivers/infiniband/ulp/ipoib/ipoib_ib.c | 13 +++++ drivers/infiniband/ulp/ipoib/ipoib_main.c | 16 ++++++ drivers/input/touchscreen/ar1021_i2c.c | 2 +- drivers/md/raid10.c | 1 + drivers/media/dvb-core/dvb_ca_en50221.c | 23 ++++++++ drivers/media/dvb-frontends/si2168.c | 3 ++ drivers/media/pci/bt8xx/bt878.c | 3 +- drivers/mfd/palmas.c | 14 +++++ drivers/mmc/core/core.c | 8 +++ drivers/mmc/host/omap_hsmmc.c | 4 +- drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c | 1 + drivers/net/ethernet/intel/e1000e/netdev.c | 6 +++ .../ethernet/qlogic/qlcnic/qlcnic_sriov_common.c | 2 + drivers/net/wan/pc300too.c | 1 + drivers/net/wireless/ath/regd.c | 19 ++++--- drivers/net/wireless/rndis_wlan.c | 4 ++ drivers/pinctrl/core.c | 24 ++++++--- drivers/platform/x86/asus-nb-wmi.c | 9 ++++ drivers/power/pda_power.c | 49 +++++++++-------- drivers/scsi/lpfc/lpfc_sli.c | 3 ++ drivers/scsi/mac_esp.c | 33 ++++++++---- drivers/scsi/virtio_scsi.c | 24 +++++++++ drivers/spi/spi-dw-mmio.c | 2 +- drivers/video/console/vgacon.c | 34 +++++++++--- drivers/video/fbdev/sm501fb.c | 1 + drivers/video/fbdev/udlfb.c | 14 ++++- fs/btrfs/send.c | 23 +++++++- fs/cifs/netmisc.c | 6 +-- kernel/irq/manage.c | 4 +- net/ipv4/tcp_input.c | 16 +++--- net/ipv6/ndisc.c | 2 + net/mac80211/status.c | 1 + sound/pci/hda/patch_realtek.c | 12 ++++- 50 files changed, 416 insertions(+), 141 deletions(-)

7 years, 8 months

4
51
0 0

[PATCH 4.15 00/84] 4.15.13-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.15.13 release. There are 84 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun Mar 25 09:53:34 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.15.13-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.15.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.15.13-rc1 Leon Romanovsky <leonro(a)mellanox.com> RDMA/ucma: Don't allow join attempts for unsupported AF family Leon Romanovsky <leonro(a)mellanox.com> RDMA/ucma: Fix access to non-initialized CM_ID object Jerome Brunet <jbrunet(a)baylibre.com> clk: migrate the count of orphaned clocks at init Tatyana Nikolova <tatyana.e.nikolova(a)intel.com> RDMA/core: Do not use invalid destination in determining port reuse Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> serial: 8250_pci: Don't fail on multiport card class Adit Ranadive <aditr(a)vmware.com> RDMA/vmw_pvrdma: Fix usage of user response structures in ABI file Boris Pismenny <borisp(a)mellanox.com> IB/mlx5: Fix out-of-bounds read in create_raw_packet_qp_rq Boris Pismenny <borisp(a)mellanox.com> IB/mlx5: Fix integer overflows in mlx5_ib_create_srq Vignesh R <vigneshr(a)ti.com> dmaengine: ti-dma-crossbar: Fix event mapping for TPCC_EVT_MUX_60_63 Gary R Hook <gary.hook(a)amd.com> hwrng: core - Clean up RNG list when last hwrng is unregistered Lars Persson <lars.persson(a)axis.com> crypto: artpec6 - set correct iv size for gcm(aes) Sergej Sawazki <sergej(a)taudac.com> clk: si5351: Rename internal plls to avoid name collisions Lars-Peter Clausen <lars(a)metafoo.de> clk: axi-clkgen: Correctly handle nocount bit in recalc_rate() Stephen Boyd <sboyd(a)codeaurora.org> clk: Don't touch hardware when reparenting during registration Romain Izard <romain.izard.pro(a)gmail.com> clk: at91: pmc: Wait for clocks when resuming Benjamin Coddington <bcodding(a)redhat.com> nfsd4: permit layoutget of executable-only files Joel Stanley <joel(a)jms.id.au> ARM: dts: aspeed-evb: Add unit name to memory node Anton Vasilyev <vasilyev(a)ispras.ru> RDMA/ocrdma: Fix permissions for OCRDMA_RESET_STATS James Smart <jsmart2021(a)gmail.com> scsi: lpfc: Fix issues connecting with nvme initiator James Smart <jsmart2021(a)gmail.com> scsi: lpfc: Fix SCSI LUN discovery when SCSI and NVME enabled Johan Hovold <johan(a)kernel.org> soc: qcom: smsm: fix child-node lookup Haishuang Yan <yanhaishuang(a)cmss.chinamobile.com> ip_gre: fix potential memory leak in erspan_rcv Haishuang Yan <yanhaishuang(a)cmss.chinamobile.com> ip_gre: fix error path when erspan_rcv failed Alexey Kodanev <alexey.kodanev(a)oracle.com> ip6_vti: adjust vti mtu according to mtu of lower device Jerry Snitselaar <jsnitsel(a)redhat.com> iommu/vt-d: clean up pr_irq if request_threaded_irq fails Brian Norris <briannorris(a)chromium.org> pinctrl: rockchip: enable clock when reading pin direction register Florian Fainelli <f.fainelli(a)gmail.com> pinctrl: Really force states during suspend/resume Jerome Brunet <jbrunet(a)baylibre.com> clk: use round rate to bail out early in set_rate Jonathan Neuschäfer <j.neuschaefer(a)gmx.net> dt-bindings: display: panel: Fix compatible string for Toshiba LT089AC29000 Jerome Brunet <jbrunet(a)baylibre.com> clk: check ops pointer on clock register Mauro Carvalho Chehab <mchehab(a)kernel.org> media: davinci: fix a debug printk Geert Uytterhoeven <geert+renesas(a)glider.be> PCI: rcar: Handle rcar_pcie_parse_request_of_pci_ranges() failures Niklas Cassel <niklas.cassel(a)axis.com> PCI: endpoint: Fix find_first_zero_bit() usage Kishon Vijay Abraham I <kishon(a)ti.com> PCI: designware-ep: Fix ->get_msi() to check MSI_EN bit Robert Walker <robert.walker(a)arm.com> coresight: Fix disabling of CoreSight TPIU Sahara <keun-o.park(a)darkmatter.ae> pty: cancel pty slave port buf's work in tty_release Peter Ujfalusi <peter.ujfalusi(a)ti.com> drm/omap: DMM: Check for DMM readiness after successful transaction commit Zhoujie Wu <zjwu(a)marvell.com> mmc: sdhci-xenon: wait 5ms after set 1.8V signal enable H. Nikolaus Schaller <hns(a)goldelico.com> omapdrm: panel: fix compatible vendor string for td028ttec1 Bjorn Helgaas <bhelgaas(a)google.com> vgacon: Set VGA struct resource types Bjorn Helgaas <bhelgaas(a)google.com> PCI/ASPM: Calculate LTR_L1.2_THRESHOLD from device characteristics Yonghong Song <yhs(a)fb.com> bpf/cgroup: fix a verification error for a CGROUP_DEVICE type prog Bharat Potnuri <bharat(a)chelsio.com> iser-target: avoid reinitializing rdma contexts for isert commands Artemy Kovalyov <artemyko(a)mellanox.com> IB/umem: Fix use of npages/nmap fields Parav Pandit <parav(a)mellanox.com> RDMA/cma: Use correct size when writing netlink stats Erez Shitrit <erezsh(a)mellanox.com> IB/ipoib: Avoid memory leak if the SA returns a different DGID Alexandre Belloni <alexandre.belloni(a)free-electrons.com> rtc: ac100: Fix multiple race conditions Shuah Khan <shuah(a)kernel.org> media: s5p-mfc: Fix lock contention - request_firmware() once Russell King <rmk+kernel(a)armlinux.org.uk> sfp: fix non-detection of PHY Russell King <rmk+kernel(a)armlinux.org.uk> sfp: fix EEPROM reading in the case of non-SFF8472 SFPs Jerome Brunet <jbrunet(a)baylibre.com> net: phy: meson-gxl: check phy_write return value Kees Cook <keescook(a)chromium.org> /dev/mem: Add bounce buffer for copy-out Liu, Changcheng <changcheng.liu(a)intel.com> mmc: block: fix logical error to avoid memory leak Daniel Drake <drake(a)endlessm.com> mmc: avoid removing non-removable hosts during suspend Logan Gunthorpe <logang(a)deltatee.com> drm/tilcdc: ensure nonatomic iowrite64 is not used Kedareswara rao Appana <appana.durga.rao(a)xilinx.com> dmaengine: zynqmp_dma: Fix race condition in the probe Shawn Nematbakhsh <shawnn(a)chromium.org> platform/chrome: Use proper protocol transfer function Guenter Roeck <linux(a)roeck-us.net> watchdog: Fix kref imbalance seen if handle_boot_enabled=0 Guenter Roeck <linux(a)roeck-us.net> watchdog: Fix potential kref imbalance when opening watchdog Arnd Bergmann <arnd(a)arndb.de> cros_ec: fix nul-termination for firmware build info Stefan Potyra <Stefan.Potyra(a)elektrobit.com> serial: 8250_dw: Disable clock on error Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> tty: goldfish: Enable 'earlycon' only if built-in Bjørn Mork <bjorn(a)mork.no> qmi_wwan: set FLAG_SEND_ZLP to avoid network initiated disconnect Ron Economos <w6rz(a)comcast.net> media: [RESEND] media: dvb-frontends: Add delay to Si2168 restart Balaji Pothunoori <bpothuno(a)qti.qualcomm.com> ath10k: handling qos at STA side based on AP WMM enable/disable Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> media: bt8xx: Fix err 'bt878_probe()' Nicolas Iooss <nicolas.iooss_linux(a)m4x.org> rtlwifi: always initialize variables given to RT_TRACE() Tsang-Shian Lin <thlin(a)realtek.com> rtlwifi: rtl_pci: Fix the bug when inactiveps is enabled. Roman Gushchin <guro(a)fb.com> libbpf: prefer global symbols as bpf program name source Geert Uytterhoeven <geert+renesas(a)glider.be> spi: sh-msiof: Avoid writing to registers from spi_master.setup() Neal Cardwell <ncardwell(a)google.com> tcp: allow TLP in ECN CWR Haiyang Zhang <haiyangz(a)microsoft.com> hv_netvsc: Fix the TX/RX buffer default sizes Haiyang Zhang <haiyangz(a)microsoft.com> hv_netvsc: Fix the receive buffer size limit Geert Uytterhoeven <geert(a)linux-m68k.org> RDMA/iwpm: Fix uninitialized error code in iwpm_send_mapinfo() Yuval Shaia <yuval.shaia(a)oracle.com> IB/ipoib: Warn when one port fails to initialize Richard Leitner <richard.leitner(a)skidata.com> net: fec: add phy_reset_after_clk_enable() support Prakash Kamliya <pkamliya(a)codeaurora.org> drm/msm: fix leak in failed get_pages Gustavo A. R. Silva <garsilva(a)embeddedor.com> media: c8sectpfe: fix potential NULL pointer dereference in c8sectpfe_timer_interrupt Viresh Kumar <viresh.kumar(a)linaro.org> cpufreq: longhaul: Revert transition_delay_us to 200 ms Loic Poulain <loic.poulain(a)linaro.org> Bluetooth: btqcomsmd: Fix skb double free corruption Loic Poulain <loic.poulain(a)linaro.org> Bluetooth: hci_qca: Avoid setup failure on missing rampatch Pixel Ding <Pixel.Ding(a)amd.com> drm/amdgpu: use polling mem to set SDMA3 wptr for VF Yisheng Xie <xieyisheng1(a)huawei.com> staging: android: ashmem: Fix possible deadlock in ashmem_ioctl Shivasharan S <shivasharan.srikanteshwara(a)broadcom.com> scsi: megaraid_sas: Do not use 32-bit atomic request descriptor for Ventura controllers ------------- Diffstat: .../display/panel/toshiba,lt089ac29000.txt | 2 +- .../{toppoly,td028ttec1.txt => tpo,td028ttec1.txt} | 4 +- Makefile | 4 +- arch/alpha/kernel/console.c | 1 + arch/arm/boot/dts/aspeed-ast2500-evb.dts | 2 +- drivers/bluetooth/btqcomsmd.c | 3 +- drivers/bluetooth/hci_qca.c | 3 + drivers/char/hw_random/core.c | 4 ++ drivers/char/mem.c | 27 ++++++-- drivers/clk/at91/pmc.c | 24 +++++--- drivers/clk/clk-axi-clkgen.c | 29 +++++++-- drivers/clk/clk-si5351.c | 2 +- drivers/clk/clk.c | 64 ++++++++++++++----- drivers/cpufreq/longhaul.c | 2 +- drivers/crypto/axis/artpec6_crypto.c | 5 +- drivers/dma/ti-dma-crossbar.c | 10 ++- drivers/dma/xilinx/zynqmp_dma.c | 3 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ring.h | 1 + drivers/gpu/drm/amd/amdgpu/sdma_v3_0.c | 27 +++++--- drivers/gpu/drm/msm/msm_gem.c | 14 +++-- .../drm/omapdrm/displays/panel-tpo-td028ttec1.c | 3 + drivers/gpu/drm/omapdrm/omap_dmm_tiler.c | 5 ++ drivers/gpu/drm/tilcdc/tilcdc_regs.h | 2 +- drivers/hwtracing/coresight/coresight-tpiu.c | 13 +++- drivers/infiniband/core/cma.c | 17 ++++-- drivers/infiniband/core/iwpm_util.c | 1 + drivers/infiniband/core/ucma.c | 8 ++- drivers/infiniband/core/umem.c | 2 +- drivers/infiniband/hw/mlx5/qp.c | 23 ++++--- drivers/infiniband/hw/mlx5/srq.c | 15 +++-- drivers/infiniband/hw/ocrdma/ocrdma_stats.c | 2 +- drivers/infiniband/hw/vmw_pvrdma/pvrdma_cq.c | 4 +- drivers/infiniband/hw/vmw_pvrdma/pvrdma_srq.c | 4 +- drivers/infiniband/hw/vmw_pvrdma/pvrdma_verbs.c | 4 +- drivers/infiniband/ulp/ipoib/ipoib_main.c | 23 ++++++- drivers/infiniband/ulp/isert/ib_isert.c | 7 +++ drivers/infiniband/ulp/isert/ib_isert.h | 1 + drivers/iommu/intel-svm.c | 9 ++- drivers/media/dvb-frontends/si2168.c | 3 + drivers/media/pci/bt8xx/bt878.c | 3 +- drivers/media/platform/davinci/vpif_capture.c | 4 +- drivers/media/platform/s5p-mfc/s5p_mfc.c | 6 ++ drivers/media/platform/s5p-mfc/s5p_mfc_common.h | 3 + drivers/media/platform/s5p-mfc/s5p_mfc_ctrl.c | 5 ++ .../media/platform/sti/c8sectpfe/c8sectpfe-core.c | 4 +- drivers/mmc/core/block.c | 1 + drivers/mmc/core/core.c | 8 +++ drivers/mmc/host/sdhci-xenon.c | 7 +++ drivers/net/ethernet/freescale/fec_main.c | 20 ++++++ drivers/net/hyperv/hyperv_net.h | 19 +++++- drivers/net/hyperv/netvsc.c | 5 ++ drivers/net/hyperv/netvsc_drv.c | 4 -- drivers/net/phy/meson-gxl.c | 50 +++++++++++---- drivers/net/phy/sfp.c | 15 +++-- drivers/net/usb/qmi_wwan.c | 4 +- drivers/net/wireless/ath/ath10k/mac.c | 2 +- drivers/net/wireless/realtek/rtlwifi/base.c | 2 +- drivers/net/wireless/realtek/rtlwifi/pci.c | 7 +++ drivers/pci/dwc/pcie-designware-ep.c | 12 +--- drivers/pci/dwc/pcie-designware.h | 1 + drivers/pci/endpoint/pci-ep-cfs.c | 5 +- drivers/pci/host/pcie-rcar.c | 5 +- drivers/pci/pcie/aspm.c | 71 ++++++++++++++-------- drivers/pinctrl/core.c | 24 +++++--- drivers/pinctrl/pinctrl-rockchip.c | 8 +++ drivers/platform/chrome/cros_ec_proto.c | 8 ++- drivers/platform/chrome/cros_ec_sysfs.c | 2 +- drivers/rtc/rtc-ac100.c | 19 +++--- drivers/scsi/lpfc/lpfc_ct.c | 1 + drivers/scsi/lpfc/lpfc_els.c | 30 ++++++--- drivers/scsi/lpfc/lpfc_nportdisc.c | 34 +++++------ drivers/scsi/megaraid/megaraid_sas_fusion.c | 42 +++++-------- drivers/soc/qcom/smsm.c | 6 +- drivers/spi/spi-sh-msiof.c | 35 +++++++---- drivers/staging/android/ashmem.c | 8 +-- drivers/tty/Kconfig | 6 +- drivers/tty/goldfish.c | 2 + drivers/tty/serial/8250/8250_dw.c | 3 +- drivers/tty/serial/8250/8250_pci.c | 10 ++- drivers/tty/tty_io.c | 2 + drivers/video/console/vgacon.c | 34 ++++++++--- .../omap2/omapfb/displays/panel-tpo-td028ttec1.c | 3 + drivers/watchdog/watchdog_dev.c | 17 +++--- fs/nfsd/nfs4proc.c | 6 +- include/linux/mlx5/driver.h | 4 +- include/uapi/linux/bpf.h | 3 +- kernel/bpf/cgroup.c | 15 ++++- net/ipv4/ip_gre.c | 6 +- net/ipv4/tcp_output.c | 9 +-- net/ipv6/ip6_vti.c | 20 ++++++ security/Kconfig | 1 + tools/lib/bpf/libbpf.c | 2 + 92 files changed, 708 insertions(+), 292 deletions(-)

7 years, 8 months

4
88
0 0

[PATCH 1/4] tracing: probeevent: Fix to support minus offset from symbol

by Steven Rostedt

From: Masami Hiramatsu <mhiramat(a)kernel.org> In Documentation/trace/kprobetrace.txt, it says @SYM[+|-offs] : Fetch memory at SYM +|- offs (SYM should be a data symbol) However, the parser doesn't parse minus offset correctly, since commit 2fba0c8867af ("tracing/kprobes: Fix probe offset to be unsigned") drops minus ("-") offset support for kprobe probe address usage. This fixes the traceprobe_split_symbol_offset() to parse minus offset again with checking the offset range, and add a minus offset check in kprobe probe address usage. Link: http://lkml.kernel.org/r/152129028983.31874.13419301530285775521.stgit@devb… Cc: Ingo Molnar <mingo(a)redhat.com> Cc: Tom Zanussi <tom.zanussi(a)linux.intel.com> Cc: Arnaldo Carvalho de Melo <acme(a)kernel.org> Cc: Ravi Bangoria <ravi.bangoria(a)linux.vnet.ibm.com> Cc: stable(a)vger.kernel.org Fixes: 2fba0c8867af ("tracing/kprobes: Fix probe offset to be unsigned") Acked-by: Namhyung Kim <namhyung(a)kernel.org> Signed-off-by: Masami Hiramatsu <mhiramat(a)kernel.org> Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> --- kernel/trace/trace_kprobe.c | 4 ++-- kernel/trace/trace_probe.c | 8 +++----- kernel/trace/trace_probe.h | 2 +- 3 files changed, 6 insertions(+), 8 deletions(-) diff --git a/kernel/trace/trace_kprobe.c b/kernel/trace/trace_kprobe.c index 1fad24acd444..ae4147eaebd4 100644 --- a/kernel/trace/trace_kprobe.c +++ b/kernel/trace/trace_kprobe.c @@ -659,7 +659,7 @@ static int create_trace_kprobe(int argc, char **argv) char *symbol = NULL, *event = NULL, *group = NULL; int maxactive = 0; char *arg; - unsigned long offset = 0; + long offset = 0; void *addr = NULL; char buf[MAX_EVENT_NAME_LEN]; @@ -747,7 +747,7 @@ static int create_trace_kprobe(int argc, char **argv) symbol = argv[1]; /* TODO: support .init module functions */ ret = traceprobe_split_symbol_offset(symbol, &offset); - if (ret) { + if (ret || offset < 0 || offset > UINT_MAX) { pr_info("Failed to parse either an address or a symbol.\n"); return ret; } diff --git a/kernel/trace/trace_probe.c b/kernel/trace/trace_probe.c index d59357308677..daf54bda4dc8 100644 --- a/kernel/trace/trace_probe.c +++ b/kernel/trace/trace_probe.c @@ -320,7 +320,7 @@ static fetch_func_t get_fetch_size_function(const struct fetch_type *type, } /* Split symbol and offset. */ -int traceprobe_split_symbol_offset(char *symbol, unsigned long *offset) +int traceprobe_split_symbol_offset(char *symbol, long *offset) { char *tmp; int ret; @@ -328,13 +328,11 @@ int traceprobe_split_symbol_offset(char *symbol, unsigned long *offset) if (!offset) return -EINVAL; - tmp = strchr(symbol, '+'); + tmp = strpbrk(symbol, "+-"); if (tmp) { - /* skip sign because kstrtoul doesn't accept '+' */ - ret = kstrtoul(tmp + 1, 0, offset); + ret = kstrtol(tmp, 0, offset); if (ret) return ret; - *tmp = '\0'; } else *offset = 0; diff --git a/kernel/trace/trace_probe.h b/kernel/trace/trace_probe.h index e101c5bb9eda..6a4d3fa94042 100644 --- a/kernel/trace/trace_probe.h +++ b/kernel/trace/trace_probe.h @@ -365,7 +365,7 @@ extern int traceprobe_conflict_field_name(const char *name, extern void traceprobe_update_arg(struct probe_arg *arg); extern void traceprobe_free_probe_arg(struct probe_arg *arg); -extern int traceprobe_split_symbol_offset(char *symbol, unsigned long *offset); +extern int traceprobe_split_symbol_offset(char *symbol, long *offset); /* Sum up total data length for dynamic arraies (strings) */ static nokprobe_inline int -- 2.15.1

7 years, 8 months

1
0
0 0

[PATCH V3] ZBOOT: fix stack protector in compressed boot phase

by Huacai Chen

Call __stack_chk_guard_setup() in decompress_kernel() is too late that stack checking always fails for decompress_kernel() itself. So remove __stack_chk_guard_setup() and initialize __stack_chk_guard before we call decompress_kernel(). Original code comes from ARM but also used for MIPS and SH, so fix them together. If without this fix, compressed booting of these archs will fail because stack checking is enabled by default (>=4.16). V2: Fix build on ARM. V3: Fix build on SuperH. Cc: stable(a)vger.kernel.org Signed-off-by: Huacai Chen <chenhc(a)lemote.com> --- arch/arm/boot/compressed/head.S | 4 ++++ arch/arm/boot/compressed/misc.c | 7 ------- arch/mips/boot/compressed/decompress.c | 7 ------- arch/mips/boot/compressed/head.S | 4 ++++ arch/sh/boot/compressed/head_32.S | 8 ++++++++ arch/sh/boot/compressed/head_64.S | 4 ++++ arch/sh/boot/compressed/misc.c | 7 ------- 7 files changed, 20 insertions(+), 21 deletions(-) diff --git a/arch/arm/boot/compressed/head.S b/arch/arm/boot/compressed/head.S index 45c8823..bae1fc6 100644 --- a/arch/arm/boot/compressed/head.S +++ b/arch/arm/boot/compressed/head.S @@ -547,6 +547,10 @@ not_relocated: mov r0, #0 bic r4, r4, #1 blne cache_on + ldr r0, =__stack_chk_guard + ldr r1, =0x000a0dff + str r1, [r0] + /* * The C runtime environment should now be setup sufficiently. * Set up some pointers, and start decompressing. diff --git a/arch/arm/boot/compressed/misc.c b/arch/arm/boot/compressed/misc.c index 16a8a80..e518ef5 100644 --- a/arch/arm/boot/compressed/misc.c +++ b/arch/arm/boot/compressed/misc.c @@ -130,11 +130,6 @@ asmlinkage void __div0(void) unsigned long __stack_chk_guard; -void __stack_chk_guard_setup(void) -{ - __stack_chk_guard = 0x000a0dff; -} - void __stack_chk_fail(void) { error("stack-protector: Kernel stack is corrupted\n"); @@ -150,8 +145,6 @@ decompress_kernel(unsigned long output_start, unsigned long free_mem_ptr_p, { int ret; - __stack_chk_guard_setup(); - output_data = (unsigned char *)output_start; free_mem_ptr = free_mem_ptr_p; free_mem_end_ptr = free_mem_ptr_end_p; diff --git a/arch/mips/boot/compressed/decompress.c b/arch/mips/boot/compressed/decompress.c index fdf99e9..5ba431c 100644 --- a/arch/mips/boot/compressed/decompress.c +++ b/arch/mips/boot/compressed/decompress.c @@ -78,11 +78,6 @@ void error(char *x) unsigned long __stack_chk_guard; -void __stack_chk_guard_setup(void) -{ - __stack_chk_guard = 0x000a0dff; -} - void __stack_chk_fail(void) { error("stack-protector: Kernel stack is corrupted\n"); @@ -92,8 +87,6 @@ void decompress_kernel(unsigned long boot_heap_start) { unsigned long zimage_start, zimage_size; - __stack_chk_guard_setup(); - zimage_start = (unsigned long)(&__image_begin); zimage_size = (unsigned long)(&__image_end) - (unsigned long)(&__image_begin); diff --git a/arch/mips/boot/compressed/head.S b/arch/mips/boot/compressed/head.S index 409cb48..00d0ee0 100644 --- a/arch/mips/boot/compressed/head.S +++ b/arch/mips/boot/compressed/head.S @@ -32,6 +32,10 @@ start: bne a2, a0, 1b addiu a0, a0, 4 + PTR_LA a0, __stack_chk_guard + PTR_LI a1, 0x000a0dff + sw a1, 0(a0) + PTR_LA a0, (.heap) /* heap address */ PTR_LA sp, (.stack + 8192) /* stack address */ diff --git a/arch/sh/boot/compressed/head_32.S b/arch/sh/boot/compressed/head_32.S index 7bb1681..e84237d 100644 --- a/arch/sh/boot/compressed/head_32.S +++ b/arch/sh/boot/compressed/head_32.S @@ -76,6 +76,10 @@ l1: mov.l init_stack_addr, r0 mov.l @r0, r15 + mov.l __stack_chk_guard_addr, r0 + mov.l __stack_chk_guard_val, r1 + mov.l r1, @r0 + /* Decompress the kernel */ mov.l decompress_kernel_addr, r0 jsr @r0 @@ -97,6 +101,10 @@ kexec_magic: .long 0x400000F0 /* magic used by kexec to parse zImage format */ init_stack_addr: .long stack_start +__stack_chk_guard_val: + .long 0x000A0DFF +__stack_chk_guard_addr: + .long __stack_chk_guard decompress_kernel_addr: .long decompress_kernel kernel_start_addr: diff --git a/arch/sh/boot/compressed/head_64.S b/arch/sh/boot/compressed/head_64.S index 9993113..8b4d540 100644 --- a/arch/sh/boot/compressed/head_64.S +++ b/arch/sh/boot/compressed/head_64.S @@ -132,6 +132,10 @@ startup: addi r22, 4, r22 bne r22, r23, tr1 + movi datalabel __stack_chk_guard, r0 + movi 0x000a0dff, r1 + st.l r0, 0, r1 + /* * Decompress the kernel. */ diff --git a/arch/sh/boot/compressed/misc.c b/arch/sh/boot/compressed/misc.c index 627ce8e..fe4c079 100644 --- a/arch/sh/boot/compressed/misc.c +++ b/arch/sh/boot/compressed/misc.c @@ -106,11 +106,6 @@ static void error(char *x) unsigned long __stack_chk_guard; -void __stack_chk_guard_setup(void) -{ - __stack_chk_guard = 0x000a0dff; -} - void __stack_chk_fail(void) { error("stack-protector: Kernel stack is corrupted\n"); @@ -130,8 +125,6 @@ void decompress_kernel(void) { unsigned long output_addr; - __stack_chk_guard_setup(); - #ifdef CONFIG_SUPERH64 output_addr = (CONFIG_MEMORY_START + 0x2000); #else -- 2.7.0

7 years, 8 months

6
6
0 0

[PATCH 1/5] Bluetooth: hci_bcm: Add irq_polarity module option

by Hans de Goede

Add irq_polarity module option for easier troubleshooting of irq-polarity issues. Cc: stable(a)vger.kernel.org Signed-off-by: Hans de Goede <hdegoede(a)redhat.com> --- drivers/bluetooth/hci_bcm.c | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/drivers/bluetooth/hci_bcm.c b/drivers/bluetooth/hci_bcm.c index 5e3aba3c3185..bb6cd1623132 100644 --- a/drivers/bluetooth/hci_bcm.c +++ b/drivers/bluetooth/hci_bcm.c @@ -126,6 +126,10 @@ struct bcm_data { static DEFINE_MUTEX(bcm_device_lock); static LIST_HEAD(bcm_device_list); +static int irq_polarity = -1; +module_param(irq_polarity, int, 0444); +MODULE_PARM_DESC(irq_polarity, "IRQ polarity 0: active-high 1: active-low"); + static inline void host_set_baudrate(struct hci_uart *hu, unsigned int speed) { if (hu->serdev) @@ -988,11 +992,17 @@ static int bcm_acpi_probe(struct bcm_device *dev) } acpi_dev_free_resource_list(&resources); - dmi_id = dmi_first_match(bcm_active_low_irq_dmi_table); - if (dmi_id) { - dev_warn(dev->dev, "%s: Overwriting IRQ polarity to active low", - dmi_id->ident); - dev->irq_active_low = true; + if (irq_polarity != -1) { + dev->irq_active_low = irq_polarity; + dev_warn(dev->dev, "Overwriting IRQ polarity to active %s by module-param\n", + dev->irq_active_low ? "low" : "high"); + } else { + dmi_id = dmi_first_match(bcm_active_low_irq_dmi_table); + if (dmi_id) { + dev_warn(dev->dev, "%s: Overwriting IRQ polarity to active low", + dmi_id->ident); + dev->irq_active_low = true; + } } return 0; -- 2.14.3

7 years, 8 months

2
8
0 0

+ mm-hmm-hmm_pfns_bad-was-accessing-wrong-struct.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm/hmm: hmm_pfns_bad() was accessing wrong struct has been added to the -mm tree. Its filename is mm-hmm-hmm_pfns_bad-was-accessing-wrong-struct.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/mm-hmm-hmm_pfns_bad-was-accessing-… and later at http://ozlabs.org/~akpm/mmotm/broken-out/mm-hmm-hmm_pfns_bad-was-accessing-… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Jérôme Glisse <jglisse(a)redhat.com> Subject: mm/hmm: hmm_pfns_bad() was accessing wrong struct The private field of mm_walk struct point to an hmm_vma_walk struct and not to the hmm_range struct desired. Fix to get proper struct pointer. Link: http://lkml.kernel.org/r/20180323005527.758-6-jglisse@redhat.com Signed-off-by: Jérôme Glisse <jglisse(a)redhat.com> Cc: Evgeny Baskakov <ebaskakov(a)nvidia.com> Cc: Ralph Campbell <rcampbell(a)nvidia.com> Cc: Mark Hairgrove <mhairgrove(a)nvidia.com> Cc: John Hubbard <jhubbard(a)nvidia.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/hmm.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff -puN mm/hmm.c~mm-hmm-hmm_pfns_bad-was-accessing-wrong-struct mm/hmm.c --- a/mm/hmm.c~mm-hmm-hmm_pfns_bad-was-accessing-wrong-struct +++ a/mm/hmm.c @@ -336,7 +336,8 @@ static int hmm_pfns_bad(unsigned long ad unsigned long end, struct mm_walk *walk) { - struct hmm_range *range = walk->private; + struct hmm_vma_walk *hmm_vma_walk = walk->private; + struct hmm_range *range = hmm_vma_walk->range; hmm_pfn_t *pfns = range->pfns; unsigned long i; _ Patches currently in -mm which might be from jglisse(a)redhat.com are mm-hmm-fix-header-file-if-else-endif-maze-v2.patch mm-hmm-unregister-mmu_notifier-when-last-hmm-client-quit-v3.patch mm-hmm-hmm_pfns_bad-was-accessing-wrong-struct.patch mm-hmm-use-struct-for-hmm_vma_fault-hmm_vma_get_pfns-parameters-v2.patch mm-hmm-remove-hmm_pfn_read-flag-and-ignore-peculiar-architecture-v2.patch mm-hmm-use-uint64_t-for-hmm-pfn-instead-of-defining-hmm_pfn_t-to-ulong-v2.patch mm-hmm-cleanup-special-vma-handling-vm_special.patch mm-hmm-do-not-differentiate-between-empty-entry-or-missing-directory-v3.patch mm-hmm-rename-hmm_pfn_device_unaddressable-to-hmm_pfn_device_private.patch mm-hmm-move-hmm_pfns_clear-closer-to-where-it-is-use.patch mm-hmm-factor-out-pte-and-pmd-handling-to-simplify-hmm_vma_walk_pmd-v2.patch mm-hmm-change-hmm_vma_fault-to-allow-write-fault-on-page-basis.patch mm-hmm-use-device-driver-encoding-for-hmm-pfn-v2.patch

7 years, 8 months

1
0
0 0

+ mm-hmm-fix-header-file-if-else-endif-maze-v2.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm/hmm: fix header file if/else/endif maze has been added to the -mm tree. Its filename is mm-hmm-fix-header-file-if-else-endif-maze-v2.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/mm-hmm-fix-header-file-if-else-end… and later at http://ozlabs.org/~akpm/mmotm/broken-out/mm-hmm-fix-header-file-if-else-end… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Jérôme Glisse <jglisse(a)redhat.com> Subject: mm/hmm: fix header file if/else/endif maze The #if/#else/#endif for IS_ENABLED(CONFIG_HMM) were wrong. Because of this after multiple include there was multiple definition of both hmm_mm_init() and hmm_mm_destroy() leading to build failure if HMM was enabled (CONFIG_HMM set). Link: http://lkml.kernel.org/r/20180323005527.758-3-jglisse@redhat.com Signed-off-by: Jérôme Glisse <jglisse(a)redhat.com> Acked-by: Balbir Singh <bsingharora(a)gmail.com> Cc: Andrew Morton <akpm(a)linux-foundation.org> Cc: Ralph Campbell <rcampbell(a)nvidia.com> Cc: John Hubbard <jhubbard(a)nvidia.com> Cc: Evgeny Baskakov <ebaskakov(a)nvidia.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- include/linux/hmm.h | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff -puN include/linux/hmm.h~mm-hmm-fix-header-file-if-else-endif-maze-v2 include/linux/hmm.h --- a/include/linux/hmm.h~mm-hmm-fix-header-file-if-else-endif-maze-v2 +++ a/include/linux/hmm.h @@ -498,23 +498,16 @@ struct hmm_device { struct hmm_device *hmm_device_new(void *drvdata); void hmm_device_put(struct hmm_device *hmm_device); #endif /* CONFIG_DEVICE_PRIVATE || CONFIG_DEVICE_PUBLIC */ -#endif /* IS_ENABLED(CONFIG_HMM) */ /* Below are for HMM internal use only! Not to be used by device driver! */ -#if IS_ENABLED(CONFIG_HMM_MIRROR) void hmm_mm_destroy(struct mm_struct *mm); static inline void hmm_mm_init(struct mm_struct *mm) { mm->hmm = NULL; } -#else /* IS_ENABLED(CONFIG_HMM_MIRROR) */ -static inline void hmm_mm_destroy(struct mm_struct *mm) {} -static inline void hmm_mm_init(struct mm_struct *mm) {} -#endif /* IS_ENABLED(CONFIG_HMM_MIRROR) */ - - #else /* IS_ENABLED(CONFIG_HMM) */ static inline void hmm_mm_destroy(struct mm_struct *mm) {} static inline void hmm_mm_init(struct mm_struct *mm) {} +#endif /* IS_ENABLED(CONFIG_HMM) */ #endif /* LINUX_HMM_H */ _ Patches currently in -mm which might be from jglisse(a)redhat.com are mm-hmm-fix-header-file-if-else-endif-maze-v2.patch mm-hmm-unregister-mmu_notifier-when-last-hmm-client-quit-v3.patch mm-hmm-hmm_pfns_bad-was-accessing-wrong-struct.patch mm-hmm-use-struct-for-hmm_vma_fault-hmm_vma_get_pfns-parameters-v2.patch mm-hmm-remove-hmm_pfn_read-flag-and-ignore-peculiar-architecture-v2.patch mm-hmm-use-uint64_t-for-hmm-pfn-instead-of-defining-hmm_pfn_t-to-ulong-v2.patch mm-hmm-cleanup-special-vma-handling-vm_special.patch mm-hmm-do-not-differentiate-between-empty-entry-or-missing-directory-v3.patch mm-hmm-rename-hmm_pfn_device_unaddressable-to-hmm_pfn_device_private.patch mm-hmm-move-hmm_pfns_clear-closer-to-where-it-is-use.patch mm-hmm-factor-out-pte-and-pmd-handling-to-simplify-hmm_vma_walk_pmd-v2.patch mm-hmm-change-hmm_vma_fault-to-allow-write-fault-on-page-basis.patch mm-hmm-use-device-driver-encoding-for-hmm-pfn-v2.patch

7 years, 8 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror